Security protection method based on public network data transmission information system

Abstract

The invention discloses a security protection method based on a public network data transmission information system, which comprises the steps as follows: S1, a host station deploys a host station security protection device with a first encryption and decryption module; S2, a terminal deploys a terminal security protection device with a second encryption and decryption module; S3, an off-line digital certificate system is provided; S4, the security protection devices firstly perform data packet filtration on data packets based on IP (Internet Protocol) addresses, port numbers and protocol numbers when receiving data, so as to achieve the access control function; S5, communicating parties can firstly perform the identity authentication based on the digital certificate system before building an encryption tunnel so as to achieve the identity authentication function; S6, information sent by the host station is encrypted firstly and is decrypted in the terminal security protection device, vice versa; and S7, the host station adopts an internal and external network double-host machine manner, and internal and external network host machines are communicated in a non-network manner, so that a host station information system can be isolated in a non-network manner. By adopting the security protection method, data based on the public network transmission is not easy to intercept, leak and tamper, the identities of the host station and terminal users are not easy to forge, and the host station is not easy to be attacked in an infiltration manner.

Description

technical field [0001] The invention relates to a security protection method of a network information system, and in particular proposes a security protection method based on a public network data transmission information system. technical background [0002] In recent years, network security issues have become increasingly prominent, and hacker intrusions and network attacks are increasing. With the continuous popularization of computer network technology, the public uses computers more and more. In particular, the construction of public information infrastructure has promoted government and enterprise Increasingly dependent on information systems, some businesses and systems related to the national economy and people’s livelihood have encountered unprecedented security challenges, such as the WikiLeaks website leaking a large amount of government confidential information; The attack resulted in the leakage of more than 6 million user data. These accidents fully illustrate...

AI Technical Summary

Problems solved by technology

[0005] Since most information systems of countries, governments, and enterprises have data interaction with the public network, especially most of the existing information systems adopt the headquarters-branch (ie master station-terminal) working mode, the communication between the master station and the terminal Links have security risks such as easy data eavesdropping and leakage, end users are easy to impersonate, and are vulnerable to replay attacks, which pose a great threat to the information systems of the country, government, and enterprises. Therefore, it is necessary to protect the information systems of the public network

Images