| 基于HIP的网络防火墙系统设计与实现 |
| |
| 引用本文: | 张帆,石辰杰,卢秀卿,徐卓. 基于HIP的网络防火墙系统设计与实现[J]. 信息网络安全, 2012, 0(1): 53-57 |
| |
| 作者姓名: | 张帆 石辰杰 卢秀卿 徐卓 |
| |
| 作者单位: | 同济大学计算机科学与工程系,上海201804 |
| |
| 摘 要: | 在Internet所使用的TCP/IP协议中,网络层IP地址同时代表了主机标识符和定位符,使得IP地址无法支持主机移动性与多宿主性,更加无法保障用户之间的可信任性。为了解决这一系列问题,文章深入研究了主机标识协议(HIP)的体系结构。该体系通过主机标志层来标志连接终端,加强了安全性和可移动性,满足了人们对保密通信和移动通信上的要求。文章基于ARM嵌入式系统,提出以透明网桥为载体架设防火墙过滤HIP包,达到对一个网段进行网络安全防范的目的。
|
| 关 键 词: | 防火墙 ARM 主机标示协议 透明网桥 |
Design and Implementation of HIP-based Network Firewall |
| |
| ZHANG Fan,SHI Chen-jie,LU Xiu-qing,XU Zhuo. Design and Implementation of HIP-based Network Firewall[J]. Netinfo Security, 2012, 0(1): 53-57 |
| |
| Authors: | ZHANG Fan SHI Chen-jie LU Xiu-qing XU Zhuo |
| |
| Affiliation: | (Department of Computer Science & Engineering,Tongji University,Shanghai 201804,China) |
| |
| Abstract: | From de prospective of TCP/IP protocol in Internet,the IP address,which lies upon the network layer,represents the host identifier and locater simultaneously.Such design of the IP address correspondingly sets barriers to the mobility of a single host as well as the implementation of the multi-homed host;furthermore,it fails to provide the guarantee of credence between users.With the advent of Host Identity Protocol(HIP) architecture,which strengthens the security and authentication in the network,in the problems described above could be well solved.HIP connects hosts by means of the identifier of the host identity layer,which enhances security of hosts along with the mobility;meanwhile,it satisfies the demands for secure communication and mobile communication.This paper,based on ARM embedded System,utilizes transparent bridge to filtrate HIP packets,which finally achieves the purpose of security defense in a network segment. |
| |
| Keywords: | firewall ARM HIP transparent bridge |
| 本文献已被 CNKI 维普 等数据库收录! |
|
