| With the rapid development of computer network and office automation, in enterprise, information transmission increasingly depends on computer networks. While companies are enjoying the advantages of computer network and a various kinds of office systems, the information security risk follows, particularly the disclosure of important information within the enterprise to bring incalculable loss, so, how to prevent the leakage of secret data in intranet is a very important issue nowadays. Intranet information security system in this thesis is a special management system in enterprise that to avoid the confidential information from being stolen, and to provide a practical, reliable management scheme for the intranet data information.This thesis describes the development situation of information security and the meaning of the object, reviews the technology of current computer network information security. Based on the in-depth analysis and research on the company requirements, the article establishes the overall system structure of client/server model, as well as discusses the design idea and operation process of the system, and divides the system’s function module. The mature development idea and object-oriented modeling technology increases the robustness and scalability of the system.Information security system has three core policy modules, namely screen record module, network monitor module, access control module of the mobile device. Screen record module uses screen image capture and compression technology to achieve recording the details of the user operate computer, thus providing reproduction operation behavior intuition for managers, make them easily identify the source of information leaks; network monitor module deeply researches the WinPcap development kit, let the capture of network substrate packet no longer difficult, then simply analyses the captured data packet by using stratification theory of the TCP/IP protocol, finally, cut off the connection of illegal access device using the ARP spoofing; access control module of the mobile device is to add a layer file system filter driver on Windows NT kernel file system, in order to intercept the access request of mobile device, thus achieve preventing the copy of confidential corporate information out through mobile device.The system uses image process, network monitor, filter driver and other technology, achieving the information security protection on intranet. The system has been trial run in the company, not occur errors, played an indelible contribution for company’s information security protection. |
PDF Full Text Request