信息安全运维审计模型研究
|
摘要
在电力工业与信息工业高度融合的进程中,信息安全至关重要。为了保障网络信息的机密性,信息系统网络中部署了多种安全防护技术手段,使得信息系统受到外部网络攻击造成的危害越来越少。为了保障系统业务的连续稳定进行,对系统内部风险的控制变得越来越重要。因此,信息安全运维审计的概念应运而生。根据电力行业信息安全对运维审计的需求,提出了运维审计的网络模型,研究了进行安全运维操作的理论及技术,并分析对比了基于旁路及基于代理的运维审计网络模型,对运维审计模型的访问及控制机制作了详尽的描述分析,进而降低电力行业内部的安全风险。作为信息安全建设中不可或缺的部分,信息安全运维审计在保障企业信息安全及完整中起到了至关重要的作用。
Information security is critical in the highly integrated process of the power industry and the information industry. To ensure the confidentiality of network information, variety of secure protection measures are deployed. To ensure stable operation of the system, the control of the internal risks also becomes more and more important. Therefore, the concept of information security operation audit comes into consideration. Here, we propose network model for operation audit according to the requirements of information security for operation in the power industry. To reduce the security risks in the power industry, we research the theory and technology of safe operation audit and analysis on the access and control mechanisms of the information security operation audit model. As an indispensable part of enterprise information security construction, operation security audit is an important part of the enterprise security system.
Information security is critical in the highly integrated process of the power industry and the information industry. To ensure the confidentiality of network information, variety of secure protection measures are deployed. To ensure stable operation of the system, the control of the internal risks also becomes more and more important. Therefore, the concept of information security operation audit comes into consideration. Here, we propose network model for operation audit according to the requirements of information security for operation in the power industry. To reduce the security risks in the power industry, we research the theory and technology of safe operation audit and analysis on the access and control mechanisms of the information security operation audit model. As an indispensable part of enterprise information security construction, operation security audit is an important part of the enterprise security system.
引文
[1] 张顺喜.运维安全审计系统[J].无线互联科技,2013(7):10.
[2] 崔文超.信息安全运维审计模型及关键技术研究[D].北京:华北电力大学(北京),2014.
[3] Helman P,Liepins G.Statistical foundations of audit trail analysis for the detection of computer misuse[J].IEEE Transactions on Software Engineering.1993(19):886-901
[4] 伍闽敏.建设企业计算机网络安全审计系统的必要性及其技术要求[J].信息安全与技术,2011(Z1):47-49.
[5] 刘慧蓉.网络安全审计系统的应用研究[J].中国教育技术装备,2013(18):28-29.
[6] Boulanger A.Catapults and grappling hooks:The tools and techniques of information warfare[J].IBM Systems Journal,1998(37):106-114.
[7] Richardson T,Stafford-Fraser Q,Wood K R,et al.Virtual network computing[J].Internet Computing,IEEE,1998(2):33-38.
[8] 辛晶.基于安全审计系统在网络安全管理中的应用[J].电子技术与软件工程,2017(21):185.
[9] 屈红军,李之棠.利用TCP/IP特性阻止对操作系统的探测[J].信息安全与通信保密,2004(4):31-33.
[10] 张国梁,郭晓军.高校网络运维审计系统的应用[J].网络安全技术与应用,2016(12):131-132.
[11] 查义国,徐小岩,张毓森.在Web上实现基于角色的访问控制[J].计算机研究与发展,2002(03):257-263.
[12] 龚征,唐韶华.基于GFAC的安全服务平台的设计与实现[J].小型微型计算机系统,2006(9):1687-1691.
[13] 刘洪彬.非高斯过程故障检测与诊断方法研究[D].沈阳:沈阳理工大学,2014.
[2] 崔文超.信息安全运维审计模型及关键技术研究[D].北京:华北电力大学(北京),2014.
[3] Helman P,Liepins G.Statistical foundations of audit trail analysis for the detection of computer misuse[J].IEEE Transactions on Software Engineering.1993(19):886-901
[4] 伍闽敏.建设企业计算机网络安全审计系统的必要性及其技术要求[J].信息安全与技术,2011(Z1):47-49.
[5] 刘慧蓉.网络安全审计系统的应用研究[J].中国教育技术装备,2013(18):28-29.
[6] Boulanger A.Catapults and grappling hooks:The tools and techniques of information warfare[J].IBM Systems Journal,1998(37):106-114.
[7] Richardson T,Stafford-Fraser Q,Wood K R,et al.Virtual network computing[J].Internet Computing,IEEE,1998(2):33-38.
[8] 辛晶.基于安全审计系统在网络安全管理中的应用[J].电子技术与软件工程,2017(21):185.
[9] 屈红军,李之棠.利用TCP/IP特性阻止对操作系统的探测[J].信息安全与通信保密,2004(4):31-33.
[10] 张国梁,郭晓军.高校网络运维审计系统的应用[J].网络安全技术与应用,2016(12):131-132.
[11] 查义国,徐小岩,张毓森.在Web上实现基于角色的访问控制[J].计算机研究与发展,2002(03):257-263.
[12] 龚征,唐韶华.基于GFAC的安全服务平台的设计与实现[J].小型微型计算机系统,2006(9):1687-1691.
[13] 刘洪彬.非高斯过程故障检测与诊断方法研究[D].沈阳:沈阳理工大学,2014.