证券业务安全管理平台的设计与实现

发布时间：2018-01-31 00:14

本文关键词： 证券系统安全网络安全访问控制入侵检测安全防御体系　出处：《上海交通大学》2014年硕士论文　论文类型：学位论文

【摘要】：随着证券金融业在我国的迅猛发展，，计算机技术和网络技术在证券业务中的应用也变的越来越广泛。由于证券业务的安全性关系到个人、机构及国家的利益，并且具有实时性、安全性要求高的特点，所以证券业务的安全问题成为了一个重要的研究方向。目前证券业务主要有存在的安全问题包括:病毒传播、信息泄漏或丢失、非授权访问、恶意攻击和入侵、破坏数据完整性等等。本文根据证券业务的安全需求，参照应用最新的计算机技术和信息网络安全方面的技术，对我国证券业务安全管理平台进行了研究，并提出了证券业务安全管理平台的安全防御体系模型，以防火墙系统、安全漏洞评估系统、入侵检测系统、身份认证系统和网络边界安全控制系统来构成的安全防御体系模型。证券业务安全管理平台为了提高系统的安全性，还根据P2DR（Policy、Protection、Detection、Response）安全模型的特点，通过降低处理时间和检测时间来实现证券业务的网络安全，由此提出了入侵检测系统的设计方案，并且对入侵检测系统进行了重点研究。本文设计的证券业务安全管理平台集成了多类安全技术，能够对多个信息源数据进行安全分析，并与其他多种安全技术进行协作完成异常事件的响应和报警。其次，证券业务安全管理平台形成了多层次纵深信息安全防御机制，从而形成证券业务安全管理平台的整体性安全构架。最后根据对证券业务的安全需求分析，本文对构建的证券业务安全管理平台进行了测试，从而验证了设计方案的可行性和可靠性。
[Abstract]:With the rapid development of securities finance in China, the application of computer technology and network technology in securities business is becoming more and more extensive. Because the security of securities business is related to the interests of individuals, institutions and countries. And with the characteristics of real-time and high security requirements, the security of securities business has become an important research direction. At present, the main security problems in securities business include: virus transmission. Information disclosure or loss, unauthorized access, malicious attacks and intrusions, data integrity and so on. According to the security requirements of securities business, this paper studies the security management platform of securities business in China, referring to the application of the latest computer technology and information network security technology. And put forward the security defense system model of security business security management platform, to firewall system, security vulnerability evaluation system, intrusion detection system. Identity authentication system and network border security control system to form a security defense system model. Security business security management platform in order to improve the security of the system, but also based on P2DRN Policy. The characteristics of ProtectionDetectionResponse) security model can realize the network security of securities business by reducing the processing time and detecting time. The design scheme of intrusion detection system (IDS) is put forward, and the intrusion detection system (IDS) is studied emphatically. The security management platform designed in this paper integrates many kinds of security technologies and can analyze the security of multiple information sources. And cooperate with other security technologies to complete the response and alarm of abnormal events. Secondly, the security management platform of securities business formed a multi-level defense mechanism of information security in depth. Finally, according to the analysis of the security requirements of securities business, this paper tests the security management platform of securities business. The feasibility and reliability of the design are verified.
【学位授予单位】：上海交通大学
【学位级别】：硕士
【学位授予年份】：2014
【分类号】：TP393.08

【参考文献】