On the basis of analyzing the current network information filtering technologies, a scalable multi-level and multi-policy model of a distributed network information filtering system was described, which combines the functions of the packet analyzing, filtering and forwarding. A fine-granularity information filtering policy was provided, which effectively enhances the information security, increases the speed of data transfer, and decreases the latency. The filtering plug-ins can be conveniently configured and loaded. The model is scalable and open in architecture that can be easily configured and organized in order to meet a variety of requirements and run on the distributed system for gaining better performances. The information processing is transparent to the client hosts and applications so that the side effects to the users are minimal.
�� ��, ������. ����ͷ���ǽ�������ʵ��[J]. ������о��뷢չ, 1998, 35(10):882~885 Xin Tao, Zhou Mingtian. Design and implementation of a hybrid fire-wall system[J]. Compute Research & Development, 1998, 35(10):882~885(in Chinese)
Younglove R. Virtual private networks——how they work[J].Computing & Control Engineering Journal.2000, 11(11):260-266
��̫��, ������, ��ΰ��,��. ����Agent�ķֲ�ʽ���ּ��ϵͳģ��[J]. ���ѧ��, 2000, 11(10):1312~1319 Ma Taiheng, Jiang Jianchun, Chen Weifeng,et al. Distributed model of intrusion detection system based on agent[J]. Journal of Software, 2000, 11(10):1312~1319(in Chinese)
Lerida J L, Grackzy S M, Vina A. Detecting security vulnerabilities in remote TCP/IP networks:an approach using security scanners . Proceedings of IEEE 33rd Annual 1999 International Carnahan Conference . Madrid, 1999. 446~460
Banisar D. Battle for control of encryption technology[J].IEEE Software.1993, 10(4):95-97