KS X ISO IEC 18028-4-2006 Information technology－Security techniques－IT Network Security－Part 4：Securely Remote Access《信息技术 安全技术 IT网络安全 第4部分 远程访问安全》.pdf

1、KSKSKSKS SKSKSKS KSKSKS SKSKS KSKS SKS KS 2006 12 26 http:/www.kats.go.krKS X ISO/IEC 18028 4 4 ： KS X ISO/IEC 18028 4： 2006 (2011 ) X ISO/IEC 18028 4： 2006 : ( ) ( ) : (http:/www.standard.go.kr) ： ：2006 12 26 ：2011 12 29 2011-0660 ： ： ( 02-509-72635) (http:/www.kats.go.kr). 10 5 , . X ISO/IEC 18028

2、 4： 2006 i e . KS X ISO/IEC 18028 4： 2006 . A() B() RADIUS C() FTP D() E() F() LAN KS X ISO/IEC 18028 “ ” . 2 ： 3 ： 4 ： . X ISO/IEC 18028 4： 2006 ii i 1 1. 1 2. 1 3. 3 4. 4 5. 5 6. 6 7. 7 8 12 9. 17 A() 18 B() RADIUS 21 C() FTP 23 D() 25 E() 30 F() LAN 36 ICS 35.040 KS X ISO/IEC 4 ： 18028 4： 2006(20

3、11 ) Information technology Security techniques IT Network Security Part 4： Securely Remote Access 2005 1 ISO/IEC 18028 4 Information technology Security techniques IT Network Security Part 4： Securely Remote Access . ISO IEC . ISO IEC , . ISO IEC . , ISO IEC . . ISO/IEC JTC 1/SC 27 Standing Documen

4、t 8(SD 8) “ ” SD 8 http:/www.ni.din.de/sc27 . . ISO IEC . 1. . 3 . . . 2. . 2.1 AP(Access Point) 2.2 AES(Advanced Encryption Standard) (FIPS) 197 2.3 (Authentication) . , . , X ISO/IEC 18028 4： 2006 2 , . 2.4 (Callback) 2.5 CHAP(ChallengeHandshake Authentication Protocol) RFC 1994 3 2.6 DES(Data Enc

5、ryption Standard) 56 . DES AES ( 3DES, FIPS 46 3). 2.7 DMZ(De-Militarised Zone) , DMZ . 2.8 DoS(Denial of Service) 2.9 DSL(Digital Subscriber Line) 2.10 DHCP(Dynamic Host Control Protocol) IP 2.11 ESP(Encapsulating Security payload) IP , ESP IP . ESP (RFC 2406). 2.12 EAP(Extensible Authentication Pr

6、otocol) RADIUS RFC 2284 IETF 2.13 FTP(File Transfer Protocol) (RFC 959) 2.14 IETF(Internet Engineering Task Force) 2.15 IMAP4(Internet Message Access Protocol v4) 2.16 LAN(Local Area Network) 2.17 (Modem) 2.18 MIME(Multipurpose Internet Mail Extension) ; RFC 2045 2049 . 2.19 NAS(Network Access Serve

7、r) IT 2.20 OTP(OneTime Password) 2.21 (Passive Mode) FTP 2.22 PAP(Password Authentication Protocol) PPP 2.23 PDA(Personal Digital Assistant) 2.24 PPP(Point to Point Protocol) (RFC 1334) 2.25 POP3(Post Office Protocol v3) RFC 1939 2.26 PGP(Pretty Good Privacy) PGP , . , PGP . 2.27 PBX(Private Branch

8、Exchange) X ISO/IEC 18028 4： 2006 3 2.28 RADIUS(Remote Access Dial in User Service) (RFC 2138 2139) 2.29 RAS(Remote Access Service) 2.30 (Remote Access) 2.31 RFC(Request For Comment) IETF 2.32 SSH(Secure Shell) , IETF . 2.33 SSL(Secure Sockets Layer) (WWW) WWW . (Netscape Communications) , . SSL (FT

9、P) TPC/IP , S HTTP , , , 2.34 S/MIME(Secure Multipurpose Internet Mail Extension) . S/MIME MIME(Multi purpose Internet Mail Extensions) 2.35 SLIP(Serial Line Internet Protocol) RFC 1055 2.36 SSID(Service Set Identifier) 2.37 SMTP(Simple Mail Transfer Protocol) TCP/IP , 2.38 TLS(Transport Layer Secur

10、ity Protocol) SSL 2.39 URL(Uniform Resource Locator) 2.40 UPS(Uninterruptible Power Supply) 2.41 UDP(User Datagram Protocol) 2.42 VPN(Virtual Private Network) . , . VPN , , . 2.43 WPA(WiFi Protected Access) ; , WPA WEP . 2.44 WEP(Wired Equivalent Privacy) 128 , IEEE 802.11 2.45 Wireless Fidelity(WiF

11、i) 2.46 WLAN(Wireless LAN) , 2.4 GHz 11 Mbps 54 Mbps IEEE 802.11b 802.11g . 3. IT . X ISO/IEC 18028 4： 2006 4 . . 4. LAN . RAS(Remote Access Service) . RAS . RAS . ( , .) ( , .) LAN ( , LAN .) ( , ) RAS : . . DSL ( ) . , . . 1 RAS . 1. RAS RAS ( RAS ) 2. RAS RAS , RAS . . 3. RAS ( , RAS ), RAS . ( )

12、 X ISO/IEC 18028 4： 2006 5 RAS / . , RAS RAS RAS . RAS . RAS . ( ： , PDA, ) . , . ( ) . 5. RAS . . RAS RAS RAS ( ) RAS , , . RAS . RAS . . ( ： , ). . . , . , ( , ). , RAS . ( , , ) RAS . , RAS . , RAS . , RAS . RAS . RAS . , . RAS / RAS RAS / X ISO/IEC 18028 4： 2006 6 . RAS ( ： PC) ( ： ) . , LAN . . RAS LAN . LAN . RAS LAN RAS LAN . 6. LAN . (Internet Service Provider： ISP) LAN (non dial up) 2 . 2 LAN ISP . 1 LAN . RAS Access Point( AP) . ( ). , , . 2 LAN AP “WLAN hot spot” . LAN AP ISP . ISP . / . . , LAN . . , . ( ) . LAN ISP . , . X ISO/IEC 18028 4： 2006 7 2 7. 7.1 (Need to know) . ,