English  |  正體中文  |  简体中文  |  Items with full text/Total items : 65317/65317 (100%)
Visitors : 21354008      Online Users : 710
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: http://ir.lib.ncu.edu.tw/handle/987654321/8589


    Title: 一個增進SIP在防火牆環境中應用的協同模組;A Coordinate Module to Enhance SIP Using in Firewall Environment
    Authors: 張永佳;Yung-Chia Chang
    Contributors: 資訊工程研究所
    Keywords: 傳統式的防火牆;協同模組;背端對背端之媒體代理人;中繼盒的通訊;應用層閘道;轉址器;防火牆;SIP;處理SIP的防火牆;B2BUAWM;MIDCOM;ALG;NAT;firewall;SIP
    Date: 2002-10-08
    Issue Date: 2009-09-22 11:31:15 (UTC+8)
    Publisher: 國立中央大學圖書館
    Abstract: 應用層的訊號通訊協定,例如 SIP (Session Initiation Protocol),常常遭到防火牆及轉址器的阻擋。想辦法讓SIP封包穿透防火牆已經變為一個很熱門的話題,而且有許多解決方法被發展出來。應用層閘道(ALG)、中繼盒的通訊(MIDCOM)及背端對背端之媒體代理人(B2BUAWM)是幾個最可行的方法之一,然而,這些方法也導致了另外一些問題,像是使得防火牆不能獨立運作,效能下降,或是安全機制不完善。為了解決這些問題並且增進SIP在防火牆環境的應用,我們嘗試去設計一套協同模組。在這套協同模組中,我們讓一台傳統式的防火牆與一台能處理SIP的防火牆互相合作,經由設定傳統式防火牆的轉送規則,我們能把通訊量分散到兩台防火牆並使它們獨立運作,能處理SIP封包的防火牆可用於紀錄與標記封包供記帳與專用路徑的選擇。此外,配合像是登入這種身分認證機制可使防火牆與通道的安全性更加完備。最後,我們實做出我們的基本協同模組並且展示它是如何運作的。 Application layer signaling protocols such as SIP (Session Initiation Protocol) are usually broken, en-route by firewalls and NATs. Getting SIP packets through firewalls is a popular topic and there are a large amount of solutions developed to solve it. The ALG (Application Layer Gateway), MIDCOM (Middlebox Communication) and B2BUAWM (Back to Back User Agent with Media) are the most workable solutions for it, however, those solutions results some more problems that make the firewall be not independent, performance decrease or the security mechanism not complete. To solve those problems and to enhance the SIP to be used in the firewall environment, we try to design a coordinate module. In our coordinate module approach, a traditional firewall is cooperated with a SIP aware firewall. By setup the forwarding rules of traditional firewall, we can separate the traffic into two firewalls that makes both firewall work independently. In addition, we perform an authentication mechanism such as a login scheme to complete the security. Finally, we implement our coordinate module and show how it works.
    Appears in Collections:[資訊工程研究所] 博碩士論文

    Files in This Item:

    File SizeFormat
    0KbUnknown517View/Open


    All items in NCUIR are protected by copyright, with all rights reserved.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback  - 隱私權政策聲明