【作者】 张锋；

【导师】 傅予力； 王宏全；

【作者基本信息】 华南理工大学 ， 电子与通信工程， 2009， 硕士

【摘要】 作为学校重要的基础设施,校园网担负着教学、科研、管理和对外交流的重任,它的安全状况直接影响到这些活动的顺利进行。随着校园网建设的快速发展,学校对网络的依赖性越来越强,网络的安全问题日益突出。这就给校园网的安全建设提出了新的要求。某大学新校区利用先进的计算机技术和网络通信技术,已经初步建立了较为完善的信息系统,实现了校园内计算机联网、信息资源共享,并开发了许多业务系统,为了建立更为完善的网络安全体系,对其网络系统进行安全改造就成了当前的主要工作任务,也是课题研究的意义所在。本文从计算机网络安全的背景及现状入手,对校园网常见危害风险、安全策略以及其关键技术作了详细的阐述。接着针对校园网的特点介绍了校园网络的安全风险分析和安全需求;在不损失网络整体性能的前提下,尽可能的提高网络的安全性,使之能最大限度的保障正常运作。根据某大学的校园网建设的实际情况,提出了系统安全设计目标。根据该设计目标提出可适应性的动态网络安全模型—RPPDRA模型。根据该模型的结构,分别从物理层、网络层、应用层、操作系统、安全审计和管理六个方面进行了风险分析。接着在此基础上采用主动与被动防御技术相结合,设计了校园网安全方案。最后,给出了该安全方案的实现步骤,并对部分方案进行仿真实验及性能分析。该方案已在某大学的校园网得到部分实施。结果表明,该方案设计合理,能较好满足校园网的安全需求。更多还原

【Abstract】 As an important foundation for the school facilities, campus network responsible for the teaching, research, management and foreign exchange task. Its security situation directly impacts on going well of these activities. With the rapidly development of the campus network construction, the school increasingly dependent on networks, network security issues become increasingly prominent. This provides the security of campus network building of the new requirements.An information system in a university has been built for computer connection and information shared in campus based on the advanced technology of computer and communication. Some application systems have been exploited. The primary task of the updating the information system is building a perfect security structure. It is also the significance for the study subjects.This thesis begins from the security background and present situation of the computer network. Its commonly harm risk, security policy as well as key technologies were described in detail. Then aiming at the campus network’s characteristic to introduce its security risk analysis and the security requirements .Without losing the overall performance of the network under the premise, as far as possible enhances the network security, keeps it safely operating within the maximum limit.According to the actual situation of the university campus network construction, put forward the security design goal of the system. Based on the goal, propose a dynamic adaptive network security model-RPPDRA model. According to the model structure, respectively, analysis the risk of the system from the physical layer, network layer, application layer, operating system, security audit and management .And then on this basis, using of active and passive defense technologies to design the campus network security program. Finally, the implementation steps of the security program were shown in this thesis and parts of the program were simulated and the performances of the system were analyzed. The program has been partially implemented in the university. The results show that the design is reasonable, can better meet the security need of the campus network.更多还原