| Today, the application of computer network is becoming more broad and in-depth, therefore network security become indispensable to us all. In the past years, more and more network hackers event made enormous lose in economy to our society, they have been degrading people's interests in computer network even though. Above all, to make our computer network more security is not only to meet people's desire but also to develop computer network.It's well known that Internet spreads all over the world today, and TCP/IP is treated as the key communication protocol on it. But for the lack of security mechanism in TCP/IP protocol stack and open feature of Internet, our computer network is vulnerability to be attacked by hackers. Fortunately, IPSec provides us security services for IP layer and higher layers, such as access control, connectionless integrity, data origin authentication, rejection of replayed packets (a form of partial sequence integrity), confidentiality (encryption), limited traffic flow confidentiality, and so on. The thesis gives a type of network security architecture based on IPSec system, it includes the following contents:1 Analyzing the security problem in TCP/IP protocol stack, current main network attack methods and regular defense methods.2 Studing the overall architecture, main security protocols, application environments, and working mechanism of IPSec.3 Studing the main cryptography and data encrypt algorithms.4 Studing the principle and working mechanism of Chaos-based cryptography, then programming codes to implement it and evaluating its performance.
|
PDF Full Text Request