CN107292175A - Server apparatus method for managing security and device - Google Patents
Server apparatus method for managing security and device Download PDFInfo
- Publication number
- CN107292175A CN107292175A CN201610203332.9A CN201610203332A CN107292175A CN 107292175 A CN107292175 A CN 107292175A CN 201610203332 A CN201610203332 A CN 201610203332A CN 107292175 A CN107292175 A CN 107292175A
- Authority
- CN
- China
- Prior art keywords
- security
- server apparatus
- report
- program
- sweep
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computing Systems (AREA)
- General Factory Administration (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The present invention relates to a kind of server apparatus method for managing security and device, its method includes:Obtain and the security sweep of server apparatus is reported;Security sweep report is analyzed, search key not by safety inspection entry is isolated from security sweep report;According to described not by the keyword of safety inspection entry, security hardening is carried out to server apparatus.The present invention can realize the automatic business processing to server apparatus security evaluation, analysis and security hardening, improve assessment result analysis efficiency, reduction manual analysis error, the automatization level for lifting security hardening.
Description
Technical field
Pacify the present invention relates to server apparatus safety management technology field, more particularly to a kind of server apparatus
Full management method and device.
Background technology
In recent years, the intrusion and attack for being related to server apparatus are taken place frequently, and the safety of server apparatus is got over
More to be paid attention to by enterprises and institutions.
Wherein, to server apparatus patch management and configuration much researches and develops safety product to form scale
Commercial company professional scanning product can be provided, these products can for main flow LINUX,
WINDOWS server apparatus and ORACLE, SYBASE Database Systems provide safety detection work(
Can, the patch release that exists to system is old, security configuration is fragile etc., and security risk provides prompting.
However, these current instruments mainly still complete security check function, although also some products exist
After the completion of safety inspection, some simple reparation opinions can be provided to the security risk of presence, but for mesh
Preceding server apparatus cloud, virtualization, data center increasingly become today of trend, large number quipments
Reading line by line, analysis and the housekeeping of safety inspection report, allow equipment operation maintenance engineer to put into
Substantial amounts of energy, can not be controlled from the end of scan to the output calculator room equipment general safety condition evaluation report cycle
System, while the wrong data that manual read's analysis sorting is produced can not also be avoided;In addition, there is scanning to report
Accuse, also need to analyze scan report, and server apparatus is reinforced by O&M engineer,
During reinforcing, at present, also according to the pattern of physical server, system is mended by way of traditional-handwork
Fourth is updated, configuration file is modified, and this reinforcing mode can not tackle server cloud,
Virtualization, the present situation of data center.
The content of the invention
The embodiment of the present invention provides a kind of server apparatus method for managing security and device, it is intended to realize to clothes
The automatic business processing of business device equipment safety management, improves assessment result analysis efficiency, reduction manual analysis and misses
Difference.
To reach above-mentioned purpose, a kind of server apparatus method for managing security that the embodiment of the present invention is proposed,
Including:
Obtain and the security sweep of server apparatus is reported;
The security sweep report is analyzed, is isolated not by safety inspection from security sweep report
The search key of entry;
According to described not by the keyword of safety inspection entry, the server apparatus is carried out safety plus
Gu.
Preferably, the server is set not by the keyword of safety inspection entry described in the basis
The step of standby progress security hardening, includes:
Not by the search key of safety inspection entry, program library is reinforced in retrieval according to described, for service
The executable security hardening program bag of device equipment generation;
The executable security hardening program bag is uploaded to corresponding server apparatus, with described right
Security hardening operation is performed on the server apparatus answered.
Preferably, not by the search key of safety inspection entry described in the basis, journey is reinforced in retrieval
Sequence storehouse, is that the step of server apparatus generates executable security hardening program bag includes:
Not by the search key of safety inspection entry, program library is reinforced in retrieval automation according to described,
Obtain with not automating reinforcing program by the way that safety inspection entry is corresponding;
The executable script of Program Generating is reinforced for the automation of acquisition;
The executable script of Program Generating is reinforced based on automation, is the executable peace of server apparatus generation
It is complete to reinforce program bag.
Preferably, the step of acquisition is reported the security sweep of server apparatus includes:
Third party's security sweep reporting platform is chosen, and obtains third party's security sweep reporting platform
Mark and Template Information;
Obtained from third party's security sweep reporting platform of selection and the security sweep of server apparatus is reported;
According to the mark and Template Information of third party's security sweep reporting platform, from data memory module
It is middle to obtain corresponding report parsing strategy;
Obtain corresponding search key.
Preferably, methods described also includes:
Receive the server apparatus and perform the reinforcing report fed back after security hardening operation.
The embodiment of the present invention also proposes a kind of server apparatus security control apparatus, including:
Acquisition module, for obtaining the security sweep report to server apparatus;
Analysis module, for analyzing the security sweep report, is isolated from security sweep report
Do not pass through the search key of safety inspection entry;
Reinforce module, for according to described in not by the keyword of safety inspection entry, to the server
Equipment carries out security hardening.
Preferably, the reinforcing module includes:
Generation unit, for, not by the search key of safety inspection entry, retrieval to be reinforced according to
Program library, is the executable security hardening program bag of server apparatus generation;
Scheduling unit, sets for the executable security hardening program bag to be uploaded into corresponding server
It is standby, to perform security hardening operation on the corresponding server apparatus.
Preferably, the generation unit, is additionally operable to the retrieval not by safety inspection entry according to and closes
Key word, retrieves automation and reinforces program library, obtains with not added by corresponding automate of safety inspection entry
Gu program;The executable script of Program Generating is reinforced for the automation of acquisition;Based on automation reinforcing program life
Into executable script, be the executable security hardening program bag of server apparatus generation.
Preferably, the acquisition module, is additionally operable to choose third party's security sweep reporting platform, and obtain
The mark and Template Information of third party's security sweep reporting platform;From third party's security sweep of selection
Reporting platform, which is obtained, to be reported the security sweep of server apparatus;Reported according to third party's security sweep
The mark and Template Information of platform, obtain corresponding report parsing strategy from data memory module;Obtain
Corresponding search key.
Preferably, the scheduling unit, is additionally operable to receive the server apparatus execution security hardening operation
The reinforcing report fed back afterwards.
A kind of server apparatus method for managing security and device that the embodiment of the present invention is proposed, pass through acquisition pair
The security sweep report analysis security sweep report of server apparatus, is isolated not from security sweep report
Pass through the search key of safety inspection entry;According to not by the search key of safety inspection entry,
Security hardening is carried out to corresponding server apparatus, is achieved in server apparatus security evaluation, analysis
And the automatic business processing of security hardening, improve assessment result analysis efficiency, reduction manual analysis error, carry
Rise the automatization level of security hardening.
Brief description of the drawings
Fig. 1 is the system architecture schematic diagram that scheme of the embodiment of the present invention is related to;
Fig. 2 is the schematic flow sheet of server apparatus method for managing security first embodiment of the present invention;
Fig. 3 is to initiate third party's security sweep by scan report analysis module in the embodiment of the present invention to report
And automatically analyze the operation flow schematic diagram of report;
Fig. 4 is the schematic flow sheet of server apparatus method for managing security second embodiment of the present invention;
Fig. 5 is the operation flow schematic diagram for equipment automate reinforcing in the embodiment of the present invention;
Fig. 6 is the operation flow schematic diagram of one-key operation report analysis and security hardening in the embodiment of the present invention;
Fig. 7 is the high-level schematic functional block diagram of server apparatus security control apparatus first embodiment of the present invention.
In order that technical scheme is clearer, clear, make further detailed below in conjunction with accompanying drawing
State.
Embodiment
It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, limit is not used to
The fixed present invention.
The primary solutions of the embodiment of the present invention are:Third party is provided and closes rule security sweep report importing work(
Can, by the resolution rules of comparative arrangement, scan report is analyzed, solution is automatically generated, while from
It is dynamic to generate executable security hardening program, and online, batch is provided, automates to enter server apparatus
Row reinforces function, realizes slave unit security evaluation, to assessment result analysis, then reinforced to equipment safety
Whole process, " key " are changed, automation security hardening, so as to improve assessment result analysis efficiency, reduction
Manual analysis error, the automatization level offer solution for lifting security hardening.
Scheme of the embodiment of the present invention can realize the security sweep report to one or more server apparatus
The automation mechanized operations such as intellectual analysis, security hardening, its system architecture is referred to shown in Fig. 1.
As shown in figure 1, the framework can be related to:Server safety management device, and multiple servers
(host device i.e. shown in Fig. 1 can set corresponding proxy module to equipment in the host device
Communicated with server safety management device).
Wherein, server safety management device can include:Basic data management module, data storage mould
Program library is reinforced in block, scan report analysis module, automation, and scheduler module etc. is reinforced in automation.
Wherein, basic data management module, is a personal-machine interactive interface, passes through this interface, system pipes
Reason person can set the third party's security sweep reporting platform (producer) for supporting security sweep report, and definition is each
The form of producer's scan report, and scan report parsing logical sum strategy (as close rule entry keyword,
Scanning device IP information position etc.), producer and strategy dynamically can increase and decrease or update.
Data memory module, based on data provide data storage, can be used ORACLE, SYBASE
Deng business database, the PostgreSQL databases such as MYSQL, POSTGRESQL can also be used.
Program library is reinforced in automation, is made up of a series of executable program script, and one is closed rule knowledge point
One executable program of correspondence, so-called conjunction rule knowledge point is the specific requirement that safety closes rule, for example, grasp
Make system password intensity requirement, close inessential port or service request, critical system file access authority
It is required that, required using secure communications protocols etc..
Scan report is advised in scan report analysis module, the conjunction to the third party producer of importing, and comparison is preset at
Producer's reporting format definition and parsing strategy in data memory module, analyze security sweep and do not pass through
Safety inspection entry, by the technological means of keyword, program library is reinforced in retrieval automation, is each
Security hardening is needed (to have not by safety inspection entry) server apparatus to generate an executable script,
Script series connection does not pass through the corresponding automation reinforcing program of safety inspection entry, it is ensured that these automations add
Gu program may execute serially.
Automatic dispatching module, is the scheduling enforcement engine for automating security hardening, scan report is analyzed
The program that the executable script and script of module generation are included is uploaded to corresponding server apparatus, performs peace
It is complete to reinforce, return to security hardening result and generate reinforcing report.The execution of security hardening on the host device,
Support proxy mode, non-proxy mode;Communication protocol between automatic dispatching module and host device can
To use SSH.Automatic dispatching module can be reinforced disposably in multiple equipment mass, it is possible to be supported
Virtual machine environment.
In addition, scheme scan report of the embodiment of the present invention is automatically analyzed and performed automatically with security hardening, this two
Individual action can be performed with a key, can also be performed separately.
Scheme of the embodiment of the present invention is described in detail below based on said system framework.
Specifically, as shown in Fig. 2 first embodiment of the invention proposes a kind of server apparatus safety management
Method, including:
Step S101, obtains and the security sweep of server apparatus is reported;
The present embodiment server apparatus is referred to as server, host device etc., is not limited thereto.
In order to realize safety inspection, assessment and the reinforcing to server apparatus, it is necessary first to obtain to service
The security sweep report of device equipment.
Wherein, the acquisition of security sweep report can locally be scanned by server safety management device, also may be used
To be obtained by server safety management device from third party's security sweep reporting platform, the present embodiment is with the 3rd
The security sweep report that square security sweep reporting platform provides each server apparatus is illustrated.
Specifically, system manager can be set by human-computer interaction interface and support security sweep report
Third party's security sweep reporting platform (producer), defines the form of each platform scanner report, and scanning report
Accuse the logical sum strategy (such as close and advise entry keyword, scanning device IP positions) of parsing, platform and
Strategy dynamically can increase and decrease or update.
Implement process as follows:
First, third party's safety is chosen according to the operational order of system manager by basic data management module
Scan report platform, and the mark of third party's security sweep reporting platform is obtained (where title, IP
Position etc.) and Template Information.
Specify third party's security sweep reporting platform to carry out security sweep to the server apparatus, and import report
Accuse.
Afterwards, scan report analysis module is obtained to service from third party's security sweep reporting platform of selection
The security sweep report of device equipment;Believed according to the mark of third party's security sweep reporting platform and template
Breath, obtains corresponding report parsing strategy, and obtain corresponding search key from data memory module.
Memory module returns to corresponding report and parses tactful and corresponding search key.
Wherein, search key can be the corresponding numbering of the indexs such as various security breaches, and the numbering is not
With the generation of third party's security sweep reporting platform report in position may be different, if than report with
Form formation generation, then for A producers, the numbering of a certain risk leak is located at the first row of form, right
In B producers, the numbering of same type of risk leak is then likely located at the secondary series of form.
, can be in security sweep report by the search key of selection, the report parsing based on acquisition
Whether the corresponding safety inspection entry of strategy retrieval passes through.
Step S102, analyzes the security sweep report, isolates and do not lead to from security sweep report
Cross the search key of safety inspection entry;
Scan report analysis module, according to report parsing strategy, is isolated not by entry from report
Search key.
Step S103, according to described not by the keyword of safety inspection entry, to the server apparatus
Carry out security hardening.
Specifically include:
Not by the search key of safety inspection entry, program library is reinforced in retrieval according to described, for service
The executable security hardening program bag of device equipment generation.
Further, it can also include:
The executable security hardening program bag is uploaded to corresponding server apparatus, with described right
Security hardening operation is performed on the server apparatus answered.
Specifically, first, according to described not by the search key of safety inspection entry, retrieval is automatic
Change and reinforce program library, obtain and do not automate reinforcing program by the way that safety inspection entry is corresponding with each;
The executable script of Program Generating is reinforced for the automation of acquisition;
Then, the executable script of Program Generating is reinforced based on automation, in units of server apparatus,
Executable security hardening program bag is generated for each server apparatus, and forms analysis report.
The present embodiment realizes the automatic business processing analyzed server apparatus security evaluation by such scheme,
Assessment result analysis efficiency, reduction manual analysis error are improved, and then improves server apparatus and is added safely
Solid automatization level.
Below in conjunction with Fig. 3, elaborate in the present embodiment, third party is initiated by scan report analysis module
Security sweep is reported and automatically analyzes the operation flow of report, and idiographic flow is:
301, system manager by human-computer interaction interface, specify the report of third party's security sweep producer,
Report template, and Import Reports;
302, scan report analysis module, according to company-information, Template Information, is obtained from data memory module
Take corresponding search key and report parsing strategy;
303, memory module returns to corresponding report parsing strategy and search key;
304, scan report analysis module, according to report parsing strategy, is isolated not by bar from report
Purpose search key;
305, scan report analysis module, according to search key, is obtained to automation reinforcing program library searching
Obtain the corresponding solution of each entry, reinforce procedure script;
306, return to retrieval result;
307, retrieval result is further processed scan report analysis module, generation analysis report (with
Equipment is unit report not by the suggested solution of entry), and generate executable security hardening program
Bag;
308, by Man Machine Interface, to system manager's analysis report, security hardening program bag can lead to
Cross Man Machine Interface download.
The automatic business processing analyzed server apparatus security evaluation is thus achieved, assessment result point is improved
Efficiency, reduction manual analysis error are analysed, and then improves the automatization level of server apparatus security hardening.
Further, the executable security hardening program bag is uploaded to corresponding server apparatus,
To perform security hardening operation on the corresponding server apparatus.
Specifically, system manager can select to download executable security hardening by Man Machine Interface
Program bag.After executable security hardening program bag is obtained, system manager can be by each server
The executable security hardening program bag of equipment is directed into corresponding server apparatus, to each server apparatus
Carry out security hardening.
Said process can be automatically performed by system, by system manager operation can also be guided to complete.
This embodiment scheme utilizes WEB, database technology, realizes the automation point of safe compliance report
Analysis, and the function of automatically generating security hardening program is provided, set up security sweep, scan report automation
Analysis, a series of reinforce of security hardening operate a key executive capability, realize and server apparatus is commented safely
Estimate analysis and the automatic business processing reinforced, improve equipment safety assessment result analysis efficiency, reduction manually
Analytical error, while improving the automatization level of server apparatus security hardening.
As shown in figure 4, second embodiment of the invention proposes a kind of server apparatus method for managing security, base
In the embodiment shown in above-mentioned Fig. 2, methods described also includes:
Step S104, receives the server apparatus and performs the reinforcing report fed back after security hardening operation.
After server apparatus performs security hardening operation, feedback reinforces report to system manager.
Below in conjunction with Fig. 5, the operation flow for equipment automate reinforcing in the present embodiment is elaborated.
Fig. 5 is the analysis result that the present embodiment is produced according to flow shown in Fig. 3, and equipment is automated
The operation flow of reinforcing, this flow exemplified by having two equipment needed reinforcement (device A and equipment B),
Idiographic flow is:
401, system manager imports the security hardening program bag that Fig. 3 flows are generated by Man Machine Interface,
After importing, system is to keeper's presentation program bag particular content, including in the pending reinforcing of each equipment
Hold, keeper may be selected which equipment performs adding for which entry on the basis of program bag is reinforced herein
Gu;
402, scheduler module is reinforced, corresponding reinforcing program bag is uploaded to device A;
403, security hardening is performed in device A;
404, returning equipment A reinforcing report;
405, scheduler module is reinforced, corresponding reinforcing program bag is uploaded to equipment B;
406, security hardening is performed on device B;
407, returning equipment B reinforcing report;
408, after the completion of all devices are reinforced, the reinforcing report that scheduler module arranges each equipment is reinforced, is integrated
Into the report of an entirety, system manager is presented to.
This embodiment scheme utilizes WEB, database technology, realizes the automation point of safe compliance report
Analysis, and the function of automatically generating security hardening program is provided, set up security sweep, scan report automation
Analysis, a series of reinforce of security hardening operate automatic executive capability, realize and server apparatus is commented safely
Estimate analysis and the automatic business processing reinforced, improve equipment safety assessment result analysis efficiency, reduction manually
Analytical error, while improving the automatization level of server apparatus security hardening.
It should be noted that scan report can also be analyzed, automate reinforcing as continuous action, i.e.,
" key " completion report is analyzed and security hardening.
As shown in fig. 6, Fig. 6 is the combination of flow shown in flow shown in Fig. 3 and Fig. 5, report will be scanned
Analysis, automation is accused to reinforce as continuous action, the i.e. analysis of " key " completion report and security hardening,
This flow is exemplified by having two equipment needed reinforcement, and idiographic flow is:
501, system manager by human-computer interaction interface, specify the report of third party's security sweep producer,
Report template, and Import Reports;
502, scan report analysis module, according to company-information, Template Information, from memory module acquisition pair
The search key and report parsing strategy answered;
503, memory module returns to corresponding report parsing strategy;
504, scan report analysis module, according to report parsing strategy, is isolated not by bar from report
Purpose search key;
505, scan report analysis module, according to search key, is obtained to automation reinforcing program library searching
Obtain the corresponding solution of each entry, reinforce procedure script;
506, return to retrieval result;
507, retrieval result is further processed scan report analysis module, generation analysis report (with
Equipment is unit report not by the suggested solution of entry), and generate executable security hardening program
Bag;
508, the security hardening program bag of generation is imported and reinforces scheduling mould by scan report analysis module automatically
Block;
509, scheduler module is reinforced, corresponding reinforcing program bag is uploaded to device A;
510, security hardening is performed in device A;
511, returning equipment A reinforcing report;
512, scheduler module is reinforced, corresponding reinforcing program bag is uploaded to equipment B;
513 perform security hardening on device B;
514, returning equipment B reinforcing report;
515, after the completion of all devices are reinforced, the reinforcing report that scheduler module arranges each equipment is reinforced, is integrated
Into the report of an entirety, system manager is presented to.
This embodiment scheme utilizes WEB, database technology, realizes the automation point of safe compliance report
Analysis, and the function of automatically generating security hardening program is provided, set up security sweep, scan report automation
Analysis, a series of reinforce of security hardening operate a key executive capability, realize and server apparatus is commented safely
Estimate analysis and the automatic business processing reinforced, improve equipment safety assessment result analysis efficiency, reduction manually
Analytical error, while improving the automatization level of server apparatus security hardening.
Accordingly, server apparatus security control apparatus embodiment of the present invention is proposed.
As shown in fig. 7, first embodiment of the invention proposes a kind of server apparatus security control apparatus, bag
Include:Acquisition module 201, analysis module 202 and reinforcing module 203, wherein:
Acquisition module 201, for obtaining the security sweep report to server apparatus, and it is crucial to obtain retrieval
Word and report parsing strategy;The basic data in system architecture shown in the corresponding diagram 2 of acquisition module 201
Management module
Analysis module 202, for according to the search key and report parsing strategy, analyzing the safety
Scan report, isolates search key not by safety inspection entry from security sweep report;
Reinforce module 203, for according to described in not by the keyword of safety inspection entry, to the service
Device equipment carries out security hardening.
Wherein, reinforcing module can include:Generation unit and scheduling unit;
Generation unit, for, not by the search key of safety inspection entry, retrieval to be reinforced according to
Program library, is the executable security hardening program bag of server apparatus generation;
Scheduling unit, sets for the executable security hardening program bag to be uploaded into corresponding server
It is standby, to perform security hardening operation on the corresponding server apparatus.
The scan report in system architecture point shown in above-mentioned analysis module 202 and generation unit corresponding diagram 2
Analyse module.
Specifically, the present embodiment server apparatus is referred to as server, host device etc., herein not
It is construed as limiting.
In order to realize safety inspection, assessment and the reinforcing to server apparatus, it is necessary first to obtain to service
The security sweep report of device equipment.
Wherein, the acquisition of security sweep report can locally be scanned by server safety management device, also may be used
To be obtained by server safety management device from third party's security sweep reporting platform, the present embodiment is with the 3rd
The security sweep report that square security sweep reporting platform provides each server apparatus is illustrated.
Specifically, system manager can be set by human-computer interaction interface and support security sweep report
Third party's security sweep reporting platform (producer), defines the form of each platform scanner report, and scanning report
Accuse the logical sum strategy (such as close and advise entry keyword, scanning device IP positions) of parsing, platform and
Strategy dynamically can increase and decrease or update.
Implement process as follows:
First, third party's security sweep is chosen according to the operational order of system manager by acquisition module 201
Reporting platform, and obtain mark (title, the IP positions of third party's security sweep reporting platform
Deng) and Template Information.
Specify third party's security sweep reporting platform to carry out security sweep to the server apparatus, and import report
Accuse.
Afterwards, acquisition module 201 (can also corresponding diagram 2 shown in scan report analysis module) is from selection
Third party's security sweep reporting platform obtain the security sweep of server apparatus reported;According to described
The mark and Template Information of tripartite's security sweep reporting platform, obtain corresponding report from data memory module
Parsing strategy is accused, and obtains corresponding search key.Memory module returns to corresponding report parsing strategy
And corresponding search key.
Wherein, search key can be the corresponding numbering of the indexs such as various security breaches, and the numbering is not
With the generation of third party's security sweep reporting platform report in position may be different, if than report with
Form formation generation, then for A producers, the numbering of a certain risk leak is located at the first row of form, right
In B producers, the numbering of same type of risk leak is then likely located at the secondary series of form.
, can be in security sweep report by the search key of selection, the report parsing based on acquisition
Whether the corresponding safety inspection entry of strategy retrieval passes through.
Afterwards, analysis module 202 is isolated not by entry according to report parsing strategy from report
Search key.
Generation unit is reinforced in module 203 according to not by the search key of safety inspection entry,
Program library is reinforced in retrieval, is the executable security hardening program bag of server apparatus generation.
Specifically, first, according to described not by the search key of safety inspection entry, retrieval is automatic
Change and reinforce program library, obtain each not by the corresponding automation reinforcing program of safety inspection entry;
The executable script of Program Generating is reinforced for the automation of acquisition;
Then, the executable script of Program Generating is reinforced based on automation, in units of server apparatus,
Executable security hardening program bag is generated for server apparatus, and forms analysis report.
The present embodiment realizes the automatic business processing analyzed server apparatus security evaluation by such scheme,
Assessment result analysis efficiency, reduction manual analysis error are improved, and then improves server apparatus and is added safely
Solid automatization level.
Further, the scheduling unit reinforced in module 203, for by the executable security hardening
Program bag is uploaded to corresponding server apparatus, is added with performing safety on the corresponding server apparatus
Gu operation.
Automatic dispatching module in system architecture shown in scheduling unit corresponding diagram 2.
Compared to above-described embodiment, the present embodiment also includes executable security hardening program bag being uploaded to pair
The server apparatus answered, to perform the scheme of security hardening operation on corresponding server apparatus.
Specifically, system manager can select to download executable security hardening by Man Machine Interface
Program bag.After executable security hardening program bag is obtained, system manager can be by each server
The executable security hardening program bag of equipment is directed into corresponding server apparatus, to each server apparatus
Carry out security hardening.
Said process can be automatically performed by system, by system manager operation can also be guided to complete.
This embodiment scheme utilizes WEB, database technology, realizes the automation point of safe compliance report
Analysis, and the function of automatically generating security hardening program is provided, set up security sweep, scan report automation
Analysis, a series of reinforce of security hardening operate a key executive capability, realize and server apparatus is commented safely
Estimate analysis and the automatic business processing reinforced, improve equipment safety assessment result analysis efficiency, reduction manually
Analytical error, while improving the automatization level of server apparatus security hardening.
Further, the scheduling unit is additionally operable to receive the server apparatus execution security hardening operation
The reinforcing report fed back afterwards.
Compared with prior art, scheme of the embodiment of the present invention provides third party and closes rule security sweep report importing work(
Can, by the resolution rules of comparative arrangement, scan report is analyzed, solution is automatically generated, while from
It is dynamic to generate executable security hardening program, and online, batch is provided, automates to enter server apparatus
Row reinforces function, realizes slave unit security evaluation, to assessment result analysis, then reinforced to equipment safety
Whole process, " key " are changed, automation security hardening, so as to improve assessment result analysis efficiency, reduction
Manual analysis error, lifted security hardening automatization level there is provided means and method.
It should also be noted that, herein, term " comprising ", "comprising" or its any other variant meaning
Covering including for nonexcludability so that process, method, article including a series of key elements or
Device not only includes those key elements, but also other key elements including being not expressly set out, or also wraps
Include as this process, method, article or the intrinsic key element of device.In the situation of not more limitations
Under, by sentence " including one ...... " limit key element, it is not excluded that the process including the key element, method,
Also there is other identical element in article or device.
The embodiments of the present invention are for illustration only, and the quality of embodiment is not represented.
Through the above description of the embodiments, those skilled in the art can be understood that above-mentioned
Embodiment method can add the mode of required general hardware platform to realize by software, naturally it is also possible to logical
Cross hardware, but the former is more preferably embodiment in many cases.Understood based on such, it is of the invention
The part that technical scheme substantially contributes to prior art in other words can in the form of software product body
Reveal and, the computer software product is stored in storage medium (such as ROM/RAM, magnetic disc, a light
Disk) in, including some instructions are to cause a station terminal equipment (can be mobile phone, computer, service
Device, or the network equipment etc.) perform method described in each embodiment of the invention.
The preferred embodiments of the present invention are the foregoing is only, are not intended to limit the scope of the invention,
The conversion of equivalent structure or flow that every utilization description of the invention and accompanying drawing content are made, or directly or
Connect and be used in other related technical fields, be included within the scope of the present invention.
Claims (10)
1. a kind of server apparatus method for managing security, it is characterised in that including:
Obtain and the security sweep of server apparatus is reported;
The security sweep report is analyzed, is isolated not by safety inspection from security sweep report
The search key of entry;
According to described not by the keyword of safety inspection entry, the server apparatus is carried out safety plus
Gu.
2. according to the method described in claim 1, it is characterised in that do not pass through safety described in the basis
The keyword of entry is checked, the step of carrying out security hardening to the server apparatus includes:
Not by the search key of safety inspection entry, program library is reinforced in retrieval according to described, for service
The executable security hardening program bag of device equipment generation;
The executable security hardening program bag is uploaded to corresponding server apparatus, with described right
Security hardening operation is performed on the server apparatus answered.
3. method according to claim 2, it is characterised in that do not pass through safety described in the basis
The search key of entry is checked, program library is reinforced in retrieval, be the executable safety of server apparatus generation
The step of reinforcing program bag includes:
Not by the search key of safety inspection entry, program library is reinforced in retrieval automation according to described,
Obtain with not automating reinforcing program by the way that safety inspection entry is corresponding;
The executable script of Program Generating is reinforced for the automation of acquisition;
The executable script of Program Generating is reinforced based on automation, is the executable peace of server apparatus generation
It is complete to reinforce program bag.
4. the method according to claim 1,2 or 3, it is characterised in that the acquisition is to service
The step of security sweep of device equipment is reported includes:
Third party's security sweep reporting platform is chosen, and obtains third party's security sweep reporting platform
Mark and Template Information;
Obtained from third party's security sweep reporting platform of selection and the security sweep of server apparatus is reported;
According to the mark and Template Information of third party's security sweep reporting platform, from data memory module
It is middle to obtain corresponding report parsing strategy;
Obtain corresponding search key.
5. method according to claim 2, it is characterised in that methods described also includes:
Receive the server apparatus and perform the reinforcing report fed back after security hardening operation.
6. a kind of server apparatus security control apparatus, it is characterised in that including:
Acquisition module, for obtaining the security sweep report to server apparatus;
Analysis module, for analyzing the security sweep report, is isolated from security sweep report
Do not pass through the search key of safety inspection entry;
Reinforce module, for according to described in not by the keyword of safety inspection entry, to the server
Equipment carries out security hardening.
7. device according to claim 6, it is characterised in that the reinforcing module includes:
Generation unit, for, not by the search key of safety inspection entry, retrieval to be reinforced according to
Program library, is the executable security hardening program bag of server apparatus generation;
Scheduling unit, sets for the executable security hardening program bag to be uploaded into corresponding server
It is standby, to perform security hardening operation on the corresponding server apparatus.
8. device according to claim 7, it is characterised in that
The generation unit, is additionally operable to according to not by the search key of safety inspection entry, inspection
Program library is reinforced in rope automation, is obtained with not automating reinforcing program by the way that safety inspection entry is corresponding;
The executable script of Program Generating is reinforced for the automation of acquisition;Holding for Program Generating is reinforced based on automation
This is traveled far and wide, is the executable security hardening program bag of server apparatus generation.
9. the device according to claim 6,7 or 8, it is characterised in that
The acquisition module, is additionally operable to choose third party's security sweep reporting platform, and obtain the described 3rd
The mark and Template Information of square security sweep reporting platform;From third party's security sweep reporting platform of selection
Obtain and the security sweep of server apparatus is reported;According to the mark of third party's security sweep reporting platform
Know and Template Information, corresponding report parsing strategy is obtained from data memory module;Obtain corresponding inspection
Rope keyword.
10. device according to claim 7, it is characterised in that
The scheduling unit, is additionally operable to receive what is fed back after the server apparatus execution security hardening operation
Reinforce report.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610203332.9A CN107292175A (en) | 2016-04-01 | 2016-04-01 | Server apparatus method for managing security and device |
| PCT/CN2017/076797 WO2017167015A1 (en) | 2016-04-01 | 2017-03-15 | Method and device for server device security management and computer storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610203332.9A CN107292175A (en) | 2016-04-01 | 2016-04-01 | Server apparatus method for managing security and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN107292175A true CN107292175A (en) | 2017-10-24 |
Family
ID=59962560
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610203332.9A Pending CN107292175A (en) | 2016-04-01 | 2016-04-01 | Server apparatus method for managing security and device |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN107292175A (en) |
| WO (1) | WO2017167015A1 (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108881159A (en) * | 2018-05-04 | 2018-11-23 | 中国信息安全研究院有限公司 | A kind of method of controlling security |
| CN110233758A (en) * | 2019-06-10 | 2019-09-13 | 广东电网有限责任公司 | A kind of safety encryption of service system, device and relevant device |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111596968B (en) * | 2020-04-28 | 2023-10-17 | 上海帆一尚行科技有限公司 | Security reinforcement system and method, server side, client side, electronic equipment and storage medium thereof |
Family Cites Families (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8850587B2 (en) * | 2007-05-04 | 2014-09-30 | Wipro Limited | Network security scanner for enterprise protection |
| CN101873231B (en) * | 2010-07-06 | 2012-07-04 | 北京网御星云信息技术有限公司 | Network intrusion character configuration method and system |
| CN102075347B (en) * | 2010-11-18 | 2013-11-20 | 北京神州绿盟信息安全科技股份有限公司 | Security configuration checking equipment and method, and network system adopting equipment |
| CN102684911A (en) * | 2012-03-14 | 2012-09-19 | 北京神州绿盟信息安全科技股份有限公司 | Security configuration checking device and method and security configuration checking network system |
| CN103049702A (en) * | 2013-01-05 | 2013-04-17 | 浪潮电子信息产业股份有限公司 | Server layer based security reinforcing strategy |
| CN106033512A (en) * | 2015-03-20 | 2016-10-19 | 中兴通讯股份有限公司 | Security vulnerability reinforcing method and system |
| CN104778414B (en) * | 2015-05-06 | 2018-09-07 | 广州万方计算机科技有限公司 | A kind of Vulnerability Management system and method |
-
2016
- 2016-04-01 CN CN201610203332.9A patent/CN107292175A/en active Pending
-
2017
- 2017-03-15 WO PCT/CN2017/076797 patent/WO2017167015A1/en active Application Filing
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108881159A (en) * | 2018-05-04 | 2018-11-23 | 中国信息安全研究院有限公司 | A kind of method of controlling security |
| CN108881159B (en) * | 2018-05-04 | 2022-06-21 | 中国信息安全研究院有限公司 | Safety control method |
| CN110233758A (en) * | 2019-06-10 | 2019-09-13 | 广东电网有限责任公司 | A kind of safety encryption of service system, device and relevant device |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2017167015A1 (en) | 2017-10-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111930635B (en) | Swagger-based rapid automatic testing method and system | |
| CN104133772B (en) | Automatic test data generation method | |
| WO2019100576A1 (en) | Automated test management method and apparatus, terminal device, and storage medium | |
| CN109977022B (en) | Game resource checking method, device, system and storage medium | |
| WO2019100577A1 (en) | Automated test management method and apparatus, terminal device, and storage medium | |
| CN108628748B (en) | Automatic test management method and automatic test management system | |
| CN110221975B (en) | Method and device for creating interface case automation test script | |
| CN110381101B (en) | API gateway control system, control method, equipment and medium | |
| CN112363953B (en) | Interface test case generation method and system based on crawler technology and rule engine | |
| CN113886232A (en) | Interface test data and test script generation method, terminal device and storage medium | |
| CN112380255A (en) | Service processing method, device, equipment and storage medium | |
| CN107292175A (en) | Server apparatus method for managing security and device | |
| CN111522741A (en) | Interface test code generation method and device, electronic equipment and readable storage medium | |
| CN104765787B (en) | Salt file association relationship analysis method and system in software systems | |
| CN117235527A (en) | End-to-end containerized big data model construction method, device, equipment and medium | |
| CN104239212A (en) | Query method and device of test case and establishment method and device of test case | |
| CN110413518B (en) | Control object library generation method and device and computer readable storage medium | |
| CN116383061A (en) | Method and related device for testing basic platform interface of substation control system | |
| Baran et al. | Information System for Quality Control of Polyethylene Production in a Circular Economy. | |
| CN110543424B (en) | Test method and device for electronic tax platform | |
| CN115599683A (en) | Automatic testing method, device, equipment and storage medium | |
| CN111026631B (en) | Automatic interface detection method, device and server | |
| CN111151008A (en) | Game operation data verification method, device, configuration background and medium | |
| KR102471596B1 (en) | Service providing apparatus and method supporting experiment request and management | |
| Zheng et al. | Practice on fifth-generation core (5GC) network fault self-recovery based on a Digital Twin |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20171024 |
|
| WD01 | Invention patent application deemed withdrawn after publication |