| 网络安全分析与监控平台安全防护关键技术 |
| |
| 引用本文: | 严 莉,李 明,张 丞,郭小燕,马 琳,陈 琳.网络安全分析与监控平台安全防护关键技术[J].教育技术导刊,2019,18(6):196-199. |
| |
| 作者姓名: | 严 莉 李 明 张 丞 郭小燕 马 琳 陈 琳 |
| |
| 作者单位: | 国网山东省电力公司信息通信公司,山东 济南 250001 |
| |
| 基金项目: | 国网山东省电力公司科技项目(2018A-079) |
| |
| 摘 要: | 网络安全分析与监控平台通过收集防火墙、入侵防御系统等网络安全设备的事件日志、安全策略等信息,实现对整个网络的安全分析与监控,因此其安全性尤为重要。为了保障平台安全性,提出多重安全防护机制:利用智能密码钥匙和数字证书,实现高强度的身份鉴别;通过设置多级管理体系,实现管理权限的分割与访问控制;对每一次操作进行日志记录和数字签名,保证操作行为日志的完整性,可用于安全审计与责任追溯;采用秘密共享技术实现对对称密钥的分割存储,以保证安全策略等重要数据备份恢复的安全性。这些安全防护技术的使用,能够有效增强网络安全分析与监控平台的安全性,防止攻击者通过平台获取关键信息,或进行非法篡改等恶意攻击。
|
| 关 键 词: | 网络安全 安全策略 身份鉴别 数字签名 智能密钥 |
| 收稿时间: | 2018-10-15 |
Security Protection Techniques for Network Security Analysis and Monitoring Platform |
| |
| YAN Li,LI Ming,ZHANG Cheng,GUO Xiao-yan,MA Lin,CHEN Lin.Security Protection Techniques for Network Security Analysis and Monitoring Platform[J].Introduction of Educational Technology,2019,18(6):196-199. |
| |
| Authors: | YAN Li LI Ming ZHANG Cheng GUO Xiao-yan MA Lin CHEN Lin |
| |
| Institution: | Information & Telecommunication Company,State Grid Shandong Electric Power Corporation,Jinan 250001,China |
| |
| Abstract: | In a network security analysis and monitoring platform, various data such as event logs and security policies can be collected from firewalls, intrusion detection systems and other network security systems to acquire the analysis and monitoring of the network. Thus the security of the platform is of great significance. For protecting the platform, several security techniques are proposed. Firstly, USB smart key and digital certificates are used to implement high-security identification. Multi-level management systems are used to acquire privilege division and access control. Every operation can be logged and signed digitally to assure the integrity of the logs for security auditing and traceability. Secret sharing technique is used to store the split symmetric key respectively to assure the security of the backup and restoring of crucial data such as security policies. These security protection techniques can improve the security of the network security analysis and monitoring platform significantly and prevent the attackers from obtaining the crucial information and other attacks such as tampering. |
| |
| Keywords: | network security security policies identification digital signature smart key |
|
| 点击此处可从《教育技术导刊》浏览原始摘要信息 |
| 点击此处可从《教育技术导刊》下载免费的PDF全文 |
