| With the rapid global information development driven by Internet, computer network turns into one of the most important infrastructures. The security safeguard of the Cyberspace has become another national defense field except that the territoriality, airspace and marginal sea dealt with by the all the countries. How to build powerful and effective information security architecture in the complicated network environment is the great task. The effect of the network and information security architecture lies on the whole resourcefulness. With the rapid development of the network technique and the broad application of the computer and Internet, the network scale becomes larger, the topological structure becomes more complex, the security safeguards difficulties increase steadily, and all of these bring forward severe challenge. The research of the agent-based comprehensive internal network security system is the effort made by the author.The network is the carrier and channel, the information is the object of the network serves. Both complement each other. The management of network and information security covers from the maintenance of network cables and device entities to the secure storage and transmission, then to the maximum information resources utilizing benefit and the minimum network management cost, all of these have their rules and the systematical complicated characteristics of distributed, time-variant and commensal isomer. So, the design and implementation of the network and information security safeguards and defense systems belong to the complex systems engineering.Although the network can be divided as Wide Area Network (WAN) and Local Area Network by its size, the information dominion belonging and the legal user computer sharing the information determines the design and implementation of the network security system. What the network and information security system researched by this paper belongs to this kind of computer special network, which is called the internal network and possessed by the specialized agency. What the security problems demonstrated and discussed by this paper belong to the design of internal network system. Because all the hosts in the internal network should be monitored, the network is also called Controllable Internal Network (CIN).Almost 70% security problems come from internal network; the firewall can't prevent all of the outside intrusions, so the strength of the network security policies and measurements inner the firewall are very important and necessary. All of the telltales, the attackers and the engineers alleviating disasters are the"humans". So, the security policies and technique choices of the internal network are orientated to the"human".The research object of this paper is listed as fellows: under the important human centered idea, it is necessary to put the security defense on each illegal user host. This paper devotes to the comprehensive internal network security system (CINSS) based on the advanced multiple agent technique.The internal network security services include authentication, access control, security audit and so on, meanwhile, viruses pose threats to the network. So, CINSS proposes and implements the agent-based comprehensive internal network security system after analyzing the national and international congener techniques and products by considering the security requirements, comprehensive functionalities, costs and easy to realize. The concrete sub-systems and research context include: the authentication and access control sub-system; the vulnerabilities detection sub-system; the security autdit sub-system; the software self-protection and the agent operation environment defense.The technique solution of the CINSS is listed as below: using the host packets filter to implement the authentication and role-based network access control and integrating these functionalities into the authentication agent. The normal operation of this system relies on the agent installed on each host. Because the users can destroy the authentication software agent, CINSS must provide the protection mechanism for the agent, which belongs to the self-software protection technique. Meanwhile, the inner users could carry the new host or reinstall the operative system to escape the authentication and access the network uncontrollably, so, it is necessary to monitor the agent operation environment, to forwardly detect and prevent such security problem. Otherwise, hackers and viruses attack or infect the hosts through the host vulnerabilities, it is significant to integrate the vulnerabilities detection system. Such system is used to evaluate the security risk class, to isolate the high risks host from the network, ultimately, to realize the proactive defense. The mobile agent encapsulated by security audit or other security packages are dispatched to the network nodes to implement corresponding security tasks, which customs the security policies. The secure communication problem is very important due to the cooperation among the agents; the user password related hash value is used as secret key, which implements the communication mechanism by the method of Symmetric Cryptography.
|
PDF Full Text Request