摘要
近年来,国内外企业遭受网络攻击、信息泄露等安全事件频发,网络信息安全形势日趋严峻。根据数据统计,企业安全事件多数是因内部人员引发,通过对包括合作伙伴在内的所有系统建设、运维等自有人员的操作审计,可以有效地预防、规避安全事件。信息系统在运行过程中会产生大量的操作数据,为了提升安全审计效率与精准性,采用集中化的方式,使用关联分析方法,基于自动化技术,研究并构建安全审计服务体系。
In recent years,domestic and foreign enterprises have been subjected to frequent network attacks,information leakage and other security incidents,and the situation of network information security has become increasingly grim.According to data statistics,most enterprise security incidents are triggered by internal personnel.It can be effective through the operation audit of all system construction,operation and maintenance personnel including partners.Prevent evasion of safety incidents.In order to improve the efficiency and accuracy of security audit,a security audit service system oriented to centralized system with centralized way and association analysis method and automation technology is studied and constructed.
作者
陈乐
魏丽丽
李冠道
许敬伟
Chen Le;Wei Lili;Li Guandao;Xu Jingwei(China Mobile Information Technology Co.,Ltd.,GuangdongGuangzhou 510640)
出处
《网络空间安全》
2019年第7期1-6,共6页
Cyberspace Security
关键词
信息安全
安全审计
集中化
关联分析
自动化
information security
security audit
centralization
association analysis
automation technology
