CN104506519A - Web site access security audit method for MIPS (Million Instructions Per Second) platform - Google Patents

Web site access security audit method for MIPS (Million Instructions Per Second) platform Download PDF

Info

Publication number
CN104506519A
CN104506519A CN201410798505.7A CN201410798505A CN104506519A CN 104506519 A CN104506519 A CN 104506519A CN 201410798505 A CN201410798505 A CN 201410798505A CN 104506519 A CN104506519 A CN 104506519A
Authority
CN
China
Prior art keywords
audit
access
browser
secure browser
web site
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201410798505.7A
Other languages
Chinese (zh)
Inventor
陈鲁
符兴斌
李锁在
郑永飞
刘向军
韩鹏
黄明
胡春玲
徐志亮
胡松
葛江华
李亮
袁泉
李贺
肖利建
马利君
陈文静
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
CHINASOFT INFORMATION SYSTEM ENGINEERING Co Ltd
Original Assignee
CHINASOFT INFORMATION SYSTEM ENGINEERING Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by CHINASOFT INFORMATION SYSTEM ENGINEERING Co Ltd filed Critical CHINASOFT INFORMATION SYSTEM ENGINEERING Co Ltd
Priority to CN201410798505.7A priority Critical patent/CN104506519A/en
Publication of CN104506519A publication Critical patent/CN104506519A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/105Multiple levels of security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • H04L67/025Protocols based on web technology, e.g. hypertext transfer protocol [HTTP] for remote control or remote monitoring of applications
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/95Retrieval from the web

Abstract

The invention discloses a web site access security audit method for an MIPS (Million Instructions Per Second) platform. Every time when URL (Uniform Resource Locator) access is carried out, a URL access address, a user name, access time, IP (Internet Protocol) address information of an accessor and the like are automatically submitted to an audit server on a background by a browser; meanwhile, an audit viewing system is provided, so that an audit administrator can find safety risks by timely analyzing audit information. The web site access security audit method for the MIPS platform has the advantages that a security audit on access record of a user to a Web site in the MIPS platform is implemented; individual behaviors can be monitored; individuals who carry out illegal operations are timely found. By analyzing audit data, various abnormal operations, such as hacker attack, in a network can be timely found.

Description

MIPS platform Web site access security auditing method
Technical field
The present invention relates to a kind of network security auditing method, specifically a kind of MIPS platform Web site access security auditing method, belongs to network security auditing method field.
Background technology
In recent years, along with the develop rapidly of open system Internet, network security and information security issue become increasingly conspicuous, and all kinds of hacker attack event emerges in an endless stream especially.In this case, need to carry out effectively following the tracks of and adjustment in time to the control situation of system.
For the devastating event occurred, if system does not possess security audit function, system manager can not effectively capture events reference frame and make reasonable assessment according to reference frame; Effective counter-measure cannot be taked to the change in Systematical control, security strategy and code, thus the decision-making revision of influential system keeper and task deployment, also increase the controlled difficulty of network security fault simultaneously.Therefore, in order to reduce the risk that network intrusions brings, can by carrying out the fail safe of analytical system to the audit of information system, as an important supplement of protecting system safety.
Summary of the invention
The object of the invention is to, provide a kind of MIPS platform Web site access security auditing method, for the defect of MIPS platform Web site access security audit function disappearance, by browser when carrying out URL access at every turn, automatically URL reference address is submitted on backstage, user's name, access time, the IP address information of visitor waits until audit server, provide a set of audit simultaneously and check that system can by the immediate analysis to audit information for audit administrator, find security risk, achieve and to the Visitor Logs of Web site, security audit is carried out to user in MIPS platform.
Technical scheme of the present invention is:
MIPS platform Web site access security auditing method, described MIPS platform comprises secure browser client and secure browser server end, described client is provided with the secure browser possessing system access audit function, described secure browser server end is provided with secure browser audit server, and described method for auditing safely specifically comprises following operating procedure:
(1) terminal use such as A inputs URL address access certain website in secure browser terminal open any browser;
(2) terminal use's such as information such as the IP of the URL reference address of A, user name, access time, use computer are sent to secure browser audit server through network, and are stored by secure browser audit server record;
(3) auditing systematic administration person opens the audit management system of full browser audit server at secure browser server end, and retrieval, inquiry terminal user are as the browser access record of A.
The invention has the advantages that: achieve and to the Visitor Logs of Web site, security audit is carried out to user in MIPS platform, can monitor the behavior of individuality, find the individuality carrying out illegal operation timely.By the analysis to Audit data, the various abnormal operations existed in network can be found timely, such as assault etc.
Below in conjunction with drawings and Examples, the invention will be further described.
Accompanying drawing explanation
Fig. 1 is the MIPS platform Web site access security audit structure chart of the embodiment of the present invention;
Fig. 2 is the MIPS platform Web site access security auditing method flow chart of the embodiment of the present invention.
Embodiment
Below the preferred embodiments of the present invention are described, should be appreciated that preferred embodiment described herein is only for instruction and explanation of the present invention, is not intended to limit the present invention.
Embodiment 1
As shown in Figure 1-2, a kind of MIPS platform Web site access security auditing method, described MIPS platform comprises secure browser client and secure browser server end, described client is provided with the secure browser possessing system access audit function, described secure browser server end is provided with secure browser audit server, and described method for auditing safely specifically comprises following operating procedure:
(1) terminal use such as A inputs URL address access certain website in secure browser terminal open any browser;
(2) terminal use's such as information such as the IP of the URL reference address of A, user name, access time, use computer are sent to secure browser audit server through network, and are stored by secure browser audit server record;
(3) auditing systematic administration person opens the audit management system of full browser audit server at secure browser server end, and retrieval, inquiry terminal user are as the browser access record of A.
Last it is noted that the foregoing is only the preferred embodiments of the present invention, be not limited to the present invention, although with reference to previous embodiment to invention has been detailed description, for a person skilled in the art, it still can be modified to the technical scheme described in foregoing embodiments, or carries out equivalent replacement to wherein portion of techniques feature.Within the spirit and principles in the present invention all, any amendment done, equivalent replacement, improvement etc., all should be included within protection scope of the present invention.

Claims (1)

1.MIPS platform Web site access security auditing method, it is characterized in that: described MIPS platform comprises secure browser client and secure browser server end, described client is provided with the secure browser possessing system access audit function, described secure browser server end is provided with secure browser audit server, and described method for auditing safely specifically comprises following operating procedure:
(1) terminal use such as A inputs URL address access certain website in secure browser terminal open any browser;
(2) terminal use's such as information such as the IP of the URL reference address of A, user name, access time, use computer are sent to secure browser audit server through network, and are stored by secure browser audit server record;
(3) auditing systematic administration person opens the audit management system of full browser audit server at secure browser server end, and retrieval, inquiry terminal user are as the browser access record of A.
CN201410798505.7A 2014-12-22 2014-12-22 Web site access security audit method for MIPS (Million Instructions Per Second) platform Pending CN104506519A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410798505.7A CN104506519A (en) 2014-12-22 2014-12-22 Web site access security audit method for MIPS (Million Instructions Per Second) platform

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410798505.7A CN104506519A (en) 2014-12-22 2014-12-22 Web site access security audit method for MIPS (Million Instructions Per Second) platform

Publications (1)

Publication Number Publication Date
CN104506519A true CN104506519A (en) 2015-04-08

Family

ID=52948234

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410798505.7A Pending CN104506519A (en) 2014-12-22 2014-12-22 Web site access security audit method for MIPS (Million Instructions Per Second) platform

Country Status (1)

Country Link
CN (1) CN104506519A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106130996A (en) * 2016-06-30 2016-11-16 武汉斗鱼网络科技有限公司 A kind of website attack protection checking system and method
CN108337322A (en) * 2018-03-15 2018-07-27 深圳市中科新业信息科技发展有限公司 A kind of preposition auditing method
CN110457627A (en) * 2019-07-04 2019-11-15 杭州安恒信息技术股份有限公司 It is audited using web and optimizes the method for website

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1787513A (en) * 2004-12-07 2006-06-14 上海鼎安信息技术有限公司 System and method for safety remote access
US20070011303A1 (en) * 2005-07-11 2007-01-11 Fujitsu Limited Method and apparatus for tracing data in audit trail, and computer product
CN101442449A (en) * 2008-12-18 2009-05-27 中国移动通信集团浙江有限公司 Method for completely auditing user behaviors under centralization access mode
CN102801528A (en) * 2012-08-17 2012-11-28 珠海市载舟软件技术有限公司 Authentication system and method based on intelligent mobile communication equipment
CN103279720A (en) * 2013-05-30 2013-09-04 北京立思辰计算机技术有限公司 USB printer safe printing monitoring and auditing system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1787513A (en) * 2004-12-07 2006-06-14 上海鼎安信息技术有限公司 System and method for safety remote access
US20070011303A1 (en) * 2005-07-11 2007-01-11 Fujitsu Limited Method and apparatus for tracing data in audit trail, and computer product
CN101442449A (en) * 2008-12-18 2009-05-27 中国移动通信集团浙江有限公司 Method for completely auditing user behaviors under centralization access mode
CN102801528A (en) * 2012-08-17 2012-11-28 珠海市载舟软件技术有限公司 Authentication system and method based on intelligent mobile communication equipment
CN103279720A (en) * 2013-05-30 2013-09-04 北京立思辰计算机技术有限公司 USB printer safe printing monitoring and auditing system

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106130996A (en) * 2016-06-30 2016-11-16 武汉斗鱼网络科技有限公司 A kind of website attack protection checking system and method
CN106130996B (en) * 2016-06-30 2019-07-09 武汉斗鱼网络科技有限公司 A kind of website attack protection verifying system and method
CN108337322A (en) * 2018-03-15 2018-07-27 深圳市中科新业信息科技发展有限公司 A kind of preposition auditing method
CN110457627A (en) * 2019-07-04 2019-11-15 杭州安恒信息技术股份有限公司 It is audited using web and optimizes the method for website

Similar Documents

Publication Publication Date Title
Montesino et al. Information security automation: how far can we go?
CN104063473B (en) A kind of database audit monitoring system and its method
Podzins et al. Why SIEM is irreplaceable in a secure IT environment?
CN103632080B (en) A kind of mobile data applications method for security protection based on USBKey
US20070180522A1 (en) Security system and method including individual applications
Spyridopoulos et al. Incident analysis & digital forensics in SCADA and industrial control systems
Manoj et al. Cloud forensics-a framework for investigating cyber attacks in cloud environment
CN101719846A (en) Security monitoring method, device and system
CN112560029A (en) Website content monitoring and automatic response protection method based on intelligent analysis technology
Hanley et al. Insider threat control: Using centralized logging to detect data exfiltration near insider termination
CN104506519A (en) Web site access security audit method for MIPS (Million Instructions Per Second) platform
Lozupone Disaster recovery plan for medical records company
Bodeau et al. Cyber resiliency metrics, version 1.0, rev. 1
CN106953874B (en) Website falsification-proof method and device
Gupta et al. Cyber security assessment education for E-governance systems
Okereafor et al. A review of application challenges of digital forensics
CN104143064A (en) Website data security system based on association analysis of database activity and web access
JP6933320B2 (en) Cybersecurity framework box
Junaid ISO 27001: information security management systems
CN114661694A (en) Database operation and maintenance safety management and control system
Kizza Security Assessment, Analysis, and Assurance
Mogull Understanding and selecting a database activity monitoring solution
Bolsunovskaya et al. Developing a procedure for conducting a security audit of a software package for predicting storage system failures
CN113032842B (en) Webpage tamper-proof system and method based on cloud platform
Beretas Industrial control systems: The biggest cyber threat

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20150408

RJ01 Rejection of invention patent application after publication