CN111147427A - Management system for computer network security - Google Patents
Management system for computer network security Download PDFInfo
- Publication number
- CN111147427A CN111147427A CN201811310748.6A CN201811310748A CN111147427A CN 111147427 A CN111147427 A CN 111147427A CN 201811310748 A CN201811310748 A CN 201811310748A CN 111147427 A CN111147427 A CN 111147427A
- Authority
- CN
- China
- Prior art keywords
- module
- user
- management system
- security
- network security
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Power Engineering (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses a management system for computer network security, which relates to the field of network security and mainly solves the security problem of the network field, and comprises a user login module, a user authentication module, a memory, a calculator, a comparator and a security module, wherein the output end of the user login module is connected with the input end of a central processing unit, the input end of the user login module is connected with the output end of the user authentication module, the input end of the user authentication module is connected with the output end of the memory, the input end of the memory is connected with a background management system, the output ends of the calculator and the comparator are connected with the central processing unit, the input end of the central processing unit is connected with the security module, the output end of the security module is connected with a backup module, the output end of the backup module is connected with the background management system, the invention has high security performance, the data security is effectively protected, the data is prevented from being damaged, the method has popularization and use values, and is suitable for enterprises, campuses and the like.
Description
Technical Field
The invention relates to the field of network security, in particular to a management system for computer network security.
Background
With the continuous development and progress of society, the network permeates into various industries, plays an indispensable role, greatly improves the production efficiency, brings good economic benefit to various enterprises, permeates into daily life and plays a very important role in life.
Then, in daily life or work, the problem of network security is also a difficulty that people attach more importance. The existing network security management system has low security performance, cannot check and kill viruses in time, is not strict enough in user management, possibly has the possibility that some employees copy company files privately and scatter the company files to the network, cannot locate and lock accounts for copying company information or scattering viruses to damage related file information in time, and does not have a corresponding alarm function.
Disclosure of Invention
The present invention is directed to a computer network security management system to solve the above problems.
In order to achieve the purpose, the invention provides the following technical scheme:
a management system for computer network security comprises a user login module, a user authentication module, a memory, a calculator, a comparator and a security module, wherein the output end of the user login module is connected with the input end of a central processing unit, the input end of the user login module is connected with the output end of the user authentication module, the input end of the user authentication module is connected with the output end of the memory, the input end of the memory is connected with a background management system, the output ends of the calculator and the comparator are connected with the central processing unit, the input end of the central processing unit is connected with the security module, the output end of the security module is connected with a backup module, the output end of the backup module is connected with the background management system, the output end of the comparator is connected with a data conversion system, and the output end of the data conversion system is connected with a communication module, the output end of the communication module is respectively connected with the cloud storage module and the feedback system, and the output ends of the cloud storage module and the feedback system are both connected with the background management system.
As a further scheme of the invention: the user can log in the system through the user login module to obtain the related data information, the account registration is carried out through the user authentication module, the related login authority can be obtained, and meanwhile, the account information registered through the user authentication module can be stored in the memory.
As a further scheme of the invention: the security module comprises a virus searching and killing module, an external network verification module, an account locking module, an alarm module and an isolation module.
As a further scheme of the invention: the virus searching and killing module can detect the operating environment of the main control system, malignant programs appear in the operating environment, and the virus searching and killing module works to search and kill the malignant programs; when the external network user needs to access, the external network user firstly signs an Oakley protocol, and whether the external network user is safe or not is judged according to the following steps: 1. whether the identity of the external network user is consistent with the user data of the corresponding database is provided; 2. whether the user and the IP address dynamically allocated in the network form a corresponding relation or not; 3. and the extranet user sets a specific account through the background management system.
As a further scheme of the invention: the alarm module comprises a host alarm and a mobile terminal alarm.
As a further scheme of the invention: the mobile terminal alarm reminds related workers through a mobile phone terminal or other modes, and if the mobile phone receives a specific short message notification, the related workers can know the problem at the first time.
As a further scheme of the invention: the communication module communication unit comprises a WIFI signal transmitting unit and a GSM signal transmitting unit.
As a further scheme of the invention: the data conversion system compresses and converts locally stored information into an electric signal; the communication module is used for simultaneously storing the electric signals converted by the data conversion system to the cloud storage module, and the feedback system can feed back the information retrieved by the user to the background management system in time.
Compared with the prior art, the invention has the beneficial effects that: the invention has high safety performance, effectively protects the safety of data, prevents the data from being damaged, has popularization and use values, and is suitable for enterprises, campuses and the like;
the account number registration is carried out through the user authentication module, the related login authority can be obtained, meanwhile, the account number information registered through the user authentication module can be stored in the memory, the input end of the memory is connected with the background management system, and the registered account number information can be changed through the background management system, such as password modification, account number logout and the like; the virus searching and killing module can detect the operating environment of the main control system, malignant programs appear in the operating environment, and the virus searching and killing module works to search and kill the malignant programs; when the external network user needs to access, the external network user firstly signs an Oakley protocol, and whether the external network user is safe or not is mainly determined by: 1. whether the identity of the external network user is consistent with the user data of the corresponding database is provided; 2. whether the user and the IP address dynamically allocated in the network form a corresponding relation or not; 3. a central processor of an external network user sets a specific account through a background management system, the account can be monitored in the process of carrying out virus scattering, private file copying and other dangerous behaviors, and other private behaviors for searching data cannot be monitored; only under the condition that the three conditions are met, the connection between the external network user and the system can be realized; when finding that a user account carries out corresponding harm behaviors, the account locking module forcibly locks the account to enable the account not to work any more, and the isolation module can isolate files to prevent the files from being harmed by viruses; the alarm module comprises a host alarm module and a mobile terminal alarm module, the host alarm module can remind background management personnel to operate, so that harmful behaviors such as viruses are prevented from further expanding, the mobile terminal alarm module can remind relevant workers through a mobile phone terminal or other modes, and if the mobile phone receives a specific short message notification, the relevant workers can know problems at the first time.
Drawings
FIG. 1 is a block diagram of the present invention.
Fig. 2 is a block diagram of a security module according to the present invention.
FIG. 3 is a block diagram of an alarm module of the present invention.
In the figure: the system comprises a user login module, a user authentication module, a storage 3, a calculator 4, a comparator 5, a central processing unit 6, a safety module 7, a data conversion system 8, a backup module 9, a communication module 10, a background management system 11, a cloud storage module 12, a feedback system 13, a virus checking and killing module 14, an extranet verification module 15, an account locking module 16, an alarm module 17, an isolation module 18, a mainframe alarm 19 and a mobile terminal alarm 20.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1 to 3, in an embodiment of the present invention, a management system for computer network security includes a user login module 1, a user authentication module 2, a memory 3, a calculator 4, a comparator 5, and a security module 7, an output end of the user login module 1 is connected to an input end of a central processing unit 6, an input end of the user login module 1 is connected to an output end of the user authentication module 2, an input end of the user authentication module 2 is connected to an output end of the memory 3, a user can log in the system through the user login module 1 to obtain related data information, and can obtain related login authority through account registration performed by the user authentication module 2, account information registered by the user authentication module 2 is stored in the memory 3, an input end of the memory 3 is connected to a background management system 11, and the registered account information can be changed through the background management system 11, such as password modification, account logout, etc.;
the output ends of the calculator 4 and the comparator 5 are connected with a central processing unit 6, the input end of the central processing unit 6 is connected with a security module 7, the security module 7 comprises a virus checking and killing module 14, an external network verification module 15, an account locking module 16, an alarm module 17 and an isolation module 18, the virus checking and killing module 14 can detect the operating environment of the main control system, malignant programs appear in the operating environment, and the virus checking and killing module 14 works to check and kill the malignant programs; when the external network user needs to access, the external network user firstly signs an Oakley protocol, and whether the external network user is safe or not is mainly determined by: 1. whether the identity of the external network user is consistent with the user data of the corresponding database is provided; 2. whether the user and the IP address dynamically allocated in the network form a corresponding relation or not; 3. the extranet user sets a specific account through the background management system 11, the account can be supervised when carrying out harm behaviors such as spreading viruses and copying private files, and other privacy behaviors of searched data cannot be supervised; only under the condition that the three conditions are met, the connection between the external network user and the system can be realized; when finding that a user account carries out corresponding harm behaviors, the account locking module 16 works to forcibly lock the account so that the account cannot work any more, and the isolation module 18 can isolate files to prevent the files from being harmed by viruses; the alarm module 17 comprises a host alarm 19 and a mobile terminal alarm 20, the host alarm 19 can remind a background manager of operation to prevent further spread of harmful behaviors such as viruses, and the mobile terminal alarm 20 can remind related workers through a mobile phone terminal or other modes, for example, the related workers can know a problem at the first time in a mode that the mobile phone receives a specific short message notification;
the output end of the security module 7 is connected with a backup module 9, the output end of the backup module 9 is connected with a background management system 11, the output end of the comparator 5 is connected with a data conversion system 8, the output end of the data conversion system 8 is connected with a communication module 10, the output end of the communication module 10 is respectively connected with a cloud storage module 12 and a feedback system 13, the communication unit of the communication module 10 comprises a WIFI signal transmitting unit and a GSM signal transmitting unit, the output ends of the cloud storage module 12 and the feedback system 13 are both connected with the background management system 11, and the data conversion system 8 compresses and converts locally stored information into electric signals; the communication module 10 stores the electric signals converted by the data conversion system 8 to the cloud storage module 12 at the same time, and the feedback system 13 can feed back the information retrieved by the user to the background management system 11 in time.
The working principle of the invention is as follows: the account number registration is carried out through the user authentication module 2, the related login authority can be obtained, meanwhile, the account number information registered through the user authentication module 2 can be stored in the storage 3, the input end of the storage 3 is connected with the background management system 11, and the registered account number information can be changed through the background management system 11, such as password modification, account number logout and the like; the virus searching and killing module 14 can detect the operating environment of the main control system, malignant programs appear in the operating environment, and the virus searching and killing module 14 works to search and kill the malignant programs; when the external network user needs to access, the external network user firstly signs an Oakley protocol, and whether the external network user is safe or not is mainly determined by: 1. whether the identity of the external network user is consistent with the user data of the corresponding database is provided; 2. whether the user and the IP address dynamically allocated in the network form a corresponding relation or not; 3. the central processing unit 6 of the external network user sets a specific account through the background management system 11, the account can be supervised for carrying out harmful behaviors such as virus scattering, private file copying and the like, and other private behaviors for searching data can not be supervised; only under the condition that the three conditions are met, the connection between the external network user and the system can be realized; when finding that a user account carries out corresponding harm behaviors, the account locking module 16 works to forcibly lock the account so that the account cannot work any more, and the isolation module 18 can isolate files to prevent the files from being harmed by viruses; the alarm module 17 comprises a host alarm 19 and a mobile terminal alarm 20, the host alarm 19 can remind a background manager of operation to prevent further expansion of harmful behaviors such as viruses, and the mobile terminal alarm 20 can remind related workers through a mobile phone terminal or other modes, so that the related workers can know problems at the first time if the mobile phone receives a specific short message notification.
It will be evident to those skilled in the art that the invention is not limited to the details of the foregoing illustrative embodiments, and that the present invention may be embodied in other specific forms without departing from the spirit or essential attributes thereof. The present embodiments are therefore to be considered in all respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference sign in a claim should not be construed as limiting the claim concerned.
Furthermore, it should be understood that although the present description refers to embodiments, not every embodiment may contain only a single embodiment, and such description is for clarity only, and those skilled in the art should integrate the description, and the embodiments may be combined as appropriate to form other embodiments understood by those skilled in the art.
Claims (9)
1. A management system for computer network security comprises a user login module (1), a user authentication module (2), a memory (3), a calculator (4), a comparator (5) and a security module (7), wherein the output end of the user login module (1) is connected with the input end of a central processing unit (6), the input end of the user login module (1) is connected with the output end of the user authentication module (2), the input end of the user authentication module (2) is connected with the output end of the memory (3), the input end of the memory (3) is connected with a background management system (11), the output ends of the calculator (4) and the comparator (5) are connected with the central processing unit (6), the input end of the central processing unit (6) is connected with the security module (7), the output end of the security module (7) is connected with a backup module (9), the output of backup module (9) links to each other with backstage management system (11), the output of comparator (5) links to each other with data conversion system (8), the output of data conversion system (8) links to each other with communication module (10), communication module's (10) output links to each other with high in the clouds storage module (12) and feedback system (13) respectively, the output of high in the clouds storage module (12) and feedback system (13) all links to each other with backstage management system (11).
2. The computer network security management system according to claim 1, wherein the user logs in the system through the user login module (1) to obtain the related data information, performs account registration through the user authentication module (2) to obtain the related login right, and the account information registered through the user authentication module (2) is stored in the memory (3).
3. The computer network security management system according to claim 2, wherein the security module (7) comprises a virus checking and killing module (14), an extranet authentication module (15), an account locking module (16), an alarm module (17) and an isolation module (18).
4. A computer network security management system according to claim 3, wherein when the extranet user needs to access, the extranet user first signs Oakley agreement to determine whether the extranet user depends on the following three conditions: 1. whether the identity of the external network user is consistent with the user data of the corresponding database is provided; 2. whether the user and the IP address dynamically allocated in the network form a corresponding relation or not; 3. the extranet user sets a specific account number through the background management system (11).
5. The computer network security management system according to claim 4, wherein the alarm module (17) comprises a host alarm (19) and a mobile terminal alarm (20).
6. The computer network security management system according to claim 5, wherein the mobile terminal alarm (20) is a phone terminal alarm for reminding relevant staff.
7. The management system of computer network security according to claim 1, characterized in that the communication module (10) communication unit comprises a WIFI signal transmission unit and a GSM signal transmission unit.
8. The management system of computer network security according to claim 7, characterized in that said data conversion system (8) compresses and converts locally stored information into electrical signals; the communication module (10) stores the electric signals converted by the data conversion system (8) to the cloud storage module (12) at the same time, and the feedback system (13) can feed back the information retrieved by the user to the background management system (11) in time.
9. Use of a management system of computer network security according to any of claims 1-8 in the field of network security.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811310748.6A CN111147427A (en) | 2018-11-06 | 2018-11-06 | Management system for computer network security |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811310748.6A CN111147427A (en) | 2018-11-06 | 2018-11-06 | Management system for computer network security |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111147427A true CN111147427A (en) | 2020-05-12 |
Family
ID=70516540
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811310748.6A Pending CN111147427A (en) | 2018-11-06 | 2018-11-06 | Management system for computer network security |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111147427A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111770076A (en) * | 2020-06-24 | 2020-10-13 | 国网福建省电力有限公司 | Self-detection network security system and working method thereof |
| CN114579909A (en) * | 2021-10-21 | 2022-06-03 | 重庆殊胜文化传媒有限公司 | Website security management system |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2010148767A1 (en) * | 2009-11-30 | 2010-12-29 | 中兴通讯股份有限公司 | Method and system for user authentication |
| CN103036886A (en) * | 2012-12-19 | 2013-04-10 | 珠海市鸿瑞软件技术有限公司 | Industrial controlling network safety protecting method |
| CN106850593A (en) * | 2017-01-14 | 2017-06-13 | 河南工程学院 | A kind of computer network security guard system |
-
2018
- 2018-11-06 CN CN201811310748.6A patent/CN111147427A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2010148767A1 (en) * | 2009-11-30 | 2010-12-29 | 中兴通讯股份有限公司 | Method and system for user authentication |
| CN103036886A (en) * | 2012-12-19 | 2013-04-10 | 珠海市鸿瑞软件技术有限公司 | Industrial controlling network safety protecting method |
| CN106850593A (en) * | 2017-01-14 | 2017-06-13 | 河南工程学院 | A kind of computer network security guard system |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111770076A (en) * | 2020-06-24 | 2020-10-13 | 国网福建省电力有限公司 | Self-detection network security system and working method thereof |
| CN114579909A (en) * | 2021-10-21 | 2022-06-03 | 重庆殊胜文化传媒有限公司 | Website security management system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103208147B (en) | A kind of intelligent alarm gate inhibition's method for supervising and system | |
| CN106503524B (en) | A kind of computer network security guard system | |
| CN103533521B (en) | Coal mine safety monitoring remote data inquiry system and inquiry thereof and method for early warning | |
| CN103441926A (en) | Security gateway system of numerically-controlled machine tool network | |
| CN112149090A (en) | Computer network safety protection system based on data cloud | |
| CN101667934A (en) | Centralized supervision device and supervision method of USB interface equipment networking | |
| CN111147427A (en) | Management system for computer network security | |
| CN211239887U (en) | Monitoring data tamper-proofing system based on block chain | |
| US20150256962A1 (en) | M2m gateway device and applying method thereof | |
| CN109410397B (en) | Unlocking method, unlocking system, intelligent terminal and intelligent terminal storage medium | |
| CN108270798B (en) | Mobile terminal equipment safety management system | |
| Liu et al. | Research on technology application and security threat of Internet of Things for smart grid | |
| CN114124450A (en) | Network security system and method for remote storage battery capacity checking | |
| CN204557485U (en) | A kind of privately owned cloud device reaching terminal device reduction by finger print identifying | |
| CN111049853A (en) | Security authentication system based on computer network | |
| CN203827381U (en) | Novel network safety equipment | |
| CN109041056A (en) | A kind of wireless data communication system for remotely controlling | |
| CN115361273A (en) | Block chain-based electric power operation and maintenance safety supervision and emergency management and control system and method | |
| CN113626857A (en) | Meteorological information sharing service system based on visual plug-in and use method | |
| CN110933064B (en) | Method and system for determining user behavior track | |
| CN202713367U (en) | Main station applicable to power utilization information acquisition system | |
| CN104700220A (en) | High-safety intelligent management system for emergency counting, positioning and searching | |
| CN218124715U (en) | Data storage security management platform for cloud storage | |
| CN110930109A (en) | Information safety system based on social surface monitoring | |
| CN114338175B (en) | Data collection management system and data collection management method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200512 |