CN112287351A - Comprehensive management platform for level protection - Google Patents
Comprehensive management platform for level protection Download PDFInfo
- Publication number
- CN112287351A CN112287351A CN202010934541.7A CN202010934541A CN112287351A CN 112287351 A CN112287351 A CN 112287351A CN 202010934541 A CN202010934541 A CN 202010934541A CN 112287351 A CN112287351 A CN 112287351A
- Authority
- CN
- China
- Prior art keywords
- management
- level protection
- unit
- data
- work
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000012544 monitoring process Methods 0.000 claims abstract description 19
- 238000000034 method Methods 0.000 claims description 11
- 230000008569 process Effects 0.000 claims description 11
- 238000011156 evaluation Methods 0.000 claims description 9
- 230000002452 interceptive effect Effects 0.000 claims description 8
- 238000012423 maintenance Methods 0.000 claims description 6
- 230000033228 biological regulation Effects 0.000 claims description 5
- 230000008520 organization Effects 0.000 claims description 4
- 230000004044 response Effects 0.000 claims description 4
- 238000012502 risk assessment Methods 0.000 claims description 4
- 238000012854 evaluation process Methods 0.000 claims description 3
- 238000013461 design Methods 0.000 claims description 2
- 238000007726 management method Methods 0.000 description 101
- 238000011161 development Methods 0.000 description 4
- 238000007689 inspection Methods 0.000 description 4
- 230000000007 visual effect Effects 0.000 description 4
- 238000010276 construction Methods 0.000 description 3
- 230000008859 change Effects 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000003339 best practice Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000005553 drilling Methods 0.000 description 1
- 230000006698 induction Effects 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 238000011835 investigation Methods 0.000 description 1
- 210000001503 joint Anatomy 0.000 description 1
- 238000011112 process operation Methods 0.000 description 1
- 238000011084 recovery Methods 0.000 description 1
- 238000002407 reforming Methods 0.000 description 1
- 238000009418 renovation Methods 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
- G06F16/958—Organisation or management of web site content, e.g. publishing, maintaining pages or automatic linking
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- Automation & Control Theory (AREA)
- Data Mining & Analysis (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a comprehensive management platform for grade protection, which comprises a terminal, a display module, an application module and a data module, wherein the terminal is respectively connected with the display module, the application module and the data module, the display module comprises a monitoring display unit and a working display unit, the application module comprises a user service unit and a background service unit, the data module comprises a user data unit and an internal data unit, the terminal comprises a universal terminal and a special terminal, the universal terminal is connected with the monitoring display unit, and the universal terminal is connected with the working unit. The invention not only meets the requirement of the user for using the V1.0 version of the level protection, but also fully meets the relevant standard of the level protection 2.0, and performs a plurality of optimized upgrades on the function. The level protection work is divided into two large views including a management view and an execution view, so that users of the user units can perform their own functions.
Description
Technical Field
The invention relates to the field of a comprehensive management platform for level protection, in particular to a comprehensive management platform for level protection.
Background
With the development of information technology, the operation of the country and the society is more and more independent from various information systems, and important and basic information systems are more related to the country life. With the globalization development of information networks, the security problem of the information networks also appears globalization, and any information system directly or indirectly connected with the internet faces the security problems of network attack, system control, data stealing and the like from the world, thereby bringing more security threats to important information systems which are related to the national security, social stability and the fundamental interests of people.
In recent years, in the face of such a security situation, the country pays more and more attention to network security, and by using the experiences of foreign security standards, best practices and the like, China puts forward a security level protection system of an information system and strengthens the construction of network security in China, and from 1994 to the present, the country carries out and releases a series of regulations, systems and regulations related to network security.
The related requirement standards of grade protection 2.0 are published in 2019, 5 and 10 months, and the implementation is started in 12 and 01 months.
The grade protection is moved from 1.0 to 2.0, the network security face becomes wider and wider with the continuous development of network technology, and the grade protection 2.0 and the grade protection 1.0 have a plurality of extension points, including the extension of a grade protection standard system, the extension of a grade protection basic requirement, the extension of a grade protection covering object and the like.
Based on the change of level protection 2.0, the 'level protection integrated management platform' of the central network security is matched with the configuration inspection and management of basic requirements related to the level protection of the level protection such as physical security, host security, network security, application security, data security and backup recovery, a security management system and the like by a central network security research team according to the technical specification of an information security level protection inspection toolbox and combining the change of the level protection 2.0 with the basic overall induction of the level protection 1.0 and the design and development after comprehensive analysis, so that the integrated process operation management of 'grading, reforming, testing and evaluation, filing, security self-inspection and supervision inspection' of an information system is realized, and an interface of an important information system basic database of the ministry of public security, a level protection integrated service cloud platform interface, a transverse direction which is related to an upper-lower level unit, a supervision department, a main administrative department and the like are reserved, And a plurality of data interfaces are arranged vertically.
Disclosure of Invention
The invention aims to solve the defects in the prior art and provides a level protection integrated management platform.
In order to achieve the purpose, the invention adopts the following technical scheme:
the utility model provides a comprehensive management platform of level protection, includes terminal, show module, application module and data module, the terminal is connected with show module, application module and data module respectively, including control show unit and work show unit in the show module, including user service unit and backstage business unit in the application module, data module includes user data unit and inside data unit, the terminal includes general terminal and special terminal, general terminal and control show unit connect, general terminal is connected with the work unit.
Preferably, the user data unit stores various data generated in the process of carrying out level protection work by the user unit, such as basic information data, information asset data, index gap data, safety risk data, safety management data and the like of the user unit.
Preferably, the internal data unit stores databases such as a level protection policy and regulation, a standard specification, a safety management system, an emergency response plan and a drill, and a series of core basic data such as an information product basic database, a level protection basic requirement index database, an equal-compliance recommendation policy baseline database, a product safety configuration operation knowledge base, a professional vulnerability information base, an optimal safety management and system practice database, which are independently designed and created by a central network.
Preferably, the user service unit provides service function logics related to grade protection work, such as basic information management, grading record management, index gap management, safety risk management, system operation management, grade evaluation management, work task management, document material management, requirement report management and the like for a user unit.
Preferably, the background management unit provides business function logics facing a platform background management part, such as unit information management, information system management, personnel organization management, account authority management, platform configuration management, platform updating and maintenance, and the like, and provides interactive display related to business.
Preferably, the monitoring and displaying unit provides a statistical chart and character information related to the real-time display unit level protection work overall condition, the information system level protection work condition, the level protection classification work condition, the level protection asset safety condition, the unit level protection work real-time event and the like for a user unit.
Preferably, the work display unit provides interactive display of basic information asset comprehensive display, top-level filing process progress comprehensive display, index difference leveling and modifying state integrated display, safety risk assessment and modifying state comprehensive display, level evaluation process progress state comprehensive display and other protection work flows for a user unit.
Preferably, the universal terminal is used by a third-party person, a system administrator and a related leader, and the special terminal is used by the related leader and a security administrator.
Preferably, the working unit performs basic information management of grade protection, grading record management of grade protection, grade protection index gap management, safety risk management of grade protection, running management of a grade protection system, evaluation work management of grade protection, management and updating of various knowledge bases related to grade protection and online work support of grade protection experts.
The invention has the beneficial effects that:
according to the invention, the grade protection work is divided into two large visual angles including a management visual angle and an execution visual angle, so that a user of a user unit can respectively perform his job, and meanwhile, the grade protection work is divided into three large work stages, a system investigation and construction stage, a maintenance-waiting and renovation stage, a safety operation and maintenance management stage, and a full process of the maintenance-waiting work is penetrated, so that the maintenance-waiting work can be operated clearly and smoothly. The comprehensive management platform for level protection provides more visual charts and generalized tools, so that a user can know the progress of protection work such as daily document management and notification through the platform more intuitively, and the user can process the affairs such as daily document management and notification.
Drawings
Fig. 1 is a schematic structural diagram of a level protection integrated management platform according to the present invention.
Fig. 2 is an overall service module diagram of a level protection integrated management platform according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments.
Referring to fig. 1-2, a comprehensive management platform for level protection comprises a terminal, a display module, an application module and a data module, wherein the terminal is respectively connected with the display module, the application module and the data module, the display module comprises a monitoring display unit and a working display unit, the application module comprises a user service unit and a background service unit, the data module comprises a user data unit and an internal data unit, the terminal comprises a universal terminal and a special terminal, the universal terminal is connected with the monitoring display unit, the universal terminal is connected with the working unit, and the user data unit stores various data generated in the working process of level protection of relevant user units, such as basic information data of the user units, information asset data, index gap data, safety risk data, safety management data and the like;
the internal data unit stores databases of level protection policy rules, standard specifications, safety management system, emergency response plans, drills and the like, and a series of core basic data such as an information product basic database, a level protection basic requirement index database, an equal-compliance recommended strategy baseline database, a product safety configuration operation knowledge base, a professional vulnerability information base, an optimal safety management and system practice database and the like which are independently designed and created by a central network security, the user service unit provides service function logics of basic information management, level-fixing record management, index gap management, safety risk management, system operation management, level evaluation management, work task management, document material management, demand report management and the like of related level protection work for a user unit, and the background management unit provides unit information management, information system management, demand report management and the like for a platform background management part, The system comprises a personnel organization management system, an account authority management system, a platform configuration management system, a platform updating maintenance system and other business function logics, and also provides business related interactive display, a monitoring display unit provides related statistical charts and character information for displaying the integral state of unit level protection work, the working state of information system level protection, the working state of level protection classification, the safety state of level protection assets, the real-time event of unit level protection work and the like in real time for a user unit, a working display unit provides interactive display of basic information assets, comprehensive display of top level filing process progress, index difference leveling finishing state integration display, safety risk assessment finishing state comprehensive display, grade assessment process progress comprehensive display and other level protection work flows for the user unit, and a universal terminal is used by third-party personnel, a system manager and related leaders, the special terminal is used by a related leader and a safety manager, and the working unit carries out basic information management of grade protection, grade protection and grading record management, grade protection index gap management, grade protection safety risk management, grade protection system operation management, grade protection evaluation working management, various knowledge base management and updating of related grade protection and grade protection expert online working support.
The working principle is as follows: the safety manager and the related leader control the working units through a special terminal to respectively complete the construction, operation, maintenance, management, monitoring and other works related to the level protection work, including level protection basic information management, level protection level filing management, level protection index gap management, level protection safety risk management, level protection system operation management, level protection evaluation work management, management and update of various knowledge related to level protection, online work support of level protection experts, real-time monitoring of the unit level protection work integral condition, real-time monitoring of the information system level protection work condition, real-time monitoring of the level protection classification work condition, real-time monitoring of the level protection asset safety condition, real-time monitoring of the unit level protection work condition, real-time monitoring of the level protection asset safety condition, monitoring of the unit level protection work condition, monitoring of the level protection asset safety condition and the like, The unit level protection work event real-time monitoring and other works, the data module separates user unit data from built-in data of the platform, wherein the user database stores basic information data, information asset data, index difference data, safety risk data, safety management data and other data generated in the process of carrying out level protection work by the user units, the built-in data of the platform is used for specially storing basic data for driving the service operation of the whole level protection platform, and comprises databases of level protection policy and regulation, standard specification, safety management system, emergency response plan, drilling and the like, and information product basic database, level protection basic requirement index database, equal insurance compliance recommendation strategy baseline database, product safety configuration operation knowledge base, professional vulnerability information base, etc A series of core basic data such as an optimal safety management and system practice database; the application module is based on the data module, after the business object and the functional logic of the comprehensive management platform for the level protection are designed and developed, the business related to the level protection work is communicated, associated and processed in the background, and therefore the corresponding relation between the display module and the data module is established. In the application module, the comprehensive management platform for level protection provides 2 different service logic frameworks for user service and platform management respectively. The user service logic architecture provides service function logics of basic information management, grading record management, index difference management, safety risk management, system operation management, grade evaluation management, work task management, document material management, demand report management and the like for user units, and the background management service logic architecture provides service function logics of unit information management, information system management, personnel organization management, account authority management, platform configuration management, platform updating maintenance and the like for a platform background management part, and provides service-related interactive display.
The display module belongs to a window interface of interaction between the comprehensive management platform for level protection and related personnel of a user unit, and provides service interaction and result display for the related personnel after being in butt joint with each service function of the application module. The display module is divided into two display frames of monitoring display and working display: the monitoring display provides a statistical chart and character information related to the real-time display unit level protection work integral condition, the information system level protection work condition, the level protection classification work condition, the level protection asset safety condition, the unit level protection work real-time event and the like for a user unit; the work display provides interactive display of basic information asset comprehensive display, top-level filing process progress comprehensive display, index difference leveling, modifying and state integrating display, safety risk assessment, modifying and state comprehensive display, level evaluation process progress state comprehensive display and other level protection work flows for a user unit.
The above description is only for the preferred embodiment of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art should be considered to be within the technical scope of the present invention, and the technical solutions and the inventive concepts thereof according to the present invention should be equivalent or changed within the scope of the present invention.
Claims (9)
1. The utility model provides a comprehensive management platform of level protection, includes terminal, show module, application module and data module, its characterized in that, the terminal is connected with show module, application module and data module respectively, including control show unit and work show unit in the show module, including user service unit and backstage business unit in the application module, data module includes user data unit and inside data unit, the terminal includes general terminal and special terminal, general terminal and control show unit connect, general terminal is connected with the work unit.
2. The integrated management platform for level protection according to claim 1, wherein the user data unit stores various types of data generated during the process of carrying out level protection work by the user unit, such as basic information data, information asset data, index gap data, security risk data, and security management data of the user unit.
3. The integrated management platform for class protection according to claim 1, wherein the internal data unit stores databases of class protection policy and regulation, standard specification, security management system, emergency response plan and exercise, and a series of core basic data such as information product basic database, class protection basic requirement index database, etc. compliance protection recommendation strategy baseline database, product security configuration operation knowledge base, professional vulnerability information base, optimal security management and system practice database, which are created by the security independent design of the central network.
4. The integrated management platform for level protection according to claim 1, wherein the customer service unit provides service function logic for customer units related to level protection work, such as basic information management, level record management, index gap management, security risk management, system operation management, level evaluation management, work task management, document material management, and requirement report management.
5. The integrated management platform for level protection according to claim 1, wherein the background management unit provides business function logic of unit information management, information system management, personnel organization management, account authority management, platform configuration management, platform update and maintenance facing to a platform background management part, and provides interactive display related to business.
6. The integrated management platform for level protection according to claim 1, wherein the monitoring and displaying unit provides a statistical chart and text information related to the unit level protection work overall status, the information system level protection work status, the level protection classification work status, the level protection asset safety status, the unit level protection work real-time event and the like for the user unit.
7. The integrated management platform for level protection according to claim 1, wherein the work display unit provides interactive display of the level protection work flow such as integrated display of basic information assets, integrated display of top-level filing process progress, integrated display of index difference leveling and modifying state, integrated display of safety risk assessment and modifying state, integrated display of level evaluation process progress state and the like for a user unit.
8. The integrated management platform for level protection according to claim 1, wherein the general terminals are used by third-party personnel, system administrators and related leaders, and the special terminals are used by related leaders and security administrators.
9. The integrated management platform for level protection according to claim 1, wherein the work units perform basic information management for level protection, level protection filing management, level protection index gap management, level protection security risk management, level protection system operation management, level protection evaluation work management, management and update of various knowledge bases related to level protection, and online work support of level protection experts.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010934541.7A CN112287351A (en) | 2020-09-08 | 2020-09-08 | Comprehensive management platform for level protection |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010934541.7A CN112287351A (en) | 2020-09-08 | 2020-09-08 | Comprehensive management platform for level protection |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112287351A true CN112287351A (en) | 2021-01-29 |
Family
ID=74419798
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010934541.7A Pending CN112287351A (en) | 2020-09-08 | 2020-09-08 | Comprehensive management platform for level protection |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112287351A (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2010139167A1 (en) * | 2009-06-05 | 2010-12-09 | 深圳市脑库计算机系统有限公司 | Expert support application system platform for government affair and business affair decision-making and its construction method |
| CN103839215A (en) * | 2013-04-03 | 2014-06-04 | 杨涛 | Multi-dimensional comprehensive information security assessment service platform system |
| CN107046481A (en) * | 2017-04-18 | 2017-08-15 | 国网福建省电力有限公司 | A kind of information system integrated network management system comprehensive analysis platform |
| CN108737425A (en) * | 2018-05-24 | 2018-11-02 | 北京凌云信安科技有限公司 | Fragility based on multi engine vulnerability scanning association analysis manages system |
-
2020
- 2020-09-08 CN CN202010934541.7A patent/CN112287351A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2010139167A1 (en) * | 2009-06-05 | 2010-12-09 | 深圳市脑库计算机系统有限公司 | Expert support application system platform for government affair and business affair decision-making and its construction method |
| CN103839215A (en) * | 2013-04-03 | 2014-06-04 | 杨涛 | Multi-dimensional comprehensive information security assessment service platform system |
| CN107046481A (en) * | 2017-04-18 | 2017-08-15 | 国网福建省电力有限公司 | A kind of information system integrated network management system comprehensive analysis platform |
| CN108737425A (en) * | 2018-05-24 | 2018-11-02 | 北京凌云信安科技有限公司 | Fragility based on multi engine vulnerability scanning association analysis manages system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Bresnen et al. | Building partnerships: case studies of clientcontractor collaboration in the UK construction industry | |
| CN104809933B (en) | A kind of power grid is without script emergency drilling system, drilling method and equipment | |
| CN109508848A (en) | Enterprise's production safety risk assessment and management system | |
| CN110070307B (en) | Information visualization management system based on WBS | |
| CN105974869A (en) | Energy-saving monitoring center applied to building environment adaptive energy-saving management system | |
| CN109829034A (en) | A kind of enterprise's tree spectrogram methods of exhibiting based on main market players's credit data | |
| CN102622677A (en) | Enterprise safety production management method | |
| CN113689129A (en) | Comprehensive safety supervision information platform system based on risk classification and classification supervision | |
| KR102411674B1 (en) | Method for providing financial service information | |
| JP2006268717A (en) | Civil engineering cost integration system | |
| CN109325646A (en) | A kind of turnaround of unit scene high-risk operations dynamic control method | |
| Zheng et al. | Routes to failure and prevention recommendations in work systems of hydropower construction | |
| CN110910288A (en) | Intelligent safe bottom-crossing system | |
| CN113539455A (en) | Hospital field evaluation system, device and method | |
| CN109858807A (en) | A kind of method and system of enterprise operation monitoring | |
| CN116703148B (en) | Cloud computing-based mine enterprise risk portrait method | |
| CN112287351A (en) | Comprehensive management platform for level protection | |
| CN102013081A (en) | User-defined credit analysis model method based on credit rating system | |
| US20150073850A1 (en) | Assessing Staffing Coverage for Software Applications | |
| CN115759950A (en) | Electric power service risk early warning system and storage medium | |
| CN114819639A (en) | Security risk management and control system based on dual prevention mechanism | |
| CN112258138B (en) | Construction site safety management informatization system | |
| CN114254908A (en) | Risk perception and supervision platform for regional financial non-bank financial institution | |
| Kamardeen | Web-based safety knowledge management system for builders: A conceptual framework | |
| CN207380745U (en) | The device management application system of refining glue intelligence manufacture new model |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210129 |
|
| RJ01 | Rejection of invention patent application after publication |