| As the Internet being highly used, more and more attention has been paid to network and information security. In network security most commonly used methods include installing firewall, IDS, or setting the access control on network devices such as switch or router. But hackers still can get into the network by any means, which is a great threat to the network and information security.This paper firstly discusses about the principles, protocols, and models of network management and information security, espatially mandatory access control, Windows file filter driver and network management based on SNMP. It designs and implements Active Network Security Monitor System (ANSMS) for company network, including the Mandatory Access Control Monitor Subsystem (MACMS) and Illegal Connection Monitor Subsystem (ICMS), system which has been proved useful by experiments.Mandatory Access Control Monitor Subsystem (MACMS) uses mandatory access control, implements a new access control model which takes advantage of both Bell-Lapadula model and Biba model, protects the information confidentiality and the integrity of system resources. MACMS uses Windows file filter driver program to intercept I/O request actively, and uses self-design model to set the accessory or authority of particular processes, implements mandatory access control. Further more, it uses the IDS which to detect illegal users or processes.Illegal Connection Monitor Subsystem (ICMS) uses simple network management protocol (SNMP) to get information of the network devices such as router and switch, in order to supervise the status of the network and the connection status of the computers operating in a network. By binding IP, MAC and PORT together and using detection algorithm, it can discover and close the illegal connection, which has been proved by experiments. |
PDF Full Text Request