| With the development of E-government and information security technology in our country, in order to strengthen the design, development, implementation, evaluation and management of Security Architecture for E-government System (SAES), a systematic cognition and standardization construction should be made for SAES. Therefore, a uniform model for SAES and implemented standard must be set up to normalize the build of SAES and construct the security defense architecture for China E-government.Aiming at the disadvantages of the SAES model and implemented standards, we focus our work and research on some key technologies, such as SAES and Dynamic, Layered and Defense-in Depth(DLDD) model. The following contents are discussed in this paper.1. The risks and threats for the build of E-government network security is discussed in detail.2. Based on the study on the models for the security architectures of popular information system, a security model is presented, which is suitable for E-government of the one city. This model adopts the idea of defense-in depth security architecture of IATF3.0, at the same time it expands the three-dimension security architecture for computer information system, P2DR and APDR model for security architecture. So it is fit for the reality for the build of E-government.3. Considered the building practice of one city E-government, the idea of classified protection for border safety, region safety, node safety and center safety is presented, which is applied to the design and implementation of one city E-government network security.4. For considering the requirement of one city E-government, The total frame architecture of the Network Behavior Monitoring System(NBMS) is presented, and the detailed design of NBMS is also introduced. NBMS can realize the analysis, record, display and statistics of all kinds of network behavior, and control network behavior to a certain extent. |
PDF Full Text Request