Please use this identifier to cite or link to this item: http://hdl.handle.net/11455/7491
標題: 在IXDPG425嵌入式系統上建置強安全性之虛擬私有網路
An Enhanced VPN Solution on IXDPG425 Embedded System
作者: 謝孟芳
Xie, Meng-Fang
關鍵字: 虛擬私有網路SSL
Virtual Private Network (VPN)
嵌入式系統
網路安全
網路處理器
Secure Socket Layer Protocol
Embedded System
Network Security
Network Processor
出版社: 電機工程學系所
引用: 參考文獻 [1] J. Harrison, “VPN Technologies – A Comparison” , white paper, Data Connection Limited, 2003. [2] P. Ferguson, G. Huston, “What is VPN”, The Internet Protocol Journal, 1999. [3] J. Carless, R. Irani, “Layer 2 and Layer 3 VPNs”, Cisco Systems, February 2003. [4] T. Berger, “Analysis of Current VPN Technologies”, IEEE Proceedings of the First International Conference on Availability, Reliability and Security (ARES’06), 2006. [5] W. Stallings, Cryptography and Network Security:Principles and Practices, 3th Edition, Prentice Hall, May 2004. [6] B. Schneier, Applied Cryptography, 2nd Edition, J. Wiley&Sons, Inc 1996. [7] Y. N. Lin, C. H. Lin, Y. D. Lin, Y. C. Lai, “VPN Gateways over Network Processors: Implementation and Evaluation”, Proceedings of the 11th IEEE Real Time and Embedded Technology and Applications Symposium (RTAS’05), 2005. [8] L. Kohnfelder, “Towards a Practical Public-Key Cryptosystem”, Bachelor’s Thesis, M.I.T., May 1978. [9] K. Schmeh, Cryptography and Public Key Infrastructure on the Internet, John Wiley & Sons Inc., New York, 2003. [10] Intel, “Intel® IXP400 Software Programmer’s Guide”, Intel Corp., June 2004. [11] Intel, “OpenVPN Enabling in Intel® IXP400 Software v2.1”, Intel Corp., June 2006. [12] M. Finlayson, J. Harrison, R. Sugarman, ”VPN Technologies – A Comparison”, Data Connection Ltd., Enfield, UK, 2006. [13] Intel® IXP-425 Network Processor, http://www.intel.com/ [14] J. Yonan, OpenVPN, http://openvpn.sourceforge.net/ [15] SSL, http://sourceforge.net/projects/sslproxy/ [16] OpenSSL, http://www.openssl.org/ [17] 政府憑證管理中心, http://www.pki.gov.tw [18] 翁木龍, ”Linux環境下以AES及SHA-256強化VPN的設計與實現”, 高雄第一科技大學碩士論文, July 2002. [19] PCuSER研究室, Linux 伺服器進階管理實務, 電腦人文化, May 2005. [20] 鄭伯炤, 曹凱爾, 鄭雅文, 網路處理器建置嵌入式安全系統, 經緯國際股份有限公司, 2006. [21] 謝文川, Intel IXP425 ARM嵌入式Linux系統原理與實務, 學貫行銷股份有限公司, 2005. [22] 陳俊宏編著,謝清佑編輯, Embedded Linux 嵌入式系統原理與實務, 3th Edition, 學貫行銷股份有限公司, 2005. [23] Security Architecture for the Internet Protocol(IPSec), RFC2401. [24] The TLS Protocol Version 1.0(SSL/TLS), RFC2246. [25] Point-to-Point Tunneling Protocol (PPTP), RFC 2637, July 1999.
摘要: 在網際網路拓展益發龐大,使用者遍佈,網路攻擊亦無刻停歇的同時,我們需要一種安全無虞的網路連線來保障端點之間的連接。而虛擬私有網路 (Virtual Private Network, VPN)即能提供這種需求。虛擬私有網路是一種透過公眾網路提供類似私有專線服務的內部通信網路技術,它除了必須具備私有內部網路的特性(安全性、便利性與優先性)還需要提供具一定服務品質的傳輸速率,以取代傳統昂貴的專線服務。VPN本身無實體連線,是透過公眾網路所建立的私有網路,比起透過專線連接所需的成本相對降低許多,因此VPN逐漸成為企業建置其內部網路熱門選擇。近年來SSL(Secure Socket Layer Protocol)技術被應用到VPN的技術上,形成一種SSL VPN架構。由於其配置頗便利、兼容性強、安全性亦高,所以迅速崛起。SSL VPN能提供良好的安全機制與服務品質(Quality of Service),非常適合用來提供有保證的VPN服務。這篇論文主要針對SSL VPN改良其加密演算法,在網路處理器平台上實現成一個具VPN服務的嵌入式系統。這個強安全性的VPN嵌入式系統提供使用者一條安全的連線瀏覽。
VPN is a private network that uses a public network (Internet) to connect remote sites, which contains encryption and authentication technology. It needs to offer the transmission rate with certain quality of service besides the private intranet characteristics (ex: security, convenience, and priority). Instead of using a expensive, dedicated, real-world connection such as leased line, a VPN uses "virtual" connections routed through the Internet from the company''s private network to the remote site. Recently, SSL ( Secure Socket Layer Protocol) technology is applied to the VPN establishing a SSL VPN technology. With the rapid development of service, SSL VPN supported security mechanism, compatibility, and quality of service. To provide a strong encryption protect mechanism for SSL VPN applications, we develop a VPN service system which is implemented based on IXDPG425 Network Processor. The Enhanced VPN Solution on IXDPG425 Embedded System provides customers with a security connection to view server entire networks.
URI: http://hdl.handle.net/11455/7491
其他識別: U0005-1406200720295500
文章連結: http://www.airitilibrary.com/Publication/alDetailedMesh1?DocID=U0005-1406200720295500
Appears in Collections:電機工程學系所

文件中的檔案:

取得全文請前往華藝線上圖書館

Show full item record
 
TAIR Related Article
 
Citations:


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.