基于多防线分布容侵技术的电力企业信息集成安全防护体系

结合电力企业信息集成的发展趋势和安全防护现状提出了基于多防线分布容侵技术的电力企业信息集成安全防护体系。该防护体系的容侵策略包括：以防火墙作为基础性防护措施；在非实时应用网络的各关键节点部署移动智能体进行内外入侵的在线检测与追踪；在入侵检测系统成功确认入侵者之后，基于蜜罐技术的入侵诱导系统根据系统安全要求对被锁定的入侵流进行定向诱导，以主动防御模式保护合法系统不受侵犯；弹性文件系统采用基于分片-散射的分布式文件管理方式，并作为企业存储系统的最后防线。文章还针对性地剖析了信息横向、纵向集成中关键的安全防护问题，以及安全防护体系中的移动智能体、蜜罐、弹性文件系统等技术，最后简要介绍了该防护体系的实际应用情况。

Security Protection Architecture for Power Enterprise Information Integration Based on Technology of Distributed Intrusion Tolerance with Multi-Level Defense Line

According to the development trend and present condition of security protection of power enterprise information integration,a security protection architecture of power enterprise information integration based on the technology of distributed intrusion tolerance with multi-level defense line is proposed.The intrusion tolerance strategies of the proposed architecture consist of following items:(A) the firewall is used as the fundamental protective measures;(B) at key nodes in non-realtime application network,the mobile agents are configured to implement on-line detection and tracking of internal and external intrusions;(C) after the intruder is successfully confirmed by intrusion detection system,according to the requirement of system security the honeypot technology based intrusion inducting system directionally inducts the locked invading flow,and the active defensive mode protects the legitimate system from invasion;(D) by means of slicing-scattering based distributed document management style,the resilient file system serves as the last defense line of enterprise memory system.Moreover,the key security protection problems pertinent to transverse and longitudinal information integration as well as the application of the technologies,such as mobile agents,honeypot,resilient file system and so on,in security protection system are analyzed.Finally,the application of the proposed secure protection architecture is briefly presented.