摘要
IPSEC提供网络层的安全服务 ,通过对 IP报文的加密和验证 ,保证数据在传输过程中的安全 .由于 IPSEC封装了报文中一些重要信息 ,使得 IPSEC与防火墙不能同时有效地工作 .本文提出一种分层 IPSEC(L ayered IP Security,L_ IPSEC)思想 ,即将协议头和数据部分分别进行安全处理 ,并将这种分层思想与分布式处理技术结合 ,设计与实现一种 IPSEC与防火墙协同工作方案 .
IPSEC provides security services at the IP layer by authenticating and encrypting packets while being transported in Internet. It encapsulates some important information of the packet, so it cant cooperate efficiently with firewall. The paper puts forward a technology of layered IPSEC(Layered IP Security , L _IPSEC), that is doing IPSEC processes on protocol head and data in IP datagram separately. The paper combines the layer technology with distribution to design and carry out a framework for the cooperation of IPSEC and firewall.
出处
《小型微型计算机系统》
CSCD
北大核心
2004年第2期183-186,共4页
Journal of Chinese Computer Systems
基金
国家"8 63"基金项目 (863 -3 0 1-6-8)资助
