CN104506519A - Web site access security audit method for MIPS (Million Instructions Per Second) platform - Google Patents
Web site access security audit method for MIPS (Million Instructions Per Second) platform Download PDFInfo
- Publication number
- CN104506519A CN104506519A CN201410798505.7A CN201410798505A CN104506519A CN 104506519 A CN104506519 A CN 104506519A CN 201410798505 A CN201410798505 A CN 201410798505A CN 104506519 A CN104506519 A CN 104506519A
- Authority
- CN
- China
- Prior art keywords
- audit
- access
- browser
- secure browser
- web site
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/105—Multiple levels of security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
- H04L67/025—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP] for remote control or remote monitoring of applications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
Abstract
The invention discloses a web site access security audit method for an MIPS (Million Instructions Per Second) platform. Every time when URL (Uniform Resource Locator) access is carried out, a URL access address, a user name, access time, IP (Internet Protocol) address information of an accessor and the like are automatically submitted to an audit server on a background by a browser; meanwhile, an audit viewing system is provided, so that an audit administrator can find safety risks by timely analyzing audit information. The web site access security audit method for the MIPS platform has the advantages that a security audit on access record of a user to a Web site in the MIPS platform is implemented; individual behaviors can be monitored; individuals who carry out illegal operations are timely found. By analyzing audit data, various abnormal operations, such as hacker attack, in a network can be timely found.
Description
Technical field
The present invention relates to a kind of network security auditing method, specifically a kind of MIPS platform Web site access security auditing method, belongs to network security auditing method field.
Background technology
In recent years, along with the develop rapidly of open system Internet, network security and information security issue become increasingly conspicuous, and all kinds of hacker attack event emerges in an endless stream especially.In this case, need to carry out effectively following the tracks of and adjustment in time to the control situation of system.
For the devastating event occurred, if system does not possess security audit function, system manager can not effectively capture events reference frame and make reasonable assessment according to reference frame; Effective counter-measure cannot be taked to the change in Systematical control, security strategy and code, thus the decision-making revision of influential system keeper and task deployment, also increase the controlled difficulty of network security fault simultaneously.Therefore, in order to reduce the risk that network intrusions brings, can by carrying out the fail safe of analytical system to the audit of information system, as an important supplement of protecting system safety.
Summary of the invention
The object of the invention is to, provide a kind of MIPS platform Web site access security auditing method, for the defect of MIPS platform Web site access security audit function disappearance, by browser when carrying out URL access at every turn, automatically URL reference address is submitted on backstage, user's name, access time, the IP address information of visitor waits until audit server, provide a set of audit simultaneously and check that system can by the immediate analysis to audit information for audit administrator, find security risk, achieve and to the Visitor Logs of Web site, security audit is carried out to user in MIPS platform.
Technical scheme of the present invention is:
MIPS platform Web site access security auditing method, described MIPS platform comprises secure browser client and secure browser server end, described client is provided with the secure browser possessing system access audit function, described secure browser server end is provided with secure browser audit server, and described method for auditing safely specifically comprises following operating procedure:
(1) terminal use such as A inputs URL address access certain website in secure browser terminal open any browser;
(2) terminal use's such as information such as the IP of the URL reference address of A, user name, access time, use computer are sent to secure browser audit server through network, and are stored by secure browser audit server record;
(3) auditing systematic administration person opens the audit management system of full browser audit server at secure browser server end, and retrieval, inquiry terminal user are as the browser access record of A.
The invention has the advantages that: achieve and to the Visitor Logs of Web site, security audit is carried out to user in MIPS platform, can monitor the behavior of individuality, find the individuality carrying out illegal operation timely.By the analysis to Audit data, the various abnormal operations existed in network can be found timely, such as assault etc.
Below in conjunction with drawings and Examples, the invention will be further described.
Accompanying drawing explanation
Fig. 1 is the MIPS platform Web site access security audit structure chart of the embodiment of the present invention;
Fig. 2 is the MIPS platform Web site access security auditing method flow chart of the embodiment of the present invention.
Embodiment
Below the preferred embodiments of the present invention are described, should be appreciated that preferred embodiment described herein is only for instruction and explanation of the present invention, is not intended to limit the present invention.
Embodiment 1
As shown in Figure 1-2, a kind of MIPS platform Web site access security auditing method, described MIPS platform comprises secure browser client and secure browser server end, described client is provided with the secure browser possessing system access audit function, described secure browser server end is provided with secure browser audit server, and described method for auditing safely specifically comprises following operating procedure:
(1) terminal use such as A inputs URL address access certain website in secure browser terminal open any browser;
(2) terminal use's such as information such as the IP of the URL reference address of A, user name, access time, use computer are sent to secure browser audit server through network, and are stored by secure browser audit server record;
(3) auditing systematic administration person opens the audit management system of full browser audit server at secure browser server end, and retrieval, inquiry terminal user are as the browser access record of A.
Last it is noted that the foregoing is only the preferred embodiments of the present invention, be not limited to the present invention, although with reference to previous embodiment to invention has been detailed description, for a person skilled in the art, it still can be modified to the technical scheme described in foregoing embodiments, or carries out equivalent replacement to wherein portion of techniques feature.Within the spirit and principles in the present invention all, any amendment done, equivalent replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (1)
1.MIPS platform Web site access security auditing method, it is characterized in that: described MIPS platform comprises secure browser client and secure browser server end, described client is provided with the secure browser possessing system access audit function, described secure browser server end is provided with secure browser audit server, and described method for auditing safely specifically comprises following operating procedure:
(1) terminal use such as A inputs URL address access certain website in secure browser terminal open any browser;
(2) terminal use's such as information such as the IP of the URL reference address of A, user name, access time, use computer are sent to secure browser audit server through network, and are stored by secure browser audit server record;
(3) auditing systematic administration person opens the audit management system of full browser audit server at secure browser server end, and retrieval, inquiry terminal user are as the browser access record of A.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410798505.7A CN104506519A (en) | 2014-12-22 | 2014-12-22 | Web site access security audit method for MIPS (Million Instructions Per Second) platform |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410798505.7A CN104506519A (en) | 2014-12-22 | 2014-12-22 | Web site access security audit method for MIPS (Million Instructions Per Second) platform |
Publications (1)
Publication Number | Publication Date |
---|---|
CN104506519A true CN104506519A (en) | 2015-04-08 |
Family
ID=52948234
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201410798505.7A Pending CN104506519A (en) | 2014-12-22 | 2014-12-22 | Web site access security audit method for MIPS (Million Instructions Per Second) platform |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104506519A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106130996A (en) * | 2016-06-30 | 2016-11-16 | 武汉斗鱼网络科技有限公司 | A kind of website attack protection checking system and method |
CN108337322A (en) * | 2018-03-15 | 2018-07-27 | 深圳市中科新业信息科技发展有限公司 | A kind of preposition auditing method |
CN110457627A (en) * | 2019-07-04 | 2019-11-15 | 杭州安恒信息技术股份有限公司 | It is audited using web and optimizes the method for website |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1787513A (en) * | 2004-12-07 | 2006-06-14 | 上海鼎安信息技术有限公司 | System and method for safety remote access |
US20070011303A1 (en) * | 2005-07-11 | 2007-01-11 | Fujitsu Limited | Method and apparatus for tracing data in audit trail, and computer product |
CN101442449A (en) * | 2008-12-18 | 2009-05-27 | 中国移动通信集团浙江有限公司 | Method for completely auditing user behaviors under centralization access mode |
CN102801528A (en) * | 2012-08-17 | 2012-11-28 | 珠海市载舟软件技术有限公司 | Authentication system and method based on intelligent mobile communication equipment |
CN103279720A (en) * | 2013-05-30 | 2013-09-04 | 北京立思辰计算机技术有限公司 | USB printer safe printing monitoring and auditing system |
-
2014
- 2014-12-22 CN CN201410798505.7A patent/CN104506519A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1787513A (en) * | 2004-12-07 | 2006-06-14 | 上海鼎安信息技术有限公司 | System and method for safety remote access |
US20070011303A1 (en) * | 2005-07-11 | 2007-01-11 | Fujitsu Limited | Method and apparatus for tracing data in audit trail, and computer product |
CN101442449A (en) * | 2008-12-18 | 2009-05-27 | 中国移动通信集团浙江有限公司 | Method for completely auditing user behaviors under centralization access mode |
CN102801528A (en) * | 2012-08-17 | 2012-11-28 | 珠海市载舟软件技术有限公司 | Authentication system and method based on intelligent mobile communication equipment |
CN103279720A (en) * | 2013-05-30 | 2013-09-04 | 北京立思辰计算机技术有限公司 | USB printer safe printing monitoring and auditing system |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106130996A (en) * | 2016-06-30 | 2016-11-16 | 武汉斗鱼网络科技有限公司 | A kind of website attack protection checking system and method |
CN106130996B (en) * | 2016-06-30 | 2019-07-09 | 武汉斗鱼网络科技有限公司 | A kind of website attack protection verifying system and method |
CN108337322A (en) * | 2018-03-15 | 2018-07-27 | 深圳市中科新业信息科技发展有限公司 | A kind of preposition auditing method |
CN110457627A (en) * | 2019-07-04 | 2019-11-15 | 杭州安恒信息技术股份有限公司 | It is audited using web and optimizes the method for website |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Montesino et al. | Information security automation: how far can we go? | |
CN104063473B (en) | A kind of database audit monitoring system and its method | |
Podzins et al. | Why SIEM is irreplaceable in a secure IT environment? | |
CN103632080B (en) | A kind of mobile data applications method for security protection based on USBKey | |
US20070180522A1 (en) | Security system and method including individual applications | |
Spyridopoulos et al. | Incident analysis & digital forensics in SCADA and industrial control systems | |
Manoj et al. | Cloud forensics-a framework for investigating cyber attacks in cloud environment | |
CN101719846A (en) | Security monitoring method, device and system | |
CN112560029A (en) | Website content monitoring and automatic response protection method based on intelligent analysis technology | |
Hanley et al. | Insider threat control: Using centralized logging to detect data exfiltration near insider termination | |
CN104506519A (en) | Web site access security audit method for MIPS (Million Instructions Per Second) platform | |
Lozupone | Disaster recovery plan for medical records company | |
Bodeau et al. | Cyber resiliency metrics, version 1.0, rev. 1 | |
CN106953874B (en) | Website falsification-proof method and device | |
Gupta et al. | Cyber security assessment education for E-governance systems | |
Okereafor et al. | A review of application challenges of digital forensics | |
CN104143064A (en) | Website data security system based on association analysis of database activity and web access | |
JP6933320B2 (en) | Cybersecurity framework box | |
Junaid | ISO 27001: information security management systems | |
CN114661694A (en) | Database operation and maintenance safety management and control system | |
Kizza | Security Assessment, Analysis, and Assurance | |
Mogull | Understanding and selecting a database activity monitoring solution | |
Bolsunovskaya et al. | Developing a procedure for conducting a security audit of a software package for predicting storage system failures | |
CN113032842B (en) | Webpage tamper-proof system and method based on cloud platform | |
Beretas | Industrial control systems: The biggest cyber threat |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20150408 |
|
RJ01 | Rejection of invention patent application after publication |