| Computer technology has now been applied widely to more and more fields,and more and more important information are required to be stored in informationsystems connected with Internet. Various invasions appear frequently for purposeof benefits, which makes the information security to become more serious. Aneffective Global Security Management Platform is needed to record its ownbehavior and related network events in view of the logs generated by variousdevices in the computer network system. To strengthen the management andauditing of these log records can effectively prevent and find illegal behaviors andalso provide the basis for obtaining evidences, tracing and establishing the system.Security auditing work is an important part of safe operating system and one of themost important jobs in many links of safe operations, and it is of very importantsignificance in ensuring the correct implementation of safe operating systems,supervising the normal operation of the system and establishing the invasion testingsystem, and so on.The complex strategy is used to uniformly monitor the screening of auditingrecords and build a distributed log monitoring and security auditing platform inaccordance with the characteristics of existing auditing system, including, lack ofplatform extensiveness and real-time property, and lack of dynamic intelligentchange of auditing record screening. Main contents discussed in this paper are asfollows:a. sort out the scope and business processes of the auditing system andestablish a logic model of safe auditing processes based on the basic theory ofsecurity auditing and in combination with the business characteristics of securitydesign system;b., determine the construction ideas of auditing system based on thepreliminary need analysis and through collecting, aggregating, analyzing andstoring the logs; propose the overall architecture of the platform based on thetechnically mature MVC hierarchical architecture;c. design and develop the core module based on the system framework anddevelop the strategy-based intelligent auditing system of united security platform toensure the security and stability in the network, warn the hacker attacks and virus infections and the abnormal status of operating system and network devices in thenetwork in advance and meet the application needs of the user for the networkservices;d. the complex strategy is proposed in this paper to uniformly control thescreening of audit records to greatly enhance the auditability of the audit data andimprove the auditing accuracy and efficiency.The strategy-based unified security platform intelligence audit system hasnowadays been put into operation to achieve the real-time early warning of theauditing warning information, which has realized the intelligence auditmanagement and improved the effect and benefit of business system securitymanagement and produced a better economic and social effect. |
PDF Full Text Request