Research And Implementation Of Removable Devices Information Anti-Leaking System In Intranet

Removable Device (short for RD) gains rapid popularization because of its advantages of small size and large capacity. But RD also introduces a great deal of hidden dangers while bringing people with convenience. First, any of the RD to any individuals can be used in interior computers, and consequently cause the virus infection and spread. Second, Malevolent personnel works in one organization may replicate the significant interior information and thus causing the sensitivity and secret information leakage. Third, the information in RD generally stored with unencryption format, interior personnel can displace the data in secret terminal to the Internet-connected computers by using RD, and cause information leakage. Fourth, once RD is lost, sensitive data is out of control, which may cause a great loss.In view of the current security issues in the RD, design and realize a Removable Devices Information Anti-Leaking System in Intranet. The system uses C/S model, and establishes a three-tier system architecture consists of anti-outreaching server, department server and client. According to idea of protection inside-and-outside and multilevel security control, the system monitors the computer with RSM from the Internet and internal network respectively, and protects reasonably the confidentiality, integrity and availability of information in the RD.In the concrete realization, the system uses the idea of centralized management to tag every RD used interiorly, so prevents external RD from using in interior environment. The system ensures information security outside by using file system filter driver to encrypt data saved in RD. In KEY management, the bundled approach is adopted, every KEY is generated by RD tag and user password, so the data operated by different users in the same RD will not be leak to others. In order to ensure the communication security of client, department server and anti-outreaching server, the NDIS intermediate layer driver is introduced to intercept all the network packets and encrypt it. At the same time, intermediate layer driver also filters illegal packets to isolate network. To reduce the loss of network isolation broken, an anti-outreaching server is established on the Internet to monitor the illegal network connection, record and notice the connection records.Finally, testing the system functions and stability, and expatiate the inadequacies and further research.