Summary of the invention
The technical problem to be solved in the present invention provides a kind of data service system safety method; professional critical data is protected; when critical data generation illegal modifications; the energy fast detecting is to the generation of security incident; after security incident takes place; the fast quick-recovery critical data of energy, thus service operation recovered, the fail safe that improves system.
In order to address the above problem, the invention provides a kind of system of protected data service security, comprising: data service system and service security system; Described service security system comprises TSM Security Agent subsystem, security centre and maintenance subsystem; Described TSM Security Agent subsystem is included in the data service system;
Described TSM Security Agent subsystem is used to collect the security information of data service system, and is sent to described security centre; Described security centre when being used for detecting security incident and taking place according to the described security information that receives, sends warning information to described maintenance subsystem; Described maintenance subsystem after being used to receive warning information, is alarmed.
Further, described security information is system information and/or protected data information.
Further, described security centre comprises safety analysis module 242, is used to receive described system information and/or described protected data information, and detects security incident; Described security centre comprises data redundancy module 241, is used for preserving the system information and/or the protected data information that receive when 242 judgements of safety analysis module security incident do not take place; Described maintenance subsystem comprises configuration module 281, and being used for provides security incident to detect rule to described safety analysis module 242; Also being used for the configuration protection data can revise, and the modification scope of configuration protection data; Described security incident detects rule and is one of following rule or its combination: backed up data in the protected data information of collecting and the described data redundancy module 241 is compared, and whether the detection data are revised; Whether the change of statistics protected data information surpasses pre-configured modification scope; Add up described system information whether in the scope of normal configuration.
Further, described TSM Security Agent subsystem comprises local data redundant module 223, and the system information and/or the described protected data information that are used for described data service system that described TSM Security Agent subsystem is collected back up; Described security centre also comprises data recovery module 243, is used for when described safety analysis module 242 detects security incident and takes place, and recovers at the TSM Security Agent subsystem according to the Backup Data of local data redundant module 223; Or recover in security centre according to the Backup Data of data redundancy module 241; Or recover at the TSM Security Agent subsystem according to the Backup Data of local data redundant module 223 earlier, the Backup Data according to data redundancy module 241 recovers in security centre again.
Further, described configuration module 281 also is used for providing the data collection rule to described TSM Security Agent subsystem; Described TSM Security Agent subsystem comprises system safety agency 221, is used for collecting according to described collection principle the system information of data service system; Described system information comprises one of following at least information: operation system information, operation progress information, memory information; Described TSM Security Agent subsystem comprises data security agency 222, is used for collecting according to described collection principle the protected data information of data service system; Described protected data information comprises one of following at least information: business procedure, configuration file, database obtain protected data information.
Further, described security centre also comprises log pattern 244, links to each other with data recovery module 243 with safety analysis module 242, is used for the security log of record data operating process.
The present invention also provides a kind of method of protected data service security, and the TSM Security Agent subsystem is collected the security information of data service system, and is sent to described security centre; When security centre detects the security incident generation according to the described security information that receives, send warning information to maintenance subsystem; Maintenance subsystem after being used to receive warning information, is alarmed.
Further, described security information is system information and/or protected data information.
Further, the safety analysis module 242 of described security centre receives described system information and/or described protected data information, and detects security incident; When the data redundancy module 241 of described security centre security incident does not take place in 242 judgements of safety analysis module, preserve the system information and/or the protected data information that receive; The configuration module 281 of described maintenance subsystem provides security incident to detect rule to described safety analysis module 242; Also being used for the configuration protection data can revise, and the modification scope of configuration protection data; Described security incident detects rule and is one of following rule or its combination: backed up data in the protected data information of collecting and the described data redundancy module 241 is compared, and whether the detection data are revised; Whether the change of statistics protected data information surpasses pre-configured modification scope; Add up described system information whether in the scope of normal configuration.
Further, the local data redundant module 223 of described TSM Security Agent subsystem, the system information and/or the described protected data information of the described data service system that described TSM Security Agent subsystem is collected back up; The data recovery module 243 of described security centre when described safety analysis module 242 detects security incident and takes place, is recovered at the TSM Security Agent subsystem according to the Backup Data of local data redundant module 223; Or recover in security centre according to the Backup Data of data redundancy module 241; Or recover at the TSM Security Agent subsystem according to the Backup Data of local data redundant module 223 earlier, the Backup Data according to data redundancy module 241 recovers in security centre again.
Further, described maintenance subsystem provides the data collection rule to described TSM Security Agent subsystem; Described TSM Security Agent subsystem is collected the system information and/or the protected data information of data service system according to described collection principle; Described system information comprises one of following at least information: operation system information, operation progress information, memory information; Described protected data information comprises one of following at least information: business procedure, configuration file, database obtain protected data information.
Further, the security log of described security centre record data operating process.
Further, described security centre detects regularly according to the configuration of described maintenance subsystem whether the security incident generation is arranged.
Compared with prior art, data service system safety method of the present invention is protected professional critical data, and the auxiliary system monitoring, and when critical data generation illegal modifications, the energy fast detecting is to the generation of security incident.After security incident takes place, utilize the redundancy backup data, the fast quick-recovery critical data of energy, thus recover service operation, the fail safe that has improved system.
Embodiment
In the data service system safety method of the present invention, professional critical data is backed up, and auxiliary system monitoring, when detecting critical data generation illegal modifications, fast detecting is to the generation of security incident, and, make business recover normal operation as early as possible according to Backup Data recovery critical data, improve the fail safe of system.
As shown in Figure 1, the system of protected data service security comprises data service system and service security system 200 among the present invention.Service security system 200 comprises TSM Security Agent subsystem 220, security centre 240, data subsystem 260, maintenance subsystem 280, and these four parts link to each other by Ethernet, and TSM Security Agent subsystem 220 is included in the data service system.
The part concrete function of service security system 200 is as follows among Fig. 2:
TSM Security Agent subsystem 220 is used for the configuration according to maintenance subsystem 280, collects the system information and/or the protected data information of data service system, and sends to security centre 240; Local data is carried out redundancy backup; Service data operation system local data safety;
TSM Security Agent subsystem 220 specifically comprises system safety agency 221, data security agency 222, local data redundant module 223 and local data security module 224;
System safety agency 221 according to the data collection rule of configuration module 281 configurations, collects the system information (as operation system information, operation progress information, memory information etc.) of data service system, and sends to security centre 240;
Data security agency 222 according to the data collection rule of configuration module 281 configurations, collects the protected data information (obtaining protected data information as business procedure, configuration file, database) of data service system, and sends to security centre 240;
Local data redundant module 223 according to configuration, carries out redundancy backup to local data, in order to recovering; Described local data comprises system information and/or protected data information;
Local data security module 224, service data operation system local data safety.
Security centre 240, system information from system safety agency 221 collection data service systems, protected data information from data security agency 222 collection data service systems, and preserve, the operation of monitoring operation system, when monitoring the abnormal conditions generation, send alarm notification, and provide data to recover;
Security centre 240 specifically comprises: data redundancy module 241, safety analysis module 242, data recovery module 243, log pattern 244;
Data redundancy module 241, system information from system safety agency 221 collection data service systems, protected data information from data security agency 222 collection data service systems, when security incident does not take place in 242 judgements of safety analysis module, preserve the system information and the protected data information of collecting, and system information and protected data information are preserved data to data subsystem 260;
Safety analysis module 242, system information and protected data information that data redundant module 241 is collected are carried out safety analysis, detect whether the security incident intrusion event of the Internet (be etc.) takes place, when security incident takes place, notice maintenance subsystem 280, send a warning message to alarm module 282, perhaps notification data recovery module 243 is carried out the data recovery;
Whether described safety detection rule is one of following rule: protected data and the Backup Data collected are compared, detect data and revise; Whether the change of statistics protected data information surpasses pre-configured modification scope; Whether the system information of statistics collection is in the scope of normal configuration.
Data recovery module 243 is accepted 242 indications of safety analysis module, carries out data and recovers; Data according to configuration module 281 indications are recovered;
Data recovery module 243 is carried out data when recovering, and in the data of local backup, at local recovery, have conveniently characteristics, but fail safe is not high according to data security agency 222 redundant data; In the data of remote backup, recover in security centre according to the redundant data of data redundancy module 241, operation is complicated, but safe; Some data all has backup data security agency 222 and data redundancy module 241, then under the unified scheduling of security centre, earlier according to data security agency 222 redundant data at local recovery, recover in security centre according to the redundant data of data redundancy module 241 again.
Log pattern 244 links to each other with data recovery module 243 with safety analysis module 242, and the security log of record data operating process is convenient to keeper's inquiry.
Data subsystem 260 is used to preserve system information and the protected data information and the safe handling related data (as log information and intermediate treatment data etc.) of the data service system that data redundancy module 241 collects.
Maintenance subsystem 280 links to each other with service security system 200 other modules, is used for safeguarding and provide other miscellaneous functions to service security system 200, and described miscellaneous function comprises configuration feature, alarm function;
Maintenance subsystem 280 specifically comprises: configuration module 281 and alarm module 282;
Configuration module 281 provides the data collection rule (can be regularly to collect, also can dynamically adjust according to service conditions to system safety agency 221 and data security agency 222; System information is identical with the Collection Rules of " protected data information "); Provide security incident to detect rule to safety analysis module 242; To system safety agency 221, data security agency 222, data security agency 222 and data recovery module 243 provide protected data information (promptly need to collect and the backed up data type, as configuration file, database, internal storage data etc.; Need the data recovered type; The means that data are recovered); To security centre 240 indication protected datas (system organization is understood at convenient and safe center, and from the system level monitoring, for example, data service system comprises those modules, and those processes are legal, and those files are legal, or the like); Data service system topology information and system's inner module information are provided, and convenient and safe center judges whether to have taken place security incident.
Above-mentioned safety detection rule can be: the configuration protection data can be revised, and the modification scope of configuration protection data; Protected data and the Backup Data collected are compared, detect data and whether revise; Whether the change of statistics protected data information surpasses pre-configured modification scope; Whether the system information of statistics collection is in the scope of configuration module 281 configurations etc.
Alarm module 282 is accepted the warning information of safety analysis module 242, and display alarm sends a warning message to the keeper.
Above-mentioned protected data information refers to the critical data that the service security system need monitor and be protected, as configuration data; user data etc. back up these data, and monitor data; whether monitoring illegal operation takes place, and detecting when illegal operation takes place alarm or carrying out data automatically and recover.According to configuration, protected data can be protected in this locality by the TSM Security Agent subsystem, also can be protected by security centre.
As shown in Figure 3, the method for protected data service security specifically may further comprise the steps among the present invention:
Step 301, security centre 240 is provided with cycle timer;
Step 302, timer arrives, and data are collected by security centre 240, and call 242 pairs of data of safety analysis module and analyze;
Safety analysis module 242 is acted on behalf of 221 system informations of collecting data service system from system safety, acts on behalf of the 222 protected data information of collecting data service system from data security.
Step 303, safety analysis module 242 judges whether to take place security incident, if carry out next step; Otherwise, forward step 307 to;
Whether described safety detection rule is one of following rule: the protected data of collection and the Backup Data of data redundancy module 241 are compared, detect data and revise; Whether the change of statistics protected data information surpasses pre-configured modification scope; Whether the system information of statistics collection is in the scope of normal configuration.
Step 304, safety analysis module 242 sends alarm notification to alarm module 282, and alarm module 282 is alarmed;
Alarm module 282 also writes down warning information, and according to configuration information, notifies the keeper.
Step 305, safety analysis module 242 need to judge whether restore data, if carry out next step, otherwise forward step 307 to;
Step 306, data recovery module 243 are carried out data and are recovered.
Data recovery module 243 is carried out data when recovering, and in the data of local backup, at local recovery, have conveniently characteristics, but fail safe is not high according to data security agency 222 redundant data; In the data of remote backup, recover in security centre according to the redundant data of data redundancy module 241, operation is complicated, but safe; Some data all has backup data security agency 222 and data redundancy module 241, then under the unified scheduling of security centre, earlier according to data security agency 222 redundant data at local recovery, recover in security centre according to the redundant data of data redundancy module 241 again.
The method of restore data comprises: file covers, data sync, database data recovery etc.
Step 307, log pattern 244 log information.
Log pattern 244 generates safety statistics information also according to configuration information.
In said method, system safety agency 221 and data security agency 222 are according to the data collection rule (for example regularly collecting) of configuration module 281 configurations, collect the system information and the protected data information of data service system respectively, and send to security centre 240; Local data redundant module 223 according to configuration, carries out redundancy backup to system information and protected data information, in order to recovering; Data redundancy module 241 from the system information that system safety agency 221 collects data service system, is acted on behalf of the 222 protected data information of collecting data service systems from data security; Back up.In the said method implementation, the backup of 241 pairs of system informations of local data redundant module 223 and data redundancy module and protected data information, (as regularly carrying out) carried out in 281 configurations according to configuration module.
In sum, method of the present invention is protected professional critical data, and the auxiliary system monitoring, and when critical data generation illegal modifications, the energy fast detecting is to the generation of security incident.After security incident takes place, utilize the redundancy backup data, the fast quick-recovery critical data of energy, thus recover service operation, the fail safe that has improved system.
More than describe operation principle of the present invention in detail, but this just for the ease of understanding for the embodiment of a visualization, do not constitute qualification to protection range of the present invention.Under the situation that does not deviate from spirit of the present invention and essence thereof, those skilled in the art work as can make various corresponding changes and distortion according to the present invention, but these corresponding changes and distortion all should belong to the protection range of the appended claim of the present invention.