CN109948342A - A kind of Information Security Management System - Google Patents
A kind of Information Security Management System Download PDFInfo
- Publication number
- CN109948342A CN109948342A CN201910164799.0A CN201910164799A CN109948342A CN 109948342 A CN109948342 A CN 109948342A CN 201910164799 A CN201910164799 A CN 201910164799A CN 109948342 A CN109948342 A CN 109948342A
- Authority
- CN
- China
- Prior art keywords
- module
- information
- risk
- electrically connected
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The present invention relates to information security management technical fields, especially a kind of Information Security Management System, including information access module, the information access module is by being electrically connected with information scanning module, the information scanning module has anti-viral detection module by network connection, the anti-viral detection module is by being electrically connected risky precognition unit, the risk precognition unit is by being electrically connected with server admin center, information access module is for accessing external information data, the external information data that information scanning module is used to access information access module carry out entire scan, and carry out record monitoring, anti-viral detection module is used to detect in the information data of scanning whether be covered with virus, risk predicts the degree of risk that unit is used for discriminant information data.Information security management effect of the present invention is good, can reveal to avoid the important information of enterprises, while can also prevent attack of the virus to company information, has double protection functions.
Description
Technical field
The present invention relates to information security management technical field more particularly to a kind of Information Security Management System.
Background technique
With the rapid development of computer technology, the deep application of information system at home and abroad each enterprise, each enterprise is to letter
The dependence of breath system is increasingly enhanced, this has saved the time to a certain extent, improves work efficiency;But things is all
It is bifacial, while it brings quick and easy for our life and work, also give many security risks of our brings.
Such as the privacy of user may be gone beyond one's commission due to the flaw of system or the attack of someone's malice or householder and illegal use number
It is stolen according to library etc..To propose a kind of Information Security Management System.
Summary of the invention
The purpose of the present invention is to solve exist in the prior art user information be easy leakage the shortcomings that, and propose one
Kind Information Security Management System.
To achieve the goals above, present invention employs following technical solutions:
A kind of Information Security Management System, including information access module are designed, the information access module is by being electrically connected with
Information scanning module, the information scanning module have anti-viral detection module by network connection, and the anti-viral detection module passes through
It is electrically connected risky precognition unit, the risk precognition unit is by being electrically connected with server admin center, information access
Module is carried out for accessing external information data, the external information data that information scanning module is used to access information access module
Entire scan, and record monitoring is carried out, anti-viral detection module is used to detect in the information data of scanning whether be covered with virus, wind
Danger precognition unit is used for the degree of risk of discriminant information data, avoids unnecessary loss, the server admin center
By being electrically connected separately with storage unit, server admin unit and quick response unit, storage unit is for storing information
Data, server admin unit for management server information management safety, quick response unit can to risk status into
Row quickly disposition, the safety of enhancement information.
Preferably, the risk precognition unit includes risk identification module, the anti-viral detection module and risk identification mould
By being electrically connected between block, and the risk identification module is by being electrically connected with risk evaluation module, the risk assessment
For module by being electrically connected separately with risk transfer module and information analysis module, the risk transfer module passes through electric connection
Have an information isolation module, the information analysis module by being electrically connected with information categorization module, the information categorization module with
Service managerZ-HU is electrically connected, risk identification module be used to before risk accidents generation identify the various risks that are faced and
The potential factor that risk accidents occur is analyzed, risk evaluation module is used to quantify the possibility of the influence of assessment risk bring or loss
Degree, risk transfer module is for the excessively high rear progress data transfer of risk evaluation module assessment information data risk, information isolation
The information data that module can shift risk transfer module is isolated, and avoids information access module from accessing again, information
Analysis module is for analyzing the secure data after risk assessment, and use information categorization module is by Information Number after analysis
According to classifying, convenient for management.
Preferably, the storage unit includes Primary database, and the Primary database and server admin center are electrical
Connection, and the Primary database passes through electric connection by being electrically connected with information shift module, the information shift module
There are second databases, Primary database can store the security information data of access, and information shift module can be one
Its internal information data is quickly transferred to inside second databases when grade database is encroached on, effectively improves information
The safety of data.
Preferably, the Primary database monitors mould by being electrically connected separately with information encrypting module and information state
Block, information encrypting module are used to carry out encryption protection to the information data inside Primary database, and information data is avoided to let out
Reveal phenomenon, information state monitoring module is used to monitor the situation of information data inside Primary database, avoid data information by
To infringement.
Preferably, the server admin unit include server backup module, server group policy implement module and
Server security auditing module, the server backup module include database backup module and system software backup module, institute
Stating server security auditing module includes that patch installation module, log analysis module and security breaches detection module, server are standby
Part module can by inside storage unit information data and system software back up, avoid the occurrence of Loss, service
Device group policy implements module for tissue and implements order, increases the timeliness of operation, server security auditing module for pair
The loophole and risk of system itself are analyzed, audited and are detected, while voluntarily carrying out patch installation, effectively increase server pipe
The safety at reason center.
Preferably, the quick response unit includes intrusion prevention module and alarm module, the intrusion prevention module and
By being electrically commonly connected on server admin center, the alarm module is fed back alarm module by being electrically connected with information
Module, the information feedback module have wireless communication module by network connection, and the wireless communication module passes through network connection
There is mobile terminal, there is remote control module in the mobile terminal by being connected to the network, in the remote control module and server admin
By network connection between the heart, intrusion prevention module can voluntarily be prevented when server admin center is by external aggression
It is imperial, while alarm module feeds back the signal of invasion to mobile terminal by information feedback module and wireless communication module, causes work
Make personnel and server admin center is controlled using remote control module.
Preferably, the wireless communication module includes WiFi communication module, 4G communication module, 3G communication module and 2G communication
Module, by a variety of communication modules ensure that dtr signal can free switching, thus increase data transmission stability.
Preferably, the server admin center is electrically connected with sharp eyes Data Audit unit, sharp eyes Data Audit unit
It can be operated by the daily behavior of employee, generate corresponding trend chart, company manager is allowed to learn enterprise in time
There is which sensitive document, there is which employee to possess sensitive text and have and screenshotss, compression, copy and outgoing have been done to sensitive document disobey
Rule operation.
A kind of Information Security Management System proposed by the present invention, beneficial effect are: unit is predicted by risk, so as to
Risk-assessment is carried out with the information data for being accessed information access module, avoids risk information data to server admin
Center causes to damage, and by quick response unit, so as to timely be disposed to risk, effectively improves information data
Safety.Information security management effect of the present invention is good, can reveal to avoid the important information of enterprises, while can also prevent
Only attack of the virus to company information has double protection functions.
Detailed description of the invention
Fig. 1 is a kind of structural schematic diagram of Information Security Management System proposed by the present invention;
Fig. 2 is a kind of wireless communication module structural schematic diagram of Information Security Management System proposed by the present invention.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.
Referring to Fig.1-2, a kind of Information Security Management System, including information access module, information access module pass through electrical property
It is connected with information scanning module, information scanning module has anti-viral detection module by network connection, and anti-viral detection module passes through electricity
Property the risky precognition unit of connection, risk predicts unit and used by being electrically connected with server admin center, information access module
In access external information data, information scanning module is used to the external information data that information access module accesses carrying out whole sweep
It retouches, and carries out record monitoring, anti-viral detection module is used to detect whether be covered with virus in the information data of scanning, risk precognition
Unit is used for the degree of risk of discriminant information data, avoids unnecessary loss, server admin center is by electrically dividing
It is not connected with storage unit, server admin unit and quick response unit, storage unit is for storing information data, server
Information management safety of the administrative unit for management server, quick response unit can quickly dispose risk status,
The safety of enhancement information.
It includes risk identification module that risk, which predicts unit, by electrically connecting between anti-viral detection module and risk identification module
It connects, and risk identification module, by being electrically connected with risk evaluation module, risk evaluation module is by being electrically connected separately with wind
Dangerous shift module and information analysis module, risk transfer module is by being electrically connected with information isolation module, information analysis module
By being electrically connected with information categorization module, information categorization module and service managerZ-HU are electrically connected, and risk identification module is used for
The potential factor that the various risks faced and analysis risk accidents occur, risk assessment are identified before risk accidents generation
Module is used to quantify the possibility degree that assessment risk bring is influenced or lost, and risk transfer module is commented for risk evaluation module
Estimate the excessively high rear progress data transfer of information data risk, information isolation module can be to the Information Number that risk transfer module is shifted
According to being isolated, information access module is avoided to access again, information analysis module be used for the secure data after risk assessment into
Row analysis, use information categorization module classifies information data after analysis, convenient for management.
Storage unit includes Primary database, and Primary database and server admin center are electrically connected, and level one data
Library is by being electrically connected with information shift module, and information shift module is by being electrically connected with second databases, Primary database
The security information data of access can be stored, information shift module can will be in it when Primary database is encroached on
The information data in portion is quickly transferred to inside second databases, the effective safety for improving information data.
Primary database encrypts mould by being electrically connected separately with information encrypting module and information state monitoring module, information
Block is used to carry out encryption protection to the information data inside Primary database, and information data is avoided leakage phenomenon, information shape occur
State monitoring module is used to monitor the situation of the information data inside Primary database, and data information is avoided to be encroached on.
Server admin unit includes server backup module, server group policy implements module and server security is examined
Core module, server backup module include database backup module and system software backup module, server security auditing module
It can be by storage unit including patch installation module, log analysis module and security breaches detection module, server backup module
Internal information data and system software is backed up, and Loss is avoided the occurrence of, and server group policy is implemented module and is used for
Tissue and implementation order, increase the timeliness of operation, and server security auditing module is used for loophole and risk to system itself
It analyzed, audited and is detected, while voluntarily carrying out patch installation, effectively increase the safety at server admin center.
Quick response unit includes intrusion prevention module and alarm module, and intrusion prevention module and alarm module pass through electrical property
It is commonly connected on server admin center, for alarm module by being electrically connected with information feedback module, information feedback module is logical
Crossing network connection has a wireless communication module, wireless communication module include WiFi communication module, 4G communication module, 3G communication module and
2G communication module, by a variety of communication modules ensure that dtr signal can free switching, thus increase data transmission
Stability, wireless communication module have mobile terminal by network connection, and there is remote control module in mobile terminal by network connection, remotely
Between control module and server admin center by network connection, intrusion prevention module can server admin center by
It is voluntarily on the defensive when external aggression, while the signal of invasion is passed through information feedback module and wireless communication module by alarm module
It feeds back to mobile terminal, staff is caused to control using remote control module server admin center.
Server admin center is electrically connected with sharp eyes Data Audit unit, and sharp eyes Data Audit unit can pass through employee
Daily behavior operation, generates corresponding trend chart, and company manager is allowed to learn which sensitive text enterprise has in time
Part, having which employee to possess sensitive text has the violation operation that screenshotss, compression, copy and outgoing have been done to sensitive document.
The foregoing is only a preferred embodiment of the present invention, but scope of protection of the present invention is not limited thereto,
Anyone skilled in the art in the technical scope disclosed by the present invention, according to the technique and scheme of the present invention and its
Inventive concept is subject to equivalent substitution or change, should be covered by the protection scope of the present invention.
Claims (8)
1. a kind of Information Security Management System, including information access module, which is characterized in that the information access module passes through electricity
Property be connected with information scanning module, the information scanning module has anti-viral detection module, the viral diagnosis by network connection
Module by being electrically connected risky precognition unit, the risk precognition unit by being electrically connected with server admin center,
Information access module is used for the external information for accessing information access module for accessing external information data, information scanning module
Data carry out entire scan, and carry out record monitoring, and anti-viral detection module is used to detect whether cover in the information data of scanning
There is virus, risk predicts the degree of risk that unit is used for discriminant information data, avoids unnecessary loss, the server
Administrative center is used for by being electrically connected separately with storage unit, server admin unit and quick response unit, storage unit
Information data is stored, information management safety of the server admin unit for management server, quick response unit can be to wind
Dangerous situation is quickly disposed, the safety of enhancement information.
2. a kind of Information Security Management System according to claim 1, which is characterized in that the risk predicts unit and includes
Risk identification module, by being electrically connected between the anti-viral detection module and risk identification module, and the risk identification mould
Block by being electrically connected with risk evaluation module, the risk evaluation module by be electrically connected separately with risk transfer module and
Information analysis module, the risk transfer module are passed through by being electrically connected with information isolation module, the information analysis module
It is electrically connected with information categorization module, the information categorization module and service managerZ-HU are electrically connected, and risk identification module is used for
The potential factor that the various risks faced and analysis risk accidents occur, risk assessment are identified before risk accidents generation
Module is used to quantify the possibility degree that assessment risk bring is influenced or lost, and risk transfer module is commented for risk evaluation module
Estimate the excessively high rear progress data transfer of information data risk, information isolation module can be to the Information Number that risk transfer module is shifted
According to being isolated, information access module is avoided to access again, information analysis module be used for the secure data after risk assessment into
Row analysis, use information categorization module classifies information data after analysis, convenient for management.
3. a kind of Information Security Management System according to claim 1, which is characterized in that the storage unit includes level-one
Database, the Primary database and server admin center are electrically connected, and the Primary database is by being electrically connected with
Information shift module, the information shift module can be to accesses by being electrically connected with second databases, Primary database
Security information data are stored, and information shift module can be when Primary database be encroached on by the information data inside it
It is quickly transferred to inside second databases, the effective safety for improving information data.
4. a kind of Information Security Management System according to claim 3, which is characterized in that the Primary database passes through electricity
Property be connected separately with information encrypting module and information state monitoring module, information encrypting module is used for inside to Primary database
Information data carries out encryption protection, avoids information data from leakage phenomenon occur, information state monitoring module is for monitoring a series
According to the situation of the information data inside library, data information is avoided to be encroached on.
5. a kind of Information Security Management System according to claim 1, which is characterized in that the server admin unit packet
Include server backup module, server group policy implements module and server security auditing module, the server backup mould
Block includes database backup module and system software backup module, and the server security auditing module includes patch installation mould
Block, log analysis module and security breaches detection module, server backup module can be by the information datas inside storage unit
And system software is backed up, and Loss is avoided the occurrence of, server group policy implements module for tissue and implements order,
Increase operation timeliness, server security auditing module for the loophole and risk of system itself are analyzed, audit and
Detection, while patch installation is voluntarily carried out, effectively increase the safety at server admin center.
6. a kind of Information Security Management System according to claim 1, which is characterized in that the quick response unit includes
Intrusion prevention module and alarm module, the intrusion prevention module and alarm module are by being electrically commonly connected to server admin
On center, the alarm module has by being electrically connected with information feedback module, the information feedback module by network connection
Wireless communication module, the wireless communication module have mobile terminal by network connection, and the mobile terminal has remote by network connection
Process control module, by network connection between the remote control module and server admin center, intrusion prevention module can be with
It is voluntarily on the defensive when server admin center is by external aggression, while alarm module is anti-by information by the signal of invasion
Module and wireless communication module feedback are presented to mobile terminal, causes staff using remote control module to server admin center
It is controlled.
7. a kind of Information Security Management System according to claim 6, which is characterized in that the wireless communication module includes
WiFi communication module, 4G communication module, 3G communication module and 2G communication module, by a variety of communication modules ensure that signal compared with
Difference can free switching, thus increase data transmission stability.
8. a kind of Information Security Management System according to claim 1, which is characterized in that electrocardio in the server admin
Property be connected with sharp eyes Data Audit unit, sharp eyes Data Audit unit can be operated by the daily behavior of employee, be generated corresponding
Trend chart, allow company manager to learn which sensitive document enterprise has in time, there is which employee to possess sensitivity
Text has the violation operation that screenshotss, compression, copy and outgoing have been done to sensitive document.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910164799.0A CN109948342A (en) | 2019-03-05 | 2019-03-05 | A kind of Information Security Management System |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910164799.0A CN109948342A (en) | 2019-03-05 | 2019-03-05 | A kind of Information Security Management System |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109948342A true CN109948342A (en) | 2019-06-28 |
Family
ID=67008600
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910164799.0A Withdrawn CN109948342A (en) | 2019-03-05 | 2019-03-05 | A kind of Information Security Management System |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109948342A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111680278A (en) * | 2020-05-20 | 2020-09-18 | 青岛黄海学院 | Computer information security management system |
| CN112597462A (en) * | 2020-12-30 | 2021-04-02 | 上海磐御网络科技有限公司 | Industrial network safety system |
| CN112866231A (en) * | 2021-01-13 | 2021-05-28 | 南方电网数字电网研究院有限公司 | Information security operation remote situation sensing system |
-
2019
- 2019-03-05 CN CN201910164799.0A patent/CN109948342A/en not_active Withdrawn
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111680278A (en) * | 2020-05-20 | 2020-09-18 | 青岛黄海学院 | Computer information security management system |
| CN112597462A (en) * | 2020-12-30 | 2021-04-02 | 上海磐御网络科技有限公司 | Industrial network safety system |
| CN112866231A (en) * | 2021-01-13 | 2021-05-28 | 南方电网数字电网研究院有限公司 | Information security operation remote situation sensing system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN114584405B (en) | Electric power terminal safety protection method and system | |
| CN112560027A (en) | Data safety monitoring system | |
| CN109948342A (en) | A kind of Information Security Management System | |
| CN103391216A (en) | Alarm and blocking method for illegal external connections | |
| CN112039862A (en) | Multi-dimensional stereo network-oriented security event early warning method | |
| Suduc et al. | Audit for information systems security | |
| CN109934010A (en) | A kind of computer information safe stocking system | |
| Martins et al. | Specialized CSIRT for incident response management in smart grids | |
| CN102184371B (en) | Detecting method and system for database operation authority of SQL (Structured Query Language) | |
| Rekik et al. | A cyber-physical threat analysis for microgrids | |
| Choi et al. | Study on information security sharing system among the industrial IoT service and product provider | |
| CN110826094A (en) | Information leakage monitoring method and device | |
| Jin et al. | Architecture for data collection in database intrusion detection systems | |
| Liu et al. | A framework for database auditing | |
| CN112887288B (en) | Internet-based E-commerce platform intrusion detection front-end computer scanning system | |
| Xiang et al. | Network Intrusion Detection Method for Secondary System of Intelligent Substation based on Semantic Enhancement | |
| Efe et al. | It security trends for e-government threats | |
| Mithu et al. | Secure industrial control system with intrusion detection | |
| Kornyo et al. | Enhancing AMI network security with STI model: A mathematical perspective | |
| Tian et al. | A cybersecurity risk assessment method and its application for instrumentation and control systems in nuclear power plants | |
| Zhang et al. | [Retracted] Anomaly Intrusion Detection of Wireless Communication Network‐Based on Markov Chain Model | |
| CN118445840A (en) | Database sensitive data leakage protection method and device | |
| Wang | Design of Intelligent Operation and Maintenance System for Information Security Based on Web | |
| Liu | Research on computer network information security management and protection strategy | |
| Jingbo | Research on Computer Network Information Security Protection Strategy and Evaluation Algorithm Based on Fuzzy Clustering |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WW01 | Invention patent application withdrawn after publication |
Application publication date: 20190628 |
|
| WW01 | Invention patent application withdrawn after publication |