基于B/S架构的工业主机卫士软件设计与实现  

作　　者：任军锋 杨立源 REN Junfeng;YANG Liyuan(Shanghai Institute of Process Automation&Instrumentation Co.,Ltd.,Shanghai 200233,China)

机构地区：[1]上海工业自动化仪表研究院有限公司,上海200233

出　　处：《自动化仪表》2022年第1期33-37,共5页Process Automation Instrumentation

基　　金：国家重点研发计划基金资助项目(2018YFC0808900)。

摘　　要：为了保护工业现场主机软件运行环境安全,设计了一款基于B/S架构的工业主机软件。该软件可对进程和外设进行实时监控,在发现主机存在异常风险行为时能及时告警并阻断。工业主机卫士主要是基于白名单可执行文件控制,还包括U盘、网卡等外接设备管控,可多位一体地保障主机安全。根据国密SM3算法生成唯一指纹信息,形成各条白名单规则。相对于传统的主机卫士软件,该软件创新性地采用B/S架构,主机卫士软件系统和管理平台通过Redis消息中间件通信。用户可以通过统一的管理平台Web界面同时对数十台甚至百台的主机卫士进行运维管理,实时查看各主机节点的安全事件告警信息,统一配置主机白名单规则,一键下发主机安全策略,处理告警风险行为,保障主机安全。B/S架构的主机卫士软件,不仅满足了用户对主机安全保护功能的需求,还减轻了用户的运维工作量,切实解决了用户工作中的痛点。In order to protect the running environment of host software in industrial field, an industrial host guard software based on B/S architecture is designed.The software can monitor the process and peripherals in real time, and alarm and hook the abnormal risk behavior of the host in time.Industrial host guard is mainly based on the white list of executable file, including U disk, network card and other external equipment control.Host security is ensured from the process, peripherals, network adapter and other multi-position in one.Unique fingerprint information is generated based on the national secret SM3 algorithm to form white list rules.Compared with the traditional host guard software, the software innovatively adopts B/S architecture, and host guard software system and management platform communicate through Redis messages middleware.Users can manage the operation and maintenance of ten or even hundreds of hosts at the same time through the unified management platform Web interface, view the security event alarm information of each host node in real time, uniformly configure the host white list rules, issue the host security policy with one key, deal with the alarm risk behavior, and ensure the host security.The host guard software of B/S architecture not only meets the user’s requirements for the security protection function of the host, but also reduces the workload of the operation and maintenance for the user, and effectively solves the pain points in the user’s work.

关 键 词：运行环境 安全防护 白名单 可执行文件 多位一体 SM3 指纹 B/S架构 安全策略 

分 类 号：TH-39[机械工程]