With the development of information technology, many enterprises and corporations have their own Intranet, which makes information transmission more flexible and rapid and improves people's work efficiency. However, the problem of information security of Intranet also emerges. Threats such as hacker, virus and troy horse from outer networks were widely concerned by public. However, according to the investigations of authoritative institutions, main security threats come from intranet and most information leakiness are caused by internal staff. In this background, an access control system of intranet is proposed in this paper, aiming to solve the problem of information security of intranet.The functions need to be implemented in the system and the outline design of the whole system are introduced. The system adopts C/S architecture, and the server monitors and configures the clients. According to the functions which the client needs to implement, the client is divided into five subsystems: communication and login subsystem, network access subsystem, file access subsystem, process access subsystem and peripheral access subsystem. Their outline designs are completed in this paper, respectively.Aiming at the threats from peripherals to the information security of Intranet, the access control subsystem of peripheral is designed and implemented. Firstly, existing techniques used in the access control of peripherals are analyzed. Then, the access control of common interface and peripheral and the file access control of storage device are implemented in this subsystem based on the registry control technique and filter driver technique. This subsystem efficiently restrains the behavior of information leakiness through peripheral, and thus insures the information security of Intranet. |