摘要
为了规范企业内网用户的操作行为,防止内部敏感信息泄露,适应企业内网大规模多级化的特点,提出了内网安全监管审计系统,对系统的总体架构设计进行了阐述。介绍了基于P2DR模型的系统安全模型;基于"服务器—控制台—受控代理"的系统物理结构;基于角色访问控制机制的分布式授权管理模型;基于TCP/IP协议的跨越因特网的不同局域网之间的系统通信机制。
In order to rule the users' beheaviors in an inner network,prevent the exposure of the internal sensitive information and be suitable for enterprise inner-network's features: large-scale and multi-level,the inner network security monitoring and audit management system were presented and its design of architecture was introduced in this paper.The system's security model is based on P2DR security model,the system's physical structure is based on 'server-console-controlled agent',and its distributed authorization management model is based on the mechanism of role-based access control,the system's mechanism of communication among different LANs over internet which is based on TCP/IP protocol are specified.
出处
《计算机应用》
CSCD
北大核心
2008年第S2期267-270,共4页
journal of Computer Applications
关键词
内网安全
监管
审计
架构
inner network security
monitoring
audit
architecture
