Computer Resources Based On Intranet Design And Implementation Of Safety Management Systems

Nowadays, many companies and universities use Intranet to construct their local area network, which brings a lot of efficiency and much convenience to resource sharing. However, there is a serious issue as to this technology: security problem of computer resource, which mainly refers to the leakiness of confidential E-documents. One typical example is employees can easily get access to such resource, and let out internal e-documents through the peripheral equipment or web connection, such as copying confidential information to certain storage equipment or using some web program to send out the confidential documents. Due to the importance of this problem, many scholars and researchers start to work on this recently.This thesis focuses on WDM (Windows Driver Model) and network packets intercept techniques based on Windows NT platform. Using those two techniques, this thesis builds an intranet resource security management system directly against the security problem of confidential intranet e-documents. Comparing with traditional ones, this system not only has simple structure, small resource consuming, and no privacy violating to Intranet employees, but also has two innovations described as follows:First, it designs an all-purpose filter driver framework of equipment, and controls usage peripheral equipments (such as USB Interface, Parallel Interface and Communications Port, Infrared Port, Floppy Driver, and CD&DVD Driver) of Intranet computers base on Windows NT platform in order to make some devices (such as USB Mass Storage Device) read only by analyzing the principle of its data transmission based on the filter driver framework.Second, it creates a filter driver framework on transport layer, and also implements network packets interception on Windows NT platform. On the other hand, according to the analysis of common application-layer protocol (such as HTTP, FTP and SMTP), it investigates the content of application-layer data from Intranet and makes judgment on whether those are confidential E-documents from the checking result. If the result turns out to be true, then sending out those documents will be forbidden. The system discussed in this thesis centers on the Windows NT kernel driver techniques. Thus it is much more secure and reliable. And the meaning of this system to fundamentally prevent Intranet employees leaking out confidential E-documents is therefore very obvious.