介绍了主动网络安全系统的假设模型和威胁模型.基于上述模型和主动网络的安全需要提出了一种安全系统结构模型.该安全模型包括授权、认证、完整性检查和加密等.使用加密和数字签名方法来保护主动网络报文的完整性,使用授权和政策来阻止非法访问以及主动节点的资源请求和行为.%In this paper, the assumption model and the threat model of active network security system are introduced. A secure system architecture model based on these models and security requirement is presented. Definition of secure system architecture model includes authentication, authorization, integrity and encryption. To protect the integrity of the contents of active packet, the encryption and the digital signatures can be employed and the authorization mechanisms or policies are defined and enforced to provide controlled access to the active node resources.
展开▼