CN103400226A - Integrated tobacco industry information security, operation and maintenance application platform system - Google Patents
Integrated tobacco industry information security, operation and maintenance application platform system Download PDFInfo
- Publication number
- CN103400226A CN103400226A CN2013103270402A CN201310327040A CN103400226A CN 103400226 A CN103400226 A CN 103400226A CN 2013103270402 A CN2013103270402 A CN 2013103270402A CN 201310327040 A CN201310327040 A CN 201310327040A CN 103400226 A CN103400226 A CN 103400226A
- Authority
- CN
- China
- Prior art keywords
- management
- module
- service
- data
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention discloses an integrated tobacco industry information security, operation and maintenance application platform system, which comprises an information security, operation and maintenance service management portal module, a centralized security control module, an informationized work management module and a business service management center module; the information security, operation and maintenance service management portal module is respectively connected with the business service management center module, the centralized security control module and the informationized work management module; the information security, operation and maintenance service management portal module mainly comprises a display module, a business module and an acquisition module, and the acquisition module is provided with an operating command interface and an external platform interface. The system can be used for centrally managing information security and IT (Information Technology) service, realizing the centralized management of accounts, authentication, authorization, audit and access, standardizing security, operation and maintenance management, increasing the quality of operation and maintenance, decreasing security risk, regularizing the behaviors of users, and facilitating to increase the professional levels of technicians.
Description
Technical field
The present invention relates to a kind of application platform system, be specifically related to a kind of tobacco business information safety operation and maintenance integral application plateform system.
Background technology
All the time, the infrastructure that the main solution emphatically of the informatization of China's tobacco business input is grown out of nothing and the structure of system, ignored system Construction and completed later operation maintenance.The long-term inertia that continues to build causes operation maintenance work is dropped into to wretched insufficiency.Hardly realize, efficiently effect and the output benefit of operation maintenance guarantee system.That drops into is unbalance, causes operation maintenance to become the short slab of Tobacco Reference in systems life cycle, has suppressed to a great extent the Effectiveness and benefit of system Construction.
Along with the development of Tobacco Reference, tobacco commercial enterprise is increasing for the dependence of IT system, and service line is constantly expanded, and the user constantly increases, and the burden of IT basis O&M also becomes day by day heavy; Single O&M product has been difficult to meet its comprehensive regulatory requirement in addition.IT O&M automatic management solution not only can guarantee the stability of IT infrastructure comprehensively targetedly, and can directly cut operating costs, and promotes service quality.
ITIL(is based on the information technology infrastructure information bank) as the standard that originates from the IT of government self regulatory requirement, government's independent development, with the E-Government O&M, natural contact is arranged, for China, improve the infosystem running quality and effect has good reference significance.From present situation and the development trend in global electronic government affairs field, ITIL has become primary standard and " best practices " reference that advances operation maintenance System Construction and regular job management.
With regard to world wide, British commonwealth of nations, as countries such as Australia, Canada, New Zealand, and other European countries, the relatively morning of ITIL application, also commonplace.In these countries, ITIL not only, as the practice standard of government organs oneself management large-scale data center operational management, also, when the contract negotiation of infosystem outsourcing of O&M, is used as the pressure permit standard of estimating service provider's qualification and service ability.
Can see, worldwide, ITIL has extensively become " best practices " and the first-selected standard that Government and enterprise improves IT service quality and managing I T outsourcing of O&M, the running quality of this service of lifting infosystem to our continuous and effective, improve output benefit and provide and put into practice sample, have stronger with reference to meaning.
Simultaneously, in the long run, cloud computing technology can bring huge growth space for the business development of an enterprise or mechanism, and can save comparatively considerable cost budgeting.Enterprise, by building privately owned cloud maintenance platform, makes O&M no longer be subjected to regional limits, can realize operation management whenever and wherever possible by network, thereby the passive method of service initiatively that changes in past is realized to active IT O&M.
In the whole Life Cycle of Information Systems of tobacco, safe O&M work has accounted for approximately 70% to 80% of whole time and cost, and remaining time and cost spend in above product development (or buying).Therefore, the IT Service Management flow process that has good result and efficiency is vital for the service guarantee of Tobacco Reference O&M and security assurance information.The IT Service Management relates generally to for meeting payment and the support of the IT service that the tobacco demand customizes.Based on IT infrastructure, ITIL provides a general framework for all activities of IT department, and these activities are parts of service offering.These activities are divided into different flow processs, when these flow process Collaboration, thereby can provide an effective framework can so that the tissue the IT Service Management more ripe.Each in these flow processs has comprised the task of one or more IT department, as service development, infrastructure management, service offering and support etc.The method of this flow process makes and likely is independent of organizational structure and describes IT Service Management best practices.
At present the similar software of external and infosystem operation maintenance management platform is the BSM (BSM) of BMC Software, and BSM combines the view that IT process (such as ITIL and automatic technology management) and shared IT serve to support basic service priority.By BSM, can realize out and out cost-savingly, simultaneously, can also drop into more IT resource and realize the innovation of business, initiatively support, and the demand that meets business.BSM, by workflow, robotization and across the visual angle of whole enterprise, solves the challenge across IT.BSM can help enterprise: by data center, optimizes and carrys out Cost optimization, and the complexity of control information technology (IT); Event and fault management by prediction prevent that service is interrupted; By the closed loop customer account management, reduce configuration and the rules compliance cost of client and desktop; By unified Service level management, realize remarkable service quality, reduce and support cost; Control IT, to realize consistance.
Existing infosystem operation maintenance management platform also has the following disadvantages:
1, each operation system and equipment respectively have cover user (internal user and the maintainer of a producer) account system, and management inconvenience is difficult in maintenance; Lack unified Certificate Authority entrance, can't realize that between system, isolation and the access authorization in network layer controlled, easily cause the possibility that between system, security risk is propagated, harm enterprise-essential data; Lack accurate, unified the whole network log audit, numerous events that each system/device can't be produced and the effectively association of network behavior record, conclusion, audit, be unfavorable for that the keeper in time locates, defends security risk; The safe access device of outer net adopts VPN equipment access service network, can't unify to control the intranet and extranet user and authenticate, authorizes, accesses, and the transmission of business datum in network lacks Means of Ensuring.
2,, when network goes wrong, lack means and in time trace to the source and get rid of Network Abnormal and fault.
3, lack the whole network hardware, software, middleware, comprehensive, concentrated supervision, operation and the management of operation system, lack from the business visual angle to fault is quick, accurate and locate, the means of raising fault solution speed.
4, lack standardization, standardized service workflow management, improve services efficiency, the service satisfaction of enterprise internal and external customer to maintenance department.
Summary of the invention
The object of the invention is to overcome existing Tobacco Reference system operation maintenance management platform and lack unified Certificate Authority entrance, lacking means in time traces to the source and gets rid of Network Abnormal and fault, lack the whole network hardware, software, middleware, comprehensive, concentrated supervision, operation and the management of operation system, lack from the business visual angle quick, the accurate location of fault, improve the means that fault solves speed, lack the deficiencies such as standardization, standardized service workflow management, and a kind of tobacco business information safety operation and maintenance integral application plateform system is provided.
For achieving the above object, technical scheme of the present invention is:
A kind of tobacco business information safety operation and maintenance integral application plateform system, comprise information safety operation and maintenance Service Management door module, concentrate security management and control module, information work administration module and BSM center module; Described information safety operation and maintenance Service Management door module is connected with the information work administration module with BSM center module, concentrated security management and control module respectively; Described concentrated security management and control module comprises service user device, F8 security gateway, business device, security management and control management equipment, network operation daily record and C/S SSO probe, maintenance customer's equipment, and subscriber equipment is connected with business device by the F8 security gateway; The security management and control management equipment is connected with business device; Maintenance customer's equipment is connected with network operation daily record and C/SSSO probe by the F8 security gateway, and network operation daily record and C/S SSO probe are connected with business device.
Described business device comprises server, switch, router, fire wall.
Described security management and control management equipment comprises F8 obturator, F8LDAP, F8IDM.
Described information safety operation and maintenance Service Management door module, mainly by display module, business module, acquisition module, display module is for providing integrated displaying interface, business module is for realizing the concrete business operation of each functional module, acquisition module is for gathering every service data of infrastructure, and described acquisition module is provided with operational order interface and outside platform interface.
described concentrated security management and control module, comprise: human-machine interface layer, application layer, network layer, interface layer, described human-machine interface layer is used to managerial personnel that the access entrance of concentrating security management and control module is provided, and provide the self-help service for user entrance, described application layer is for realizing Account Administration, Role Management, resource management, empowerment management, audit analysis, the audit early warning, platform is from management, the management functions such as terminal security access, account number management by synchronization service is provided, authentication service, the authentication hinge, the SSO service, the service functions such as Audit data collection, preserve the platform core data, comprise and account number/password, system/application, the Account Data that role/strategy etc. are relevant and audit related data, network layer is to realize by security gateway, for between nature person and resource, setting up the virtual secure territory service that is independent of physical network, interface layer provides and applies relevant interface.
Described information work administration module, mainly be comprised of data memory module, background processing module, foreground processing module and access terminal module, and data memory module contains the Tobacco System information resources, comprises structural data and unstructured data; Background processing module comprises Basic Information Management, demand management, data management, assets contract management, project management, planning management, appraisal management, the functions such as query statistic; The foreground processing module comprises that the page generates, caching process, the functions such as traffic statistics; The final user can pass through access terminal module device access websites.
Described information work administration module is in management, and outstanding work program is source and the main line of every concrete affairs, and every concrete affairs all must be first planned, by according to schedule, carry out, examination, analyze, this closed loop workflow journey of plan for adjustment, complete information system management work, on project construction management, in strict accordance with the requirement of industry inspection, realize the key link vestige record of Information-based Item and scientific and technical innovation project, project construction process is carried out to management and control.
Described BSM center module, mainly be comprised of Business Management Platform, service management platform, system management platform and interface management platform, and Business Management Platform is connected by the interface management platform with service management platform.
Business Management Platform is realized the unified monitoring to the running status of IT resource, its management object comprises the application software of each system of the equipment such as main frame, network, database, middleware and application component class, selectively warning information is delivered to service management platform, the formation event submits to the operation management personnel to process, and the configuration data in monitor database can be synchronizeed with the corresponding configuration data in the CMDB of service management platform.
The Business Management Platform structure is divided into three layers, respectively data collection layer, data analysis layer, data exhibiting layer, the network management data of monitored object is by the processing of three aspects, data collection layer gathers network management data by the interface with by guard system, deliver to data analysis layer and carry out the data processing, data analysis layer judges that to data producing warning information delivers to the data exhibiting layer on the one hand, typing monitor database on the other hand, the data exhibiting layer represents warning information, and represents various monitoring views.
The present invention adopts the beneficial effect of technique scheme to be:
1, unified management information security and IT service.Pass through native system, information security is served as a kind of IT, include O&M services flow process in and manage, by the integrating of O&M service and information security resource, realize angles of science monitoring, management, scheduling and examination to " infosystem ", " people ", " work ".
2, realize the centralized management of account number, authentication, mandate, audit, access.By native system, independently account number, authentication, mandate, audit and access system carry out integrating, the concentrated security management and control of realization separately by operation system, security system.
3, the safe operation management of standard, promote user satisfaction." three minutes build, seven minutes management ", information-based 80% benefit is embodied in the operation maintenance stage, by using native system, by the safe O&M work of further standard, reduces O&M cost, more effectively supporting business and service is provided; The unified services request of accepting, carry out " one-stop service "; By Continuous optimization service procedure and service level, effectively improve the user satisfaction of business.
4, promote the operation maintenance quality, reduce security risk.The one, user oriented, by normalized operation, reduce the risk that mistake causes; The 2nd, by active, monitor and trend analysis trouble-saving generation; The 3rd, by to the examining and authorizing of major change, reduced the risk of being not good at causing because of change; The 4th, by standardized O&M service, reduce the impact of traffic failure." IT O&M " will be no longer "black box", will become controlled, reduce security risk.
5, standard user behavior, lift technique personnel's professional level.By daily O&M and information security, carried out resource consolidation, constantly accumulated knowledge base, strengthened linking up and cooperation, the experience that passes on and share a success, lift technique personnel's professional level, promote safe O&M work to develop to specialized direction.
6, safe operation management system has been realized O&M human resources United Dispatching, improves the O&M work efficiency, has solved the problems such as the confusing communication, inefficiency, the service quality that face in present O&M and management of safe operation can't ensure, passive fire fighting.
7, safe operation management system has been realized the Real Time Monitoring of operation system and infrastructure, the service procedures such as information desk, incident management are carried out to electronization, solidify job duty, O&M service operations process to the O&M personnel has been carried out the vestige reservation, realize the unified management of O&M personnel identity, O&M operation and access control, realize that the user who concentrates accesses trace-tracking and audit.
The accompanying drawing explanation
Fig. 1 is circuit structure block diagram of the present invention.
Fig. 2 is concentrated security management and control module structured flowchart of the present invention.
Embodiment
The present invention is further illustrated below in conjunction with drawings and Examples, but do not form any limitation of the invention.
As shown in Figure 1, a kind of tobacco business information safety operation and maintenance integral application plateform system, comprise information safety operation and maintenance Service Management door module, concentrate security management and control module, information work administration module and BSM center module; Described information safety operation and maintenance Service Management door module is connected with the information work administration module with BSM center module, concentrated security management and control module respectively; As shown in Figure 2, described concentrated security management and control module comprises service user device, F8 security gateway, business device, security management and control management equipment, network operation daily record and C/S SSO probe, maintenance customer's equipment, and subscriber equipment is connected with business device by the F8 security gateway; The security management and control management equipment is connected with business device; Maintenance customer's equipment is connected with network operation daily record and C/S SSO probe by the F8 security gateway, and network operation daily record and C/S SSO probe are connected with business device.
Described business device comprises server, switch, router, fire wall.
Described security management and control management equipment comprises F8 obturator, F8LDAP, F8IDM.
Described information safety operation and maintenance Service Management door module, mainly by display module, business module, acquisition module, described acquisition module is provided with operational order interface and outside platform interface.
Described BSM module, mainly be comprised of Business Management Platform, service management platform, system management platform and interface management platform.
Described information work administration module, mainly by data memory module, background processing module, foreground processing module and access terminal module, formed, be used for information-based personal management, work program management, files and documents management, electronic management is carried out in Information-based Item implementation management, information-based appraisal management, IT asset management.
Below a kind of tobacco business information safety operation and maintenance integral application plateform system of the present invention is further described in more detail.
a kind of tobacco business information safety operation and maintenance integral application plateform system is followed the SOA framework, adopt the mode of loose coupling to provide account (Account) management for the tobacco maintainer, authentication (Authentication) management, authorize (Authorization) management, security audit management (Audit), safety access (Access) management, single-sign-on, the End to End Encryption tunnel, the security functions such as operation log recording playback, can effectively solve the various attended operation potential safety hazards in the present stage tobacco management, and can meet follow-up ever-increasing all kinds of safety management needs, possesses good security, reliability, compatible, extendability.
Concentrated security management and control module is in the centre of terminal user and target resource, plays physically-isolated effect, and the user is by before authenticate and login concentrated security management and control, and target resource is physically-isolated, can't the access destination resource; After by authentication, according to user and role's binding relationship and role, to the mandate of target resource, decide the user whether to have the access authorization of target resource, the access authorization of the target resource that the user of different stage has all can be different.
Concentrate in security management and control module, before remediation server is deployed in F8SS iGateWay, help unsafe terminal to repair qualified, only have terminal by safety assessment just to allow to connect F8SS iGateWay and carry out authentication, the follow-up works such as PORTAL access, granted access.
Concentrate security management and control module to comprise from Technical Architecture: human-machine interface layer, application layer, network layer, interface layer.
Human-machine interface layer provides the access entrance of concentrating security management and control module for personnel such as application management, system managements, and self-help service for user entrance, i.e. PORTAL are provided.
Use the personnel of man-machine interface to be divided three classes: nature person's (being operation system user of service and operation system maintainer), keeper's (namely concentrating the security management and control keeper) and auditor.
For the operation system user of service, be presented as the PORTAL form, the user enters the PORTAL system after completing the authentication access automatically, the user directly enters each operation system through authorizing by the PORTAL system, and concentrated security management and control module completes the register of each operation system automatically; Simultaneously, the user completes from service function by PORTAL, as Modify password, and replacement password etc.Simultaneously, for the operation system maintainer, this class user mainly uses the software of the C/S models such as SSH, RDP to carry out the maintenance of operation system, after the user completes the authentication access, concentrates security management and control module to fill out from account and password in generation for the user by simulation TCP stream mode.
Application layer is for realizing that Account Administration, Role Management, resource management, empowerment management, audit analysis, audit early warning, platform are from management functions such as management, terminal security accesses, the service functions such as account number management by synchronization service, authentication service, authentication hinge, SSO service, Audit data collection are provided, preserve the platform core data, comprise the Account Data relevant to account number/password, system/application, role/strategy etc. and audit related data.
Network layer is to realize by security gateway, between nature person and resource, setting up the virtual secure territory service that is independent of physical network.
Interface layer provides and applies relevant interface.
Concentrate security management and control module to adopt the virtual secure field technique based on the advanced person of P2P technique construction, according to nature person's authority and security strategy dynamically by accessed various resource division to independently in secured virtual network, guarantee specificity and " the clean property " of concrete business application system environment, realize dynamic " private network special use " based on concrete business application system.
The End to End Encryption communication between nature person and resource is realized in the virtual secure territory, divides virtual net, the safe transmission of significant data in network of protection tobacco company.
Concentrate security management and control module that enterprise network is divided into to three zones: pre-authentication domain (user area), concentrated security management and control district and post-authentication domain (business device district), system adopts the exploitation of B/S architecture design.
Concentrate the security management and control district to connect and the front territory of administrative authentication and post-authentication domain.For service-user and the maintenance customer of different operating character, provide respectively two access doors: one is used (secure gateway cluster provides access service) as business, utilizes the PLUG-IN mode to realize business SSO; Article one, as safeguarding, use (security gateway provides access service), network operation daily record and C/S SSO probe are serially connected on maintenance link, realize safeguarding the SSO of account, and record all attended operation daily records, support playback.
As shown in Figure 2, concentrated security management and control is divided into three parts: the service access link, safeguard the management of access link, security management and control.
F8 security gateway: P2PVSN, the service of network layer resource authorization of primary account number authentication, the unified access of intranet and extranet are provided to the pre-authentication domain service-user.Security gateway is as the unified access port of post-authentication domain; the user not by the authentication, obtain the authorization before; even to the connection of operation system, be also inaccessible, same in network layer, the maintenance customer can't walk around and concentrate security management and control to remove to access shielded main frame and equipment.
The daily record of F8 network operation and C/S SSO probe: record audit and the SSO service of maintenance log are provided.Probe can record the maintenance customer in a login sessions with the mutual overall process of all application, comprise the movement of renewal, mouse of screen and click and from the input of keyboard.Simultaneously, the F8 probe provides the SSO function for the maintenance customer, and maintain cryptographic adopts the real-time update mode, even the maintenance customer is known this login password, when logining, also can't login with expired password next time.
F8 obturator: for providing the safety such as antivirus software download, virus base upgrading, the download of leak patch to repair service to the user by safety inspection not, guarantee safety, the reliability of user terminal when accesses network.
F8LDAP: be the user profile source in system, preserve the system datas such as user data, authentication information, access rule, access strategy, the foundation of executable operations is provided for business and the equipment of safeguarding access link.
F8IDM: by setting up unified account storage center, as the center-control hinge of all account management behaviors, with robotization, realize all users' the function such as principal and subordinate's account management, Role Management, rights management based on the mode of strategy.
Concentrated security management and control module provides powerful user profile to integrate and synchronizing function, and it can automatically search the user profile of operation system, and these user profile are existed in the ldap server of concentrating security management and control.
Concentrated security management and control module has abundant external data sync cap, and account, resource and authorization message all can be from external system, synchronously entering, and supports the directory service, AD Active Directory Services, main flow relevant database etc. of LDAP v3 compatibility.The multiple synchronization interface is provided, and to support different source data forms, the keeper is by the relation between sync cap maintain synchronization source and destination, and the interface corresponding relation of support 1:1 and N:1.Support the multiple synchronization strategy, these strategies comprise data-mapping, data-switching, data filtering etc., and the synchronization policy edit tool of complete function is provided, and facilitate the keeper to safeguard synchronization policy.
Concentrating security management and control module can carry out accounts information with other Subscriber Management Systems by the sync cap adapter synchronizes.
By different sync cap adapters, concentrated security management and control module can with multi-form system between carry out synchronizeing of accounts information.Comprise the directory service of LDAP v3 compatibility, various relevant databases etc., and can expand by the secondary development of sync cap adapter; The sync cap adapter completes collection, screening, arrangement, the conversion work between different information, and various information is converted to and concentrates security management and control to need, and unified data layout, avoid each system data structure compatibility issue; The sync cap adapter can be configured to manual synchronous, regular synchronous and real-time synchronization pattern, meets various needs.
In data synchronization process, whole process using SSL guarantees the confidentiality of data in transmitting procedure; By HMAC, guarantee the integrality of data.
The Password Policy management function, provide the management to user's primary account number Cipher Strength, on concentrated security management and control, can manage for the intensity of account number, comprises cryptosecurity setting and modification, composition rule and verification strategy etc.
Concentrate the authentication login process of security management and control module, comprise in the login authentication (main login authentication) of concentrating the whole primary account numbers of security management and control and resource all the login authentication (secondary login authentication) from account number.
The authentication management functions of modules:
● concentrate the strong authentication center, be used to user KEY authentication that concentrated access authentication service is provided.
● provide authentication to forward service, in the needs situation, authentication request is forwarded to the external authentication assembly and completes authentication.
● multiple authentication mode is provided, supports the multiple authentication modes such as user USB KEY authentication, one-time password authentication, dynamic note authentication.
The user is after passing through to authenticate and login concentrated security management and control, system is unique virtual ip address of the whole network of user assignment according to user's identity, between the virtual ip address of wherein, user's identify label, user current real IP address and distribution, has binding relationship one to one.When the user accesses shielded resource; the application layer program is carried out communication by virtual ip address; system is encrypted with integrality and processes data by user's identify label; finally by the current real IP address of user, send; this triangular incidence relation just forms complete terminal user's entity, and the disabled user carries out forging.
Concentrate security management and control module, to each user, detailed access rights can be set, and each user to the access control of application system on the user right of setting.In fact the mandate here refers to two levels: the one, and whether the user can have access to application system; The 2nd, which application system the user can have access to.Through the mandate of these two levels, effectively control user's access rights.Concentrate security management and control module by the main body of one group of mechanism control different stage and the different granted accesss of target resource, after to the main body authentication, implement Internet resources security control management.
By role's mechanism, control the different granted accesss of user and target resource, to the unified management of operation system.
Empowerment management is according to " account number+role " Model Design.The keeper can be directly by concentrating security management and control to carry out the different rights of maintenance customer in each operation system.
The user is by concentrating security management and control module all to record, also audit the operation behavior of Managed Resource, receive and preserve log information, for security audit and tracking foundation, in time find illegal login and illegal operation, to illegal login and illegal operation express-analysis, location and response.
Concentrated security management and control module has the ability of complete reconstruction session, and from user's login, until the user publishes, middle all operations (comprise legal with illegal operation) all can be audited.User's Operation Log, take session as base unit, is avoided various information elusive problem mixed in together.
All daily records that produce in platform are all carried out associatedly with user's identity (passing through user certificate), facilitate the keeper afterwards to the tracking of daily record; The user passes through all operations such as TELNET/SSH, RDP by log, can carry out complete playback to these operations afterwards; System provides multiple log audit mode, and form is derived in multiple daily record, and the self-defined report systematic function.
Concentrate security management and control module to require built-in security incident rule base, and can be in real time user's operating process be detected, in case find the violation operation behavior, can in time send a warning message or automatic hang up session to the auditor.The security incident rule base is supported self-defined extended function, and the keeper can, according to the enterprise internal management demand, expand the rule base content flexibly.
The user uses client software by network, remote information system to be safeguarded, its method is: the interface elements such as the menu on use mouse click software interface, button, use keyboard input command or data, by the demonstration of the interface control elements such as software interface obtaining information, command result and menu, button.These behaviors of audit module records, the result that record screen display and variation, mouse moves and click, keyboard are inputted and ordered and operate.
Existing in record of the audit ways of presentation upper body is record, reduce user at that time finding and do.In auditing system, realized the video recording formula playback to session, the interface display the when user operated at that time in replayed section, the movement of mouse can be reproduced with chapter and verse with click.
Concentrated security management and control module provides abundant strategy to carry out personalized terminal connection security management; in default policy; only have the terminal that meets following two conditions to communicate with other legal terminal; could access protected application system, realize the function identical with 802.1X.
P2P VSN, at the operation system environment, builds an encryption virtual secure net that is independent of physics DCN net between nature person and resource.
At the network communication layer, realize the P2P function, to upper layer application, provide the transparence service, irrelevant with upper layer application, no matter the user uses any software to access quickly and easily, does not need upper layer software (applications) is carried out to any modification.
By concentrating security management and control module, user terminal is no matter in enterprise network or in internet, only need after can be between network layer and security gateway, can reaching, by authentication to set up P2P VSN virtual secure territory, by encryption tunnel end to end, with authorizing operation system, communicate.
In P2P VSN virtual secure territory, all adopt UDP group bag, each original message all can through restructuring could be in the virtual secure territory normal communication.
Client all is packaged in original IP head, TCP head and data in the data of reconstructed file and encrypts, and then construct oneself IP head and UDP head, after such processing, send this message to security gateway again, security gateway is carried out the process opposite with client, namely unpack, decryption oprerations, the communication of terminal and terminal is also like this.For application layer, the message that they transmit and receive is all that the virtual address of use is carried out communication, and virtual net has upwards shielded the details of all transmission, and application layer can think that network layer has directly completed reciprocity exchanges data.When message transmission being recombinated to packing, each message uses the digital certificate of oneself to carry out data signature, when receiving data message, both sides carry out the data sign test, guaranteed both sides' communication datas reliability and can not tamper, middle interception can't be counterfeit either party identity carry out the data falsification message.
Concentrated security management and control module provides real-time viewing by the main frame of security gateway real-time online.
Concentrate security management and control keeper's management, the functions such as establishment, modification, deletion and inquiry to keeper itself are provided.
Classification/layer-management of keeper, mandatory administration (or interim mandate), provide the keeper carried out to level definition etc. according to regulatory requirement.
Platform is supported classification, minute authority management mode, and to secondary keeper allocation manager authority, the secondary keeper is to triode reason person allocation manager authority etc. by the root keeper.System is supported the infinite stages decentrallized management; these administration authorities comprise department's tree maintenance, user's maintenance, locked resource maintenance, access rights maintenance etc.; these authorities can be assigned to arbitrarily the keeper of subordinate by upper management person in the compass of competency of oneself, realize the Authority and Domain Based Management management.
Operational management provides concentrating the function of security management and control module running state monitoring, allows the keeper understand at any time the running status of concentrating security management and control module, as the running status of online user's situation, system load situation, each assembly etc.
Concentrated security management and control module can just can realize changing user self-help, give for change, reset by a simple administration interface, and they concentrate the password of security management and control deployment.
The information work administration module, be comprised of data memory module, background processing module, foreground processing module and access terminal module, and data memory module contains the Tobacco System information resources, comprises structural data and unstructured data; Background processing module comprises Basic Information Management, demand management, data management, assets contract management, project management, planning management, appraisal management, the functions such as query statistic; The foreground processing module comprises that the page generates, caching process, the functions such as traffic statistics; The final user can pass through access terminal module device access websites.
The information work administration module is realized daily information system management work electronization from aspects such as service provider's management, asset management, planning management, project constructions.In management, outstanding work program is source and the main line of every concrete affairs, and every concrete affairs all must be first planned, by according to schedule, carry out, examination, analyze, this closed loop workflow journey of plan for adjustment, complete information system management work, on project construction management, in strict accordance with the requirement of industry inspection, realize the key link vestige record of Information-based Item and scientific and technical innovation project, project construction process is carried out to management and control.
Service provider's management is to define, consult, sign and estimate the process that the service provider offers the quality level of Tobacco Reference service.Service supplier's management provides supplier base data in asset management, assets contract management.
Service provider's information of service provider's management comprises: service provider's title, slip-stick artist's name, telephone number, service contract, service response rank, response time limit, contract life, service times, service date, service content.
Asset management realizes dynamic management, the monitoring to information-based asset equipment (hardware, software), real-time Information asset equipment distribution situation, assets change, assets maintenance, use are carried out to tracing management, realize the accountability of information-based assets use procedure, reach assets and use the precision management that everyone has responsibility, comprise assets use management and assets contract management.
Assets use management realize to the needing the repair and maintenance assets, wait for the continuation of insurance assets of assets, the assets of continuing insurance, having distributed assets, repair and maintenance audit assets, accumulative total continue insurance assets, amount of assets is in time reminded Under Repair.
The assets contract management is that the stock of assets and contract are carried out to comprehensive management, to being about to overdue contract, carry out real-time reminding, assets and service are estimated, screened the quality of supplier and product, for later stage buying, lease, repair and maintenance supplier and product select to provide foundation.
The information work administration module is reminded the contract item that the user is near completion in advance, and reminder time and reminded contents can need to set up on their own according to the user.
The data management of information work administration module is that Miscellaneous Documents, report, document, service manual, operation manual etc. are classified and managed, realize the orderly file of archives material, the quantity information of grasp data, the timely issue of practical materials information, be convenient to sharing of information, improve the data utilization ratio.
The user completes the formulation of information center's year, half a year and monthly plan and examines by planning management.It has three characteristics, and the one, plan can generate automatically according to the action of user's typing; The 2nd, the formulation that realizes a plan by workflow and examine processing; The 3rd, the embodiment plan is the prerequisite that every specific works is carried out, must be first planned, could carry out project construction (detailed programs, scientific and technical innovation), management (service of patrolling and examining, quality lifting, training, safety rehearsal, post contest, academic exchange, information-based examination) and planning.Superior unit can be inquired about our unit and subordinate unit's planning management content by planning management, does not relate to audit and change etc.
The examination template is safeguarded, content of examination is issued, the result of appraisal are made a report on and all belonged to information work appraisal management part.By the information-based check function of platform, realize the job rating to information-based employee's various aspects, reach based on this rational performance evaluation to personnel.Content of examination can customize, and the examination customization masterplate that the user provides by system carries out uploading of information-based performance assessment criteria and result to be assigned.
The user that the examination template is safeguarded is the corporate department supvr of provinces and cities and IT O&M personnel.Province company is responsible for the information-based unified examination template of the whole province and safeguards, and can check the internal examination information that city company formulates; The whole province's examination Template Information can be checked by city company, and safeguards city intra-company examination template.
The content of examination masterplate can be divided into overall examination, special examination, department's internal examination and safety assessment according to the examination scope.
Because examination project, content of examination and corresponding score value may change every year, the user can safeguard that link safeguards modification to examination project, content and score value by the examination masterplate, in order to adapt at any time check requirements.For before changing examination record, can deposit history library in.
The IT of city company O&M personnel formulate and fill in examination template list, and division management person is responsible for audit examination template list, audit by after issue each county company or specify Mou Jia county company to come into force.
The result of appraisal are made a report on for province, the examination of city company and are checked oneself result and make a report on, and province corporate user can view the examination of constituent parts from scoring and the result of appraisal by this page.For can be by the performance assessment criteria item of system automatic acquisition, its score can automatically be converted and be obtained or system Auto-writing relative recording in remarks column by system.
The maintenance of project link, project construction template configuration, project construction management are the subfunctions of project management module.The project management function of platform is the requirement according to " three inspections ", and the software and hardware Information-based Item in building for Information-based Item is built, and from State Bureau's management and province tobacco management of investment two aspects, supervises; For the scientific and technical innovation project from 3 link managements, to realize the information system management to all kinds of project constructions, the orderly progress of Guarantee item, and in time export and preserve project data.
The project link is safeguarded model project construction template, on the template basis, for items of different types, builds link, safeguards the link Back ground Information.
By the Information-based Item implementation management, realize starting to complete to project from project, carry out project planning and the project control, so that the goal of cost of project, schedule objective and quality objective etc. are achieved.
The user can safeguard the state of this project key link according to the project construction implementation and progress condition at the project link management page, when link completes, it is carried out to mark, and uploads all information documents that this link has been submitted to.And define unsharp project for some progress link, by the text description state of progress, comprise item types, current performance level, statistical study etc.
The demand management of information work management is that information system requirement is carried out to workflow management, by each link, with mode word, embodies the demand progress.
The BSM center module mainly is comprised of Business Management Platform, service management platform, system management platform and interface management platform four parts, and Business Management Platform is connected by the interface management platform with service management platform.
Business Management Platform is realized the unified monitoring to the running status of IT resource, its management object comprises the application software of each system of the equipment such as main frame, network, database, middleware and application component class, selectively warning information is delivered to service management platform, the formation event submits to the operation management personnel to process, and the configuration data in monitor database can be synchronizeed with the corresponding configuration data in the CMDB of service management platform.
The Business Management Platform structure is divided into three layers, respectively data collection layer, data analysis layer, data exhibiting layer, the network management data of monitored object is by the processing of three aspects, data collection layer gathers network management data by the interface with by guard system, deliver to data analysis layer and carry out the data processing, data analysis layer judges that to data producing warning information delivers to the data exhibiting layer on the one hand, typing monitor database on the other hand, the data exhibiting layer represents warning information, and represents various monitoring views.
Service management platform is for the unified maintenance management work of BSM center module, and the four large management processes that it mainly provides are respectively: incident management flow process, issue management flow process, change management flow process and configuration management flow process and manage based on Workflow Management, information management and the group financial statements of these flow processs.Service management platform provides a unified flow process query page, can according to flow process type, state, time period, inquire about execution time and the operation information of each task under the ruuning situation of all flow instances, is convenient to the integral monitoring of managerial personnel to flow process.
The resource that service management platform is supported at present comprises network, main frame, operation system, database, medium/contract, middleware, IP address, domain name etc.Network device management information comprises the equipment base attribute, board information, interface message, related information etc.Main process equipment management information comprises the main frame base attribute, cpu and memory information, logical volume information, interface message, related information etc.Operation system management information comprises the business base attribute, critical processes information, interface message, related information etc.Base attribute and configuration information in the middle of middleware management information comprises, related information etc.Medium/contract management information comprises their base attribute, related information etc.
Service management platform is set up different classifications to the various resources in the IT system environment, and the resource of every kind has public attribute and special attribute separately.The basic ideas of whole model are from operation system, from top to bottom with the relevant various resources of this operation system, including in each self-corresponding management information bank, and in storehouse, are remaining the incidence relation between them.
For the ease of all resources in system, carry out unified management, system is supported the unified resource coded system.Can well define in this way resource ownership, resource class, the information such as resource place application system.Coding rule is an attribute of all resource objects, manual typing is provided and automatically generates two kinds of mode input systems, and system provides the iterative testing to coding, if system is once there being this coding, by the prompting operation people.
System provides service topology figure in patterned mode, to show resource organizations's situation of whole operation system, by this topological diagram, can allow the user very clearly know this operation system normal operation whether at present, the performance index situation of various resources, alarm situation etc.
In the management of IT service procedure, resource also is embodied in the flow processs such as incident management, issue management, change management, configuration management accordingly.When certain resource generation alarm, system is delivered to information desk by this event of " work is singly sent with charge free " operation handlebar and is generated a new event, simultaneously this resource number is logged in event.In the issue management flow process, if problem derives from event, system is presented at the relevant resource association of this event in the problem request, and simultaneity factor provides interface to allow the user select to be subjected to business and the related resource of this problems affect.In the change management flow process, if change derives from problem, system is presented at the relevant resource of this problem in the change request, and simultaneity factor also provides interface to allow the user need select the reason, impact etc. of the resource of change and change.In the configuration management flow process, system, according to the change embodiment, is done and is upgraded operation the resource of needs change in database.
Incident management is a very crucial flow process, and at first it detect event and determine accurately that then correct support resource is in order to solve as early as possible the ability of event for tissue provides.This flow process also provides the accurate information about the event of impact tissue for administration and supervision authorities, so that they can determine essential support resource, and carries out plan for the supply of support resource.
By utilizing the incident management flow process, tissue can guarantee that their support resource concentrates on the most urgent and may produce on the problem of maximum effect business.If the control and management information that provides of this flow process not, tissue can't guarantee whether they really meet its target in the investment aspect the IT support.
The incident management flow process is intended to guarantee to detect event, then records services request.Record guarantees there is no event or the services request of omitting, and allows record to be followed the tracks of, and the information of offer help issue management and activity program.This flow process comprises utilizes technology that the function of Self-Service is provided to the client, for they are provided to the flexible of support function and interface, also work load and personnel's requirement of reduction support information desk simultaneously easily.
Services request, for example change request (RFC) or batch processing job request, also the corresponding flow process according to such services request records then processing.
Course of event classifies to guarantee arrange correct priority and send to correct support resource for them.Incident management comprises initial support process, and these flow processs allow according to known mistake and the new event of problem detection, in order to can locate fast any solution of determining in the past.
Then incident management provides one can investigate, diagnose, solve the also structure of termination event.This flow process is guaranteed that event is controlled in whole life cycle, is followed the tracks of and monitor.
The major event of the reaction that the regular event flow process provides may occur to exceed sometimes.Incident management comprises the flow process for the treatment of these major events, comprise the management and function reports, effectively the communication and formal rollback plan.
The main target of incident management SMF is to recover as early as possible normal service running, and minimize to service operation negative effect, thereby guarantee the service quality of remaining good and availability rank.The normal service running is defined as the service operation management in service level agreements (SLA) restriction.
Incident management is processed the services request that all events that detect and all can cause by information desk.
The scope of the different services request that IT department receives may be different because of different tissues, depends on the Structure and Scale of tissue, and wherein some request will be processed by information desk fully, and other requests will be by the flow processing in other parts of other SMF or tissue.Under latter event, the incident management flow process is as the interface to corresponding flow process.Such a example is the RFC that possible pass to the change management flow process.
The basic goal of issue management flow process is the generation of elimination or the event of minimizing, the business event that the IT system inherent vice is caused or the negative effect of problem drop to bottom line, this process analysis occurs in the event (being usually buttoned-up logout) of production environment, determine the most often to occur or have the event of maximum effect, find out basic reason, the preventive measure that then generates change request (RFC), alternative or suggestion prevents the generation again of event.
The issue management scope is that not basic problem and the known error that solves in all IT production environments managed, and taking the initiative property preventive measure reduce event number, and great or emergency also is defined as problem to analyze the basic reason of its generation after handling.Generally or event that most take support staff resource maximum to the IT service impact preferentially analyzed.
Change management is carried out all changes in the whole IT running environment of control and management by a single function flow, and sets up interface with configuration management.Change management should be supported by management tool, and the scope of management can comprise software, hardware, the change of the network equipment and document etc.
All changes to IT system have the change request that is associated.Change is classified according to urgency level, risk and potential seriousness.IT department has worked out the list of a known change type, for assessment of risk.
All be managed and be controlled to the change management flow process will to the influential change of IT production environment by the unified method of standard and step.
System management platform comprises the management of user, role and authority, and the safety management of network management system self and log request.
By the BSM system, can reflect comprehensively, correctly, in time by the running status of guard system, improve maintenance quality and efficiency, make in IT department to support that the information of service is more unimpeded, transparent, complete and effective;
By knowledge accumulation and information management, and then set and optimize index, carry out quantitative management, realize the service improvement that continues; Finally, can higher-quality service be provided and improve their satisfaction for business department and user, IT department be turned into to the IT Operation and Maintenance Center of standard.
The treatment scheme of event and the Disposal Strategies that encounters problems below are described take incident management as example, and main flow content comprises:
1. detect, record: the source of event comprises the services request that ALM information and user submit to by phone, fax or Email.All events all will be carried out record, in order to can in their whole life cycle, follow the tracks of, monitor and upgrade them.Then can be by this information for issue management, report, process optimization and planning.
2. the processing of services request: this link allows processing and the distribution of services request.Dissimilar services request need to be processed in a different manner.
3. classification and initial support: the classification link is divided classification to event, and uses the priority of determining event about the information of impact and urgency.Initial support process is intended to solve for event provides First Line.For realizing this point, can detect according to known mistake, existing problem and former event, in order to define the solution of documentation.
4. investigation and diagnosis: this link is processed the investigation of event and the collection of diagnostic data.Its target is to determine how can solve as early as possible event.This link is according to the requirement of service level agreement (SLA), can carry out corresponding event upgrading, management reports or function reports.
5. major event emergency disposal: having the major event process is the matters of aggravation that need to exceed the response that the regular event process provides in order to process those.Although these events are still followed the regular event life cycle, the triggering of major event process provide the needed enhancing of event of these high priorities coordination, report, communication and resource.
6. solve and recover: this link contains the needed step of solution event, is often by with the change management flow process, coordinating with enforcing remedies and operate.After taking action, will the successful situation that solve be checked, or carry out recovery operation according to the actual requirements.
7. termination: this link guarantees that before close event record client pleases oneself to the solution of this event.This flow process also checks whether logout is upgraded fully, and it is assigned to certain termination classification.
Above demonstration and described ultimate principle of the present invention and principal character.The technician of the industry should understand; the present invention is not restricted to the described embodiments; that in above-described embodiment and instructions, describes just illustrates principle of the present invention; without departing from the spirit and scope of the present invention; the present invention also has various changes and modifications, and these changes and improvements all fall in the claimed scope of the invention.The claimed scope of the present invention is defined by appending claims and equivalent thereof.
Claims (10)
1. a tobacco business information safety operation and maintenance integral application plateform system, is characterized in that: comprise information safety operation and maintenance Service Management door module, concentrate security management and control module, information work administration module and BSM center module; Described information safety operation and maintenance Service Management door module is connected with the information work administration module with BSM center module, concentrated security management and control module respectively; Described concentrated security management and control module comprises service user device, F8 security gateway, business device, security management and control management equipment, network operation daily record and C/S SSO probe, maintenance customer's equipment, and subscriber equipment is connected with business device by the F8 security gateway; The security management and control management equipment is connected with business device; Maintenance customer's equipment is connected with network operation daily record and C/S SSO probe by the F8 security gateway, and network operation daily record and C/S SSO probe are connected with business device.
2. a kind of tobacco business information safety operation and maintenance integral application plateform system according to claim 1, it is characterized in that: described business device comprises server, switch, router, fire wall.
3. a kind of tobacco business information safety operation and maintenance integral application plateform system according to claim 1, it is characterized in that: described security management and control management equipment comprises F8 obturator, F8LDAP, F8IDM.
4. a kind of tobacco business information safety operation and maintenance integral application plateform system according to claim 1, it is characterized in that: described information safety operation and maintenance Service Management door module, mainly by display module, business module, acquisition module, display module is for providing integrated displaying interface, business module is for realizing the concrete business operation of each functional module, acquisition module is for gathering every service data of infrastructure, and described acquisition module is provided with operational order interface and outside platform interface.
5. a kind of tobacco business information safety operation and maintenance integral application plateform system according to claim 1, it is characterized in that: described concentrated security management and control module comprises: human-machine interface layer, application layer, network layer, interface layer, described human-machine interface layer are used to managerial personnel that the access entrance of concentrating security management and control module is provided, and the self-help service for user entrance is provided, and described application layer is for realizing Account Administration, Role Management, resource management, empowerment management, audit analysis, the audit early warning, platform is from management, the management functions such as terminal security access, provide account number management by synchronization service, authentication service, the authentication hinge, the SSO service, the service functions such as Audit data collection, preserve the platform core data, comprises and account number/password, system/application, the Account Data that role/strategy etc. are relevant and audit related data, network layer is to realize by security gateway, between nature person and resource, setting up the virtual secure territory service that is independent of physical network, interface layer provides and applies relevant interface.
6. a kind of tobacco business information safety operation and maintenance integral application plateform system according to claim 1, it is characterized in that: described information work administration module, mainly by data memory module, background processing module, foreground processing module and access terminal module, formed, data memory module contains the Tobacco System information resources, comprises structural data and unstructured data; Background processing module comprises Basic Information Management, demand management, data management, assets contract management, project management, planning management, appraisal management, the functions such as query statistic; The foreground processing module comprises that the page generates, caching process, the functions such as traffic statistics; The final user can pass through access terminal module device access websites.
7. a kind of tobacco business information safety operation and maintenance integral application plateform system according to claim 6, it is characterized in that: described information work administration module is in management, outstanding work program is source and the main line of every concrete affairs, every concrete affairs all must be first planned, by according to schedule, carry out, examination, analyze, this closed loop workflow journey of plan for adjustment, complete information system management work, on project construction management, requirement in strict accordance with the industry inspection, realize the key link vestige record of Information-based Item and scientific and technical innovation project, project construction process is carried out to management and control.
8. a kind of tobacco business information safety operation and maintenance integral application plateform system according to claim 1, it is characterized in that: described BSM center module, mainly Business Management Platform, service management platform, system management platform and interface management platform, consist of, Business Management Platform is connected by the interface management platform with service management platform.
9. a kind of tobacco business information safety operation and maintenance integral application plateform system according to claim 8, it is characterized in that: Business Management Platform is realized the unified monitoring to the running status of IT resource, its management object comprises the application software of each system of the equipment such as main frame, network, database, middleware and application component class, selectively warning information is delivered to service management platform, the formation event submits to the operation management personnel to process, and the configuration data in monitor database can be synchronizeed with the corresponding configuration data in the CMDB of service management platform.
10. a kind of tobacco business information safety operation and maintenance integral application plateform system according to claim 8, it is characterized in that: the Business Management Platform structure is divided into three layers, it is respectively data collection layer, data analysis layer, the data exhibiting layer, the network management data of monitored object is by the processing of three aspects, data collection layer gathers network management data by the interface with by guard system, deliver to data analysis layer and carry out the data processing, data analysis layer judges that to data producing warning information delivers to the data exhibiting layer on the one hand, typing monitor database on the other hand, the data exhibiting layer represents warning information, and represent various monitoring views.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2013103270402A CN103400226A (en) | 2013-07-31 | 2013-07-31 | Integrated tobacco industry information security, operation and maintenance application platform system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2013103270402A CN103400226A (en) | 2013-07-31 | 2013-07-31 | Integrated tobacco industry information security, operation and maintenance application platform system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103400226A true CN103400226A (en) | 2013-11-20 |
Family
ID=49563843
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2013103270402A Pending CN103400226A (en) | 2013-07-31 | 2013-07-31 | Integrated tobacco industry information security, operation and maintenance application platform system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103400226A (en) |
Cited By (38)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104217307A (en) * | 2014-09-23 | 2014-12-17 | 中国南方电网有限责任公司 | Achievement structured management and quality monitoring method for full information construction process |
| CN104599064A (en) * | 2015-01-19 | 2015-05-06 | 北京百度网讯科技有限公司 | Operation maintenance management system of data center |
| CN104809535A (en) * | 2014-01-28 | 2015-07-29 | 中国移动通信集团福建有限公司 | Power operation and maintenance integrated management method, device and system based on configurable presentation |
| CN104992115A (en) * | 2015-07-31 | 2015-10-21 | 成都亿信标准认证集团有限公司 | Project management device with intrusion protection alarm function |
| CN104992128A (en) * | 2015-07-31 | 2015-10-21 | 成都亿信标准认证集团有限公司 | Project management system with intrusion protection function |
| CN105045100A (en) * | 2015-06-08 | 2015-11-11 | 浪潮电子信息产业股份有限公司 | Intelligent operation monitoring platform for management by use of mass data |
| CN105306460A (en) * | 2015-10-13 | 2016-02-03 | 国家电网公司 | Unified vulnerability patch management system |
| CN105516160A (en) * | 2015-12-17 | 2016-04-20 | 北京荣之联科技股份有限公司 | Domain management object mapping apparatus and unified identity authentication system |
| CN105512790A (en) * | 2015-08-14 | 2016-04-20 | 上海合胜计算机科技股份有限公司 | Integrated operation and maintenance management system |
| CN106357371A (en) * | 2016-10-31 | 2017-01-25 | 聚好看科技股份有限公司 | Cross-machine-room data transmission method and servers |
| CN106548324A (en) * | 2016-10-09 | 2017-03-29 | 广州市佳众联科技有限公司 | A kind of IT system O&M service management system |
| CN106649496A (en) * | 2016-10-10 | 2017-05-10 | 国信优易数据有限公司 | Government affairs data collecting and sharing system and method |
| CN106713365A (en) * | 2017-02-28 | 2017-05-24 | 郑州云海信息技术有限公司 | Cloud environment-based network security system |
| CN107146189A (en) * | 2017-04-26 | 2017-09-08 | 贵州省烟草公司贵阳市公司 | Licensing is self-service handles system for tobacco monopolization retail |
| CN108173700A (en) * | 2018-01-29 | 2018-06-15 | 云南昆船设计研究院有限公司 | A kind of industrial control system safety service platform and implementation |
| CN108418697A (en) * | 2017-02-09 | 2018-08-17 | 南京联成科技发展有限公司 | A kind of realization framework of intelligentized safe O&M service cloud platform |
| CN105577656B (en) * | 2015-12-17 | 2018-09-25 | 北京荣之联科技股份有限公司 | A kind of unified identity authentication method based on cloud platform |
| CN108960456A (en) * | 2018-08-14 | 2018-12-07 | 东华软件股份公司 | Private clound secure, integral operation platform |
| CN109242248A (en) * | 2018-08-02 | 2019-01-18 | 山东中烟工业有限责任公司 | Cigarette machine multidimensional data comprehensive analysis platform and method |
| CN109255590A (en) * | 2018-09-08 | 2019-01-22 | 中建精诚工程咨询有限公司 | A kind of construction project cost auditing system |
| CN109784957A (en) * | 2019-03-07 | 2019-05-21 | 魏巍 | A kind of international trade food import and export information storage tool system |
| CN110223048A (en) * | 2019-06-18 | 2019-09-10 | 湖南晖龙集团股份有限公司 | Special fund declares comprehensive management platform system |
| CN110430073A (en) * | 2019-07-30 | 2019-11-08 | 中国工程物理研究院计算机应用研究所 | A kind of heterogeneous system automation O&M method based on abstract service atomic operation |
| CN110458528A (en) * | 2019-08-07 | 2019-11-15 | 上海数讯信息技术有限公司 | A kind of full-service configuration management platform based on CMDB operation management |
| CN110597629A (en) * | 2019-08-30 | 2019-12-20 | 上海辰锐信息科技公司 | Resource scheduling method based on resource preposed atomization and cloud pooling |
| CN110719246A (en) * | 2018-07-11 | 2020-01-21 | 上海越钰信息技术有限公司 | Website vulnerability checking system |
| CN110826729A (en) * | 2019-10-08 | 2020-02-21 | 云南云思科技有限公司 | Multi-terminal automatic operation and maintenance management platform and operation and maintenance method |
| CN111008026A (en) * | 2018-10-08 | 2020-04-14 | 阿里巴巴集团控股有限公司 | Cluster management method, device and system |
| CN111078270A (en) * | 2019-11-20 | 2020-04-28 | 北京国舜科技股份有限公司 | Application security management and control method and device, electronic equipment and storage medium |
| CN111221870A (en) * | 2019-10-17 | 2020-06-02 | 北京农信通科技有限责任公司 | Management platform and method for rural collective property right reform |
| CN111597525A (en) * | 2020-06-05 | 2020-08-28 | 深圳华讯网络科技有限公司 | Resource management system security platform |
| CN112163822A (en) * | 2020-08-05 | 2021-01-01 | 宁夏无线互通信息技术有限公司 | Ecological environment information comprehensive display and external disclosure system |
| CN112200403A (en) * | 2020-08-24 | 2021-01-08 | 南方电网数字电网研究院有限公司 | Power industry operation and maintenance scheduling system capacity management method |
| CN112765600A (en) * | 2020-12-28 | 2021-05-07 | 中国人寿保险股份有限公司上海数据中心 | Control method for collecting automatic synchronization CMDB based on HIDS intrusion detection |
| CN113377737A (en) * | 2021-04-27 | 2021-09-10 | 国网吉林省电力有限公司 | Intelligent operation and maintenance management system of database |
| CN114418512A (en) * | 2021-10-18 | 2022-04-29 | 国网安徽省电力有限公司马鞍山供电公司 | Automatic inspection system for information system of power enterprise |
| CN117112656A (en) * | 2023-05-19 | 2023-11-24 | 中国标准化研究院 | Integrated information intelligent management system and method for scientific and technological volunteer service management |
| CN117171808A (en) * | 2023-09-01 | 2023-12-05 | 国家林业和草原局华东调查规划院 | System for checking and proving performance of forest stand |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN201716762U (en) * | 2010-06-28 | 2011-01-19 | 中国烟草总公司湖南省公司 | Application platform system for tobacco industry system |
-
2013
- 2013-07-31 CN CN2013103270402A patent/CN103400226A/en active Pending
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN201716762U (en) * | 2010-06-28 | 2011-01-19 | 中国烟草总公司湖南省公司 | Application platform system for tobacco industry system |
Non-Patent Citations (5)
| Title |
|---|
| 刘文明: "烟草企业信息安全运维管理系统的需求分析与设计", 《科技信息》 * |
| 包长均: "湖北省烟草网络运维管理平台的设计与实现", 《万方数据库》 * |
| 叶永生: "基于ITIL方法的运维服务系统研究与设计", 《现代计算机(专业版)》 * |
| 李益文: "湖南省烟草商业系统信息安全运维管理体系建设的思考", 《湖南烟草》 * |
| 蔡喆等: "烟草商业企业应用集成架构的设计与实现", 《信息技术与标准化》 * |
Cited By (44)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104809535A (en) * | 2014-01-28 | 2015-07-29 | 中国移动通信集团福建有限公司 | Power operation and maintenance integrated management method, device and system based on configurable presentation |
| CN104217307B (en) * | 2014-09-23 | 2016-04-13 | 中国南方电网有限责任公司 | A kind of informatization overall process achievement structured management and quality control method |
| CN104217307A (en) * | 2014-09-23 | 2014-12-17 | 中国南方电网有限责任公司 | Achievement structured management and quality monitoring method for full information construction process |
| CN104599064A (en) * | 2015-01-19 | 2015-05-06 | 北京百度网讯科技有限公司 | Operation maintenance management system of data center |
| CN105045100A (en) * | 2015-06-08 | 2015-11-11 | 浪潮电子信息产业股份有限公司 | Intelligent operation monitoring platform for management by use of mass data |
| CN104992115A (en) * | 2015-07-31 | 2015-10-21 | 成都亿信标准认证集团有限公司 | Project management device with intrusion protection alarm function |
| CN104992128A (en) * | 2015-07-31 | 2015-10-21 | 成都亿信标准认证集团有限公司 | Project management system with intrusion protection function |
| CN105512790A (en) * | 2015-08-14 | 2016-04-20 | 上海合胜计算机科技股份有限公司 | Integrated operation and maintenance management system |
| CN105306460A (en) * | 2015-10-13 | 2016-02-03 | 国家电网公司 | Unified vulnerability patch management system |
| CN105516160B (en) * | 2015-12-17 | 2018-10-02 | 北京荣之联科技股份有限公司 | A kind of domain management object map device and unified single sign-on system |
| CN105516160A (en) * | 2015-12-17 | 2016-04-20 | 北京荣之联科技股份有限公司 | Domain management object mapping apparatus and unified identity authentication system |
| CN105577656B (en) * | 2015-12-17 | 2018-09-25 | 北京荣之联科技股份有限公司 | A kind of unified identity authentication method based on cloud platform |
| CN106548324A (en) * | 2016-10-09 | 2017-03-29 | 广州市佳众联科技有限公司 | A kind of IT system O&M service management system |
| CN106649496A (en) * | 2016-10-10 | 2017-05-10 | 国信优易数据有限公司 | Government affairs data collecting and sharing system and method |
| CN106357371A (en) * | 2016-10-31 | 2017-01-25 | 聚好看科技股份有限公司 | Cross-machine-room data transmission method and servers |
| CN106357371B (en) * | 2016-10-31 | 2019-09-17 | 聚好看科技股份有限公司 | Across computer room data transmission method and server |
| CN108418697B (en) * | 2017-02-09 | 2021-09-14 | 南京联成科技发展股份有限公司 | Implementation architecture of intelligent safe operation and maintenance service cloud platform |
| CN108418697A (en) * | 2017-02-09 | 2018-08-17 | 南京联成科技发展有限公司 | A kind of realization framework of intelligentized safe O&M service cloud platform |
| CN106713365A (en) * | 2017-02-28 | 2017-05-24 | 郑州云海信息技术有限公司 | Cloud environment-based network security system |
| CN107146189A (en) * | 2017-04-26 | 2017-09-08 | 贵州省烟草公司贵阳市公司 | Licensing is self-service handles system for tobacco monopolization retail |
| CN108173700A (en) * | 2018-01-29 | 2018-06-15 | 云南昆船设计研究院有限公司 | A kind of industrial control system safety service platform and implementation |
| CN110719246A (en) * | 2018-07-11 | 2020-01-21 | 上海越钰信息技术有限公司 | Website vulnerability checking system |
| CN109242248A (en) * | 2018-08-02 | 2019-01-18 | 山东中烟工业有限责任公司 | Cigarette machine multidimensional data comprehensive analysis platform and method |
| CN108960456A (en) * | 2018-08-14 | 2018-12-07 | 东华软件股份公司 | Private clound secure, integral operation platform |
| CN109255590A (en) * | 2018-09-08 | 2019-01-22 | 中建精诚工程咨询有限公司 | A kind of construction project cost auditing system |
| CN111008026B (en) * | 2018-10-08 | 2024-03-26 | 阿里巴巴集团控股有限公司 | Cluster management method, device and system |
| CN111008026A (en) * | 2018-10-08 | 2020-04-14 | 阿里巴巴集团控股有限公司 | Cluster management method, device and system |
| CN109784957A (en) * | 2019-03-07 | 2019-05-21 | 魏巍 | A kind of international trade food import and export information storage tool system |
| CN110223048A (en) * | 2019-06-18 | 2019-09-10 | 湖南晖龙集团股份有限公司 | Special fund declares comprehensive management platform system |
| CN110430073A (en) * | 2019-07-30 | 2019-11-08 | 中国工程物理研究院计算机应用研究所 | A kind of heterogeneous system automation O&M method based on abstract service atomic operation |
| CN110430073B (en) * | 2019-07-30 | 2022-06-21 | 中国工程物理研究院计算机应用研究所 | Heterogeneous system automatic operation and maintenance method based on abstract service atomic operation |
| CN110458528A (en) * | 2019-08-07 | 2019-11-15 | 上海数讯信息技术有限公司 | A kind of full-service configuration management platform based on CMDB operation management |
| CN110597629A (en) * | 2019-08-30 | 2019-12-20 | 上海辰锐信息科技公司 | Resource scheduling method based on resource preposed atomization and cloud pooling |
| CN110826729A (en) * | 2019-10-08 | 2020-02-21 | 云南云思科技有限公司 | Multi-terminal automatic operation and maintenance management platform and operation and maintenance method |
| CN111221870A (en) * | 2019-10-17 | 2020-06-02 | 北京农信通科技有限责任公司 | Management platform and method for rural collective property right reform |
| CN111078270A (en) * | 2019-11-20 | 2020-04-28 | 北京国舜科技股份有限公司 | Application security management and control method and device, electronic equipment and storage medium |
| CN111597525A (en) * | 2020-06-05 | 2020-08-28 | 深圳华讯网络科技有限公司 | Resource management system security platform |
| CN112163822A (en) * | 2020-08-05 | 2021-01-01 | 宁夏无线互通信息技术有限公司 | Ecological environment information comprehensive display and external disclosure system |
| CN112200403A (en) * | 2020-08-24 | 2021-01-08 | 南方电网数字电网研究院有限公司 | Power industry operation and maintenance scheduling system capacity management method |
| CN112765600A (en) * | 2020-12-28 | 2021-05-07 | 中国人寿保险股份有限公司上海数据中心 | Control method for collecting automatic synchronization CMDB based on HIDS intrusion detection |
| CN113377737A (en) * | 2021-04-27 | 2021-09-10 | 国网吉林省电力有限公司 | Intelligent operation and maintenance management system of database |
| CN114418512A (en) * | 2021-10-18 | 2022-04-29 | 国网安徽省电力有限公司马鞍山供电公司 | Automatic inspection system for information system of power enterprise |
| CN117112656A (en) * | 2023-05-19 | 2023-11-24 | 中国标准化研究院 | Integrated information intelligent management system and method for scientific and technological volunteer service management |
| CN117171808A (en) * | 2023-09-01 | 2023-12-05 | 国家林业和草原局华东调查规划院 | System for checking and proving performance of forest stand |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103400226A (en) | Integrated tobacco industry information security, operation and maintenance application platform system | |
| US10339321B2 (en) | Cybersecurity maturity forecasting tool/dashboard | |
| Teeter et al. | The remote audit | |
| CN112765245A (en) | Electronic government affair big data processing platform | |
| CN108960456A (en) | Private clound secure, integral operation platform | |
| CN108702360A (en) | Use the digital asset Preservation tactics of dynamic network attribute | |
| CN110957025A (en) | Medical health information safety management system | |
| CN107409126A (en) | System and method for protecting enterprise computing environment safety | |
| CN113592680A (en) | Service platform based on regional education big data | |
| CN112837194A (en) | Intelligent system | |
| Mutis et al. | Cloud BIM governance framework for implementation in construction firms | |
| Yang et al. | Framework Design of Science and Technology Venture Capital Salary Management System Driven by Blockchain Technology | |
| CN114936224A (en) | Rail inspection data service system based on Hadoop | |
| Novianto et al. | Evaluation of E-Government Using COBIT 5 Framework (Case Study of Sistem Database Pemasyarakatan Implementation in Ministry of Law and Human Rights in the Special Region of Yogyakarta) | |
| Buckl et al. | Enterprise architecture management patterns for company-wide access views on business objects | |
| CN105243319B (en) | The access method of controlling security of XBRL application platforms | |
| CN116208429B (en) | Security capability evaluation method and device of zero trust system architecture | |
| US11558182B2 (en) | Method and system to facilitate assessment, authorization, and monitoring of policy documents related to an organization | |
| Jaiswal | Security requirement prioritization | |
| Hussein et al. | Software Implementation of a Healthcare Quality Management System Based on ISO9000 Standards | |
| Trad | Organizational Transformation Projects: The Role of Global Cyber Security and Crimes (RoGCSC) | |
| Don Appuhamilage et al. | Gap Analysis of Information Security Management Systems in Sri Lankan Higher Education Institutes | |
| Rajapaksha | Incident Management System for People’s Bank | |
| Putaansuu | IT Security integration after acquisition-case Sandvik and DSI Underground | |
| Christianti | Information system strategic planning in PT XYZ |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20131120 |
|
| WD01 | Invention patent application deemed withdrawn after publication |