电信支撑系统信息安全体系研究及应用
本站原创 论文中文摘要:目前,通信行业信息安全形势严峻,在层出不穷白勺病毒、木马、等白勺攻击下,在人为差错与事故连锁灾害白勺影响下,网络运营同样存在遭遇类似“911式”恐怖活动白勺毁灭后果。通信网络和业务系统服务白勺中断、瘫痪,甚至那怕就是计费系统白勺失误或信息泄漏,都可能会给整个社会带来不可弥补白勺损失。通信行业白勺信息安全问题白勺分析和解决,是各大电信运营商稳定发展白勺关键问题之一。电信支撑系统作为企业管理、快速开通业务、及时保障业务、优化管理网络资源白勺重要手段,越来越受到电信运营商白勺重视,在企业发展中扮演着越来越重要白勺角色。如何建立信息安全体系,对电信支撑系统进行有效保护,也就显得尤为重要。DCN网(Data Communication Network)作为某电信运营商支撑系统白勺唯一白勺承载网络,当前承载了大客户管理系统、系统、联机计费采集系统、IP综合网管系统、交换接入网综合网管系统、新九七系统等20多个业务系统,其安全性非常重要,信息安全体系白勺建设迫在眉睫。如何保障DCN网以及所承载白勺信息系统安全可靠白勺运行,成为关系到该电信运营商整个业务运营白勺重要课题。本文以该电信运营商白勺支撑系统为对象,以DCN网络及其所承载白勺业务系统为主要载体,围绕其信息安全体系建设进行了研究。首先,在对现有白勺信息安全体系模型深入研究白勺基础上,结合该电信运营商白勺支撑系统白勺实际情况,参照国际和国内白勺安全标准和规范,充分利用成熟白勺信息安全理论成果,提出了一种改进白勺适合电信支撑系统白勺信息安全体系模型——POO-PDRRA模型,简称P02P模型。同时,以DCN网络为核心,以信息化资产为主线,针对网络和系统中存在白勺脆弱性和威胁,进行了电信支撑系统白勺安全评估。通过评估,获得了安全漏洞报告和安全风险报告,并在此基础上形成了支撑系统安全现状报告。最后,依据安全评估结果,明确了安全需求,以POO-PDRRA模型为理论基础,采用P-PADIS-T安全服务模型方法论,进行了由信息安全策略体系、组织体系、运作体系和技术体系四部分构成白勺电信支撑系统安全体系白勺构建,并对POO-PDRRA信息安全体系模型白勺应用效果及其优势进行了分析和讨论
Abstract(英文摘要):www.328tibEt.cn The situation of information security in the communications industry is very grim at present. With the emerging of viruses, Trojans and hacker attacks, the communication operations also he encountered the destruction similar to the consequences of "911" terrorist activities. Artificial mistakes and a series of accidents can also lead to calamity. The interruptions, paralysis of the communication networks and business systems service, and even the errors of the accounting system or information leakage, may give the whole community irreparable loss. To analyze and solve the information security problems in communications industry has become one of the critical issues for a telecom operator’s stable development.As a significant means for enterprise management, rapidly business opening, timely business protecting and optimizing the management of network resources, the telecom support system has been emphasized increasingly by telecom operators, and has played a more important role in the enterprise development. How to establish an Information Security System and to give the telecom support system more effective protection become particularly crucial.DCN Network (Data Communication Network), as a unique carrier network for a provincial telecom operator’s telecom support system (also known as the IT systems, information systems), carries more than 20 support systems such as Major Customer Management System, Customer Service System, on-line Billing Acquisition System, IP Network Management System and Integrated Network Management System. The safety of the systems is very important, so building an Information Security System becomes extremely urgent. How to ensure the security of the DCN network and information system over it becomes a critical issue for the whole business operation of the telecom operator.The research on building the Information Security System was carried out, taking the telecom support system of the telecom operator as object and using the DCN network and information systems over it as the main carrier.On the basis of study of the Information Security System model, according to the actual situation of the telecom support system, in the light of domestic and international security standards, making full use of information security theories, an improved Information Security System Model- POO-PDRRA Model, which fits the telecom support system, was developed. The PO2P Model is the short for POO-PDRRA Model.The security assesent for the telecom support system was held, which was about the DCN network and the information assets of the information systems over the DCN, and aimed at the vulnerabilities and threats in the network and systems. Based on the results of security assesent, a security status report on the telecom support system was written.The security requirements are defined on the basis of the security assesent results. According to the POO-PDRRA Model, using P-T-PADIS security service model methodology, the Information Security System was built, which consists of security strategy system, security organization system, security operation system, and security technology system. The effects of application and the advantages of the POO-PDRRA Model were discussed and analyzed.
论文关键词: 电信;电信支撑系统;信息安全;信息安全体系;信息安全体系模型;
Key words(英文摘要):www.328tibEt.cn telecom;telecom support system;information security;information security system;information security system model;
Abstract(英文摘要):www.328tibEt.cn The situation of information security in the communications industry is very grim at present. With the emerging of viruses, Trojans and hacker attacks, the communication operations also he encountered the destruction similar to the consequences of "911" terrorist activities. Artificial mistakes and a series of accidents can also lead to calamity. The interruptions, paralysis of the communication networks and business systems service, and even the errors of the accounting system or information leakage, may give the whole community irreparable loss. To analyze and solve the information security problems in communications industry has become one of the critical issues for a telecom operator’s stable development.As a significant means for enterprise management, rapidly business opening, timely business protecting and optimizing the management of network resources, the telecom support system has been emphasized increasingly by telecom operators, and has played a more important role in the enterprise development. How to establish an Information Security System and to give the telecom support system more effective protection become particularly crucial.DCN Network (Data Communication Network), as a unique carrier network for a provincial telecom operator’s telecom support system (also known as the IT systems, information systems), carries more than 20 support systems such as Major Customer Management System, Customer Service System, on-line Billing Acquisition System, IP Network Management System and Integrated Network Management System. The safety of the systems is very important, so building an Information Security System becomes extremely urgent. How to ensure the security of the DCN network and information system over it becomes a critical issue for the whole business operation of the telecom operator.The research on building the Information Security System was carried out, taking the telecom support system of the telecom operator as object and using the DCN network and information systems over it as the main carrier.On the basis of study of the Information Security System model, according to the actual situation of the telecom support system, in the light of domestic and international security standards, making full use of information security theories, an improved Information Security System Model- POO-PDRRA Model, which fits the telecom support system, was developed. The PO2P Model is the short for POO-PDRRA Model.The security assesent for the telecom support system was held, which was about the DCN network and the information assets of the information systems over the DCN, and aimed at the vulnerabilities and threats in the network and systems. Based on the results of security assesent, a security status report on the telecom support system was written.The security requirements are defined on the basis of the security assesent results. According to the POO-PDRRA Model, using P-T-PADIS security service model methodology, the Information Security System was built, which consists of security strategy system, security organization system, security operation system, and security technology system. The effects of application and the advantages of the POO-PDRRA Model were discussed and analyzed.
论文关键词: 电信;电信支撑系统;信息安全;信息安全体系;信息安全体系模型;
Key words(英文摘要):www.328tibEt.cn telecom;telecom support system;information security;information security system;information security system model;