{"id":1163,"date":"2021-12-01T11:31:35","date_gmt":"2021-12-01T03:31:35","guid":{"rendered":"https:\/\/choson_steven.lifenet.com.tw\/?p=1163"},"modified":"2023-03-29T11:04:34","modified_gmt":"2023-03-29T03:04:34","slug":"%e5%af%a6%e6%96%bd%e9%9b%b6%e4%bf%a1%e4%bb%bb%e6%9e%b6%e6%a7%8b%e4%bb%a5%e9%98%b2%e6%ad%a2%e6%a9%ab%e5%90%91%e7%a7%bb%e5%8b%95%ef%bc%8cxacml%e6%9c%80%e4%b8%8d%e5%8f%af%e8%83%bd%e9%80%b2%e8%a1%8c","status":"publish","type":"post","link":"https:\/\/choson.lifenet.com.tw\/?p=1163","title":{"rendered":"\u5be6\u65bd\u96f6\u4fe1\u4efb\u67b6\u69cb\u4ee5\u9632\u6b62\u6a6b\u5411\u79fb\u52d5\uff0cXACML\u6700\u4e0d\u53ef\u80fd\u9032\u884c\u8eab\u4efd\u9a57\u8b49"},"content":{"rendered":"\n<p><img decoding=\"async\" src=\"https:\/\/ithelp.ithome.com.tw\/upload\/images\/20211201\/20132160Y2ag06gT1I.jpg\" alt=\"https:\/\/ithelp.ithome.com.tw\/upload\/images\/20211201\/20132160Y2ag06gT1I.jpg\"><br>-\u793a\u4f8b XACML \u5be6\u73fe<br>XACML \u65e8\u5728\u652f\u6301\u6388\u6b0a\uff0c\u800c\u4e0d\u662f\u8eab\u4efd\u9a57\u8b49\u3002<br>XACML \u4ee3\u8868\u201c\u53ef\u64f4\u5c55\u8a2a\u554f\u63a7\u5236\u6a19\u8a18\u8a9e\u8a00\u201d\u3002\u8a72\u6a19\u51c6\u5b9a\u7fa9\u4e86\u4e00\u7a2e\u8072\u660e\u6027\u7d30\u7c92\u5ea6\u3001\u57fa\u65bc\u5c6c\u6027\u7684\u8a2a\u554f\u63a7\u5236\u7b56\u7565\u8a9e\u8a00\u3001\u67b6\u69cb\u548c\u8655\u7406\u6a21\u578b\uff0c\u63cf\u8ff0\u77ad\u5982\u4f55\u6839\u64da\u7b56\u7565\u4e2d\u5b9a\u7fa9\u7684\u898f\u5247\u8a55\u4f30\u8a2a\u554f\u8acb\u6c42\u3002<br>-\u8cc7\u6599\u4f86\u6e90\uff1a<a href=\"https:\/\/en.wikipedia.org\/wiki\/XACML\" target=\"_blank\" rel=\"noreferrer noopener\">\u7dad\u57fa\u767e\u79d1<\/a><\/p>\n\n\n\n<p>\u7e2e\u5beb \u5b78\u671f \u63cf\u8ff0<br>PAP \u653f\u7b56\u7ba1\u7406\u9ede \u7ba1\u7406\u8a2a\u554f\u6388\u6b0a\u7b56\u7565\u7684\u9ede<br>PDP \u653f\u7b56\u6c7a\u7b56\u9ede \u5728\u767c\u5e03\u8a2a\u554f\u6c7a\u5b9a\u4e4b\u524d\u6839\u64da\u6388\u6b0a\u7b56\u7565\u8a55\u4f30\u8a2a\u554f\u8acb\u6c42\u7684\u9ede<br>PEP \u653f\u7b56\u57f7\u884c\u9ede \u6514\u622a\u7528\u6236\u5c0d\u8cc7\u6e90\u7684\u8a2a\u554f\u8acb\u6c42\uff0c\u5411PDP\u767c\u51fa\u6c7a\u7b56\u8acb\u6c42\u4ee5\u7372\u5f97\u8a2a\u554f\u6c7a\u7b56<br>\uff08\u5373\u5c0d\u8cc7\u6e90\u7684\u8a2a\u554f\u88ab\u6279\u51c6\u6216\u62d2\u7d55\uff09\uff0c\u4e26\u6839\u64da\u6536\u5230\u7684\u6c7a\u7b56\u63a1\u53d6\u884c\u52d5\u7684\u9ede<br>PIP \u653f\u7b56\u4fe1\u606f\u9ede \u5145\u7576\u5c6c\u6027\u503c\u4f86\u6e90\u7684\u7cfb\u7d71\u5be6\u9ad4\uff08\u5373\u8cc7\u6e90\u3001\u4e3b\u984c\u3001\u74b0\u5883\uff09<br>PRP \u7b56\u7565\u6aa2\u7d22\u9ede XACML \u8a2a\u554f\u6388\u6b0a\u7b56\u7565\u7684\u5b58\u5132\u9ede\uff0c\u901a\u5e38\u662f\u6578\u64da\u5eab\u6216\u6587\u4ef6\u7cfb\u7d71\u3002<br>-\u8cc7\u6599\u4f86\u6e90\uff1a<a href=\"https:\/\/en.wikipedia.org\/wiki\/XACML\" target=\"_blank\" rel=\"noreferrer noopener\">\u7dad\u57fa\u767e\u79d1<\/a><\/p>\n\n\n\n<p><strong>\u7aef\u53e3\u6572\u9580\u548c\u55ae\u5305\u6388\u6b0a (Port Knocking and Single Packet Authorization<br>:SPA)<\/strong><br>802.1X\u662f\u70ba\u8a8d\u8b49\u800c\u8a2d\u8a08\u7684\uff0c\u7528\u65bc\u7db2\u7d61\u8a2a\u554f\u63a7\u5236\uff0c\u800c\u7aef\u53e3\u6572\u9580\u662f\u50b3\u8f38\u5c64\u7684\u4e00\u7a2e\u8a8d\u8b49\u6a5f\u5236\u3002\u9023\u63a5\u5617\u8a66\u7684\u6b63\u78ba\u9806\u5e8f\u53ef\u4ee5\u88ab\u8996\u70ba\u8eab\u4efd\u9a57\u8b49\u7684\u79d8\u5bc6\u3002\u53ea\u6709\u7576\u7aef\u53e3\u6572\u9580\u5e8f\u5217\u6b63\u78ba\u6642\uff0c\u9632\u706b\u7246\u624d\u6703\u52d5\u614b\u5730\u5141\u8a31\u9023\u63a5\u3002<br>\u5728 \u8a08\u7b97\u6a5f\u806f\u7db2\uff0c \u7aef\u53e3\u78b0\u649e \u662f\u5f9e\u5916\u90e8\u6253\u958b\u65b9\u6cd5 \u7684\u7aef\u53e3 \u4e0a\u7684 \u9632\u706b\u7246 \u901a\u904e\u7522\u751f\u4e00\u7d44\u9810\u5148\u6307\u5b9a\u95dc\u9589\u7684\u7aef\u53e3\u7684\u9023\u63a5\u5617\u8a66\u3002\u4e00\u65e6\u63a5\u6536\u5230\u6b63\u78ba\u7684\u9023\u63a5\u5617\u8a66\u5e8f\u5217\uff0c\u9632\u706b\u7246\u898f\u5247\u5c31\u6703\u52d5\u614b\u4fee\u6539\u4ee5\u5141\u8a31\u767c\u9001\u9023\u63a5\u5617\u8a66\u7684\u4e3b\u6a5f\u901a\u904e\u7279\u5b9a\u7aef\u53e3\u9032\u884c\u9023\u63a5\u3002\u5b58\u5728\u4e00\u7a2e\u7a31\u70ba\u55ae\u5305\u6388\u6b0a (SPA) \u7684\u8b8a\u9ad4 \uff0c\u5176\u4e2d\u53ea\u9700\u8981\u4e00\u6b21\u201c\u6572\u9580\u201d\uff0c\u7531\u52a0\u5bc6 \u5305\u7d44\u6210 \u3002<br>\u8cc7\u6599\u4f86\u6e90\uff1a<a href=\"https:\/\/en.wikipedia.org\/wiki\/Port_knocking\" target=\"_blank\" rel=\"noreferrer noopener\">\u7dad\u57fa\u767e\u79d1<\/a><\/p>\n\n\n\n<p><strong>PKI \u548c 802.1X<\/strong><br>\u516c\u9470\u57fa\u790e\u8a2d\u65bd (PKI) \u548c 802.1X \u901a\u5e38\u7528\u65bc\u5728 VPN\u3001LAN \u6216\u7121\u7dda\u7db2\u7d61\u74b0\u5883\u4e2d\u9032\u884c\u8eab\u4efd\u9a57\u8b49\u3002<br><img decoding=\"async\" src=\"https:\/\/ithelp.ithome.com.tw\/upload\/images\/20211201\/201321607or5cYGhuB.jpg\" alt=\"https:\/\/ithelp.ithome.com.tw\/upload\/images\/20211201\/201321607or5cYGhuB.jpg\"><br>-VPN \u548c EAP<\/p>\n\n\n\n<p><strong>\u53c3\u8003<\/strong><br>.&nbsp;<a href=\"https:\/\/en.wikipedia.org\/wiki\/Port_knocking\" target=\"_blank\" rel=\"noreferrer noopener\">\u6572\u7aef\u53e3<\/a><\/p>\n\n\n\n<p>\u8cc7\u6599\u4f86\u6e90\uff1a&nbsp;<a href=\"https:\/\/wentzwu.com\/2021\/09\/10\/cissp-practice-questions-20210910\/\" target=\"_blank\" rel=\"noreferrer noopener\">Wentz Wu QOTD-20210910<\/a><\/p>\n\n\n\n<p>PS:\u6b64\u6587\u7ae0\u7d93\u904e\u4f5c\u8005\u540c\u610f\u520a\u767b \u4e26\u4e14\u6388\u6b0a\u53ef\u4ee5\u7ffb\u8b6f\u6210\u4e2d\u6587<\/p>\n","protected":false},"excerpt":{"rendered":"<p>-\u793a\u4f8b XACML \u5be6\u73feXACML \u65e8\u5728\u652f\u6301\u6388\u6b0a\uff0c\u800c\u4e0d\u662f\u8eab\u4efd\u9a57\u8b49\u3002XACML \u4ee3\u8868\u201c\u53ef\u64f4\u5c55\u8a2a\u554f\u63a7\u5236\u6a19\u8a18\u8a9e\u8a00\u201d\u3002 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":true,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"class_list":["post-1163","post","type-post","status-publish","format-standard","hentry","category-cisspcertified-information-systems-security-professional"],"_links":{"self":[{"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/1163","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1163"}],"version-history":[{"count":2,"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/1163\/revisions"}],"predecessor-version":[{"id":2754,"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/1163\/revisions\/2754"}],"wp:attachment":[{"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1163"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1163"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1163"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}