摘要： 为提高移动信息化接入的安全级别，保障组织内部业务的安全运作，在传统网络安全架构的基础上，使用第二层隧道协议和混合加密技术构建一个安全接入平台。根据平台的功能及其安全性，将移动信息化区域分为5类，并为每一类区域制定安全策略，使原本限制在内网中的业务系统可以安全地在移动终端上使用。实际应用结果表明，该平台可以保证用户身份的匿名性、数据机密性、数据完整性、数据新鲜性及不可抵赖性。

关键词: 移动安全接入平台, 移动信息化风险, 安全策略, 第二层隧道协议, 认证, 混合加密

Abstract: In order to enhance secure level of mobile informatization access and protect business of organization running securely, based on traditional network security architecture, this paper uses Layer 2 Tunneling Protocol(L2TP) and mixed encryption technology to construct a security access platform. According the functionality and security feature of the platform, the platform is classified to 5 parts. For each area, the different security policy is deployed, so that Internal business application with high security can be safely used on the mobile devices. Application result shows that the platform guarantees anonymity of user identification, confidentiality and integrity, availability and non-repudiation of data.

Key words: mobile security access platform, mobile informatization risk, security policy, Layer 2 Tunneling Protocol(L2TP), authentication, mixed encryption

中图分类号: 

• TP393