| With the development of educational informatization, colleges throughout the country have built hundreds of applications for educational administration, academic administration and students administration, providing indispensable environments for teaching and academic research. Web applications get popularized while many of them had been attacked frequently because of potential safety hazards, which lead to leak of system data, illegal modifications of web pages and tools to spread computer virus. These results make information facilities breakdown and are very likely to exert negative influence on the reputation of school as well as the politics.As a survey shows:colleges have hundreds of applications on average. These applications were developed by technicians outside school, independently researched by each department or made by students, which are on various technical level. And the servers which run the apps scatter in different environments such as colocation, cloud services and office. These features make them hard to manage. Recently colleges have deployed firewalls and devices that can detect hacking and make application system hard for hackers to intrude. But existence of bugs can be utilized for hackers to intrude. So it is high time that a security management service platform should be designed to assist security administrators to manage the fundamental information about applications. And that platform should detect security problems ahead of hackers and fix them. Based on these facts mentioned above and the practical demand of Beijing Jiaotong University Laboratory of Information Security, we design the Campus Network Security Service Platform, the main work follows bellow:1. Design a system that fulfills the management demand of applications for archival information and website healthy status.2. Make a main research on the security information extraction from the mainstream scan system, and archival information from OA systems and grant of access outside information from firewall. This system can’t extract information from databases because of the restraints of time and authorities. But on the basis of the Excel statements containing the required data the system provided, we proposed a heterogeneous database integration scheme based on Excel.3. This project makes statistics and analyzes security information as well as archival information and realizes the functions which automaticly generates and sends report, publishes security knowledge, visualizes the distributions of bugs and queries or exports integrated data of applications dynamically.The platform proposed by this article can meet the work demand of BJTU Laboratory of Information Security not only in the aspect of performance but functions, and achieve the goal of unified applications management. Currently this system has taken effect in the practical work, improving the status of OA and campus informatization. |
PDF Full Text Request