【作者】 唐洪玉；

【导师】 崔冬华；

【作者基本信息】 太原理工大学 ， 计算机应用技术， 2008， 硕士

【摘要】 目前,通信行业信息安全形势严峻,在层出不穷的病毒、木马、黑客等的攻击下,在人为差错与事故连锁灾害的影响下,网络运营同样存在遭遇类似“911式”恐怖活动的毁灭后果。通信网络和业务系统服务的中断、瘫痪,甚至那怕就是计费系统的失误或信息泄漏,都可能会给整个社会带来不可弥补的损失。通信行业的信息安全问题的分析和解决,是各大电信运营商稳定发展的关键问题之一。电信支撑系统作为企业管理、快速开通业务、及时保障业务、优化管理网络资源的重要手段,越来越受到电信运营商的重视,在企业发展中扮演着越来越重要的角色。如何建立信息安全体系,对电信支撑系统进行有效保护,也就显得尤为重要。DCN网(Data Communication Network)作为某电信运营商支撑系统的唯一的承载网络,当前承载了大客户管理系统、客服系统、联机计费采集系统、IP综合网管系统、交换接入网综合网管系统、新九七系统等20多个业务系统,其安全性非常重要,信息安全体系的建设迫在眉睫。如何保障DCN网以及所承载的信息系统安全可靠的运行,成为关系到该电信运营商整个业务运营的重要课题。本文以该电信运营商的支撑系统为对象,以DCN网络及其所承载的业务系统为主要载体,围绕其信息安全体系建设进行了研究。首先,在对现有的信息安全体系模型深入研究的基础上,结合该电信运营商的支撑系统的实际情况,参照国际和国内的安全标准和规范,充分利用成熟的信息安全理论成果,提出了一种改进的适合电信支撑系统的信息安全体系模型——POO-PDRRA模型,简称P02P模型。同时,以DCN网络为核心,以信息化资产为主线,针对网络和系统中存在的脆弱性和威胁,进行了电信支撑系统的安全评估。通过评估,获得了安全漏洞报告和安全风险报告,并在此基础上形成了支撑系统安全现状报告。最后,依据安全评估结果,明确了安全需求,以POO-PDRRA模型为理论基础,采用P-PADIS-T安全服务模型方法论,进行了由信息安全策略体系、组织体系、运作体系和技术体系四部分构成的电信支撑系统安全体系的构建,并对POO-PDRRA信息安全体系模型的应用效果及其优势进行了分析和讨论。更多还原

【Abstract】 The situation of information security in the communications industry is very grim at present. With the emerging of viruses, Trojans and hacker attacks, the communication operations also have encountered the destruction similar to the consequences of "911" terrorist activities. Artificial mistakes and a series of accidents can also lead to calamity. The interruptions, paralysis of the communication networks and business systems service, and even the errors of the accounting system or information leakage, may give the whole community irreparable loss. To analyze and solve the information security problems in communications industry has become one of the critical issues for a telecom operator’s stable development.As a significant means for enterprise management, rapidly business opening, timely business protecting and optimizing the management of network resources, the telecom support system has been emphasized increasingly by telecom operators, and has played a more important role in the enterprise development. How to establish an Information Security System and to give the telecom support system more effective protection become particularly crucial.DCN Network (Data Communication Network), as a unique carrier network for a provincial telecom operator’s telecom support system (also known as the IT systems, information systems), carries more than 20 support systems such as Major Customer Management System, Customer Service System, on-line Billing Acquisition System, IP Network Management System and Integrated Network Management System. The safety of the systems is very important, so building an Information Security System becomes extremely urgent. How to ensure the security of the DCN network and information system over it becomes a critical issue for the whole business operation of the telecom operator.The research on building the Information Security System was carried out, taking the telecom support system of the telecom operator as object and using the DCN network and information systems over it as the main carrier.On the basis of study of the Information Security System model, according to the actual situation of the telecom support system, in the light of domestic and international security standards, making full use of information security theories, an improved Information Security System Model- POO-PDRRA Model, which fits the telecom support system, was developed. The PO2P Model is the short for POO-PDRRA Model.The security assessment for the telecom support system was held, which was about the DCN network and the information assets of the information systems over the DCN, and aimed at the vulnerabilities and threats in the network and systems. Based on the results of security assessment, a security status report on the telecom support system was written.The security requirements are defined on the basis of the security assessment results. According to the POO-PDRRA Model, using P-T-PADIS security service model methodology, the Information Security System was built, which consists of security strategy system, security organization system, security operation system, and security technology system. The effects of application and the advantages of the POO-PDRRA Model were discussed and analyzed.更多还原