摘要
作为实现网络和信息安全的重要保障,防火墙在为内部网络带来安全的同时,也产生了一定的副作用———它降低了网络运行效率。人们在享受网络资源时,不仅要求其具有较高的安全系数,同时对其数据传输速度提出了更高的要求。为适应这一需求,防火墙必须在提高安全性能的同时,解决传输速率瓶颈,实现安全、效率上的双方突破。在分析IPSec协议安全性问题基础上,针对ISAKMPSA协商中的变换载荷攻击做出改进,并进行形式化分析、论证,最终设计出基于IP IPSec概念的VPN高效安全模型。
The conduct and actions realizes the network guarantee with importance of safety information, fire wall brings the safety at the same time for internal network, and also produces certain of side effect —— it lowers the efficiency of the network movement. People enjoy network resources, not only request its higher and safe coefficient, at the same time, it's the data to bring up the higher request. For the orientation this need, fire wall must in the exaltation safe function to solute bottleneck, realize the safety, the efficiency. On the analysis the safety problem of IPSec, improve ISAKMPSA at VPN, and precede formal analysis, the design according to IP/ IPSec the concept is efficiently safe model.
出处
《信息技术》
2004年第3期23-25,67,共4页
Information Technology
