A银行信息安全运行平台设计与实现

发布时间：2018-05-25 03:29

本文选题：管理信息系统 + 信息安全　；参考：《山东大学》2017年硕士论文

【摘要】：随着信息技术的高速发展,我国面临着严峻复杂的信息安全形势,国家安全领导小组的成立将信息安全提升到国家安全战略高度。随着国内银行业信息化银行建设的开展,银行在信息安全领域面临着严峻的挑战,银行监管机构对银行信息安全管理和信息科技风险管理工作也提出了一系列要求。基于业务发展的内生性需求及信息安全防控的要求,A银行积极探索符合自身发展需求的信息安全管理体系建设思路,经过多年实践,A银行形成了以组织体系、制度建设、管理措施、技术手段四个主题为核心的三层信息安全管理框架。但是A银行信息安全管理信息系统仍存在因缺乏顶层设计而导致的一系列问题,使得A银行虽然坐拥海量信息安全数据却因缺乏信息贯通和挖掘而无法准确及时的对信息安全管理全局工作进行掌控。为应对信息化银行建设对信息安全工作带来的挑战,本文基于管理信息系统理论、数据挖掘理论和威胁感知等信息安全相关理论,提出构建A银行信息安全运营中心,以银行的业务发展为核心,对信息安全领域进行安全状态监测、安全配置管理、终端资产管理和信息安全审计预警,通过对信息安全数据有效地挖掘分析和态势展现,形成以数据智能分析为核心的信息安全威胁感知系统。本文以管理信息系统理论为指导,结合A银行信息安全工作的现状及工作要求,形成信息安全运行中心的目标定义,并在系统可行性、功能模块、业务流程、系统架构、数据结构等不同层面对A银行信息安全运行中心进行了总体方案设计和功能模块的详细设计。在最为核心的信息安全风险事件监测功能模块设计中,本文通过对简单风险事件静态检测和复杂风险事件威胁感知检测的定义,建立了风险事件的高效判定机制。特别是针对未知风险的威胁感知检测功能设计,通过中转机使用风险预警模型和离职人员信息安全审计预警模型案例的详细设计,阐明了系统基于数据挖掘和关联分析进行复杂风险事件威胁感知的设计思路。最后本文对A银行信息安全运行中心的上线实施步骤进行了介绍,并对项目进行了质量评价和应用效果评价,对系统的总体情况进行了总结和展望。通过A银行信息安全运营中心的构建,建立了全局性的信息安全治理机制,从管理角度梳理适合A银行业务发展要求和技术实际的信息安全管理流程,优化管理组织体系、管理制度规范和风险管理流程,加强信息安全管理工作自动化程度,实现了风险分析智能化与威胁态势可视化,为信息安全管理提供决策数据支持,既能支持信息技术在业务创新领域发挥引领作用,又能有效控制业务发展带来的信息安全风险,打造了动态、持续、高效的信息安全防控体系,充分体现了"科技引领"战略意图。
[Abstract]:With the rapid development of information technology, China is faced with a severe and complex information security situation. The establishment of the National Security leadership Group has promoted information security to the national security strategy. With the development of information bank construction in China, banks are faced with severe challenges in the field of information security, and the bank regulators have put forward a series of requirements for information security management and risk management of information technology in banks. Based on the endogenous demand of business development and the requirement of information security prevention and control, Bank A has actively explored the idea of building information security management system in line with its own development needs. After many years of practice, Bank A has formed an organizational system and a system construction. Management measures, technical means of four topics as the core of the three-tier information security management framework. But Bank A's information security management information system still has a series of problems caused by the lack of top-level design. Bank A is unable to accurately and timely control the overall work of information security management because of the lack of information access and mining, although it has a huge amount of information security data. In order to meet the challenge that the construction of information bank brings to information security, based on the theory of management information system, the theory of data mining and the theory of threat perception, this paper puts forward the construction of A bank information security operation center. Taking the development of bank business as the core, the security condition monitoring, security configuration management, terminal asset management and information security audit warning are carried out in the field of information security. The information security threat perception system based on data intelligence analysis is formed. Under the guidance of management information system theory, combined with the current situation and work requirements of information security work in Bank A, this paper forms the target definition of information security operation center, and the system feasibility, function module, business process, system architecture, Data structure and other different levels of A bank information security operation center for the overall scheme design and functional module design in detail. In the design of the most core function module of information security risk event monitoring, this paper establishes an efficient decision mechanism of risk event by defining simple risk event static detection and complex risk event threat awareness detection. In particular, the design of threat perception detection function for unknown risk, the use of risk early warning model through the transit machine and the detailed design of information security audit early warning model case. The design idea of complex risk event threat awareness based on data mining and association analysis is expounded. At last, the paper introduces the implementation steps of the information security operation center of bank A, evaluates the quality and application effect of the project, and summarizes and prospects the overall situation of the system. Through the construction of A Bank Information Security Operation Center, the overall information security governance mechanism is established. From the management point of view, the information security management process suitable for A Bank's business development requirements and technical reality is combed, and the management organization system is optimized. The management system and the risk management flow are standardized, the automation degree of the information security management is strengthened, the risk analysis intelligence and the threat situation visualization are realized, and the decision data support for the information security management is provided. It can not only support the information technology to play a leading role in the field of business innovation, but also effectively control the information security risks brought by business development, and create a dynamic, continuous and efficient information security prevention and control system. It fully embodies the strategic intention of "science and technology leading".
【学位授予单位】：山东大学
【学位级别】：硕士
【学位授予年份】：2017
【分类号】：F832.2

【参考文献】