Design And Implementation Of Service Flows For Security Operation Center

It is obvious now that the rapid development of information technology strengthen the enterprises’dependence towards network. More and more businesses choose to implement online. So enterprises highlight the security of business system as well as the traditional network equipment. Given the status that traditional security operation center have single business function model, provide less expansibility, and be too dependent on database, this paper proposes a new Security Operation Center business flow models, using WCF, Service-Oriented Architecture, Domain-driven Design (DDD), NHibernate and other related technologies, deploying the business cloud, implementing the cross-machine and cross platform communication, and making the developers freed from complex data operations. This proposal enhances development efficiency and system performance significantly.Firstly, this paper made some study for the situation of the Security Operation Center, and summarized the research results and the problems in this field. Secondly, with analyze of the current mainstream technologies, it proposed a more reasonable solution towards the Security Operation Center. Thirdly, after analysis the Security Operation Center business flow needs and related models, it made a detailed plan of business flow design and architecture, which includes event management, alarm management, notification and alarm management, work order management, etc. Finally, it raised the implementation proposal of Security Operation Center business flow and explored the view layer, app-service layer, domain layer and the infrastructure layer in depth, to ensure system reliability and scalability.As an integrated security management platform, Security Operation Center provides centralized monitoring for each terminal device in internal network and makes real-time collection and analysis of various types of security events. What’s more, it makes business management services to the events which triggered business rules. Security Operation Center has good performance in response to business needs change, reliability, safety and user experience and can be used widely.