主机安全测评方法设计
发布时间:2018-12-09 21:14
【摘要】:近年来,随着我国信息技术的高速发展,带动了信息化进程的全面加快,计算机与信息技术在各行各业被普遍应用,重要行业、要害部门对信息系统的依赖也越来越强。但是我国信息安全形势却非常严峻,互联网上影响国家安全和社会稳定的问题日益突出。在此背景下,信息安全等级保护的推进水到渠成。目前国家已经颁布了相关的政策标准,用来规范、指导、监督等级保护工作。信息安全等级保护是国家信息安全保障工作的基本制度、基本策略和基本方法[1]。主机安全测评是信息安全等级保护的重要组成部分。本文在深刻分析主机安全的基础上,设计出主机安全测评的工作程序,提出主机安全测评的具体操作方法。对常见的操作系统和数据库分别从身份鉴别、访问控制、安全审计、剩余信息保护、入侵防范、恶意代码防范、资源控制等不同控制点检查相关策略,依照该检查结果与信息安全等级保护的具体要求做比较,验证测评方法的准确性和实用性。本文首先介绍了信息安全等级保护的相关知识和基本含义;之后对涉及到的相关标准进行了解读,分析了标准的模型和特点;接下来详细分析了主机安全测评的控制点和分级保护的要求;设计出主机安全测评的工作程序和测评方法并结合测评实例进行验证;最后总结了全文,并对未来工作进行展望。
[Abstract]:In recent years, with the rapid development of information technology in our country, the process of information technology has been speeding up. Computers and information technology are widely used in various industries. The important industries and key departments rely more and more on information systems. However, the situation of information security in China is very severe, and the problems affecting national security and social stability on the Internet are increasingly prominent. In this context, the promotion of information security level protection is coming naturally. At present, the state has promulgated relevant policy standards to standardize, guide, and supervise the level of protection work. The information security grade protection is the basic system, the basic strategy and the basic method of the national information security guarantee work [1]. Host security evaluation is an important part of information security level protection. Based on the deep analysis of host security, this paper designs the working procedure of host security evaluation and puts forward the concrete operation method of host security evaluation. The common operating systems and databases are checked from different control points, such as identity authentication, access control, security audit, residual information protection, intrusion prevention, malicious code prevention, resource control, etc. The accuracy and practicability of the evaluation method are verified by comparing the results with the specific requirements of information security grade protection. This paper first introduces the relevant knowledge and basic meaning of information security level protection, and then interprets the related standards, analyzes the model and characteristics of the standards. Then the control points of host security evaluation and the requirements of hierarchical protection are analyzed in detail; the working procedures and evaluation methods of host security evaluation are designed and verified with an evaluation example; finally, the full text is summarized and the future work is prospected.
【学位授予单位】:北京邮电大学
【学位级别】:硕士
【学位授予年份】:2016
【分类号】:TP309
本文编号:2370043
[Abstract]:In recent years, with the rapid development of information technology in our country, the process of information technology has been speeding up. Computers and information technology are widely used in various industries. The important industries and key departments rely more and more on information systems. However, the situation of information security in China is very severe, and the problems affecting national security and social stability on the Internet are increasingly prominent. In this context, the promotion of information security level protection is coming naturally. At present, the state has promulgated relevant policy standards to standardize, guide, and supervise the level of protection work. The information security grade protection is the basic system, the basic strategy and the basic method of the national information security guarantee work [1]. Host security evaluation is an important part of information security level protection. Based on the deep analysis of host security, this paper designs the working procedure of host security evaluation and puts forward the concrete operation method of host security evaluation. The common operating systems and databases are checked from different control points, such as identity authentication, access control, security audit, residual information protection, intrusion prevention, malicious code prevention, resource control, etc. The accuracy and practicability of the evaluation method are verified by comparing the results with the specific requirements of information security grade protection. This paper first introduces the relevant knowledge and basic meaning of information security level protection, and then interprets the related standards, analyzes the model and characteristics of the standards. Then the control points of host security evaluation and the requirements of hierarchical protection are analyzed in detail; the working procedures and evaluation methods of host security evaluation are designed and verified with an evaluation example; finally, the full text is summarized and the future work is prospected.
【学位授予单位】:北京邮电大学
【学位级别】:硕士
【学位授予年份】:2016
【分类号】:TP309
【参考文献】
相关期刊论文 前4条
1 靖小伟;于普漪;冯梅;杨治贤;;信息安全等级保护工作的研究[J];数字石油和化工;2009年Z2期
2 ;信息安全等级保护管理办法[J];电力信息化;2007年09期
3 ;《关于信息安全等级保护工作的实施意见》摘要[J];信息网络安全;2005年02期
4 王贵驷,江常青;信息安全要未雨绸缪[J];中国石油企业;2004年05期
相关硕士学位论文 前4条
1 张宏飞;S企业信息安全管理的策略和实施[D];北京交通大学;2015年
2 卿江萍;基于主机安全层的安全评估系统的设计与研究[D];贵州师范大学;2014年
3 张迎;基于安全终端的网络信息等级保护机制的研究与实现[D];南京理工大学;2009年
4 马军;等级保护制度在大型企业网络安全建设中的研究和应用[D];重庆大学;2008年
,本文编号:2370043
本文链接:https://www.wllwen.com/kejilunwen/ruanjiangongchenglunwen/2370043.html
