Abstract: Aimed at the security problem in network information exchange,combining Virtual Private Network(VPN) and mobile Agent technologies,a new VPN security architecture named VPNAgent System was presented which works at a virtual private network.The system has a mobile Agent named VPNClientAgent which is an analogy to the cumtoms Agent in real life.It works at the client,inspects the packets, signs the legal ones and guards them to the firewall.There is a static Agent named StaticAgent.The StaticAgent inspects the signature of the packets and the packets with valid signature can go through the firewall without decryption to improve the security of the packets.

Key words: VPN(Virtual Private Network), mobile Agent, firewall, encryption, signature

摘要： 针对现在网络信息交换中的安全问题,结合虚拟专用网(VPN)和移动代理这两大技术,提出了一种新的VPN安全体系结构———VPNAgent系统,系统中有一个移动代理VPNClientAgent,作为服务器端防火墙的一个代表作用在客户端,检测数据包并对合法的数据包签名,并护送数据包到防火墙处。防火墙上嵌有一个静态代理StaticAgent,由StaticAgent检测数据包的签名,签名有效的数据包不用解密即可通过防火墙,从而达到提高安全性的目的。

关键词: 虚拟专用网, 移动代理, 防火墙, 加密, 签名