| 基于插件的安全漏洞扫描系统设计 |
| |
| 引用本文: | 陈铁明,蔡家楣,蒋融融,冯宪澄. 基于插件的安全漏洞扫描系统设计[J]. 计算机工程与设计, 2004, 25(2): 194-196 |
| |
| 作者姓名: | 陈铁明 蔡家楣 蒋融融 冯宪澄 |
| |
| 作者单位: | 浙江工业大学,软件开发环境重点实验室,浙江,杭州,310014;浙江工业大学,软件开发环境重点实验室,浙江,杭州,310014;浙江工业大学,软件开发环境重点实验室,浙江,杭州,310014;浙江工业大学,软件开发环境重点实验室,浙江,杭州,310014 |
| |
| 基金项目: | 浙江省自然科学基金资助项目(601070),浙江省科技厅重点项目基金资助项目(021101139) |
| |
| 摘 要: | 网络安全漏洞扫描应充分考虑执行效率和功能独立扩展问题。从网络攻击的角度提出一个系统安全漏洞的分类,阐述了一个实用的基于这些漏洞分类以及插件技术的网络安全漏洞扫描系统的设计。该系统采用C/S模型结构,服务器端的扫描程序以独立的插件形式执行,可方便地添加或删除,而客户端漏洞的扫描功能设置则基于漏洞的分类。系统采用证书认证机制来保障C/S交互的安全性。
|
| 关 键 词: | 安全漏洞 漏洞分类 扫描插件 C/S结构 漏洞扫描 |
| 文章编号: | 1000-7024(2004)02-0194-03 |
Design of network security scanning system based on plug-in |
| |
| CHEN Tie-ming,CAI Jia-mei,JIANG Rong-rong,FENG Xian-cheng. Design of network security scanning system based on plug-in[J]. Computer Engineering and Design, 2004, 25(2): 194-196 |
| |
| Authors: | CHEN Tie-ming CAI Jia-mei JIANG Rong-rong FENG Xian-cheng |
| |
| Abstract: | The network security vulnerability scanning should focus sufficiently on running efficiency and independent functionality expansibility. A classification of system security vulnerability is presented based on network attack at first, and then a designing of security vulnerability scanning system is described based on the vulnerability classification and plug-in technology. This system uses the C/S structure, a scanning procedure is running at the server independently as a plug-in and the number of plug-in can be increased or reduced conveniently, and the scanning functionality option at the client depends on the vulnerability classification. The C/S communication security is supported by the certificate authentication mechanism. |
| |
| Keywords: | security vulnerability vulnerability classification scanning plug-in C/S structure vulnerability scanning |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
