CN105550030A - Safety capability aggregation system - Google Patents
Safety capability aggregation system Download PDFInfo
- Publication number
- CN105550030A CN105550030A CN201610057996.9A CN201610057996A CN105550030A CN 105550030 A CN105550030 A CN 105550030A CN 201610057996 A CN201610057996 A CN 201610057996A CN 105550030 A CN105550030 A CN 105550030A
- Authority
- CN
- China
- Prior art keywords
- security
- assembly
- security capabilities
- capabilities
- platform
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 230000002776 aggregation Effects 0.000 title abstract 4
- 238000004220 aggregation Methods 0.000 title abstract 4
- 238000006116 polymerization reaction Methods 0.000 claims description 7
- 238000004891 communication Methods 0.000 claims description 4
- 238000010219 correlation analysis Methods 0.000 claims description 3
- 238000012423 maintenance Methods 0.000 abstract 1
- 241000700605 Viruses Species 0.000 description 4
- 230000032683 aging Effects 0.000 description 2
- 230000000712 assembly Effects 0.000 description 1
- 238000000429 assembly Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 229920005669 high impact polystyrene Polymers 0.000 description 1
- 239000004797 high-impact polystyrene Substances 0.000 description 1
- 238000000034 method Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/48—Program initiating; Program switching, e.g. by interrupt
- G06F9/4806—Task transfer initiation or dispatching
- G06F9/4843—Task transfer initiation or dispatching by program, e.g. task dispatcher, supervisor, operating system
- G06F9/4881—Scheduling strategies for dispatcher, e.g. round robin, multi-level priority queues
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a security capability aggregation system, belonging to the technical field of terminal management; the system comprises a safety capacity component pool, a safety management platform, a safety engine platform and a safety message bus, wherein the safety capacity component is issued to the safety capacity component pool through an issuing command, the safety management platform issues a use strategy to the safety engine platform through the safety message bus according to the issued safety capacity component, the safety engine platform transmits the use strategy to the corresponding safety capacity component, and the safety capacity component executes a specific function; the unified management of security components and the aggregation of security capabilities are achieved. Based on the safety capability aggregation system, the development, deployment, operation and maintenance and upgrading of the safety capability components can be rapidly realized, and the value of the whole safety solution is greatly improved.
Description
Technical field
The present invention discloses a kind of security capabilities paradigmatic system, belongs to technical field of terminal management.
Background technology
Network security relates to network perimeter security and network internal risk, convention security defence theory is often confined to gateway rank, network boundary, under the monitor closely of safeguard, security threat from network-external reduces greatly, on the contrary, the security threat from network internal terminal is often managed personnel's ignorance.And in the cloud computing epoch, increasing application, data are stored in server/data center, the terminal security of server/data center becomes more and more important, but the terminal of server/data center involves a wide range of knowledge, strongly professional, by force ageing, the security bundle provided by single manufacturer, cannot tackle various security challenge.The present invention proposes a kind of security capabilities paradigmatic system, it is security capabilities component architecture that is open, polymerization, mainly through security capabilities assembly pond, safety management platform, security engine platform, security message bus four modules, realize the unified management of security component and the polymerization of security capabilities.Based on security capabilities paradigmatic system, the exploitation of security capabilities assembly, deployment, O&M and upgrading can be realized fast, substantially increase the value of general safety solution.
Security capabilities assembly, refers to the software module, the software service that provide one or more security capabilitiess, and due to strongly professional, the ageing feature such as by force of fail-safe software, but fail-safe software provider often can not provide Full Featured fail-safe software external member.
Summary of the invention
The invention provides a kind of security capabilities paradigmatic system, the exploitation of security capabilities assembly, deployment, O&M and upgrading can be realized fast, substantially increase the value of general safety solution.
The concrete scheme that the present invention proposes is:
A kind of security capabilities paradigmatic system, arranges security capabilities assembly pond, safety management platform, security message bus, security engine platform,
Security capabilities assembly pond, for system provides the centralized management of security capabilities assembly;
Safety management platform, is responsible for the strategy that the various security capabilities assembly of centralized management uses, and manages security engine;
Security message bus, is responsible for the communication connection of safety management platform and security engine platform;
Security engine platform, operates in client OS layer, is in charge of the running status of security capabilities assembly;
Security capabilities assembly is issued to safety management platform to security capabilities assembly pond by transmitting order to lower levels, safety management platform will use policy distribution to security engine platform according to the security capabilities assembly issued by security message bus, security engine platform, by using strategy by being delivered to corresponding security capabilities assembly again, performs concrete function by security capabilities assembly.
Described security engine platform by OS key message event transfer to security capabilities assembly pond, security capabilities assembly pond issues assembly to safety management platform, safety management platform issues corresponding security capabilities assembly and uses strategy, security engine platform, by using strategy by being delivered to corresponding security capabilities assembly again, performs concrete function by security capabilities assembly.
Security capabilities assembly produces daily record when performing concrete function, sends to security message bus by security engine, and safety management platform is collected the daily record of security capabilities assembly generation and stored.
Safety management platform carries out cross correlation analysis to daily record, and mark security threat event also stores.
Security engine platform forms asset management list, is supplied to safety management platform, manages for it to security engine.
A kind of security capabilities polymerization, system described in utilization, security capabilities assembly is issued to safety management platform to security capabilities assembly pond by transmitting order to lower levels, safety management platform will use policy distribution to security engine platform according to the security capabilities assembly issued by security message bus, security engine platform is delivered to corresponding security capabilities assembly again by using strategy, performs concrete function by security capabilities assembly.
Usefulness of the present invention is:
System of the present invention, mainly comprise security capabilities assembly pond, safety management platform, security engine platform, security message bus four modules, it is security capabilities component architecture that is open, polymerization, to security capabilities assembly pond, security capabilities assembly is issued to safety management platform by transmitting order to lower levels, safety management platform will use policy distribution to security engine platform according to the security capabilities assembly issued by security message bus, security engine platform is delivered to corresponding security capabilities assembly again by using strategy, performs concrete function by security capabilities assembly;
Realize the unified management of security component and the polymerization of security capabilities.Based on security capabilities paradigmatic system, the exploitation of security capabilities assembly, deployment, O&M and upgrading can be realized fast, substantially increase the value of general safety solution.
Accompanying drawing explanation
Fig. 1 present system configuration diagram.
Embodiment
A kind of security capabilities paradigmatic system, arranges security capabilities assembly pond, safety management platform, security message bus, security engine platform,
Security capabilities assembly pond, for system provides the centralized management of security capabilities assembly;
Safety management platform, is responsible for the strategy that the various security capabilities assembly of centralized management uses, and manages security engine;
Security message bus, is responsible for the communication connection of safety management platform and security engine platform;
Security engine platform, operates in client OS layer, is in charge of the running status of security capabilities assembly;
Security capabilities assembly is issued to safety management platform to security capabilities assembly pond by transmitting order to lower levels, safety management platform will use policy distribution to security engine platform according to the security capabilities assembly issued by security message bus, security engine platform is delivered to corresponding security capabilities assembly again by using strategy, performs concrete function by security capabilities assembly.
According to said system and summary of the invention, the present invention will be further described by reference to the accompanying drawings.
A kind of security capabilities paradigmatic system, arranges security capabilities assembly pond, safety management platform, security message bus, security engine platform,
Security capabilities assembly pond, for system provides the centralized management of security capabilities assembly; Wherein concrete enforcement comprises basic module, as HIPS assembly, and AV assembly, application controls assembly;
Security capabilities assembly management mainly refers to release management, namely provides assembly to upload, registers and issue, offloading functions, unifiedly safeguards security capabilities assembly, for system provides the centralized management view of security capabilities assembly; Also have updating and management, the i.e. version of security capabilities assembly, upgrading and the ash of redaction change for degree, the rollback etc. of early version;
Safety management platform, is responsible for the strategy that the various security capabilities assembly of centralized management uses, and manages security engine;
Wherein can forming asset management list by security engine platform, be supplied to safety management platform, for managing security engine, namely forming asset management;
Safety management platform mainly carries out tactical management, namely the strategy that various security capabilities assembly uses is managed concentratedly, and by security message bus to security engine distributing policy, final each security capabilities strategy is delivered to corresponding security capabilities assembly by security engine, performs concrete function by security capabilities assembly;
In addition, security capabilities assembly produces daily record when performing concrete function, security message bus is sent to by security engine, safety management platform collects the daily record that security capabilities assembly produces, and cross correlation analysis can be carried out to daily record, mark security threat event also stores, and checks for convenience, can form journaling;
Security message bus, is responsible for the communication connection of safety management platform and security engine platform; Continue and transmit the message that safety management platform is handed down to security engine platform, comprising: security capabilities assembly bag, security strategy etc.; Again by the message of security engine platform being given safety management platform, comprising: above-mentioned running log etc.;
Security engine platform, operates in client OS layer, is in charge of the running status of security capabilities assembly;
Security engine platform is by going deep into various interfaces, the hook of OS inner nuclear layer, obtain the event of OS kernel access, and form event chain management, security capabilities assembly is obtained by safety management platform, safeguard assembly operating state, and each interface of security capabilities assembly is included in the event chain management of security engine platform;
Process is: security engine platform by OS key message event transfer to security capabilities assembly pond, security capabilities assembly pond issues assembly to safety management platform, safety management platform issues corresponding security capabilities assembly and uses strategy, security engine platform, by using strategy by being delivered to corresponding security capabilities assembly again, performs concrete function by security capabilities assembly.
Utilize said system, the present invention also provides a kind of security capabilities polymerization, security capabilities assembly is issued to safety management platform to security capabilities assembly pond by transmitting order to lower levels, safety management platform will use policy distribution to security engine platform according to the security capabilities assembly issued by security message bus, security engine platform is delivered to corresponding security capabilities assembly again by using strategy, performs concrete function by security capabilities assembly;
Such as issue virus killing order to security capabilities assembly pond, then the security capabilities assembly about virus killing is issued to safety management platform by security capabilities assembly pond, safety management platform provides the use strategy of these security capabilities assemblies, concrete use strategy is arranged and how to be killed virus, time interval of virus killing etc., safety management platform will use policy distribution to security engine platform, security engine platform is delivered to corresponding security capabilities assembly again by using strategy, perform concrete function by security capabilities assembly, and produce daily record.
Claims (6)
1. a security capabilities paradigmatic system, is characterized in that arranging security capabilities assembly pond, safety management platform, security message bus, security engine platform,
Security capabilities assembly pond, for system provides the centralized management of security capabilities assembly;
Safety management platform, is responsible for the strategy that the various security capabilities assembly of centralized management uses, and manages security engine;
Security message bus, is responsible for the communication connection of safety management platform and security engine platform;
Security engine platform, operates in client OS layer, is in charge of the running status of security capabilities assembly;
Security capabilities assembly is issued to safety management platform to security capabilities assembly pond by transmitting order to lower levels, safety management platform will use policy distribution to security engine platform according to the security capabilities assembly issued by security message bus, security engine platform is delivered to corresponding security capabilities assembly again by using strategy, performs concrete function by security capabilities assembly.
2. system according to claim 1, it is characterized in that described security engine platform by OS key message event transfer to security capabilities assembly pond, security capabilities assembly pond issues assembly to safety management platform, safety management platform issues corresponding security capabilities assembly and uses strategy, security engine platform, by using strategy by being delivered to corresponding security capabilities assembly again, performs concrete function by security capabilities assembly.
3. system according to claim 1 and 2, produces daily record when it is characterized in that security capabilities assembly performs concrete function, sends to security message bus by security engine, and safety management platform is collected the daily record of security capabilities assembly generation and stored.
4. system according to claim 3, is characterized in that safety management platform carries out cross correlation analysis to daily record, and mark security threat event also stores.
5. the system according to claim 1 or 4, is characterized in that security engine platform forms asset management list, is supplied to safety management platform, manages for it to security engine.
6. a security capabilities polymerization, it is characterized in that utilizing the system described in any one of claim 1-5, security capabilities assembly is issued to safety management platform to security capabilities assembly pond by transmitting order to lower levels, safety management platform will use policy distribution to security engine platform according to the security capabilities assembly issued by security message bus, security engine platform is delivered to corresponding security capabilities assembly again by using strategy, performs concrete function by security capabilities assembly.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610057996.9A CN105550030A (en) | 2016-01-28 | 2016-01-28 | Safety capability aggregation system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610057996.9A CN105550030A (en) | 2016-01-28 | 2016-01-28 | Safety capability aggregation system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105550030A true CN105550030A (en) | 2016-05-04 |
Family
ID=55829228
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610057996.9A Pending CN105550030A (en) | 2016-01-28 | 2016-01-28 | Safety capability aggregation system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105550030A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105978882A (en) * | 2016-05-17 | 2016-09-28 | 浪潮电子信息产业股份有限公司 | Host security policy issuing method controlled by using presence and security switch on centralized management platform |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1624657A (en) * | 2003-12-05 | 2005-06-08 | 微软公司 | Security-related programming interface |
| CN101729544A (en) * | 2009-05-21 | 2010-06-09 | 中兴通讯股份有限公司 | Method and system for security capacity negotiation |
| CN103259701A (en) * | 2012-12-04 | 2013-08-21 | 中国科学院沈阳自动化研究所 | Message bus implementation method for complex production process management system |
| CN103269367A (en) * | 2013-05-16 | 2013-08-28 | 北京邮电大学 | Releasing system and releasing method for PaaS cloud platform capacity component |
| CN104125275A (en) * | 2014-07-21 | 2014-10-29 | 浪潮电子信息产业股份有限公司 | Security service system based on dynamic extendable security service bus and engine container suite system |
| CN104636122A (en) * | 2013-11-06 | 2015-05-20 | 中国移动通信集团公司 | Sharing method and device of capacity component |
-
2016
- 2016-01-28 CN CN201610057996.9A patent/CN105550030A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1624657A (en) * | 2003-12-05 | 2005-06-08 | 微软公司 | Security-related programming interface |
| CN101729544A (en) * | 2009-05-21 | 2010-06-09 | 中兴通讯股份有限公司 | Method and system for security capacity negotiation |
| CN103259701A (en) * | 2012-12-04 | 2013-08-21 | 中国科学院沈阳自动化研究所 | Message bus implementation method for complex production process management system |
| CN103269367A (en) * | 2013-05-16 | 2013-08-28 | 北京邮电大学 | Releasing system and releasing method for PaaS cloud platform capacity component |
| CN104636122A (en) * | 2013-11-06 | 2015-05-20 | 中国移动通信集团公司 | Sharing method and device of capacity component |
| CN104125275A (en) * | 2014-07-21 | 2014-10-29 | 浪潮电子信息产业股份有限公司 | Security service system based on dynamic extendable security service bus and engine container suite system |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105978882A (en) * | 2016-05-17 | 2016-09-28 | 浪潮电子信息产业股份有限公司 | Host security policy issuing method controlled by using presence and security switch on centralized management platform |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10135607B1 (en) | Distributed ledger interaction systems and methods | |
| CN105247529B (en) | The synchronous voucher hash between directory service | |
| CN111209269A (en) | Big data management system of wisdom city | |
| Zhang et al. | Blockchain use in IoT for privacy-preserving anti-pandemic home quarantine | |
| CN101826993A (en) | Method, system and device for monitoring security event | |
| Kim et al. | A study on device security in IoT convergence | |
| CN103618652A (en) | Audit and depth analysis system and audit and depth analysis method of business data | |
| CN108092936A (en) | A kind of Host Supervision System based on plug-in architecture | |
| CN113034857A (en) | Urban natural disaster monitoring emergency management scheduling platform based on block chain | |
| CN109101322A (en) | The safe calculation method of virtualization and system monitored based on paired tag and migration | |
| Liu et al. | BCmaster: A compatible framework for comprehensively analyzing and monitoring blockchain systems in IoT | |
| Mangla et al. | A proposed framework for autonomic resource management in cloud computing environment | |
| CN104683382A (en) | Benchmark testing system for cloud computing platform database of novel innovative algorithm | |
| Corradi et al. | SIRDAM4. 0: A support infrastructure for reliable data acquisition and management in industry 4.0 | |
| CN111651121A (en) | Data logic calculation method and device, electronic equipment and storage medium | |
| CN108985593B (en) | Offshore wind power engineering construction intelligent management and control system based on block chain technology | |
| CN102316122A (en) | Method for managing intranet security based on cooperative mode | |
| CN105550030A (en) | Safety capability aggregation system | |
| CN111262815A (en) | Virtual host management system | |
| CN105335212A (en) | Cloud computing mandatory access control method based on distributed implementation | |
| CN209134457U (en) | Police big data actual combat system | |
| Gururaj et al. | Analysis of preventive measures against ddos attacks in smart grid | |
| CN202736049U (en) | Archive management system on basis of SOA (service-oriented architecture) mode | |
| CN114584544A (en) | Intelligent cloud box system for coal mine | |
| Fazio et al. | HSCLOUD: cloud architecture for supporting homeland security |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20160504 |
|
| RJ01 | Rejection of invention patent application after publication |