원문정보
초록
영어
The enterprise internal information security faced with many hidden trouble, and information leakage has been the largest security problem. Firewall is the main technology to solve information leakage, but end-to-end cryptograph tunnel communication can through firewall information filtering detection. In order to prevent the information leakage, it is common to add the block rules in firewall. There is short of a simple and effective verification method for the correctness of firewall blocking rules. We raise a method to verify firewall rules based on dual-protocol. With 64 tunnel technology, virtual an external node, analog communication scene between inside and outside, to verify the effectiveness of firewall rules. The experiments shows that this method is simple to deploy, and can verify rules effectively.
목차
1. Introduction
2. Attack for Internal Information Leakage
3. Validation Algorithm
4. Experimental Design and Analysis
4.1 6to4 tunneling and 6to4 tunneling IPsec communications
4.2 IPv6 communicate with 6to4 under IPsec tunneling
5. Conclusions
References