Research On Security Architecture Model Of Intranet And Prove

With the rapid development of computer network and communication technologies, the Internet is playing more and more important roles. Intranet is an internal network that is developed by the enterprises, organizations, and institutions with related technologies used by Internet. Intranet is an application extension of the Internet technologies in enterprises, organizations, or institutions. Though the TCP/IP protocol used by Internet is extremely successful in building communications, it lacks adequate consideration of safety aspects of networking. As a result, Intranet also has similar safety issues.Many enterprises, organizations and institutions have now built Intranets. While the Intranet users are enjoying the benefits, they also find the high security threats and risks that the Intranet is facing. Such concerns are due to the facts that there are much confidential information and data in the Intranet and that the Intranet infrastructure is susceptible to damages caused by fire, earthquake, and radiation. In order to protect the confidentiality of the information and to preserve the integrity and availability of the data, it is necessary to establish an effective security system based on characteristics of Intranet by integrating the network security technologies.There are some researches, either domestic or abroad, focused on the intranet security architectures. But many of these researches merely aiming at the solutions of the security issues occurred in the practice, and some proposed and upgraded the security models to implement. But none of these researched ever proposed a model which can guaranty the safety of the internet, since the hakers can enhance their capability in a very short time based on the opening and sharing environment on the internet. In this thesis, I analyzed the characteristics and security implication of Intranet with regard to the drawbacks that exists in the research of Intranet security architecture. I outlined the vulnerability of Intranet, the security threat as well as security requirement and security framework that we should follow. I also studied the universally adopted Information Assurance Technical Framework (IATF), and the related theory in Information System Security Engineering (ISSE). I analyzed the security technology system, provided the principle structure of each security technology and discussed firework technology, hacker detection technology, hole scanning and physical isolation technology, detection and security technology of refusing service, virus prevention and virtual LAN technology as well as lists the principle architecture of each security technology. I also investigated the security management system of Intranet, focusing on security management, security strategy, and security assessment. Such study laid a foundation for future intranet security models. I propose a security framework model by combining the facts and the aforementioned security technology and management system, adopting security architecture of Internet, applying IATF methodologies, and including security assessment into the Intranet security framework model.The thesis points out that security should abide by the idea that internal people of Intranet is the center. We should do work of personnel security and related management well, insist that both management and technology are important, apply multilayer mechanism(physical security,system security,network security,application security).The Intranet should be defended in depth and multilayer mechanism, apply all kinds of security mechanism to ensure information system security.According to the security architecture model presented in this paper, I designed a working scheme of Intranet information system security that subcategorizes the specific protection method into protection of network and border, protection of mainframe and network system security, transferring and backup of data and information security in the event of disaster and emergency response. I described in detail of every item, established a virtual Intranet environment, applied related attack tools and OPNET virtual software, simulated the potential internal and external attacks and completed virtual experiments. Through these experiments, I obtained different results under the condition of whether security framework protection exists or not, analyzed the load of Intranet and network performance, etc.. The study and analysis therefore proved the proposed security framework model.