| 摘 要: 网络空间安全博弈日益激烈,先进的网络安全技术已成为主动应对安全威胁、及时打破安全攻防不对称局面的关键因素。针对复杂的网络环境和多样的网络应用需求,分析对比了多种虚拟专用网技术,设计了基于点对点传输协议的虚拟专用网方案。方案选用MS CHAP(微软质询握手身份验证协议)来验证客户端身份,采用MPPE(点对点加密算法)对公网地址封装私网地址后的IP数据包进行加密,确保了数据的机密性、完整性和可靠性。最后,利用免费的开源代码在Linux平台进行了验证。实验证明,该方案实现了大数据处理过程中数据从采集、传输、应用到存储和分析的安全保证,部署灵活,应用范围广,为大数据中心与数据源采集点,以及各企事业单位跨地区之间搭建专用网提供了参考。 |
| 关键词: 网络空间安全;大数据;点对点传输协议;虚拟专用网 |
|
中图分类号: TP393.2
文献标识码: A
|
|
| Application of Virtual Private Network based on Point-to-Point Tunneling Protocol in Big Data |
|
LIU Banggui
|
(School of Artificial Intelligence, The Open University of Guangdong, Guangzhou 510091, China)
liubanggui@qq.com
|
| Abstract: With the increasingly fierce security game in cyberspace, advanced network security technology has become a key factor in actively responding to security threats and breaking the asymmetry of security offense and defense in time. Aiming at the complex network environment and diverse network application requirements, this paper proposes to design a virtual private network solution based on point-to-point tunneling protocol by comparing a variety of virtual private network technologies. MS CHAP (Microsoft Challenge Handshake Authentication Protocol) is used to verify clients' identity, and MPPE (Point-to-Point Encryption Algorithm) is used to encrypt the IP data packets after the public network address encapsulates the private network address, so to ensure the confidentiality, integrity and reliability of the data. Finally, free open source code is used to verify the proposed solution on Linux platform. Experiments have proved that the security guarantee is realized from data collection, transmission, application to storage and analysis in the process of big data processing. The solution is flexible in deployment and has a wide range of application, providing a reference for building a private network between the big data center and data source collection points, as well as various cross-regional enterprises and institutions. |
| Keywords: cyberspace security; big data; point-to-point tunneling protocol; virtual private network |
