中文摘要：

随着网络技术的发展,广泛互联互通的异构网络间的信息交互越来越频繁。为有效保障信息跨网安全实时交换,提出了一种抗隐蔽通道的网络隔离通信方案（NICS,network isolation communication scheme）。建立了NICS理论模型,基于信息论理论证明了该方案的正确性,并给出了具体的实施方案。安全特性分析表明,NICS可有效解决不同网络的通信协议均存在潜在的数据分组大小隐蔽通道与状态信息隐蔽通道的问题;在交互相同信息量的前提下,可实现与物理隔离等价的抗隐蔽通道的安全效果。

英文摘要：

With the rapid development of network technologies, real-time information exchanging between heterogeneous networks becomes more frequently. To effectively guarantee the secure and real-time information exchanging crossing different networks, a network isolation communication scheme （NICS） is proposed to resist against covert channel. A newly theoretical model of NICS is designed and proved based on the information theory, and followed with a specific solution. Security analysis indicates that the NICS is able to effectively solve problems of the potential packet lengths＇ covert channel （PLCC） and the status covert channel （SCC） in most of the existing work; and, given similar amount of information for exchanging, the NICS can achieve equivalent security degree with the physical isolation in terms of re- sisting against the covert channel.