| With the rapid development and popularization of Internet, information-globalization has become the development trend of human society. More and more safety information is being transmitted through network, which leads to a critical network security situation and an urgent need for effective network security technologies. So far, people have made many researches and have got much achievement in authentification, access control, firewall technologies, computer system security management and network security management.Network security is a systems engineering needing entire protection and the network security technology is an important technical method to realize the network safety. The theory and technology of agent and mobile agent have become hot issues of the computer security field for their characteristics such as intelligence, independence, mobility, cooperation, etc.The thesis starts with the existing network security state. Current network security state and technologies, including their advantages and disadvantages, are discussed at first. The conceptions of agent and mobile agent and their applications in network security are introduced too.In succession, a model of internal network security system based on agent is put forward in the thesis. How to establish a complicated and open internal network security system based on agent and mobile agent technologies, which includes functions such as identity authentification, access control, host audit, information collection, vulnerability detection, is mainly discussed in this part. The system architecture and model is proposed and detailed discussion about authentification module, access control module, host audit module, information collection module and the agent dispatcher system is also given.Based on all above, the secure communication in agent system is studied in the thesis. Basic theories of cryptography, including symmetric key cryptography and public key cryptography are introduced. Data Encryption Standard and RSA Encryption method along with their practical applications in security communication are mainly discussed. What's more, an interlock key exchange protocol and another protocol to keep away replay attack are put forward.For having the characteristics such as security, haleness and expansibility etc., the system can be easily expanded to meet the changeful requirement for network security system.In the end, the research work in the thesis is summarized and the development and further work for the internal network security system is discussed. |
PDF Full Text Request