摘要： 针对大规模网络环境下的安全特点，提出了一种基于域的网络安全策略模型，通过应用域和规范安全策略语言，研究了策略的存储、查找、冲突检测与消解、发布实施过程中的技术和原则。应用该模型后的系统成为一种具有自动化策略管理特点的安全系统。

关键词: 安全策略, 域, 策略冲突, 实体

Abstract: Aiming at the security characters of large-scale network environment, a network security policy model based on domain is proposed. By applying domain and the security policy language criterion, the techniques and principles of policies’ store, finding, implementation, conflicts detection and resolution are studied. The system which applies this model is a safe one with the peculiarity of auto-managing policy.

Key words: Security policy, Domain, Policy conflict, Entity

中图分类号: 

• TP393.08