毕业设计(论文)
题目名称:等级保护集成管理系统 院系名称:计算机学院 班 级: 学 号: 学生姓名: 指导教师:
2013年 5 月
论文编号: 等级保护集成管理系统
Classified protection integrated system
院系名称:计算机学院 班 级: 学 号: 学生姓名:
指导教师:
2013年 5 月
management
摘 要
随着信息技术的高速发展和网络应用的迅速普及,整个社会对信息系统的依赖日益加深,面临的信息安全风险也与日俱增。实施信息系统安全等级保护,能够有效地提高本人国信息系统安全建设的整体水平。信息安全等级保护是当今发达国家保护关键信息基础设施、保障信息安全的通行做法,也是本人国多年来信息安全工作经验的总结。开展信息安全等级保护工作不仅是保障重要信息系统安全的重大措施,也是一项事关国家安全、社会稳定、国家利益的重要任务。
本文中所涉及的基于Web的等级保护安全测评集成系统的设计与实现,主要就是从信息安全的等级保护安全测评的国内外形势出发,分析了现阶段国内外对于电子政务安全测评、等级保护的研究现状,特别是对等级保护在电子政务中安全测评的现状分析,提出了用Web的形式来实现电子政务的推广,并分析了其缺点,同时提出了改进的方案,完成了系统的测试与运行及总结。
关键词:信息系统;信息系统安全;等级保护;等级保护测评
I
Abstract
With the rapid development of information technology and the rapid popularization of network applications, the entire society's dependence on information systems deepening, facing increasing information security risks. Implementation of information system security level of protection, can improve the construction of information system security as a whole. Level of protection of information security in today's developed countries to protect critical information infrastructure, information security of the common practice, but also a country that has information security experience. Level of information security protection to safeguard critical information systems is not only an important safety measures, but also a matter of national security, social stability, national interests of the mission.
Involved in this level of protection of Web-based security evaluation and implementation of integrated system design, information security is mainly the level of protection from the safety evaluation of domestic and international situation, analyzes the current domestic and international security for e-government evaluation, grade protection Research, especially the level of protection in e-government status in the Security Assessment analysis, the use of Web-form to achieve the promotion of e-government, and analyzes its shortcomings, and proposed to improve the program, completed the testing of the system and Operation and summary.
Key words: Information system;Information system security;Classified protection; Grading protection evaluation
II
摘 要 ............................................................................................................... I Abstract ........................................................................................................... II 第1章 引言 ..................................................................................................... 1 1.1 研究背景和意义 .................................................................................... 1 1.1.1研究背景 ........................................................................................ 1 1.1.2研究意义 ........................................................................................ 1 1.2 国内外研究现状 .................................................................................... 2 1.2.1国内等级保护研究现状 ................................................................ 2 1.2.2国外等级保护研究现状 ................................................................ 3 1.2.3存在的问题与总结 ........................................................................ 3 1.3研究内容和目标 ..................................................................................... 3 1.3.1研究内容 ........................................................................................ 3 1.3.2研究目标 ........................................................................................ 4 1.4论文的组织结构 ..................................................................................... 4 1.5小结 ......................................................................................................... 5 第2章 系统的需求分析 ................................................................................. 6 2.1被测单位概念和定义 ............................................................................. 6 2.2被测单位申请测评阶段 ......................................................................... 6 2.2.1被测单位申请测评工作流程 ........................................................ 6 2.2.2申请资料阶段的任务 .................................................................... 7 2.2.3申请测评资料数据抽象描述 ........................................................ 7 2.2.4 申请测评阶段需求分析 ............................................................... 9 2.3测评单位概念和定义 ............................................................................. 9 2.4被测单位申请测评工作流程 ................................................................. 9 2.4.1测评单位审核工作流程 ................................................................ 9 2.4.2管理公告阶段的任务 .................................................................. 10 2.4.3审核测评资料数据抽象描述 ...................................................... 11 2.4.4 申请测评阶段需求分析 ............................................................. 12 2.5小结 ....................................................................................................... 12 第3章 等级保护集成管理的系统分析 ....................................................... 13 3.1 系统的总体设计方案 .......................................................................... 13 3.1.1 总体方案 ..................................................................................... 13 3.1.2 被测单位系统分析 ..................................................................... 13 3.1.3测评机构系统分析 ...................................................................... 14 3.2 系统的设计原则与开发平台 .............................................................. 15 3.2.1 设计原则 ..................................................................................... 15 3.2.2 系统的运行环境 ......................................................................... 15 3.2.3 系统的开发平台 ......................................................................... 15
III