CN103927631A - Safety integrated management platform based on electric system quality system, risk assessment and safety testing and evaluation - Google Patents
Safety integrated management platform based on electric system quality system, risk assessment and safety testing and evaluation Download PDFInfo
- Publication number
- CN103927631A CN103927631A CN201410180450.3A CN201410180450A CN103927631A CN 103927631 A CN103927631 A CN 103927631A CN 201410180450 A CN201410180450 A CN 201410180450A CN 103927631 A CN103927631 A CN 103927631A
- Authority
- CN
- China
- Prior art keywords
- module
- management
- security
- safety
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Abstract
The invention discloses a safety integrated management platform based on an electric system quality system, risk assessment and safety testing and evaluation. The safety integrated management platform comprises a platform portal layer, a main function layer, a safety information collecting layer, an object layer and a mobile client side; the platform portal layer comprises a unified portal management module, a statistic analysis module, an authority management module, a user management module and a system setting module; the main function layer comprises a lab CNAS process management module, a project management module, a safety object management module, an index base management module, an information safety risk assessment subsystem, an information safety level testing and evaluation subsystem, a secondary safety and protection assessment subsystem and a safety rectification and management subsystem. A testing and evaluation tool library based on an electric power enterprise can be formed, and an assessment, testing and evaluation system and method and a management model of an electrical generation system can be set up.
Description
Technical field
The present invention relates to a kind of comprehensive safety management platform based on electric system quality system, risk assessment and security evaluation.
Background technology
Along with the development of national information, and country and the pay attention to day by day of industry to information security, that information security risk evaluation and security evaluation play in Process of Information is basic, standardization and strategic key effect.Country and relevant industrial department all clearly propose to set up the importance of information security measurement system.
Current, for power information communication system security, test and appraisal launch not yet completely with research work.In addition, the risk assessment based on quality management system and security evaluation System Construction do not improve yet.As can be seen here, as He Jianshe goes out security evaluation and the management platform based on electric system quality management system, also do not have a set of rationally, science, total solution.
Network and information is safely one of strategic objective of China's information industry development.In < < National Program for Medium-to Long-term Scientific and Technological Development (2006-2020) > >, clearly propose: " developing network information security technology and Related product are set up information security technology security system ".Electric power, as national important energy source industry, is the key basic industry of national economy.Therefore, need set up normalization, procedure, specialized security capabilities, power information system security is tested and assessed, security protection ability from management and technology two broad aspect raising power information systems, effectively reduce the security risk of power information and production system, by the stable and reliability service to infosystem, and be significant to the even running of national economy.
Under the policy requirements of country and industry, electric power enterprise is to information-based and the horizontal pay attention to day by day of information security services, to ensure the technical matterss such as information system for power enterprise risk assessment, security evaluation, application safety, for providing information-based, safety in production and operation control support and safety convoy.
Summary of the invention
The object of the invention is to overcome the deficiencies in the prior art, provide form a set of based on Laboratory Quality Management System and be applicable to electric power generation system and the comprehensive platform of the fragility of management information system, threat, control measure, security evaluation and management, can form the evaluation tool storehouse based on electric power enterprise, found assessment and measurement system, assessment and assessment method and the administrative model of electric power generation system.
The object of the invention is to be achieved through the following technical solutions: a kind of comprehensive safety management platform based on electric system quality system, risk assessment and security evaluation, it comprises platform door layer, main functionality layer, security information collecting layer, object layer and mobile client;
Described platform door layer comprises that united portal administration module, statistical analysis module, authority management module, user management module, system arrange module and document management module; United portal administration module is mainly user the systemic-functions such as interface management, Report Server Management, log management is provided; Statistical analysis module is mainly realized the tabulate statistics of security evaluation, risk assessment, defect control and is comprehensively analyzed; Authority management module is mainly divided user's authority, for the different authority of the user assignment of different brackets; The essential information of the main leading subscriber of user management module and user's role assignments; System arranges the management of module main users to some basic setups of system; Document management module is mainly realized classification setting, the version management of file, the allocate and recycle of storage space, the management to the various operations of file, and realize sharing and audit management of fileinfo.
Described main functionality layer comprises laboratory CNAS workflow management module, project management module, Security Object administration module, index database management module, information security risk evaluation subsystem, information security grade test and appraisal subsystem, secondary security protection evaluation subsystem and safety rectification ADMINISTRATION SUBSYSTEM; Safety rectification ADMINISTRATION SUBSYSTEM is the software and hardware defect of infosystem to be carried out to the integrated management of whole life cycles, comprises tracing and monitoring and the statistical study of defect; Information security risk evaluation subsystem, according to estimation flow, is implemented into venture analysis, rectification tracking, regression test from asset identification, assessment preparation, assessment, for risk assessment work provides Whole Course Management.Information security grade test and appraisal subsystem is for the test and appraisal to electric power generation system equipment, electric power generation system and management information system different safety class; Secondary security protection evaluation subsystem is for the security protection assessment to second power equipment, the different level of securitys of power scheduling electrical secondary system, and Security Object administration module comprises the management of single test and appraisal object and the management to operation system tree;
Described index storehouse has level attribute, support freely to arrange, and comprise that country is original, industry strengthens, industry is original, electric power enterprise strengthens, electric power enterprise is original, electric power enterprise security evaluation laboratory strengthens, original seven options in electric power enterprise security evaluation laboratory;
Described security information collecting layer comprises security configuration acquisition component, security code audit component, security log analytic unit and security breaches acquisition component;
Described object layer comprises tested unit and operation system essential information, network and safety equipment, main frame, database, data stream and backup policy, application system, middleware, environment, personnel, management system and safety practice etc.;
Described mobile client also comprises flow process control, Security and Integrality of Data checking, interview recording module, take pictures evidence obtaining module and offline synchronization module, interview recording module is for recording to user's interview, and the photo that the evidence obtaining module of taking pictures can take user carries out storage backup.
Described platform door layer also comprises document management module, post administration module, Report Server Management module and message management module, the file that document management module is stored for leading subscriber, post administration module is used for managing distributing user post role and operating right, form reporting modules be mainly used in testing and assessing automatic generation and the management of the report of operation form, message management module is for the message of leading subscriber transmitting-receiving.
Described main functionality layer also comprises notice bulletin module, knowledge base management module, networks to pacify and comment ADMINISTRATION SUBSYSTEM, information security compliance ADMINISTRATION SUBSYSTEM and Information Security Incident Response ADMINISTRATION SUBSYSTEM, and notice bulletin module is for sending notice and announcing to user.
Described mobile client also comprises interview recording module, take pictures evidence obtaining module and offline synchronization module, and interview recording module is for recording to user's interview, and the photo that the evidence obtaining module of taking pictures can take user carries out storage backup.
Described safety rectification ADMINISTRATION SUBSYSTEM can be carried out Life cycle to the software and hardware defect of infosystem and be carried out integrated management and support to submit to defect processing request, and concrete function comprises tracing and monitoring and the statistical study of defect.
Described defect is from the problem of testing oneself, assess, check oneself middle discovery.
Described defect initiatively creates from user.
Described defect comprises software defect, hardware deficiency and managing defect.
The invention has the beneficial effects as follows:
(1) form the evaluation tool storehouse based on electric power enterprise, founded assessment and measurement system, assessment and assessment method and the administrative model of electric power generation system.
(2) formed a set of based on Laboratory Quality Management System and be applicable to electric power generation system and the comprehensive platform of the fragility of management information system, threat, control measure, security evaluation and management.
(3) database service interface mainly adopts database persistence framework, has improved the development efficiency of database access layer, and by the buffer scheduling to various resources and data in data access, has realized better performance.
(4) platform has adopted the advanced J2EE technology based on java, has constructed technology platform stable, open, safety.
(5) platform provides a plurality of Users, visual from statistical study information visualization, work service platform, examine the many aspects such as workflow is visual and met user and represent a layer demand.
(6) realized and comprised the functions such as flow process control, portable system evaluation, live recording, the evidence obtaining of taking pictures, off-line data is synchronous, for user provides maximum facility.
Accompanying drawing explanation
Fig. 1 is structural representation of the present invention;
Fig. 2 is index library structure schematic diagram of the present invention;
Fig. 3 is statistical analysis module schematic diagram of the present invention;
Fig. 4 is risk assessment statistical flowsheet figure of the present invention;
Fig. 5 is defect information process flow diagram of the present invention;
Fig. 6 is secondary security protection evaluation subsystem structural representation of the present invention.
Embodiment
Below in conjunction with accompanying drawing, technical scheme of the present invention is described in further detail:
As shown in Figure 1, a kind of comprehensive safety management platform based on electric system quality system, risk assessment and security evaluation, it comprises platform door layer, main functionality layer, security information collecting layer, object layer and mobile client;
Described platform door layer comprises that united portal administration module, statistical analysis module, authority management module, user management module, system arrange module and document management module; United portal administration module is mainly user the systemic-functions such as interface management, Report Server Management, log management is provided; Statistical analysis module is mainly realized the tabulate statistics of security evaluation, risk assessment, defect control and is comprehensively analyzed; Authority management module is mainly divided user's authority, for the different authority of the user assignment of different brackets; The essential information of the main leading subscriber of user management module; System arranges the management of module main users to some basic setups of system;
Described main functionality layer comprises laboratory CNAS workflow management module, project management module, Security Object administration module, index database management module, information security risk evaluation subsystem, information security grade test and appraisal subsystem, secondary security protection evaluation subsystem and safety rectification ADMINISTRATION SUBSYSTEM; Safety rectification ADMINISTRATION SUBSYSTEM is the software and hardware defect of infosystem to be carried out to the integrated management of whole life cycles, comprises tracing and monitoring and the statistical study of defect; Information security risk evaluation subsystem, according to estimation flow, is implemented into venture analysis, rectification tracking, regression test from asset identification, assessment preparation, assessment, for risk assessment work provides Whole Course Management.Information security grade test and appraisal subsystem is for the test and appraisal to electric power generation system equipment, electric power generation system and management information system different safety class; Secondary security protection evaluation subsystem is for the security protection assessment to second power equipment, the different level of securitys of power scheduling electrical secondary system, and Security Object administration module comprises the management of single test and appraisal object and the management to operation system tree;
Described index storehouse has level attribute, support freely to arrange, and comprise that country is original, industry strengthens, industry is original, electric power enterprise strengthens, electric power enterprise is original, electric power enterprise security evaluation laboratory strengthens, original seven options in electric power enterprise security evaluation laboratory;
Described security information collecting layer comprises security configuration acquisition component, security code audit component, security log analytic unit and security breaches acquisition component;
Described object layer comprises tested unit and operation system essential information, network and safety equipment, main frame, database, data stream and backup policy, application system, middleware, environment, personnel, management system and safety practice etc.;
Described mobile client comprises process control module, mobile operating test and appraisal module, information administration module and inherently safe administration module; Information administration module is for collecting the demand information with leading subscriber.
Described platform door layer also comprises document management module, post administration module, Report Server Management module and message management module, the file that document management module is stored for leading subscriber, post administration module is used for managing distributing user post role and operating right, form reporting modules be mainly used in testing and assessing automatic generation and the management of the report of operation form, message management module is for the message of leading subscriber transmitting-receiving.
Described main functionality layer also comprises notice bulletin module, knowledge base management module, networks to pacify and comment ADMINISTRATION SUBSYSTEM, information security compliance ADMINISTRATION SUBSYSTEM and Information Security Incident Response ADMINISTRATION SUBSYSTEM, and notice bulletin module is for sending notice and announcing to user.
Described mobile client also comprises Security and Integrality of Data authentication module, interview recording module, take pictures evidence obtaining module and offline synchronization module, interview recording module is for recording to user's interview, and the photo that the evidence obtaining module of taking pictures can take user carries out storage backup.
Described safety rectification ADMINISTRATION SUBSYSTEM can be carried out Life cycle to the software and hardware defect of infosystem and be carried out integrated management and support to submit to defect processing request, and concrete function comprises tracing and monitoring and the statistical study of defect.
Described defect is from the problem of testing oneself, assess, check oneself middle discovery.
Described defect initiatively creates from user.
Described defect comprises software defect, hardware deficiency and managing defect.
Described comprehensive safety management platform detailed functions is as follows:
One, test and appraisal object properties management function
Comprehensive safety management platform test and appraisal object comprises following general-purpose attribute:
1) test and appraisal object oriented: equipment or the system title in system.
2) test and appraisal object number: the numbering of equipment or system, if enterprise has formulated unified numbering standard, with reference to this standard, otherwise suggestion is with test and appraisal object oriented;
3) modular system: modular system is the operating system operating on test and appraisal object, such as windows2000 server, IBM AIX etc.;
4) test and appraisal object type: test and appraisal object type comprises safety equipment, the network equipment, server, terminal etc.;
5) IP address: the IP address of equipment;
6) risk degree of improvement relatively: illustrate that test and appraisal object risk continues the degree of improving, initial value is 0, and subsequent calculations is the number percent that risk is improved;
7) response people: the related personnel that test and appraisal object is safeguarded;
8) person liable: the personnel that are in charge of test and appraisal object;
9) operation system under: test and appraisal object place operation system, the implication of operation system is shown in 5.1.2;
10) geographic position: the physical geographical position at test and appraisal object place, such as Beijing, Nanjing, Shanghai etc.
11) automatically confirm threshold values: test and appraisal object risk is confirmed threshold values automatically, the security incident system below threshold values can confirm automatically, and the security incident necessity more than threshold values will manually be carried out craft and be confirmed processing;
12) test and appraisal object is worth: the figures in the expression of value of the linen, as an equivalent, and consequently, as a thing that is value present worth of test and appraisal object in Risk Calculation;
13) assets three property: integrality, confidentiality, availability.
Two, operation system management function
The system with certain class function of using or relying on when commencing business, realize by infotech.From safety management angle, the test and appraisal object set of operation system for dividing by service logic.
Three, test and appraisal Object Management group function
Test and appraisal Object Management group module comprises that, to the management of single test and appraisal object and the management to operation system tree, test and appraisal Object Management group comprises but do not limit following functions:
1) newly-increased test and appraisal object: increase a test and appraisal object, the people who only has operation system authority could increase a test and appraisal object newly under certain operation system;
2) delete test and appraisal object: logic is deleted a test and appraisal object, the people who only has operation system authority could increase a test and appraisal object newly under certain operation system;
3) revise test and appraisal object: test and appraisal object information is modified, and the people who only has operation system authority could increase a test and appraisal object newly under certain operation system;
4) inactive test and appraisal object: this test and appraisal object is put under the test and appraisal object being deactivated, is deactivated test and appraisal object and can recovers or transfer to another one operation system;
5) enable test and appraisal object: this test and appraisal object of stopping using returns to normal condition;
6) operation system tree management: the self-defining service system tree structure of the unlimited degree of depth of system support, by this function, can carry out additions and deletions to operation system and change maintenance, delete certain operation system node and must guarantee under this operation system as empty;
7) check test and appraisal object risk: safe operation management system be the object of testing and assessing be basic security management center, therefore by the interface between test and appraisal Object Management group module and risk management module, in the guide look of test and appraisal Obj State, not only the information of this test and appraisal object can be seen, leak situation, the situation equivalent risk information of this test and appraisal object can also be seen;
8) test and appraisal object imports: import in batches test and appraisal object data, should support EXCEL to import;
9) test and appraisal object is derived: derive in batches the test and appraisal object information of specified services system, should support EXCEL to derive;
10) test and appraisal Object Query: allow to inquire about according to each field of test and appraisal object by mode flexibly, allow assigned ip address field to inquire about;
11) test and appraisal object discovery: allow the IP device to assigned ip address field discovery activity, and scan its system;
12) preparation test and appraisal Object Management group: there is no the IP device of registration in the result that test and appraisal object discovery obtains as preparation test and appraisal object, preparation test and appraisal object can increase newly as new test and appraisal object, also can merge to existing test and appraisal object;
13) test and appraisal object mandate: can be assigned to different user administration authority for concrete test and appraisal object;
14) test and appraisal object, after input system, must could manage as formal test and appraisal object through safety officer's confirmation.
As shown in Figure 2, this platform has formed a set of electric power generation system equipment that is applicable to, the fragility of electric power generation system and management information system, threaten, control measure index, security evaluation index system, final is security evaluation, risk evaluation module service, support the updating maintenance in index storehouse simultaneously, index storehouse has level attribute, support freely to arrange, initial stage at least comprises that country is original, industry strengthens, industry is original, electric power enterprise strengthens, electric power enterprise is original, electric power enterprise security evaluation laboratory strengthens, seven options of the original grade in electric power enterprise security evaluation laboratory.
Security evaluation index storehouse, the assessment indicator system of electric power generation system equipment, electric power generation system and management information system different safety class is provided, and index is divided into 3 levels: physical security, network security, Host Security, application safety, data security and backup recovery, safety management machine, safety management system, personal security management, system Construction management and system operation management are the first level; Reference mark as physical location selection, physical access control, theft protection and tamper-proof etc. be the second level; Require as " a) machine room and office space should be chosen in the building with the ability such as shockproof, windproof and rainproof " is tri-layer.The assessment indicator of three levels of test and appraisal is all inherited the level attribute in index storehouse, can freely arrange.
Risk assessment index storehouse, from aspects such as network, system, business, data, communication, business continuance and safety management organizations, provide the inside and outside that infosystem faces to threaten item and its common assets fragility leak item, and the inspection method of fragile and the control measure means of recommendation, comprise assets index, threaten index, fragility index and information security Situation Assessment index.The index of information security risk evaluation is all inherited the level attribute in index storehouse, and is kept in the Table different from security evaluation Criterion Attribute, can freely arrange.
As shown in Figure 3, described statistical analysis module is mainly realized the movable tabulate statistics such as security evaluation, risk assessment, defect control and is comprehensively analyzed.
As shown in Figure 4, described statistical analysis module is mainly realized the movable tabulate statistics such as security evaluation, risk assessment, defect control and is comprehensively analyzed.
Risk distribution: the value-at-risk of different tissues.
Risk trend is analyzed: by the result of repeatedly risk assessment, can analyze the Information Security Risk development trend of tissue, and high risk situation of change, control measure are to the improvement situation of risk etc.
Risk rank: operation system excessive risk rank.
As shown in Figure 5, described defect information mainly carries out query statistic according to defect rank, defect state;
As shown in Figure 6; described secondary security protection is mainly according to the requirement of national hierarchical protection relevant criterion; in conjunction with electric power secondary system, have the advantages that real time execution is controlled; the special requirement of shelter with " security partitioning, network-specific, lateral isolation, longitudinally authentication "; in conjunction with industry requirement, the security protection assessment to second power equipment, the different level of securitys of power scheduling electrical secondary system.
The above is only the preferred embodiment of the present invention, be to be understood that the present invention is not limited to disclosed form herein, should not regard the eliminating to other embodiment as, and can be used for various other combinations, modification and environment, and can, in contemplated scope described herein, by technology or the knowledge of above-mentioned instruction or association area, change.And the change that those skilled in the art carry out and variation do not depart from the spirit and scope of the present invention, all should be in the protection domain of claims of the present invention.
Claims (9)
1. the comprehensive safety management platform based on electric system quality system, risk assessment and security evaluation, is characterized in that: it comprises platform door layer, main functionality layer, security information collecting layer, object layer and mobile client;
Described platform door layer comprises that united portal administration module, statistical analysis module, authority management module, user management module, system arrange module and document management module; United portal administration module is mainly user the systemic-functions such as interface management, Report Server Management, log management is provided; Statistical analysis module is mainly realized the tabulate statistics of security evaluation, risk assessment, defect control and is comprehensively analyzed; Authority management module is mainly divided user's authority, for the different authority of the user assignment of different brackets; The essential information of the main leading subscriber of user management module and user's role assignments; System arranges the management of module main users to some basic setups of system; Document management module is mainly realized classification setting, the version management of file, the allocate and recycle of storage space, the management to the various operations of file, and realize sharing and audit management of fileinfo;
Described main functionality layer comprises laboratory CNAS workflow management module, project management module, Security Object administration module, index database management module, information security risk evaluation subsystem, information security grade test and appraisal subsystem, secondary security protection evaluation subsystem and safety rectification ADMINISTRATION SUBSYSTEM; Safety rectification ADMINISTRATION SUBSYSTEM is the software and hardware defect of infosystem to be carried out to the integrated management of whole life cycles, comprises tracing and monitoring and the statistical study of defect; Information security risk evaluation subsystem, according to estimation flow, is implemented into venture analysis, rectification tracking, regression test from asset identification, assessment preparation, assessment, for risk assessment work provides Whole Course Management.
2. information security grade test and appraisal subsystem is for the test and appraisal to electric power generation system equipment, electric power generation system and management information system different safety class; Secondary security protection evaluation subsystem is for the security protection assessment to second power equipment, the different level of securitys of power scheduling electrical secondary system, and Security Object administration module comprises the management of single test and appraisal object and the management to operation system tree;
Described index storehouse has level attribute, support freely to arrange, and comprise that country is original, industry strengthens, industry is original, electric power enterprise strengthens, electric power enterprise is original, electric power enterprise security evaluation laboratory strengthens, original seven options in electric power enterprise security evaluation laboratory;
Described security information collecting layer comprises security configuration acquisition component, security code audit component, security log analytic unit and security breaches acquisition component;
Described object layer comprises tested unit, operation system essential information, network and safety equipment, main frame, database, data stream and backup policy, application system, middleware, environment, personnel, management system and safety practice etc.;
Described mobile client comprises process control module, mobile operating test and appraisal module, information administration module and inherently safe administration module; Information administration module is for collecting the demand information with leading subscriber.
3. according to claim 1 a kind of based on electric system quality system, the comprehensive safety management platform of risk assessment and security evaluation, it is characterized in that: described platform door layer also comprises document management module, post administration module, Report Server Management module and message management module, the file that document management module is stored for leading subscriber, post administration module is used for managing distributing user post role and operating right, form reporting modules be mainly used in testing and assessing automatic generation and the management of the report of operation form, message management module is for the message of leading subscriber transmitting-receiving.
4. a kind of comprehensive safety management platform based on electric system quality system, risk assessment and security evaluation according to claim 1, it is characterized in that: described main functionality layer also comprises notice bulletin module, knowledge base management module, networks to pacify and comment ADMINISTRATION SUBSYSTEM, information security compliance ADMINISTRATION SUBSYSTEM and Information Security Incident Response ADMINISTRATION SUBSYSTEM, and notice bulletin module is for sending notice and announcing to user.
5. a kind of comprehensive safety management platform based on electric system quality system, risk assessment and security evaluation according to claim 1, it is characterized in that: described mobile client also comprises Security and Integrality of Data authentication module, interview recording module, take pictures evidence obtaining module and offline synchronization module, interview recording module is for recording to user's interview, and the photo that the evidence obtaining module of taking pictures can take user carries out storage backup.
6. a kind of comprehensive safety management platform based on electric system quality system, risk assessment and security evaluation according to claim 1, it is characterized in that: described safety rectification ADMINISTRATION SUBSYSTEM can be carried out Life cycle to the software and hardware defect of infosystem and be carried out integrated management and support to submit to defect processing request, and concrete function comprises tracing and monitoring and the statistical study of defect.
7. a kind of comprehensive safety management platform based on electric system quality system, risk assessment and security evaluation according to claim 5, is characterized in that: described defect is from the problem of testing oneself, assess, check oneself middle discovery.
8. a kind of comprehensive safety management platform based on electric system quality system, risk assessment and security evaluation according to claim 5, is characterized in that: described defect initiatively creates from user.
9. a kind of comprehensive safety management platform based on electric system quality system, risk assessment and security evaluation according to claim 5, is characterized in that: described defect comprises software defect, hardware deficiency and managing defect.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410180450.3A CN103927631A (en) | 2014-04-30 | 2014-04-30 | Safety integrated management platform based on electric system quality system, risk assessment and safety testing and evaluation |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410180450.3A CN103927631A (en) | 2014-04-30 | 2014-04-30 | Safety integrated management platform based on electric system quality system, risk assessment and safety testing and evaluation |
Publications (1)
Publication Number | Publication Date |
---|---|
CN103927631A true CN103927631A (en) | 2014-07-16 |
Family
ID=51145846
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201410180450.3A Pending CN103927631A (en) | 2014-04-30 | 2014-04-30 | Safety integrated management platform based on electric system quality system, risk assessment and safety testing and evaluation |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN103927631A (en) |
Cited By (19)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104270446A (en) * | 2014-09-30 | 2015-01-07 | 杭州节点科技有限公司 | Enterprise management system integration method based on user selection |
CN105844169A (en) * | 2015-01-15 | 2016-08-10 | 中国移动通信集团安徽有限公司 | Method and device for information safety metrics |
CN105956232A (en) * | 2016-04-20 | 2016-09-21 | 国网电力科学研究院武汉南瑞有限责任公司 | Transformer station three-dimensional real scene simulation system and implementation method |
CN106096860A (en) * | 2016-06-23 | 2016-11-09 | 国网山东省电力公司经济技术研究院 | A kind of intelligent risk management and control platform |
CN106685077A (en) * | 2016-11-28 | 2017-05-17 | 国家电网公司 | Power grid dispatching emergency disposal integrated platform |
CN106920022A (en) * | 2015-12-28 | 2017-07-04 | 上海烟草集团有限责任公司 | The Security Vulnerability appraisal procedure of cigarette industry control system, system and equipment |
CN107065675A (en) * | 2017-05-05 | 2017-08-18 | 温州法派服饰有限公司 | A kind of intelligent ready-made clothes data conversion system |
CN107122884A (en) * | 2017-03-24 | 2017-09-01 | 中国电力科学研究院 | The appraisal procedure and device of a kind of electrical power distribution automatization system protecting information safety |
CN107248985A (en) * | 2017-06-07 | 2017-10-13 | 广东南方信息安全研究院 | A kind of network security test and appraisal and project quality assessment system |
CN107612927A (en) * | 2017-10-13 | 2018-01-19 | 中国电力科学研究院 | The safety detection method of electric power scheduling automatization system |
CN108055280A (en) * | 2017-12-26 | 2018-05-18 | 国网河南省电力公司信息通信公司 | A kind of electric power data network safety detecting method |
CN109191084A (en) * | 2018-09-29 | 2019-01-11 | 大连锐进科技发展有限公司 | A kind of electric power emergency management platform |
CN109344848A (en) * | 2018-07-13 | 2019-02-15 | 电子科技大学 | Mobile intelligent terminal security level classification method based on Adaboost |
CN109493961A (en) * | 2019-01-16 | 2019-03-19 | 瀚铖盈佳(北京)科技发展有限公司 | Management system is checked oneself in operation in accordance with the law for medical institutions |
CN110839000A (en) * | 2018-08-15 | 2020-02-25 | 中国信息通信研究院 | Method and device for determining security level of network information system |
CN111240382A (en) * | 2020-01-14 | 2020-06-05 | 天津汇智众享智能科技有限公司 | Intelligent laboratory management method, device and system |
CN111815132A (en) * | 2020-06-28 | 2020-10-23 | 云南电网有限责任公司电力科学研究院 | Network security management information publishing method and system for power monitoring system |
CN113343266A (en) * | 2021-06-28 | 2021-09-03 | 海尔数字科技(青岛)有限公司 | Information system safety operation management platform and method |
CN117195183A (en) * | 2023-09-28 | 2023-12-08 | 四川赛闯检测股份有限公司 | Data security compliance risk assessment system |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101119236A (en) * | 2006-07-31 | 2008-02-06 | 中国航天科技集团公司第五研究院第五一○研究所 | Network safety integrated estimation system |
CN103378999A (en) * | 2012-04-30 | 2013-10-30 | 刘宝旭 | Service analysis module of cloud computing environment safety quantitative evaluating system |
-
2014
- 2014-04-30 CN CN201410180450.3A patent/CN103927631A/en active Pending
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101119236A (en) * | 2006-07-31 | 2008-02-06 | 中国航天科技集团公司第五研究院第五一○研究所 | Network safety integrated estimation system |
CN103378999A (en) * | 2012-04-30 | 2013-10-30 | 刘宝旭 | Service analysis module of cloud computing environment safety quantitative evaluating system |
Non-Patent Citations (4)
Title |
---|
中华人民共和国国家质量监督检验检疫总局 等: "《信息系统安全等级保护基本要求》", 19 June 2008 * |
燕福龙 主编: "《大型企业ERP项目实施与应用分析》", 31 January 2013, 清华大学出版社 * |
苏峰 等: "风电在线风险评估系统的开发及应用", 《电力系统保护与控制》 * |
袁宁波 等编著: "《智能变电站集成测试技术与应用》", 31 December 2013, 中国电力出版社 * |
Cited By (26)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104270446A (en) * | 2014-09-30 | 2015-01-07 | 杭州节点科技有限公司 | Enterprise management system integration method based on user selection |
CN105844169A (en) * | 2015-01-15 | 2016-08-10 | 中国移动通信集团安徽有限公司 | Method and device for information safety metrics |
CN106920022A (en) * | 2015-12-28 | 2017-07-04 | 上海烟草集团有限责任公司 | The Security Vulnerability appraisal procedure of cigarette industry control system, system and equipment |
CN106920022B (en) * | 2015-12-28 | 2021-01-29 | 上海烟草集团有限责任公司 | Safety vulnerability assessment method, system and equipment for cigarette industrial control system |
CN105956232A (en) * | 2016-04-20 | 2016-09-21 | 国网电力科学研究院武汉南瑞有限责任公司 | Transformer station three-dimensional real scene simulation system and implementation method |
CN105956232B (en) * | 2016-04-20 | 2019-05-24 | 国网电力科学研究院武汉南瑞有限责任公司 | A kind of substation's three-dimensional live analogue system and implementation method |
CN106096860A (en) * | 2016-06-23 | 2016-11-09 | 国网山东省电力公司经济技术研究院 | A kind of intelligent risk management and control platform |
CN106685077A (en) * | 2016-11-28 | 2017-05-17 | 国家电网公司 | Power grid dispatching emergency disposal integrated platform |
CN107122884B (en) * | 2017-03-24 | 2022-09-02 | 中国电力科学研究院 | Evaluation method and device for information safety protection of power distribution automation system |
CN107122884A (en) * | 2017-03-24 | 2017-09-01 | 中国电力科学研究院 | The appraisal procedure and device of a kind of electrical power distribution automatization system protecting information safety |
CN107065675A (en) * | 2017-05-05 | 2017-08-18 | 温州法派服饰有限公司 | A kind of intelligent ready-made clothes data conversion system |
CN107248985A (en) * | 2017-06-07 | 2017-10-13 | 广东南方信息安全研究院 | A kind of network security test and appraisal and project quality assessment system |
CN107612927A (en) * | 2017-10-13 | 2018-01-19 | 中国电力科学研究院 | The safety detection method of electric power scheduling automatization system |
CN107612927B (en) * | 2017-10-13 | 2020-10-13 | 中国电力科学研究院 | Safety detection method for power dispatching automation system |
CN108055280A (en) * | 2017-12-26 | 2018-05-18 | 国网河南省电力公司信息通信公司 | A kind of electric power data network safety detecting method |
CN109344848A (en) * | 2018-07-13 | 2019-02-15 | 电子科技大学 | Mobile intelligent terminal security level classification method based on Adaboost |
CN110839000A (en) * | 2018-08-15 | 2020-02-25 | 中国信息通信研究院 | Method and device for determining security level of network information system |
CN110839000B (en) * | 2018-08-15 | 2022-02-08 | 中国信息通信研究院 | Method and device for determining security level of network information system |
CN109191084A (en) * | 2018-09-29 | 2019-01-11 | 大连锐进科技发展有限公司 | A kind of electric power emergency management platform |
CN109493961A (en) * | 2019-01-16 | 2019-03-19 | 瀚铖盈佳(北京)科技发展有限公司 | Management system is checked oneself in operation in accordance with the law for medical institutions |
CN111240382A (en) * | 2020-01-14 | 2020-06-05 | 天津汇智众享智能科技有限公司 | Intelligent laboratory management method, device and system |
CN111815132A (en) * | 2020-06-28 | 2020-10-23 | 云南电网有限责任公司电力科学研究院 | Network security management information publishing method and system for power monitoring system |
CN111815132B (en) * | 2020-06-28 | 2023-01-20 | 云南电网有限责任公司电力科学研究院 | Network security management information publishing method and system for power monitoring system |
CN113343266A (en) * | 2021-06-28 | 2021-09-03 | 海尔数字科技(青岛)有限公司 | Information system safety operation management platform and method |
CN117195183A (en) * | 2023-09-28 | 2023-12-08 | 四川赛闯检测股份有限公司 | Data security compliance risk assessment system |
CN117195183B (en) * | 2023-09-28 | 2024-04-16 | 四川赛闯检测股份有限公司 | Data security compliance risk assessment system |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103927631A (en) | Safety integrated management platform based on electric system quality system, risk assessment and safety testing and evaluation | |
US10116165B2 (en) | Powergrid operation and supervision system | |
CN102035855B (en) | Network security incident association analysis system | |
CN104486346A (en) | Stepping stone system | |
CN103942635B (en) | A kind of coal mine gas safe and intelligent cruising inspection system | |
CN108960456A (en) | Private clound secure, integral operation platform | |
CN103473626A (en) | Security protection method based on integrated dispatching data network operation and maintenance system | |
CN105631522A (en) | IT system operation and maintenance management system | |
CN103274272A (en) | Elevator integrated management system and elevator integrated management method | |
CN102567862A (en) | Gridding social management information service platform | |
CN104978692A (en) | Handheld terminal collecting system | |
CN103679319A (en) | Grid social management service system | |
CN103295164A (en) | Power grid safety monitoring management information system and management method | |
CN107601187A (en) | A kind of lift management system and method | |
CN109801416A (en) | A kind of total dimension computer lab management method of building together based on big data analysis | |
CN103498701A (en) | Intelligent safety tour inspection method | |
CN113064399A (en) | Industrial monitoring software prediction maintenance system based on big data distributed programming framework | |
CN105718602B (en) | Standard cloud system for safe production of rural hydropower station | |
CN102073930A (en) | Virtual machine-based security risk evaluation method for power dispatching automation system | |
CN110880096A (en) | Multi-party cooperative office system for constructional engineering | |
CN105512865A (en) | Workflow mangement system based on substation professional | |
CN114936224A (en) | Rail inspection data service system based on Hadoop | |
CN108616383A (en) | A kind of network and the security process of information manage system | |
CN115239144A (en) | Dual prevention mechanism information system based on regional risk management | |
CN113220702A (en) | Ground building right and person collaborative updating system and management platform thereof |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20140716 |
|
RJ01 | Rejection of invention patent application after publication |