Design And Implementation Of E-government Information Security System

With the development of science and technology and the gradually popularization of the electronic government affairs,People's Daily life is becoming more and more convenient.But due to personal e-government and e-government with confidential information,so the security of e-government is also more and more important.Electronic government affairs information system of the transmission medium,the related communication protocol and software framework,especially the core of the whole information system software,the core server data is the weak link of the whole network security need to be considered emphatically.Therefore,it is necessary to provide a security system that can protect the internal network server resources,but also can detect external initiated network attacks,so that users can find the source of attack and take some security measures.At present,the corresponding information security products are more decentralized,and the cost is higher.The system used by the operating system,web server,Mysql database,intrusion prevention tools,gateway architecture are based on open source software,so the cost is greatly reduced,and the integration of the security gateway,intrusion prevention function in a system,To facilitate the administrator,the auditor for effective management.Based on the analysis of the development direction and the security problems of the existing e-government,this paper combines an open source Linux system,database technology,Web server technology,PHp programming technology and intrusion prevention technology to achieve an e-government-based information security system.The system can achieve the government network and the public network between the network isolation,effective guarantee of network data server security.The system is based on the function of intrusion prevention,and can log the attack data of the internal network through the system equipment for the administrator to view.According to the actual application situation of the Inland Revenue Department,the specific functional requirements are put forward,and the use case and data flow analysis method are used to analyze the detailed requirements of E-government information security system.The design of the entire e-government information security system program,given the system program design.On this basis,the overall architecture of the software is designed,and the overall architecture design is given.Design and implementation of the underlying management configuration module,this module is used for the entire system configuration information management.Given the realization of class diagram and workflow diagram.The intrusion prevention function module is designed and implemented.This module is used to detect network attack packets and generate alarm log.The address translation module is designed and implemented for source address translation and destination address translation.Design and implementation of the page configuration and log query function module.For the core module,the database structure is designed.The network topology of the routing mode is used to test the system.Through the configuration of the source address translation function to achieve the internal network to initiate access to external networks,access to external network resources,and external network can not access the network resources.Through the configuration of the destination address translation function to achieve the external network of sensitive data resources within the network access,and can not be placed on the other resources within the network.Use the attack function from the external network through the system on the network host launched a scanning attack,the system correctly identifies the attack data,and statistics can be viewed through the page log.The page log section incorrectly identifies the severity of the attack and lists the subject of the log.The test results reached the design expectations.