黄益民,平玲娣,潘雪增

DOI: https://doi.org/10.3785/j.issn.1008-973x.2001.06.005

2001-01-01

Abstract:After study of existing security models; analysis of information flow model, Bell-LaPadula(BLP) access control model and Biba access control model; and collation and comparison of their advantages and disadvantages, an improved model is put forward that satisfies the actual demands of information security. An implementation strategy is put forward that ensures information security, reliability, practicality and compatibility in the designed security system. An implementation scheme of this security system and its components and functions is provided. This system combines the following functions: mandatory access contro1, privilege separation, security audit, identity authentication and self-protection. It achieves the level 3 of national information security standard and level B1 of TCSEC standard. It was implemented in the Windows NT and Linux operating system and has yielded good resultsin application.

黄益民,杨子江,平玲娣,潘雪增

DOI: https://doi.org/10.3785/j.issn.1008-973x.2004.04.005

2004-01-01

Abstract:The traditional role-based access control (RBAC) model was extended in this work aimed at studying practical ways to implement access control, enforce security administration, and acquire available information from real world to construct an access control model and establish security policies. A three-layered architecture for role-based security administration was proposed. And a practical way was presented to implement role-based access control and role-based security administration ,so that cross-platform role-based access control is implemented automatically and systematically in the security administration system.

Ouyang Rongbin,Wang Qianyi,Liu Yunfeng,Li Li

DOI: https://doi.org/10.3969/j.issn.1002-4956.2011.06.030

2011-01-01

Abstract:Standard RBAC(role-based access control) models do not define auditing strategy.Their auditing extensions always just record operation information and have lack of monitoring auditing automatically.This paper presents a general auditing model including recording,monitoring and treating.And some key points in the implementation of auditing monitoring are described.The model is implemented and applied in PKU IAAA Unified Security System.

Wang Yilei,Gao Xianfeng,Li Tao,Sun Yujuan

DOI: https://doi.org/10.3969/j.issn.1009-3044.2008.25.014

2008-01-01

Abstract:This paper presents a design of network security audit and monitoring system, including the design of monitoring module in Proxy and network capability, etc. And it also proposes the implement flow of these function models including the implement flow of security audit model and network monitoring model. This system has greatly improved the level of safety management of network through the practice for an application case and has good actual effect.

CAO Hui,WANG Qing-qing,MA Yi-zhong,LUO Ping

DOI: https://doi.org/10.3321/j.issn:1002-8331.2007.05.049

2007-01-01

Computer Engineering and Applications Journal

Abstract:Aiming at the problem of vast information redundancy of database auditing system,inflexible of auditing method and inefficient of data statistic analysis.This paper presents a new database security auditing system.It has more practical value for database security.

Yu Zhiwei,Tang Rengzhong,Jia Dongjiao,Ye Fanbo

DOI: https://doi.org/10.3321/j.issn:1004-132X.2007.04.021

2007-01-01

Abstract:To identify the security requirements of information systems, a business process-based security requirement analysis method was presented. Focused on the business process security, the related assets which affect the business process security were identified by security tree model. The security requirements of assets were identified by risk packet and risk transferring model, and then the security requirements list was formed after coverage analysis. Finally, a case was studied to illustrate the proposed method.

BAO Zhigang,HU Yanjun,GU Xinjian

DOI: https://doi.org/10.3969/j.issn.1000-3428.2006.01.059

2006-01-01

Abstract:Firstly making reference to role based access control(RBAC)model,this paper proposes the basic idea about access control.Then it introduces database design of two realizing methods about access control and two methods’ realization in program,it also presents visual effect.Finally it analyzes and compares one to another in detail from two aspects of applicability and reusability.

Yiyang Jia,Hanyan Wu,Dongxing Jiang

DOI: https://doi.org/10.1109/CyberC.2015.47

2015-01-01

Abstract:Security situation assessment is an effective way to analyze the situation of an information system, which helps administrator understand the current system risk status and make policy to response in time. However, the existing researches for security situation assessment mostly focus on network. The proposed methods for network are not so suitable for information systems. This paper proposes a hierarchical security situation analysis framework for information system, based on a classical NSSA [1] (network security situation analysis) model. The framework provides a standard flow for analyzing the security situation of information system. It consists a security situation analysis model of information system, an index system used in the model proposed, and a quantitative index fusion method to calculate a security situational value. We divided information system into 3 levels: sub-system level, composition level and index level. The collected information from the index level can be combined with grey model to determine the correlation degree between each major index and secondary index. Finally we calculate the whole system security situational value level by level. We use data from Tsinghua University information system to verify the proposed model and method. The result shows that this model can reflect the current security situation of information system comprehensively.

Xuesong Huo,Ming Zhang,Hongqin Zhu,Wei Li

DOI: https://doi.org/10.1109/cbd54617.2021.00052

2021-01-01

Abstract:At present, most of the security situation assessment methods for the power monitoring system only consider the network factors, ignore the security factors inside the system, and the weight distribution of assessment indicators is subjective. This paper analyzes the security factors affecting the power monitoring system, and gives the security situation assessment indicator system of the power monitoring system. On this basis, the security situation of each equipment is assessed based on Support Vector Regression, and the weight is calculated according to the importance of the security area division of the power monitoring system where different equipment is located. Finally, the overall security situation of the power monitoring system is comprehensively evaluated through weighted summation. On the one hand, it can improve the accuracy, the flexibility and the expansibility of the security situation assessment for the power monitoring system. On the other hand, it can also trace the source of security problems in the power monitoring system, which is convenient for managers to isolate risks quickly and efficiently or take defense strategies.

LI Fang,L(U) Li-juan,WANG Heng-shan,ZHANG Yuan-qiu

DOI: https://doi.org/10.3969/j.issn.1007-6735.2007.06.013

2007-01-01

Abstract:The network security of teaching affairs management information system(MIS) is detailedly outlined.Some security strategies and methods served for the system are put forward.The key programmes are compiled to complete the functions of limits of authority and client confirmation,record and tracking,communication agreement introduced by TCP/IP,verification of C2 class and alarm system.The network security system of SLTMIS is successfully developed and can be applied in practice.

DAI Rui-en,LUO Ping,PENG Xiao-ning

DOI: https://doi.org/10.3969/j.issn.1001-3695.2005.03.039

2005-01-01

Abstract:Aiming at the problems of big quantity of source codes, insufficiency of doing data statistic analysis, and lack of upgrading and revising DBMS.Presents a new design on database security scan system. As such design refines the extant scan system, it has more practice value. In the end,suggest the future development of database security scan system.

Tao Zhang,Yang Yu,Yi Li

DOI: https://doi.org/10.3969/j.issn.1000-386x.2014.05.005

2014-01-01

Abstract:With the penetration of Linux technology,lots of Linux servers have been deployed in distributed systems.It becomes a big problem to carry out effective security auditing for those server resources at present.We design and implement a security auditing system applicable to complex distributed environments according to the characteristics of Linux servers.Our solution adopts component-based, modular architecture to support multi-layer deployment.Based on the audits at kernel level and application level,our system achieves the comprehensive audit on Linux servers including system resources,terminal accesses,file,database and network resources,etc.Meanwhile, our system uses data mining techniques to thoroughly analyse the audit message,and realises the intelligent auditing on Linux servers.Our system has been deployed in a real system,and shows very good effect.

Wenmin Zhu,Yuanhua Jia

DOI: https://doi.org/10.1088/1755-1315/108/4/042067

2018-01-01

IOP Conference Series: Earth and Environmental Science

Abstract:Based on the risk management theory and the PDCA cycle model, requirements of the railway passenger transport safety production is analyzed, and the establishment of the security risk assessment team is proposed to manage risk by FTA with Delphi from both qualitative and quantitative aspects. The safety production committee is also established to accomplish performance appraisal, which is for further ensuring the correctness of risk management results, optimizing the safety management business processes and improving risk management capabilities. The basic framework and risk information database of risk management information system of railway passenger transport safety are designed by Ajax, Web Services and SQL technologies. The system realizes functions about risk management, performance appraisal and data management, and provides an efficient and convenient information management platform for railway passenger safety manager.

Xiaohong Guan

2005-01-01

Abstract:The characteristics of urban public safety management system are analyzed and definited.The structure of the system is resolved from three dimensions such as the entity,the technology and the management.The process to implement the system improvement by accordance audit and effectiveness audit is also designed.

JIN Yi,ZHEN Jun,YAN Ji-duo,SHI Sheng-jin

DOI: https://doi.org/10.3969/j.issn.1673-6125.2013.01.014

2013-01-01

Abstract:Security access management system is one supervising system to manage the attendance checks of employees by using RFID and security access card readers with automatic storing checks data.The system guarantees the accuracy of checking attendance management information and also provides the convenience for the management personnel.

Zheng Xiao-lin,Lei Yu,Chen De-ren

DOI: https://doi.org/10.1007/s11460-006-0089-x

2006-01-01

Frontiers of Electrical and Electronic Engineering in China

Abstract:An integrated user access control method was proposed to address the issues of security and management in networked manufacturing systems (NMS). Based on the analysis of the security issues in networked manufacturing system, an integrated user access control method composed of role-based access control (RBAC), task-based access control (TBAC), relationship-driven access control (RDAC) and coalition-based access control (CBAC) was proposed, including the hierarchical user relationship model, the reference model and the process model. The elements and their relationships were defined, and the expressions of constraints authorization were given. The extensible access control markup language (XACML) was used to implement this method. This method was used in the networked manufacturing system in the Shaoxing spinning region of China. The results show that the integrated user access control method can reduce the costs of system security maintenance and management.

JIANG Kai-da,LI Xiao,SHEN Hai-yun,BAI Wei

DOI: https://doi.org/10.3969/j.issn.1671-1122.2012.12.025

2012-01-01

Abstract:The university's website has been one of the most popular attack targets by hackers for a long time,facing various types of rampant scan and attacks,as well as the threat of information leakage of sensitive data.A complete security protection system can discover vulnerability and help find the site which was already hacked.Information security staff in university need to adopt new security strategy and methods,facing the rapid changing security situation.This paper introduces a number of depth exploration and practice in the security protection system of the university's website in Shanghai Jiao Tong University recently years.

Xiao Hou,Lu Wang,Minyue Zhou,Liyun Liu,Haiying Zhao

DOI: https://doi.org/10.32629/memf.v5i3.2393

2024-07-17

Modern Economics & Management Forum

Abstract:The prevention of asset management risks has always been the focus of overall asset management in higher education institutions. By combining with the newly formulated Administrative Regulations on the Management of Administrative Public Assets by the State Council, relying on the key audit areas in recent years, and referring to the successful experiences of audit issue rectification in sister colleges and universities, this study focuses on asset allocation, utilization, disposal, and benefits. It takes problem-solving and risk avoidance as the orientation, conducts risk assessment and response analysis, and comprehensively promotes the integration of management in four aspects: establishing sound systems, supervision mechanisms, improving efficiency, and accountability. It establishes an integrated asset management system of "management" "supervision" "benefits", thus providing application value for optimizing the management of state-owned assets and enhancing risk prevention capabilities.

Ke Li,Yong Xia,Wei Wang

DOI: https://doi.org/10.3969/j.issn.1671-7104.2016.02.023

2016-01-01

Abstract:The paper elaborates and analyzes the current status of mobile hospital information security, then puts forward a security new model of the mobile treatment, then its architecture and solutions is elaborated. The use of this model makes the overall security level of hospital information to be further improved and enhanced, it has a positive signifi cance to promote the overal hospital management level.

Xiao He

2013-01-01

Abstract:On the purpose of providing a convenient and reliable security framework for the Unicom resource management system,this project adopts Aspect Oriented Programming(AOP) security framework,combines with the inversion of control technology of framework,and ultimately creates a powerful,safe,and reliable access control security framework.