本文選題：新型網(wǎng)絡(luò) + 風(fēng)險評估��； 參考：《北京郵電大學(xué)》2014年碩士論文

【摘要】：基于目前常規(guī)安全風(fēng)險評估流程,都是按照一定的方法把安全檢查流程劃分成為若干個相對獨立的階段,每個階段完成檢查過程中的關(guān)鍵技術(shù),而各個階段又統(tǒng)一于整個檢查流程,本文提出的面向新型網(wǎng)絡(luò)的安全基線風(fēng)險評估系統(tǒng)將基于該思想而設(shè)計,以提高新型網(wǎng)絡(luò)的安全檢查工作的效率,增強檢查結(jié)果的準(zhǔn)確性和客觀性。 面向新型網(wǎng)絡(luò)的安全基線風(fēng)險評估系統(tǒng)是一種自動化的工具,只要檢查的目標(biāo)設(shè)備是可以連接訪問的,并且目標(biāo)設(shè)備開放相關(guān)服務(wù)及端口,使用授權(quán)的用戶口令,通過Telnet和SSH協(xié)議訪問目標(biāo)資產(chǎn),工具就可以對目標(biāo)資產(chǎn)進(jìn)行檢查,檢查時不會在目標(biāo)系統(tǒng)上安裝任何的軟件和進(jìn)程。檢查完之后,將資產(chǎn)存在的風(fēng)險進(jìn)行風(fēng)險計算,以報表的形式向用戶展示,同時給出有效的安全改進(jìn)建議。 由于人工的安全檢查工作需要耗費大量的時間,也比較依賴于檢查者的技術(shù)和經(jīng)驗,而且還有可能由于人為的失誤導(dǎo)致檢查結(jié)果不正確,本論文采用的是B/S的Web架構(gòu)設(shè)計一個自動化的面向新型網(wǎng)絡(luò)的安全基線風(fēng)險評估系統(tǒng),將檢查工作交由平臺執(zhí)行。采用B/S架構(gòu)可以使檢查人員在任何時間和任何地方,只要其能夠登錄到面向新型網(wǎng)絡(luò)的安全基線風(fēng)險評估系統(tǒng),就可以進(jìn)行自動化的檢查操作,而且在檢查的過程中無需安裝任何工具。使用設(shè)計的面向新型網(wǎng)絡(luò)的安全基線風(fēng)險評估系統(tǒng)執(zhí)行檢查,業(yè)務(wù)人員無需再進(jìn)行大量的人工操作,同時也可避免人為的失誤, 本文給出了新型網(wǎng)絡(luò)安全評估策略框架,設(shè)計了一個安全基線模型,從物理環(huán)境安全、網(wǎng)絡(luò)架構(gòu)安全、數(shù)據(jù)安全、網(wǎng)絡(luò)管理制度安全四個方面對新型網(wǎng)絡(luò)進(jìn)行了風(fēng)險評估,給出了系統(tǒng)整體運行流程,核心功能模塊主要有系統(tǒng)管理模塊、資產(chǎn)管理模塊、配置檢查模塊和報表管理模塊等；并且通過新型網(wǎng)絡(luò)評估實例呈現(xiàn)了系統(tǒng)整體運行狀況。
[Abstract]:Based on the current routine security risk assessment process, according to a certain method, the security inspection process is divided into several relatively independent stages, each stage of the completion of the key technology in the inspection process, Each stage is unified in the whole inspection process. The security baseline risk assessment system for the new network will be designed based on this idea in order to improve the efficiency of the security inspection of the new network. Enhance the accuracy and objectivity of inspection results. The security baseline risk assessment system for new networks is an automated tool, provided that the inspected target device is connected to and accessed, and the target device opens related services and ports, using authorized user passwords. By accessing the target asset through the Telnet and SSH protocols, the tool can inspect the target asset without installing any software or process on the target system. After checking, the risk of the assets is calculated and presented to the user in the form of a report form, and the effective security improvement suggestions are given at the same time. Since manual security checks take a lot of time and depend more on the inspectors' skills and experience, and may also be caused by human errors, the results of the inspections are incorrect. In this paper, the Web architecture of B / S is used to design an automated security baseline risk assessment system for a new type of network, and the inspection is carried out by the platform. Using the B / S architecture allows inspectors to automate inspections at any time and anywhere, as long as they can log in to a secure baseline risk assessment system for a new network. And there is no need to install any tools during the inspection. Using a designed security baseline risk assessment system for a new network to perform inspections, business people no longer need to do a lot of manual work, while avoiding human error. This paper presents a new network security evaluation strategy framework, designs a security baseline model, and evaluates the risk of the new network from four aspects: physical environment security, network architecture security, data security, and network management system security. The whole running process of the system is given. The core function modules include system management module, asset management module, configuration check module and report management module, etc.
【學(xué)位授予單位】：北京郵電大學(xué)
【學(xué)位級別】：碩士
【學(xué)位授予年份】：2014
【分類號】：TP393.08

【參考文獻(xiàn)】

相關(guān)期刊論文 前8條

1 王曉峻;來曉陽;;構(gòu)建基于虛擬計算的安全管控平臺[J];電信技術(shù);2010年06期

2 何斌穎;;安全基線之網(wǎng)絡(luò)設(shè)備配置[J];辦公自動化;2012年18期

3 周英;曲海鵬;馮慶云;郭忠文;;信息安全風(fēng)險評估中權(quán)重優(yōu)化方法研究[J];信息安全與通信保密;2008年02期

4 馮登國 ,張陽 ,張玉清;信息安全風(fēng)險評估綜述[J];通信學(xué)報;2004年07期

5 嚴(yán)玉婷;戴明;成瑾;;基于基線理論的信息安全監(jiān)管平臺的設(shè)計[J];信息安全與通信保密;2012年08期

6 劉彤;構(gòu)造復(fù)雜信息系統(tǒng)安全基線的研究[J];中國管理科學(xué);2000年S1期

7 王璇;史美玲;;重視風(fēng)險評估維護(hù)信息系統(tǒng)安全[J];中國國情國力;2009年02期

8 馬文;江翰;彭秋霞;;電力信息安全基線自動化核查[J];云南電力技術(shù);2013年01期

，

本文編號：1810905