Research And Implementation Of The Information Security Management System In Military Enterprise

With the increasingly strong of comprehensive national strength of our country,state-owned enterprises continue to improve the level of scientific research and technology and manufacturing,a variety of new models of military equipment and production increasing.Therefore,all kinds of hostile forces inside and outside take the military industry as the key objectives to make penetration,intelligence theft.The situation of information security and confidentiality is very grim.At present,the majority of information leaks occur due to the network abusement against the regulations,which exposes the problems and risks existed in information security management of the military enterprise.With the continuous improvement of the informatization level of military enterprises,the complexity and difficulty of information security work are correspondingly improved.How to build a set of solid and efficient information security management system to ensure the security of state secret information,it has become an important issue related to the effective production of military enterprises and the peaceful rise of the country.The main work of this paper is as the following:We firstly analyze the status of informationization degree of a military enterprise,and define the safety and security requirements of the enterprise clearly and completely.Then aiming at this goal,we make an overall design of the information security system in following aspects:system architecture,technical system,security domain division,rating etc.A detailed implementation scheme is established to satisfy the application protection,physical security and operational security.A location scheme of positioning transition computers on the boundaries of the controlled area is proposed to minimize the possibility of leaking classified information through outside storage medium.Based on the above design,a multi-layer application system based on JavaEE is proposed and implemented,in which the information protection,contractor filtering and residual risk control are established.We introduce a new mode which integrates bioinformatics certification and CA certification,and develop a corresponding system to make efficient and secure identity authentication in the form of unified account.The system developed in this paper has been successfully deployed in a large military enterprise,which has passed the evaluation of the National Security Bureau with a relatively good performance.