信息网络安全
信息網絡安全
신식망락안전
Netinfo Security
2015年
9期
84-88
,共5页
GDOI协议%安全%国产化%加密系统
GDOI協議%安全%國產化%加密繫統
GDOI협의%안전%국산화%가밀계통
GDOI Protocol%security%localization%encryption system
面对日益复杂的网络环境和网络应用安全需求,使用IPSec加解密开始出现各种局限(Qos问题、隧道实时性问题和组播通信等问题),基于GDOI协议的网络加密系统逐步成为首选.针对国内对网络设备日益提高的安全要求,文章利用标准RFC6407框架内扩展私有载荷属性的方式,采用国家商用密码算法同时扩展支持各类自定义算法,完整实现符合标准GDOI协议的网络密码系统.整个系统的设计与实现严格遵循国家密码管理局相关算法及设备安全要求规范.
麵對日益複雜的網絡環境和網絡應用安全需求,使用IPSec加解密開始齣現各種跼限(Qos問題、隧道實時性問題和組播通信等問題),基于GDOI協議的網絡加密繫統逐步成為首選.針對國內對網絡設備日益提高的安全要求,文章利用標準RFC6407框架內擴展私有載荷屬性的方式,採用國傢商用密碼算法同時擴展支持各類自定義算法,完整實現符閤標準GDOI協議的網絡密碼繫統.整箇繫統的設計與實現嚴格遵循國傢密碼管理跼相關算法及設備安全要求規範.
면대일익복잡적망락배경화망락응용안전수구,사용IPSec가해밀개시출현각충국한(Qos문제、수도실시성문제화조파통신등문제),기우GDOI협의적망락가밀계통축보성위수선.침대국내대망락설비일익제고적안전요구,문장이용표준RFC6407광가내확전사유재하속성적방식,채용국가상용밀마산법동시확전지지각류자정의산법,완정실현부합표준GDOI협의적망락밀마계통.정개계통적설계여실현엄격준순국가밀마관리국상관산법급설비안전요구규범.
Facing with the increasingly complex network environment and network application security needs, it appears all kinds of limitations when uses IPSec encryption and decryption, such as the QoS problem, the tunnel real-time problem and the multicast communication problem. Network encryption system based on GDOI protocol is gradually becoming the ifrst choice. For the high security requirements of domestic network equipments, in use of the method that extends the private load properties in the standard RFC6407 framework, this paper completely designs a network password system that conforms to the standard GDOI protocol, supporting in extra for all kinds of custom algorithms at the same time using the national commercial code algorithms. The design and implementation of the whole system strictly follow the relevant algorithms and equipment safety requirements of the National Commercial Code Management Bureau.
