Based Itbpm Campus Network Information Security Research

With the development of the internet, communication of the world is narrower, and the construction of information network is promoted, which leds information transmission and process across time and space constraints. Campus Network as a new style of the internet, which indictates the network development trends and prospects, no only provides a very convenient conditions for the teaching, office, research and other activities, but also provides a new perspective to rhe network security defense tools. But rhe development of the campus network is also a double-edged sword. With the increasing of the association between the local area networks and rhe outside world, more and more security problems is increasingly prominent. So we need take research security protection on campus network.Current research on information security management is using the popular standard ISO27002 to assess and manage the information system. But in the core of the ISO27002, there is no control on any one area or target weight distribution, resulting no basis for a standard on the 127 control objectives are weighted the different findings in making those risk assessments. Different people can get different results. So it needs to implement staff training, which increases the difficulty of implementation and the cost. Based of that, the paper uses the Information Technology Baseline Protection Mauna (ITBPM) to study on information security protection.This paper introduces the ITBPM which is the German national standards which can be the basis for IT security management system. It bases on the information assets, defying the threats of the system, then tells the security protections, which follows the process "assets-threats-control measures"to build the information security protection system. After the paper details the ITBPM, it compares the ITBPM with the ISO27000 series standards in the implementation process, content and application, points out that ITBPM has the significant advantages on security policy, simple management processes and low cost.This paper uses the campus network as research object, takes the engine room of Shaanxi Normal University International Business School as an example, using ITBPM standard analytical method to study. It uses the standard indentify the internal assets, analysis the security level to get the security protection measures, in order to solute the existing campus network information security, protect the continuity of the campus network.In order to prive that using ITBPM to build the security system can redeuce the risk effectively, the paper use risk assessment method. Compared with the risk values to make sure that using the ITBPM to build security system can redeuc the risk of the system effectively, the development of the engine room security policy can solve the room and guarantee the safety of long-standing business continuity.