Research about solution for network security based on security domain

Author

Hui, Yan ; Weijie, Han ; Yu, Wang

Author_Institution

Dept. of Inf. Equip., Acad. of Equip. Command & Technol., Beijing, China

Volume

5

fYear

2010

fDate

25-27 June 2010

Abstract

The typical security solution can only ensure the security of the network boundary, but not involve the internal security. According to different types of applications and secrets that it provides, the network can be divided into a number of logical security domains. Furthermore, the access control of the network could be realized by applying dynamical VLAN technology, and the filtration and audit of the information exchange between security domains is realized by mandatory access control policies, and the unified identity authentication and access control is realized by applying SSL VPN technology. The practical application shows that the solution can not only enforce the access control and secure audit, but also reduce the risk of revealing the secret information.

Keywords

authorisation; local area networks; telecommunication security; virtual private networks; SSL VPN technology; VLAN technology; access control; logical security domains; network boundary; network security; Access control; Application software; Authentication; Computer networks; Computer security; Data security; Electronic mail; Filtration; Information security; Virtual private networks; SSL VPN; VLAN; access control; network security; security domain;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Design and Applications (ICCDA), 2010 International Conference on

Conference_Location

Qinhuangdao

Print_ISBN

978-1-4244-7164-5

Electronic_ISBN

978-1-4244-7164-5

Type

conf

DOI

10.1109/ICCDA.2010.5541092

Filename

5541092