Design And Implementation Of Security Level Conformance Verification Platform For Information Systems

In recent years, as the informationization progress developing, all kinds of security problems associated with information system have been exposed. Hostile attacks aiming at computer information system belonging to governments or enterprises take place frequently, which greatly endangers national security and social stability. To deal with such problems, our nation proposes requirements for providing classified protection to information systems and sets classified protection as a basic system for national information security protection. The government issues a series of standards and laws to promote the process of the national classified protection system. Until now, the classification and record of national important information systems have been finished. The entire process is in the stage to construct and rectify the classified protection. The test and evaluation stage will face challenges like heavy work load, lack of unified specification and shortage of inspection tools.To solve these problems with classified protection, this paper researches on the available methods and technologies of information security test and evaluation. The research combines the current situation of classified protection, establishes an indicator system set for conformance verification, designs a few tools for security function check, implements Fuzzy Synthetic Evaluation and finally realizes a classified conformance verification and management system, which greatly improves the efficiency of verification. The accomplishments of this paper could be divided into following aspects:1. Establishes a model for conformance verification indicator. Based on sufficient analysis of the relative national standards, a set of verification rules is set up. The Fuzzy Synthetic Evaluation is innovatively applied into the conformance synthetic evaluation process. 2. Researches on requirements and implementations of object reuse, proposes detection methods for object reuse based on disk rewrite detection and designs a detailed process for this method.3. Analyzes requirements and implementation of data secrecy, designing and implements detection tools for data secrecy based on randomness test.4. Designs a framework for classified conformance verification system and implements the management platform for the system. The management platform treats the verification rules and the tool set as public resources and manages the verification of multiple information systems simultaneously. It is able to autonomously produce a program for verification, synthetically analyze the results and generates a synthetic evaluation of the system.