基于桌面虚拟化技术的商业银行网络接入层安全问题解决方案

发布时间：2018-01-29 20:37

本文关键词： 桌面虚拟化虚拟桌面商业银行网络结构网络接入层安全　出处：《华南理工大学》2014年硕士论文　论文类型：学位论文

【摘要】：金融信息化的不断发展，促进了金融业众多商业银行的发展，同时也使其面临的信息安全风险增大。商业银行网络信息安全的威胁有多种来源，来自接入层的安全威胁便是其中最主要的来源之一。因此，解决商业银行来自接入层网络的安全问题显得极为重要，它将降低商业银行来自接入层网络的安全威胁，总体上提高商业银行网络的安全防御能力并降低商业银行网络信息安全风险。在对商业银行网络结构及安全存在的问题和现状进行分析调研的基础上，结合商业银行的网络访问特点以及用户访问需求，，本文提出了有别于传统方法的商业银行接入层安全解决方案。首先对商业银行现有的网络结构和网络安全策略进行重构和改造，在网络结构和安全策略上取消接入层对原有核心层的直接访问，在源头上解除了接入层对核心层的直接安全威胁。其次通过结合桌面虚拟化技术的应用，使接入层用户通过虚拟桌面的方式实现对核心层应用的间接访问，满足日常生产和办公的访问需要，同时利用桌面虚拟化技术的安全特性，整体提高系统的安全性。通过上述两方面结合产生的解决方案，在保证商业银行接入层用户原有日常生产、办公的访问需求在得到满足的情况下，解决了来自网络接入层的安全问题，降低了网络接入层对核心层的安全威胁，实现了方案要求的目标。本解决方案是传统商业银行网络接入层安全问题解决方法的有益补充和完善，同时随着服务器、存储等硬件技术的不断发展以及相对成本的不断降低，本解决方案的总体部署成本也相应降低，因此方案应用也将越来越广泛。
[Abstract]:The continuous development of financial informatization has promoted the development of many commercial banks in the financial industry, at the same time, it has increased the risk of information security. There are many sources of threats to the network information security of commercial banks. The security threat from the access layer is one of the most important sources. Therefore, it is very important to solve the security problem of the commercial bank from the access layer network. It will reduce the security threat of the commercial bank from the access layer network, improve the security defense ability of the commercial bank network and reduce the network information security risk of the commercial bank in general. On the basis of analyzing and investigating the network structure and security problems of commercial banks, combined with the characteristics of network access and user access requirements of commercial banks. In this paper, different from the traditional methods of commercial bank access layer security solution. Firstly, the existing network structure and network security strategy of commercial banks are reconstructed and reformed. In the network structure and security strategy to cancel the access layer to the original core layer direct access to the source of the access layer to remove the core layer of direct security threats. Secondly through the combination of desktop virtualization technology applications. Access layer users through the virtual desktop to achieve indirect access to the core layer applications to meet the daily production and office access needs, while using desktop virtualization technology security features. Improve the security of the system as a whole. Through the combination of the above two solutions, in order to ensure the commercial bank access layer users' original daily production, office access requirements in the case of being satisfied, the security problem from the network access layer is solved. It reduces the security threat of network access layer to the core layer and realizes the goal of the solution. This solution is a useful supplement and perfection of the traditional commercial bank network access layer security solution. At the same time, with the continuous development of hardware technology such as server, storage and relative cost, the overall deployment cost of the solution will be reduced accordingly, so the application of the solution will be more and more extensive.
【学位授予单位】：华南理工大学
【学位级别】：硕士
【学位授予年份】：2014
【分类号】：TP393.08

【参考文献】