A multi-homed VPN architecture based on extended SOCKSv5 and TLS was proposed. The architecture employs a dynamic connection mechanism for multiple proxies in the end system,i n which the security-demanded transmissio...A multi-homed VPN architecture based on extended SOCKSv5 and TLS was proposed. The architecture employs a dynamic connection mechanism for multiple proxies in the end system,i n which the security-demanded transmission connections can switch smoothly among the multiple proxies by maint aining a coherent connection context.The mechanism is transparent to application programs and can support th e building of VPN.With the cooperation of some other security components,the mechanism guarantees the reso urce availability and reliability of the end system against some attacks to the specific ports or hosts.展开更多
MPLS(Multi-Protocol Label Switching) VPN(Virtual Private Network) traffic has been deployed widely, but currently only supports unicast. This paper briefly introduces several available MPLS VPN multicast approaches, a...MPLS(Multi-Protocol Label Switching) VPN(Virtual Private Network) traffic has been deployed widely, but currently only supports unicast. This paper briefly introduces several available MPLS VPN multicast approaches, and then analyzes their disadvantages. A novel mechanism that uses two-layer label stack to support MPLS VPN explicit multicast is proposed and the process is discussed in detail. The scalability and performance of the proposed mechanism are studied analytically. The result shows that our solution has great advantage over the currently available scheme in terms of saving core network bandwidth and improving the scalability.展开更多
With the development of lnternet, eBusiness has gradually become a new model for business activity, however, the security of eBusiness is a major bottleneck restricting the development of eBusiness. Network with virtu...With the development of lnternet, eBusiness has gradually become a new model for business activity, however, the security of eBusiness is a major bottleneck restricting the development of eBusiness. Network with virtual private net work(VPN) can reduce network costs and communication costs, increase flexibility and provide safe and smooth network for the corporations that do eBusiness across regions. This article introduces the definition and the technological core of VPN, and researches and analyzes the VPN application in ecommerce.展开更多
Remote access is a means of accessing resources outside one’s immediate physical location. This has made employee mobility more effective and productive for most organizations. Remote access can be achieved via vario...Remote access is a means of accessing resources outside one’s immediate physical location. This has made employee mobility more effective and productive for most organizations. Remote access can be achieved via various channels of remote communication, the most common being Virtual Private Networks (VPNs). The demand for remote access is on the rise, especially during the Covid-19 pandemic, and will continue to increase as most organizations are re-structuring to make telecommuting a permanent part of their mode of operation. Employee mobility, while presenting organizations with some advantages, comes with the associated risk of exposing corporate cyber assets to attackers. The remote user and the remote connectivity technology present some vulnerabilities which can be exploited by any threat agent to violate the confidentiality, integrity and availability (CIA) dimensions of these cyber assets. So, how are users and remote devices authenticated? To what extent is the established connection secured? With employee mobility on the rise, it is necessary to analyze the user authentication role since the mobile employee is not under the monitoring radar of the organization, and the environment from which the mobile employee connects may be vulnerable. In this study, an experiment was setup to ascertain the user authentication roles. The experiment showed the process of 2FA in user authentication and it proved to be an effective means of improving user authentication during remote access. This was depicted via the use of what the user has (mobile phone/soft-token) as a second factor in addition to what the user knows, i.e. password. This authentication method overcomes the security weaknesses inherent in single-factor user authentication via the use of password only. However, the results also showed that though 2FA user authentication ensures security, the remote devices could exhibit further vulnerabilities and pose serious risks to the organization. Thus, a varied implementation was recommended to further enhance the security of remote access communication with regards to the remote user authentication.展开更多
In order to fulfill the product concurrent design requirements of discrete manufacturing enterprises, this paper puts forth for the first time a Collaborative Product Commerce (CPC) oriented X2D (X to Design) theory, ...In order to fulfill the product concurrent design requirements of discrete manufacturing enterprises, this paper puts forth for the first time a Collaborative Product Commerce (CPC) oriented X2D (X to Design) theory, which can take Collaboration, Commerce and Concurrence (3C) into realization during the product design stage. At the same time, this research adopts VPN (Virtual Private Network) technique to ensure the security of product data and information during transportation. By building CPC oriented and VPN based framework of X2D product concurrent design system, the paper explores a way for discrete enterprises adapting to the drastically competitive market and performing their product innovation.展开更多
基金National Natural Science Foundation ofChina (No.90104029)
文摘A multi-homed VPN architecture based on extended SOCKSv5 and TLS was proposed. The architecture employs a dynamic connection mechanism for multiple proxies in the end system,i n which the security-demanded transmission connections can switch smoothly among the multiple proxies by maint aining a coherent connection context.The mechanism is transparent to application programs and can support th e building of VPN.With the cooperation of some other security components,the mechanism guarantees the reso urce availability and reliability of the end system against some attacks to the specific ports or hosts.
基金Supported by the National Natural Science Foundation of China(No.90204003)and National"863"Project(2001AAl21052)
文摘MPLS(Multi-Protocol Label Switching) VPN(Virtual Private Network) traffic has been deployed widely, but currently only supports unicast. This paper briefly introduces several available MPLS VPN multicast approaches, and then analyzes their disadvantages. A novel mechanism that uses two-layer label stack to support MPLS VPN explicit multicast is proposed and the process is discussed in detail. The scalability and performance of the proposed mechanism are studied analytically. The result shows that our solution has great advantage over the currently available scheme in terms of saving core network bandwidth and improving the scalability.
基金The 2012 Development Plan of Science and Technology of Shanxi Province(No.20120321032)
文摘With the development of lnternet, eBusiness has gradually become a new model for business activity, however, the security of eBusiness is a major bottleneck restricting the development of eBusiness. Network with virtual private net work(VPN) can reduce network costs and communication costs, increase flexibility and provide safe and smooth network for the corporations that do eBusiness across regions. This article introduces the definition and the technological core of VPN, and researches and analyzes the VPN application in ecommerce.
文摘Remote access is a means of accessing resources outside one’s immediate physical location. This has made employee mobility more effective and productive for most organizations. Remote access can be achieved via various channels of remote communication, the most common being Virtual Private Networks (VPNs). The demand for remote access is on the rise, especially during the Covid-19 pandemic, and will continue to increase as most organizations are re-structuring to make telecommuting a permanent part of their mode of operation. Employee mobility, while presenting organizations with some advantages, comes with the associated risk of exposing corporate cyber assets to attackers. The remote user and the remote connectivity technology present some vulnerabilities which can be exploited by any threat agent to violate the confidentiality, integrity and availability (CIA) dimensions of these cyber assets. So, how are users and remote devices authenticated? To what extent is the established connection secured? With employee mobility on the rise, it is necessary to analyze the user authentication role since the mobile employee is not under the monitoring radar of the organization, and the environment from which the mobile employee connects may be vulnerable. In this study, an experiment was setup to ascertain the user authentication roles. The experiment showed the process of 2FA in user authentication and it proved to be an effective means of improving user authentication during remote access. This was depicted via the use of what the user has (mobile phone/soft-token) as a second factor in addition to what the user knows, i.e. password. This authentication method overcomes the security weaknesses inherent in single-factor user authentication via the use of password only. However, the results also showed that though 2FA user authentication ensures security, the remote devices could exhibit further vulnerabilities and pose serious risks to the organization. Thus, a varied implementation was recommended to further enhance the security of remote access communication with regards to the remote user authentication.
文摘In order to fulfill the product concurrent design requirements of discrete manufacturing enterprises, this paper puts forth for the first time a Collaborative Product Commerce (CPC) oriented X2D (X to Design) theory, which can take Collaboration, Commerce and Concurrence (3C) into realization during the product design stage. At the same time, this research adopts VPN (Virtual Private Network) technique to ensure the security of product data and information during transportation. By building CPC oriented and VPN based framework of X2D product concurrent design system, the paper explores a way for discrete enterprises adapting to the drastically competitive market and performing their product innovation.
