English  |  正體中文  |  简体中文  |  全文笔数/总笔数 : 50122/85141 (59%)
造访人次 : 7889638      在线人数 : 40
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library & TKU Library IR team.
搜寻范围 查询小技巧:
  • 您可在西文检索词汇前后加上"双引号",以获取较精准的检索结果
  • 若欲以作者姓名搜寻,建议至进阶搜寻限定作者字段,可获得较完整数据
  • 进阶搜寻


    jsp.display-item.identifier=請使用永久網址來引用或連結此文件: http://tkuir.lib.tku.edu.tw:8080/dspace/handle/987654321/101614


    题名: 網路防火牆規則驗證之研究
    其它题名: A study of firewalls rules verification
    作者: 姜順瀚;Chiang, Shun-Han
    贡献者: 淡江大學資訊管理學系碩士班
    梁德昭;Liang, Te-Chao
    关键词: 防火牆;抽象防火牆;異常規則;firewall;Abstract Firewall;Anomaly
    日期: 2014
    上传时间: 2015-05-01 16:12:11 (UTC+8)
    摘要: 近年來資料被駭客竊取事件層出不窮,防火牆乃是網路安全中重要的環節之一,負責篩選不必要的網路連線來保護組織內部網路。防火牆過濾封包的機制是透過存取控制清單(Access Control List; ACL)內紀錄的規則做決定,當有兩條或是兩條以上的規則符合過濾條件,以優先權較大的規則做為執行動作,故對於存取控制清單內的規則、規則的順序與存取控制清單的部署都必須要小心謹慎。當防火牆過濾規則產生了非預期的行為,本文將會造成此現象的規則稱為異常規則(Anomaly Rule)。本論文的目標是在知道多防火牆間網路拓樸的狀況下,透過抽象防火牆模型,將網路拓樸中的各個防火牆轉化成對應的抽象防火牆(Abstract Firewall; AFW),再將各個抽象防火牆經由循序路徑驗證及平行路徑驗證,去驗證多防火牆間的規則是否有異常規則存在,若存在異常規則,通知網路管理人員修改,修改完成後即為代表此網路拓樸的抽象防火牆。藉由此抽象防火牆作為中介,讓網管人員可以透過此抽象防火牆檢驗防火牆網路的正確性。
    In recent years, data theft by hackers continuously occurrence. Firewall is an important part of network security, it is responsible for filtering unnecessary network connections to protect organization''s internal network.Firewall mechanism for filtering packets is through the records rules in the ACL to make a decision.Firewall mechanism for filtering packets is through the records rules in the ACL to make a decision.therefore, the rules in the ACL and the rules order and the ACL deployment all must have to be careful. Unexpected behavior when the firewall filtering rules, in this article we call the rule as Anomaly Rule.The goal of this paper is in knowing the multi-firewalls under the condition of network topology, by the abstract firewall model, we transforms each firewall in network topology to the correspondence abstract firewall (AFW), then each AFW by way of sequential path validation and parallel path validation to verify rules between multi-firewalls whether there exists anomaly rules, if exists anomaly rules,notify the network administrators to modify, after the modification is completed, it''s represent the AFW of this network topology. By this AFW as an intermediary, enabling the network administrators to go through this AFW to ckeck accuracy of firewalls network.
    显示于类别:[資訊管理學系暨研究所] 學位論文

    文件中的档案:

    档案 大小格式浏览次数
    index.html0KbHTML114检视/开启

    在機構典藏中所有的数据项都受到原著作权保护.

    TAIR相关文章

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library & TKU Library IR teams. Copyright ©   - 回馈