|
|||||
|
|
| 一种基于虚拟应用的安全防泄漏系统 | |
| 引用本文: | 田强,刘宝旭,章翔陵. 一种基于虚拟应用的安全防泄漏系统[J]. 信息安全与通信保密, 2010, 0(7): 74-77 |
| 作者姓名: | 田强 刘宝旭 章翔陵 |
| 作者单位: | 1. 中国科学院研究生院,北京,100049;北京双洲科技有限公司,北京,100101 2. 中国科学院高能物理研究所计算中心,北京,100049 3. 北京双洲科技有限公司,北京,100101 |
| 摘 要: | 针对目前日益严重的信息资产泄露问题,在对比已有的信息泄露的防御技术基础上,提出一种"基于虚拟应用的安全防泄漏系统",通过集中运算、虚拟应用技术,在服务器上为每一个用户的应用构建独立的计算环境;采用远程桌面、SSLVPN技术保证集中计算环境中数据与用户操作终端的安全隔离;同时基于信息在服务器集中存储和运算,实现终端无痕(用户终端没有数据计算痕迹),防止数据在应用过程中泄露;最后采用统一认证和应用授权发布,管理用户对数据的访问和输出控制。 |
| 关 键 词: | 信息防泄露 虚拟应用 集中计算 终端无痕 |
Data Leakage Prevention System Based on Virtual Application |
|
| TIAN Qiang,LIU Bao-xu,ZHANG Xiang-ling. Data Leakage Prevention System Based on Virtual Application[J]. China Information Security, 2010, 0(7): 74-77 | |
| Authors: | TIAN Qiang LIU Bao-xu ZHANG Xiang-ling |
| Affiliation: | 1Graduate School,CAS,Beijing 100049,China; 2 Computing Center,Institute of High-Energy Physics,CAS,Beijing 100049,China; 3 Z2 Science Ltd,Beijing 100101,China) |
| Abstract: | For serious problem of information resources Leakage and by comparison of available data leakage prevention (DLP) technology,a DLP Based on virtual application is proposed. Through centralized computing and virtual application technology,an independent computing environment for each client on the server is established,and remote desktop and SSL VPN technology is adopted to ensure the security isolation between the central computing environment and the client operation terminal. Meanwhile, based on the centralized storage and operation of information in the server,the untraceablility at client end (no calculation footprints left on the client terminal) is realized,thus to prevent the data leakage in the process of application. Finally,the unified authentication and authorized application release technology is applied to managing the client access to the data and output control. |
| Keywords: | data leakage prevention virtual application centralized computing untraceability at client end |
| 本文献已被 维普 万方数据 等数据库收录! | |