关键词: 安全策略，自适应发布，异构，安全域

Abstract: The operations of security policy's rectuest, update, and execute have put forward higher rectuirements of the policy distribution. For purpose of resolving the distribution efficiency of the network security policy,the security policy self- distribution mathematic model and structural model were proposed based on tructurcdissimilarity, which introduced the concepts of distribution factor, security domain, etc. Expression and making ways of the structure-dissimilarity policy faced on attribute characters and operation were analyzed emphatically. The security policy searching algorithm,comparing algorithm, structurcdissimilarity policy building algorithm, address assigning and data transmitting algorithm based on security domain were presented. Compared with the classical entire distribution model, the proposed methods arc superior to enhance the system security policy disposal efficiency, and occupy the lesser resources of network channel.

Key words: Security policy, Self-distribution, Structure-dissimilarity, Security domain