涉密计算机监控与审计系统设计与实现
发布时间:2018-09-10 12:13
【摘要】:近年来,信息安全行业得以快速发展,涉密行业如政府机关等对于信息安全的重视以及对涉密信息保护的需求日益增加,由此涉密计算机的监控与防护的技术得以广泛应用。然而,涉密计算机监控产品往往缺乏及时有效的防护和策略制定,同时产品自身缺乏防护,涉密计算机的防护需要更底层和全面的监控手段。涉密主机监控与审计系统是在这样的背景下设计并应用的,它旨在为涉密计算机的使用安全、行为监控制定全面、底层的保护方案,为涉密计算机提供一个安全的使用环境。本文对涉密计算机的监控与审计需求进行研究,具体工作及成果包括以下内容:(1)提出一种客户端/服务器的系统架构,该系统在客户端上实现了多层面、多维度的监控,如进程监控、服务监控、客户端外联监控、部分设备的使用监控等,同时通过及时的报警信息反馈,在服务器端通过管理平台制定相应的保护策略。并从涉密计算机监控技术和服务器端策略制定下发两个方面保证了涉密计算机监控与审计系统的实用性。(2)对系统进行了详细设计,并在涉密计算机客户端的监控部分设计了多维度的监控模块,设计了服务器模块和通信模块,同时为了可视化报警信息和策略的制定,也设计了控制台界面,可以方便管理策略和报警信息,分析涉密计算机上传的审计日志。(3)实验测试的结果体现了系统的安全性、流程的完整性以及实用性,实现的系统安全有效,应用的场景较广泛,适用于为目前涉密计算机监控与审计提供服务,对完善并发展现有的涉密计算机监控与审计架构技术具有一定的实践和指导意义。
[Abstract]:In recent years, the information security industry has been developing rapidly, the secret industry, such as government agencies, has paid more and more attention to information security and the need for the protection of confidential information has been increasing day by day. Therefore, the technology of monitoring and protecting secret computers has been widely used. However, the secret computer monitoring products often lack timely and effective protection and strategy formulation, at the same time, the product itself lacks protection, and the protection of secret computer requires a lower and more comprehensive monitoring means. The system is designed and applied under this background. It aims to provide a secure environment for the use of secret computers and for the purpose of making a comprehensive and bottom protection scheme for the security and behavior monitoring of confidential computers. In this paper, the monitoring and audit requirements of the confidential computer are studied. The specific work and results are as follows: (1) A client / server architecture is proposed, which realizes multi-level and multi-dimensional monitoring on the client. Such as process monitoring, service monitoring, client outreach monitoring, monitoring the use of some equipment and so on. At the same time, through timely alarm information feedback, the server side through the management platform to formulate the corresponding protection strategy. The practicability of the computer monitoring and auditing system is ensured from the two aspects of the secret computer monitoring technology and the policy formulation of the server. (2) the system is designed in detail. The multi-dimension monitoring module, the server module and the communication module are designed in the client part of the secret computer. At the same time, the console interface is designed in order to make the visual alarm information and strategy. It can easily manage the policy and alarm information, analyze the audit log uploaded by the secret computer. (3) the results of the experiment test reflect the security of the system, the integrity and practicability of the process, the security and effectiveness of the realized system, and the wide range of application scenarios. It is suitable for providing services for the current computer monitoring and auditing, and has certain practical and guiding significance for perfecting and developing the existing computer monitoring and auditing architecture technology.
【学位授予单位】:北京邮电大学
【学位级别】:硕士
【学位授予年份】:2016
【分类号】:TP309
[Abstract]:In recent years, the information security industry has been developing rapidly, the secret industry, such as government agencies, has paid more and more attention to information security and the need for the protection of confidential information has been increasing day by day. Therefore, the technology of monitoring and protecting secret computers has been widely used. However, the secret computer monitoring products often lack timely and effective protection and strategy formulation, at the same time, the product itself lacks protection, and the protection of secret computer requires a lower and more comprehensive monitoring means. The system is designed and applied under this background. It aims to provide a secure environment for the use of secret computers and for the purpose of making a comprehensive and bottom protection scheme for the security and behavior monitoring of confidential computers. In this paper, the monitoring and audit requirements of the confidential computer are studied. The specific work and results are as follows: (1) A client / server architecture is proposed, which realizes multi-level and multi-dimensional monitoring on the client. Such as process monitoring, service monitoring, client outreach monitoring, monitoring the use of some equipment and so on. At the same time, through timely alarm information feedback, the server side through the management platform to formulate the corresponding protection strategy. The practicability of the computer monitoring and auditing system is ensured from the two aspects of the secret computer monitoring technology and the policy formulation of the server. (2) the system is designed in detail. The multi-dimension monitoring module, the server module and the communication module are designed in the client part of the secret computer. At the same time, the console interface is designed in order to make the visual alarm information and strategy. It can easily manage the policy and alarm information, analyze the audit log uploaded by the secret computer. (3) the results of the experiment test reflect the security of the system, the integrity and practicability of the process, the security and effectiveness of the realized system, and the wide range of application scenarios. It is suitable for providing services for the current computer monitoring and auditing, and has certain practical and guiding significance for perfecting and developing the existing computer monitoring and auditing architecture technology.
【学位授予单位】:北京邮电大学
【学位级别】:硕士
【学位授予年份】:2016
【分类号】:TP309
【相似文献】
相关期刊论文 前10条
1 ;铁安联盟“铁的安全”系列报道之四 中央审计系统[J];计算机安全;2004年11期
2 许静;;捷普新一代信息审计系统[J];计算机安全;2009年08期
3 钟富尧,李志淮;网桥审计系统的设计与实现[J];计算机应用;2003年11期
4 朱文博;浅析基层人行电子化审计系统建设[J];华南金融电脑;2004年03期
5 林飞;教育网审计分布式解决方案[J];信息安全与通信保密;2005年09期
6 蒋聚e,
本文编号:2234410
本文链接:https://www.wllwen.com/kejilunwen/ruanjiangongchenglunwen/2234410.html
