黄益民,平玲娣,潘雪增

DOI: https://doi.org/10.3785/j.issn.1008-973x.2001.06.005

2001-01-01

Abstract:After study of existing security models; analysis of information flow model, Bell-LaPadula(BLP) access control model and Biba access control model; and collation and comparison of their advantages and disadvantages, an improved model is put forward that satisfies the actual demands of information security. An implementation strategy is put forward that ensures information security, reliability, practicality and compatibility in the designed security system. An implementation scheme of this security system and its components and functions is provided. This system combines the following functions: mandatory access contro1, privilege separation, security audit, identity authentication and self-protection. It achieves the level 3 of national information security standard and level B1 of TCSEC standard. It was implemented in the Windows NT and Linux operating system and has yielded good resultsin application.

李钟华,李由,李伟华

DOI: https://doi.org/10.3969/j.issn.1001-3695.2004.11.040

2004-01-01

Abstract:Security problems regarding the network are due not only to malicious outsiders or hackers,but also to malicious users inside the organization.By the technology of VPN,Private path can be created to transfer important data,Secure communication can be done by the end-to-end data encryption.In this paper,VPNs for sections which constructed in a company's VPN can extend the private path to the sections of the company and guard important information of sections from being blabbed inside the organization's network.

Junzhou Luo,Yang Liu

2001-01-01

Ruan Jian Xue Bao/Journal of Software

Abstract:As a result of the development of Internet and the popularity of E-Commerce, there is a growing demand for information security. On the basis of the technique of network information security and the analysis of policy, the paper puts forward a network security system model based on the technique of the deep defence (authentication and authorization system), the boundary defence (firewall system) and the security tunnel (VPN system). This system offers multi-level integration project of network security from host to network and from information deposit to information transmission.

Haixin Duan,Jianping Wu

DOI: https://doi.org/10.3321/j.issn:1002-8331.2000.05.008

2000-01-01

Abstract:The definitions of some concepts related to security architecture for computer networks are presented firstly in this paper, and then, a framework is proposed from the aspect of security requirements. Based on the analysis of dependence among security services, a method is presented for classifying and rating network security according to se curity services and mechanisms. After the analysis of security mechanisms in TCP/IP protocol including IPSec and SSL, a protocol layered entity model is presented for implementation of security services and security management. From the aspect of entity unit, all kinds of security technologies are organized into to four layers. The place of security management in the architecture and content of management activities for large networks are described. At the end of this paper, further research directions are pointed about the security architecture.

Hui Yuan,Lei Zheng,Shuang Qiu,Xiangli Peng,Yuan Liang,Yaodong Hu,Guoru Deng

DOI: https://doi.org/10.1007/978-3-030-15235-2_142

2019-04-25

Abstract:With the rapid development of the network, in recent years, the Internet has greatly improved people’s lives, and the real-time, sharing and distance-removing characteristics of network information transmission have made the operation and management of enterprises more efficient and coordinated. The basis of refinement. At the same time, various network security incidents have followed, such as hacker attacks on computer network systems, and various types of viruses, Trojans and other active attacks emerge one after another. In this regard, this paper analyzes the enterprise network security system of firewall from the perspective of enterprise network security, briefly summarizes the background, advantages and disadvantages of firewall technology, and designs and implements a client software according to the actual needs of users. The network performs real-time intelligent security monitoring. After the system design is completed, the security is tested by building a simulation platform, including qualitative testing and quantitative testing, which are divided into security and performance to verify whether the system can achieve and guarantee performance.

Zen Jun Li,Wen Qian Shang

DOI: https://doi.org/10.4028/www.scientific.net/amm.380-384.2173

2013-01-01

Applied Mechanics and Materials

Abstract:With the popularization and development of computer network, people's life and work more and more relies on the network. However, many people can cause network security problems due to improper use. Therefore, based on the primary analysis of the current computer network security status, this paper proposes how to make the system strengthen, safety and how to carry out safety inspection after being attacked, in order to ensure the security of network.

De-yong WANG

DOI: https://doi.org/10.3969/j.issn.1672-2396.2010.03.025

2010-01-01

Abstract:With the rapid advance of Internet age,the meaning of information security has also been evolved and extended,simple protection and static confidentiality can not meet the needs of today's network security,especially in some complex network environment,city emergency system is faced with the various types of network security threats,the paper analyzed on the emergency system network security risk,put forward the building goal and design ideas about network security of emergency system,divided from the system network,authentication,access controls,system structure,security audit trail,network security monitoring,backup and repair,virus detection and elimination and environmental safety aspects gave countermeasures to ensure network security of emergency system.

Yan Li,Guang-qiu Huang,Chun-zi Wang,Ying-chao Li,Yan Li,Guang-qiu Huang,Chun-zi Wang,Ying-chao Li

DOI: https://doi.org/10.1186/s13638-019-1506-1

2019-08-13

EURASIP Journal on Wireless Communications and Networking

Abstract:Information technology has penetrated into all aspects of politics, economy, and culture of the whole society. The information revolution has changed the way of communication all over the world, promoted the giant development of human society, and also drawn unprecedented attention to network security issues. Studies, focusing on network security, have experienced four main stages: idealized design for ensuring security, auxiliary examination and passive defense, active analysis and strategy formulation, and overall perception and trend prediction. Under the background of the new strategic command for the digital control that all countries are scrambled for, the discussion of network security situational awareness presents new characteristics both in the academic study and industrialization. In this regard, a thorough investigation has been made in the present paper into the literature of network security situational awareness. Firstly, the research status both at home and abroad is introduced, and then, the logical analysis framework is put forward concerning the network security situational awareness from the perspective of the data value chain. The whole process is composed of five successive stages: factor acquisition, model representation, measurement establishment, solution analysis, and situation prediction. Subsequently, the role of each stage and the mainstream methods are elaborated, and the application results on the experimental objects and the horizontal comparison between the methods are explained. In an attempt to provide a panoramic recognition of network security situational awareness, and auxiliary ideas for the industrialization of network security, this paper aims to provide some references for the scientific research and engineering personnel in this field.

telecommunications,engineering, electrical & electronic

xue yong wan,liang zhang,wei xu,hong hui gong

DOI: https://doi.org/10.4028/www.scientific.net/AMM.599-601.1457

2014-01-01

Abstract:the computer network is widely applied to people's attention,computer network security is very important,we must take effective measures to ensure the security of computer network.This paper analyzes the implications of computer network security system and its security mechanism,and for the current network security should be involved in some of the elements is introduced.

REN Jiang-chun,WANG Zhi-ying,DAI Kui

DOI: https://doi.org/10.3969/j.issn.1007-130x.2006.06.002

2006-01-01

Abstract:The security of network has been a focus of research in these years.However,the current emphasis is on the prevention from hackers’ invasion.There is no uniform framework for network security management.Based on the ideas of social public security management,it is significant to build an information network security management framework.This paper first analyzes the deficiency of network security management,proposes a model with a hierarchical architecture,discusses the key problems of the model,and finally gives the simulation results.

ZHANG Yun,Kong Fang

DOI: https://doi.org/10.3969/j.issn.1673-629x.2005.03.021

2005-01-01

Abstract:On the basis of analysis to some security modes which are often seen, talking about what needs to do for the security of application layer, this paper proposes a general framework of application layer, analyzes the base point for designing the security of application layer. Then basing on it, this paper takes the foreign trade business software as an example, introduces the realization of the kernel:access control.

ZHANG Tao,HU Ming-zeng,YUN Xiao-chun,ZHANG Yong-zheng

DOI: https://doi.org/10.3321/j.issn:1000-436x.2005.12.017

2005-01-01

Abstract:The research of security analysis needed a systemic security analysis model that was from the system resource and security factor of computer network.For the classification,rate and the main threaten of the security requirement,system devices,access privilege,host connection relation and vulnerability were analyzed,and the computer network attack from the point of view that the attacker's objective was to get privilege escalation was described.The computer system security analysis by fault tree and the network system security analysis by attack graph use the security analysis model.

LIU Kai,ZHOU Xian-wei,XIE Zheng

DOI: https://doi.org/10.3969/j.issn.1001-3695.2005.09.036

2005-01-01

Abstract:This paper analyse the state of vulnerabilities in an enterprise network and give a method of partitioning severity of vulnerability to combine with the application environment.This method partition the vulnerability more in detail, and make the system security administrators can patch the more serious vulnerabilities in the shortest times.

颉钰,李卫

DOI: https://doi.org/10.3969/j.issn.1000-7180.2004.06.001

2004-01-01

Abstract:Network threats are more and more relentless. From the point of strengthening internal security management, an active network security risk management system (ANSRMS) complying with BS7799 is presented. ANSRMS uses information detecting agents to get configuration and vulnerabilities of the network, develops the spread model of underlying intrusion, provides qualitative and quantitive assessment of security risk, and finally adopts corresponding risk control policy to decrease the risk level. This paper introduces the details of the architecture of ANSRMS, spread model of intrusion and our risk assessment algorithm. The experiment results given shows that ANSRMS can efficiently help administrators to set up a completed security risk management framework.

Dabin Sun,Bowei Wang

DOI: https://doi.org/10.1109/ISMII52409.2021.00055

2021-01-01

Abstract:Information security is a widely discussed topic in the era of big data. With the rapid development of computer networks, various information security issues have frequently occurred. How to improve the level of computer network information security protection through the implementation of network security level protection is the direction that network security should focus on. Based on the existing security technology and products combined with the information security level protection system, this paper analyzes the relevant technical management requirements of the scheme design, and studies the design method and design process.

Engineering,Computer Science

LUO Yun,CHEN Shu-yu

DOI: https://doi.org/10.3969/j.issn.1673-159X.2007.01.027

2007-01-01

Abstract:Facing the current dynamic system and dynamic environment,it is necessary to employ dynamic security models,methods,technologies and solutions to meet the current issue of network security.Intrusion detection and Firewall technology are important components of dynamic network security.According to the decision-making process of a security interactive system,an interactive system between intrusion system and firewall can achieve dynamic network security and protection.

Guihai Chen,Victoria C. Yan,Qing Li,Zengzhi,Liao,Zhigang

2005-01-01

Abstract:The wide application of network technology in power systems brings not only convenience and flexibility but also security threats. An architecture of network security for power system was proposed in this study,which protected data and facilities from being attacked by outside users by means of firewall, security monitor and control system. Firewall was basically the first line of defense for the intranet; the security monitoring system was a kind of IDS (Intrusion Detection System), while security control system provided authentication, authorization,data-encrypted transmission and security management. This architecture provides various security services, such as identification, authentication, authorization, data integrity and confidentiality.

Wenzheng Li,Hongdan Zhu

DOI: https://doi.org/10.1109/iceiec51955.2021.9463823

2021-01-01

Abstract:With the rapid development of network information technology, network information technology has been widely applicated in enterprise. How secure is company's information? Nowadays network security is a threat to all enterprises, This paper analyzes the current situation of the enterprise network security, expounds the typical problems existing in the enterprise network security work, carries out the network information security construction from the management, control, technology and other aspects, and constructs the three-dimensional information security protection system.It is of great significance to strengthen the construction of enterprise network security so as to ensure the network information security.

王跃,罗军

DOI: https://doi.org/10.3969/j.issn.1007-130x.2004.02.008

2004-01-01

Abstract:This paper describes the design and implementation of a secure network file system: SNFS, including its design idea,system architecture,key management,security analysis and implementation techniques.

ZHAI Jian-hong,ZHANG Yue,LIU Ya-wei

DOI: https://doi.org/10.3969/j.issn.1009-8054.2008.02.024

2008-01-01

Abstract:With popularization of corporate internal networks and office automation, the technology for protection of classified data in corporate internal networks has attracted much attention. In this paper, a network security man-agement architecture based on security event-driven linkage is designed, the idea for multi-level protection of inter-nal classified network and the description mode of security events are provided, including the design of safety components.