UNIX host safety configuration auditing method based on configurable knowledge base

A technology of security configuration and knowledge base, which is applied in security assessment and solves the field of security configuration audit of UNIX host system, and can solve problems such as enterprise sensitive information leakage, UNIX host system security monitoring, information system damage, etc., to prevent audit content and results The effects of leaking, protecting security and confidentiality, and avoiding duplication of work

Active Publication Date: 2012-01-04
STATE GRID ELECTRIC POWER RES INST +2
View PDF3 Cites 15 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The UNIX host system differs from Windows in its code operation mode of visual operation, and it is difficult for operation and maintenance personnel who lack relevant operation skills to conduct comprehensive security monitoring on the UNIX host system
At present, there is still a lack of general-purpose security detection tools supporting UNIX-like operating systems such as UNIX or Linux in China, which cannot effectively detect the vulnerability of the system, resulting in attacks such as password cracking, illegal connection, and file tampering of the UNIX operating system, which may cause enterprises Sensitive information leakage, information system damage and other major security incidents

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • UNIX host safety configuration auditing method based on configurable knowledge base
  • UNIX host safety configuration auditing method based on configurable knowledge base
  • UNIX host safety configuration auditing method based on configurable knowledge base

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0035] The present invention will be further described below in conjunction with accompanying drawing.

[0036] as attached figure 1 As shown, this method is supported by a "configurable knowledge base", including a UNIX configuration rule base and a security hardening suggestion base, and transmits user requirements in the form of scripts to the host system under test for security audit scanning, and organizes the scan results into structured data After the conversion, it is matched with the standard configuration rules in the knowledge base and the security hardening suggestion library again to perform configuration audit, vulnerability analysis, risk rating, and hardening implementation risk analysis, and form a report to provide users with security audit evaluation results and security implementation suggestions.

[0037] The "configurable knowledge base" is implemented by Access, which has the function of remote independent matching and analysis with user needs and backg...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a UNIX host safety configuration auditing method based on a configurable knowledge base. In the method provided by the invention, the knowledge base comprises a system configuration rule base for safety auditing and a safety reinforcing suggestion base capable of providing safety decision support for a user and flexibly customizing the knowledge base aiming at different UNIX operating system types and safety auditing requirements. According to the invention, the method can be used for screening auditing items provided by the knowledge base according to filtration conditions such as UNIX operating system types, auditing requirements and the like, implementing automatic configuration auditing, bug analysis, risk rating and reinforcing implementation risk analysis of a UNIX host system and forming a report. The method is beneficial to the timely discovery of potential safety hazards of the host system and final achievement of the safety protection of the UNIX hostsystem.

Description

technical field [0001] The invention relates to a security assessment method in the technical field of information security, and is mainly used for solving the security configuration auditing problem of a UNIX host system. Background technique [0002] With the rapid development of information systems, the security of information systems, especially the security of host operating systems used by information systems, has become an important issue in the safe operation, maintenance and security management of information systems. Due to its good portability, operability, and strong network and database support functions, the UNIX operating system has become the first choice for enterprise large-scale business systems to build workstation platforms and operating platforms. Therefore, the security control and defense of UNIX host systems are directly It is related to the safe and stable operation of the information system, and the timely security audit of the UNIX host system is ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/00G06F21/57
Inventor 朱世顺金倩倩刘行董珏陈刚朱晓欢
Owner STATE GRID ELECTRIC POWER RES INST
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap