Planning And Design Of Information System Classified Security Protection Technology For Daqin Company

In the information age, with the rapid spread of information technology and therapid development of network applications, rely on to run the country’s political,economic, cultural, military and social systems of the deepening of the informationsystem, basic information systems, global role increasing security risks are also facinggrowing economic losses due to hacker attacks, viruses and other causes of damageare common, and the amount of the loss is gradually increased. Network andinformation security is not only related to the healthy development of informationtechnology, but also to the country’s political security, economic security, nationalsecurity and social stability. Vulnerability of complex network environments,variability, and information systems to determine the objective existence ofinformation security threats.In this paper, starting from the current situation, to a large energy status of theenterprise information system analysis to identify security risks of existinginformation systems. Mainly at the network level, the network structure, borderprotection, access control, authentication, security auditing, and other security riskscategories were analyzed; Host level mainly for authentication, malicious code,security audit, security systems and other categories reinforcement risks are analyzed;application level security main categories of risks authentication, security audit, dataprocessing were analyzed. According to security risk analysis results from thenetwork, host, application of the three levels of demand for the company made majorinformation security.According to the company’s information systems security requirements fromnetwork security, host system security, application security, and several levels ofsecurity protection technology system of the enterprise information systems planningand design. For security risks faced by the company’s current design at the networklevel using a network of regional protection, and network security equipmentreinforcement technology strategy, using a host-level authentication, access control,security audits, intrusion prevention, malicious code prevention, resource control,data backup security technology strategy, application level using authentication,access control security technology strategy, security audit, the remaining informationprotection, software fault tolerance, resource control, data encryption, data validation,data backup.Through this design, the company can effectively protect enterprise informationsystems from the technical aspects of security, reduce security risk information systemis invaded, and information security can be designed to provide a reference for othercompanies.