The Research And Design Of The Network And Network Trust System Of The Private Office Network Of Construction Bank System Of Jilin Province

Along with the popularization of the internet technology and the application, the production and life of people has become increasingly inseparable from the network. Banking is also such as that. In order to improve the local and remote working efficiency, reduce the cost of communication and coordination, strengthen the sharing of information resources, major banks have set up their own office network.This article that takes the private network of Construction Bank System of Jilin Province as the main line, respectively, discussed the design and realization of network construction and network trust system construction of the private network.In the previous network construction,several departments of the same bank fight the enemy separately, and respectively form the local and metropolitan area networks of their own department, that cause duplication of equipments investment and serious waste. The wan between superior and inferior banks lack of unified planning and design, that causes the network structure is not reasonable and the upgrade and optimization is hard. Using the VPN technology, grasping the business demand of at all levels of bank in Jilin Province from the overall, unifing the planning and design, standarding allocation of IP address,port distribution,VLAN distribution, we can build the three grade backbone network from the province to county.Using VPN tunnel through the banks at all levels, we can meet the requirement of business isolation between different sectors, and meet the need to share resource among several departments, while using the NAT technology,we can provide internet services to the other bank supervision system and the banking system, and realize the network platform of the private network.The platform of the private network in addition to providing a unified network platform outside, the security of sensitive data information must also be considered. Using PKI to construct a unified network trust system platform, issuing digital certificates for the users and servers, providing electronic certification and electric signature service,we can guarantee the confidentiality, integrity and non-repudiation of the online working. Using the segment heterogeneous of IP address, NAT technology and so on, parting according to the function, the PKI system will be divided into different subsystems, which does not affect the stability of external service of PKI system, but also can ensure the security of the PKI system. Combined with VPN tunnels provided by network construction, we will expand the scope of services to the province at all levels of the CCB, and realize the network trust system construction of the private network of Jilin Provincial Construction Bank system.