【摘要】：網(wǎng)絡技術應用發(fā)展至今,網(wǎng)絡安全作為一個突出的問題,是所有網(wǎng)絡建設者和管理者必須面對和要解決的問題。高校校園網(wǎng)絡作為一個大型的教學、科研和辦公平臺,面對校園不同的用戶群體,開放著多種服務來滿足用戶需求。這就決定了其應用技術的復雜性、綜合性以及脆弱性,所以確保校園網(wǎng)絡安全運行是本文研究的重點。 本文立足于寧夏師范學院校園網(wǎng)絡的現(xiàn)狀,首先分析了校園網(wǎng)絡安全問題的根源和當前校園網(wǎng)絡面臨的各種安全問題,對目前主流的網(wǎng)絡安全技術進行了研究。通過基于專家評分和基于SSE-CMM模型兩種評估方法對校園網(wǎng)絡安全進行風險評估,根據(jù)得到的校園網(wǎng)絡安全評估結果,結合寧夏師范學院校園網(wǎng)絡的應用特點,將寧夏師范學院校園網(wǎng)絡按照拓撲結構劃分為網(wǎng)絡邊緣安全區(qū)、核心匯聚安全區(qū)、接入層安全區(qū)、服務器群安全區(qū)和主機安全區(qū)五個區(qū)域,針對每個功能區(qū)域進行需求分析。最后總結出了校園網(wǎng)絡在網(wǎng)絡安全方面的需求,深入全面的剖析了當前寧夏師范學院校園網(wǎng)絡的安全狀況。以動態(tài)安全模型“P2DR"為理論指導,分別從策略、保護、檢測和響應四個方面設計了寧夏師范學院校園網(wǎng)絡安全體系的整體方案,通過校園網(wǎng)絡出口安全設計、網(wǎng)絡核心層安全策略部署、服務器群安全部署和接入層安全設計四個方面進行了具體實施,確保校園網(wǎng)絡安全。最后設計并實現(xiàn)了校園網(wǎng)絡安全風險評測系統(tǒng),并對安全評測系統(tǒng)進行了測
[Abstract]:With the development of network technology application, network security, as a prominent problem, must be faced and solved by all network builders and administrators. As a large-scale teaching, scientific research and office platform, the campus network in colleges and universities is open to different user groups to meet the needs of users. This determines the complexity, comprehensiveness and fragility of its application technology, so it is the focus of this paper to ensure the safe operation of campus network. Based on the present situation of the campus network of Ningxia normal University, this paper firstly analyzes the root of the campus network security problem and the various security problems that the campus network is facing at present, and studies the current mainstream network security technology. Based on expert score and SSE-CMM model, the risk assessment of campus network security is carried out. According to the result of campus network security evaluation, combined with the application characteristics of campus network of Ningxia normal University, The campus network of Ningxia normal University is divided into five areas according to the topological structure: the security zone of network edge, the security zone of core convergence layer, the safety zone of access layer, the security zone of server group and the safety zone of host computer. The requirements of each functional area are analyzed. Finally summarizes the campus network in the network security requirements, in-depth and comprehensive analysis of the current Ningxia normal University campus network security situation. Under the guidance of dynamic security model "P2DR", the overall scheme of campus network security system of Ningxia normal University is designed from four aspects: strategy, protection, detection and response. The network core layer security policy deployment, server cluster security deployment and access layer security design are implemented to ensure campus network security. Finally, the campus network security risk assessment system is designed and implemented, and the security evaluation system is tested.
【學位授予單位】：華北電力大學
【學位級別】：碩士
【學位授予年份】：2014
【分類號】：TP393.18;TP393.08

【參考文獻】

相關期刊論文 前5條

1 程微微;陸余良;夏陽;楊國正;;計算機網(wǎng)絡脆弱性評估研究[J];安徽大學學報(自然科學版);2007年04期

2 容強;;網(wǎng)絡入侵誘騙技術在高校網(wǎng)絡安全中的研究與實現(xiàn)[J];計算機安全;2009年06期

3 邢栩嘉,林闖,蔣屹新;計算機系統(tǒng)脆弱性評估研究[J];計算機學報;2004年01期

4 譚良;;SSAM與CEM的研究與比較[J];信息安全與通信保密;2006年10期

5 邢西深;;校園網(wǎng)網(wǎng)絡安全掃描系統(tǒng)的設計與實現(xiàn)[J];中國電化教育;2006年02期

，

本文編號：2335779