CN111756710A - Network security management system - Google Patents
Network security management system Download PDFInfo
- Publication number
- CN111756710A CN111756710A CN202010522708.9A CN202010522708A CN111756710A CN 111756710 A CN111756710 A CN 111756710A CN 202010522708 A CN202010522708 A CN 202010522708A CN 111756710 A CN111756710 A CN 111756710A
- Authority
- CN
- China
- Prior art keywords
- module
- data
- cloud platform
- network security
- security management
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0861—Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/06—Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
Abstract
The invention discloses a network security management system, which comprises a cloud platform, a user authentication module, an information acquisition module, a divulgence tracking module, a monitoring module and a firewall detection module, wherein the cloud platform is used for maintaining the operation of the whole system; the user authentication module is used for confirming the identity of the user; the information acquisition module is used for receiving the network data stream and uploading acquired data to the cloud platform; the invention has the beneficial effects that: the designed divulgence tracking module is beneficial to improving data security, outgoing security and off-line security, and preventing confidential data from being divulged; one or at least two of password verification, fingerprint verification and iris verification are adopted, so that the identity of the user can be confirmed, the network behavior of the user can be blamed for people, and the traceability is facilitated; through the designed alarm module, the illegal operation is alarmed, the safety of confidential data is further improved, and the leakage of the confidential data is avoided.
Description
Technical Field
The invention belongs to the technical field of network security management, and particularly relates to a network security management system.
Background
Computer networks are important means and ways for people to know society and obtain information through modern information technology means.
The network security means that the hardware, software and data in the system of the network system are protected and are not damaged, changed and leaked due to accidental or malicious reasons, the system continuously, reliably and normally operates, and the network service is not interrupted.
By 8 months in 2018, the scale of the netizens in China reaches 8.02 hundred million people, and the Internet is highly developed. Meanwhile, the risks brought by the openness and security holes of the internet are ubiquitous. Network attack behaviors are becoming more complex; the hacking behavior is more organized; network attacks directed at mobile phone wireless terminals are becoming more and more serious; news about network attacks and data leakage is emerging endlessly, and the problem of network security becomes the focus of attention of governments, enterprises and users.
The network security management is the fundamental guarantee that people can safely surf the internet, surf the internet in a green way and surf the internet in a healthy way.
In order to further improve the security of network information and prevent confidential data from being leaked, a network security management system is proposed.
Disclosure of Invention
The invention aims to provide a network security management system, which further improves the security of network information and prevents confidential data from leaking.
In order to achieve the purpose, the invention provides the following technical scheme: a network security management system comprises a cloud platform, a user authentication module, an information acquisition module, a divulgence tracking module, a monitoring module and a firewall detection module, wherein,
the cloud platform is used for maintaining the operation of the whole system;
the user authentication module is used for confirming the identity of the user;
the information acquisition module is used for receiving the network data stream and uploading acquired data to the cloud platform;
the secret leakage tracking module is used for accessing confidential data within an authorized range and tracking and intercepting the leaked sensitive data stream;
the monitoring module is used for monitoring data and uploading a monitoring result to the cloud platform;
the firewall detection module is used for detecting whether the computer opens the firewall or not and uploading the detection result to the cloud platform.
As a preferred technical solution of the present invention, the user identity is confirmed by one or at least two of password verification, fingerprint verification, and iris verification.
As a preferred technical solution of the present invention, the monitoring module includes an upload data monitoring module and a download data monitoring module.
As a preferred technical solution of the present invention, the cloud platform further includes a scanning module, and the scanning module is configured to scan data and transmit a scanning result to the cloud platform.
The invention further comprises a virus killing module which is used for killing abnormal data and adding the killed data stream to a blacklist.
As a preferred technical solution of the present invention, the present invention further includes an information filtering module, which is used for filtering and analyzing the collected data information.
As a preferred technical solution of the present invention, the system further includes an information association module, and the information association module is configured to associate the filtered data information with the existing potential safety hazard data.
The invention further comprises an alarm module, wherein the alarm module is used for alarming illegal operation and transmitting alarm data to the cloud platform.
As a preferred technical solution of the present invention, the system further comprises an evaluation module, which is used for performing an all-around evaluation on the system.
The system further comprises a supervision and inspection module which is used for annual inspection of the system.
Compared with the prior art, the invention has the beneficial effects that:
(1) the divulgence tracking module is used for accessing confidential data within an authorized range and tracking and intercepting the divulged sensitive data stream, so that the data security, outgoing security and off-line security are improved, and the confidential data is prevented from being divulged;
(2) one or at least two of password verification, fingerprint verification and iris verification are adopted, so that the identity of the user can be confirmed, the network behavior of the user can be blamed for people, and the traceability is facilitated;
(3) through the alarm module who designs, report to the police to the operation of violating the regulations to give cloud platform with the data transmission of reporting to the police, conveniently in time discover the act of violating the regulations, further improve the safety of secret data, avoid revealing of secret data.
Drawings
FIG. 1 is a system diagram of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, the present invention provides a technical solution: a network security management system comprises a cloud platform, a user authentication module, an information acquisition module, a divulgence tracking module, a monitoring module and a firewall detection module, wherein,
the cloud platform is used for maintaining the operation of the whole system;
the user authentication module is used for confirming the identity of the user;
the information acquisition module is used for receiving the network data stream and uploading acquired data to the cloud platform;
the divulgence tracking module is used for accessing confidential data within an authorized range and tracking and intercepting the divulged sensitive data stream, so that the data security, outgoing security and off-line security are improved, and the confidential data is prevented from being divulged;
the monitoring module is used for monitoring data and uploading a monitoring result to the cloud platform;
the firewall detection module is used for detecting whether the computer opens the firewall or not and uploading the detection result to the cloud platform, and the computer protection effect is further improved.
In this embodiment, preferably, the user identity is confirmed by one or at least two of password verification, fingerprint verification, and iris verification; wherein the content of the first and second substances,
the password authentication operation is as follows:
the method comprises the following steps: the user registers a personal account and a password according to the prompt of the system, and binds the registered personal account and the registered password to a mobile phone or a mailbox so as to retrieve the account and the password when the account or the password is forgotten;
step two: the user logs in according to the preset account and the preset password, and the account and the password are confirmed to be correct.
The fingerprint verification operation is as follows:
the method comprises the following steps: entering a fingerprint input interface of the system, and finishing fingerprint input according to system prompt;
step two: entering a fingerprint verification interface of the system, and performing fingerprint verification according to system prompt, wherein the fingerprint verification is correct;
the iris verification operation is as follows:
the method comprises the following steps: entering an iris input interface according to the prompt of the system to finish iris input;
step two: and entering an iris verification interface according to the prompt of the system to complete the iris verification.
The invention adopts one or at least two of password verification, fingerprint verification and iris verification, is beneficial to confirming the identity of the user, carrying out blame to the network behavior of the user and tracing the origin.
In this embodiment, preferably, the monitoring module includes an upload data monitoring module and a download data monitoring module, which is helpful for monitoring uploaded and downloaded data and maintaining network security.
In this embodiment, it is preferable that the cloud platform further includes a scanning module, and the scanning module is configured to scan data and transmit a scanning result to the cloud platform, which is beneficial to further increasing security of the data and reducing attacks of viruses on the network.
In this embodiment, preferably, the system further includes a virus killing module, and the module is configured to perform virus killing on abnormal data and add a data stream of the virus killing to a blacklist, which is helpful for virus killing and further maintains network security.
In this embodiment, preferably, the system further includes an information filtering module, and the information filtering module is configured to filter and analyze the acquired data information, which is helpful for filtering the acquired data.
In this embodiment, preferably, the system further includes an information association module, and the information association module is configured to associate the filtered data information with existing potential safety hazard data, and is beneficial to rapid analysis and processing of an information data stream.
In this embodiment, preferably, the cloud platform further comprises an alarm module, and the alarm module is used for alarming illegal operations and transmitting the alarm data to the cloud platform, so that the illegal activities can be conveniently found in time, the security of confidential data is further improved, and the leakage of the confidential data is avoided.
In this embodiment, preferably, the system further includes an evaluation module, and the module is configured to perform all-around evaluation on the system, obtain a qualified evaluation report after the evaluation and the evaluation are qualified, and finally obtain a level protection filing certificate.
In this embodiment, it is preferable that the system further includes a supervision and inspection module, and the supervision and inspection module is configured to perform annual inspection on the system to ensure a more recent upgrade of the system.
Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.
Claims (10)
1. A network security management system is characterized by comprising a cloud platform, a user authentication module, an information acquisition module, a divulgence tracking module, a monitoring module and a firewall detection module, wherein,
the cloud platform is used for maintaining the operation of the whole system;
the user authentication module is used for confirming the identity of the user;
the information acquisition module is used for receiving the network data stream and uploading acquired data to the cloud platform;
the secret leakage tracking module is used for accessing confidential data within an authorized range and tracking and intercepting the leaked sensitive data stream;
the monitoring module is used for monitoring data and uploading a monitoring result to the cloud platform;
the firewall detection module is used for detecting whether the computer opens the firewall or not and uploading the detection result to the cloud platform.
2. A network security management system according to claim 1, wherein: the identity of the user is confirmed by one or at least two of password verification, fingerprint verification and iris verification.
3. A network security management system according to claim 1, wherein: the monitoring module comprises an uploading data monitoring module and a downloading data monitoring module.
4. A network security management system according to claim 1, wherein: the cloud platform comprises a cloud platform body and is characterized by further comprising a scanning module, wherein the scanning module is used for scanning data and transmitting a scanning result to the cloud platform body.
5. A network security management system according to claim 1, wherein: the system also comprises a virus killing module which is used for killing abnormal data and adding the killed data flow to a blacklist.
6. A network security management system according to claim 1, wherein: the system also comprises an information filtering module which is used for filtering and analyzing the collected data information.
7. The network security management system according to claim 6, wherein: the system further comprises an information correlation module, and the information correlation module is used for correlating the filtered data information with the existing potential safety hazard data.
8. A network security management system according to claim 1, wherein: the system further comprises an alarm module, wherein the alarm module is used for alarming illegal operation and transmitting alarm data to the cloud platform.
9. A network security management system according to claim 1, wherein: the system also comprises an evaluation module which is used for carrying out comprehensive evaluation on the system.
10. A network security management system according to claim 1, wherein: the system also comprises a supervision and inspection module which is used for annual inspection of the system.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010522708.9A CN111756710A (en) | 2020-06-10 | 2020-06-10 | Network security management system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010522708.9A CN111756710A (en) | 2020-06-10 | 2020-06-10 | Network security management system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN111756710A true CN111756710A (en) | 2020-10-09 |
Family
ID=72675797
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010522708.9A Pending CN111756710A (en) | 2020-06-10 | 2020-06-10 | Network security management system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111756710A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113556395A (en) * | 2021-07-21 | 2021-10-26 | 黑龙江祥辉通信工程有限公司 | Safe type network information dynamic management platform |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107409126A (en) * | 2015-02-24 | 2017-11-28 | 思科技术公司 | System and method for protecting enterprise computing environment safety |
CN108491697A (en) * | 2018-01-26 | 2018-09-04 | 四川中环法智互联网科技有限公司 | File content is divulged a secret management system and retroactive method of divulging a secret |
US20180367624A1 (en) * | 2014-05-08 | 2018-12-20 | Tru Optik Data Corp. | Tru torrent platform methods, apparatuses and media |
CN109977661A (en) * | 2019-04-09 | 2019-07-05 | 福建奇点时空数字科技有限公司 | A kind of network safety protection method and system based on big data platform |
CN110740140A (en) * | 2019-10-30 | 2020-01-31 | 南京茗淇信息科技有限公司 | network information security supervision system based on cloud platform |
-
2020
- 2020-06-10 CN CN202010522708.9A patent/CN111756710A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20180367624A1 (en) * | 2014-05-08 | 2018-12-20 | Tru Optik Data Corp. | Tru torrent platform methods, apparatuses and media |
CN107409126A (en) * | 2015-02-24 | 2017-11-28 | 思科技术公司 | System and method for protecting enterprise computing environment safety |
CN108491697A (en) * | 2018-01-26 | 2018-09-04 | 四川中环法智互联网科技有限公司 | File content is divulged a secret management system and retroactive method of divulging a secret |
CN109977661A (en) * | 2019-04-09 | 2019-07-05 | 福建奇点时空数字科技有限公司 | A kind of network safety protection method and system based on big data platform |
CN110740140A (en) * | 2019-10-30 | 2020-01-31 | 南京茗淇信息科技有限公司 | network information security supervision system based on cloud platform |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113556395A (en) * | 2021-07-21 | 2021-10-26 | 黑龙江祥辉通信工程有限公司 | Safe type network information dynamic management platform |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Talal et al. | Comprehensive review and analysis of anti-malware apps for smartphones | |
RU2536663C2 (en) | System and method of protecting cloud infrastructure from illegal use | |
WO2021063068A1 (en) | Operation and maintenance control and operation and maintenance analysis method and apparatus, system, and storage medium | |
WO2016067290A2 (en) | Method and system for mitigating malicious messages attacks | |
Zaidi et al. | A survey on security for smartphone device | |
CN105049592B (en) | Mobile intelligent terminal voice safety protection method and system | |
CN112149123B (en) | Safety inspection system and method for application program | |
CN103716785A (en) | Mobile Internet security service system | |
US11140129B2 (en) | Distributed firewall system | |
KR20170091989A (en) | System and method for managing and evaluating security in industry control network | |
Qadri et al. | A Review of Significance of Energy-Consumption Anomaly in Malware Detection in Mobile Devices. | |
CN111756710A (en) | Network security management system | |
CN109495482A (en) | A kind of network data information safe transmission method | |
CN113079182B (en) | Network security control system | |
CN111783092B (en) | Malicious attack detection method and system for communication mechanism between Android applications | |
KR100959264B1 (en) | A system for monitoring network process's and preventing proliferation of zombi pc and the method thereof | |
KR101153115B1 (en) | Method, server and device for detecting hacking tools | |
KR102616603B1 (en) | Supporting Method of Network Security and device using the same | |
CN117390708B (en) | Privacy data security protection method and system | |
Chen | Research on Anti-phishing Strategy of Smart Phone | |
Inagaki et al. | Investigation on Research Ethics and Building a Benchmark | |
CN113821755A (en) | Web website anti-attack system based on cloud computing | |
Guo et al. | Research on risk analysis and security testing technology of mobile application in power system | |
Mylonas | Security and privacy in the smartphones ecosystem | |
Chakraborty | Digital defense: Verification of security intelligence |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20201009 |
|
RJ01 | Rejection of invention patent application after publication |