| It is an important scheme to figure out the security of the Internet communication, and carry out virtual connecting between the different domains in the open Internet for IPSec-based VPN. IPSec-based VPN is provided the data transfer with the integrality, authentication, and confidentiality. And it is applied to the various access control. The security policy and policy management in the Internet are emphatically studied in this paper. We show The main work of this thesis is followed:The overview of the security policy on IPSec is presented. The secure attributes of the protocols in IPSec and the implement of the IPSec data flows are analysised. According to security policy control introduced, the condition of the IPSec-based VPN security policy implement and management is studied. The algorithms about creating security policies and the management on the conflicts among the policies are analysised. Based on the secure requirements, The efficient, integral and correct policies are created by the three kinds of algorithms. The system framework of the security policy management and the structure of the policy-based Internet management are analysised. The system management tool translating rule requirements into policies is analysised. The Policy Tree is presented tomanaging and implementing security policy. By departing with each other, the policy system is improved.Making use of the inheritance of the portsport, VPN is carried out creating in End-host. Combining the portspace with the security policies, the policy configuration, management and implement is studied in end-to-end connecting.
|
PDF Full Text Request