| When the progress of science and technology brings convenience to people, it also planted a lot of potential safety hazard.To identify and prevent all kinds of intrusion attacks, related institutions have taken a lot kinds of information security technology, including anti-virus, firewall, identity certification authority management system, VPN, and even network access control, etc. The traditional security management technology platform and log analysis technology based on database has failed to meet the needs of present enterprise platform’s management. Risk assessment technology, cloud computing technology, dynamic encryption technology and security audit technology have gradually applied in the security management platform.This article mainly researched the security operation center service management and its related technology, including the model of security operation center, concerning cloud computing technology, role-based access control models, risk assessment algorithm based on matrix structure model and the design and realization of platform implementation, the main research contributions for this paper are as follows:(1) The risk assessment model of security operation center and improved risk assessment algorithm was proposed. In this paper, we designed a risk assessment model adapted to the security operation center and improved the matrix structure of the traditional risk assessment algorithm in order to get effective risk assessment results for the platform.(2) The access control model of security operation center was proposed. In this paper, it designed a platform access control model of separation of powers by use of the characteristics of the cloud security management platform for users. The model can divide the platform’s users into the system administrators, safety auditors and safety administrator, effective implementation of the platform of user management in order to realize effective implementation of the platform user management and guarantee the safe running of the platform.(3) The service management of security operation center and its related functions was designed and implemented. The overall architecture model of security operation center was designed in this paper. It was designed based on the security operation center service management architecture, including the detailed design for the function of the sub module and implement of the function for each part which included permissions, assets, risk, strategy and cascade six function modules and system audit.(4) Finally, the evaluation of the platform realization was shown in detail. This paper presented security operation center evaluation objectives and evaluation environment, designs the platform network topologies, tests the main functional modules of the platform and correlated analysis for the platform in detail.According to the research for security operation center overall model, the risk assessment model and the access control model, we studied and implement the security operation center main functions of service management combined with actual project. The research in this paper can be significant reference for the similar security management platform. |
PDF Full Text Request