Control Protectiontechnique Research And System Design Based On Terminal System

With the rapid development of enterprises and institutions information construction, the security problems of end system attache much importance. However, these phenomena such as illegal external Link,illegal copy,access to intranet without authorization are a serious threat to inner network security.My research, based on network security theory, is aimed to design a complete and effective program about control to end system by using key technology of operation system,network protocol analysis technology,kernel Interception and control to peripheral device.It is guided by information security of end system and the core is the control technology. The program stresses on the self-protection technology on anti-delete and anti-reinstall.Firstly, this paper simply introduces the importance of information security in inner network and its development status, analyzes tecnology characteristics about the mainstream of security management products and gives a general structure about inner network's terminal control system which is aiming at the problems of the products. In addition, to protect the client software not to be deleted, much attention is payed to the self-recovery technology.About the designation of client software in the end system, client can accept security policies developed by server which control the end system from the following six aspects such as bootstrap terminal,booting of operating system,loading of the operating system kernel,system drive,system call and system application. All the above is to make the client's actions which include network access and use of local and network resources controllable.About the designation of the self-protection function in the end system, after analyzing the booting process of Windows Operation System, aiming at the Inherent defect of the process, this paper proposes a method that the boot module of the client management program are written into the zero-track hard disk, the MBR file are modified to change startup process and during the booting the kernel is modified real-timely. This method has such functions as dynamic detection,recovering the client management program which is deleted or modified maliciously. Therefor, it can improve the security and survivability of the program so as to improve the security of the host access to inner network.