Design And Implementation Of The Security Audit System Of A Server

With the the rapid development of computer and network technology, Modern department,financial institutions,military,enterprises and business organizations will come to depend more and more on the IT System, Information technology have come to pervade every aspect of our lives. With the Organization performed its functions normally highly dependent on IT system, it is increasingly important to guarantee the information and service security depend on the IT System. With the advent of improved security methods, ensure the security for the information system. Information security audit involves collect and evaluate the audit,it is the process evaluate that such as information system whether protect the assets of the security,maintenance of data integrity, audit system effectively realize the goals and the organization’s resources are effectively used. The audit process is urgently to how to improve audit quality and efficiency and better control audit risks.Through analysis the process of security audit, in full compliance with the audit requirement of the Ministry of Public Security,according to information security standards and relevant security service experience. Based on the development of software engineering management, realizes the audit server security audit system and shows programe analysis and design.This article describes following parts:1. First introduces the objective,related background, and development issues of security audit system. Describes our country how information security work was going in detail,the realize objective of automation audit system and practical significance.2. Introduces the security audit system, Expatiated on the server security audit system, the characteristics and the service.3. Analysis the security audit system,understand the requirments of the functions and performance.4. Confirm the architecture of the security audit system, and then describes implementation process of major modules in detail,such as server information,system information,basec information,process and patch,network port,audit policy,information protected,security policy,security option and OS services.5. The construction of the security audit system has been completed according to the design,including the friendly man-machine interface,and the major functional modules of effectiveness,audit, test module and generate report.6. Complete software test and performance analysis.Including three windows platforms,time and ip check modules, generate report content and xml format.