基于IPSec协议的路由器中安全系统的研究与实现
摘要
近年来,INTERNET得到了飞速的发展,广泛的渗入到个人和社会的各个方面,越来越多的信息需要通过INTERNET来传输,其中就包括大量的敏感、机密的信息。然而,INTERNET本身的基础设施中存在着巨大的安全隐患。所以,IPSec协议作为IP网络中的安全协议被提出来,以解决IP层的安全通信问题。
基于IPSec协议的路由器的目的就是以IPSec的实现为基础,提供网络信息的安全通信。本文将根据基于IPSec协议的路由器本身以及提供的服务存在的安全隐患,分析当前的安全技术,阐述如何搭建一个在能够保证自身安全的前提下提供安全服务的:基于IPSec协议的路由器的方法。
基于IPSec协议的路由器的安全保障由路由器中的访问控制系统、密钥管理系统、审计系统、安全服务策略系统、智能诊断系统以及IPSec实现共同提供。本文将详细介绍针对这些系统的研究与实现。并且在访问控制方面,本文还针对现有的层次化RBAC模型中角色更改困难的问题提出了自己的角色分离的层次化RBAC模型。
本文组织如下:第一章简要介绍系统安全和基于IPSec协议的路由器;第二章介绍了基于IPSec协议的路由器的安全系统框架;第三章介绍路由器中的访问控制系统;第四章介绍了路由器中的密钥管理系统;第五章介绍了路有器中的审计系统;第六章介绍了路由器中的安全服务策略系统;第七章介绍了路由器中的智能诊断系统;第八章总结了全文,并且提出了对下一步工作的展望。
Research on and Implementation of the security environment of the Security Router with IPSec
Li Qing(Computer Applied Technology) Directed by Cheng Weiming
In recent years, Internet has been experiencing rapidly growth and infiltrating into many aspects of person and society. More and more information have been transported via Internet, including a large amount of sensitive and confidential information. The infrastructure of Internet, however, has many security hidden troubles. IPSec has been proposed as the security protocol of the IP network, to provide IP security.
The Router with IPSec is meant to provide security communication on the basis of the IPSec implementation. To eliminate the hidden trouble existing in the Security Router and the service it provides, the paper demonstrates a building for the security environment of the Router on the basis of comparing the state-of-the-art, which can protect the Router providing security service.
The security environment of the Router with IPSec is provided by the cooperation of access control system, key management system, audit system, security service strategy system, intelligent diagnosis system and IPSec implementation. The paper will deliberately introduce the research and implementation of these systems. Besides, the paper proposes a Hierarchy RBAC Model Based on Separation of Duties to solve the difficulty of altering the roles in Hierarchy RBAC Model.
The paper is organized as this: The first chapter introduces system security and the Security Router with IPSec; The second chapter introduces the security architecture of the Security Router system; The third chapter introduces the access control system of the Security Router; The fourth chapter introduces the key management system of the Security Router; The fifth chapter introduces the audit system of the Security Router; The sixth chapter introduces the security service strategy system of the Security Router; The seventh chapter introduces the intelligent diagnosis system of the Security Router; The eighth chapter gives a conclusion and indicts the future directions of the system.
基于IPSec协议的路由器的目的就是以IPSec的实现为基础,提供网络信息的安全通信。本文将根据基于IPSec协议的路由器本身以及提供的服务存在的安全隐患,分析当前的安全技术,阐述如何搭建一个在能够保证自身安全的前提下提供安全服务的:基于IPSec协议的路由器的方法。
基于IPSec协议的路由器的安全保障由路由器中的访问控制系统、密钥管理系统、审计系统、安全服务策略系统、智能诊断系统以及IPSec实现共同提供。本文将详细介绍针对这些系统的研究与实现。并且在访问控制方面,本文还针对现有的层次化RBAC模型中角色更改困难的问题提出了自己的角色分离的层次化RBAC模型。
本文组织如下:第一章简要介绍系统安全和基于IPSec协议的路由器;第二章介绍了基于IPSec协议的路由器的安全系统框架;第三章介绍路由器中的访问控制系统;第四章介绍了路由器中的密钥管理系统;第五章介绍了路有器中的审计系统;第六章介绍了路由器中的安全服务策略系统;第七章介绍了路由器中的智能诊断系统;第八章总结了全文,并且提出了对下一步工作的展望。
Research on and Implementation of the security environment of the Security Router with IPSec
Li Qing(Computer Applied Technology) Directed by Cheng Weiming
In recent years, Internet has been experiencing rapidly growth and infiltrating into many aspects of person and society. More and more information have been transported via Internet, including a large amount of sensitive and confidential information. The infrastructure of Internet, however, has many security hidden troubles. IPSec has been proposed as the security protocol of the IP network, to provide IP security.
The Router with IPSec is meant to provide security communication on the basis of the IPSec implementation. To eliminate the hidden trouble existing in the Security Router and the service it provides, the paper demonstrates a building for the security environment of the Router on the basis of comparing the state-of-the-art, which can protect the Router providing security service.
The security environment of the Router with IPSec is provided by the cooperation of access control system, key management system, audit system, security service strategy system, intelligent diagnosis system and IPSec implementation. The paper will deliberately introduce the research and implementation of these systems. Besides, the paper proposes a Hierarchy RBAC Model Based on Separation of Duties to solve the difficulty of altering the roles in Hierarchy RBAC Model.
The paper is organized as this: The first chapter introduces system security and the Security Router with IPSec; The second chapter introduces the security architecture of the Security Router system; The third chapter introduces the access control system of the Security Router; The fourth chapter introduces the key management system of the Security Router; The fifth chapter introduces the audit system of the Security Router; The sixth chapter introduces the security service strategy system of the Security Router; The seventh chapter introduces the intelligent diagnosis system of the Security Router; The eighth chapter gives a conclusion and indicts the future directions of the system.
引文
[1]Bruce Schneier著,吴世忠等译.《网络信息安全的真相》.第一版.机械工业出版社.2001
[2]S.Kent, R. Atkinson. "Security Architecture for the Internet Protocol" .RFC2401 .November 1998
[3]S. Kent, R. Atkinson, "IP Encapsulating Security Payload', RFC2406, November 1998
[4]S. Kent, R.Atkinson, "IP Authentication Header', RFC2402, November 1998
[5]D. Harkins, D. Carrel. "The Intemet Key Exchange (IKE)", RFC2409, November 1998
[6]D. Maughan, M. Schertler, M. Schneider, J. Turner, "Internet Security Association and Key Management Protocol (ISAKMP)', RFC2408, November 1998
[7]Orman, H. "The OAKLEY Key Determination Protocol" . RFC 2412. November 1998
[8]Krawczyk, H. "SKEME: A Versatile Secure Key Exchange Mechanism for Internet" . IEEE Proceedings of the 1996 Symposium on Network and Distributed Systems Security. 1996
[9]冯登国.《计算机通信网络安全》.第一版.清华大学出版社.2001
[10]刘宏月,范九伦,马建峰.“访问控制技术研究进展”.小型微型计算机系统,2004 25(1):56-59
[11]Belding T."The Chinese Wall Security Policy". IEEE Symposium on Research in Security and Privacy. 1989. 206-214
[12]Thomas R. and Sandhu R."Task-Based Authorization: A Paradigm for Flexible and Adaptable Access Control in Distributed Applications". Proc 16th NIST-NCSC National Computer Security Conference. 1993.409-415
[13]Ravi Sandhu, Edward Coyne, Hal Feinstein and CharlesYouman. "Role-Based Access Control Models". IEEE Computer, 1996 29(2):38-47
[14]David F. Ferraiolo, Ravi Sandhu,ete."Proposed NIST Standard for Role-Based Access control". ACM Transactions on Information and Systems Security. Aug 2001, 224-274.
[15]Joshi J, Bertino E, Ghafoor A. "Temporal Hierarchies and Inheritance Semantics for GTRBAC". 7th ACM Symposium on Access Control Models. 2002.74-83
[16]Abendroth J, Jensen C. "Partial Outsourcing: A New Paradigm for Access Control". ACM Symposium on Access Control Models. 2003. 134-141
[17]Nyanchama M,Osbom S. "The graph model and conflicts of interest". ACM Trans. Inf. Syst. See. 1999.2
[18]Kuhn D R. Role based access control on MLS systems without kernel changes[C]. In Proceedings of the ACM Workshop on Role Based Access Control, 1998.25-32.
[19]Robert C Martin.《敏捷软件开发》.第一版.清华大学出版社.2003.
[20]SP 800-57."Recommendation for Key Management Part I".NIST..April 3, 2003
[21]FIPS 140-2."Security Requirements for Cryptographic Modules".NIST. May 25,2001
[22]Anderson J P."Computer Security Threat Monitoring and Surveillance".Fort Washington,James P.Anderson Co. 1980
[23]Department of Defense Standard."trusted computer system evaluation criteria". Department of Defense. DOD 5200.28-STD, 1985.
[24]GB/T 18010.1999.“路由器安全技术要求”.国家信息化办公室.1999
[25]Denning D E."An intrusion detection model". IEEE Trans Software Engineering. 1987, 2(2):222-232
[26]王伟钊,李承,李家滨.“网络安全审计系统的实现方法”计算机应用与软件.2002,19(11):
24-26
[27]Daniels T E, Spafford E H."A Network Audit System for Hostbasted Intrusion Detection(NASHID)in Linux". Purdue University. 2000
[28]V. K. Dhir, S. Guarro. "Pressurized water reactor [PWR] system simulation and disturbance analysis for anomalous transients and degraded system conditions". Winter Simulation Conference. 1979
[29]Shortliffe E H."MYCIN: A Rule-Based Computer Program for Advising Physicians Regarding Antimicrobial Therapy Selection". Ph.D. Thesis Computer Science Department, Stanford University, October 1974.
[30]E. L. Rissland, K. D. Ashley."A case-based system for trade secrets law. International Conference on Artificial Intelligence and Law". 1987.60-66
[31]D,Kleer, J."Local Methods for Localizing Faults in Electronic circuits". MIT AI Memo 394, Cambridge,MA. 1976
[32]David, J.-M., Krivine, J.-P., & Simmons, R. "Second-Generation Expert Systems". Springer. 1993
[33]Venkat Venkatasubramanian, Raghunathan Rengaswamy."A review of process fault detection and diagnosis Part Ⅱ: Qualitative models and search strategies". Computers and Chemical Engineering. 2003 27, 313-326
[34]Larsson, J. E. "'Diagnostic reasoning strategies for means-end models". Automatica. 1994 30(5). 775-787.
[2]S.Kent, R. Atkinson. "Security Architecture for the Internet Protocol" .RFC2401 .November 1998
[3]S. Kent, R. Atkinson, "IP Encapsulating Security Payload', RFC2406, November 1998
[4]S. Kent, R.Atkinson, "IP Authentication Header', RFC2402, November 1998
[5]D. Harkins, D. Carrel. "The Intemet Key Exchange (IKE)", RFC2409, November 1998
[6]D. Maughan, M. Schertler, M. Schneider, J. Turner, "Internet Security Association and Key Management Protocol (ISAKMP)', RFC2408, November 1998
[7]Orman, H. "The OAKLEY Key Determination Protocol" . RFC 2412. November 1998
[8]Krawczyk, H. "SKEME: A Versatile Secure Key Exchange Mechanism for Internet" . IEEE Proceedings of the 1996 Symposium on Network and Distributed Systems Security. 1996
[9]冯登国.《计算机通信网络安全》.第一版.清华大学出版社.2001
[10]刘宏月,范九伦,马建峰.“访问控制技术研究进展”.小型微型计算机系统,2004 25(1):56-59
[11]Belding T."The Chinese Wall Security Policy". IEEE Symposium on Research in Security and Privacy. 1989. 206-214
[12]Thomas R. and Sandhu R."Task-Based Authorization: A Paradigm for Flexible and Adaptable Access Control in Distributed Applications". Proc 16th NIST-NCSC National Computer Security Conference. 1993.409-415
[13]Ravi Sandhu, Edward Coyne, Hal Feinstein and CharlesYouman. "Role-Based Access Control Models". IEEE Computer, 1996 29(2):38-47
[14]David F. Ferraiolo, Ravi Sandhu,ete."Proposed NIST Standard for Role-Based Access control". ACM Transactions on Information and Systems Security. Aug 2001, 224-274.
[15]Joshi J, Bertino E, Ghafoor A. "Temporal Hierarchies and Inheritance Semantics for GTRBAC". 7th ACM Symposium on Access Control Models. 2002.74-83
[16]Abendroth J, Jensen C. "Partial Outsourcing: A New Paradigm for Access Control". ACM Symposium on Access Control Models. 2003. 134-141
[17]Nyanchama M,Osbom S. "The graph model and conflicts of interest". ACM Trans. Inf. Syst. See. 1999.2
[18]Kuhn D R. Role based access control on MLS systems without kernel changes[C]. In Proceedings of the ACM Workshop on Role Based Access Control, 1998.25-32.
[19]Robert C Martin.《敏捷软件开发》.第一版.清华大学出版社.2003.
[20]SP 800-57."Recommendation for Key Management Part I".NIST..April 3, 2003
[21]FIPS 140-2."Security Requirements for Cryptographic Modules".NIST. May 25,2001
[22]Anderson J P."Computer Security Threat Monitoring and Surveillance".Fort Washington,James P.Anderson Co. 1980
[23]Department of Defense Standard."trusted computer system evaluation criteria". Department of Defense. DOD 5200.28-STD, 1985.
[24]GB/T 18010.1999.“路由器安全技术要求”.国家信息化办公室.1999
[25]Denning D E."An intrusion detection model". IEEE Trans Software Engineering. 1987, 2(2):222-232
[26]王伟钊,李承,李家滨.“网络安全审计系统的实现方法”计算机应用与软件.2002,19(11):
24-26
[27]Daniels T E, Spafford E H."A Network Audit System for Hostbasted Intrusion Detection(NASHID)in Linux". Purdue University. 2000
[28]V. K. Dhir, S. Guarro. "Pressurized water reactor [PWR] system simulation and disturbance analysis for anomalous transients and degraded system conditions". Winter Simulation Conference. 1979
[29]Shortliffe E H."MYCIN: A Rule-Based Computer Program for Advising Physicians Regarding Antimicrobial Therapy Selection". Ph.D. Thesis Computer Science Department, Stanford University, October 1974.
[30]E. L. Rissland, K. D. Ashley."A case-based system for trade secrets law. International Conference on Artificial Intelligence and Law". 1987.60-66
[31]D,Kleer, J."Local Methods for Localizing Faults in Electronic circuits". MIT AI Memo 394, Cambridge,MA. 1976
[32]David, J.-M., Krivine, J.-P., & Simmons, R. "Second-Generation Expert Systems". Springer. 1993
[33]Venkat Venkatasubramanian, Raghunathan Rengaswamy."A review of process fault detection and diagnosis Part Ⅱ: Qualitative models and search strategies". Computers and Chemical Engineering. 2003 27, 313-326
[34]Larsson, J. E. "'Diagnostic reasoning strategies for means-end models". Automatica. 1994 30(5). 775-787.