公开(公告)号：KR100439177B1

公开(公告)日：2004-07-05

申请号：KR1020020002465

申请日：2002-01-16

Applicant: 한국전자통신연구원

Inventor： 김숙연 ,  김건량 ,  김명은 ,  김기영 ,  장종수 ,  손승원 ,  방효찬

IPC: H04L12/22

CPC classification number: H04L63/0263 ,  H04L63/20

Abstract: A network security policy is represented, stored and edited by using a rule object, a condition object, an action object, and their associations. The condition object is a one-packet-condition object, a repeated-packet-condition object or a linear-packet-condition object. The action object is an alert-action object, a packet-drop-action object, a packet-admission-action object, a session-drop-action object, a session-admission-action object, a session-logging-action object, a traceback-action object or an ICMP-unreachable-message-sending-action object.

Abstract translation: 网络安全策略通过使用规则对象，条件对象，动作对象及其关联来表示，存储和编辑。 条件对象是单数据包条件对象，重复数据包条件对象或线性数据包条件对象。 动作对象是警报动作对象，数据包丢弃动作对象，数据包允许动作对象，会话放置动作对象，会话允许动作对象，会话记录动作对象， 追踪动作对象或ICMP不可达消息发送动作对象。