The invention discloses a rapid fine-grained multi-domain network
interconnection security control method, and belongs to the field of network space security. The method comprises: firstly,
security policy language grammar specifications are established, each
security policy is converted into
a normal form script, a corresponding grammar parser is achieved, and the scripts without errors are stored; designing each strategy in a white
list into a tree for scripts in which domains and
semantics of services exist in the network, and merging the trees; designing each strategy in the
blacklist intoa tree, and merging the trees into a white
list; and designing each strategy in the range default action into a tree, and merging the tree with the black and white
list merging tree to obtain a security strategy tree; and finally, converting the script describing inter-domain service communication into a seven-tuple
security rule describing fine
granularity, distributing / transmitting the seven-tuple
security rule to a security Internet gateway at a high speed, and updating security control information of an
execution unit according to the
security rule. The method has the advantages of simplicity, convenience, flexibility and higher efficiency.