• 中国计算机学会会刊
  • 中国科技核心期刊
  • 中文核心期刊

计算机工程与科学

• 计算机网络与信息安全 • 上一篇    下一篇

基于异构网的一种数据安全模型设计

周静,陈琛   

  1. (黄冈师范学院计算机学院,湖北 黄冈 438000)
  • 收稿日期:2019-07-16 修回日期:2019-09-10 出版日期:2019-12-25 发布日期:2019-12-25
  • 基金资助:

    湖北省教育厅科学技术研究项目(D20172901)

A data security model based on heterogeneous network

ZHOU Jing,CHEN Chen   

  1. (School of Computer Science,Huanggang Normal University,Huanggang 438000,China)
  • Received:2019-07-16 Revised:2019-09-10 Online:2019-12-25 Published:2019-12-25

摘要:

针对局域异构网络中的数据可用性、保密性及完整性的问题,提出一种终端检测-数据存储访问-安全信道建立及传输的3阶段系统模型方案,即首先对终端系统扫描检测,排除因遭受攻击或硬件层清理不完整导致的数据不可用问题;然后对数据加密存储访问并设置自毁机制,实现数据保密功能排除隐私泄露问题;最后利用SSL及VPN技术实现信道安全建立及数据完整安全传输。通过设计原型模型和仿真实验进行测试和分析,结果表明终端检测数据可用精准度达到90%以上,实现保密性功能的加密速度低于0.5 MB/s,且自毁保护机制有效,信道数据完整传输速度平均提高约27.5%。综合分析可见该模型对网络数据安全检测防护方面有较高参考价值。

 

关键词: 异构网, 模型设计, 数据安全, 信道检测, 文件加密, 实验分析

Abstract:

In order to solve the problems of data availability, confidentiality and integrity in local heterogeneous networks, a three-stage system design model of terminal detection, data storage access, and secure channel establishment and transmission is proposed. Firstly, the terminal system is scanned and detected to avoid the data unavailability problem caused by attack or incomplete hardware layer cleaning. Secondly, the data encryption storage access and self-destruction mechanism are set to realize the data confidentiality function and eliminate the privacy disclosure problem. Finally, SSL and VPN technologies are used to realize the secure establishment of the channel and the complete and secure transmission of the data. Through the prototype model design and the simulation experiment, the test and analysis are carried out, and the results show that the available precision of terminal detection achieves more than 90%, the encryption speed of the security function is less than 0.5 MB/s, the self-destruction protection mechanism is effective, and the full transmission speed of the channel data is increased by about 275% on average. It can be found that the model can be of high reference value for network data security detection and protection.
 

Key words: heterogeneous network, model design, data security, channel detection, file encryption, experimental analysis