CN108965244A - A kind of Formal Safety Assessment method of network semi-automation - Google Patents

A kind of Formal Safety Assessment method of network semi-automation Download PDF

Info

Publication number
CN108965244A
CN108965244A CN201810536427.1A CN201810536427A CN108965244A CN 108965244 A CN108965244 A CN 108965244A CN 201810536427 A CN201810536427 A CN 201810536427A CN 108965244 A CN108965244 A CN 108965244A
Authority
CN
China
Prior art keywords
user
safety
security
loophole
assets
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201810536427.1A
Other languages
Chinese (zh)
Inventor
吕翌澍
郭吴昊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jiangsu Anyou Heng Information Technology Co Ltd
Original Assignee
Jiangsu Anyou Heng Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jiangsu Anyou Heng Information Technology Co Ltd filed Critical Jiangsu Anyou Heng Information Technology Co Ltd
Priority to CN201810536427.1A priority Critical patent/CN108965244A/en
Publication of CN108965244A publication Critical patent/CN108965244A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/04Processing captured monitoring data, e.g. for logfile generation
    • H04L43/045Processing captured monitoring data, e.g. for logfile generation for graphical visualisation of monitoring data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/145Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Abstract

A kind of Formal Safety Assessment method the present invention relates to network semi-automation includes: an input user information;Two creation projects;Three users fill in interview table progress safety and know the real situation;Four are tested automatically according to user information;Five pairs of safe interpretations of result and assessment marking include: loophole test report;Filter out user's irregularity content, existing security risk point and problem missing;Last output level protection security evaluation is reported and carries out visualization processing;The visual content includes: that user's gross assets are distributed, inventory, risk distribution, loophole number, security level, and problem shows;Different Asset Types sort out output and output level protection security evaluation report in step 5 by six to summarize for integration test report, and by integration test report output;Eight combine integration test report output, and visual user's assets security situation, from risk, fragility dimension scores to user, and generates corresponding solution by system.

Description

A kind of Formal Safety Assessment method of network semi-automation
Technical field
The present invention relates to network security and apply security fields, specially a kind of Integral safety evaluation of network semi-automation Method.
Background technique
Network security at present emerges one after another using the assets security appraisal procedures to user various in Safety Industry, such as Grade protection, penetration testing, vulnerability scanning, baseline are verified, risk assessment etc..Each single item has its reapective features, all cannot be complete Meets the needs of every profession and trade.Thus huge workload and Security Construction cost are brought, additionally due to every profession and trade safe practice people Member's missing, peopleware are irregular.Newest network security demand cannot all be complied with.Therefore to make up this system problem, We have proposed a kind of safety evaluation methods of comprehensive semi-automation.Human cost can be effectively saved in this way, avoided because of people Member quality problem and influence security evaluation work.On the other hand the demand of every profession and trade, the completion of high-effect high-quality also be can satisfy Security evaluation work.
Summary of the invention
1, technical problem to be solved:
The present invention proposes a kind of Formal Safety Assessment method of network semi-automation, can automatically generate user according to user information Assets security situation, and corresponding solution is generated for the safety problem of user.It solves because of tester's technical level Deficiency, test is sufficiently complete, has this method that can provide the testing scheme of complete set to the safe practitioner of a line, reduce Cumbersome workflow improves safety test efficiency.And the appraisal procedure is most complete in current all security evaluation schemes Face, high quality.It can satisfy the compliance and safety of industry requirement.
2, technical solution:
A kind of Formal Safety Assessment method of network semi-automation, comprising the following steps: step 1: input user information;It is described User information includes user's industry, Subscriber Unit, system log, user security demand, user's assets information;Step 2: creation Projects;Including establishing user, and formulate the user's according to the user security demand and Assets obtained in step 1 Recommend testing scheme;The recommendation testing scheme includes that safety is known the real situation, test is given a mark with safe interpretation of result and assessment automatically;
Step 3: the safety knows the real situation to send interview table and fill in user;The interview table includes: customer capital information, is System number of users, system recognize mode, account password policy, fail-safe condition;And according to the content comprehensive descision filled according to User safety protection measure, whether system security function perfect, and number of users is how much, authentication mode safety, put on record into And obtain safe conclusion of knowing the real situation;The safety know the real situation conclusion content include: custom system security level, the user's is own Assets whether drain sweep, the user gradation protection level, user use basic security strategy, the risk point of custom system, use Family system tender spots;Step 4: the automatic test is to be tested automatically according to user information;The automatic test includes: User's assets loophole is scanned, the host of user is scanned, to the scan database of subscriber's main station, to the middleware of host Scanning scans the network equipment, scans to the safety equipment of user;Above-mentioned scanning relates generally to application layer loophole, weak passwurd, The loophole that latest equipment or server occur;And sort out according to different Asset Types of the result of scanning to user defeated Out;The classification output includes application system security test report, network equipment safety test report, database security test report It accuses, middleware test report;Step 5: the safe interpretation of result and assessment marking include: first with vulnerability database to step Loophole is scanned in four to be verified and export loophole test report;Secondly it is provided according to know the real situation situation and user of the safety in step 3 Production, which such as carries out at the guarantors, closes rule and compares, using loophole test report and collect come user's assets, filter out user's irregularity content, deposit Security risk point and problem missing;Last output level protection security evaluation is reported and carries out visualization processing;It is described can It include: the distribution of user's gross assets depending on changing content, inventory, risk distribution, loophole number, security level, problem shows;Step Rapid six: the different Asset Types of user in step 4 being carried out to sort out output and output level protection security evaluation report in step 5 Announcement is summarized for integration test report, and by integration test report output;Step 8: in conjunction with integration test report output with can Depending on changing the report of hierarchical protection security evaluation, from risk, fragility dimension scores to user, and is generated accordingly by system Solution.
Further, when obtaining user information in step 1, open system is selected if client does not know itself assets Search engine goes to excavate client's uncommitted assets automatically.
Further, the solution in step 8 includes facing viral Trojan attack solution;It is described to face virus Trojan attack solution includes: to increase anti-virus software and product, periodically checks and accepts virus in system in time, apocrypha should not It opens, the feasible proposals such as Strengthens network safety monitoring.
Further, the solution in step 8 includes the solution for application system there are security breaches;Institute State for application system there are the solution of security breaches be according to specific loophole propose repair suggest;It is leaked if it is injection type Hole repairs and suggests guaranteeing input legitimacy to require filtration parameter;If it is service logic loophole, repairs and suggest to require sternly Lattice verify operation flow, prevent logic error;If it is system vulnerability, repairs and suggest to require timely upgrade patch, more New plug-in unit.
3, the utility model has the advantages that
1) present invention can use system login and analyze all assets of user, and client is assisted to go to actively discover and some be negligent of pipe The assets of reason.
2) by usually testing and just containing according to waiting requirement of guarantors fast and safely to know the real situation user in the present invention The compliance inspection of guarantor, later period assessment can efficiently pass through.
3) vulnerability scanning work is completed in risk assessment in the present invention and under waiting guarantor basic, it can be from application system, behaviour Make the various dimensions such as system, middleware and database and finds more safety problems.
4) visualization processing of the invention and corresponding solution, which generate to go wrong to user, provides effective reply Method.
5) present invention is by penetration testing, risk assessment, hierarchical protection, vulnerability scanning, and a system such as baseline inspection is commented safely Estimate work to combine together, and self selective is carried out according to customer demand.It can be more from completely assessing user's assets Level is found the problem.
Detailed description of the invention
Fig. 1 is security evaluation basic flow chart of the invention;
Fig. 2 is the particular content of the automatic test in the present invention.
Specific embodiment
The present invention will be described with reference to the accompanying drawing.
As shown in attached drawing 1 and 2, a kind of Formal Safety Assessment method of network semi-automation, comprising the following steps: step One: input user information;The user information includes user's industry, Subscriber Unit, system log, user security demand, user Assets information;Step 2: creation projects;Including building according to the user security demand and Assets obtained in step 1 Vertical user, and formulate the recommendation testing scheme of the user;The recommendation testing scheme includes that safety is known the real situation, tested automatically and safety Interpretation of result and assessment marking;Step 3: the safety knows the real situation to send interview table and fill in user;The interview table includes: Customer capital information, system user quantity, system recognize mode, account password policy, fail-safe condition;And according to filling in Hold comprehensive descision according to user safety protection measure, whether system security function is perfect, and how much is number of users, authentication mode safety Property, it puts on record and then obtains safe conclusion of knowing the real situation;The safety know the real situation conclusion content include: custom system security level, The uncommitted assets of the user whether drain sweep, the user gradation protection level, user use basic security strategy, user system The risk point of system, custom system tender spots;Step 4: the automatic test is to be tested automatically according to user information;It is described Automatic test includes: to be scanned to user's assets loophole, is scanned to the host of user, to the scan database of subscriber's main station, Middleware scanning to host, scans the network equipment, scans to the safety equipment of user;Above-mentioned scanning relates generally to apply The loophole that layer loophole, weak passwurd, latest equipment or server occur;And according to the result of scanning to the different assets of user Type carries out classification output;The classification output includes application system security test report, network equipment safety test report, number It is reported according to library safety test, middleware test report;Step 5: the safe interpretation of result and assessment marking include: sharp first Scanning loophole in step 4 is verified with vulnerability database and exports loophole test report;Secondly it is touched according to the safety in step 3 Bottom situation and user's assets, which such as carry out at the guarantors, closes rule and compares, using loophole test report and collect come user's assets, filter out use Family irregularity content, existing security risk point and problem missing;Last output level protection security evaluation is reported and carry out can It is handled depending on change;The visual content includes: the distribution of user's gross assets, inventory, risk distribution, loophole number, safety Grade, problem show;Step 6: the different Asset Types of user in step 4 are carried out to sort out output and output etc. in step 5 Grade protection security evaluation report is summarized for integration test report, and by integration test report output;Step 8: in conjunction with synthesis Test report output, visual user's assets security situation, from risk, fragility dimension scores to user, and by being System generates corresponding solution.
Although the present invention has been described by way of example and in terms of the preferred embodiments, they be not it is for the purpose of limiting the invention, it is any ripe This those skilled in the art is practised, without departing from the spirit and scope of the invention, can make various changes or retouch from working as, therefore guarantor of the invention Shield range should be subject to what claims hereof protection scope was defined.

Claims (4)

1. a kind of Formal Safety Assessment method of network semi-automation, comprising the following steps:
Step 1: input user information;The user information includes user's industry, and Subscriber Unit, system log, user security need to It asks, user's assets information;
Step 2: creation projects;Including establishing and using according to the user security demand and Assets obtained in step 1 Family, and formulate the recommendation testing scheme of the user;The recommendation testing scheme includes that safety is known the real situation, tested and safe result automatically Analysis and assessment marking;
Step 3: the safety knows the real situation to send interview table and fill in user;The interview table includes: customer capital information, is System number of users, system recognize mode, account password policy, fail-safe condition;And according to the content comprehensive descision filled according to User safety protection measure, whether system security function perfect, and number of users is how much, authentication mode safety, put on record into And obtain safe conclusion of knowing the real situation;The safety know the real situation conclusion content include: custom system security level, the user's is own Assets whether drain sweep, the user gradation protection level, user use basic security strategy, the risk point of custom system, use Family system tender spots;
Step 4: the automatic test is to be tested automatically according to user information;The automatic test includes: to user's assets Loophole is scanned, and is scanned to the host of user, to the scan database of subscriber's main station, is scanned to the middleware of host, to net The scanning of network equipment scans the safety equipment of user;Above-mentioned scanning relates generally to application layer loophole, weak passwurd, latest equipment Or the loophole that server occurs;And classification output is carried out according to different Asset Types of the result of scanning to user;It is described to return Class output includes application system security test report, network equipment safety test report, database security test report, middleware Test report;
Step 5: the safe interpretation of result and assessment marking include: first with vulnerability database in step 4 scan loophole into Row is verified and exports loophole test report;Secondly situation is known the real situation according to the safety in step 3 and the guarantors such as user's assets carry out closes and advise Compare, using loophole test report and collect come user's assets, filter out user's irregularity content, existing security risk point It is lacked with problem;Simultaneously the report of In Grade protection security evaluation carries out at visualization for last output level protection security evaluation report Reason;The visual content includes: that user's gross assets are distributed, inventory, risk distribution, loophole number, and security level is asked Topic shows;
Step 6: the different Asset Types of user in step 4 are carried out to sort out output and output level protection safety in step 5 Test and evaluation report is summarized for integration test report, and by integration test report output;
Step 8: in conjunction with integration test report output and visualization hierarchical protection security evaluation report, from risk, fragility is only Degree scores to user, and generates corresponding solution by system.
2. a kind of Formal Safety Assessment method of network semi-automation according to claim 1, it is characterised in that: step 1 When middle acquisition user information, open system search engine is selected if client does not know itself assets, goes to excavate client automatically Uncommitted assets.
3. a kind of Formal Safety Assessment method of network semi-automation according to claim 1, it is characterised in that: step 8 In solution include face viral Trojan attack solution;It is described face viral Trojan attack solution include: increase Add anti-virus software and product, periodically checking and accepting virus, apocrypha in system in time not open, Strengthens network safety monitoring etc. Feasible proposal.
4. a kind of Formal Safety Assessment method of network semi-automation according to claim 1, it is characterised in that: step 8 In solution include solution for application system there are security breaches;It is described to there is safety leakage for application system The solution in hole is to propose to repair according to specific loophole to suggest;If it is injection type loophole, repairs and suggest to require filtering ginseng Number guarantees input legitimacy;If it is service logic loophole, repairs and suggest preventing to require stringent verification operation flow Logic error;If it is system vulnerability: repairing and suggest updating plug-in unit to require timely upgrade patch.
CN201810536427.1A 2018-05-30 2018-05-30 A kind of Formal Safety Assessment method of network semi-automation Pending CN108965244A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810536427.1A CN108965244A (en) 2018-05-30 2018-05-30 A kind of Formal Safety Assessment method of network semi-automation

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810536427.1A CN108965244A (en) 2018-05-30 2018-05-30 A kind of Formal Safety Assessment method of network semi-automation

Publications (1)

Publication Number Publication Date
CN108965244A true CN108965244A (en) 2018-12-07

Family

ID=64492566

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810536427.1A Pending CN108965244A (en) 2018-05-30 2018-05-30 A kind of Formal Safety Assessment method of network semi-automation

Country Status (1)

Country Link
CN (1) CN108965244A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112100215A (en) * 2020-09-08 2020-12-18 福建中信网安信息科技有限公司 Protection progress inquiry system based on level protection integrated management platform
CN113037766A (en) * 2021-03-23 2021-06-25 中通服创发科技有限责任公司 Comprehensive evaluation method for asset safety and health degree under multiple scenes
CN113114647A (en) * 2021-04-01 2021-07-13 海尔数字科技(青岛)有限公司 Network security risk detection method and device, electronic equipment and storage medium
CN117195183A (en) * 2023-09-28 2023-12-08 四川赛闯检测股份有限公司 Data security compliance risk assessment system

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112100215A (en) * 2020-09-08 2020-12-18 福建中信网安信息科技有限公司 Protection progress inquiry system based on level protection integrated management platform
CN112100215B (en) * 2020-09-08 2022-06-07 福建中信网安信息科技有限公司 Protection progress query system based on comprehensive level protection management platform
CN113037766A (en) * 2021-03-23 2021-06-25 中通服创发科技有限责任公司 Comprehensive evaluation method for asset safety and health degree under multiple scenes
CN113114647A (en) * 2021-04-01 2021-07-13 海尔数字科技(青岛)有限公司 Network security risk detection method and device, electronic equipment and storage medium
CN117195183A (en) * 2023-09-28 2023-12-08 四川赛闯检测股份有限公司 Data security compliance risk assessment system
CN117195183B (en) * 2023-09-28 2024-04-16 四川赛闯检测股份有限公司 Data security compliance risk assessment system

Similar Documents

Publication Publication Date Title
CN108965244A (en) A kind of Formal Safety Assessment method of network semi-automation
CN104200167B (en) Automate penetration testing method and system
US7260830B2 (en) Method and apparatus for establishing a security policy, and method and apparatus for supporting establishment of security policy
US8256002B2 (en) Tool, method and apparatus for assessing network security
US7840376B2 (en) Risk-based design and maintenance systems and methods
CN106982194A (en) Vulnerability scanning method and device
CN112182588B (en) Threat information-based operating system vulnerability analysis and detection method and system
CN105975863A (en) Method for evaluating and calculating information security risk of power distribution automation terminal equipment
Bayuk et al. Measuring systems security
CN116842531B (en) Code vaccine-based vulnerability real-time verification method, device, equipment and medium
CN116319099A (en) Multi-terminal financial data management method and system
CN107689954A (en) Power information system monitoring method and device
CN105740135B (en) A kind of code audit method and apparatus
CN107301349A (en) A kind of Access and control strategy of database method and system
CN107483410A (en) Network safety managing method and device
KR100891345B1 (en) Information security managment system supporting inter-mapping between each different information security index and method thereof
Valverde-Alulema et al. Proposal of a framework of IT governance for public universities in Ecuador
CN102360485B (en) Software method and system for incremental risk evaluation
CN106442870A (en) On-line paper quality detection system and method
CN115795475A (en) Method and device for determining software system risk and electronic equipment
CN113660227B (en) Quantitative calculation method and device for network security vulnerability assessment
CN105939202A (en) Method and device for managing life cycle of device
Kim et al. A study on the impact analysis of security flaws between security controls: An empirical analysis of K-ISMS using case-control study
Sun et al. Analysis of on-site evaluation methods of network security in the evaluation of information security level protection
Jekot et al. IT risk assessment and penetration test: Comparative analysis of IT controls verification techniques

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20181207

WD01 Invention patent application deemed withdrawn after publication