CN108200045A - Security Situation Awareness Systems and method - Google Patents
Security Situation Awareness Systems and method Download PDFInfo
- Publication number
- CN108200045A CN108200045A CN201711467421.5A CN201711467421A CN108200045A CN 108200045 A CN108200045 A CN 108200045A CN 201711467421 A CN201711467421 A CN 201711467421A CN 108200045 A CN108200045 A CN 108200045A
- Authority
- CN
- China
- Prior art keywords
- data
- module
- security
- situation
- password
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Telephonic Communication Services (AREA)
Abstract
The present invention provides a kind of Security Situation Awareness Systems and methods, are related to the technical field of cryptography, including:Access authentication module, for that will have the equipment of password to carry out access identity certification;Data acquisition module, data acquisition module are connected with access authentication module, for acquiring the code data of the equipment with password by access identity certification;Decision-making management module, decision-making management module are connected with data acquisition module, for according to code data, the difference based on system user role to generate different cryptosecurity situation reports;Data display module, data display module are connected with decision-making management module, for showing that cryptosecurity situation is reported.The authenticity of code data can be improved, meanwhile generate different cryptosecurity situation using the difference based on system user role in the big data about password and report, enhance the confidence level of cryptosecurity situation report, and science decision is helped to realize, promote the efficiency of decision-making and specific aim.
Description
Technical field
The present invention relates to computer information safety technique field, more particularly, to a kind of Security Situation Awareness Systems and side
Method.
Background technology
With the development of science and technology people’s lives are more and more inseparable with network, people are logging in different web sites or electricity
During sub-voice mailbox, all with different username and passwords, moreover, usually recite personal and enterprise in website or E-mail address
The information of the information of industry, these people and enterprise should not by public domain, so, if the information quilt of these people and enterprise
It steals, it will it is brought a great deal of trouble to personal and enterprise, so, cryptosecurity is either to personal still to enterprise's all right and wrong
It is often important.
Moreover, the appearance of network security method, security postures perceive the hot spot for also becoming network security.Cryptosecurity situation sense
Know important composition department in information security of doing, in the prior art, cryptosecurity situation report usually only acquire part data into
Row summarizes, due to local region and the difference of external environment, so confidence level is not high and lacks comprehensive.And generation password peace
The data source of full situation report is not rigorous, and the cryptosecurity situation for leading to generation is untrue, and data are difficult to recall, and are unfavorable for
Apparent safety responsibility.
Invention content
In view of this, the purpose of the present invention is to provide Security Situation Awareness Systems and method, will generate cryptosecurity state
The acquisition source of the code data of gesture report, carries out access identity certification, and acquisition passes through the close of the equipment of access identity certification
Code data, can improve the authenticity of code data in this way, meanwhile, using being based on system user angle in the big data about password
The difference of color generates different cryptosecurity situation reports, enhances the confidence level of cryptosecurity situation report, and contribute to reality
Existing science decision, promotes the efficiency of decision-making and specific aim.
In a first aspect, an embodiment of the present invention provides a kind of Security Situation Awareness Systems, including:Access authentication module is used
Access identity certification is carried out in the equipment that there will be password;Data acquisition module, the data acquisition module are recognized with the access
Card module is connected, for acquiring by having the code data of the equipment of password described in access identity certification;Decision-making management mould
Block, the decision-making management module are connected with the data acquisition module, for according to the code data, based on system user angle
The difference of color generates different cryptosecurity situation reports;Data display module, the data display module and the decision pipe
Reason module is connected, for showing the cryptosecurity situation report.
With reference to first aspect, an embodiment of the present invention provides the first possible embodiment of first aspect, wherein, institute
Decision-making management module is stated, including:Submodule is monitored, for monitoring the situation of change of code data;Abnormal behaviour analyzes submodule,
For code data is analyzed and mined information with assist find security risk event;Submodule is tracked in security incident, is used
It is tracked in security incident, determines the attack path of security incident the precautionary measures to be taken to provide foundation for user;Scoring
Submodule, for carrying out risk analysis and assessment to the service application safety situation of code data.
With reference to first aspect, an embodiment of the present invention provides second of possible embodiment of first aspect, wherein, institute
It states monitoring submodule and is additionally operable to backtracking attack history, to security event prediction.
With reference to first aspect, an embodiment of the present invention provides the third possible embodiment of first aspect, wherein, institute
Data display module is stated to be additionally operable to show that password resource information, safe emergency response information, security defensive system, operation system are close
Code application message, Security Trend, network topology, safety scoring situation.
With reference to first aspect, an embodiment of the present invention provides the 4th kind of possible embodiment of first aspect, wherein, institute
State the instrument board that data display module is additionally operable to show the code data of various dimensions by the way of cockpit.
With reference to first aspect, an embodiment of the present invention provides the 5th kind of possible embodiment of first aspect, wherein, also
Including:Gathered data source analysis module, the gathered data source analysis module are connected with the data acquisition module, are used for
Analysis summary, statistics, management are carried out to the code data of acquisition.
With reference to first aspect, an embodiment of the present invention provides the 6th kind of possible embodiment of first aspect, wherein, also
Including:Data center module, the data center module and the access authentication module, data acquisition module, decision-making management mould
Block, data display module are connected, including:Data modeling manages submodule, knowledge base management submodule, password resource management submodule
Block, cipher application data management submodule.
With reference to first aspect, an embodiment of the present invention provides the 7th kind of possible embodiment of first aspect, wherein, institute
Access authentication module is stated to be specifically used for being authenticated according to safe class.
With reference to first aspect, an embodiment of the present invention provides the 8th kind of possible embodiment of first aspect, wherein, also
Including:System management module, for user, role, template, permission, daily record, audit, configuration, remote monitoring, secure communication,
Password resource.
Second aspect, the embodiment of the present invention also provide a kind of security postures cognitive method, including:By the equipment with password
Carry out access identity certification;The code data for the equipment with password that acquisition passes through access authentication;According to the password
Data, the difference based on system user role generate different cryptosecurity situation reports;Show the cryptosecurity situation report
It accuses.
The embodiment of the present invention brings following advantageous effect:The acquisition of the code data of cryptosecurity situation report will be generated
Source carries out the code data of access identity certification, the only equipment that acquisition passes through access identity certification, can improve password in this way
The authenticity of data, meanwhile, different passwords is generated using the difference based on system user role in the big data about password
Security postures are reported, enhance the confidence level of cryptosecurity situation report.
Other features and advantages of the present invention will illustrate in the following description, also, partly become from specification
It obtains it is clear that being understood by implementing the present invention.The purpose of the present invention and other advantages are in specification, claims
And specifically noted structure is realized and is obtained in attached drawing.
For the above objects, features and advantages of the present invention is enable to be clearer and more comprehensible, preferred embodiment cited below particularly, and coordinate
Appended attached drawing, is described in detail below.
Description of the drawings
It, below will be to specific in order to illustrate more clearly of the specific embodiment of the invention or technical solution of the prior art
Embodiment or attached drawing needed to be used in the description of the prior art are briefly described, it should be apparent that, in being described below
Attached drawing is some embodiments of the present invention, for those of ordinary skill in the art, before not making the creative labor
It puts, can also be obtained according to these attached drawings other attached drawings.
Fig. 1 is the structure chart of Security Situation Awareness Systems provided by one embodiment of the present invention;
Fig. 2 is the structure chart of Security Situation Awareness Systems that another embodiment of the present invention provides;
Fig. 3 is the component part schematic diagram of Security Situation Awareness Systems provided by one embodiment of the present invention;
Fig. 4 is the flow chart of security postures cognitive method provided by one embodiment of the present invention.
Icon:
100- Security Situation Awareness Systems;110- access authentication modules;120- data acquisition modules;130- decision-making management moulds
Block;140- data display modules;131- monitors submodule;132- abnormal behaviours analyze submodule;133- security incidents tracking
Module;134- scoring submodules.
Specific embodiment
Purpose, technical scheme and advantage to make the embodiment of the present invention are clearer, below in conjunction with attached drawing to the present invention
Technical solution be clearly and completely described, it is clear that described embodiment be part of the embodiment of the present invention rather than
Whole embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art are not making creative work premise
Lower all other embodiments obtained, shall fall within the protection scope of the present invention.
At present, the appearance of network security method, security postures perceive the hot spot for also becoming network security.Cryptosecurity situation sense
Know important composition department in information security of doing, in the prior art, cryptosecurity situation report usually only acquire part data into
Row summarizes, due to the difference of local region and external environment etc., so confidence level is not high.And generation cryptosecurity situation report
The data source of announcement is not rigorous, and the cryptosecurity situation for leading to generation is untrue, based on this, one kind provided in an embodiment of the present invention
Security Situation Awareness Systems and method will generate the acquisition source of the code data of cryptosecurity situation report, carry out access body
Part certification, only acquisition pass through the code data of the equipment of access identity certification, can improve the authenticity of code data in this way, together
When, it generates different cryptosecurity situation using the difference based on system user role in the big data about password and reports, increase
The strong confidence level of cryptosecurity situation report, and science decision is helped to realize, promote the efficiency of decision-making and specific aim.
For ease of understanding the present embodiment, system is perceived to a kind of security postures disclosed in the embodiment of the present invention first
System 100 describes in detail, shown in Figure 1, including:Access authentication module 110, data acquisition module 120, decision-making management mould
Block 130, data display module 140.
Wherein, the equipment that access authentication module 110 is used to have password carries out access identity certification.Data acquisition module
120 are connected with access authentication module 110, for acquiring the code data of the equipment with password by access identity certification.
Decision-making management module 130 is connected with data acquisition module 120, for according to code data, the difference based on system user role
Generate different cryptosecurity situation reports.Data display module 140 is connected with decision-making management module 130, for showing password
Security postures are reported.
Wherein, the equipment with password is encryption device, the equipment of applied cryptography technology, system of applied cryptography technology etc.
Deng.Such as:The equipment or system of crypto chip, digital certificate, cipher card etc. are installed.
Specifically, data acquisition module 120:Using the communication technology, acquisition has the equipment of password wherein, code data
Including:Encryption and decryption operational data, signature sign test data, digital certificate use data, encryption device performance data, cipher application number
According to interaction data between password correlation interaction data, safety equipment and cipher type product in, operation system, timestamp application data,
Digital envelope application data, electronic signature are using code datas such as data, E-seal application data.Wherein, data acquisition module
Block 120 can be all kinds of acquisition sensors, plug-in unit or control.
Wherein, cryptosecurity situation is reported, is the acquisition to entire security context factor in certain time, is understood and to not
Carry out short-term prediction address.It is obtained by situation element, obtains necessary data, then carries out situation reason by data analysis
Solution, and then realize to the Tendency Prediction in following a period of time.
In some embodiments, access authentication module 110 is specifically used for being authenticated according to safe class.
Specifically, using cryptographic technique to it is all access Security Situation Awareness Systems 100 the equipment with password into
Row access identity certification, wherein it is possible to using traditional authentication mode, may be used can be with the safe class side of being authenticated
Formula.Traditional authentication mode can have the user input port order seal that either user such as password is possessed or smart card etc.,
The biological nature of user, such as fingerprint, sound, retina, signature, person's handwriting etc..Safe class is authenticated, it will be different
Equipment be divided into different safe classes, i.e.,:Level-one, two level, three-level etc., higher grade, and certification is stringenter.Such as:Second etc.
Grade carries out user's login, i.e. username and password, then carries out ID card verification first.
With reference to shown in Fig. 2, decision-making management module 130, including:Monitor submodule 131, abnormal behaviour analysis submodule 132,
Security incident tracking submodule 133, scoring submodule 134.
Wherein, monitoring submodule 131 is used to monitor the situation of change of code data.Abnormal behaviour analysis submodule 132 is used
In code data is analyzed and mined information with assist find security risk event.Security incident tracking submodule 133 is used
It is tracked in security incident, determines the attack path of security incident the precautionary measures to be taken to provide foundation for user.Scoring
Submodule 134 is used to carry out risk analysis and assessment to the service application safety situation of code data.
Wherein, the report of cryptosecurity situation can will monitor result, the abnormal behaviour analysis submodule that submodule 131 obtains
132 obtained results, the obtained result of security incident tracking submodule 133, the result that submodule 134 obtains that scores are at least one
Content as the report of cryptosecurity situation.
Specifically:It monitors submodule 131 and monitors code data situation of change.Abnormal behaviour analyzes submodule 132, in root
According to various safe isomeric datas, daily record, on the basis of secure data search engine is provided, the model of big data analysis is made full use of
Algorithm, machine learning, association analysis, baseline etc., automatic mining goes out valuable information from mass data, can help to find
Security risk.Citing:One grader is trained according to various safe isomeric datas, daily record, for separating peace according to data trend
Total event plays the role of the imminent security incident of prediction, the code data of monitoring is input in this grader, such as
Fruit meets, then illustrates that security incident will occur for the code data monitored, it is possible to report this security incident to use
Family reminds user to guard against in advance.Meanwhile treatment advice explanation can be provided security incident, and alarm event is analyzed
And full-text search.Wherein, abnormal behaviour can include:Communication abnormality, suspicious identity, data are abnormal end to end for system.Safety
Track of issues submodule 133 after security incident is found, is tracked any given security incident by intellectual analysis and traces back
Source determines the attack path of security incident, for effective precautionary measures is taken to provide science decision foundation.Wherein, intellectual analysis master
The degree of association between monitoring parameters and parameter is established based on the accumulation of normal operation data, such as positive correlation, negative correlation, without correlation,
Also it is exactly to run baseline, the data fluctuations of normal operating condition.Security incident mainly finds different with normal condition
Place.The submodule 134 that scores is used to carry out risk analysis and assessment to service application safety situation using grading marking mode.
In some embodiments, monitoring submodule 131 is additionally operable to backtracking attack history, to security event prediction.It is specific next
It says, backtracking attack history finds potential invasion and highly concealed type attack, predicts imminent security incident.
In some embodiments, data display module 140 is additionally operable to displaying password resource information, safe emergency response letter
Breath, security defensive system, operation system cipher application information, Security Trend, network topology, safety scoring situation.
In some embodiments, data display module 140 is additionally operable to show the password of various dimensions by the way of cockpit
The instrument board of data.
Using " cockpit " mode, the key safety element of cipher application safe space can be focused on, builds various dimensions
Secure data instrument board covers the emphasis link of security monitoring, reflects cipher application real time execution and safe condition, and data are true
Reality, is intuitively presented to user and understands safe condition in time image.
In some embodiments, it further includes:Gathered data source analysis module, gathered data source analysis module and data
Acquisition module 120 is connected, for carrying out analysis summary, statistics, management to the code data of acquisition.
Specifically, gathered data source analysis module carries out Classifying Sum, statistics, management to the equipment with password,
Data source mainly has server password machine, time stamp server, signature verification service device, cipher card, digital certificate management CA
System, digital certificate registration management breath system, mobile terminal.
In some embodiments, it further includes:Data center module, data center module and access authentication module 110, data
Acquisition module 120, decision-making management module 130, data display module 140 are connected, including:Data modeling manages submodule, knowledge
Library management submodule, password resource management submodule, cipher application data management submodule.
Specifically, the database of data center module, the as system 100 is adopted for access authentication module 110, data
Collect module 120, decision-making management module 130, data display module 140 and support is provided, reach the shared of data resource.Such as:Number
The technical support of certification is provided for access authentication module 110 according to center module, data center module can store data acquisition module
The code data that block 120 acquires, data center module can be that decision-making management module 130 provides data support, data center's mould
Block can store data display module 140 as a result, so that user can check previous displaying result.
With reference to shown in Fig. 3, data center module is carried out data transmission with data acquisition module 120 by transport layer, transmission
Method include:Physical transfer network and wireless-transmission network.
Wherein, data modeling management submodule is used to establish the model of the system 100, and knowledge base management submodule is used to manage
Cryptography, cryptography related knowledge and historical data are managed, wherein historical data is given a lesson to including at least historical experience, password money
Source control submodule is used for 120 collected data of management data collection module, such as:Classified, the pipe of subregion, subangle color
Reason, cipher application data management submodule are used for administrator password application data, i.e. 120 collected password number of data acquisition module
Module in about the management of cipher application data.
In some embodiments, it further includes:System management module, for user, role, template, permission, daily record, examine
Meter, configuration, remote monitoring, secure communication, password resource.
Specifically, system management module is connected with decision-making management module 130, and with reference to shown in Fig. 3, user can be according to certainly
The difference of own identity, request decision-making management module 130 obtain different cryptosecurity situation reports, wherein, user includes:Operation
Personnel, maintenance personnel, leaders, functional government departments etc..
With reference to shown in Fig. 3, the operation principle of the system 100 of one embodiment of the present of invention is:Data acquisition module 120
Acquisition layer can be distributed in different infrastructure layers, and then, data acquisition module 120 stores data in number by transport layer
According in center module, user's request is sent in decision-making management module 130 by user, and decision-making management module 130 is from data center
The required relevant historical data of module calls user, according to relevant historical data, according to the specific requirement of user, generate about
The cryptosecurity situation report of historical data, is then transmitted to data display module 140 by the report of this cryptosecurity situation, will
Cryptosecurity situation report show, so as to user it can clearly be seen that.
Alternatively, user's request is sent in decision-making management module 130 by user, decision-making management module 130 is according to password number
According to, according to the specific requirement of user, acquire the code data of corresponding encryption device, the situation report of generation cryptosecurity, then
The report of this cryptosecurity situation is transmitted to data display module 140, the report of cryptosecurity situation is shown.Citing:
Certain company wants to see the cryptosecurity situation report of oneself company, then, certain company sends to system 100 and asks, and is then arranged in
The data of the said firm are acquired in the various kinds of sensors of the said firm, then generate real-time cryptosecurity situation report according to the data
It accuses, the report of this cryptosecurity situation is then transmitted to data display module 140, the report of cryptosecurity situation is shown
Come.
It is shown in Figure 4, security postures cognitive method, including:
S210:Equipment with password is subjected to access identity certification.
S220:The code data for the equipment with password that acquisition passes through access authentication.
S230:According to code data, the difference based on system user role generates different cryptosecurity situation reports.
S240:Show the report of cryptosecurity situation.
The technique effect of the method that the embodiment of the present invention is provided, realization principle and generation and aforementioned system embodiment phase
Together, to briefly describe, embodiment of the method part does not refer to part, can refer to corresponding contents in aforementioned system embodiment.
Unless specifically stated otherwise, component and the opposite step of step, the digital table otherwise illustrated in these embodiments
It is not limit the scope of the invention up to formula and numerical value.
In all examples being illustrated and described herein, any occurrence should be construed as merely illustrative, without
It is as limitation, therefore, other examples of exemplary embodiment can have different values.
It should be noted that:Similar label and letter represents similar terms in following attached drawing, therefore, once a certain Xiang Yi
It is defined in a attached drawing, does not then need to that it is further defined and explained in subsequent attached drawing.
Flow chart and block diagram in attached drawing show the system, method and computer journey of multiple embodiments according to the present invention
Architectural framework in the cards, function and the operation of sequence product.In this regard, each box in flow chart or block diagram can generation
The part of one module of table, program segment or code, a part for the module, program segment or code include one or more use
In the executable instruction of logic function as defined in realization.It should also be noted that it in some implementations as replacements, is marked in box
The function of note can also be occurred with being different from the sequence marked in attached drawing.For example, two continuous boxes can essentially base
Originally it is performed in parallel, they can also be performed in the opposite order sometimes, this is depended on the functions involved.It is also noted that
It is the combination of each box in block diagram and/or flow chart and the box in block diagram and/or flow chart, can uses and perform rule
The group of specialized hardware and computer instruction is realized or can be used to fixed function or the dedicated hardware based system of action
It closes to realize.
In addition, in the description of the embodiment of the present invention unless specifically defined or limited otherwise, term " connected " " connects
Connect " it should be interpreted broadly, for example, it may be being fixedly connected or being detachably connected or be integrally connected;It can be machine
Tool is connected or is electrically connected;It can be directly connected, can also be indirectly connected by intermediary, can be two members
Connection inside part.For the ordinary skill in the art, can above-mentioned term be understood in the present invention with concrete condition
Concrete meaning.
In the description of the present invention, it should be noted that term " " center ", " on ", " under ", "left", "right", " vertical ",
The orientation or position relationship of the instructions such as " level ", " interior ", " outer " be based on orientation shown in the drawings or position relationship, merely to
Convenient for the description present invention and simplify description rather than instruction or imply signified device or element must have specific orientation,
With specific azimuth configuration and operation, therefore it is not considered as limiting the invention.In addition, term " first ", " second ",
" third " is only used for description purpose, and it is not intended that instruction or hint relative importance.
Finally it should be noted that:Embodiment described above, only specific embodiment of the invention, to illustrate the present invention
Technical solution, rather than its limitations, protection scope of the present invention is not limited thereto, although with reference to the foregoing embodiments to this hair
It is bright to be described in detail, it will be understood by those of ordinary skill in the art that:Any one skilled in the art
In the technical scope disclosed by the present invention, it can still modify to the technical solution recorded in previous embodiment or can be light
It is readily conceivable that variation or equivalent replacement is carried out to which part technical characteristic;And these modifications, variation or replacement, do not make
The essence of corresponding technical solution is detached from the spirit and scope of technical solution of the embodiment of the present invention, should all cover the protection in the present invention
Within the scope of.Therefore, protection scope of the present invention described should be subject to the protection scope in claims.
Claims (10)
1. a kind of Security Situation Awareness Systems, which is characterized in that including:
Access authentication module, for that will have the equipment of password to carry out access identity certification;
Data acquisition module, the data acquisition module are connected with the access authentication module, pass through access identity for acquiring
The code data of the equipment with password of certification;
Decision-making management module, the decision-making management module are connected with the data acquisition module, for according to the code data,
Difference based on system user role generates different cryptosecurity situation reports;
Data display module, the data display module are connected with the decision-making management module, for showing the cryptosecurity
Situation is reported.
2. Security Situation Awareness Systems according to claim 1, which is characterized in that the decision-making management module, including:
Submodule is monitored, for monitoring the situation of change of code data;
Abnormal behaviour analyze submodule, for code data is analyzed and mined information with assist find security risk thing
Part;
Submodule is tracked in security incident, for being tracked to security incident, determines the attack path of security incident with for user
The precautionary measures is taken to provide foundation;
Score submodule, for carrying out risk analysis and assessment to the service application safety situation of code data.
3. Security Situation Awareness Systems according to claim 2, which is characterized in that the monitoring submodule is additionally operable to recall
History is attacked, to security event prediction.
4. Security Situation Awareness Systems according to claim 1, which is characterized in that the data display module is additionally operable to open up
Show password resource information, safe emergency response information, security defensive system, operation system cipher application information, Security Trend, net
Network topology, safety scoring situation.
5. Security Situation Awareness Systems according to claim 4, which is characterized in that the data display module is additionally operable to adopt
The instrument board of the code data of various dimensions is shown with the mode of cockpit.
6. Security Situation Awareness Systems according to claim 1, which is characterized in that further include:
Gathered data source analysis module, the gathered data source analysis module are connected with the data acquisition module, are used for
Analysis summary, statistics, management are carried out to the code data of acquisition.
7. Security Situation Awareness Systems according to claim 1, which is characterized in that further include:
Data center module, the data center module and the access authentication module, data acquisition module, decision-making management mould
Block, data display module are connected, including:Data modeling manages submodule, knowledge base management submodule, password resource management submodule
Block, cipher application data management submodule.
8. Security Situation Awareness Systems according to claim 1, which is characterized in that the access authentication module is specifically used for
It is authenticated according to safe class.
9. Security Situation Awareness Systems according to claim 1, which is characterized in that further include:System management module is used for
To user, role, template, permission, daily record, audit, configuration, remote monitoring, secure communication, password resource.
10. a kind of security postures cognitive method, which is characterized in that including:
Equipment with password is subjected to access identity certification;
The code data for the equipment with password that acquisition passes through access authentication;
According to the code data, the difference based on system user role generates different cryptosecurity situation reports;
Show the cryptosecurity situation report.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711467421.5A CN108200045A (en) | 2017-12-28 | 2017-12-28 | Security Situation Awareness Systems and method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711467421.5A CN108200045A (en) | 2017-12-28 | 2017-12-28 | Security Situation Awareness Systems and method |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108200045A true CN108200045A (en) | 2018-06-22 |
Family
ID=62586053
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711467421.5A Withdrawn CN108200045A (en) | 2017-12-28 | 2017-12-28 | Security Situation Awareness Systems and method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108200045A (en) |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111092786A (en) * | 2019-12-12 | 2020-05-01 | 中盈优创资讯科技有限公司 | Network equipment safety authentication service reliability enhancing system |
CN111931164A (en) * | 2020-06-28 | 2020-11-13 | 航天信息股份有限公司 | Method and system for determining password security level |
CN112380514A (en) * | 2020-11-13 | 2021-02-19 | 支付宝(杭州)信息技术有限公司 | Biological identification security situation prediction method and device and electronic equipment |
CN112468443A (en) * | 2020-10-28 | 2021-03-09 | 南京代威科技有限公司 | Method and system for realizing optimization decision through big data situation analysis |
CN112738121A (en) * | 2020-12-30 | 2021-04-30 | 中国电子技术标准化研究院 | Password security situation awareness method, device, equipment and readable storage medium |
CN113411295A (en) * | 2021-05-07 | 2021-09-17 | 上海纽盾科技股份有限公司 | Role-based access control situation awareness defense method and system |
CN114362995A (en) * | 2021-11-30 | 2022-04-15 | 河南金盾信安检测评估中心有限公司 | Provincial domain password application security situation system |
CN116708208A (en) * | 2023-08-07 | 2023-09-05 | 山东慧贝行信息技术有限公司 | Network data transmission situation prediction method based on machine learning |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101436967A (en) * | 2008-12-23 | 2009-05-20 | 北京邮电大学 | Method and system for evaluating network safety situation |
CN104348829A (en) * | 2014-09-26 | 2015-02-11 | 智慧城市信息技术有限公司 | Network security situation sensing system and method |
CN105553957A (en) * | 2015-12-09 | 2016-05-04 | 国家电网公司 | Network safety situation awareness early-warning method and system based big data |
CN106101252A (en) * | 2016-07-01 | 2016-11-09 | 何钟柱 | Information Security Risk guard system based on big data and trust computing |
CN106789955A (en) * | 2016-11-30 | 2017-05-31 | 山东省计算中心(国家超级计算济南中心) | A kind of network security situation evaluating method |
CN107483438A (en) * | 2017-08-15 | 2017-12-15 | 山东华诺网络科技有限公司 | A kind of network security situation awareness early warning system and method based on big data |
-
2017
- 2017-12-28 CN CN201711467421.5A patent/CN108200045A/en not_active Withdrawn
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101436967A (en) * | 2008-12-23 | 2009-05-20 | 北京邮电大学 | Method and system for evaluating network safety situation |
CN104348829A (en) * | 2014-09-26 | 2015-02-11 | 智慧城市信息技术有限公司 | Network security situation sensing system and method |
CN105553957A (en) * | 2015-12-09 | 2016-05-04 | 国家电网公司 | Network safety situation awareness early-warning method and system based big data |
CN106101252A (en) * | 2016-07-01 | 2016-11-09 | 何钟柱 | Information Security Risk guard system based on big data and trust computing |
CN106789955A (en) * | 2016-11-30 | 2017-05-31 | 山东省计算中心(国家超级计算济南中心) | A kind of network security situation evaluating method |
CN107483438A (en) * | 2017-08-15 | 2017-12-15 | 山东华诺网络科技有限公司 | A kind of network security situation awareness early warning system and method based on big data |
Cited By (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111092786A (en) * | 2019-12-12 | 2020-05-01 | 中盈优创资讯科技有限公司 | Network equipment safety authentication service reliability enhancing system |
CN111092786B (en) * | 2019-12-12 | 2022-03-08 | 中盈优创资讯科技有限公司 | Network equipment safety authentication service reliability enhancing system |
CN111931164A (en) * | 2020-06-28 | 2020-11-13 | 航天信息股份有限公司 | Method and system for determining password security level |
CN112468443A (en) * | 2020-10-28 | 2021-03-09 | 南京代威科技有限公司 | Method and system for realizing optimization decision through big data situation analysis |
CN112380514A (en) * | 2020-11-13 | 2021-02-19 | 支付宝(杭州)信息技术有限公司 | Biological identification security situation prediction method and device and electronic equipment |
CN112738121A (en) * | 2020-12-30 | 2021-04-30 | 中国电子技术标准化研究院 | Password security situation awareness method, device, equipment and readable storage medium |
CN113411295A (en) * | 2021-05-07 | 2021-09-17 | 上海纽盾科技股份有限公司 | Role-based access control situation awareness defense method and system |
CN114362995A (en) * | 2021-11-30 | 2022-04-15 | 河南金盾信安检测评估中心有限公司 | Provincial domain password application security situation system |
CN116708208A (en) * | 2023-08-07 | 2023-09-05 | 山东慧贝行信息技术有限公司 | Network data transmission situation prediction method based on machine learning |
CN116708208B (en) * | 2023-08-07 | 2023-10-13 | 山东慧贝行信息技术有限公司 | Network data transmission situation prediction method based on machine learning |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108200045A (en) | Security Situation Awareness Systems and method | |
US10791141B2 (en) | Anonymized network data collection and network threat assessment and monitoring systems and methods | |
US11902321B2 (en) | Secure communication platform for a cybersecurity system | |
CN107239707B (en) | Threat data processing method for information system | |
Saxena et al. | General study of intrusion detection system and survey of agent based intrusion detection system | |
CN112398860A (en) | Safety control method and device | |
EP3341881A1 (en) | Predictive human behavioral analysis of psychometric features on a computer network | |
CN116881981B (en) | Digital signature system and method based on certificate | |
CN106779485B (en) | SOA architecture-based comprehensive management system and data processing method | |
CN116662989A (en) | Security data analysis method and system | |
WO2019220363A1 (en) | Creation and verification of behavioral baselines for the detection of cybersecurity anomalies using machine learning techniques | |
CN116030943A (en) | Big data intelligent operation and maintenance control system and method | |
CN116112194A (en) | User behavior analysis method and device, electronic equipment and computer storage medium | |
Skendžić et al. | Management and monitoring security events in a business organization-siem system | |
Henriques et al. | A survey on forensics and compliance auditing for critical infrastructure protection | |
Gupta et al. | Cyber security assessment education for E-governance systems | |
Coppolino et al. | Addressing security issues in the eheatlh domain relying on SIEM solutions | |
CN117220917A (en) | Network real-time monitoring method based on cloud computing | |
CN106790231A (en) | The generation method of security domain, device and safe operation and maintenance supervising system | |
CN113923036B (en) | Block chain information management method and device of continuous immune safety system | |
CN115499840A (en) | Security assessment system and method for mobile internet | |
Azmi Bin Mustafa Sulaiman et al. | SIEM Network Behaviour Monitoring Framework using Deep Learning Approach for Campus Network Infrastructure | |
Masduki et al. | Leverage intrusion detection system framework for cyber situational awareness system | |
Karunamurthy et al. | Human-in-the-Loop Intelligence: Advancing AI-Centric Cybersecurity for the Future | |
Tafazzoli et al. | Security operation center implementation on OpenStack |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WW01 | Invention patent application withdrawn after publication |
Application publication date: 20180622 |
|
WW01 | Invention patent application withdrawn after publication |