Mobile information multi-layer network secure auditing system

Abstract

The invention relates to a mobile information multi-layer network security audit system, which pertains to fields of mobile informatization and information security technology. The system includes mobile proxy server, security manager and security audit proxy module; subsystems of mobile proxy server comprises proxy module of access, processing and application security audit which are communicating with security manager. Comparing with conventional technique, the invention provides controllable multi-layer enterprise network security audit mechanism under mobile informatization scenarios, can implement definition, execution of security rules, security log and security alarm, and protects inner resource of the enterprise depending on the mechanism.

Description

technical field [0001] The invention relates to a network security audit system, in particular to a mobile informatization multi-level network security audit system, which belongs to the technical field of mobile informatization and information security. Background technique [0002] Informatization is the development trend of the world today, and mobile informatization marked by mobile and broadband is an inevitable trend and a higher stage of social informatization development. At present, more and more government agencies, enterprises and institutions (hereinafter referred to as enterprises) have applied GPRS (General Packet Radio Service, General Packet Radio Service), SMS (ShortMessage Service, Short Message Service), MMS ( Multimedia Message Service, Multimedia Message Service), WAP (Wireless Application Protocol, Wireless Application Protocol) and other mobile communication means, so that enterprise information applications are gradually extending from a single PC to ...

AI Technical Summary

Problems solved by technology

[0008] 1. Most of the information application systems on the enterprise side only provide system security protection based on static methods such as user names. Users have weak security awareness, and most of them do not set PIN codes (personal identification number, personal identification code); and application system logs are usually not Record the access method and mobile phone number of the access person. Once a security incident occurs, it is difficult to trace the source;

[0009] 2. Mobile service devices on the network side, such as SMG (Short Message Gateway), SMSC (Short Message Service Center), and MMSC (Multimedia Message Service Center), etc. generally adopt the method of retaining logs for evidence collection. Log retention is usually only 3 months, there are security holes;

[0010] 3. There are some restrictions on the network security audit of the underlying mobile data network, such as PUSHMail, because it uses an end-to-end encryption mechanism between the mail proxy gateway and the mobile phone, the security audit measures on the network side cannot play a role;

[0011] 4. For WAP and GPRS applications, due to the operator's operating policy restrictions, for example, the WAP gateway will filter out mobile phone numbers and will not provide relevant information to the application system. The application system will provide application access authentication based on mobile phone numbers. The records include Difficulties in user usage logs for mobile phone number information

[0013] 1. The company's existing security audit equipment and methods lack solutions for mobile phone access scenarios

[0014] 2. There are many types of information application systems, and most of them are provided by different manufacturers. The loading, changing, and implementation of security policies (Policy) depend on the original system provider. It is difficult to implement a unified security policy, and the implementation cycle is long and costly. high

[0015] 3. In current mobile informatization applications, network security audits mainly rely on network-side devices and operator policies. For example, network-side business devices provide information filtering and security logs, which are not controlled by enterprises, and the definition of security policies cannot meet the needs of enterprises. individual security needs

Images