本文選題：安全管理平臺(tái)　切入點(diǎn)：業(yè)務(wù)流程　出處：《北京郵電大學(xué)》2014年碩士論文　論文類型：學(xué)位論文

【摘要】：如今,網(wǎng)絡(luò)信息化水平的要求逐漸提高,許多單位和組織對(duì)企業(yè)信息和業(yè)務(wù)的安全性更加重視,開始逐漸的部署了許多大型的安全管理設(shè)備,例如防火墻、IDS、網(wǎng)關(guān)等設(shè)備,但是這些設(shè)備的獨(dú)立運(yùn)行存在許多的安全隱患以及管理缺陷,所以國內(nèi)外都逐漸提出了SOC(安全管理平臺(tái))的概念。安全管理平臺(tái)主要是將現(xiàn)有的安全設(shè)備集合到一起,實(shí)現(xiàn)各個(gè)設(shè)備之間協(xié)調(diào)工作,信息共享。但是傳統(tǒng)的安全管理平臺(tái)僅僅注重資產(chǎn)安全,沒有和實(shí)際環(huán)境的企業(yè)業(yè)務(wù)和業(yè)務(wù)監(jiān)控的重要性相結(jié)合,使得傳統(tǒng)的安管平臺(tái)有著許多的不足。 本文針對(duì)現(xiàn)有安全管理平臺(tái)的缺陷,在現(xiàn)有安全管理平臺(tái)項(xiàng)目實(shí)施的基礎(chǔ)上,著重從業(yè)務(wù)視角出發(fā)提出了一種面向核心業(yè)務(wù)監(jiān)控的安全管理平臺(tái)的方案。旨在從業(yè)務(wù)監(jiān)控的角度,集中對(duì)設(shè)備安全事件進(jìn)行監(jiān)控分析,對(duì)業(yè)務(wù)運(yùn)轉(zhuǎn)流程集中處理,將以監(jiān)控為手段,結(jié)合業(yè)務(wù)流程,通過平臺(tái)監(jiān)控和終端監(jiān)控等多方面業(yè)務(wù)監(jiān)控,以及預(yù)警,報(bào)警,監(jiān)控響應(yīng)等措施來達(dá)到實(shí)時(shí)關(guān)注整個(gè)平臺(tái)的運(yùn)行狀況,保障業(yè)務(wù)的正常運(yùn)行。平臺(tái)監(jiān)控從自動(dòng)報(bào)警和人工響應(yīng)處理兩個(gè)方面監(jiān)控,通過設(shè)定預(yù)警等級(jí),系統(tǒng)將根據(jù)安全事件等級(jí)做出預(yù)警和告警響應(yīng),從數(shù)據(jù)采集層集中收集和統(tǒng)計(jì)事件信息,通過關(guān)聯(lián)分析處理對(duì)事件進(jìn)行歸并處理,分析事件屬性信息,自動(dòng)分析和響應(yīng)。同時(shí),將管理員分成不同的角色,人工參與事件的分析處理,根據(jù)統(tǒng)計(jì)結(jié)果和趨勢(shì)圖、態(tài)勢(shì)圖等圖形信息統(tǒng)計(jì)分析,發(fā)現(xiàn)安全隱患和及時(shí)定位,兩者共同結(jié)合達(dá)到實(shí)時(shí)業(yè)務(wù)監(jiān)控的目的。 最終文章提出了相應(yīng)問題的解決方案,通過不同環(huán)境對(duì)設(shè)計(jì)方法進(jìn)行實(shí)現(xiàn)和驗(yàn)證,完成設(shè)計(jì)方案的預(yù)期效果,并指出了面向核心業(yè)務(wù)監(jiān)控的安全管理平臺(tái)的發(fā)展趨勢(shì)。
[Abstract]:Nowadays, the requirement of network information level is gradually raised, many units and organizations pay more attention to the security of enterprise information and business, and begin to gradually deploy many large-scale security management equipment, such as firewall, IDS, gateway and so on. However, there are many safety risks and management defects in the independent operation of these devices, so the concept of SOC (Security Management platform) has been gradually put forward at home and abroad. The main purpose of the security management platform is to assemble the existing security devices together. The traditional security management platform only pays attention to the security of assets, and does not combine with the importance of business and business monitoring in the actual environment. Make the traditional safety management platform has a lot of shortcomings. This paper aims at the defects of the existing security management platform, and based on the implementation of the existing security management platform project, This paper puts forward a scheme of security management platform oriented to core business monitoring from the point of view of business, aiming at centralized monitoring and analysis of equipment security events and centralized handling of business operation flow from the point of view of business monitoring. By means of monitoring and control, combining business processes, the platform monitoring and terminal monitoring and other business monitoring, as well as early warning, alarm, monitoring response and other measures to achieve real-time attention to the operation of the entire platform. To ensure the normal operation of the business. Platform monitoring from the automatic alarm and manual response processing two aspects of monitoring, by setting an early warning level, the system will be based on the level of security incidents early warning and alarm response, The event information is collected and counted from the data collection layer, the event is merged and processed by association analysis, the attribute information of the event is analyzed, the automatic analysis and response are made. At the same time, the administrator is divided into different roles. Artificial participation in the analysis and processing of events, according to the statistical results and trend map, situation map and other graphic information statistical analysis, find security risks and timely positioning, the two combined to achieve the purpose of real-time business monitoring. Finally, the paper puts forward the solution of the corresponding problems, realizes and verifies the design method through different environments, and completes the expected effect of the design scheme, and points out the development trend of the security management platform oriented to the core business monitoring.
【學(xué)位授予單位】：北京郵電大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2014
【分類號(hào)】：TP393.08

【參考文獻(xiàn)】

相關(guān)期刊論文 前10條

1 李偉偉;曹寶香;;基于云計(jì)算的安全管理平臺(tái)技術(shù)研究[J];電子技術(shù);2011年12期

2 郭紅;王勇;吳亞非;;安全管理平臺(tái)(SOC)在國家電子政務(wù)外網(wǎng)中的應(yīng)用[J];電子政務(wù);2008年08期

3 蔡陸濱;;分布式多層架構(gòu)安全管理平臺(tái)的設(shè)計(jì)[J];廣東通信技術(shù);2009年12期

4 韋勇;連一峰;馮登國;;基于信息融合的網(wǎng)絡(luò)安全態(tài)勢(shì)評(píng)估模型[J];計(jì)算機(jī)研究與發(fā)展;2009年03期

5 李斌;謝豐;陳鐘;;一種面向業(yè)務(wù)的風(fēng)險(xiǎn)評(píng)估模型[J];計(jì)算機(jī)研究與發(fā)展;2011年09期

6 陳科,李之棠;網(wǎng)絡(luò)入侵檢測(cè)系統(tǒng)和防火墻集成的框架模型[J];計(jì)算機(jī)工程與科學(xué);2001年02期

7 汪林林;張春;劉歆;劉川;;SOA全生命周期建模方法綜述[J];計(jì)算機(jī)應(yīng)用研究;2011年01期

8 羅萬伯;羅霄嵐;陳煒;李征;魏雁平;;多域環(huán)境的安全策略管理框架研究[J];四川大學(xué)學(xué)報(bào)(工程科學(xué)版);2006年02期

9 韋潛;夏清國;;基于安全管理中心的關(guān)聯(lián)引擎技術(shù)的研究[J];計(jì)算機(jī)工程與設(shè)計(jì);2007年13期

10 王勇;李丹;郭紅;;基于風(fēng)險(xiǎn)評(píng)估的涉密網(wǎng)絡(luò)安全體系研究探討[J];信息安全與通信保密;2008年11期

，

本文編號(hào)：1581571