Multi-Layered Security Framework for Document Access Control
Date Issued
2004
Date
2004
Author(s)
Pan, Chi-Chien
DOI
en-US
Abstract
With the highly advanced network technology, the Intranet of the organization has become more complicated and widely applicable. At the same time, new attack models of the malicious software, such as virus and Trojan horse, have also been developed. The Intranet environment, which used to be considered as safe and reliable in the past, suffers tremendous threats. Those novel viruses and Trojan attacks make use of the tunneling technique to bypass the firewall via standard service ports, such as port 80. On the other hand, the sharing of documents in Intranet is essential for present organization, and its security problem has been a threat to development of the organization. The ways to secure the document access and protect Intranet from attacks have become an important issue. In this dissertation, we focus on the security problem for document access control in Intranet, and propose the S.P.A.C. multi-layered security framework to secure it. Within the framework, some present security mechanisms such as IPSec, and SSL can also be integrated to provide more security. We also consider the flexibility and cost in the design to reduce the potential difficulties of physical deployment in the organization. A compete security framework comprises the proxy server technique for application level access control, the dynamic packet filter personal firewall technique for stopping the illegal network packets, the distributed firewall technique for controlling and protecting the client machines, and the dynamic id/password authentication for integration of document access control.
Subjects
個人防火牆
存取控制
代理伺服器
分散式防火牆
Access Control
Prsonal Frewall
Proxy
Distributed Firewall
Type
thesis