摘要
针对目前日益严重的信息资产泄露问题,在对比已有的信息泄露的防御技术基础上,提出一种"基于虚拟应用的安全防泄漏系统",通过集中运算、虚拟应用技术,在服务器上为每一个用户的应用构建独立的计算环境;采用远程桌面、SSLVPN技术保证集中计算环境中数据与用户操作终端的安全隔离;同时基于信息在服务器集中存储和运算,实现终端无痕(用户终端没有数据计算痕迹),防止数据在应用过程中泄露;最后采用统一认证和应用授权发布,管理用户对数据的访问和输出控制。
For serious problem of information resources Leakage and by comparison of available data leakage prevention (DLP) technology,a DLP Based on virtual application is proposed. Through centralized computing and virtual application technology,an independent computing environment for each client on the server is established,and remote desktop and SSL VPN technology is adopted to ensure the security isolation between the central computing environment and the client operation terminal. Meanwhile, based on the centralized storage and operation of information in the server,the untraceablility at client end (no calculation footprints left on the client terminal) is realized,thus to prevent the data leakage in the process of application. Finally,the unified authentication and authorized application release technology is applied to managing the client access to the data and output control.
出处
《信息安全与通信保密》
2010年第7期74-77,共4页
Information Security and Communications Privacy
关键词
信息防泄露
虚拟应用
集中计算
终端无痕
data leakage prevention
virtual application
centralized computing
untraceability at client end
