基于安全态势感知平台的高校网络SOC研究——以第四军医大学为例  被引量：20

作　　者：高薇[1] 许浩[1] 宁玉文[1] 高东怀[1] 

机构地区：[1]第四军医大学信息管理中心,陕西西安710032

出　　处：《计算机技术与发展》2018年第1期150-154,共5页Computer Technology and Development

基　　金：中国高等教育学会2014年专项课题(2014XXH1201YB)

摘　　要：在日益严峻的网络安全形势下,为了改进高校网络安全管理工作,建立了统一的SOC和安全管理机制。调查了陕西省高校网络安全管理工作的新特点与存在的问题,借鉴企业SOC的机制和WPDRRC模型,以第四军医大学为研究个案,对其SOC机制进行重新设计实践。在WPDRRC模型的基础上提出了由预警、保护、检测、响应、恢复和改进六个环节,组织架构、技术体系和管理流程三个要素组成的WPDRRI模型。以第四军医大学校园网SOC为例,构建了决策、管理、运营和应用4个层次的SOC组织体系,按照划分安全域的思想设计了校园网整体的安全防护架构,探索了校园网安全态势感知平台的日常和异常网络安全运维流程。结果表明,WPDRRI模型符合高校网络安全管理实际,可以用于指导高校网络SOC建设。Under the increasingly serious network security situation, we establish an unified SOC and security management mechanism in order to improve the network security management in higher schools. According to investigation about new characteristics and problems of safety management work in Shaanxi Province higher schools, taking the Fourth Military Medical University as a case, we redesign and practice the SOC management plan of the higher schools, which referred to enterprise SOC mechanism and WPDRRC model. Based on the WPDRRC, a new WPDRRI model, which is composed of the six links by warning, protection, detection, response, and three elements by organization structure,technology system and management process, is proposed. Taking campus network SOC from the Fourth Military Medical University as an example, we build four levels SOC system including decision-making, management, operation and application. In accordance with the partition of network security domain, the overall security architecture of the campus network is designed, and the daily and abnormal network security service process based on the security situation awareness platform of network platform is explored. The re- sults show that WPDRRI model is fit for actual condition of network safety management in higher schools, which can be used to guide the construction of university network SOC.

关 键 词：安全态势感知 高校校园网 安全运营中心 网络安全管理 

分 类 号：G434[文化科学—教育学]