A kind of self-service CD burning Life cycle monitoring and auditing method
Technical field
The invention belongs to computer technology and information security field, relate in particular to the security management and control system and method for CD burning.
Background technology
In concerning security matters fields such as military project, army, national defence scientific researches, importing, derivation, the transmission of data there be the management system and the management method of strictness.In the process of exchanges data, what play important instrumentality is exactly all kinds of concerning security matters carriers, comprises paper medium, light medium, electromagnetic medium.Wherein, the light medium is a CD, and data mode is limited, content is difficult for distorting because CD writes, and safe coefficient is higher relatively, and low price, easy to carry, so be widely used in exchanges data.But; This does not also mean that the safety management requirement that can reduce CD burning; On the contrary, need especially pay close attention to for the process control and the audit of CD burning, also perfect management is outside-the-system except setting up; Also need be auxiliary mutually with technological means, the Life cycle of CD burning is monitored and audited.
CD burning secret and safe management comprises several key links: imprinting is examined, imprinting export, optical disc identified, CD reclaims and the imprinting daily record is audited.Existing solution normally adds technological management and control means in certain link, thereby realizes the security management to CD burning in conjunction with special messenger's supervision and operation recording device.For example imprinting is examined through the approval process of OA system and is carried out, and when the applicant logins the submission imprinting application of OA system, need safeguard information such as title, level of confidentiality, and upload engraving data.Examine the leader and in the OA system, examine, when examine through after, the applicant can be to the exchanges data chamber or reference room look for the imprinting keeper to carry out imprinting.The imprinting keeper can login the OA system and view the result that imprinting is examined; Become CD by imprinting keeper data download and imprinting; Sign to CD is through adhesive label on the CD card or the manual information such as numbering, organization, level of confidentiality, imprinting people, imprinting date of writing; To on register, register the imprinting daily record by hand at last, comprise imprinting time, imprinting people, title, level of confidentiality, whereabouts etc.Whether CD uses when reclaiming, need the artificial nucleus consistent with the imprinting daily record to the sign on the CD card, and the hand-kept CD reclaims state.
It is to be applied to CD burning output and the audit link (is seen patent " method of a kind of safe imprinting and audit " that some technological means are arranged; Application number 201010553013.3); Realization is to the management and the imprinting control of recording device; For example the imprinting authority is controlled, data of optical disk is carried out encryption burning, write down the imprinting daily record automatically.
Existing technical scheme can only be carried out technological management and control in some or certain several link; In the process of imprinting, still need special messenger's management that exercises supervision, existing some risks and problem aspect secret and safe and the convenience: 1. lack of complete and coherent technological means and solution realize from imprinting examine, imprinting output, optical disc identified, CD reclaims and the Life cycle safety management of imprinting audit.Occur easily between each link disconnecting, thereby cause the not clear problem of responsibility to take place, and be difficult to review.2. submit the imprinting application to through OA, the restriction of annex size is often arranged when uploading data, can only submit single file to, and can not upload data according to bibliographic structure.3. need the special messenger to operate in the imprinting process and supervise, exist and enlarge classified information and know the risk of scope, and run under the situation such as overtime work, increased keeper's work load, exist the inconvenience in the work.4. the sign of CD and recovery are owing to depend on manually-operated, and easy error causes occurring the unclear situation of concerning security matters CD account.
Summary of the invention
Goal of the invention: be directed against the concerning security matters industry to the security management requirement of CD burning and the problems referred to above that exist; The present invention proposes monitoring of a kind of self-service CD burning Life cycle and auditing method, realize from imprinting examine, engraving data, the optical disc identified lifecycle management that reclaims to CD; And propose a kind of self-service imprinting mode of operation of swiping the card, both convenient work can be improved the security of CD burning again.
Technical scheme: monitoring of a kind of self-service CD burning Life cycle and auditing system comprise that several PCs, several CDs print recording device, CD recovery point computer, server, network; CD burning monitoring and auditing system are set on server, installation imprinting application on PC/examine client, fixing disc reclaims client on CD recovery point computer; The equal access network of server and PC; Every CD is printed recording device and is bound an imprinting control terminal, access network;
Said imprinting control terminal comprises CPU, internal memory, power supply, liquid crystal touch screen, card reading module and network interface card, and CPU mainly is responsible for processing and comes from the data of card reading module, liquid crystal touch screen, network interface card and carry out data communication with CD printing recording device and server; Card reading module is used for carrying out user identity through recognition user card number and differentiates; Liquid crystal touch screen had both been supported input information, also can display message, and chief leading cadre's machine is mutual; The imprinting control terminal is printed recording device through network interface and CD and is connected, and the control CD is printed recording device startup card and printed and the imprinting task, and in real time the imprinting daily record is uploaded onto the server;
Fixing disc imprinting monitoring and auditing system on server are realized user management, imprinting control of authority, approval process configuration, barcode encoding rule, CD printing recording device control and record imprinting daily record; CD burning monitoring and auditing system can be realized user's registration and launch, and user's imprinting authority is controlled, and the user who only gives the imprinting authority just can submit the imprinting application to and carry out the self-service imprinting of CD, do not have the user of imprinting authority can't imprinting; Imprinting is examined and is both supported one-level to examine to support that also multistage examining, keeper can be logined the CD burning monitoring and auditing system is examined the self-defined approval process of dimension according to level of confidentiality, whereabouts etc.; Can be provided with the optical disc encoding rule, the bar code of guaranteeing spray printing on every CD card all is unique; CD card print format can also be defined, the relative putting position of which data and data etc. will be printed on the design card; The imprinting daily record of omnidistance record can be carried out query composition, thereby improve imprinting audit efficient greatly according to imprinting time, imprinting people, level of confidentiality, condition such as whether reclaim;
CD print recording device built-in CD writer, cd printer and mechanical arm; In printing of CD card and data carving process, do not need manual intervention fully; Automatically control completion by CD burning monitoring and auditing system: at first control mechanical arm extracting CD from the dish groove and put into cd printer; The coding rule and the card print format that pre-set according to the user; Adopt modes such as ink-jet or hot transfer printing to print card, on card, print information such as bar code, title, level of confidentiality, imprinting people, imprinting time; Then, control machinery is held in hand and is got CD and put into CD writer and carry out data carving; Card print with data carving after hours, CD is exported from printing recording device placing mouth;
Installation imprinting application on PC/examine client, the user can submit the imprinting application to through this client, and the approver can examine the imprinting application;
Reclaim fixing disc recovery client on the computer at CD, retrieval management person can be scanned the bar code on the CD or import bar code number with barcode scanner, and the imprinting daily record before inquiring also can be reclaimed state through the modification CD CD is reclaimed; System reclaims daily record with recording disk, comprises reclaiming people, recovery time, title, bar code number etc.
The present invention discloses the method for a kind of self-service CD burning Life cycle monitoring and auditing system, its step comprises:
1) applicant logins CD burning application client and submits the imprinting application to, uploads engraving data;
2) approver checks the imprinting application, downloads the engraving data examining content, carries out imprinting and examines;
3) examine through after, the applicant swipes the card to the imprinting control terminal, can view the imprinting application through examining, the applicant selects an imprinting application and confirms;
4) CD is printed recording device and is printed card and engraving data, and the card data comprise information such as bar code number, level of confidentiality;
When 5) CD reclaimed, retrieval management person was scanned the data of CD card, carried out CD and reclaimed;
6) imprinting of CD burning monitoring and auditing system record examine, Life cycle log content such as imprinting operation and CD recovery, be convenient to inquiry and audit.
Wherein, in step 1), when the user need imprint CDs; At first on PC, login imprinting application client; And submit imprinting information to, and comprise title, level of confidentiality, purposes, whereabouts, umber, application reason etc., upload engraving data then and be stored in server end; Graded is uploaded engraving data in batches, and can keep uploading the bibliographic structure of data.Surpass a CD capacity when the user uploads data,, will point out, require to submit engraving data to according to an optical disc data amount to the user like the capacity of a DVD CD;
In step 2) in, after the user submitted the imprinting application to, CD burning monitoring and auditing system can transfer immediate news to examining the leader accordingly according to the imprinting approval process that configures; Examine the leader and can check the imprinting application, and can download engraving data file content is examined, carry out imprinting and examine; The applicant can in time obtain to examine through or the message of refusal; Daily record is examined in the system log (SYSLOG) imprinting, comprises applicant, application time, title, level of confidentiality, umber, examines leader, approval status etc.;
In step 3), 4) in, when imprinting examine through after, the user can be to the imprinting control terminal; Card-reading zone at the imprinting control terminal is swiped the card; The card reading module of imprinting control terminal can be discerned the contact type intelligent card of main flow on the market, for example HID, EM, Mifare etc., built-in chip in the smart card; Store unique card number in every card, can be used as the unique identification of user identity; When card reading module recognizes card number, CPU1 passes to server with the card number that obtains and carries out authenticating user identification; The user also can through on the liquid crystal touch screen of imprinting control terminal, input number of the account, password carries out authentication; After authentication is passed through, will show that on the liquid crystal display of imprinting control terminal this user submits and examine the imprinting operation of passing through to; The user can select certain bar imprinting operation and confirm, the imprinting control terminal starts CD printing recording device with announcement server and carries out automatic card printing and CD burning;
In step 5); When CD need reclaim, retrieval management person logined CD and reclaims client on PC, perhaps imported bar code number with the bar code on the barcode scanner scanning CD; Imprinting daily record before can inquiring, the keeper can reclaim CD through revising CD recovery state.System reclaims daily record with recording disk, comprises reclaiming people, recovery time, title, bar code number etc.
Advantage of the present invention and beneficial effect: 1. the enforcement through this scheme, can realize CD burning from imprinting examine, imprinting output, optical disc identified, monitoring and audit that CD reclaims Life cycle.Only broken through in some or certain several link technical application means and combine safety that labor management brings and the limitation on the efficient, the supvr who can be secret industry is realizing CD burning secret and safe management full range and is becoming more meticulous useful support to be provided aspect horizontal.2. solved through OA and uploaded engraving data data size, the conditional problem of data structure.3. the self-service CD burning mode of innovation can effectively alleviate keeper's working pressure, and solve the problem that unconscious expansion classified information is known scope, greatly convenient work.4.. the CD card can be printed bar code automatically and identify as uniqueness, it is more accurate, convenient to make that CD reclaims.5. the daily record record of the audit of full range can write down each key link of imprinting process comprehensively and accurately, and log record is easy to inquiry, makes the imprinting audit be easier to operation.6. the deployment of present technique scheme need not change user's existing network framework, has the easy characteristics of disposing.
Description of drawings
Fig. 1 is a system architecture synoptic diagram of the present invention;
Fig. 2 is a method flow block diagram of the present invention.
Embodiment
In order to make the object of the invention, technical scheme and advantage clearer, describe the present invention below in conjunction with accompanying drawing and specific embodiment.
As shown in Figure 1, monitoring of a kind of self-service CD burning Life cycle and auditing system comprise that several PCs, several CDs print recording device, CD recovery point computer, server, network; CD burning monitoring and auditing system are set on server, installation imprinting application on PC/examine client, fixing disc reclaims client on CD recovery point computer; The equal access network of server and PC; Every CD is printed recording device and is bound an imprinting control terminal, access network;
Said imprinting control terminal comprises CPU, internal memory, power supply, liquid crystal touch screen, card reading module and network interface card, and CPU mainly is responsible for processing and comes from the data of card reading module, liquid crystal touch screen, network interface card and carry out data communication with CD printing recording device and server; Card reading module is used for carrying out user identity through recognition user card number and differentiates; Liquid crystal touch screen had both been supported input information, also can display message, and chief leading cadre's machine is mutual; The imprinting control terminal is printed recording device through network interface and CD and is connected, and the control CD is printed recording device startup card and printed and the imprinting task, and in real time the imprinting daily record is uploaded onto the server;
Fixing disc imprinting monitoring and auditing system on server are realized user management, imprinting control of authority, approval process configuration, barcode encoding rule, CD printing recording device control and record imprinting daily record; CD burning monitoring and auditing system can be realized user's registration and launch, and user's imprinting authority is controlled, and the user who only gives the imprinting authority just can submit the imprinting application to and carry out the self-service imprinting of CD, do not have the user of imprinting authority can't imprinting; Imprinting is examined and is both supported one-level to examine to support that also multistage examining, keeper can be logined the CD burning monitoring and auditing system is examined the self-defined approval process of dimension according to level of confidentiality, whereabouts etc.; Can be provided with the optical disc encoding rule, the bar code of guaranteeing spray printing on every CD card all is unique; CD card print format can also be defined, the relative putting position of which data and data etc. will be printed on the design card; The imprinting daily record of omnidistance record can be carried out query composition, thereby improve imprinting audit efficient greatly according to imprinting time, imprinting people, level of confidentiality, condition such as whether reclaim;
CD print recording device built-in CD writer, cd printer and mechanical arm; In printing of CD card and data carving process, do not need manual intervention fully; Automatically control completion by CD burning monitoring and auditing system: at first control mechanical arm extracting CD from the dish groove and put into cd printer; The coding rule and the card print format that pre-set according to the user; Adopt modes such as ink-jet or hot transfer printing to print card, on card, print information such as bar code, title, level of confidentiality, imprinting people, imprinting time; Then, control machinery is held in hand and is got CD and put into CD writer and carry out data carving; Card print with data carving after hours, CD is exported from printing recording device placing mouth;
Installation imprinting application on PC/examine client, the user can submit the imprinting application to through this client, and the approver can examine the imprinting application;
Reclaim fixing disc recovery client on the computer at CD, retrieval management person can be scanned the bar code on the CD or import bar code number with barcode scanner, and the imprinting daily record before inquiring also can be reclaimed state through the modification CD CD is reclaimed; System reclaims daily record with recording disk, comprises reclaiming people, recovery time, title, bar code number etc.
The present invention discloses the method for a kind of self-service CD burning Life cycle monitoring and auditing system, its step comprises:
1) applicant logins CD burning application client and submits the imprinting application to, uploads engraving data;
2) approver checks the imprinting application, downloads the engraving data examining content, carries out imprinting and examines;
3) examine through after, the applicant swipes the card to the imprinting control terminal, can view the imprinting application through examining, the applicant selects an imprinting application and confirms;
4) CD is printed recording device and is printed card and engraving data, and the card data comprise information such as bar code number, level of confidentiality;
When 5) CD reclaimed, retrieval management person was scanned the data of CD card, carried out CD and reclaimed;
6) imprinting of CD burning monitoring and auditing system record examine, Life cycle log content such as imprinting operation and CD recovery, be convenient to inquiry and audit.
Fig. 2 is the FB(flow block) of this method.Wherein, in step 1), when the user need imprint CDs; At first on PC, login imprinting application client; And submit imprinting information to, and comprise title, level of confidentiality, purposes, whereabouts, umber, application reason etc., upload engraving data then and be stored in server end; Graded is uploaded engraving data in batches, and can keep uploading the bibliographic structure of data.Surpass a CD capacity when the user uploads data,, will point out, require to submit engraving data to according to an optical disc data amount to the user like the capacity of a DVD CD;
In step 2) in, after the user submitted the imprinting application to, CD burning monitoring and auditing system can transfer immediate news to examining the leader accordingly according to the imprinting approval process that configures; Examine the leader and can check the imprinting application, and can download engraving data file content is examined, carry out imprinting and examine; The applicant can in time obtain to examine through or the message of refusal; Daily record is examined in the system log (SYSLOG) imprinting, comprises applicant, application time, title, level of confidentiality, umber, examines leader, approval status etc.;
In step 3), 4) in, when imprinting examine through after, the user can be to the imprinting control terminal; Card-reading zone at the imprinting control terminal is swiped the card; The card reading module of imprinting control terminal can be discerned the contact type intelligent card of main flow on the market, for example HID, EM, Mifare etc., built-in chip in the smart card; Store unique card number in every card, can be used as the unique identification of user identity; When card reading module recognizes card number, CPU1 passes to server with the card number that obtains and carries out authenticating user identification; The user also can through on the liquid crystal touch screen of imprinting control terminal, input number of the account, password carries out authentication; After authentication is passed through, will show that on the liquid crystal display of imprinting control terminal this user submits and examine the imprinting operation of passing through to; The user can select certain bar imprinting operation and confirm, the imprinting control terminal starts CD printing recording device with announcement server and carries out automatic card printing and CD burning;
In step 5); When CD need reclaim, retrieval management person logined CD and reclaims client on PC, perhaps imported bar code number with the bar code on the barcode scanner scanning CD; Imprinting daily record before can inquiring, the keeper can reclaim CD through revising CD recovery state.System reclaims daily record with recording disk, comprises reclaiming people, recovery time, title, bar code number etc.