| With the construction and development of XX network (hereafter Private Network, PN), the command, office and business support systems are running on the network successively. Although some protection has been used in order to good at management of information security, in the practical work of network information management, there are also many violations of information processing and computer using occurred, which are could not be detected and controlled in time because of system's defect of managing module, including improper processing of classified information, violation of using mobile equipment, using computer inter-network highly confidential used in low-level secret,and so on. So there are significant security risks in the daily running of the PN.In regard to above problems, a controlling system of information security in private network has been designed and realized in this thesis, which is bring together of terminal behavior management and network security. In this system the object-oriented software development method has been adapted and the Java programming language, ICE middleware, Oracle database as well as other related technologies has been utilized, which realize the fully controlling on network behavior of private network terminal and dimensional protection of sensitive information, resolve the problems of administration in lack of understanding at network information security and not timely disposal to subordinate units.The controlling system of private network information security is mainly including two layers, which are terminal management and information transportation, and the real-time controlling problems have been researched, those are the generation, transmission and storage of information. The terminal management layer is focused on the real-time audit and access of network information security, on the full management of the generation, transmission and storage of information, on the real-time monitoring of accessing mobile equipment and using computer inter-network, on the full-time monitoring, alarm and forensics, on the comprehensive managing and controlling terminal operation as well as asset audit. The information transportation layer integrates traditional network security equipment in a unified management platform, which is focused on how to establish a communication between system and every security equipment, on how to merging process and correlation analysis on security events of deferent equipment, as well as on the audit of network information transportation.To design and realize the controlling system of private network information security is mainly used for protection of information security in the private network, which is improving the real-time response and perception of security protection of private network, realizing the real-time audit in processing of information generation, the monitoring intercept of transportation and the security management of storage. Finally, a set of three-dimensional security system has been constructed for the private network. |
PDF Full Text Request