A Message Access Control Method Based on Network Mark
A technology of access control and access control strategy, applied in electrical components, transmission systems, etc., can solve the problem that network security cannot be better guaranteed, and achieve the goal of marking and implementing isolation, protecting network security, and high network security. Effect
Active Publication Date: 2017-11-21
NAT UNIV OF DEFENSE TECH
View PDF3 Cites 0 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
However, this access control is not combined with the mandatory access control technology of the host, and the security of the network cannot be better guaranteed
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0019] like figure 1 As shown, the implementation steps of the packet access control method based on network marking in this embodiment are as follows:
[0020] 1) Set the access control policy in the operating system in advance and add a mandatory access control module based on the access control policy. Each entry in the access control policy includes the application program, security network identifier and access status; at the network layer Added the function of setting the security network identification for the filtered packets in the firewall;
[0021] 2) Screen and filter each message in the network message flow entering and leaving the firewall through the firewall according to the preset firewall rules and the network information of the message, and set a security network identifier for the message that passes the filter;
[0022] 3) For each current message that passes the screening, the mandatory access control module checks the access control policy according to ...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention discloses a message access control method based on a network marking. The message access control method comprises the following implementation steps: 1) setting an access control policy in an operation system in advance, additionally arranging a mandatory access control module, and adding the function of setting a security network identifier for a screened message in a firewall of a network layer; 2) screening and filtering each message in a network message flow entering and coming out of the firewall through the firewall and setting a security network identifier for the screened message; 3) aiming at each screened message, inspecting the access control policy through the mandatory access control module, continuously carrying out subsequent receiving and transmitting of the current message if an allow-to-access state corresponding to a current message in the access control policy is on, otherwise, discarding the current message if the allow-to-access state is off. The message access control method has the advantages that an access control technology and a mandatory access control technology of a host machine are combined, the network security is high, an external infrastructure and a label protocol are not needed, marking is isolated from implementation, and the expansion and the realization are easy.
Description
technical field [0001] The invention relates to a network access control technology in a computer operating system, in particular to a message access control method based on a network mark. Background technique [0002] Today's network technology is developing rapidly, and the interaction between machines is becoming more and more frequent, but in the network environment, the security of network communication cannot be guaranteed. Although technologies such as firewalls can protect internal computers from threats from external networks to a certain extent, firewalls only protect the physical characteristics of network packets, such as source / destination addresses, port numbers, application types, etc., and cannot provide higher Layers of protection. [0003] Network access control technology is a technology that controls the purpose of its access based on the characteristic information of the message. It is usually used to separate the internal network from the public netwo...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/0227H04L63/101
Inventor 魏立峰王玉成王晓川黄辰林董攀丁滟陈松政罗军
Owner NAT UNIV OF DEFENSE TECH