Design And Implement Of VPN Security Admittance Control

Posted on:2009-04-30

Degree:Master

Type:Thesis

Country:China

Candidate:J Q Qu

Full Text:PDF

GTID:2178360275972325

Subject:Computer system architecture

Abstract/Summary:

PDF Full Text Request

The VPN use authentication, data integrality validation, data encryption, anti-rebroadcast technologies and so on, to provide strong protection of the tunnel security for the data transmission. However, if the terminal node connected into the VPN has the security risk, or exists malicious act, even if these nodes passed authentication, data transmitted on the security tunnel maybe unsafe. Therefore it need to protect accessing terminals.Based on the thorough analysis to each kind of the popular technology of security accessing terminals at present, combined with characteristics of VPN, the idea of VPN security admittance control is proposed. And the implement scheme of VPN security admittance control based on NDIS frame of Windows platform is provided. The main idea of this kind of plan is: The security policy server produces security policies according to the actual security requirements, and then delivers them to the terminals. A terminal provides each kind of terminal control function following the security policies, such as the network access control, the terminal health examination, the device control, the crack scan, security audit, anti-virus, threat defense, system integrity control and so on. Thereinto, the network access control provides the rule control of accessing the network of the terminal application and the rule control of accessing the terminal IP messages. And the terminal health examination provides to the system health examination, prevents the terminal that doesn't conform to concrete security policy to connect into, thus avoids the security risk. The device control provides with the serial port or parallel port equipments control and the USB equipments control in high level security environment. The main implement technology is: Using the NDIS-Hook technology to filtrate the IP message; using Service Provider Interface technology to control the action of application accessing network; using Windows Management Instrumentation technology and so on, to exam the system.health.

Keywords/Search Tags:

VPN, security admittance control, network access control, terminal health examination, device control

PDF Full Text Request

Related items

1	A Support Devices On The Network Security Access Control Method And Its Application
2	Research And Implementation Of Network Terminal Security Control System
3	Research And Optimization Of Terminal Access Control Technology Based On 802.1X
4	New secure solutions for privacy and access control in Health Information Exchange
5	Design And Implementation Of Business Terminal Security Management System Of Shanxi Mobile
6	The Research And Implement Of PMI Access Control Model Based On Terminal Environment Quantitative Assessment
7	Research On Control Of Asymmetric Lower Limb External Skeleton Based On Admittance Control
8	Research And Implementation Of Regional Health Information Platform With Unified Access Control System Based On Web Services
9	Design And Implementation Of Terminal Access Control And Traffic Control In The Enterprise LAN
10	Research On Access Control In Security Linux