计算机科学 ›› 2017, Vol. 44 ›› Issue (5): 100-104.doi: 10.11896/j.issn.1002-137X.2017.05.018

• 信息安全 • 上一篇    下一篇

一种面向融合泛在网的协同防护体系设计

戚湧,莫璇,李千目   

  1. 南京理工大学计算机科学与工程学院 南京210094,南京理工大学计算机科学与工程学院 南京210094,南京理工大学计算机科学与工程学院 南京210094
  • 出版日期:2018-11-13 发布日期:2018-11-13
  • 基金资助:
    本文受国家自然科学基金项目(61272419)资助

Collaborative Protection Architecture Design Orient to Fusion Ubiquitous Network

QI Yong, MO Xuan and LI Qian-mu   

  • Online:2018-11-13 Published:2018-11-13

摘要: 在深入分析融合泛在网功能和特征的基础上,通过增加安全接入网关和虚拟重构安全控制服务器(简称安全控制服务器)两类主要的功能实体构成协同防护的硬件体系,同时通过策略订阅实现协同防护的软件逻辑体系,并采用基于证据投影分解方法的证据理论实现安全态势评估,从而实现在融合泛在网中各种末梢网络均可通过安全接入网关,利用现有的各种异构接入网络安全接入到位于IP核心网的安全服务平台,也可将安全服务命令和数据发送到末梢节点。

关键词: 融合泛在网,安全接入网关,安全控制服务器,态势评估

Abstract: With the in-depth analysis on the functions and features of fusion ubiquitous network,the hardware system for collaborative protection described in this paper was implemented by adding two kinds of function entities namely fusion security access gateway and virtual reconstruction security control server (security control server).Meanwhile,the software logical system was implemented by policy subscription.Additionally,an evidence projection decomposition method was used on evidence combination,which provides a security situation analysis method.Thus,in fusion ubiquitous network,various peripheral networks could use existing heterogeneous access network to access the security ser-vice platform in the IP core network by security access gateway.Meanwhile,the command and data of security service can be sent to peripheral nodes in the other direction.

Key words: Fusion ubiquitous network,Security access gateway,Security control server,Situation analysis

[1] WEISER M.The computer for the twenty-first century[J].Scien-tific America,1991,5(3):94-104.
[2] International Telecommunication Union.Ubiquitous network socie-ties:their impact on the telecommunication industry[EB /OL].(2005-06-08) [2015-06-16].https://www.itu.int/osg/spu/ni/ubiquitous/Papers/UNSImpactPaper.pdf.
[3] MA Z,WANG J Q,ZHOU G T,Analysis of mobile internet security protection system and strategy[C]∥2012 National Conference on Wireless & Mobile Communication.2012:271-275.(in Chinese) 马铮,王健全,周光涛.移动互联网安全防护体系及策略探析[C]∥2012全国无线及移动通信学术大会论文集(下).2012:271-275.
[4] WU D H,YANG W,LONG K.Security Protection Architecture and Critical Technology for Cyberspace[J].Information Security and Communications Privacy,2014(7):79-80.(in Chinese) 吴东海,杨文,龙恺.网络空间安全防护体系及关键技术研究[J],信息安全与通信保密,2014(7):79-80.
[5] ZHAO T,GAO K L,ZHENG X J,et al.Research on technical framework and cyber security protection system of IOT in smart grid[J].Electric Power,2012,5(5):87-90.(in Chinese) 赵婷,高昆仑,郑晓崑,等.智能电网物联网技术架构及信息安全防护体系研究[J].中国电力,2012,5(5):87-90.
[6] GAO K L,XIN Y Z,LI Z,et al.Development and Process of Cybersecurity Protection Architecture for Smart Grid Dispatching and Control Systems[J].Automation of Electric Power Systems,2015,9(1):48-52.(in Chinese) 高昆仑,辛耀中,李钊,等.智能电网调度控制系统安全防护技术及发展[J].电力系统自动化,2015,39(1):48-52.
[7] ZHANG S P,LI J Z,ZHANG F Q,et al.Research and imple-mentation of data center security system based on cloud computing[J].Computer Engineering and Design,2011,2(12):3965-3979.(in Chinese) 张水平,李纪真,张凤琴,等.基于云计算的数据中心安全体系研究与实现[J].计算机工程与设计,2011,32(12):3965-3979.
[8] JIANG C Z,YU Y,LIN W M.Research on Electric Information Network Security Situation Awareness Model Based on Intelligent Agent[J].Computer Science,2012,9(12):98-101.(in Chinese) 蒋诚智,余勇,林为民.基于智能Agent的电力信息网络安全态势感知模型研究[J].计算机科学,2012,39(12):98-101.
[9] DING X H,ZHAO W D,JU Y,et al.On Demand Security Fra-mework for Cloud Computing[J].Computer Science,2014,41(Z11):284-287.(in Chinese) 丁鲜花,赵卫栋,俱莹,等.云计算的按需防护安全框架[J].计算机科学,2014,41(Z11):284-287.

No related articles found!
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!