| 基于虚拟服务的SSL VPN研究 |
| |
| 引用本文: | 欧阳凯,周敬利,夏涛,余胜生. 基于虚拟服务的SSL VPN研究[J]. 小型微型计算机系统, 2006, 27(2): 228-232 |
| |
| 作者姓名: | 欧阳凯 周敬利 夏涛 余胜生 |
| |
| 作者单位: | 华中科技大学,计算机学院,湖北,武汉,430074 |
| |
| 摘 要: | 基于对标准SSL VPN(Secure Socket Layer Virtual Private Network)的研究分析,提出了基于虚拟服务的SSLVPN结构.该结构包含两项关键性技术:虚拟服务和基于VPN流的访问控制模型.一方面,通过在客户端动态生成虚拟服务来支持传统应用软件安全透明地访问VPN内部服务群;另一方面,针对VPN流的特点,将访问控制与VPN隧道、转发机制紧耦合,从而实现了细粒度的访问控制及应用层入侵检测.最后,给出了一个实现原型及相关性能测试.
|
| 关 键 词: | 虚拟服务 访问控制 流 |
| 文章编号: | 1000-1220(2006)02-0228-05 |
| 收稿时间: | 2005-09-16 |
| 修稿时间: | 2005-09-16 |
Research for Virtual Service Based SSL VPN |
| |
| OUYANG Kai,ZHOU Jing-li,XIA Tao,YU Sheng-sheng. Research for Virtual Service Based SSL VPN[J]. Mini-micro Systems, 2006, 27(2): 228-232 |
| |
| Authors: | OUYANG Kai ZHOU Jing-li XIA Tao YU Sheng-sheng |
| |
| Abstract: | Based on the analyses of the standard SSL VPN (Secure Socket Layer Virtual Private Network), this paper presents the framework of SSL VPN which comprises two key techniques: virtual service and VPN stream based access control model. By the virtual services created dynamically at the client server, SSL VPN can help traditional applications securely and transparently access VPN internal servers; in view of VPN stream, it also tightly couples access control with VPN tunnel and transmission mechanism to implement the fine-grained access control and the intrusion detection of the application layer. We finally provided an implemented prototype and its related performance testing. |
| |
| Keywords: | SSL VPN |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
