| With the fast development of the information system and its appliance, many branches and institutions including government, army and enterprise all build all scales of intranet as the platform of inner information sharing and automation of office business. There are much secret information about the branch and institution stored in such intranet. Once the information leaked, the reputation was ruined or there are even worse consequences. So protecting the data information in intranet from attacking becomes the important research project in the information security fields. The traditional security methods, such as firewall, IDS, anti-virus, bug-scan, have remarkable effect on the attack from hackers in internet, but have no effect on the threat from intranet, especially on the data information leaking in intranet.Firstly, this paper introduces the background and the situation for the related research, points out the meaning of the research work. Secondly the paper enumerates the security threats for the data in intranet in detail, especially analyses deeply into the network communication threat and the hardware devices management crisis of terminal computers in intranet, then presents the scheme of solving these two main problem and for each the paper designs and implements the network communication encryption component and the ways of hardware devices management in terminals. Lastly the paper tests the functions and performances of the two components in details.Here are the main works of this thesis:1. The paper researches enumerates the prevalent security problem intranet date faces, especially analyses the network communication threat and hardware devices management crisis in terminals in intranet, and for the sake of solving the network communication threat and the hardware devices management crisis, the paper presents the secure ways of intranet data management.2. For solving the network communication threat, the paper designs the network communication encryption component and implements it in the form of filter driver in NDIS architecture, and the result of the test shows that the component can achieve the purpose of network isolation and network security communication.3. For solving the crisis of hardware devices management, the paper do deep research on the ways of controlling the devices in kernel level of Windows, and points out the ways of devices controlling based on IRP filtering then implements it in the form of filtering driver through which we can enable or disable the hardware devices in terminals efficiently and efficaciously.4. Expounds the idea of design and implement for the secure communication scheme and device control scheme, and solves all kinds of problems in the practical project. |
PDF Full Text Request