| Internet has being more useable in our lives because of E-govermment and E-commerce. There are lots of ineluctable problem which in software make the network unsafe. Economic loss caused by computer security misadventure is larger than it caused by other tradition economic cases. Two teams of China accept and execute the tasks assigned by Chinese government for constructing information security of China across-the-board, they execute risk evaluation in whole country year by year and intensify the work.Aimed at the disadvantage of products in industry, combined with concrete request of daily risk evaluation, design the automatic security evaluates system for evaluator to do jobs. By analyzing information security risk evaluation, summarized the character and fundamental of it. Design the atomic security evaluate system by analyzing steps of risk evaluate and referring to the method of risk evaluate used. The innovation of this article is general risk evaluate, it contains vulnerability scanning based on network and host-based viciousness codec scanning based on eigenvalue and file integrality.Main jobs:1. Concept of risk evaluate were researched, the character and fundamental of risk evaluate were summarized, the main steps of risk evaluate were explained particularly. These composed the frame of reference.2. The fundament and features of vulnerability scan technology were researched, the author also analyses the develop trends, and classify the security scanner systems, analyses the commonly system structures. Then, the security scan technologies based on host and network were further researched, and the contrast of these two technologies.3. In addition, technology of identify operating system was researched, including old technology and TCP/IP stack. And analyzing the add-ons-based network scan technology and general virus scan technology.4. Based on the above, designed the atomic security evaluate system, advancing full request, designed the main module and structure of this system.5. Designed the server of this system. Designed the network scan module.6. Designed the client of this system. Designed the important module, which does virus and file integrity check scanning. Designed information collecting module, and implement some of them. Explained the main function of security tools.7. Main task which is responsible for author in the project is proposing requirement, and make sure the specific need and risk assessment function is to meet the requirement, and to ensure that the relevant functional tools is implemented credibility. But author did not do any work about coding. |
PDF Full Text Request