簡易檢索 / 詳目顯示
| 研究生: |
曾釋賢 Tseng, Shih-Hsien |
|---|---|
| 論文名稱: |
建置新一代網路安全測試平台Testbed@TWISC:整體環境規劃與實現 Construction of the New Generation Network Security Testbed — Testbed@TWISC:Planning and Implementation on Overall Environment |
| 指導教授: |
賴溪松
Laih, Chi-Sung |
| 學位類別: |
碩士 Master |
| 系所名稱: |
電機資訊學院 - 電腦與通信工程研究所 Institute of Computer & Communication Engineering |
| 論文出版年: | 2008 |
| 畢業學年度: | 96 |
| 語文別: | 中文 |
| 論文頁數: | 108 |
| 中文關鍵詞: | Emulab系統軟體 、新一代網路安全測試平台Testbed@TWISC 、PlanetLab 、DETERlab 、環境監控管理系統 |
| 外文關鍵詞: | The New Generation of Network Security Testbed -, Environmental Monitoring and Management System, Emulab system software, PlanetLab |
| 相關次數: | 點閱:116 下載:1 |
| 分享至: |
| 查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報 |
近年來,網路安全問題日益嚴重,因此我們必須建立出專屬的測試平台以支援其相關研究。有鑑於此,國立成功大學資通安全研究與教學中心(TWISC@NCKU)[6]從美國Utah大學引進Emulab系統軟體[50]。在團隊的努力並參考其建置經驗下,我們使用Emulab系統軟體與國產硬體設備,經過「軟體架構分析」、「整體環境規劃」及「硬體與軟體的整合」等過程,最後完成「新一代網路安全測試平台Testbed@TWISC」[5]的建置。
此系統可模擬真實的網路環境,使用者可在全世界各地遠端連線登入Testbed@TWISC系統,並透過系統中的圖形化介面(Web-GUI),真實建立實驗時所需要的主機(Host)與網路拓樸(Network Topology)。當網路環境建立完成後,即可進行實驗。
除了引進此系統外,我們也配合國內硬體廠商自行研發出「環境監控管理系統」[6],並整合進入Testbed@TWISC系統內,此系統可即時監控整體環境與設備狀況,對於往後設備採購及系統分析上亦有很大的幫助。未來除了提供使用者更穩定的網路測試環境外,也希望能朝以下兩點繼續發展:
(1)除繼續擴建其規模外,交通大學與中央研究院目前也正逐步引進Emulab系統技術。我們希望屆時可仿照DETERlab[20],利用IPSec技術[16]串連三個平台的資源,建立大規模且橫跨網際網路的實驗環境。
(2)當Testbed@TWISC系統在發展至一定規模時,我們希望能將部份實驗節點加入PlanetLab計劃中,共同為下一代網際網路發展打拼。
本論文中,以Testbed@TWISC系統的「整體環境規劃與佈署」為研究方向。為了方便未來設備管理及擴充,我們除了要對設備採購與設備擺放環境有精確的評估外,也必須符合機房擺放需求,對於視覺上來說也較為美觀。此外亦整合了「環境監控管理系統」[6],即時監控整體環境與設備狀況。最後的網路環境規劃上,為了符合此系統在網路封包傳輸上面的便利性與安全性,我們將此系統劃分為五個虛擬網段(VLAN)。
此系統建置過程包含「整體環境規劃」與「軟體層面整合」兩大部份,在這些規劃當中,我們真實的建立了Testbed@TWISC。本論文重點著重於「整體環境規劃」的研究,而「軟體層面整合」則是另一位伙伴 — 陳立達的研究方向,其論文題目為「建置新一代網路安全測試平台Testbed@TWISC:軟體層面整合與實現」[34]。
In recent years, the increasingly serious problems of network security occur. It is necessary to establish a dedicated testbed to support its related research. So Taiwan Information Security Center at National Cheng Kung University (TWISC@NCKU)[6] introduced into Emulab system software[50] which developed from University of Utah. In the team's efforts and with reference to their experience of building, we use Emulab system software and locally hardware facility. After process of“Analysis on Software Architecture”,“Planning on Overall Environment”, and“Integration on Hardware and Software”. Finally completed to construct“The New Generation of Network Security Testbed — Testbed@TWISC”[5].
This system can simulate real-world network environment. User can login to the system by remote connection in all of the world. In the use of the above, user can establish host and Network Topology which the experiment needs by Web-GUI interface. Afer finished building the network environment, experiment can be executed right now.
Apart from the introduction of this system, we will cooperate with the hardware vendors to develop“Environmental Monitoring and Management System”[6] and integrate it into Testbed@TWISC. This system can not only monitor the status on overall environment and facilities immediately but also be a great help for the future purchase of facility and systems analysis. In addition to providing users more stable network testing environment in the feature, we want to develop in the following two parts:
(1)In addition to expanding its scale, National Chiao Tung University (NCTU) and Academia Sinica, Republic of China (R.O.C.) are also gradually introducing Emulab system technology. We hope to use IPSec technology[16] to combine three testbeds' resources and building the large-scale experimental network environment which across the Internet just like DETERlab[20].
(2)When Testbed@TWISC system in development to a certain size, we hope that part of the nodes can be added into PlanetLab project. Work together for the next generation Internet development.
In this thesis, we focus on“Planning and Deployment on Overall Environment”. In order to facilitate our future facilities management and expansion, we have to not only accurate assessment at the facilities purchasing and environment where the facilities furnishing, but also satisfy the need for facilities furnishing. This can also be beautiful for the visualization. Besides, in order to monitor the status on overall environment and facilities immediately, we have to integrate“Environmental Monitoring and Management System”[6]. In the final planning for network environment, in order to conform convenience and security for the system in network packet transmission, we divide our system into five Virtual Local Area Network (VLAN).
This system constructs process consists of two parts:“Planning on Overall Environment”and“Integration on Software Aspect”. In this planning, we established Testbed@TWISC. This thesis focus on“Planning on Overall Environment”, and“Integration on Software Aspect”is another one partner — Li-Da Chen of the research direction. The topic of the thesis is“Construction of the New Generation Network Security Testbed — Testbed@TWISC:Integration and Implementation on Software Aspect”[34].
校內:2013-02-13公開校外:2018-02-13公開