Design And Implementation Of The Information Security Management System For Enterprise Intranet

Nowadays, the use computer and network has largely increased. As a result, more and more information is saved in the server and host machine. For enterprises the most important information carrier and communication channel is network, which brings in great convenience for business and life. Meanwhile, great concern is raised on information security issues. Information leakages due to virus infection, hacker attack and internal leaks have caused immeasurable loss and impact to many enterprises. Therefore it is necessary to take actions on management within the enterprise network in order to prevent information leakages.In this paper, according to the requirement of China Mobile DingXi Branch on security, combined with the numerous methods of management of information security, we build a comprehensive, rigorous, unity, the objectivity of Intranet security management system. In order to improve the productivity, it is necessary for enterprises to manage and maintain network data regularly, we must use strict security method to form a network peripherals, file, staff, terminal, server and storage facilities for effective control so as to form a complete safety management system.In this paper, There are four subsystems within the system. They are trusted network monitoring subsystem, credible data management subsystem, authentication subsystem and trusted network security subsystem respectively. this paper provides a detailed explanation on the trusted data management sub-system and the trusted network authorization sub-system. The trusted data management sub-system switches between multiple working modes to ensure the security of the mobile storage devices and prevent the intranet from being intercepted or accessing internet illegally. This can also provides sufficient management to mobile storage devices in various working environments. The trusted network authorization sub-system aims at users, computers and servers. It verifies the identity of users and grants permissions to servers and computers. Its main function is to authorize the servers and computers to a specific operation, as well as the unified user identification.Based on the design and implementation of the enterprise intranet information security management system of China Mobile Dingxi Branch, the approach proposed in this paper is validated in real enterprise environment. The system are tested in normal and abnormal cases(including virus infection, hackers, and internal leakage, etc.): logging into target computer in intranet, security management of external devices, monitoring and controlling network behavior, network security audit, network access control, security information authentication, monitoring network processes, controlling security of mobile storage device, controlling network access, setting up password for files and disks. The results prove that information in intranet is not leaked or stolen, and the approach is highly safe and feasible, which satisfies the requirements of enterprise intranet system.