本文選題：等級(jí)保護(hù) + 網(wǎng)絡(luò)安全�。� 參考：《東華大學(xué)》2014年碩士論文

【摘要】：隨著我國(guó)社會(huì)網(wǎng)絡(luò)化進(jìn)程的全面加快,國(guó)民經(jīng)濟(jì)和社會(huì)發(fā)展對(duì)基礎(chǔ)信息網(wǎng)絡(luò)和重要信息系統(tǒng)的依賴性越來(lái)越大,因此網(wǎng)絡(luò)安全保障越來(lái)越受到業(yè)內(nèi)人士的關(guān)注,信息安全等級(jí)保護(hù)作為國(guó)家信息安全基本制度,對(duì)保障政府部門和企事業(yè)的基礎(chǔ)信息系統(tǒng)安全有著非常重要的作用。信息安全等級(jí)保護(hù)制度是國(guó)家信息安全保障工作的重要內(nèi)容,也是一項(xiàng)事關(guān)國(guó)家安全、社會(huì)穩(wěn)定的政治任務(wù)。然而,信息安全等級(jí)保護(hù)在國(guó)內(nèi)才剛剛推廣,缺乏具有可操作性的量化模型算法和支撐軟件,因而,等級(jí)保護(hù)工作是當(dāng)前信息網(wǎng)絡(luò)安全工作的客觀需要和緊迫需求。 本文首先綜合分析了國(guó)內(nèi)外網(wǎng)絡(luò)安全現(xiàn)狀,研究了我國(guó)目前實(shí)施的等級(jí)保護(hù)制度,重點(diǎn)是等級(jí)保護(hù)制度網(wǎng)絡(luò)安全的基本要求,通過(guò)對(duì)等級(jí)保護(hù)相關(guān)的規(guī)范與要求進(jìn)行研究,根據(jù)信息系統(tǒng)安全等級(jí)保護(hù)定級(jí)的相關(guān)要求和該銀行核心網(wǎng)絡(luò)系統(tǒng)的網(wǎng)絡(luò)結(jié)構(gòu)、系統(tǒng)組成、服務(wù)模式等基本情況,為其確定合適的安全保護(hù)等級(jí)。 進(jìn)而,按照等級(jí)保護(hù)制度第三級(jí)要求對(duì)該網(wǎng)絡(luò)系統(tǒng)進(jìn)行安全風(fēng)險(xiǎn)和防護(hù)需求分析,根據(jù)其不同的業(yè)務(wù)功能和網(wǎng)絡(luò)位置,將核心網(wǎng)絡(luò)系統(tǒng)合理劃分為若干個(gè)安全區(qū)域。針對(duì)各安全區(qū)域的不同的安全需求和等級(jí)保護(hù)防護(hù)要求,以“分區(qū)域、分層次、縱深防護(hù)”為設(shè)計(jì)理念,對(duì)不同的安全區(qū)域進(jìn)行個(gè)性化的安全防護(hù)設(shè)計(jì)。 最后基于一定的思想和策略指導(dǎo),通過(guò)在各安全區(qū)域邊界和安全區(qū)域內(nèi)部應(yīng)用不同安全防護(hù)技術(shù)和安全防護(hù)策略,設(shè)計(jì)出一個(gè)包括框架結(jié)構(gòu)、安全策略、系統(tǒng)部署等內(nèi)容的具有一定通用性和實(shí)用性的安全防護(hù)體系。同時(shí)介紹了整體的網(wǎng)絡(luò)結(jié)構(gòu)模型,并對(duì)其中使用的相應(yīng)技術(shù)及產(chǎn)品進(jìn)行了詳細(xì)分析和介紹,從整個(gè)系統(tǒng)的角度出發(fā)去考慮系統(tǒng)整體的安全問(wèn)題,具有系統(tǒng)性和實(shí)用性,希望有類似安全需求的銀行可作為解決方案設(shè)計(jì)的參考模型。
[Abstract]:With the overall acceleration of the social networking process in China, the national economy and social development depend more and more on the basic information network and important information system, so the network security has attracted more and more attention from the industry.As the basic system of national information security, information security grade protection plays a very important role in ensuring the security of basic information system of government departments and enterprises.The information security level protection system is the important content of the national information security guarantee work, also is a political task which relates to the national security and the social stability.However, the information security level protection has just been popularized in our country, and it lacks the feasible quantization model algorithm and supporting software. Therefore, the level protection work is the objective and urgent need of the current information network security work.In this paper, the current situation of network security at home and abroad is analyzed, and the current level protection system in China is studied. The emphasis is on the basic requirements of network security of grade protection system, and the related norms and requirements of grade protection are studied.According to the requirements of information system security grading and the network structure, system composition and service mode of the core network system of the bank, the appropriate level of security protection is determined for the information system.Furthermore, according to the requirements of the third level protection system, the security risk and protection requirements of the network system are analyzed. According to its different business functions and network location, the core network system is divided into several security areas.According to the different security requirements and protection requirements of different security areas, the design concept of "sub-area, hierarchical and deep protection" is taken as the design concept, and individualized safety protection design for different security areas is carried out.Finally, based on a certain thought and policy guidance, through the application of different security protection technology and security strategy in each security area boundary and inside the security zone, a framework structure and security strategy are designed.System deployment and other content with a certain general and practical security protection system.At the same time, the overall network structure model is introduced, and the corresponding technologies and products used therein are analyzed and introduced in detail. From the point of view of the whole system, the security problems of the whole system are considered, which is systematic and practical.Banks with similar security requirements are expected to serve as reference models for solution design.
【學(xué)位授予單位】：東華大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2014
【分類號(hào)】：TP393.08

【參考文獻(xiàn)】

相關(guān)期刊論文 前8條

1 張蓓;馮梅;靖小偉;劉明新;;基于安全域的企業(yè)網(wǎng)絡(luò)安全防護(hù)體系研究[J];計(jì)算機(jī)安全;2010年04期

2 辜碧容;;關(guān)于美國(guó)信息系統(tǒng)等級(jí)保護(hù)和信息產(chǎn)品策略的研究[J];福建電腦;2011年02期

3 金淑娟;保障網(wǎng)絡(luò)安全的技術(shù)手段[J];貴州教育學(xué)院學(xué)報(bào)(自然科學(xué));2004年04期

4 孔靚;賈美娟;李梓;;網(wǎng)絡(luò)安全關(guān)鍵技術(shù)研究[J];信息技術(shù);2012年04期

5 王艷瑋;王閃閃;;BS7799與等級(jí)保護(hù)系列標(biāo)準(zhǔn)對(duì)比研究[J];圖書(shū)館理論與實(shí)踐;2010年04期

6 黃勇;;基于P2DR安全模型的銀行信息安全體系研究與設(shè)計(jì)[J];信息安全與通信保密;2008年06期

7 嚴(yán)霄鳳;高熾揚(yáng);;美國(guó)聯(lián)邦信息安全風(fēng)險(xiǎn)管理框架及其相關(guān)標(biāo)準(zhǔn)研究[J];信息安全與通信保密;2009年02期

8 馬力;畢馬寧;任衛(wèi)紅;;安全保護(hù)模型與等級(jí)保護(hù)安全要求關(guān)系的研究[J];信息網(wǎng)絡(luò)安全;2011年06期

，

本文編號(hào)：1737796