1、I 摘摘 要要 本文首先从 NGN 的定义、特点、网络架构、系统工作流程等几个方面做简单 介绍。然后以互联网和传统电信网的安全需求为研究基础,对 NGN 的安全需求进 行分析研究, 指出 NGN 的安全需求是在互联网和传统电信网的安全需求基础上的 进一步提升;通过 NGN 的可靠性与生存性、服务可控性、可用性、信息传递安全 等方面来具体分析了 NGN 的安全问题。 通过介绍传统网络的安全解决方案和这些 传统解决方案在应对 NGN 的安全问题中所呈现出的局限性。 针对 NGN 中出现的安 全威胁,提出相对比较完整的 NGN 安全体系框架,并且提出了一些特别的防御措 施、合法监听的原理和可行性、入
2、侵检测的基本原理,主要包括面对的威胁、分 类检测的方法及其关键技术。 本文运用比较全面的视角审视了 NGN 的安全问题。 其中 NGN 安全体系是本文 的创新点。该安全体系在充分考虑了 NGN 安全需求的前提下,提炼出传统网络的 安全解决方案中的精髓,弥补 NGN 安全上存在的漏洞,解决 NGN 可能面临的安全 威胁。本文同时提出了 NGN 安全防御的实现思路,重点提出了合法监听在 NGN 的安全解决方案中的重要性,阐述了合法监听的基本原理、可行性以及所面临的 困难,为以后更深入的研究奠定了基础。 关键词关键词: NGN,安全需求,安全威胁,安全体系,防火墙,加密,入侵检测,入 侵防护,反病毒
3、,合法监听 II Abstract First of all, this paper simply introduced the next generation network (NGN), such as the definition, characteristics, network frames and so on. Then, this thesis try to analyze and research the safety issues which NGN may face and the solve plans comprehensively. It includes follo
4、wing aspects: NGN safe requests, safety challenge that NGN may face, solving plans of NGN safety based on the traditional plans, NGN safety system, NGN defend measures, NGNs legal monitor and so on.The security requirement and weakness are studied deeply based on that of Internet and PSTN network. I
5、t has been figured out that the security requirement of NGN is the combo of that of Internet and PSTN network. Through analyzing the reliability, existence, service controllability and so on, security problem of NGN has been a task deserving research.This paper has considered the security requiremen
6、t to abstract the kernel of the security resolve scheme in the traditional network; make up the leak in NGN security; resolve the potential security problem. But, the traditional security solution is not enough to resolve all the NGN security problems. This paper set up a new security system for NGN to meet such special requirement, which is based on a mount of studies on security threats faced by NGN. At the same time, it is mentioned that some special recovery measure and it has been put for
