大秦公司信息系統(tǒng)安全等級保護(hù)技術(shù)規(guī)劃設(shè)計(jì)
發(fā)布時間:2018-08-25 19:14
【摘要】:在信息化時代,隨著網(wǎng)絡(luò)技術(shù)的迅速發(fā)展和計(jì)算機(jī)應(yīng)用的迅速普及,國家在經(jīng)濟(jì)、政治、軍事、文化和社會公共體系層面的正常運(yùn)轉(zhuǎn)對信息技術(shù)的依靠日漸深入,信息系統(tǒng)的全局性、基礎(chǔ)性作用日漸加強(qiáng),但是其面臨的安全風(fēng)險(xiǎn)也高速增長,由于黑客攻擊、病毒破壞等原因?qū)е碌慕?jīng)濟(jì)損失屢見不鮮,且損失金額也是逐漸增大。網(wǎng)絡(luò)安全不僅僅關(guān)系到我國信息化建設(shè)的健康發(fā)展,而且也關(guān)系到國家在政治、經(jīng)濟(jì)以及國防方面的安全,同時也關(guān)系到我們國家社會的穩(wěn)定。網(wǎng)絡(luò)環(huán)境的復(fù)雜性、多變性,以及信息系統(tǒng)的脆弱性,決定了信息安全威脅的客觀存在。 本論文從現(xiàn)狀入手,對某大型能源企業(yè)信息系統(tǒng)現(xiàn)狀進(jìn)行分析,找出信息系統(tǒng)目前存在的安全風(fēng)險(xiǎn)。在網(wǎng)絡(luò)層面主要對網(wǎng)絡(luò)結(jié)構(gòu)、邊界防護(hù)、訪問控制、身份鑒別、安全審計(jì)等幾大類安全風(fēng)險(xiǎn)問題進(jìn)行了分析;主機(jī)層面主要對身份驗(yàn)證、惡意代碼、安全審計(jì)、系統(tǒng)加固等幾大類安全風(fēng)險(xiǎn)問題進(jìn)行了分析;應(yīng)用層面主要對身份驗(yàn)證、安全審計(jì)、數(shù)據(jù)處理等幾大類安全風(fēng)險(xiǎn)問題進(jìn)行了分析。根據(jù)安全風(fēng)險(xiǎn)分析結(jié)果,從網(wǎng)絡(luò)層面、主機(jī)層面以及應(yīng)用層面提出公司信息安全方面的主要需求。 根據(jù)安全需求對公司信息系統(tǒng)從網(wǎng)絡(luò)系統(tǒng)安全、主機(jī)系統(tǒng)安全、應(yīng)用系統(tǒng)安全等幾個層面對該企業(yè)的信息系統(tǒng)進(jìn)行安全保護(hù)技術(shù)體系規(guī)劃設(shè)計(jì)。針對公司目前所面臨的安全風(fēng)險(xiǎn),,設(shè)計(jì)在網(wǎng)絡(luò)層面采用了網(wǎng)絡(luò)分區(qū)域防護(hù)以及網(wǎng)絡(luò)設(shè)備加固的安全技術(shù)策略,主機(jī)層面采用了身份鑒別、訪問控制、安全審計(jì)、入侵防護(hù)、惡意代碼防范、資源控制、數(shù)據(jù)備份的安全技術(shù)策略,應(yīng)用層面采用了身份鑒別、訪問控制、安全審計(jì)、剩余信息保護(hù)、軟件容錯、資源控制、數(shù)據(jù)加密、數(shù)據(jù)驗(yàn)證、數(shù)據(jù)備份的安全技術(shù)策略。 通過本設(shè)計(jì),該企業(yè)可以從技術(shù)層面有效保護(hù)企業(yè)信息系統(tǒng)安全,降低信息系統(tǒng)被入侵的安全風(fēng)險(xiǎn),并可以為其他企業(yè)進(jìn)行信息安全等級保護(hù)設(shè)計(jì)提供參考。
[Abstract]:In the information age, with the rapid development of network technology and the rapid popularization of computer applications, the normal operation of the country in the economic, political, military, cultural and social public system level is increasingly dependent on information technology. The overall nature of information system, the basic role is increasingly strengthened, but its security risks are also growing rapidly, due to hacker attacks, virus damage and other reasons caused by economic losses are common, and the amount of loss is gradually increasing. Network security is not only related to the healthy development of information construction in China, but also related to the national security in politics, economy and national defense, but also related to the stability of our national society. The complexity and variability of network environment and the fragility of information system determine the objective existence of information security threat. In this paper, the present situation of information system in a large energy enterprise is analyzed, and the security risk of information system is found out. In the network level, the network structure, boundary protection, access control, identity authentication, security audit and other types of security risk issues are analyzed. Several kinds of security risk problems, such as system reinforcement, are analyzed, and the security risk problems such as authentication, security audit and data processing are analyzed in the application level. According to the results of security risk analysis, the main requirements of company information security are put forward from network level, host level and application level. According to the security requirements, the information system of the company is designed and designed from the aspects of network system security, host system security, application system security and so on. In view of the security risk faced by the company at present, the security strategy of network sub-area protection and network equipment reinforcement is adopted at the network level, and the host level adopts identity identification, access control, security audit, intrusion prevention, etc. Malicious code prevention, resource control, data backup security strategy, application level uses identity authentication, access control, security audit, residual information protection, software fault tolerance, resource control, data encryption, data verification, Data backup security strategy. Through the design, the enterprise can effectively protect the security of enterprise information system from the technical level, reduce the security risk of information system intrusion, and can provide reference for other enterprises to design the information security grade protection.
【學(xué)位授予單位】:河北工業(yè)大學(xué)
【學(xué)位級別】:碩士
【學(xué)位授予年份】:2014
【分類號】:TP309
本文編號:2203839
[Abstract]:In the information age, with the rapid development of network technology and the rapid popularization of computer applications, the normal operation of the country in the economic, political, military, cultural and social public system level is increasingly dependent on information technology. The overall nature of information system, the basic role is increasingly strengthened, but its security risks are also growing rapidly, due to hacker attacks, virus damage and other reasons caused by economic losses are common, and the amount of loss is gradually increasing. Network security is not only related to the healthy development of information construction in China, but also related to the national security in politics, economy and national defense, but also related to the stability of our national society. The complexity and variability of network environment and the fragility of information system determine the objective existence of information security threat. In this paper, the present situation of information system in a large energy enterprise is analyzed, and the security risk of information system is found out. In the network level, the network structure, boundary protection, access control, identity authentication, security audit and other types of security risk issues are analyzed. Several kinds of security risk problems, such as system reinforcement, are analyzed, and the security risk problems such as authentication, security audit and data processing are analyzed in the application level. According to the results of security risk analysis, the main requirements of company information security are put forward from network level, host level and application level. According to the security requirements, the information system of the company is designed and designed from the aspects of network system security, host system security, application system security and so on. In view of the security risk faced by the company at present, the security strategy of network sub-area protection and network equipment reinforcement is adopted at the network level, and the host level adopts identity identification, access control, security audit, intrusion prevention, etc. Malicious code prevention, resource control, data backup security strategy, application level uses identity authentication, access control, security audit, residual information protection, software fault tolerance, resource control, data encryption, data verification, Data backup security strategy. Through the design, the enterprise can effectively protect the security of enterprise information system from the technical level, reduce the security risk of information system intrusion, and can provide reference for other enterprises to design the information security grade protection.
【學(xué)位授予單位】:河北工業(yè)大學(xué)
【學(xué)位級別】:碩士
【學(xué)位授予年份】:2014
【分類號】:TP309
【參考文獻(xiàn)】
相關(guān)博士學(xué)位論文 前1條
1 高朝勤;信息系統(tǒng)等級保護(hù)中的多級安全技術(shù)研究[D];北京工業(yè)大學(xué);2012年
本文編號:2203839
本文鏈接:http://sikaile.net/jingjilunwen/zhengzhijingjixuelunwen/2203839.html
最近更新
教材專著
