利用安全审计网关技术实现应用系统运维安全防护 |
| |
引用本文: | 叶水勇,陈晏,汪路. 利用安全审计网关技术实现应用系统运维安全防护[J]. 电力信息化, 2013, 0(11): 115-118 |
| |
作者姓名: | 叶水勇 陈晏 汪路 |
| |
作者单位: | 黄山供电公司,安徽黄山245000 |
| |
摘 要: | 黄山供电公司从2001年正式进行信息化建设以来,应用系统的规模和数量不断增加。为了保证各应用系统安全稳定运行,需要内部运维人员以及第三方技术人员协同维护各应用系统,因此存在内部人员误操作、第三方技术人员越权访问窃取数据等运维安全问题。黄山供电公司信通公司根据信息技术基础架构库(ITIL)的框架,设计了运维审计系统,采用旁路部署方式,对运维人员实现身份鉴别和认证、操作过程全程监控、越权操作阻断、操作行为审计等,实现各应用系统运维过程的“事前预防、事中控制、事后审计”。从而提升公司信息安全管理水平,确保各应用系统能够安全稳定运行,为公司各类业务的正常开展提供有效保证。
|
关 键 词: | 越权访问 运维安全 运维审计系统 |
Security Protection for Application System Operation and Maintenance Using the Security Audit Gateway Technology |
| |
Affiliation: | YE Shui-yong, CHEN Yan, RANG Lu (Huangshan Power Supply Company, Huangshan 245000, China) |
| |
Abstract: | Since the starting of the informatization construction in 2001, the size and the number of application systems are increasing in Huangshan power supply company. To ensure all application systems operation secure and stable, there is a need of the cooperation of enterprises" staffs responsible tbr the operation and maintenance tasks and third-party technical personnel, which may restllt in security issues of carelessness and unauthorized access to data. According to the framework of information technology infrastructure library, this paper designs an operation and maintenance audit system. The system adopts the bypass deployment mode to authenticate operators' identity, to monitor the whole operation and maintenance process, to block the unauthorized access and audit the operation and maintenance behaviors, which enables the whole process in the mode of prevention, control and post audit. Application of the system can enhance the management level of information security, enstire application systems operation secure and stable, and provide effective guarantee for the normal operation of all kinds of business. |
| |
Keywords: | unauthorized access operation and maintenance security operation and maintenance audit system |
本文献已被 维普 等数据库收录! |
|