网络安全问题的严峻性和安全需求的普遍化,要求人们有必要在IP网络中提供基础安全控制。基于面向网络基础设施的安全模型,通过分析网络层的安全威胁,设计了IP网络访问控制机制。该机制由密钥协商和报文检测协议组成,实现通信双方的双向身份验证,保证传输过程中报文的真实性和完整性。在比较各类形式化技术的基础上,采用抽象协议表示法对相关协议进行了形式化描述和验证。该访问控制机制提供网络主机间的访问控制,解决了其他在网络边缘实施的访问控制机制无法解决的网络内部安全问题。该机制适合在较小的网络范围内实施,如局域网等,适合于更大网络范围的机制正在研究中。目前已经在Linux平台上实现了该机制,并简单分析其性能。 The seriousness of network security issues and the generalization of security requirements require people to provide basic security control over IP networks. Based on the security model facing the network infrastructure, the IP network access control mechanism is designed by analyzing the security threats at the network layer. The mechanism consists of key agreement and message detection protocol to achieve two-way identity authentication of both parties to ensure the authenticity and integrity of messages during transmission. Based on the comparison of all kinds of formalization techniques, the abstract protocol representation was used to formally describe and verify the relevant protocols. The access control mechanism provides access control between network hosts and solves other network internal security problems that can not be solved by other access control mechanisms implemented at the edge of the network. This mechanism is suitable for implementation in smaller networks, such as LANs, and a mechanism suitable for a larger network range is under study. This mechanism has been implemented on the Linux platform and its performance is briefly analyzed.