CN108965244A - A kind of Formal Safety Assessment method of network semi-automation - Google Patents
A kind of Formal Safety Assessment method of network semi-automation Download PDFInfo
- Publication number
- CN108965244A CN108965244A CN201810536427.1A CN201810536427A CN108965244A CN 108965244 A CN108965244 A CN 108965244A CN 201810536427 A CN201810536427 A CN 201810536427A CN 108965244 A CN108965244 A CN 108965244A
- Authority
- CN
- China
- Prior art keywords
- user
- safety
- security
- loophole
- assets
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/04—Processing captured monitoring data, e.g. for logfile generation
- H04L43/045—Processing captured monitoring data, e.g. for logfile generation for graphical visualisation of monitoring data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Abstract
A kind of Formal Safety Assessment method the present invention relates to network semi-automation includes: an input user information;Two creation projects;Three users fill in interview table progress safety and know the real situation;Four are tested automatically according to user information;Five pairs of safe interpretations of result and assessment marking include: loophole test report;Filter out user's irregularity content, existing security risk point and problem missing;Last output level protection security evaluation is reported and carries out visualization processing;The visual content includes: that user's gross assets are distributed, inventory, risk distribution, loophole number, security level, and problem shows;Different Asset Types sort out output and output level protection security evaluation report in step 5 by six to summarize for integration test report, and by integration test report output;Eight combine integration test report output, and visual user's assets security situation, from risk, fragility dimension scores to user, and generates corresponding solution by system.
Description
Technical field
The present invention relates to network security and apply security fields, specially a kind of Integral safety evaluation of network semi-automation
Method.
Background technique
Network security at present emerges one after another using the assets security appraisal procedures to user various in Safety Industry, such as
Grade protection, penetration testing, vulnerability scanning, baseline are verified, risk assessment etc..Each single item has its reapective features, all cannot be complete
Meets the needs of every profession and trade.Thus huge workload and Security Construction cost are brought, additionally due to every profession and trade safe practice people
Member's missing, peopleware are irregular.Newest network security demand cannot all be complied with.Therefore to make up this system problem,
We have proposed a kind of safety evaluation methods of comprehensive semi-automation.Human cost can be effectively saved in this way, avoided because of people
Member quality problem and influence security evaluation work.On the other hand the demand of every profession and trade, the completion of high-effect high-quality also be can satisfy
Security evaluation work.
Summary of the invention
1, technical problem to be solved:
The present invention proposes a kind of Formal Safety Assessment method of network semi-automation, can automatically generate user according to user information
Assets security situation, and corresponding solution is generated for the safety problem of user.It solves because of tester's technical level
Deficiency, test is sufficiently complete, has this method that can provide the testing scheme of complete set to the safe practitioner of a line, reduce
Cumbersome workflow improves safety test efficiency.And the appraisal procedure is most complete in current all security evaluation schemes
Face, high quality.It can satisfy the compliance and safety of industry requirement.
2, technical solution:
A kind of Formal Safety Assessment method of network semi-automation, comprising the following steps: step 1: input user information;It is described
User information includes user's industry, Subscriber Unit, system log, user security demand, user's assets information;Step 2: creation
Projects;Including establishing user, and formulate the user's according to the user security demand and Assets obtained in step 1
Recommend testing scheme;The recommendation testing scheme includes that safety is known the real situation, test is given a mark with safe interpretation of result and assessment automatically;
Step 3: the safety knows the real situation to send interview table and fill in user;The interview table includes: customer capital information, is
System number of users, system recognize mode, account password policy, fail-safe condition;And according to the content comprehensive descision filled according to
User safety protection measure, whether system security function perfect, and number of users is how much, authentication mode safety, put on record into
And obtain safe conclusion of knowing the real situation;The safety know the real situation conclusion content include: custom system security level, the user's is own
Assets whether drain sweep, the user gradation protection level, user use basic security strategy, the risk point of custom system, use
Family system tender spots;Step 4: the automatic test is to be tested automatically according to user information;The automatic test includes:
User's assets loophole is scanned, the host of user is scanned, to the scan database of subscriber's main station, to the middleware of host
Scanning scans the network equipment, scans to the safety equipment of user;Above-mentioned scanning relates generally to application layer loophole, weak passwurd,
The loophole that latest equipment or server occur;And sort out according to different Asset Types of the result of scanning to user defeated
Out;The classification output includes application system security test report, network equipment safety test report, database security test report
It accuses, middleware test report;Step 5: the safe interpretation of result and assessment marking include: first with vulnerability database to step
Loophole is scanned in four to be verified and export loophole test report;Secondly it is provided according to know the real situation situation and user of the safety in step 3
Production, which such as carries out at the guarantors, closes rule and compares, using loophole test report and collect come user's assets, filter out user's irregularity content, deposit
Security risk point and problem missing;Last output level protection security evaluation is reported and carries out visualization processing;It is described can
It include: the distribution of user's gross assets depending on changing content, inventory, risk distribution, loophole number, security level, problem shows;Step
Rapid six: the different Asset Types of user in step 4 being carried out to sort out output and output level protection security evaluation report in step 5
Announcement is summarized for integration test report, and by integration test report output;Step 8: in conjunction with integration test report output with can
Depending on changing the report of hierarchical protection security evaluation, from risk, fragility dimension scores to user, and is generated accordingly by system
Solution.
Further, when obtaining user information in step 1, open system is selected if client does not know itself assets
Search engine goes to excavate client's uncommitted assets automatically.
Further, the solution in step 8 includes facing viral Trojan attack solution;It is described to face virus
Trojan attack solution includes: to increase anti-virus software and product, periodically checks and accepts virus in system in time, apocrypha should not
It opens, the feasible proposals such as Strengthens network safety monitoring.
Further, the solution in step 8 includes the solution for application system there are security breaches;Institute
State for application system there are the solution of security breaches be according to specific loophole propose repair suggest;It is leaked if it is injection type
Hole repairs and suggests guaranteeing input legitimacy to require filtration parameter;If it is service logic loophole, repairs and suggest to require sternly
Lattice verify operation flow, prevent logic error;If it is system vulnerability, repairs and suggest to require timely upgrade patch, more
New plug-in unit.
3, the utility model has the advantages that
1) present invention can use system login and analyze all assets of user, and client is assisted to go to actively discover and some be negligent of pipe
The assets of reason.
2) by usually testing and just containing according to waiting requirement of guarantors fast and safely to know the real situation user in the present invention
The compliance inspection of guarantor, later period assessment can efficiently pass through.
3) vulnerability scanning work is completed in risk assessment in the present invention and under waiting guarantor basic, it can be from application system, behaviour
Make the various dimensions such as system, middleware and database and finds more safety problems.
4) visualization processing of the invention and corresponding solution, which generate to go wrong to user, provides effective reply
Method.
5) present invention is by penetration testing, risk assessment, hierarchical protection, vulnerability scanning, and a system such as baseline inspection is commented safely
Estimate work to combine together, and self selective is carried out according to customer demand.It can be more from completely assessing user's assets
Level is found the problem.
Detailed description of the invention
Fig. 1 is security evaluation basic flow chart of the invention;
Fig. 2 is the particular content of the automatic test in the present invention.
Specific embodiment
The present invention will be described with reference to the accompanying drawing.
As shown in attached drawing 1 and 2, a kind of Formal Safety Assessment method of network semi-automation, comprising the following steps: step
One: input user information;The user information includes user's industry, Subscriber Unit, system log, user security demand, user
Assets information;Step 2: creation projects;Including building according to the user security demand and Assets obtained in step 1
Vertical user, and formulate the recommendation testing scheme of the user;The recommendation testing scheme includes that safety is known the real situation, tested automatically and safety
Interpretation of result and assessment marking;Step 3: the safety knows the real situation to send interview table and fill in user;The interview table includes:
Customer capital information, system user quantity, system recognize mode, account password policy, fail-safe condition;And according to filling in
Hold comprehensive descision according to user safety protection measure, whether system security function is perfect, and how much is number of users, authentication mode safety
Property, it puts on record and then obtains safe conclusion of knowing the real situation;The safety know the real situation conclusion content include: custom system security level,
The uncommitted assets of the user whether drain sweep, the user gradation protection level, user use basic security strategy, user system
The risk point of system, custom system tender spots;Step 4: the automatic test is to be tested automatically according to user information;It is described
Automatic test includes: to be scanned to user's assets loophole, is scanned to the host of user, to the scan database of subscriber's main station,
Middleware scanning to host, scans the network equipment, scans to the safety equipment of user;Above-mentioned scanning relates generally to apply
The loophole that layer loophole, weak passwurd, latest equipment or server occur;And according to the result of scanning to the different assets of user
Type carries out classification output;The classification output includes application system security test report, network equipment safety test report, number
It is reported according to library safety test, middleware test report;Step 5: the safe interpretation of result and assessment marking include: sharp first
Scanning loophole in step 4 is verified with vulnerability database and exports loophole test report;Secondly it is touched according to the safety in step 3
Bottom situation and user's assets, which such as carry out at the guarantors, closes rule and compares, using loophole test report and collect come user's assets, filter out use
Family irregularity content, existing security risk point and problem missing;Last output level protection security evaluation is reported and carry out can
It is handled depending on change;The visual content includes: the distribution of user's gross assets, inventory, risk distribution, loophole number, safety
Grade, problem show;Step 6: the different Asset Types of user in step 4 are carried out to sort out output and output etc. in step 5
Grade protection security evaluation report is summarized for integration test report, and by integration test report output;Step 8: in conjunction with synthesis
Test report output, visual user's assets security situation, from risk, fragility dimension scores to user, and by being
System generates corresponding solution.
Although the present invention has been described by way of example and in terms of the preferred embodiments, they be not it is for the purpose of limiting the invention, it is any ripe
This those skilled in the art is practised, without departing from the spirit and scope of the invention, can make various changes or retouch from working as, therefore guarantor of the invention
Shield range should be subject to what claims hereof protection scope was defined.
Claims (4)
1. a kind of Formal Safety Assessment method of network semi-automation, comprising the following steps:
Step 1: input user information;The user information includes user's industry, and Subscriber Unit, system log, user security need to
It asks, user's assets information;
Step 2: creation projects;Including establishing and using according to the user security demand and Assets obtained in step 1
Family, and formulate the recommendation testing scheme of the user;The recommendation testing scheme includes that safety is known the real situation, tested and safe result automatically
Analysis and assessment marking;
Step 3: the safety knows the real situation to send interview table and fill in user;The interview table includes: customer capital information, is
System number of users, system recognize mode, account password policy, fail-safe condition;And according to the content comprehensive descision filled according to
User safety protection measure, whether system security function perfect, and number of users is how much, authentication mode safety, put on record into
And obtain safe conclusion of knowing the real situation;The safety know the real situation conclusion content include: custom system security level, the user's is own
Assets whether drain sweep, the user gradation protection level, user use basic security strategy, the risk point of custom system, use
Family system tender spots;
Step 4: the automatic test is to be tested automatically according to user information;The automatic test includes: to user's assets
Loophole is scanned, and is scanned to the host of user, to the scan database of subscriber's main station, is scanned to the middleware of host, to net
The scanning of network equipment scans the safety equipment of user;Above-mentioned scanning relates generally to application layer loophole, weak passwurd, latest equipment
Or the loophole that server occurs;And classification output is carried out according to different Asset Types of the result of scanning to user;It is described to return
Class output includes application system security test report, network equipment safety test report, database security test report, middleware
Test report;
Step 5: the safe interpretation of result and assessment marking include: first with vulnerability database in step 4 scan loophole into
Row is verified and exports loophole test report;Secondly situation is known the real situation according to the safety in step 3 and the guarantors such as user's assets carry out closes and advise
Compare, using loophole test report and collect come user's assets, filter out user's irregularity content, existing security risk point
It is lacked with problem;Simultaneously the report of In Grade protection security evaluation carries out at visualization for last output level protection security evaluation report
Reason;The visual content includes: that user's gross assets are distributed, inventory, risk distribution, loophole number, and security level is asked
Topic shows;
Step 6: the different Asset Types of user in step 4 are carried out to sort out output and output level protection safety in step 5
Test and evaluation report is summarized for integration test report, and by integration test report output;
Step 8: in conjunction with integration test report output and visualization hierarchical protection security evaluation report, from risk, fragility is only
Degree scores to user, and generates corresponding solution by system.
2. a kind of Formal Safety Assessment method of network semi-automation according to claim 1, it is characterised in that: step 1
When middle acquisition user information, open system search engine is selected if client does not know itself assets, goes to excavate client automatically
Uncommitted assets.
3. a kind of Formal Safety Assessment method of network semi-automation according to claim 1, it is characterised in that: step 8
In solution include face viral Trojan attack solution;It is described face viral Trojan attack solution include: increase
Add anti-virus software and product, periodically checking and accepting virus, apocrypha in system in time not open, Strengthens network safety monitoring etc.
Feasible proposal.
4. a kind of Formal Safety Assessment method of network semi-automation according to claim 1, it is characterised in that: step 8
In solution include solution for application system there are security breaches;It is described to there is safety leakage for application system
The solution in hole is to propose to repair according to specific loophole to suggest;If it is injection type loophole, repairs and suggest to require filtering ginseng
Number guarantees input legitimacy;If it is service logic loophole, repairs and suggest preventing to require stringent verification operation flow
Logic error;If it is system vulnerability: repairing and suggest updating plug-in unit to require timely upgrade patch.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810536427.1A CN108965244A (en) | 2018-05-30 | 2018-05-30 | A kind of Formal Safety Assessment method of network semi-automation |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810536427.1A CN108965244A (en) | 2018-05-30 | 2018-05-30 | A kind of Formal Safety Assessment method of network semi-automation |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108965244A true CN108965244A (en) | 2018-12-07 |
Family
ID=64492566
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810536427.1A Pending CN108965244A (en) | 2018-05-30 | 2018-05-30 | A kind of Formal Safety Assessment method of network semi-automation |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108965244A (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112100215A (en) * | 2020-09-08 | 2020-12-18 | 福建中信网安信息科技有限公司 | Protection progress inquiry system based on level protection integrated management platform |
CN113037766A (en) * | 2021-03-23 | 2021-06-25 | 中通服创发科技有限责任公司 | Comprehensive evaluation method for asset safety and health degree under multiple scenes |
CN113114647A (en) * | 2021-04-01 | 2021-07-13 | 海尔数字科技(青岛)有限公司 | Network security risk detection method and device, electronic equipment and storage medium |
CN117195183A (en) * | 2023-09-28 | 2023-12-08 | 四川赛闯检测股份有限公司 | Data security compliance risk assessment system |
-
2018
- 2018-05-30 CN CN201810536427.1A patent/CN108965244A/en active Pending
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112100215A (en) * | 2020-09-08 | 2020-12-18 | 福建中信网安信息科技有限公司 | Protection progress inquiry system based on level protection integrated management platform |
CN112100215B (en) * | 2020-09-08 | 2022-06-07 | 福建中信网安信息科技有限公司 | Protection progress query system based on comprehensive level protection management platform |
CN113037766A (en) * | 2021-03-23 | 2021-06-25 | 中通服创发科技有限责任公司 | Comprehensive evaluation method for asset safety and health degree under multiple scenes |
CN113114647A (en) * | 2021-04-01 | 2021-07-13 | 海尔数字科技(青岛)有限公司 | Network security risk detection method and device, electronic equipment and storage medium |
CN117195183A (en) * | 2023-09-28 | 2023-12-08 | 四川赛闯检测股份有限公司 | Data security compliance risk assessment system |
CN117195183B (en) * | 2023-09-28 | 2024-04-16 | 四川赛闯检测股份有限公司 | Data security compliance risk assessment system |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108965244A (en) | A kind of Formal Safety Assessment method of network semi-automation | |
CN104200167B (en) | Automate penetration testing method and system | |
US7260830B2 (en) | Method and apparatus for establishing a security policy, and method and apparatus for supporting establishment of security policy | |
US8256002B2 (en) | Tool, method and apparatus for assessing network security | |
US7840376B2 (en) | Risk-based design and maintenance systems and methods | |
CN106982194A (en) | Vulnerability scanning method and device | |
CN112182588B (en) | Threat information-based operating system vulnerability analysis and detection method and system | |
CN105975863A (en) | Method for evaluating and calculating information security risk of power distribution automation terminal equipment | |
Bayuk et al. | Measuring systems security | |
CN116842531B (en) | Code vaccine-based vulnerability real-time verification method, device, equipment and medium | |
CN116319099A (en) | Multi-terminal financial data management method and system | |
CN107689954A (en) | Power information system monitoring method and device | |
CN105740135B (en) | A kind of code audit method and apparatus | |
CN107301349A (en) | A kind of Access and control strategy of database method and system | |
CN107483410A (en) | Network safety managing method and device | |
KR100891345B1 (en) | Information security managment system supporting inter-mapping between each different information security index and method thereof | |
Valverde-Alulema et al. | Proposal of a framework of IT governance for public universities in Ecuador | |
CN102360485B (en) | Software method and system for incremental risk evaluation | |
CN106442870A (en) | On-line paper quality detection system and method | |
CN115795475A (en) | Method and device for determining software system risk and electronic equipment | |
CN113660227B (en) | Quantitative calculation method and device for network security vulnerability assessment | |
CN105939202A (en) | Method and device for managing life cycle of device | |
Kim et al. | A study on the impact analysis of security flaws between security controls: An empirical analysis of K-ISMS using case-control study | |
Sun et al. | Analysis of on-site evaluation methods of network security in the evaluation of information security level protection | |
Jekot et al. | IT risk assessment and penetration test: Comparative analysis of IT controls verification techniques |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20181207 |
|
WD01 | Invention patent application deemed withdrawn after publication |