【作者】 赵华；

【导师】 李小勇；

【作者基本信息】 上海交通大学 ， 计算机技术， 2008， 硕士

【摘要】 迅猛发展的信息技术已经把人类带入了信息社会。金融企业的发展对信息资源、信息技术和信息产业的依赖程度越来越大。在信息社会中,信息己成为人类宝贵的资源。然而,由于信息技术的发展而带来的网络系统的安全问题,正变得日益突出,并受到了越来越多的关注。因此网络安全己成为关系金融安全的重大战略问题。本文首先讨论了当前信息系统安全体系的理论,分析了信息安全的特性,信息安全的结构层次以及当前金融企业的安全环境。理论地研究和分析了相关的重要概念、安全策略,并总结了金融企业的需求和目标,然后详细介绍了目前广泛应用的信息安全技术的实现方式。在信息系统安全理论的指导下,基于对金融信息系统的需求和理论研究,本文提出了当前技术条件下的多层次金融信息系统安全体系及具体设计。该多层次安全体系将诸如访问控制、数据库安全、防火墙等技术与金融信息系统的业务安全需求有机地结合了起来。同时,文中还提出了体系中的安全管理办法和措施。本文所提出的方案已经初步在作者所在单位测试,基本满足了安全需求,实施效果良好。金融行业业务安全体系是保障金融行业业务正常进行的关键,也需要在业务实际运行过程中,不断地进行检验和完善,这正是作者长期要完成的工作。更多还原

【Abstract】 Rapid development of information technology has led human beings into an information society. The financial enterprises more and more rely on information resources, information technology, and the information industry. In the information society, information has become a valuable resource, but security problems that come with the expansion of the Internet are increasingly serious and noticeable. Now network security is a vital strategic issue of financial security.The up-to-date theory of information system security architecture is discussed in this thesis, and then the security environment of current financial industry, and the features, structure, layer of information security are analyzed. After theoretical research and analysis on financial information system security including important concept security policy related to information security, requirements and objectives of security of financial industry are concluded. The realization methods of information system security and widely employed information security enhancement techniques are introduced in detail.Under the direction of the theory of Information System Security, and based on these theoretical exploration and the requirement of financial information system, a multi-layered security architecture of the financial information system and a specific systematic security solutions in current technological environment are presented. That solution combines the computer technology, such as access control,database security, and firewall etc with security requirement of financial business in the financial information system well. And security management measures and regulations that are important in the whole security system have been put forward at the end of the thesis.The presented solutions are primarily tested in author’s company and fulfill the basic requirements of the security with good effect. The mufti-layered security architecture of the financial information system is a key to the financial business; it also needs sustaining checking and correcting during the running of the financial business. This is a long term process the author will accomplish.更多还原