Research And Application Of Security Domain Divisionof Information Systems Based On The Ontology Modeling Technology

Along with the process of information construction in our country, there are moreand more enterprises using the information systems to realize many aspects as theconstruction target, such as: the business processes in information way, electronicallystore the information, operate the information in convenient way, work in moreefficiency. It is the guarantee of the normal operation in the various information systemsto make sure that the new network technology is innovating all the time. However, thereare some related safety issues from information systems such as: the safety protectionasymmetrical measures, local security evolution is spread in all over the world, lack ofsecurity protection mechanism and so on. In view of those, there are much classifiedsecurity protection work to be put forward in our country, in order to build the securitydomain partition mechanism, which is real-time, effectual and precise. Informationsystems are adjusted the protective measures dynamically to form an effective safetyguarantee mechanism, based on the security protection results.This paper will study the basis of the related standards on the classified securityprotection field, and propose the dynamical security domain partitioning technologysolution in the network, which is based on the ontology modeling technology, combinedwith the semantic web reasoning mechanism, and integrated the network topologydiscovery technology. Finally, this paper will apply the solution to the LAN of theHenan electric institute under the classified security protection work, which is used asthe actual case to analyze the effectiveness, the accuracy and the reliability of thetechnical solution proposed in this paper.The specific work in this paper is below:1This paper will research related standards and the business process on the classifiedsecurity protection field, analyze the existing security domain partition mechanismand the existing problems, and expound the theory and technology of thetechnology solution in this paper;2This paper will design the optimized discovery algorithm of the network topology,build the corresponding security domain ontology and the SWRL reasoning rulesfor the test case, customized security risk evaluation indices, and determine thedifferent categories of protection measures in the test LAN; 3The experimental platform in this paper will be implemented with all kindscorresponding technologies. This paper will demonstrate the validity and accuracyof each key module in the solution;4The experimental platform in this paper will be deployed to the LAN environmentof the Henan electric institute as the actual test case. This paper will demonstratethe validity and reliability of the technical solution by comparing the results ofsecurity risk evaluation test.In this paper, we study and design the technical solution on dynamical securitydomain partitioning, based on ontology dynamical security domain partitioningtechnology. After implementing the experimental platform in code, we prove that thesolution meets with the safety requirements and objectives, which can effectivelyimprove the security protection ability in the local LAN of different enterprises.