【作者】 齐剑雄；

【导师】 袁东风；

【作者基本信息】 北京邮电大学 ， 信息安全， 2013， 硕士

【摘要】 从1994年开始,我国在信息安全的领域里面已经慢慢逐步建立起来等级保护制度,并在实践中逐步制订了相关法律法规已经相关等级保护的技术标准。随着等级保护制度在各行各业中进一步的推进,等级保护中所要求的安全巡检作用也越来越重要。安全巡检为等级保护工作在安全运行与维护工作中对系统进行整改设计提供了数据和依据。现在企业的网络环境中,加入了越来越多的安全设备,虽然安全设备的数量不断增加,但这并没有使得网络安全问题得以有效解决,并且系统资产数量庞大,对系统进行安全巡检变成了很复杂的工作。为了能够对单位信息系统中所有设备进行统一的管理,我们提出了来“统一安全巡检管理平台”的研究与开发工作,它是一种在等级保护的要求下进行安全巡检的好办法。统一安全巡检管理平台采用分布式部署,数据采集代理被部署在客户单位的网络中对信息系统的资产进行数据采集,之后将收集完成的数据回传到安全巡检管理中心进行数据处理,计算客户单位的安全评估风险值,让进行巡检的客户单位能够看到自己信息系统安全状况。能够高效、并且对被采集系统不造成任何负担的数据采集十分重要,并且不能只针对与小规模简单信息系统,也要能够对复杂的信息系统完成安全巡检。于是,本文设计了一种分布式的数据采集框架结构,可以在面对不同的结构和规模下的信息系统进行安全巡检。本文在针对统一安全巡检管理系统进行了分析和研究之后,以WMIC为核心采集技术,完成了数据采集代理的设计和实现工作。在之后又做了进一步的研究,对之前提出的分布式数据采集框架中的组件间通信、风险评估进行了分析和设计。最后该框架能够在不同的网络环境中使用,并且可以灵活的扩展,并能在安管平台进行统一的管理。更多还原

【Abstract】 Since1994, in our national security field Classified Protection has been established, as the establishment of Classified Protection, a lot of work has been carried out by government, and some policies, technical standards also have been issued. As the improvement of classified protection in all kinds of industries, safety inspection based on information system classified protection has become more and more important. Safety inspection provides the data and the basis for system corrective actions designed in safe operation and maintenance work of the classified protection. In the enterprise network environment, more security devices have been put in. But the amount of security devices do not fix up the network security problems, because of they have a big number, so inspect all of the devices become a hard and complicated work. To unified manage all of the devices in the enterprise network environment, we propose research and development of Unified Safety Inspection Management Platform(USIMP), USIMP is a good way to solve the information system network security problems.USIMP adopted distributed deployment, data collection agents deployed in the enterprise network environment, after the collection, all the data will be transferred to USIMP. USIMP will calculate the data and figure out the risk-value, so the enterprise could realize the safe condition of the information system. Efficiently data collection without making a burden to the collected devices is important, and data collection agents should be able to inspect the more complicated network environment. So, we present a distributed agent framework for data collection which could be used in different sizes of network environment.This paper designed USIMP,and finish up the data collection agents taken WMIC as the core collection technology. Then do the future research, analysis&design the communication between components and calculate the value of risky in the distributed framework of data collection. At the end of the paper, the distributed framework could be used in different network environment, expanded flexibility, and managed unified.更多还原