查詢結果分析
來源資料
頁籤選單縮合
題 名 | 企業資訊網路安全機制之研究=A Study on the Creation of Intranet Security Infrastructure |
---|---|
作 者 | 盧坤勇; 陳瑞順; 余顯強; | 書刊名 | 聯合學報 |
卷 期 | 18 2001.05[民90.05] |
頁 次 | 頁71-82 |
分類號 | 312.76 |
關鍵詞 | 企業資訊網路; 資訊安全; 虛擬私人網路; 執行權管制; Intranet; Information security; Virtual private network; Access control; |
語 文 | 中文(Chinese) |
中文摘要 | 本文針對企業資訊網路的安全機制問題,提出一整合性的概念探討, 研究目的在 於協助企業界建置安全的企業資訊網路。探討範圍從通訊協定之選用,企業網站之型態和防 火牆之搭配,網路上流通文件之機密等級分類和處理方式,以及執行權之規劃、指派和管制 。本文建議企業網站宜採漸進方式,從布告欄式開始,再更新為顧客訂製型,最後導入企業 全功能型。通訊協定之選用,應考慮企業資訊網路是否與大眾網路連線及安全需求,若需防 患資訊遭受竄改、竊聽、偷取、偽造等,則應選用安全竹寺級較高之協定如 HTTP/SSL, 或 是使用虛擬私人網路。資訊若需流經非信賴的網路,事前應加以適當分級,而且應加密保護 。執行權之管制,除了可延用傳統的矩陣式權限法、執行權管制清單、標籤式通行證等方法 外,隨著企業資訊網路規模的擴大和機能的增加,宜採行更為簡易及更為強固的「角色為基 式執行權管制法」( Role-based Access Control: RBAC ), 使得指派工作更為簡易與周 延,資訊安全也更容易確保。 |
英文摘要 | This paper focuses on the security mechanisms of Intranet and demonstrates integrated solutions. The aim is to support enterprises creating secure Intranet infrastructures. The scopes of consideration in this paper are concerned with the choice of communication protocols, the stages of Web installation, the classifications of documents, and the planning of access control. It is convenient for creating the Intranet step by step from the bulletin board web, then to the customer web after owning rich experiences, and to the enterprise web at final. The choice of communicating protocols should be based on the confidentiality level of information. To prevent damaging from tampering, eavesdropping, purloining, and forgery, we propose using the trusted protocol as HTTP/SSL or setting up the Intranet by virtual private network (VPN). The data must be classified and encrypted with appropriate cipher methods when they travel through the non-trusted networks. The access control for the bulletin board and custom web can be implemented by traditionally methods such as access-matrix, access control lists, label-based scheme, and capabilities. It is more suitable to use the role-based access control method to simplify the assignment when the Intranet grows to the enterprise web. |
本系統中英文摘要資訊取自各篇刊載內容。