智能IETM中信息安全管理关键技术的研究与实现

发布时间：2018-06-23 05:32

本文选题：IETM + RBAC　；参考：《西安科技大学》2017年硕士论文

【摘要】：信息安全在智能电子交互式技术手册(Interactive Electronic Technical Manual,IETM)系统中是十分重要的,但是针对这个问题的研究还比较少。智能IETM的应用越来越广泛,因此在许多重要领域中,对智能IETM中的信息安全具有较高的要求。本文研究智能IETM中信息安全管理的两个关键技术,主要内容如下:(1)针对用户在权限内访问系统资源的问题,研究了访问控制技术。在IETM系统中运用了基于角色的访问控制模型(Role-Based Access Control,RBAC)。针对RBAC模型存在的局限,从授权方式、主客体粒度、权限继承三方面对其进行了改进。本文用形式化的语言描述了改进的RBAC模型,设计了访问控制流程,实现了智能IETM中RBAC模型的基本管理功能。通过非法访问实验,验证了改进后的RBAC模型在IETM系统中的有效性,确保系统资源受控、合法地被访问。(2)针对数据库中数据易泄露的问题,研究了数据库加密技术。采用了二级密钥管理机制保护密钥安全,并且通过对密文追加字符串的存储方式确保密文的安全。设计并实现了便携式维修辅助设备(Portable Maintenance Assistant,PMA)上禁止数据库文件复制、拷贝的功能,进而保证数据库中数据的安全。测试了数据库加密模块的性能,测试结果表明主密钥更换对系统响应时间性能影响小,工作密钥更换对系统响应时间性能的影响是随着数据量的增加而增加的,密文数据库中插入和读取数据对性能影响较小,达到了设计指标。(3)采用B/S模式、ASP.net框架开发了智能IETM系统,其主要有四个功能模块:浏览子系统、管理子系统、故障维修辅助系统、维修训练辅助系统。对智能IETM中的信息安全管理进行了测试,验证了各个模块功能的正确性。
[Abstract]:Information security is very important in IETM (Interactive Electronic Technical Manual) system, but there are few researches on this problem. The application of intelligent IETM is more and more extensive, so in many important fields, the information security in intelligent IETM has higher requirements. In this paper, two key technologies of information security management in intelligent IETM are studied. The main contents are as follows: (1) aiming at the problem of users accessing system resources within authority, access control technology is studied. Role-Based Access Control (RBAC) is used in IETM system. Aiming at the limitation of RBAC model, this paper improves the RBAC model from three aspects: authorization mode, granularity of subject and object, and privilege inheritance. This paper describes the improved RBAC model in formal language, designs the access control flow, and implements the basic management function of RBAC model in intelligent IETM. Through illegal access experiments, the effectiveness of the improved RBAC model in IETM system is verified, and the system resources are controlled and accessed legally. (2) the database encryption technology is studied in order to solve the problem that the data in the database is easy to leak. A two-level key management mechanism is adopted to protect the security of the ciphertext, and the security of the ciphertext is ensured by storing the string appended to the ciphertext. This paper designs and implements the function of prohibiting the copying and copying of database files on Portable maintenance Assistant (PMA), so as to ensure the security of data in the database. The performance of the database encryption module is tested. The test results show that the change of the master key has little effect on the response time performance of the system, and the effect of the change of the work key on the response time performance of the system increases with the increase of the amount of data. Inserting and reading data in ciphertext database has little effect on performance and achieves the design target. (3) the intelligent IETM system is developed by using the ASP. Net framework of B / S mode, which has four main function modules: browse subsystem, management subsystem, etc. Fault maintenance Auxiliary system, maintenance training Auxiliary system. The information security management in intelligent IETM is tested and the correctness of each module is verified.
【学位授予单位】：西安科技大学
【学位级别】：硕士
【学位授予年份】：2017
【分类号】：TP311.13;TP309

【参考文献】