| In this thesis, a design and implementation of a network and information security emergency center (NISEC) is presented, which is an importment assurance service framework in the field of information security. Several latest applications and technologies involved in information security are also introduced in detail. The research on NISEC's architecture will be improving the establishment and development of the assurance service framework in our department, and also improving the construction of information industry in our country. The novel architecture of NISEC is based on analysis of applications and security requirements of modern bank network communication system. Our analysis and design are focus on three aspects as the follows:Firstly , based on the new features of applications in bank network, we analysis the new functionality and security requirements, and point out the security and functionality limits of previous CERT's architecture.Secondly, according to the requirements, the architecture of distributed NISEC is provided. The design is focus on the functionality of real-time detection, real-time analysis, real-time response to the emergency incidents in bank network. The whole system is constructed by giving the concepts of detecting incidents and response policy management.Thirdly, the key subsystem of the NISEC, Emergency Response System (ERS), is described and designed in detail. The model of incident reporting and collection, the model of generation and update of incident response policy, and the model of information communication are built and analyzed.This paper finishes the designing of K-IDS, present the models of intrusion detection.The issue of NISEC design is of great practical importance, so the architecture presented provides significant guidance for building NISEC in bank network. |
PDF Full Text Request