CAJ | 학술논문

跨域交换技术为不同安全域之间的数据通信提供了便利，但由于跨域信息系统开放了域内多个端口，面临着各种来自系统内外部的安全威胁，导致了信任危机。针对现有跨域信息系统在数据交换方面的安全需求，首先分析了当前跨域信息交换存在的问题，接着设计了面向多级安全的跨域交换系统架构，该架构能够有效地实现多域信息系统的安全互联与资源共享，然后研究了安全标签绑定、内容过滤等关键技术，最后对下一步的研究工作进行了展望。
과역교환기술위불동안전역지간적수거통신제공료편리，단유우과역신식계통개방료역내다개단구，면림착각충래자계통내외부적안전위협，도치료신임위궤。침대현유과역신식계통재수거교환방면적안전수구，수선분석료당전과역신식교환존재적문제，접착설계료면향다급안전적과역교환계통가구，해가구능구유효지실현다역신식계통적안전호련여자원공향，연후연구료안전표첨방정、내용과려등관건기술，최후대하일보적연구공작진행료전망。
Cross domain exchange technology provides a convenience for data communication between dif-ferent security domains. However, due to a number of opened ports of cross domain information systems, it faces various security threats from internal and external system, leading to a crisis of confidence. Aiming at the existing cross domain information system security requirements in terms of data exchange, this paper firstly analyzes the current problems of cross domain exchange of information, and then proposes multilevel security architecture of the cross domain exchange system, which can effectively implement secure inter-connection and resource sharing in the multi domain information system. Moreover, security label binding and content filtering technologies are studied. Finally, the next research jobs are discussed.