CN111556063A - Information safety reporting system based on intranet - Google Patents

Information safety reporting system based on intranet Download PDF

Info

Publication number
CN111556063A
CN111556063A CN202010372809.2A CN202010372809A CN111556063A CN 111556063 A CN111556063 A CN 111556063A CN 202010372809 A CN202010372809 A CN 202010372809A CN 111556063 A CN111556063 A CN 111556063A
Authority
CN
China
Prior art keywords
information
intranet
backup
network
security
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010372809.2A
Other languages
Chinese (zh)
Inventor
窦立君
顾炜江
潘卿
景璐璐
董薇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nanjing Forestry University
Original Assignee
Nanjing Forestry University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanjing Forestry University filed Critical Nanjing Forestry University
Priority to CN202010372809.2A priority Critical patent/CN111556063A/en
Publication of CN111556063A publication Critical patent/CN111556063A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0272Virtual private networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1095Replication or mirroring of data, e.g. scheduling or transport for data synchronisation between network nodes

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses an information safety reporting system based on an intranet, which comprises an information access end, an information channel end, an information backup end, a service access end and an information broadcasting end, wherein the information access end is used for receiving information; the information access end is used for acquiring and accessing external information and performing format conversion; the information channel end is used for transmitting and encrypting information; the information backup terminal backs up and encrypts the information; the service access terminal decrypts and displays the information; the information broadcasting end broadcasts information, the information broadcasting system is scientific and reasonable in structure and safe and convenient to use, information is encrypted conveniently based on intranet information transmission, intrusion detection is conducted on the input end, level protection measures are defined, safety domains are divided reasonably, physical boundaries and logic boundaries of the safety domains are determined, trust relationships among different safety domains are defined, safety is improved greatly, and interference of external information is prevented.

Description

Information safety reporting system based on intranet
Technical Field
The invention relates to the technical field of information safety, in particular to an information safety reporting system based on an intranet.
Background
Two aspects are involved for network security: on one hand, physical security refers to protection of tangible objects such as communication, computer equipment and related facilities in a network system, so that the tangible objects are protected from being wetted by rainwater, and on the other hand, the physical security and the logical security are very important, which is generally called logical security, including information integrity, confidentiality, availability and the like, and on the other hand, the network security is affected under the condition of no protection on any one hand, so that the network security must be reasonably arranged when the network security is protected, and the two aspects are considered;
however, the information security reporting system based on the intranet in the current market is not confidential enough for information transmission of the intranet, and along with the development of the intranet, the number of users is increased, so that data maintenance is difficult, and the security of information backup is not ideal.
Disclosure of Invention
The invention provides an information safety reporting system based on an intranet, which can effectively solve the problems that the information transmission of the intranet is not confidential, the number of users is increased along with the development of the intranet, the data maintenance is difficult, and the safety of information backup is not ideal in the prior art which provides the information safety reporting system based on the intranet on the market at present.
In order to achieve the purpose, the invention provides the following technical scheme: an information safety reporting system based on an intranet comprises an information access end, an information channel end, an information backup end, a service access end and an information broadcasting end;
the information access end is used for acquiring and accessing external information and performing format conversion;
the information channel end is used for transmitting and encrypting information;
the information backup terminal backs up and encrypts the information;
the service access terminal decrypts and displays the information;
the information broadcasting end broadcasts information.
According to the technical scheme, the information access end collects information through a network, a data transmission device and manual input, and only managers have access qualification and an intrusion detection system;
the intrusion detection system defines level protection measures, reasonably divides security domains, determines physical boundaries and logical boundaries of the security domains, defines trust relationships among different security domains, establishes effective access control measures at network boundaries of the security domains, implements data source hiding to the maximum extent through the security domains, and performs structured and deepened regional defense to prevent and resist various network attacks, thereby ensuring continuous, stable and reliable operation of each network system of the information system.
According to the technical scheme, the information access end converts the format of the external network data into the format required by broadcasting, the video is in the RMVB format, the audio is in the MP3 format, and the picture is in the JPG format.
According to the technical scheme, the information channel end encrypts data according to actual conditions, and can establish a temporary and safe connection through a public network, so that a virtual private line for realizing safe communication between internal networks is used for economically and effectively connecting to a safe extranet virtual private network.
According to the technical scheme, the information backup terminal encrypts the information in a whole manner and performs backup, wherein the backup is divided into network backup and hard disk backup;
the network backup is stored in a server of an enterprise through a cloud server, and the server is connected with a network and backups with the cloud server, so that the safety of information is ensured;
the hard disk backup is connected with the cloud server and is backed up through the enterprise server, and the enterprise server is connected with the UPS.
According to the technical scheme, the service access terminal decrypts and reads information at the information channel terminal, and is an APP and a touch screen, so that normal notification of the information is facilitated.
According to the technical scheme, the information broadcasting end carries out normal broadcasting through the service access end, and the information broadcasting end is a loudspeaker and a display screen.
According to the technical scheme, the intranet comprises login information, user operation information and administrator information;
the login information is a sub-account, normal information transmission can be realized after the administrator information agrees, and the login information can only be consulted;
the user operation information is the IP, operation items, operation duration and operation quantity which are recorded after login information and administrator information login each time, the user operation information cannot be deleted, and the storage time is 30 days;
the administrator information is a main account and has the authority of modifying login information after login.
According to the technical scheme, the information channel end monitors the data interfaces and records the number of the data interfaces, so that external dangerous access is prevented.
According to the technical scheme, the backup formats of the information backup terminal are ZIP and RAR.
Compared with the prior art, the invention has the beneficial effects that: the invention has scientific and reasonable structure, safe and convenient use, is convenient to encrypt information based on intranet information transmission, carries out intrusion detection on an input end, defines a grade protection measure, reasonably divides security domains, determines the physical boundary and the logic boundary of each security domain, defines the trust relationship between different security domains, greatly improves the security, prevents the interference of external information, uniformly converts the information into formats through an information access end to facilitate the storage of data, protects the normal intranet information storage through an information backup end, realizes automatic double storage through a cloud end and a hard disk thereof, prevents the information leakage, simultaneously facilitates the downloading of normal data, realizes double intercommunication of intranet information and an extranet, defends network data, and can better store login information, the login information is stored, normal lookup is facilitated in later maintenance and fault detection, convenience of data safety and information maintenance is guaranteed, information transmission is facilitated through the service access end, normal broadcasting is achieved through the information broadcasting end, the information broadcasting end serves as an upper computer and a lower computer and is clearly isolated, and therefore normal safe reporting is achieved.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the principles of the invention and not to limit the invention.
In the drawings:
FIG. 1 is a schematic diagram of the system architecture of the present invention.
Detailed Description
The preferred embodiments of the present invention will be described in conjunction with the accompanying drawings, and it will be understood that they are described herein for the purpose of illustration and explanation and not limitation.
Example (b): as shown in fig. 1, the present invention provides a technical solution, an information security reporting system based on an intranet, including an information access end, an information channel end, an information backup end, a service access end, and an information broadcast end;
the information access end is used for acquiring and accessing external information and performing format conversion;
the information channel end is used for transmitting and encrypting information;
the information backup end backs up and encrypts the information;
the service access terminal decrypts and displays the information;
and the information broadcasting end broadcasts the information.
According to the technical scheme, the information access end collects information through a network, a data transmission device and manual input, and only a manager has access qualification and an intrusion detection system;
the intrusion detection system defines level protection measures, reasonably divides security domains, determines physical boundaries and logical boundaries of the security domains, defines trust relationships among different security domains, establishes effective access control measures at network boundaries of the security domains, implements data source hiding to the maximum extent through the security domains, and performs structured and deepened regional defense to prevent and resist various network attacks, thereby ensuring continuous, stable and reliable operation of each network system of the information system.
According to the technical scheme, the information access end converts the format of the external network data into the format required by broadcasting, the video is in the RMVB format, the audio is in the MP3 format, and the picture is in the JPG format.
According to the technical scheme, the information channel end encrypts data according to actual conditions, and can establish temporary and safe connection through a public network, so that the virtual private line for realizing safe communication between internal networks is used for economically and effectively connecting to a safe extranet virtual private network.
According to the technical scheme, the information backup end carries out integral encryption on the information and carries out backup, and the backup is divided into network backup and hard disk backup;
the network backup is stored in a server of an enterprise through a cloud server, and the server is connected with a network and backups with the cloud server, so that the safety of information is ensured;
the hard disk backup is connected with the cloud server and is backed up through the enterprise server, and the enterprise server is connected with the UPS.
According to the technical scheme, the service access terminal decrypts and reads only the information at the information channel terminal, and the service access terminal is an APP and a touch screen, so that normal notification of the information is facilitated.
According to the technical scheme, the information broadcasting end carries out normal broadcasting through the service access end, and the information broadcasting end is a loudspeaker and a display screen.
According to the technical scheme, the intranet comprises login information, user operation information and administrator information;
the login information is a sub-account, normal information transmission can be realized after the administrator information agrees, and the login information can only be consulted;
the user operation information is the IP, operation items, operation duration and operation quantity which are recorded after login information and administrator information login each time, the user operation information cannot be deleted, and the storage time is 30 days;
the administrator information is a main account and has the authority of modifying login information after login.
According to the technical scheme, the information channel end monitors the data interfaces and records the number of the data interfaces, so that external dangerous access is prevented.
Compared with the prior art, the invention has the beneficial effects that: the invention has scientific and reasonable structure, safe and convenient use, is convenient to encrypt information based on intranet information transmission, carries out intrusion detection on an input end, defines a grade protection measure, reasonably divides security domains, determines the physical boundary and the logic boundary of each security domain, defines the trust relationship between different security domains, greatly improves the security, prevents the interference of external information, uniformly converts the information into formats through an information access end to facilitate the storage of data, protects the normal intranet information storage through an information backup end, realizes automatic double storage through a cloud end and a hard disk thereof, prevents the information leakage, simultaneously facilitates the downloading of normal data, realizes double intercommunication of intranet information and an extranet, defends network data, and can better store login information, the login information is stored, normal lookup is facilitated in later maintenance and fault detection, convenience of data safety and information maintenance is guaranteed, information transmission is facilitated through the service access end, normal broadcasting is achieved through the information broadcasting end, the information broadcasting end serves as an upper computer and a lower computer and is clearly isolated, and therefore normal safe reporting is achieved.
Finally, it should be noted that: although the present invention has been described in detail with reference to the foregoing embodiments, it will be apparent to those skilled in the art that changes may be made in the embodiments and/or equivalents thereof without departing from the spirit and scope of the invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims (10)

1. An information safety reporting system based on an intranet is characterized in that: the system comprises an information access end, an information channel end, an information backup end, a service access end and an information broadcasting end;
the information access end is used for acquiring and accessing external information and performing format conversion;
the information channel end is used for transmitting and encrypting information;
the information backup terminal backs up and encrypts the information;
the service access terminal decrypts and displays the information;
the information broadcasting end broadcasts information.
2. The intranet-based information security reporting system according to claim 1, wherein the information access terminal collects information through a network, a data transmission device and manual input, and only a manager has access qualification and has an intrusion detection system;
the intrusion detection system defines level protection measures, reasonably divides security domains, determines physical boundaries and logical boundaries of the security domains, defines trust relationships among different security domains, establishes effective access control measures at network boundaries of the security domains, implements data source hiding to the maximum extent through the security domains, and performs structured and deepened regional defense to prevent and resist various network attacks, thereby ensuring continuous, stable and reliable operation of each network system of the information system.
3. The intranet-based information security reporting system according to claim 1, wherein the information access terminal converts format of external network data into format required for broadcasting, and the video is in RMVB format, the audio is in MP3 format, and the picture is in JPG format.
4. The intranet-based information security reporting system of claim 1, wherein the information channel end encrypts data according to actual conditions, and can establish a temporary and secure connection through a public network, a virtual private line for secure communication between intranets, and a virtual private network for an extranet connected to economically and efficiently.
5. The intranet-based information security reporting system according to claim 1, wherein the information backup terminal encrypts the information as a whole and performs backup, and the backup is divided into a network backup and a hard disk backup;
the network backup is stored in a server of an enterprise through a cloud server, and the server is connected with a network and backups with the cloud server, so that the safety of information is ensured;
the hard disk backup is connected with the cloud server and is backed up through the enterprise server, and the enterprise server is connected with the UPS.
6. The intranet-based information security reporting system according to claim 1, wherein the service access terminal decrypts and reads only information at the information channel terminal, and the service access terminal is an APP and a touch screen, so as to facilitate normal reporting of information.
7. The intranet-based information security reporting system according to claim 1, wherein the information reporting terminal performs normal reporting through the service access terminal, and the information reporting terminal is a speaker and a display screen.
8. The intranet-based information security reporting system according to claim 4, wherein the intranet includes login information, user operation information and administrator information;
the login information is a sub-account, normal information transmission can be realized after the administrator information agrees, and the login information can only be consulted;
the user operation information is the IP, operation items, operation duration and operation quantity which are recorded after login information and administrator information login each time, the user operation information cannot be deleted, and the storage time is 30 days;
the administrator information is a main account and has the authority of modifying login information after login.
9. The intranet-based information safety reporting system according to claim 1, wherein the information channel end monitors data interfaces and records the number of the data interfaces, thereby preventing external dangerous access.
10. The intranet-based information security reporting system according to claim 1, wherein the backup formats of the information backup terminal are ZIP and RAR.
CN202010372809.2A 2020-05-06 2020-05-06 Information safety reporting system based on intranet Pending CN111556063A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010372809.2A CN111556063A (en) 2020-05-06 2020-05-06 Information safety reporting system based on intranet

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010372809.2A CN111556063A (en) 2020-05-06 2020-05-06 Information safety reporting system based on intranet

Publications (1)

Publication Number Publication Date
CN111556063A true CN111556063A (en) 2020-08-18

Family

ID=72004730

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010372809.2A Pending CN111556063A (en) 2020-05-06 2020-05-06 Information safety reporting system based on intranet

Country Status (1)

Country Link
CN (1) CN111556063A (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105160274A (en) * 2015-09-24 2015-12-16 宇龙计算机通信科技(深圳)有限公司 User data protection method and terminal
CN106452864A (en) * 2016-09-30 2017-02-22 北京悦畅科技有限公司 Parking lot fault protection method, apparatus and system thereof
CN108983716A (en) * 2018-07-09 2018-12-11 济宁职业技术学院 A kind of steam power plant's heat-network supervisory control system in electric

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105160274A (en) * 2015-09-24 2015-12-16 宇龙计算机通信科技(深圳)有限公司 User data protection method and terminal
CN106452864A (en) * 2016-09-30 2017-02-22 北京悦畅科技有限公司 Parking lot fault protection method, apparatus and system thereof
CN108983716A (en) * 2018-07-09 2018-12-11 济宁职业技术学院 A kind of steam power plant's heat-network supervisory control system in electric

Similar Documents

Publication Publication Date Title
US8955042B2 (en) Systems and methods for implementing transparent encryption
Perlman File system design with assured delete
US8175277B2 (en) Intercepting a communication session in a telecommunication network
US20070297607A1 (en) Video distribution system
US11880490B2 (en) Context-based access control and revocation for data governance and loss mitigation
US20060075506A1 (en) Systems and methods for enhanced electronic asset protection
RU2013136403A (en) METHOD AND DEVICE FOR CREATION AND MANAGEMENT OF INFRASTRUCTURE OF DIFFERENT PROTECTION FOR CONTENT-ORIENTED NETWORKS
US20070300062A1 (en) Identifying and enforcing strict file confidentiality in the presence of system and storage administrators in a nas system
US10484339B2 (en) Pervasive data security
CA2938166C (en) Method and system for protecting data using data passports
KR20130050865A (en) Caused by the use of smart device internal confidential data leakage prevention & trace system and method
CN102170424A (en) Mobile medium safety protection system based on three-level security architecture
CN103269343A (en) Business data safety control platform
KR101568871B1 (en) Encrypting method for vital control system
CN107995147B (en) Metadata encryption and decryption method and system based on distributed file system
CN104581008A (en) Information security protection system and method for video monitoring system
US20240031135A1 (en) Key broker for a network monitoring device, and applications thereof
US20230040466A1 (en) Key broker for a network monitoring device, and applications thereof
CN112948870A (en) Electronic document security management method and management system based on big data
CN112287364A (en) Data sharing method, device, system, medium and electronic equipment
Sharma et al. A comprehensive review on encryption based open source cyber security tools
US20220147640A1 (en) Secure secret sharing storage system using cloud service
CN111556063A (en) Information safety reporting system based on intranet
WO2020135039A1 (en) Data transmission method, and data transmission system and sending device and receiving device therefor
CN103634274A (en) Safe method for video exchange and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20200818

RJ01 Rejection of invention patent application after publication