| With the development of computer technology, in particular the development of network technology, computing systems have evolved from stand-alone mainframe to complex, interconnected open systems, and this evolution has led to a proliferation of network security problems. Meanwhile, this has resulted in an increased difficulty in designing and implementing reliable security protection mechanisms. As the last line of a security defense, Network Security Audit System should be one of the most important components of a security defense system. Therefore, the research and development of Network Security Audit technology is of great realistic significance. For this purpose, the paper presents an agent-based multilevel Network Security Audit System with distributed architecture, which can achieve overall management of the network.Firstly, the paper expounded the importance and uniqueness of network security, the root of the safety problems, and the corresponding security model. Safety evaluation standards are as follows: 1. USA TCSEC (orange book), were enacted by the United States Department of Defense in 1980s. It was the first principle of Safety Information System. It divided the safety into four areas: security policy, accounting, safeguard and files. 2. European ITSEC. At the beginning of 1990s, Britain along with France, Germany and Holland put forward the "Information Technology Security Evaluation Criteria" (ITSEC) including the concepts of confidentiality, integrity and Availability. 3. Canada CTCPEC. Canada released the "Canadian Trusted Computer Product Evaluation Criteria" (CTCPEC) in 1993, which synthesized TCSEC and ITSEC. 4. USA Federal Guidelines (FC). The United States issued an interim standard, "Federal Information Technology Security... |
PDF Full Text Request