摘要
本文介绍了客票系统网络结构和网络管理结构 ,并对潜在的安全风险进行了分析 ,同时结合当前先进网络安全技术 ,围绕客票系统 ,介绍使用防火墙、入侵检测和安全扫描软件、内部安全管理策略三项关键技术构成的三层安全防护体系。防火墙对内部网络形成了第一道保护 ,阻止了来自外部的大部分攻击 ;使用安全扫描软件可提前发现系统中存在的不安全隐患 ,入侵检测可阻断正在进行的网络攻击 ;内部安全管理从操作系统、数据库、客票应用系统三方面加以考虑 ,加强和完善了客票系统已有的安全措施。通过对网络安全技术的综合使用 ,形成完整的安全管理机制 。
Based on network and management structures of Ticking and Reservation System, this paper analyses potential risks of the system, and presents a three layer protective system which include such advanced technologies as firewall, intrusion detection, security scanning software and internal security strategy. The firewall forms the first gateway of the system, leave most of intrusion failed; the security scanner could pre discover system vulnerabilities, and the intrusion detection could intercept and hold back network intrusion timely; the internal security strategy are applied in operating system, database and the Ticketing System,strengthened former strategy the system used. By making full use of the security technology, an integrated architecture has been established which greatly enhanced the system security.
出处
《中国铁道科学》
EI
CAS
CSCD
北大核心
2002年第3期60-63,共4页
China Railway Science
基金
铁道部科技研究开发计划项目 (99Y2 4)
