CN111756710A - Network security management system - Google Patents

Network security management system Download PDF

Info

Publication number
CN111756710A
CN111756710A CN202010522708.9A CN202010522708A CN111756710A CN 111756710 A CN111756710 A CN 111756710A CN 202010522708 A CN202010522708 A CN 202010522708A CN 111756710 A CN111756710 A CN 111756710A
Authority
CN
China
Prior art keywords
module
data
cloud platform
network security
security management
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010522708.9A
Other languages
Chinese (zh)
Inventor
万鹏宇
万鹏飞
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Yinpeng Technology Co ltd
Original Assignee
Yinpeng Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Yinpeng Technology Co ltd filed Critical Yinpeng Technology Co ltd
Priority to CN202010522708.9A priority Critical patent/CN111756710A/en
Publication of CN111756710A publication Critical patent/CN111756710A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network

Abstract

The invention discloses a network security management system, which comprises a cloud platform, a user authentication module, an information acquisition module, a divulgence tracking module, a monitoring module and a firewall detection module, wherein the cloud platform is used for maintaining the operation of the whole system; the user authentication module is used for confirming the identity of the user; the information acquisition module is used for receiving the network data stream and uploading acquired data to the cloud platform; the invention has the beneficial effects that: the designed divulgence tracking module is beneficial to improving data security, outgoing security and off-line security, and preventing confidential data from being divulged; one or at least two of password verification, fingerprint verification and iris verification are adopted, so that the identity of the user can be confirmed, the network behavior of the user can be blamed for people, and the traceability is facilitated; through the designed alarm module, the illegal operation is alarmed, the safety of confidential data is further improved, and the leakage of the confidential data is avoided.

Description

Network security management system
Technical Field
The invention belongs to the technical field of network security management, and particularly relates to a network security management system.
Background
Computer networks are important means and ways for people to know society and obtain information through modern information technology means.
The network security means that the hardware, software and data in the system of the network system are protected and are not damaged, changed and leaked due to accidental or malicious reasons, the system continuously, reliably and normally operates, and the network service is not interrupted.
By 8 months in 2018, the scale of the netizens in China reaches 8.02 hundred million people, and the Internet is highly developed. Meanwhile, the risks brought by the openness and security holes of the internet are ubiquitous. Network attack behaviors are becoming more complex; the hacking behavior is more organized; network attacks directed at mobile phone wireless terminals are becoming more and more serious; news about network attacks and data leakage is emerging endlessly, and the problem of network security becomes the focus of attention of governments, enterprises and users.
The network security management is the fundamental guarantee that people can safely surf the internet, surf the internet in a green way and surf the internet in a healthy way.
In order to further improve the security of network information and prevent confidential data from being leaked, a network security management system is proposed.
Disclosure of Invention
The invention aims to provide a network security management system, which further improves the security of network information and prevents confidential data from leaking.
In order to achieve the purpose, the invention provides the following technical scheme: a network security management system comprises a cloud platform, a user authentication module, an information acquisition module, a divulgence tracking module, a monitoring module and a firewall detection module, wherein,
the cloud platform is used for maintaining the operation of the whole system;
the user authentication module is used for confirming the identity of the user;
the information acquisition module is used for receiving the network data stream and uploading acquired data to the cloud platform;
the secret leakage tracking module is used for accessing confidential data within an authorized range and tracking and intercepting the leaked sensitive data stream;
the monitoring module is used for monitoring data and uploading a monitoring result to the cloud platform;
the firewall detection module is used for detecting whether the computer opens the firewall or not and uploading the detection result to the cloud platform.
As a preferred technical solution of the present invention, the user identity is confirmed by one or at least two of password verification, fingerprint verification, and iris verification.
As a preferred technical solution of the present invention, the monitoring module includes an upload data monitoring module and a download data monitoring module.
As a preferred technical solution of the present invention, the cloud platform further includes a scanning module, and the scanning module is configured to scan data and transmit a scanning result to the cloud platform.
The invention further comprises a virus killing module which is used for killing abnormal data and adding the killed data stream to a blacklist.
As a preferred technical solution of the present invention, the present invention further includes an information filtering module, which is used for filtering and analyzing the collected data information.
As a preferred technical solution of the present invention, the system further includes an information association module, and the information association module is configured to associate the filtered data information with the existing potential safety hazard data.
The invention further comprises an alarm module, wherein the alarm module is used for alarming illegal operation and transmitting alarm data to the cloud platform.
As a preferred technical solution of the present invention, the system further comprises an evaluation module, which is used for performing an all-around evaluation on the system.
The system further comprises a supervision and inspection module which is used for annual inspection of the system.
Compared with the prior art, the invention has the beneficial effects that:
(1) the divulgence tracking module is used for accessing confidential data within an authorized range and tracking and intercepting the divulged sensitive data stream, so that the data security, outgoing security and off-line security are improved, and the confidential data is prevented from being divulged;
(2) one or at least two of password verification, fingerprint verification and iris verification are adopted, so that the identity of the user can be confirmed, the network behavior of the user can be blamed for people, and the traceability is facilitated;
(3) through the alarm module who designs, report to the police to the operation of violating the regulations to give cloud platform with the data transmission of reporting to the police, conveniently in time discover the act of violating the regulations, further improve the safety of secret data, avoid revealing of secret data.
Drawings
FIG. 1 is a system diagram of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, the present invention provides a technical solution: a network security management system comprises a cloud platform, a user authentication module, an information acquisition module, a divulgence tracking module, a monitoring module and a firewall detection module, wherein,
the cloud platform is used for maintaining the operation of the whole system;
the user authentication module is used for confirming the identity of the user;
the information acquisition module is used for receiving the network data stream and uploading acquired data to the cloud platform;
the divulgence tracking module is used for accessing confidential data within an authorized range and tracking and intercepting the divulged sensitive data stream, so that the data security, outgoing security and off-line security are improved, and the confidential data is prevented from being divulged;
the monitoring module is used for monitoring data and uploading a monitoring result to the cloud platform;
the firewall detection module is used for detecting whether the computer opens the firewall or not and uploading the detection result to the cloud platform, and the computer protection effect is further improved.
In this embodiment, preferably, the user identity is confirmed by one or at least two of password verification, fingerprint verification, and iris verification; wherein the content of the first and second substances,
the password authentication operation is as follows:
the method comprises the following steps: the user registers a personal account and a password according to the prompt of the system, and binds the registered personal account and the registered password to a mobile phone or a mailbox so as to retrieve the account and the password when the account or the password is forgotten;
step two: the user logs in according to the preset account and the preset password, and the account and the password are confirmed to be correct.
The fingerprint verification operation is as follows:
the method comprises the following steps: entering a fingerprint input interface of the system, and finishing fingerprint input according to system prompt;
step two: entering a fingerprint verification interface of the system, and performing fingerprint verification according to system prompt, wherein the fingerprint verification is correct;
the iris verification operation is as follows:
the method comprises the following steps: entering an iris input interface according to the prompt of the system to finish iris input;
step two: and entering an iris verification interface according to the prompt of the system to complete the iris verification.
The invention adopts one or at least two of password verification, fingerprint verification and iris verification, is beneficial to confirming the identity of the user, carrying out blame to the network behavior of the user and tracing the origin.
In this embodiment, preferably, the monitoring module includes an upload data monitoring module and a download data monitoring module, which is helpful for monitoring uploaded and downloaded data and maintaining network security.
In this embodiment, it is preferable that the cloud platform further includes a scanning module, and the scanning module is configured to scan data and transmit a scanning result to the cloud platform, which is beneficial to further increasing security of the data and reducing attacks of viruses on the network.
In this embodiment, preferably, the system further includes a virus killing module, and the module is configured to perform virus killing on abnormal data and add a data stream of the virus killing to a blacklist, which is helpful for virus killing and further maintains network security.
In this embodiment, preferably, the system further includes an information filtering module, and the information filtering module is configured to filter and analyze the acquired data information, which is helpful for filtering the acquired data.
In this embodiment, preferably, the system further includes an information association module, and the information association module is configured to associate the filtered data information with existing potential safety hazard data, and is beneficial to rapid analysis and processing of an information data stream.
In this embodiment, preferably, the cloud platform further comprises an alarm module, and the alarm module is used for alarming illegal operations and transmitting the alarm data to the cloud platform, so that the illegal activities can be conveniently found in time, the security of confidential data is further improved, and the leakage of the confidential data is avoided.
In this embodiment, preferably, the system further includes an evaluation module, and the module is configured to perform all-around evaluation on the system, obtain a qualified evaluation report after the evaluation and the evaluation are qualified, and finally obtain a level protection filing certificate.
In this embodiment, it is preferable that the system further includes a supervision and inspection module, and the supervision and inspection module is configured to perform annual inspection on the system to ensure a more recent upgrade of the system.
Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.

Claims (10)

1. A network security management system is characterized by comprising a cloud platform, a user authentication module, an information acquisition module, a divulgence tracking module, a monitoring module and a firewall detection module, wherein,
the cloud platform is used for maintaining the operation of the whole system;
the user authentication module is used for confirming the identity of the user;
the information acquisition module is used for receiving the network data stream and uploading acquired data to the cloud platform;
the secret leakage tracking module is used for accessing confidential data within an authorized range and tracking and intercepting the leaked sensitive data stream;
the monitoring module is used for monitoring data and uploading a monitoring result to the cloud platform;
the firewall detection module is used for detecting whether the computer opens the firewall or not and uploading the detection result to the cloud platform.
2. A network security management system according to claim 1, wherein: the identity of the user is confirmed by one or at least two of password verification, fingerprint verification and iris verification.
3. A network security management system according to claim 1, wherein: the monitoring module comprises an uploading data monitoring module and a downloading data monitoring module.
4. A network security management system according to claim 1, wherein: the cloud platform comprises a cloud platform body and is characterized by further comprising a scanning module, wherein the scanning module is used for scanning data and transmitting a scanning result to the cloud platform body.
5. A network security management system according to claim 1, wherein: the system also comprises a virus killing module which is used for killing abnormal data and adding the killed data flow to a blacklist.
6. A network security management system according to claim 1, wherein: the system also comprises an information filtering module which is used for filtering and analyzing the collected data information.
7. The network security management system according to claim 6, wherein: the system further comprises an information correlation module, and the information correlation module is used for correlating the filtered data information with the existing potential safety hazard data.
8. A network security management system according to claim 1, wherein: the system further comprises an alarm module, wherein the alarm module is used for alarming illegal operation and transmitting alarm data to the cloud platform.
9. A network security management system according to claim 1, wherein: the system also comprises an evaluation module which is used for carrying out comprehensive evaluation on the system.
10. A network security management system according to claim 1, wherein: the system also comprises a supervision and inspection module which is used for annual inspection of the system.
CN202010522708.9A 2020-06-10 2020-06-10 Network security management system Pending CN111756710A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010522708.9A CN111756710A (en) 2020-06-10 2020-06-10 Network security management system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010522708.9A CN111756710A (en) 2020-06-10 2020-06-10 Network security management system

Publications (1)

Publication Number Publication Date
CN111756710A true CN111756710A (en) 2020-10-09

Family

ID=72675797

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010522708.9A Pending CN111756710A (en) 2020-06-10 2020-06-10 Network security management system

Country Status (1)

Country Link
CN (1) CN111756710A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113556395A (en) * 2021-07-21 2021-10-26 黑龙江祥辉通信工程有限公司 Safe type network information dynamic management platform

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107409126A (en) * 2015-02-24 2017-11-28 思科技术公司 System and method for protecting enterprise computing environment safety
CN108491697A (en) * 2018-01-26 2018-09-04 四川中环法智互联网科技有限公司 File content is divulged a secret management system and retroactive method of divulging a secret
US20180367624A1 (en) * 2014-05-08 2018-12-20 Tru Optik Data Corp. Tru torrent platform methods, apparatuses and media
CN109977661A (en) * 2019-04-09 2019-07-05 福建奇点时空数字科技有限公司 A kind of network safety protection method and system based on big data platform
CN110740140A (en) * 2019-10-30 2020-01-31 南京茗淇信息科技有限公司 network information security supervision system based on cloud platform

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180367624A1 (en) * 2014-05-08 2018-12-20 Tru Optik Data Corp. Tru torrent platform methods, apparatuses and media
CN107409126A (en) * 2015-02-24 2017-11-28 思科技术公司 System and method for protecting enterprise computing environment safety
CN108491697A (en) * 2018-01-26 2018-09-04 四川中环法智互联网科技有限公司 File content is divulged a secret management system and retroactive method of divulging a secret
CN109977661A (en) * 2019-04-09 2019-07-05 福建奇点时空数字科技有限公司 A kind of network safety protection method and system based on big data platform
CN110740140A (en) * 2019-10-30 2020-01-31 南京茗淇信息科技有限公司 network information security supervision system based on cloud platform

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113556395A (en) * 2021-07-21 2021-10-26 黑龙江祥辉通信工程有限公司 Safe type network information dynamic management platform

Similar Documents

Publication Publication Date Title
Talal et al. Comprehensive review and analysis of anti-malware apps for smartphones
RU2536663C2 (en) System and method of protecting cloud infrastructure from illegal use
WO2021063068A1 (en) Operation and maintenance control and operation and maintenance analysis method and apparatus, system, and storage medium
WO2016067290A2 (en) Method and system for mitigating malicious messages attacks
Zaidi et al. A survey on security for smartphone device
CN105049592B (en) Mobile intelligent terminal voice safety protection method and system
CN112149123B (en) Safety inspection system and method for application program
CN103716785A (en) Mobile Internet security service system
US11140129B2 (en) Distributed firewall system
KR20170091989A (en) System and method for managing and evaluating security in industry control network
Qadri et al. A Review of Significance of Energy-Consumption Anomaly in Malware Detection in Mobile Devices.
CN111756710A (en) Network security management system
CN109495482A (en) A kind of network data information safe transmission method
CN113079182B (en) Network security control system
CN111783092B (en) Malicious attack detection method and system for communication mechanism between Android applications
KR100959264B1 (en) A system for monitoring network process's and preventing proliferation of zombi pc and the method thereof
KR101153115B1 (en) Method, server and device for detecting hacking tools
KR102616603B1 (en) Supporting Method of Network Security and device using the same
CN117390708B (en) Privacy data security protection method and system
Chen Research on Anti-phishing Strategy of Smart Phone
Inagaki et al. Investigation on Research Ethics and Building a Benchmark
CN113821755A (en) Web website anti-attack system based on cloud computing
Guo et al. Research on risk analysis and security testing technology of mobile application in power system
Mylonas Security and privacy in the smartphones ecosystem
Chakraborty Digital defense: Verification of security intelligence

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20201009

RJ01 Rejection of invention patent application after publication