大秦公司信息系统安全等级保护技术规划设计
发布时间:2018-08-25 19:14
【摘要】:在信息化时代,随着网络技术的迅速发展和计算机应用的迅速普及,国家在经济、政治、军事、文化和社会公共体系层面的正常运转对信息技术的依靠日渐深入,信息系统的全局性、基础性作用日渐加强,但是其面临的安全风险也高速增长,由于黑客攻击、病毒破坏等原因导致的经济损失屡见不鲜,且损失金额也是逐渐增大。网络安全不仅仅关系到我国信息化建设的健康发展,而且也关系到国家在政治、经济以及国防方面的安全,同时也关系到我们国家社会的稳定。网络环境的复杂性、多变性,以及信息系统的脆弱性,决定了信息安全威胁的客观存在。 本论文从现状入手,对某大型能源企业信息系统现状进行分析,找出信息系统目前存在的安全风险。在网络层面主要对网络结构、边界防护、访问控制、身份鉴别、安全审计等几大类安全风险问题进行了分析;主机层面主要对身份验证、恶意代码、安全审计、系统加固等几大类安全风险问题进行了分析;应用层面主要对身份验证、安全审计、数据处理等几大类安全风险问题进行了分析。根据安全风险分析结果,从网络层面、主机层面以及应用层面提出公司信息安全方面的主要需求。 根据安全需求对公司信息系统从网络系统安全、主机系统安全、应用系统安全等几个层面对该企业的信息系统进行安全保护技术体系规划设计。针对公司目前所面临的安全风险,,设计在网络层面采用了网络分区域防护以及网络设备加固的安全技术策略,主机层面采用了身份鉴别、访问控制、安全审计、入侵防护、恶意代码防范、资源控制、数据备份的安全技术策略,应用层面采用了身份鉴别、访问控制、安全审计、剩余信息保护、软件容错、资源控制、数据加密、数据验证、数据备份的安全技术策略。 通过本设计,该企业可以从技术层面有效保护企业信息系统安全,降低信息系统被入侵的安全风险,并可以为其他企业进行信息安全等级保护设计提供参考。
[Abstract]:In the information age, with the rapid development of network technology and the rapid popularization of computer applications, the normal operation of the country in the economic, political, military, cultural and social public system level is increasingly dependent on information technology. The overall nature of information system, the basic role is increasingly strengthened, but its security risks are also growing rapidly, due to hacker attacks, virus damage and other reasons caused by economic losses are common, and the amount of loss is gradually increasing. Network security is not only related to the healthy development of information construction in China, but also related to the national security in politics, economy and national defense, but also related to the stability of our national society. The complexity and variability of network environment and the fragility of information system determine the objective existence of information security threat. In this paper, the present situation of information system in a large energy enterprise is analyzed, and the security risk of information system is found out. In the network level, the network structure, boundary protection, access control, identity authentication, security audit and other types of security risk issues are analyzed. Several kinds of security risk problems, such as system reinforcement, are analyzed, and the security risk problems such as authentication, security audit and data processing are analyzed in the application level. According to the results of security risk analysis, the main requirements of company information security are put forward from network level, host level and application level. According to the security requirements, the information system of the company is designed and designed from the aspects of network system security, host system security, application system security and so on. In view of the security risk faced by the company at present, the security strategy of network sub-area protection and network equipment reinforcement is adopted at the network level, and the host level adopts identity identification, access control, security audit, intrusion prevention, etc. Malicious code prevention, resource control, data backup security strategy, application level uses identity authentication, access control, security audit, residual information protection, software fault tolerance, resource control, data encryption, data verification, Data backup security strategy. Through the design, the enterprise can effectively protect the security of enterprise information system from the technical level, reduce the security risk of information system intrusion, and can provide reference for other enterprises to design the information security grade protection.
【学位授予单位】:河北工业大学
【学位级别】:硕士
【学位授予年份】:2014
【分类号】:TP309
本文编号:2203839
[Abstract]:In the information age, with the rapid development of network technology and the rapid popularization of computer applications, the normal operation of the country in the economic, political, military, cultural and social public system level is increasingly dependent on information technology. The overall nature of information system, the basic role is increasingly strengthened, but its security risks are also growing rapidly, due to hacker attacks, virus damage and other reasons caused by economic losses are common, and the amount of loss is gradually increasing. Network security is not only related to the healthy development of information construction in China, but also related to the national security in politics, economy and national defense, but also related to the stability of our national society. The complexity and variability of network environment and the fragility of information system determine the objective existence of information security threat. In this paper, the present situation of information system in a large energy enterprise is analyzed, and the security risk of information system is found out. In the network level, the network structure, boundary protection, access control, identity authentication, security audit and other types of security risk issues are analyzed. Several kinds of security risk problems, such as system reinforcement, are analyzed, and the security risk problems such as authentication, security audit and data processing are analyzed in the application level. According to the results of security risk analysis, the main requirements of company information security are put forward from network level, host level and application level. According to the security requirements, the information system of the company is designed and designed from the aspects of network system security, host system security, application system security and so on. In view of the security risk faced by the company at present, the security strategy of network sub-area protection and network equipment reinforcement is adopted at the network level, and the host level adopts identity identification, access control, security audit, intrusion prevention, etc. Malicious code prevention, resource control, data backup security strategy, application level uses identity authentication, access control, security audit, residual information protection, software fault tolerance, resource control, data encryption, data verification, Data backup security strategy. Through the design, the enterprise can effectively protect the security of enterprise information system from the technical level, reduce the security risk of information system intrusion, and can provide reference for other enterprises to design the information security grade protection.
【学位授予单位】:河北工业大学
【学位级别】:硕士
【学位授予年份】:2014
【分类号】:TP309
【参考文献】
相关博士学位论文 前1条
1 高朝勤;信息系统等级保护中的多级安全技术研究[D];北京工业大学;2012年
本文编号:2203839
本文链接:https://www.wllwen.com/jingjilunwen/zhengzhijingjixuelunwen/2203839.html
