| The security of the information system is a matter of system, past experience and lessons indicate that if not considering establishing the system of safety standard of information system, it will often cause such problems as incompleteness of the whole function, some weakness parts, redundant of part function, low efficiency, difficultly assessing, not adapting demand and technology change, difficultly operating each other. With the constant enlargement of the scale of computer information system and constant development of the information security technology, in order to strengthen the design, development, use, assessment and management of the security system of computer information system, the security system of computer information system should be systematized understood and be carried on standardized construction. Therefore, it is necessary to set up the unified security system model of computer information system and implementation standard, standardize the security system construction of the computer information system, and then build the security counter measures system of computer information system in our country.The thesis having introduced the concept origins and research current situations of the security system structure of information system; On the basis of security system model, having proposed such definitions as security tactics based on internet, facility and host computer tactics; Having explained how to solve safe problem from systematic aspect, that is to comprehensively consider the problem from system structure. Having discussed the characteristic of the security system structure of different kinds of information systems, having analyzed the key component element of the security system structure of information system. Having introduced present and popular security system structure and relevant theories in detail, have analyzed its strength and weakness, having designed a security system model and the validity that a model uses in a system.For the deficiency of security system model of computer information system and implementation standard, the work that this thesis does is concentrated on mainly: (1) Having designed a security system model in common use that is based on building security tactics layer, administration layer, technology layer and training layer. It is based on P2DR model, and integrates four layers including security tactic, security management, security technology and security training into a dynamic model. Building a set of well-running information security system from systematic angle.(2) Having proved the usability of the security system model in common use through doing case study and the validity that a model uses in a system.In information age, it has essential strategic meanings for any enterprise to establish the system of security of the information system. The security of information system is a permanent matter. Only the security measure is continuously improved, can the running of the security system keep normal and the dependability of system be improved. |
PDF Full Text Request