Title :
Research about solution for network security based on security domain
Author :
Hui, Yan ; Weijie, Han ; Yu, Wang
Author_Institution :
Dept. of Inf. Equip., Acad. of Equip. Command & Technol., Beijing, China
Abstract :
The typical security solution can only ensure the security of the network boundary, but not involve the internal security. According to different types of applications and secrets that it provides, the network can be divided into a number of logical security domains. Furthermore, the access control of the network could be realized by applying dynamical VLAN technology, and the filtration and audit of the information exchange between security domains is realized by mandatory access control policies, and the unified identity authentication and access control is realized by applying SSL VPN technology. The practical application shows that the solution can not only enforce the access control and secure audit, but also reduce the risk of revealing the secret information.
Keywords :
authorisation; local area networks; telecommunication security; virtual private networks; SSL VPN technology; VLAN technology; access control; logical security domains; network boundary; network security; Access control; Application software; Authentication; Computer networks; Computer security; Data security; Electronic mail; Filtration; Information security; Virtual private networks; SSL VPN; VLAN; access control; network security; security domain;
Conference_Titel :
Computer Design and Applications (ICCDA), 2010 International Conference on
Conference_Location :
Qinhuangdao
Print_ISBN :
978-1-4244-7164-5
Electronic_ISBN :
978-1-4244-7164-5
DOI :
10.1109/ICCDA.2010.5541092
