CN108833358A - A kind of management method and system of security baseline - Google Patents
A kind of management method and system of security baseline Download PDFInfo
- Publication number
- CN108833358A CN108833358A CN201810496227.8A CN201810496227A CN108833358A CN 108833358 A CN108833358 A CN 108833358A CN 201810496227 A CN201810496227 A CN 201810496227A CN 108833358 A CN108833358 A CN 108833358A
- Authority
- CN
- China
- Prior art keywords
- security
- task
- client
- configuration item
- baseline
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Debugging And Monitoring (AREA)
Abstract
The present invention provides the management method and system of a kind of security baseline, method:Step 1. client receives task;The task includes being operated to the security configuration item of operating system for task;Step 2. client judges task type;The task type includes security sweep task, reparation task and recovery initial configuration task;For step 3. when task is security sweep task, client is scanned the security configuration item of operating system, obtains the scan values of security configuration item;Obtain the baseline value in security strategy;The baseline value of the scan values and security strategy setting that compare security configuration item judges whether to close rule with value item safely;The result of client return security sweep task;Return step 1.System includes client;Client includes subtask management module and security baseline security component module.The present invention is scanned and repairs to security configuration item, improves the safety and compliance of operating system, effectively defends destruction of the unknown malicious act to host.
Description
Technical field
The invention belongs to server host security fields, and in particular to a kind of management method and system of security baseline.
Background technique
Operating system security baseline:Security baseline is that the minimum safe an of operating system guarantees that is, the information system is most
The safety requirements that basic need meets.
Security configuration:Since the artificial carelessness of information manager causes, it is related to user account, user password, access are awarded
Power, system log etc. content, reflect the Security Vulnerability of system itself.
As IT application in enterprise obtains rapid progress, while it being faced with more severe Information Security Risk, believed
It ceases in security risk, whether safety is and its important aspect for information system configuration operation.Security configuration mistake is usually artificial
Operation error causes, and meets the security configuration requirement of bulk information system equipment, to operation maintenance personnel professional skill, technical level
It is required that relatively high.Information security baseline management plays vital work to the safety for improving enterprise network and information system
With.
In face of huge all kinds of assets of information system, as information system operation maintenance personnel, information assets to magnanimity into
The analysis of row security configuration, identification, which do not meet the project of safety standard and carry out rectification, meets safety standard, this is one and has been difficult
At thing.
After the completion of previous security configuration is repaired, the safety of operating system and compliance are improved, but may shadow
The normal operation for ringing user's existing business, has even unloaded software, can not also restore.
This is the deficiencies in the prior art, therefore, in view of the above-mentioned drawbacks in the prior art, provides a kind of pipe of security baseline
Method and system are managed, are necessary.
Summary of the invention
It is an object of the present invention to which the assets security Allocation Analysis identification for above- mentioned information system is difficult and safety is matched
Setting influences the defect that regular traffic can not restore after repairing, the management method and system of a kind of security baseline are provided, on solving
State technical problem.
To achieve the above object, the present invention provides following technical scheme:
A kind of management method of security baseline, includes the following steps:
Step 1. client receives task;The task includes being operated to the security configuration item of operating system for task;Institute
Stating security configuration item includes identity identification, access control, security audit, remaining information protection, intrusion defense, malicious code resistance
And resources control;
Step 2. client judges task type;The task type includes security sweep task, reparation task and restores initial
Configuration task;
Step 3. when task is security sweep task, matched by safety of the security baseline security component to operating system by client
It sets item to be scanned, obtains the scan values of security configuration item;
Obtain the baseline value in security strategy;
The baseline value of the scan values and security strategy setting that compare security configuration item judges whether to close rule with value item safely;
The result of client return security sweep task;
Return step 1.
It further, further include following steps:
For step 4. when task is reparation task, client is by security baseline security component to the security configuration item of operating system
It is scanned;
Obtain the scan values of security configuration item;
Obtain the baseline value in security strategy;
The baseline value of the scan values and security strategy setting that compare security configuration item judges whether security configuration item closes rule;
If irregularity, the baseline value that is set security configuration item to by security baseline security component in security strategy;
If closing rule, without operation;
The result of client return reparation task;
Return step 1.
Further, while client is scanned the security configuration item of operating system in step 3 and step 4, sentence
Whether disconnected is preliminary scan;
If preliminary scan, then the preliminary scan value of security configuration item is saved;
If not preliminary scan, then without operation;
Further include after step 4:
For step 5. when task is to restore initial configuration task, client obtains the preliminary scan value of security configuration item, passes through peace
The security configuration item of operating system is set as preliminary scan value by full Baseline security component, restores state when preliminary scan, visitor
Family end returns to the implementing result for restoring initial configuration task;
Return step 1.
It further, further include step 1A before step 1:Client receives security strategy;The security strategy includes sweeping
It retouches setting, repair setting and the setting of security configuration item;
Scan setting includes that whether opening timing scans and be arranged scan frequency for setting;
Repairing setting includes setting repair coverage;
The setting of security configuration item, including baseline value is configured;
User can adjust as needed level of security, balance master with the baseline value and open state of flexible configuration security configuration item
The safety of machine and degree easy to use.
Further, the grade template of the security configuration item by storing from expert knowledge library is configured to baseline value
The grade of middle selection baseline value, the grade template of security configuration item includes advanced, intermediate and rudimentary.User can pass through unification
Configuration management carries out unified configuration, different safety class built in expert knowledge library to the security configuration item baseline value of operating system
Security configuration policy template, construct a safer operating system platform, reduce host operating system compliance wind
Danger.
Further, in step 3, step 4 and step 5, while client returns to task result, log is returned to.Pipe
Platform receives the log that client is sent, and generates journaling.Journaling is detailed security evaluation report, can be more straight
The safe condition of the expression client operating system of sight and the operation that client operating system security configuration item is carried out.
It further, further include following steps before step 1:
Step 1B. manages platform and carries out baseline management to the assets of operating system where client;
The assets of the operating system include physical machine, virtual machine and virtualization software;
Carrying out baseline management to the assets of operating system includes that assets are found automatically, assets are manually entered and are divided assets
Group;
Step 1C. manages platform creation task and sends task to client.
The present invention gives following technical solution:
A kind of management system of security baseline, including client;
Client includes subtask management module and security baseline security component module;
Subtask management module executes order to the transmission of security baseline security component module, and return to execution for receiving task
As a result;
The task includes security sweep task, reparation task and recovery initial configuration task;
Security sweep task obtains security configuration item for the real-time security configuration item of operating system where scanning client
Scan values judge whether it is preliminary scan, when for preliminary scan, save the preliminary scan value of security configuration item;It is also used to obtain
The baseline value in security strategy is taken, the baseline value of the scan values and security strategy setting that compare security configuration item judges to match safely
Whether value item closes rule;The security configuration item includes identity identification, access control, security audit, remaining information protection, invades and prevent
Model, malicious code resistance and resources control;
Reparation task obtains the scanning of security configuration item for the real-time security configuration item of operating system where scanning client
Value obtains the baseline value in security strategy, by comparing the baseline value of the security strategy of the scan values and setting of security configuration item
To judge whether close rule with value item safely;When the scan values irregularity of security configuration item, safety is set by security configuration item
Baseline value in strategy;
Restore initial configuration task to set the security configuration item of operating system for obtaining the preliminary scan value of security configuration item
It is set to preliminary scan value, restores state when preliminary scan;
Security baseline security component module obtains the value of security configuration item for executing security sweep task;For executing reparation
Task or recovery initial configuration task are configured the value of security configuration item.
It further, further include management platform, management platform is connect with client by message-oriented middleware;Message-oriented middleware
Using the messaging bus of RabbitMQ;
Managing platform includes task management module;
Task management module receives client child for creating task and sending task to the subtask management module of client
The task action result that task management module returns.
Further, management platform and client use B/S framework or C/S framework.B/S framework is combined with C/S framework,
The scope of application is wider.
Further, client further includes substrategy management module;
Substrategy management module, for receiving security strategy;
Managing platform further includes policy management module and knowledge base management module;
Knowledge base management module is connected with expert knowledge library;
Policy management module, for being arranged and sending security strategy to the substrategy management module of client;The security strategy
Including scan setting, repair setting and the setting of security configuration item;
Expert knowledge library, for storing the grade template of security configuration item;The grade template includes high-level template, intermediate template
And rudimentary template;
Knowledge base management module is used for upgrade expert knowledge base;By the knowledge base for constantly improve, extending, client can be helped
Operating system update, operation system upgrading are solved, knowledge base falls behind the problem of bringing, reduces maintenance cost.
Further, management platform further includes assets management module;
Assets management module carries out baseline management for the assets to operating system where client;The money of the operating system
Produce includes physical machine, virtual machine and virtualization software.
Further, client further includes log management module, and management platform further includes journaling module;
Log management module, for sending log;
Journaling module, for receiving the log of client log management module, to assets or group of assets when specified
Between assets compliance in section it is for statistical analysis, generate journaling;The journaling type include Word, PDF and
Excel。
The beneficial effects of the present invention are:
The present invention scans the security configuration item of operating system by security baseline security component module comprehensively, and provides peace
Full configuration item repair function, improves the safety and compliance of host operating system, effectively defends unknown malicious act to host
Destruction;When carrying out security sweep for the first time, the scan values of the security configuration item of current hosts operating system are saved, when safety is matched
When setting influence regular traffic after the completion of item is repaired, pass through security baseline security component module recovery security configuration item to preliminary sweep
Value guarantees that business not by, reduces maintenance cost;
The present invention will manually local Audit data extracts, manual analysis and security evaluation report compilation process automate, Ke Yiquan
Face gathering system vulnerability information and safety problem, uniformly check all kinds of security risks, concentrate and provide safety management energy
Power construction level.
In addition, design principle of the present invention is reliable, structure is simple, has very extensive application prospect.
It can be seen that compared with prior art, the present invention implementing with substantive distinguishing features outstanding and significant progress
Beneficial effect be also obvious.
Detailed description of the invention
Fig. 1 is flow chart of the method for the present invention;
Fig. 2 is system schematic of the invention;
Wherein, 1- manages platform;1.1- task management module;1.2- policy management module;1.3- knowledge base management module;1.4-
Assets management module;1.5- journaling module;2- client;3- message-oriented middleware;4- expert knowledge library.
Specific embodiment:
To enable the purpose of the present invention, feature, advantage more obvious and understandable, it is embodied below in conjunction with the present invention
Attached drawing in example, is clearly and completely described the technical solution in the present invention.
Embodiment 1:
As shown in Figure 1, step 1. client receives task;The task includes operating to the security configuration item of operating system
Task;
Step 2. client judges task type;The task type includes security sweep task, reparation task and restores initial
Configuration task;
For step 3. when task is security sweep task, client is scanned the security configuration item of operating system;Obtain peace
The scan values of full configuration item;
Judge whether it is preliminary scan;If preliminary scan, then the preliminary scan value of security configuration item is saved;
If not preliminary scan, then without operation;
Obtain the baseline value in security strategy;
The baseline value of the scan values and security strategy setting that compare security configuration item judges whether to close rule with value item safely;
The result of client return security sweep task;
Return step 1;
For step 4. when task is reparation task, client is scanned the security configuration item of operating system;
Obtain the scan values of security configuration item;
Judge whether it is preliminary scan;If preliminary scan, then the preliminary scan value of security configuration item is saved;
If not preliminary scan, then without operation;
Obtain the baseline value in security strategy;
The baseline value of the scan values and security strategy setting that compare security configuration item judges whether security configuration item closes rule;
If irregularity, the baseline value set security configuration item in security strategy;
If closing rule, without operation;
The result of client return reparation task;
Return step 1;
For step 5. when task is to restore initial configuration task, client obtains the preliminary scan value of security configuration item, will operate
The security configuration item of system is set as preliminary scan value, restores state when preliminary scan, and client, which returns, restores initial configuration
The implementing result of task;
Return step 1.
Above-described embodiment 1, step 1 further include before step 1A:Client receives security strategy;The security strategy includes
Scan setting repairs setting and the setting of security configuration item;
Scan setting includes that whether opening timing scans and be arranged scan frequency for setting;
Repairing setting includes setting repair coverage;
Security configuration item setting, including being configured to baseline value;Baseline value is configured, by from expert knowledge library
In the grade template of the security configuration item of storage select baseline value grade, the grade template of security configuration item include it is advanced, in
Grade and it is rudimentary;
User can adjust as needed level of security, balance master with the baseline value and open state of flexible configuration security configuration item
The safety of machine and degree easy to use.User can be by unified configuration management to the security configuration item baseline value of operating system
Carry out unified configuration, the security configuration policy template of different safety class built in expert knowledge library, construction one it is safer
Operating system platform, reduce host operating system compliance risk.
Above-described embodiment 1, step 1 are further comprising the steps of before:Step 1B. manages platform and is to operation where client
The assets of system carry out baseline management;
The assets of the operating system include physical machine, virtual machine and virtualization software;
Carrying out baseline management to the assets of operating system includes that assets are found automatically, assets are manually entered and are divided assets
Group;
Step 1C. manages platform creation task and sends task to client.
In step 3, step 4 and step 5, client returns to log while returning to task result;
In step 5, further include before return step 1:It manages platform and receives the log that client is sent, generate journaling.Day
Will report is detailed security evaluation report, can more intuitively indicate the safe condition of client operating system and to client
The operation for holding operating system security configuration item to carry out.
Embodiment 2:
Embodiment 2 is to operate using above-described embodiment 1 to the security configuration item of client operating system.
It manages platform creation security sweep task and sends security sweep task to client;
The task of client reception pipe platform transmission simultaneously judges that task type is security sweep task;
When task is security sweep task, client is carried out by security configuration item of the security baseline security component to operating system
Scanning, obtains the scan values of security configuration item, and client judges it is not preliminary scan;
Obtain the baseline value in security strategy;
Client compares the scan values of security configuration item and the baseline value of security strategy setting judges whether to close with value item safely
Rule;Judge the access control irregularity in security configuration item;
The result of client return security sweep task;
It manages platform and receives the security sweep task action result that client returns, the security configuration item access control of client is not
Close rule;
It manages platform creation reparation task and sends reparation task to client;
The task of client reception pipe platform transmission simultaneously judges that task type is reparation task;
When task is reparation task, client is swept by security configuration item of the security baseline security component to operating system
It retouches, obtains the scan values of security configuration item, obtain the baseline value of the access control in security strategy, and by comparing security configuration
Scan values and the baseline value of security strategy setting judge whether to close rule with value item safely;
Security configuration item access control is set as pacifying by security configuration item access control irregularity by security baseline security component
Baseline value in full strategy, client return to the result of reparation task;
It manages platform and receives the reparation task action result that client returns, the security configuration item access control reparation of client is appointed
Business is completed;
At this point, if the operating system of client continues following step because repairing the progress that access control affects regular traffic
Suddenly;
It manages platform creation initial configuration task and is sent to client and restore initial configuration task;
The task of client reception pipe platform transmission simultaneously judges task type to restore initial configuration task;
Task is when restoring initial configuration task, and client obtains the preliminary scan value of security configuration item, is pacified by security baseline
The security configuration item access control of operating system is set as preliminary scan value by whole assembly, restores state when preliminary scan, visitor
Family end returns to the implementing result for restoring initial configuration task;
It manages platform and receives the recovery initial configuration access control task action result that client returns, the security configuration of client
Item, which restores initial configuration task, to be completed.
In above-described embodiment 2, before being scanned to client secure operating system, management platform sends safety to client
Strategy;For example, setting is every 30 minutes, run-down;It sets access control in security configuration and selects advanced, intermediate and rudimentary mould
High-level template in plate, i.e. access control use stringent control, as low rights are forbidden accessing;Access is controlled in security configuration item
Advanced, intermediate and rudimentary template be stored in expert knowledge library, expert knowledge library is also supported to upgrade, to guarantee security configuration
Each rank template of access control meets newest standards and requirement in.
Embodiment 3:
As shown in Fig. 2, the present invention also provides a kind of management system of security baseline, including management platform 1 and client 2, management
Platform 1 is connect with client 2 by message-oriented middleware 3;Message-oriented middleware 3 uses the messaging bus of RabbitMQ;Manage platform 1
B/S framework or C/S framework are used with client 2;The quantity of client 2 is several, i.e. management platform management multiple client
Safety;
Managing platform 1 includes task management module 1.1, policy management module 1.2, knowledge base management module 1.3, asset management mould
Block 1.4 and journaling module 1.5;Knowledge base management module 1.3 is connected with expert knowledge library 4;
Client 2 includes subtask management module 2.1, security baseline security component module 2.2 and substrategy management module 2.3;
Task management module 1.1 receives visitor for creating task and to 2.1 transmission task of the subtask management module of client 2
The task action result that 2 subtask management module 2.1 of family end returns;
The task includes security sweep task, reparation task and recovery initial configuration task;
Security sweep task obtains security configuration item for the real-time security configuration item of operating system where scanning client
Scan values judge whether it is preliminary scan, when for preliminary scan, save the preliminary scan value of security configuration item;It is also used to obtain
The baseline value in security strategy is taken, the baseline value of the scan values and security strategy setting that compare security configuration item judges to match safely
Whether value item closes rule;The security configuration item includes identity identification, access control, security audit, remaining information protection, invades and prevent
Model, malicious code resistance and resources control;
Reparation task obtains the scanning of security configuration item for the real-time security configuration item of operating system where scanning client
Value obtains the baseline value in security strategy, by comparing the baseline value of the security strategy of the scan values and setting of security configuration item
To judge whether close rule with value item safely;When the scan values irregularity of security configuration item, safety is set by security configuration item
Baseline value in strategy;
Restore initial configuration task to set the security configuration item of operating system for obtaining the preliminary scan value of security configuration item
It is set to preliminary scan value, restores state when preliminary scan;
Policy management module 1.2, for being arranged and sending security strategy to the substrategy management module 2.3 of client 2;The peace
Full strategy includes scan setting, repairs setting and the setting of security configuration item;
Expert knowledge library 4, for storing the grade template of security configuration item;The grade template includes high-level template, intermediate mould
Plate and rudimentary template;
Knowledge base management module 1.3 is used for upgrade expert knowledge base 4;
Assets management module 1.4 carries out baseline management for the assets to 2 place operating system of client;The operating system
Assets include physical machine, virtual machine and virtualization software;
Journaling module 1.5 exists to assets or group of assets for receiving the log of 2 log management module 2.4 of client
Assets compliance in designated time period is for statistical analysis, generates journaling;
Subtask management module 2.1, for the task of 1 task management module 1.1 of reception pipe platform, to security baseline secure group
The transmission of part module 1.1 executes order, and by the task management module 1.1 of task action result recurrent canal platform 1;
Security baseline security component module 2.2 obtains the value of security configuration item for executing security sweep task;It is repaired for executing
Multiple task or recovery initial configuration task are configured the value of security configuration item;
Substrategy management module 2.3, the security strategy for the setting of 1 policy management module 1.2 of reception pipe platform;
Log management module 2.4, for sending log to the journaling module 1.5 of management platform 1.
The embodiment of the present invention be it is illustrative and not restrictive, above-described embodiment be only to aid in understanding the present invention, because
The present invention is not limited to the embodiments described in specific embodiment for this, all by those skilled in the art's technology according to the present invention
Other specific embodiments that scheme obtains, also belong to the scope of protection of the invention.
Claims (10)
1. a kind of management method of security baseline, which is characterized in that include the following steps:
Step 1. client receives task;The task includes being operated to the security configuration item of operating system for task;
Step 2. client judges task type;The task type includes security sweep task, reparation task and restores initial
Configuration task;
For step 3. when task is security sweep task, client is scanned the security configuration item of operating system, obtains peace
The scan values of full configuration item;
Obtain the baseline value in security strategy;
The baseline value of the scan values and security strategy setting that compare security configuration item judges whether to close rule with value item safely;
The result of client return security sweep task;
Return step 1.
2. a kind of management method of security baseline as described in claim 1, which is characterized in that further include following steps:
For step 4. when task is reparation task, client is scanned the security configuration item of operating system;
Obtain the scan values of security configuration item;
Obtain the baseline value in security strategy;
The baseline value of the scan values and security strategy setting that compare security configuration item judges whether security configuration item closes rule;
If irregularity, the baseline value set security configuration item in security strategy;
If closing rule, without operation;
The result of client return reparation task;
Return step 1.
3. a kind of management method of security baseline as claimed in claim 2, which is characterized in that client in step 3 and step 4
While being scanned to the security configuration item of operating system, preliminary scan is judged whether it is;
If preliminary scan, then the preliminary scan value of security configuration item is saved;
If not preliminary scan, then without operation;
Further include after step 4:
For step 5. when task is to restore initial configuration task, client obtains the preliminary scan value of security configuration item, will operate
The security configuration item of system is set as preliminary scan value, restores state when preliminary scan, and client, which returns, restores initial configuration
The implementing result of task;
Return step 1.
4. a kind of management method of security baseline as described in claim 1, which is characterized in that
It further include step 1A before step 1:Client receives security strategy;The security strategy include scan setting, repair set
It sets and security configuration item is arranged;
Scan setting includes that whether opening timing scans and be arranged scan frequency for setting;
Repairing setting includes setting repair coverage;
The setting of security configuration item, including baseline value is configured.
5. a kind of management method of security baseline as claimed in claim 3, which is characterized in that
It further include following steps before step 1:
Step 1B. manages platform and carries out baseline management to the assets of operating system where client;
The assets of the operating system include physical machine, virtual machine and virtualization software;
Carrying out baseline management to the assets of operating system includes that assets are found automatically, assets are manually entered and are divided assets
Group;
Step 1C. manages platform creation task and sends task to client.
6. a kind of management system of security baseline, which is characterized in that including client(2);
Client(2)Including subtask management module(2.1)With security baseline security component module(2.2);
Subtask management module(2.1), for receiving task, to security baseline security component module(2.2)Transmission executes order,
And return to implementing result;
The task includes security sweep task, reparation task and recovery initial configuration task;
Security baseline security component module(2.2), the value of security configuration item is obtained for executing security sweep task;For executing
Reparation task or recovery initial configuration task are configured the value of security configuration item.
7. a kind of management system of security baseline as claimed in claim 6, which is characterized in that further include management platform(1), pipe
Platform(1)With client(2)Pass through message-oriented middleware(3)Connection;
Manage platform(1)Including task management module(1.1);
Task management module(1.1), for creating task and to client(2)Subtask management module(2.1)Transmission task,
Receive client(2)Subtask management module(2.1)The task action result of return.
8. a kind of management system of security baseline as claimed in claim 7, which is characterized in that client(2)It further include sub- plan
Slightly management module(2.3);
Substrategy management module(2.3), for receiving security strategy;
Manage platform(1)It further include policy management module(1.2)And knowledge base management module(1.3);
Knowledge base management module(1.3)It is connected with expert knowledge library(4);
Policy management module(1.2), for being arranged and to client(2)Substrategy management module(2.3)Send security strategy;
The security strategy includes scan setting, repairs setting and the setting of security configuration item;
Expert knowledge library(4), for storing the grade template of security configuration item;The grade template includes high-level template, middle rank
Template and rudimentary template;
Knowledge base management module(1.3), it is used for upgrade expert knowledge base(4).
9. a kind of management system of security baseline as claimed in claim 7, which is characterized in that management platform(1)It further include money
Produce management module(1.4);
Assets management module(1.4), for client(2)The assets of place operating system carry out baseline management;The operation
The assets of system include physical machine, virtual machine and virtualization software.
10. a kind of management system of security baseline as claimed in claim 7, which is characterized in that client(2)It further include log
Management module(2.4), manage platform(1)It further include journaling module(1.5);
Log management module(2.4), for sending log;
Journaling module(1.5), for receiving client(2)Log management module(2.4)Log, to assets or assets
The assets compliance being grouped in designated time period is for statistical analysis, generates journaling.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810496227.8A CN108833358A (en) | 2018-05-22 | 2018-05-22 | A kind of management method and system of security baseline |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810496227.8A CN108833358A (en) | 2018-05-22 | 2018-05-22 | A kind of management method and system of security baseline |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108833358A true CN108833358A (en) | 2018-11-16 |
Family
ID=64148989
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810496227.8A Pending CN108833358A (en) | 2018-05-22 | 2018-05-22 | A kind of management method and system of security baseline |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108833358A (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109558910A (en) * | 2018-12-13 | 2019-04-02 | 深信服科技股份有限公司 | A kind of method, system and the associated component of the evaluation and test of information security grade |
CN110851172A (en) * | 2019-11-13 | 2020-02-28 | 杭州安恒信息技术股份有限公司 | Method, device, equipment and medium for repairing security configuration of operating system |
CN112270493A (en) * | 2020-11-13 | 2021-01-26 | 中盈优创资讯科技有限公司 | Method and device for automatically protecting assets |
CN112685743A (en) * | 2020-12-28 | 2021-04-20 | 北京珞安科技有限责任公司 | Automatic reinforcing method and system for host security baseline |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102096605A (en) * | 2011-02-17 | 2011-06-15 | 成电汽车电子产业园(昆山)有限公司 | Multi-level resource management implementation method in embedded real-time operation system |
CN104135483A (en) * | 2014-06-13 | 2014-11-05 | 汪志 | Automatic configuration management system for network security |
CN104346574A (en) * | 2014-10-23 | 2015-02-11 | 武汉大学 | Automatic host computer security configuration vulnerability restoration method and system based on configuration specification |
US20170289198A1 (en) * | 2007-09-17 | 2017-10-05 | Ulrich Lang | Method and system for managing security policies |
CN107835094A (en) * | 2017-11-10 | 2018-03-23 | 郑州云海信息技术有限公司 | A kind of centralized security configuration inspection and reinforcement means |
-
2018
- 2018-05-22 CN CN201810496227.8A patent/CN108833358A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20170289198A1 (en) * | 2007-09-17 | 2017-10-05 | Ulrich Lang | Method and system for managing security policies |
CN102096605A (en) * | 2011-02-17 | 2011-06-15 | 成电汽车电子产业园(昆山)有限公司 | Multi-level resource management implementation method in embedded real-time operation system |
CN104135483A (en) * | 2014-06-13 | 2014-11-05 | 汪志 | Automatic configuration management system for network security |
CN104346574A (en) * | 2014-10-23 | 2015-02-11 | 武汉大学 | Automatic host computer security configuration vulnerability restoration method and system based on configuration specification |
CN107835094A (en) * | 2017-11-10 | 2018-03-23 | 郑州云海信息技术有限公司 | A kind of centralized security configuration inspection and reinforcement means |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109558910A (en) * | 2018-12-13 | 2019-04-02 | 深信服科技股份有限公司 | A kind of method, system and the associated component of the evaluation and test of information security grade |
CN109558910B (en) * | 2018-12-13 | 2023-02-03 | 深信服科技股份有限公司 | Method, system and related assembly for evaluating information security level |
CN110851172A (en) * | 2019-11-13 | 2020-02-28 | 杭州安恒信息技术股份有限公司 | Method, device, equipment and medium for repairing security configuration of operating system |
CN112270493A (en) * | 2020-11-13 | 2021-01-26 | 中盈优创资讯科技有限公司 | Method and device for automatically protecting assets |
CN112270493B (en) * | 2020-11-13 | 2023-05-12 | 中盈优创资讯科技有限公司 | Asset automatic protection method and device |
CN112685743A (en) * | 2020-12-28 | 2021-04-20 | 北京珞安科技有限责任公司 | Automatic reinforcing method and system for host security baseline |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108833358A (en) | A kind of management method and system of security baseline | |
Scaparra et al. | An exact solution approach for the interdiction median problem with fortification | |
US20030093696A1 (en) | Risk assessment method | |
CN105656891B (en) | A kind of weak passwurd check method and device | |
CN104253810B (en) | Safe login method and system | |
EP2479698A1 (en) | Systems and methods for detecting fraud associated with systems application processing | |
CN104408587A (en) | Government project management information system | |
CN104683127A (en) | Method and system for centrally checking weak passwords of equipment | |
CN107247648B (en) | Method, device and system for realizing remote project system supervision based on Docker | |
CN103618652A (en) | Audit and depth analysis system and audit and depth analysis method of business data | |
CN116319099A (en) | Multi-terminal financial data management method and system | |
Ivanova et al. | Attack tree generation by policy invalidation | |
CN110991981A (en) | Application method of research and development cloud platform | |
CN113949534A (en) | Resource access method and device for information system, electronic equipment and storage medium | |
CN114362983A (en) | Firewall policy management method and device, computer equipment and storage medium | |
CN107688555A (en) | A kind of function trustship relies on the general offer method of service in calculating | |
CN103227782A (en) | Interphone, client, remote server, software distributing method and software updating method | |
CN103973681B (en) | Two layers of password generation for operation management auditing system fills out method and system | |
CN210895551U (en) | Floating population management system | |
Sadvandi et al. | Safety and security interdependencies in complex systems and sos: Challenges and perspectives | |
CN108343315A (en) | Key management method and terminal device | |
CN112131544A (en) | Shell script method for user management of springboard machine | |
CN109599943B (en) | Power monitoring system reinforcing method, device and equipment based on AD domain | |
CN116070193A (en) | Authority auditing method, system and storage medium for operation and maintenance personnel | |
Surridge et al. | Serscis: Semantic modelling of dynamic, multi-stakeholder systems |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20181116 |