摘要
在传统的信息安全等级保护测评过程中,当测评人员完成测评工作后,由于人员水平参差,形成的最终报告往往差别较大。为了规范测评结果报告的生成,并方便测评人员对测评结果进行管理,该文基于网络安全等级保护2.0(等保2.0)国家标准要求,设计并实现信息安全等级保护测评管理系统。本系统具有创新性的多方参与管理体系,将用户根据身份的不同划分成不同的角色,不同身份级别的角色对系统中的测评结果拥有不同的查看或修改权限。系统基于B/S架构与MVC框架,利用PHP语言开发,并采用HTML、CSS、JavaScript等前端技术实现系统的可视化、动态化。
In the traditional evaluation process of information security grade protection,when the evaluators complete the evaluation work,the final reports are often quite different due to the differences in the level of personnel.In order to standardize the generation of the evaluation results report and facilitate the evaluators to manage the evaluation results,this paper designs and implements the information security level protection evaluation management system based on the requirements of the national standard of Network Security Level Protection 2.0(Level Protection 2.0).The system has an innovative multi-party participation management system,which divides users into different roles according to different identities,and roles with different identity levels have different permissions to view or modify the evaluation results in the system.The system adopts B/S mode and MVC framework and uses PHP to implement this system.HTML,CSS,JavaScript,and other front-end technologies are used to realize the visualization and dynamics of the system.
出处
《科技创新与应用》
2024年第6期28-33,37,共7页
Technology Innovation and Application
基金
天津市教委科研计划项目(2020KJ025)
中国民航大学大学生创新创业训练计划项目(202210059103)。
关键词
信息安全
等保2.0
测评管理系统
B/S架构
通信技术
information security
Network Security Level Protection 2.0
evaluation management system
B/S architecture
communication technology