内网终端安全管理系统的资产管理设计与实现

发布时间：2018-02-12 18:56

本文关键词： 内网安全终端安全补丁管理资产收集资产统计　出处：《中国科学院大学（工程管理与信息技术学院）》2014年硕士论文　论文类型：学位论文

【摘要】：随着企事业单位的信息化程度不断加深,内网终端安全问题也随之而来。大量的内网病毒、黑客攻击、蠕虫和木马泛滥,严重地威胁到各企事业单位内部网络的安全,他们大多利用操作系统的漏洞进行攻击、感染和传播。尽管内部网络系统通常采用多种安全防护手段来进行主动防御,但是潜在的漏洞和系统的脆弱性使得各单位仍然时刻面临内网安全威胁。另一方面内部计算机软硬件无法收集和统计以及移动存储介质滥用,也给各个企事业单位带来巨大损失。按照以前的网络安全体系对企事业单位的网络进行保护已经满足不了目前的需求,网络边界和网络设备的防护方式无法解决终端安全问题,并且企事业单位的计算机数量激增,单靠传统方式进行防护将面临巨大风险,所以要探索新的安全防护方式来满足终端安全统一管理。这样内网终端安全体系建设问题就逐渐提上日程。本文以内网终端安全管理为背景,首先论述了研究背景及意义,讨论了国内外内网终端安全现状并总结了内网终端安全所面临的问题。然后讨论了内网安全管理系统的主要关键技术,包括Windows平台漏洞和补丁管理相关内容,WindowsAPI,钩子技术等。论文详细论述了内网终端安全管理系统的需求分析、设计原则、系统架构、数据库结构以及主要模块的功能设计,失泄密防护模块实现了终端行为管控、打印行为监控、外设接口管控,接入认证模块实现了终端接入的身份认证和健康性检查,资产管理模块实现了终端资产的收集及统计等。同时,详实的阐述了重点模块的设计和实现。接着描述了系统部署环境及测试方案,通过系统测试验证系统功能。最后论文总结了本内网安全管理系统,并对接下来的开发工作提出建议。经过测试,该系统在实际环境中运行良好,满足了企事业单位的内网终端安全管理的基本需求,同时减轻了内网管理人员的运维负担,帮助企事业单位规范了内网终端的使用,提高了工作效率。
[Abstract]:With the deepening of the informationization of enterprises and institutions, the security problems of intranet terminals also follow. A large number of intranet viruses, hacker attacks, worms and Trojans overflow, which seriously threaten the security of the internal networks of enterprises and institutions. Most of them exploit operating system vulnerabilities to attack, infect, and spread. Although internal network systems often use multiple security precautions to actively defend themselves, But the potential vulnerabilities and system vulnerabilities still leave units facing constant security threats to intranets. On the other hand, internal computer hardware and software cannot be collected and counted and removable storage media are misused. It has also brought huge losses to various enterprises and institutions. According to the previous network security system, the network protection of enterprises and institutions has been unable to meet the current needs. The network boundary and the protection methods of network equipment cannot solve the terminal security problems. Moreover, the number of computers in enterprises and institutions has increased dramatically, so relying solely on traditional methods of protection will face enormous risks. Therefore, it is necessary to explore new ways of security protection to meet the unified management of terminal security. Based on the security management of intranet terminals, this paper firstly discusses the research background and significance. This paper discusses the security status of intranet terminals at home and abroad and summarizes the problems faced by intranet terminals, and then discusses the main key technologies of the intranet security management system. Including Windows platform vulnerability and patch management related contents such as Windows API, hook technology, etc. This paper discusses the requirement analysis, design principle, system architecture, database structure and function design of the main module of the security management system of the intranet terminal in detail. The leak protection module realizes terminal behavior control, print behavior monitoring, peripheral interface control, and access authentication module to realize identity authentication and health check of terminal access. The asset management module realizes the collection and statistics of the terminal assets. At the same time, the design and implementation of the key modules are described in detail. Then, the system deployment environment and the test scheme are described. Finally, the paper summarizes the security management system of the intranet, and puts forward some suggestions for the next development work. After testing, the system runs well in the actual environment, meets the basic needs of the internal network terminal security management of enterprises and institutions, at the same time reduces the operating and maintenance burden of the inner network management personnel. Help enterprises and institutions standardize the use of intranet terminals, improve work efficiency.
【学位授予单位】：中国科学院大学（工程管理与信息技术学院）
【学位级别】：硕士
【学位授予年份】：2014
【分类号】：TP393.08

【参考文献】