重庆电力信息内网安全接入管控系统的设计与实现

发布时间：2018-02-01 12:16

本文关键词： 内网安全防火墙终端安全 JAVA技术违规外联　出处：《电子科技大学》2015年硕士论文　论文类型：学位论文

【摘要】：随着网络技术的快速发展,频繁的网络攻击、资料外泄、流量不足等现象的不断发生,极大地危害到企业的各种信息安全,他们大多利用系统漏洞进行逐一攻击,攻击成功后并融入大量的危害程序进行感染与传播,从而导致企业资料得不到合理的安全保障,在日常工作中使用非法软件程序以及占用较大的带宽流量程序都有可能影响企业的其它员工,在简单的任务审批环节,得不到快速的回复与处理,致使整个企业的生产效率低下。传统解决办法是采用防火墙划分边界值方法进行阻挡对服务器端程序的攻击,客户端主要是采用防病毒软件进行阻止,但随着现有黑客技术的快速发展,原有的解决办法已不能满足现代化内网安全管理的需要。重庆电力信息内网安全管控系统正是在这一背景下建立起来的,本文首先从论文的研究背景从发并剖析内网安全管理的研究意义及其建设目标,以及提出本文研究的主要内容;其次是对系统进行需求分析,分析出系统的功能需求与非功能需求;接着是根据系统需求内容进行详细设计,主要是从系统的系统架构、终端配置、各功能模块以及数据库进行了大量的设计工作,为系统的实现奠定基础;接着是完成系统的实现,主要从系统的实现过程思路、界面设计以及业务处理流程进行了各功能模块实现;最后是完成系统的测试工作,也是检验系统是否按照需求说明进行功能实现,主要从系统的测试目的、环境、测试内容、测试总结等各方面进行了详细的测试,使系统得到质量上的保障。本系统将利用最新的JAVA技术、数据库设计、B/S架构完成系统的技术架构搭建,系统建设后能提供统一安全的准入控制功能。接入管理系统配合桌面管控系统、杀毒等安全软件,进行统一的安全策略配置,以便阻止违规外联等恶意安全事件的发生,避免因此而造成的重庆电力考核指标基数下降,全面提升终端安全,搞高企业的管理与服务水平。
[Abstract]:With the rapid development of network technology, frequent network attacks, data leakage, insufficient traffic and other phenomena continue to occur, greatly endangering the information security of enterprises. Most of them make use of system vulnerabilities to attack one by one, and after successful attacks and into a large number of harm procedures to infect and spread, resulting in enterprise information can not be reasonable security. The use of illegal software programs in daily work as well as the use of large bandwidth flow programs may affect other employees in the enterprise, in the simple task approval process, can not get a quick response and processing. The traditional solution is to use the firewall boundary value method to block the attack on the server-side program, and the client is mainly to use anti-virus software to prevent the attack. However, with the rapid development of the existing hacker technology, the original solution can not meet the needs of modern intranet security management. Chongqing Electric Power Information Intranet Security Management and Control system is built under this background. Firstly, this paper analyzes the significance and construction goal of the security management of the inner network from the background of the paper, and puts forward the main contents of this paper. Secondly, the requirement analysis of the system is carried out, and the functional and non-functional requirements of the system are analyzed. Then the detailed design is carried out according to the requirements of the system, mainly from the system architecture, terminal configuration, functional modules and database for a large number of design work, for the implementation of the system laid the foundation; Then the implementation of the system is completed, mainly from the system implementation process ideas, interface design and business processing process for the implementation of each functional module; The last is to complete the system testing work, but also to test the system according to the requirements of the functional implementation, mainly from the system test purpose, environment, test content, test summary and other aspects of the detailed test. The system will use the latest JAVA technology, database design and B / S architecture to complete the technical architecture of the system. After the system construction can provide a unified security access control function. Access management system with desktop control system anti-virus and other security software for unified security policy configuration. In order to prevent the occurrence of malicious security incidents such as illegal outreach, to avoid the decline of the index base of Chongqing electric power assessment, to improve the terminal security, and to improve the management and service level of enterprises.
【学位授予单位】：电子科技大学
【学位级别】：硕士
【学位授予年份】：2015
【分类号】：TP311.52;TP393.08

【参考文献】