分布式防火墙及安全联动技术研究与实现

【作者】 潘炜；

【导师】 李伟华；

【作者基本信息】 西北工业大学 ， 计算机应用技术， 2004， 硕士

【摘要】 网络信息安全的意识已被各方接受和认同，防火墙、入侵检测、防病毒、安全审计等安全技术已经得到了广泛的应用。在此基础上，如何构建一个动态的、全方位的安全防护体系，成为网络安全中研究的热点。 本文把研究重点放在了分布式防火墙和安全联动技术的研究上，研究以分布式防火墙为中心，构建开放式安全联动框架，将防火墙嵌入到已有的网络平台，实施安全联动交换协议，为其他安全产品提供一个开放的、通用的、可扩展的安全框架，实现全方位的网络安全系统。 本文选题来源于国家高技术研究发展计划(国家863计划)资助项目“网络协同安全技术研究”，并作为已完成的国家高技术研究发展计划资助项目“黑客监控技术研究”的进一步深入研究。 首先，本文研究了现有的分布式防火墙关键技术和系统模型，确立了本文分布式防火墙系统的设计目标；其次分析了目前的安全联动技术，提出了本文安全联动的设计目标；然后构建了开放式安全联动框架，主要包括安全联动交换协议和安全联动信息交换格式；最后，本文完成了分布式防火墙的设计，并给出了关键组件策略执行组件和安全联动管理组件的软件实现方案。更多还原

【Abstract】 The importance of network information security has already been widely recognized. Meanwhile, diverse security technologies such as firewall, intrusion detection, anti-virus and security audit have been widely applied. Based on the facts above, how to constructure a dynamic and comprehensive security protection system, becomes hot in the area of network security.This paper focuses on the research on distributed firewall technology and security interaction technology. A comprehensive network security system is achieved, which regards distributed firewall (DFW) as the center and constructures an open security interaction framework (OSIF). An open, general and scalable security framework for other security products is provided by OSIF, which fixes the firewall into existing network platform, and sets out Security Interaction Exchange Protocol (SIEP).This paper is supported by the National "High Technology Research and Development Program of China (863 Program), Network Cooperative Security Technology Research, and is a further research for Hacker Monitoring Technology Research (863 Program).First, the distributed firewall technologies and system models are introduced, and a plan of the distributed firewall is established. Secondly, the Security Interaction technologies are discussed, and a solution to security interaciton is given. Meanwhile, open security interaciton framework is presented, which includes the design of security interaction exchange protocol and definition of security interaction message exchange format (SIMEF). In the end, this paper gives detailed descriptions of the design of DFW, implemention of policy perform module (PPM) and security interaction manage module (SIMM).更多还原