| 基于ITIL的网络安全运营管理体系研究 |
| |
| 引用本文: | 刘海峰,连一峰.基于ITIL的网络安全运营管理体系研究[J].计算机工程与应用,2007,43(9):193-197. |
| |
| 作者姓名: | 刘海峰 连一峰 |
| |
| 作者单位: | 中国科学院,研究生院,信息安全国家重点实验室,北京,100049 |
| |
| 基金项目: | 国家自然科学基金
,
北京市科技计划 |
| |
| 摘 要: | 采用安全运营管理平台对来自于防火墙、入侵检测系统、防病毒系统、主机及网络设备的报警信息和安全审计数据进行综合分析,可以实现更为有效的安全管理,及时判断安全事件及网络系统的现状和发展趋势。由于在安全运营管理相关技术和产品的研究开发过程中缺乏统一的标准和规范,使得无法有效地利用现有技术和产品进行高效的事件联动、协助分析和信息综合,这对高效的安全运营管理带来了巨大的挑战。文章从国内外现状和趋势出发,综合借鉴BS7799、NIST SP 800系列以及其它有关信息安全标准的特点,引入IT服务管理的理念,将安全运营管理定位为IT基础设施库中的服务,详细阐述了基于ITIL的网络安全运营管理体系的设计思想、基本框架、管理流程和流程间的关系。
|
| 关 键 词: | 安全运营管理 IT基础设施库 服务级别管理 |
| 文章编号: | 1002-8331(2007)09-0193-05 |
| 修稿时间: | 2006-11 |
Architecture for network security operation management based on ITIL |
| |
| LIU Hai-feng,LIAN Yi-feng.Architecture for network security operation management based on ITIL[J].Computer Engineering and Applications,2007,43(9):193-197. |
| |
| Authors: | LIU Hai-feng LIAN Yi-feng |
| |
| Affiliation: | State Key Laboratory of Information Security,Graduate School of Chinese Academy of Sciences,Beijing 100049,China |
| |
| Abstract: | Security operation platform can realize more effective security management and judge the current situation and trend of security incidents and networks system in time by analyzing the alarm information and security audit data from Firewall,IDS,anti-Virus system,mainframe and networks devices.Due to lacking of the uniform standard and criterion in developing the techniques and products of security operation,it brings a big challenge to highly efficient security operation and is unable to leverage the current techniques and products to conduct the incidents linkage,associated analysis and information integration. By the research of the worldwide status and trend and using BS7799,NIST SP800 series and other standards for reference,we introduce the theory of IT services and position the security operation as service in IT Infrastructure Library (ITIL),and expound the design ideas,framework,management procedures and the relations between the procedures of the ITIL-based networks security operation platform. |
| |
| Keywords: | Security Operation Management IT Infrastructure Library(ITIL) Service Level Management(SLM) |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
