摘要
随着网络技术的发展,虚拟专用网(VPN)在建立关键业务网络系统中的应用越来越广泛。该文提出了CA-IPSec结构的VPN解决方案,其目标是在不安全的Internet网络上建立一个安全的VPN,保证网络传输安全。此方案将认证中心(CA)的证书管理引入到IPSec中来,弥补了IPSec协议对用于身份认证的公私钥管理没做定义的不足,形成了一套完整实用的VPN解决方案。文章对这种方案的安全性能进行了分析和评估。
With the development of the network technology,the Virtual Private Network(VPN)becomes more and more useful in creating network system of key business.This paper puts forward and implements a CA-IPSec frame VPN so-lution,ant its aim is to creat a secure VPN in the insecure internet,to protect the security of network transmission.Be-cause IPSec protocol suite don't define the manegemnet of public and private keys which are used in identity authenti-cation,this solution adds CA to IPSec to manage certificate,thus,this solution for VPN is integral and practical.This paper also analyses the security of the solution.
出处
《计算机工程与应用》
CSCD
北大核心
2001年第22期54-56,106,共4页
Computer Engineering and Applications
