【作者】 黄金义；

【导师】 石为人；

【作者基本信息】 重庆大学 ， 控制工程， 2002， 硕士

【摘要】 对计算机网络安全的研究，世界各国都非常重视，美国在网络安全方面的厂商已近600多家,成为美国Internet/Intranet/Extranet网络产业的重要组成部分。在国内，计算机网络安全问题也引起了极大的关注和重视，在病毒防治方面取得了很好的效果，但在防范恶意攻击上，成果极少。我国目前网络安全产品的研究机构和生产厂商不足70家，尚未形成规模和配套体系。本文对攀钢自动化公司的计算机网络进行了分析研究。攀钢自动化公司的计算机网络属于局域网，也是典型的企业网络。由于安全措施相当薄弱，经常发生用户恶意攻击和滥用网络的现象，迫切需要符合实际的安全措施。分析研究了攀钢自动化公司计算机网络的管理信息的保密性和安全性、网络内各用户计算机的安全以及防止病毒入侵等主要安全需求和主要安全威胁。本文阐述了基于OSI /RM计算机网络的体系结构。OSI/RM将计算机网络将网体系结构划分为应用层、表示层、会话层、传输层、网络层、数据链路层和物理层七个层次。在各个层次都有相应的网络协议支持，网络协议的存在主要依据于OSI/RM。根据使用协议、传输媒体和网络服务这三种基本因素的不同形式，将计算机网络分为对等网、基于服务器和企业网络三种类型。再根据地理范围，又分为局域网和广域网。基于计算机网络安全基本理论，结合OSI/RM，本文重点对计算机网络的漏洞、网络攻击的技术和手段进行了分析研究。发现计算机网络的基本技术和应用中存在许多安全漏洞。由此不可避免的带来计算机网络的安全问题。其中，网络攻击是最主要的安全威胁。网络攻击的各种技术和方法，都是企图利用系统的漏洞。在此基础上，本文提出了计算机网络的安全策略，提出了攀钢自动化公司计算机网络的安全措施，即管理措施、组建VLAN、数据备份、访问权限控制、合法用户自我防范、病毒防治以及制定应急处理方案，取得了较好的实际效果。由于网络安全的复杂性，防范措施的研究将是长期和复杂的任务，要做的研究还很多，本科题今后仍将继续进行研究。更多还原

【Abstract】 People all over the world pay much attention to the research on the security of the network. It is up to 600 manufactories on network security in USA. And the security of the network has become an important part of the Internet/Intranet/Extranet network industry. In China, the security of network is also regarded, and the researchers get good effect on anti-virus, but they can seldom break through on vicious attack. There are less than 70 manufactories and instruments on security of network and the network industry have not come into great scale and system in China recently.In this paper, the author analyzed the network in automation department of PanZhiHua iron & steel company (PanGang Automation company). The network in PanGang Automation company is LAN, also is typical enterprise network. The vicious attack and misuse network occurred frequently because of the weakness of the security of network. So establish a set of security measure become urgent. Besides, the author researched on the privacy and security of the manage information, the right of users of network, the need to prevent from the virus and the menace to the network security in PanGang Automation company. This paper expatiated the structure of the network system based on OSI/RM. OSI/RM classify the structure of the network into application layer, presentation layer, session layer, transport layer, network layer, data link layer and physical layer. There are correspond protocols in every layer, and the network protocols come into being according to OSI/RM. We can classify the network on other different standard. For example, we can classify the network into peer-to-peer network, network based on server and enterprise network according to the different protocol, transmission media and network server. And we also can classify the network into LAN and WAN according to the different region. According to the basic theory about the network security, combined with OSI/RM, this paper lays emphasis on the resea}rch which contains the leak of network, the technique and means of the attack from network, and finding some security leaks existing in the basic technique and application behind the network. So, a lot of security problems inevitably come up. For example, the attack from the network is the main threat of security, while the network attack uses all kinds of technique and means with the purpose of using the leak of the system. Based on this, this paper provides a security strategy related on network, and gives the security measures for the network in PanGang Automation company, they are management measure, organization VLAN, data backup, limiting authority of access, the self-protection of legal user, prevention and cure of virus, and the emergency process plan. In these fields, we obtain much practical effect. Because of complexity of security on network, the research about the protective measures is a permanent and complex task, we have a lot of research to do, this task will continue to be discussing in the future.更多还原