证券公司面临的信息安全研究
摘要
自中国证券市场起步以来,信息技术与通信技术就在证券业得到了广泛应用。但信息技术,特别是网络技术的深入发展和应用,使得信息系统的安全问题日益突出。随着证券业在我国的迅猛发展,证券公司计算机网络渐趋复杂。由此,安全问题日益严峻,“证券黑客”、“网络瘫痪”、“传输中断”、“交易故障”一直困扰着证券公司的管理者和技术人员,严重损害了广大股民的切身利益,败坏了证券公司的形象。证券公司信息系统的安全问题成了一个迫在眉睫、急需解决的大问题。本文从技术和管理两个角度,以证券公司的信息系统安全建设为背景开展研究和设计工作。论文从系统的角度全面分析了证券公司内部网络系统所面临的各种安全风险,从单机、网络、系统、应用,以及管理等几方面,概要分析了证券公司信息系统所面临的各种安全风险。在此基础上,从证券网络安全性、行情服务器可采用的安全策略、数据服务器可采用的安全策略、交易系统可采用的安全策略、数据备份方案的考虑等几个方面对证券数据的安全进行设计和研究。针对证券公司现有系统作出了系统化的安全方案,包括应用防火墙技术、入侵检测技术和Windows 2000系统的安全机制作出的网络和系统平台、网络防病毒和系统备份方案。
Since Chinese stock market start, information technique and correspondence technique got the extensive application in the stock certificate industry. But information technique, especially technical and thorough development in network with applied, make the safe problem of the information system increasingly outstanding. Along with the fast fierce development in our country in stock certificate industry, stock certificate company the calculator network is gradually complicated. From here, the safe problem is increasingly rigorous," black guest in stock certificate"," the network paralyzes the "," delivers the interruption"," trades the breakdown" has been perplexing the governor of the stock certificate company with the technical personnel, injured seriously the large a people slice the body benefits, corrupting the company of stock's image.The safe problem of the stock certificate company information system an of the utmost urgency, need the big problem that resolve urgently.This text is from the technique with manage two angles, regard safe developments in system in information of the stock certificate company as the background open the exhibition research with design the work.The thesis analyzed internal network in company in stock certificate system an every kind of safe risk for facing completely from the angle of the system, from the single machine, network, system, application, and management etc. several aspects, the essentials analyzed stock certificate company information system an every kind of safe risk for facing.Here the foundation is last, from the adoptable and safe strategy in server in adoptable and safe strategy, data in server in safety, condition of the market in network in stock certificate, trade consideration etc. a few aspects of the adoptable and safe strategy, data in system backup project to the safe proceeding design of the stock certificate data with study.Aim at the stock certificate company the systematic now making a safe project for systematizing, include the applied fire wall technique and invade to examine the technique with the network that the system of Windows2000 safe mechanism make with system terrace, the network defends the virus with the system backup project.
Since Chinese stock market start, information technique and correspondence technique got the extensive application in the stock certificate industry. But information technique, especially technical and thorough development in network with applied, make the safe problem of the information system increasingly outstanding. Along with the fast fierce development in our country in stock certificate industry, stock certificate company the calculator network is gradually complicated. From here, the safe problem is increasingly rigorous," black guest in stock certificate"," the network paralyzes the "," delivers the interruption"," trades the breakdown" has been perplexing the governor of the stock certificate company with the technical personnel, injured seriously the large a people slice the body benefits, corrupting the company of stock's image.The safe problem of the stock certificate company information system an of the utmost urgency, need the big problem that resolve urgently.This text is from the technique with manage two angles, regard safe developments in system in information of the stock certificate company as the background open the exhibition research with design the work.The thesis analyzed internal network in company in stock certificate system an every kind of safe risk for facing completely from the angle of the system, from the single machine, network, system, application, and management etc. several aspects, the essentials analyzed stock certificate company information system an every kind of safe risk for facing.Here the foundation is last, from the adoptable and safe strategy in server in adoptable and safe strategy, data in server in safety, condition of the market in network in stock certificate, trade consideration etc. a few aspects of the adoptable and safe strategy, data in system backup project to the safe proceeding design of the stock certificate data with study.Aim at the stock certificate company the systematic now making a safe project for systematizing, include the applied fire wall technique and invade to examine the technique with the network that the system of Windows2000 safe mechanism make with system terrace, the network defends the virus with the system backup project.
引文
[1] 信息系统安全防护体系研究/叶明芷—《北京联合大学学报》,2004/06
[2] Novell环境下的入侵检测系统的实现/汪星—《计算机与现代化》,2003/11
[3] 网络安全概述/山秀明、任勇—《中国工程科学》,2004/01
[4] 信息安全的现状与若干进展/冯长根、刘振翼—《安全与环境学报》,2003/02
[5] 网络安全原理与应用/张世永总编—北京:科学出版社,2003
[6] 入侵检测系统面临问题与发展趋势研究/濮青—《计算机工程与设计》,2004/01
[7] MCSE:Accelerated Windows 2000 Study Guide[美]/Michael Chacon—电子工业出版社,2001
[8] 数据库安全技术问题探讨/刘军、肖军模、张磊—《军事通信技术》,2003/03
[9] 对Web-Server安全的分析、设置 及针对入侵者的安全策略/刘昌勇—《网络安全技术与应用》,2004/06
[10] Web网站安全技术研究/卜胜贤、李鹰—《微机发展》,2004/05
[11] Novell网的安全策略研究/张克友、聂规划—《电脑开发与应用》,2001/10
[12] 企业网络安全策略与管理/朱堂全—《中国传媒科技》,2004/01
[13] 网上证券交易安全解决方案/姜灵敏、徐朗明—《计算机工程与应用》,2002/06
[14] 网络安全的现状及策略/吴亚青—《前言》,2004/01
[15] 系统安全漏洞研究及数据库实现/翟钰、张玉清、武维善、胡建武—《计算机工程》,2004/04
[16] 安全漏洞与网络攻击/刘军、郭建平、肖军模—《军事通信技术》,2003/09
[17] 中国安全漏洞分析/胡英、申发振—《信息安全季刊》CN11—0132,2004/06
[18] 加快灾难备份系统建设步伐,确保企业业务连续运作—《网络安全技术与应用》,2004/05
[19] 浅谈证券行业数据备份系统的实现/贺红、汪笃荣—《企业技术开发》,2004/01
[20] 灾难备份的安全保护—《信息安全季刊》CN11—0132,2004/09
[2] Novell环境下的入侵检测系统的实现/汪星—《计算机与现代化》,2003/11
[3] 网络安全概述/山秀明、任勇—《中国工程科学》,2004/01
[4] 信息安全的现状与若干进展/冯长根、刘振翼—《安全与环境学报》,2003/02
[5] 网络安全原理与应用/张世永总编—北京:科学出版社,2003
[6] 入侵检测系统面临问题与发展趋势研究/濮青—《计算机工程与设计》,2004/01
[7] MCSE:Accelerated Windows 2000 Study Guide[美]/Michael Chacon—电子工业出版社,2001
[8] 数据库安全技术问题探讨/刘军、肖军模、张磊—《军事通信技术》,2003/03
[9] 对Web-Server安全的分析、设置 及针对入侵者的安全策略/刘昌勇—《网络安全技术与应用》,2004/06
[10] Web网站安全技术研究/卜胜贤、李鹰—《微机发展》,2004/05
[11] Novell网的安全策略研究/张克友、聂规划—《电脑开发与应用》,2001/10
[12] 企业网络安全策略与管理/朱堂全—《中国传媒科技》,2004/01
[13] 网上证券交易安全解决方案/姜灵敏、徐朗明—《计算机工程与应用》,2002/06
[14] 网络安全的现状及策略/吴亚青—《前言》,2004/01
[15] 系统安全漏洞研究及数据库实现/翟钰、张玉清、武维善、胡建武—《计算机工程》,2004/04
[16] 安全漏洞与网络攻击/刘军、郭建平、肖军模—《军事通信技术》,2003/09
[17] 中国安全漏洞分析/胡英、申发振—《信息安全季刊》CN11—0132,2004/06
[18] 加快灾难备份系统建设步伐,确保企业业务连续运作—《网络安全技术与应用》,2004/05
[19] 浅谈证券行业数据备份系统的实现/贺红、汪笃荣—《企业技术开发》,2004/01
[20] 灾难备份的安全保护—《信息安全季刊》CN11—0132,2004/09