摘要： 从体系结构角度，提出一种新的局域网安全解决方案。该方案采用透明计算机进行集中统一存储，用星型结构作为局域网的拓扑结构，并且在网络中心节点引入监控器。监控器拥有局域网的主动控制权，对各个网络部件之间的通信过程实施强制访问控制，以实现对终端与终端之间及终端与外网之间的通信数据的过滤和动态物理隔离。

关键词: 局域网安全, 透明计算, 可信计算机系统, 计算机网络

Abstract: This paper proposes a new solution to the security of LAN in perspective of architecture. There are two characteristics in this solution: consolidating discrete storage devices in the LAN by means of transparence computing technology, the LAN has a star topology with a central monitor, which can proactively regulate the network traffic. With mandatory access control over the communication among the entities in the network, the monitor can filter the traffic and dynamically isolate the physical connections among host computers, and between host computers and outside network.

Key words: local area network security, transparence computing, trusted computer system, computer network

中图分类号: 

• TP309