| With the "Internet plus" as a national strategy applied to all walks of life,the security problem in the Internet information system has become increasingly prominent.For t he vast majority of the small and medium-scale information systems,the security problems they faced varies widely,and they all hope to have a low-cost on-demand security detection system.Although there is a wide range of security tools,many of those lack of support of a unified security infrastructure.Therefore,in order to reducing the threshold of the development of security detection platform,this paper aims to design a basic supporting structure integrated a series of assistance and easy-to-use utilities for security detection problem,while providing extensible interface for the third-party tools,so that developers can build security solutions quickly and based on the actual need of the information system.Base on this problem,this paper analyzes and abstracts the most commonly used components in security detection platform,including scan engine,task scheduler,extensible database and cache system,then combines them with a variety of scalable open source technologies and sophisticated algorithms and finally implements a security detection supporting structure named "information system security detection framework."Using container technology as a basic building block is one of the innovation design in information system security detection platform,it makes security tools in different languages,different systems,different dependence or not completely compatible with each other can run simultaneously in the framework's containers.Take advantage of this design,developers are free to integrate the best or the most familiar third-party security tools into the framework.Driven by scan engine and scheduler,these tools can play out far beyond their original design scanning capability.One the other hand,information system security detection frame work provides a new way for developing innovative security tools in the future.Under the support of the framework,dozens of lines simple code can have powerful automatic scanning capability,make it possible to create more lightweight scanning,data analysis,and statistical functions.Security operation engineer could reexamine the problems that the information system confronted from different angles.Finally,to verify the usefulness of the framework,this paper also develops a testing security detection platform based on the framework,some third-party security tools,and a few user-written code,providing security features such as SQL injection exploits,malicious links scan,sensitive words detection,and broken links detection.The experiment achieve d a satisfactory result. |
PDF Full Text Request