| Information security is an important issue in the area of information system, and security architecture is the support frame to build a safe information system as well as the important guide of information system security management. As a special information system established by high-level security requirement department, scientific and technological information system(STIS), which plays an important role in practice, needs scientific and systemic security architecture to guide its management and operation safely considering the constant development of system.In this paper, based on the previous research and practical work, we study theoretical and technological issues about the security architecture of STIS and, combined with the characteristics of STIS, analyze the main functions, hierarchy, architecture of software and hardware and the network design of STIS beginning with its architecture. Based on the above, we analyze the security requirements and propose the security principles of STIS, then establish a security architecture model with secure application environment as its main body. For applying the model to STIS, we propose a series of security improvements of application service platform, Web service and Window OS, and deploy an intranet security protecting system based on waterbox to make the system meet the national standard GB17859 Level 3 and ensure the security objectives that no undermining to the"confidentiality, integrity, availability"of the system. |
PDF Full Text Request