| With the popularity of the Internet, all walks of increasing dependence on information systems, the Government attaches to the security building, constructing security becomes an integral part of the baseline. Paper main research for securities, and telecommunications,and mobile, industry security baseline verification faced of problem,through SCAP(security content automation protocol) design security baseline, using AGENT/SERVER of way achieved remote security baseline verification system, for system security configuration set of continued sex monitoring, on effect system security of vulnerable sex factors for full check, help security shipped dimension personnel timely found security risk, full insight security hidden, Check the system compromise tag and to set arbitrary time given the security state of the system.First, the background of the SCAP is briefly presented in this paper is based on the soft technology to address security, telecommunications,mobile industry security baseline verification issues and theenvelopment of security baseline verification system; an overview of the current research at home and abroad.Secondly, it briefly introduces the basic concepts of security configuration, analyze security baseline verification business scenarios,define security configuration standards list, outlines security baseline definition pointed out that securities, telecommunications, mobile industry to implement security baselines faced major problems is the lack of verification of information assets, especially in large environments. By analyzing the current security baseline verification,clear security baseline verification difficulties put forward by way of Agent solutions, and four-stage cycle PDCA.The introduction of SCAP standards, and security baseline using the SCAP protocols in the OVAL design, with open source community tools OVALDI achieved over more than 30 data collection method for security verification provides data based on Agent/Server structure by deploying Agent program on the server, and Server back-linkage to achieve on a large server environments, operating systems, middleware,database security baseline verification; Agent in collecting data for Server system and process performance data, real-time monitoring of server status servers through the alert notice on abnormal server systems administrator, the server runs on a guarantee of safety at all times.Finally realized security baseline verification system. by agent andbased on SCAP protocol At the same time, analyses the needs of the securities industry characteristics and implement the safety baseline verification, driving the securities industry baseline security management to information assets, and on this basis expansion security baseline nuclear check system function; through the analysis of experimental results, the realization of the verification system to verify the results of the scientific and accurate to promote. At the same time to speed up the progress inspection, improve work efficiency... |
PDF Full Text Request