發(fā)布時間：2018-06-18 20:14

  本文選題：電信網(wǎng)絡 + 安全域��； 參考：《內(nèi)蒙古大學》2014年碩士論文

【摘要】：電信運營企業(yè)的生產(chǎn)部門有許多支撐系統(tǒng),這些系統(tǒng)與其他系統(tǒng)組成了一個規(guī)模龐大、系統(tǒng)復雜的計算機網(wǎng)絡。各個網(wǎng)絡相對獨立又互相有連接接口,網(wǎng)絡中的安全機制千差萬別,在網(wǎng)絡調整時可能會影響網(wǎng)絡的可用性,同時網(wǎng)絡的安全性也未做過詳盡的梳理分析,這導致電信運營企業(yè)網(wǎng)絡存在較大的安全隱患。因此,如何確保電信支撐系統(tǒng)的安全可靠是電信安全工作的重中之重。 經(jīng)過對電信企業(yè)安全領域的研究,提出了電信運營企業(yè)網(wǎng)絡分等級保護的安全域劃分方案。這里安全域的劃分并非傳統(tǒng)意義上的物理隔離,而是在認真分析各套支撐系統(tǒng)的安全需求和所面臨的安全威脅的前提下進行的。依此方案進行規(guī)劃建設,可使網(wǎng)絡結構更加合理,并提高網(wǎng)絡的安全性。合理劃分安全域是進一步制定和實施安全保護措施的基礎。 論文的主要研究工作是： 首先,分析電信網(wǎng)絡的安全現(xiàn)狀,并研究目前電信運營企業(yè)支撐系統(tǒng)網(wǎng)絡使用的安全域方案存在的不足以及應注意的問題。 其次,根據(jù)網(wǎng)絡結構化的思想,針對電信網(wǎng)絡結構進行分析,設計電信運營企業(yè)支撐系統(tǒng)網(wǎng)絡安全域劃分方案。 再次,根據(jù)信息安全等級保護中邊界防護方法,針對各安全域之間不同邊界,制訂了相應的邊界安全防護策略,包括安全訪問措施、安全設備部署等。 最后,將提出的安全域劃分方案應用于現(xiàn)網(wǎng)電信網(wǎng)絡,根據(jù)所制定的邊界安全策略,采取相應的安全措施,此劃分方案在電信網(wǎng)絡安全劃分過程中的成功應用,表明該劃分方案在實際應用中具有可行性。 論文的主要創(chuàng)新處在于：根據(jù)電信網(wǎng)絡安全等級保護中邊界防護的方法,依據(jù)安全域劃分原則,提出了電信運營企業(yè)支撐系統(tǒng)網(wǎng)絡安全域劃分方案,并在現(xiàn)網(wǎng)中得到驗證。
[Abstract]:The production departments of telecom operators have many supporting systems, which form a large and complex computer network with other systems. Each network is relatively independent and connected to each other, and the security mechanisms in the network vary widely, which may affect the usability of the network when the network is adjusted. At the same time, the security of the network has not been combed and analyzed in detail. This causes the telecommunication operation enterprise network to have the bigger security hidden danger. Therefore, how to ensure the security and reliability of telecommunication support system is the most important work of telecom security. Based on the research of telecom enterprise security field, the security domain partition scheme of telecom operation enterprise network protection is put forward. The partition of the security domain is not the physical isolation in the traditional sense, but is based on the analysis of the security requirements and the security threats faced by the supporting systems. Planning and construction according to this scheme can make the network structure more reasonable and improve the security of the network. The rational division of the security domain is the basis for the further development and implementation of safety protection measures. The main research work of this paper is as follows: firstly, the security situation of telecommunication network is analyzed, and the shortcomings of the security domain scheme used in the telecommunication operation enterprise supporting system network and the problems that should be paid attention to are studied. Secondly, according to the idea of network structure, this paper analyzes the telecom network structure and designs the network security domain partition scheme of telecom operation enterprise support system. Thirdly, according to the method of boundary protection in the information security level protection, the corresponding border security protection strategies, including security access measures, security equipment deployment and so on, are formulated according to the different boundaries between different security domains. Finally, the proposed security domain partition scheme is applied to the current telecommunication network. According to the border security policy, the corresponding security measures are taken, and the security partition scheme is successfully applied in the telecommunication network security partition process. It is shown that this scheme is feasible in practical application. The main innovation of this paper lies in: according to the method of boundary protection in the security grade protection of telecommunication network, and according to the principle of security domain division, this paper puts forward the scheme of network security domain partition of telecom operation enterprise support system, and it is verified in the present network.
【學位授予單位】：內(nèi)蒙古大學
【學位級別】：碩士
【學位授予年份】：2014
【分類號】：TP393.08

【參考文獻】

相關期刊論文 前10條

1 孫夢夢;劉元安;劉凱明;;物聯(lián)網(wǎng)中的安全問題分析及其安全機制研究[J];保密科學技術;2011年11期

2 林寧;吳志剛;;我國信息安全標準化概況[J];信息技術與標準化;2006年08期

3 景乾元;推進信息系統(tǒng)安全等級保護制度建設保障重要領域的信息系統(tǒng)安全[J];計算機安全;2003年01期

4 管海明,任朝榮;PKI缺陷分析及新一代PKI的要求[J];計算機安全;2004年01期

5 李修金,殷小貢,王夢玲;基于PPC和DSP的嵌入式VPN研究和設計[J];計算機安全;2004年01期

6 廖紅旭;個人電腦BIOS密碼安全缺陷分析[J];計算機安全;2004年01期

7 王書琴;局域網(wǎng)內(nèi)的安全誤區(qū)[J];計算機安全;2005年05期

8 楊磊;郭志博;;信息安全等級保護的等級測評[J];中國人民公安大學學報(自然科學版);2007年01期

9 蔡昱,張玉清,孫鐵,馮登國;安全評估標準綜述[J];計算機工程與應用;2004年02期

10 孫知信;駱冰清;羅圣美;朱洪波;;一種基于等級劃分的物聯(lián)網(wǎng)安全模型[J];計算機工程;2011年10期

，

本文編號：2036728