Nowaday lots of coporations run their most important business application on the Unix platform on LAN. However, there are severe safety-risks in the management of the Unix platform on LAN. The article discusses the ways to prevent these safety-risks on the basis of P2DR model, a kind of dynamic information security model, Furthermore, presents the design and implementation of the SHTERM.Some key technology implementation combined in SHTERM are argued, such as SSO (Single Sign On) technology, the access policy of RBAC (Role-Based Access Control), the realtime auditing of the Unix shell command, and the SHTERM itself shell auditing based on LKM technology. Last, develops Web based configuration to provide easy management, and heartbeat checking module to provide high availability of the SHTERM device. |