| The information network of China Petrifaction corporation is a multi-area and integrated business network. Based on the operation condition in the recent years using the information system security engineering (ISSE) method, the author analyzes the present condition of the IT system and the main risks which the system is facing, corporation. After twice evaluations for the IT system(including leak scanning), the author organizes and participates the project application and planning of the security system of the IT network. In corporation with a professional company, the demand analysis, risk analysis for the construction of the IT system security system are carried out, and the design for the security system is presented, including general design and the designs for sub-systems. According to the principles of "key ones " preceding "general" and "easy ones" preceding "hard ones", the step-by-step implementation plan is made. The author is in charge of editing the main rules and regulations about maintaining the IT system security, designing and arranging activity directory, the detail rules of the security protection for E-mail system, Windows system, as well as in charge of the design and implementation of anti-virus system and back-up system. In this thesis the further considerations for IT system security is also presented. |
PDF Full Text Request