CN107786500A - Terminal security module centralized management system - Google Patents

Terminal security module centralized management system Download PDF

Info

Publication number
CN107786500A
CN107786500A CN201610725956.7A CN201610725956A CN107786500A CN 107786500 A CN107786500 A CN 107786500A CN 201610725956 A CN201610725956 A CN 201610725956A CN 107786500 A CN107786500 A CN 107786500A
Authority
CN
China
Prior art keywords
module
terminal
security
data
interface
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201610725956.7A
Other languages
Chinese (zh)
Inventor
高景生
孙宇
陈志浩
曾颖明
周炼赤
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Institute of Computer Technology and Applications
Original Assignee
Beijing Institute of Computer Technology and Applications
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Institute of Computer Technology and Applications filed Critical Beijing Institute of Computer Technology and Applications
Priority to CN201610725956.7A priority Critical patent/CN107786500A/en
Publication of CN107786500A publication Critical patent/CN107786500A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer And Data Communications (AREA)

Abstract

A kind of terminal security centralized management system of the present invention, wherein, including:Messaging bus, database, physical layer interface module, security module and interface module;The messaging bus is used for the communication interaction with management terminal, routes data to management terminal, while receives the data feedback of management terminal, gives the data of return to physical layer interface module;The physical layer interface module is the transitional module between messaging bus and security module, by the data feedback for receiving management terminal to each submodule in security module, receives the instruction of the security module, and broadcast data to the messaging bus;The security module is integrated with a variety of safety verification functions, for carrying out security protection to place terminal;The interface module, for providing human-computer interaction interface.Terminal security module centralized management system of the present invention can improve module service efficiency, convenient for the user to operate for terminal security module centralized management system terminal.

Description

Terminal security module centralized management system
Technical field
The invention belongs to computer security technique field, is a kind of terminal security module centralized management system.
Background technology
The security protection product of current generation is independent operating mostly, managed alone, but with terminal security product kind Class is various, method of operation variation, a variety of security modules on ordinary terminal is managed and monitored into serious burden, So needing the running environment that can be managed collectively and monitor to them, and identical function of safety protection is completed,
The content of the invention
It is an object of the invention to provide a kind of terminal security module centralized management system, for solving the peace of current generation Full protection product is independent operating mostly, the problem of managing alone.
A kind of terminal security centralized management system of the present invention, wherein, including:Messaging bus, database, physical layer interface mould Block, security module and interface module;The messaging bus is used for the communication interaction with management terminal, routes data to management eventually End, while the data feedback of management terminal is received, give the data of return to physical layer interface module;The physical layer interface module is to be situated between Transitional module between messaging bus and security module, the data feedback of management terminal will be received to each son in security module Module, receives the instruction of the security module, and broadcasts data to the messaging bus;The security module is integrated with a variety of safety verifications Function, for carrying out security protection to place terminal;The interface module, for providing human-computer interaction interface.
According to the present invention terminal security centralized management system an embodiment, wherein, the messaging bus can also with it is outer Portion's management terminal carries out two-way authentication.
According to an embodiment of the terminal security centralized management system of the present invention, wherein, the physical layer interface module includes plan Slightly interface, control interface, log interface and state interface;The control interface is used for the control command for receiving management terminal, will Order passes to security module;The log interface is used for the call instruction for receiving management terminal, and the daily record of security module is sent out Give management terminal;The state interface is used for the instruction for receiving management terminal, and the reality of current safety module is fed back to management terminal When state.
According to an embodiment of the terminal security centralized management system of the present invention, wherein, the security module includes:It is outer in violation of rules and regulations Join control module, peripheral port control module, network control module, antivirus module, secure log module;The illegal external connection controls Module is used to judge whether terminal is connected to network in violation of rules and regulations;Peripheral port control module is used to judge whether terminal accesses in violation of rules and regulations External equipment;The network control module, the packet for terminal to be sent and received carry out traffic organising;The antivirus module is used It is viral in removing terminal;The secure log module is used to verify terminal landing information.
According to an embodiment of the terminal security centralized management system of the present invention, wherein, the network control module, with five yuan The packet that group form sends and receives terminal carries out traffic organising.
According to the present invention terminal security centralized management system an embodiment, wherein, the messaging bus can also with it is outer Portion's management terminal, which carries out two-way authentication, to be included:Identity information is sent to management terminal by the messaging bus, and management terminal foundation obtains The identity information taken, judge the legitimacy of information, if legal, management terminal can send one to the messaging bus and contain identity Confirm mark, the key of user encryption and need the random sequence number returned next time;, will after the messaging bus receives data The data to be sent, this is after whether the key that end of identification and random sequence number are sent with server is encrypted, and sends To management terminal, management terminal returns to the random sequence number for receiving result mark and sending next time after receiving;The message is total Line receives follow-up supervention and send data, circulates successively, until data are sent.
According to an embodiment of the terminal security centralized management system of the present invention, wherein, management terminal safeguards a time-out Mechanism, does not receive the data of the messaging bus in time-out time, and the messaging bus needs to restart identifying procedure.
According to an embodiment of the terminal security centralized management system of the present invention, wherein, the interface module includes:Submodule Run shape module, submodule resource occupation module, security function scan module, submodule maintenance module, log audit module, plan Slightly control module and safe scoring modules;Submodule operation shape module is used to show security module state;The submodule provides Source takes the dynamic occupied information that module is used to obtain security module;The security function scan module is used in query safe module The quantity of submodule;The submodule maintenance module is used for the control operation for carrying out security module;The log audit module is used to show Show the Operation Log in terminal;In the strategy that the security module that the strategic control module is used for during display is currently running uses Hold;The safe scoring modules are used to be based on the security module situation, carry out composite rating.
Among all kinds of security modules are uniformly operated in security system by terminal security module centralized management system of the present invention, collection Into all kinds of security modules, realize that module is managed collectively, uniformly report daily record, Unified Policy to issue;Break information island, fusion is more The data of kind security module, there is provided integrated relational analysis is carried out based on Various types of data;Module service efficiency is improved, is pacified for terminal Full module centralized management system terminal, it is convenient for the user to operate.
Brief description of the drawings
Fig. 1 show terminal security centralized management system module map of the present invention;
Fig. 2 show the flow chart of handshake procedure;
Fig. 3 show the flow chart that terminal security module centralized management system processing management end sends data;
Fig. 4 show the upgrading flow chart of security module.
Embodiment
To make the purpose of the present invention, content and advantage clearer, with reference to the accompanying drawings and examples, to the present invention's Embodiment is described in further detail.
Fig. 1 show terminal security centralized management system module map of the present invention, as shown in figure 1, the present invention is for current interior The a variety of security protection generic module independent operatings of portion's network, the present situation managed alone, design a kind of the new of centralized management security module The system of theory.Terminal security module centralized management system and management end two parts can be divided.
As shown in figure 1, terminal security module centralized management system includes:Messaging bus 1, database 2, physical layer interface module 3, security module 4 and interface module 5.
As shown in figure 1, messaging bus 1 is used for the communication interaction with management end, management end is routed data to, is received simultaneously The data feedback of management end, give the data of return to physical layer interface module 3, it is ensured that the reliable secrecy transmission of data.Messaging bus 1 Need to be shaken hands before data are sent, whole handshake procedure is completed by messaging bus 1, it is not necessary to which physical layer interface module 3 is carried out Any processing.
Fig. 2 show the flow chart of handshake procedure, as shown in Fig. 2 handshake procedure includes:Terminal security module is managed concentratedly System is sent to management end before transmitting data, by identity information, and management end judges information according to the identity information obtained Legitimacy, if legal, management end can send one containing identity validation mark, use to terminal security module centralized management system The key and need the random sequence number returned next time that family is encrypted;
After terminal security module centralized management system receives data, the data that will send, this whether end of identification with And after the key that is sent with server of random sequence number is encrypted, management end is sent to, management end returns after receiving and receives knot The random sequence number that fruit identifies and sent next time;
Terminal security module centralized management system receives follow-up supervention and send data, circulates successively, until data are sent;
Need to illustrate a bit, management end can safeguard a timeout mechanism, give tacit consent to 30 seconds, if do not received in 30 seconds The data of terminal security module centralized management system, terminal security module centralized management system need to walk identifying procedure again.
As shown in figure 1, physical layer interface module 3 includes:Policy interface 31, control interface 32, log interface 33 and state Interface 34.
Physical layer interface module 3 is the transition between messaging bus 1 and security module 4, will receive the data of management end Each submodule in security module 4 is fed back to, while receives the instruction of security module 4, message is passed to through physical layer interface module 3 Bus 1, management end is sent data to by messaging bus 1.
Fig. 3 show the flow chart that terminal security module centralized management system processing management end sends data, such as Fig. 3 institutes Show, physical layer interface module 3 includes policy interface 31, control interface 32, log interface 33 and state interface 34.Policy interface 31 Strategy for management end to be formulated carries out Preliminary Analysis, gives security module 4.
As shown in figure 3, control interface 32 is used for the control command for receiving management end, order is passed into security module 4, it is real Enabling and disables etc. for the submodule of existing remote secure module 4 operates.Log interface 33 is used for the call instruction for receiving management end, The daily record of security module 4 is sent to management end.State interface 34 is used for the instruction for receiving management end, is fed back to management end current The real-time status of security module 4.It should be noted that physical layer interface module 3 is general only to carry out Preliminary Analysis, specific data still by The grade of security module 4 handles logical analysis.
Table 1 is the structure that terminal security module centralized management system sends packet, and the centralized management of terminal security module is System returns data to the package of management end, including packet header and data two parts.
Table 1
Data host type:The big Type division of current data, integer representation, strategy are that 1, control is 2, daily record 3, state For 4, can be extended again according to being actually needed;
Data subtypes:Specific division under a certain major class, integer representation, distribution thinking is with reference to host type;
System identifier:Terminal security module centralized management system ID values are identified, during by system registry to management end, by management end Unique ID of generation;
Send the time:The time that data are sent;
Send IP:The IP address of host side where security system;
Send MAC Address:The IP address of host side where security system;
Active user:Main frame current user information where system.
It should be noted that physical layer interface module 3 is completed without parsing, parsing work by security module 4.
As shown in figure 1, security module 4 includes:Illegal external connection control module 41, peripheral port control module 42, network control Molding block 43, antivirus module 44, secure log module 45.Whether illegal external connection control module 41 is used for main frame where judging system It is connected in violation of rules and regulations on network.Peripheral port control module 42 is used to judge whether main frame where system accesses external equipment in violation of rules and regulations. Network control module 43, will be main where system for five-tuple (source IP, purpose IP, source port, destination interface, agreement) form The packet that machine sends and receives carries out traffic organising.Antivirus module 44 is used to remove main frame virus.Secure log module 45 is used Verified in place main frame logon information.
As shown in figure 1, security module 4 be responsible for realizing the installation of all kinds of submodules, startup, stopping, restarting, upgrading, The control functions such as unloading and offer report and submit the data interaction function such as data according to submodule running situation to management end.
Fig. 4 show the upgrading flow chart of security module, as shown in figure 4, before upgrading, it is necessary to be with management end confirmation No to have AKU, the result returned according to management end carries out the download and installation of AKU.
Except above-mentioned control function, the interactive function when runtime system of security module 4 provides submodule operation, these functions Including:Report and submit submodule bulk state:Each submodule running status of real-time report, including to management end and local graphical interfaces;Receive And perform control strategy:The long-range sending strategy of management end is received, and performs corresponding strategy;Receiving submodule runs control command: Receive control command, executive control operation;Control command may be from management end, it is also possible to come from local graphical interfaces; Receive log query condition and return to log recording:Querying command is received, returns to Query Result;Querying command may be from pipe Manage end, it is also possible to come from local graphical interfaces.
As shown in figure 1, interface module 5, for providing human-computer interaction interface, concrete function is to send call instruction to operation When system, then by data display on graphical interfaces.Interface module 5 includes submodule operation shape module 51 and is used to show safety Submodule bulk state, enable, disable.Submodule resource occupation module 52 is used to obtain the dynamic such as CPU, internal memory of safe submodule Occupied information.Security function scan module 53 is used for inquiring about how much safe submodules are mounted with current system.Submodule is safeguarded Module 54 such as is used to realizing the startup of safe submodule, deactivation, upgrades, restarts at the control operation.Log audit module 55 is used to show Show the Operation Log in the machine.Strategic control module 56 is used for the strategy for showing that the safe submodule in being currently running uses Content.Safe scoring modules are used to be based on current safety submodule situation, carry out comprehensive grading.
Among all kinds of security modules are uniformly operated in security system by terminal security module centralized management system of the present invention, by Management end is unified to be provided to each submodule policy control, the external O&M of log audit and displaying.Terminal security module is managed concentratedly System supports all security protection products to exist in the form of system sub-modules and driving, and has security system to carry out them The function such as control, audit log collection and association analysis during operation, and security system also provides end host running status, It is the solution of a, audit safe to termination set and monitoring.All kinds of security modules are integrated, realize that module is managed collectively, system One reports daily record, Unified Policy to issue;Break information island, merge the data of a variety of security modules, there is provided based on Various types of data Carry out integrated relational analysis;Module service efficiency is improved, for terminal security module centralized management system main frame, is easy to user to grasp Make.
Described above is only the preferred embodiment of the present invention, it is noted that for the ordinary skill people of the art For member, without departing from the technical principles of the invention, some improvement and deformation can also be made, these are improved and deformation Also it should be regarded as protection scope of the present invention.

Claims (8)

  1. A kind of 1. terminal security centralized management system, it is characterised in that including:Messaging bus, database, physical layer interface module, Security module and interface module;
    The messaging bus is used for the communication interaction with management terminal, routes data to management terminal, while receive management terminal Data feedback, give the data of return to physical layer interface module;
    The physical layer interface module is the transitional module between messaging bus and security module, will receive the data of management terminal Each submodule in security module is fed back to, receives the instruction of the security module, and broadcasts data to the messaging bus;
    The security module is integrated with a variety of safety verification functions, for carrying out security protection to place terminal;
    The interface module, for providing human-computer interaction interface.
  2. 2. terminal security centralized management system as claimed in claim 1, it is characterised in that the messaging bus can also be with outside Management terminal carries out two-way authentication.
  3. 3. terminal security centralized management system as claimed in claim 1, it is characterised in that the physical layer interface module includes strategy Interface, control interface, log interface and state interface;The control interface is used for the control command for receiving management terminal, will order Order passes to security module;The log interface is used for the call instruction for receiving management terminal, and the daily record of security module is sent To management terminal;The state interface is used for the instruction for receiving management terminal, feeds back the real-time of current safety module to management terminal State.
  4. 4. terminal security centralized management system as claimed in claim 1, it is characterised in that the security module includes:It is outer in violation of rules and regulations Join control module, peripheral port control module, network control module, antivirus module, secure log module;The illegal external connection controls Module is used to judge whether terminal is connected to network in violation of rules and regulations;Peripheral port control module is used to judge whether terminal accesses in violation of rules and regulations External equipment;The network control module, the packet for terminal to be sent and received carry out traffic organising;The antivirus module is used It is viral in removing terminal;The secure log module is used to verify terminal landing information.
  5. 5. terminal security centralized management system as claimed in claim 1, it is characterised in that the network control module, with five yuan The packet that group form sends and receives terminal carries out traffic organising.
  6. 6. terminal security centralized management system as claimed in claim 1, it is characterised in that the messaging bus can also be with outside Management terminal, which carries out two-way authentication, to be included:Identity information is sent to management terminal by the messaging bus, and management terminal is according to acquisition Identity information, judge the legitimacy of information, if legal, management terminal can be sent to the messaging bus one it is true containing identity Recognize mark, the key of user encryption and need the random sequence number returned next time;, will after the messaging bus receives data The data of transmission, this is after whether the key that end of identification and random sequence number are sent with server is encrypted, and is sent to Management terminal, management terminal return to the random sequence number for receiving result mark and sending next time after receiving;The messaging bus Receive follow-up supervention and send data, circulate successively, until data are sent.
  7. 7. terminal security centralized management system as claimed in claim 6, it is characterised in that management terminal safeguards an overtime machine Make, do not receive the data of the messaging bus in time-out time, the messaging bus needs to restart identifying procedure.
  8. 8. terminal security centralized management system as claimed in claim 1, it is characterised in that the interface module includes:Submodule Run shape module, submodule resource occupation module, security function scan module, submodule maintenance module, log audit module, plan Slightly control module and safe scoring modules;
    Submodule operation shape module is used to show security module state;The submodule resource occupation module is used to obtain safe mould The dynamic occupied information of block;The security function scan module is used for the quantity of query safe module Neutron module;The submodule is tieed up Shield module is used for the control operation for carrying out security module;The Operation Log that the log audit module is used on display terminal;The plan Slightly control module is used for the policy content for showing that the security module in being currently running uses;The safe scoring modules are used for base In the security module situation, composite rating is carried out.
CN201610725956.7A 2016-08-25 2016-08-25 Terminal security module centralized management system Pending CN107786500A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610725956.7A CN107786500A (en) 2016-08-25 2016-08-25 Terminal security module centralized management system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610725956.7A CN107786500A (en) 2016-08-25 2016-08-25 Terminal security module centralized management system

Publications (1)

Publication Number Publication Date
CN107786500A true CN107786500A (en) 2018-03-09

Family

ID=61438767

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610725956.7A Pending CN107786500A (en) 2016-08-25 2016-08-25 Terminal security module centralized management system

Country Status (1)

Country Link
CN (1) CN107786500A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113919863A (en) * 2021-09-09 2022-01-11 江苏盛启数字科技有限公司 Data processing method and device based on full-channel widely-announced information

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101052046A (en) * 2007-05-22 2007-10-10 网御神州科技(北京)有限公司 Anti-virus method and device for fire-proof wall
US20080109903A1 (en) * 2006-11-07 2008-05-08 Spansion Llc Secure co-processing memory controller integrated into an embedded memory subsystem
CN102571786A (en) * 2011-12-30 2012-07-11 深信服网络科技(深圳)有限公司 Method for linkage defense among multiple safety modules in firewall and firewall
CN103049383A (en) * 2012-12-31 2013-04-17 博彦科技(上海)有限公司 Development and testing cloud system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080109903A1 (en) * 2006-11-07 2008-05-08 Spansion Llc Secure co-processing memory controller integrated into an embedded memory subsystem
CN101052046A (en) * 2007-05-22 2007-10-10 网御神州科技(北京)有限公司 Anti-virus method and device for fire-proof wall
CN102571786A (en) * 2011-12-30 2012-07-11 深信服网络科技(深圳)有限公司 Method for linkage defense among multiple safety modules in firewall and firewall
CN103049383A (en) * 2012-12-31 2013-04-17 博彦科技(上海)有限公司 Development and testing cloud system

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113919863A (en) * 2021-09-09 2022-01-11 江苏盛启数字科技有限公司 Data processing method and device based on full-channel widely-announced information

Similar Documents

Publication Publication Date Title
CN102724175B (en) The telecommunication safety management framework of ubiquitous green community net control and method
CN110535653A (en) A kind of safe distribution terminal and its means of communication
CN107770182A (en) The date storage method and home gateway of home gateway
WO2019047631A1 (en) Blockchain-based micro-base station communication management method, system and device
CN100492991C (en) Network element management method, system and network element
CN201479143U (en) Intranet safety management system
CN105490839B (en) A kind of alarm method and device of website data safety
CN101388903B (en) Mobile enterprise IT standardization management platform
CN106941516A (en) Isomery field apparatus Control management system based on industry internet operating system
CN103020861A (en) Intermediate business platform system used for financial securities industry
CN104636678B (en) The method and system of management and control is carried out under a kind of cloud computing environment to terminal device
CN101160773A (en) Method and system of obtaining secure shell host key of managed device
CN108966216B (en) Mobile communication method and system applied to power distribution network
CN102315992A (en) Detection method for illegal external connection
CN106850690A (en) A kind of honey jar building method and system
CN204465588U (en) A kind of host monitor based on server architecture and auditing system
CN107864162A (en) Convergence gateway dual system and its communication security guard method
CN109617875A (en) A kind of the secure accessing platform and its implementation of terminal communication network
CN201491036U (en) Host monitoring and auditing system
CN102970166A (en) Method and system for monitoring alarm event of network element equipment
CN103139201B (en) A kind of network strategy acquisition methods and data center switchboard
CN114531942A (en) Intelligent power grid measuring method
CN107786500A (en) Terminal security module centralized management system
CN103957173B (en) semantic switch
CN103501298B (en) A kind of non-interrupting service escalation process ensures the method and apparatus that link does not stop

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20180309