Abstract: This is the third article in a series of articles on active safety network architecture, which introduces the protocol family of active safety network architecture. On the basis of traditional TCP/IP, the active security network architecture supplements a family of security-related protocols to achieve related network security capabilities. The IPK key platform, authentication client, border authentication machine and management control server of the active secure network architecture cooperate with each other to achieve the overall safe and stable operation of the architecture. During the operation of the architecture, security services such as terminal authentication, border authentication machine registration and authentication, terminal authentication information reporting, terminal security policy issuance, third-party platform information reporting and policy interaction are respectively supported by the access authentication protocol, management control protocol, business interaction protocol, open integration protocol and trust interconnection protocol. The national secret technology is widely used in the supporting protocol of the active security architecture, which enhances the security strength and ensures the security of business operations.

Key words: Access Authentication, Management Control, Business Interaction, Open Integration, Trust Interconnection

摘要： 这是主动安全网络架构系列文章的第三篇，介绍了主动安全网络架构的协议族。在传统TCP/IP基础上，主动安全网络架构补充了和安全相关的一族协议，以此实现相关的网络安全能力。主动安全网络架构的IPK密钥平台、认证客户端、边界认证机、管理控制服务器相互配合，实现架构的整体安全稳定运行。架构运行过程中的终端认证、边界认证机注册认证、终端认证信息上报、终端安全策略下发、第三方平台信息上报和策略交互等安全业务分别由接入认证协议、管理控制协议、业务交互协议、开放集成协议和信任互联协议支撑。主动安全架构的支撑协议中普遍应用了国密技术，增强了安全强度，确保了业务运行的安全性。

关键词: 接入认证, 管理控制, 业务交互, 开放集成, 信任互联