Network security strategy verification system and method on basis of formalizing method

A formalized method and technology of security strategy, applied in the field of information, can solve the problems of lack of description and verification of security strategy, high professional requirements of users, and achieve the effect of expanding the scope, overcoming high professional requirements and simple operation.

Active Publication Date: 2014-07-02
XIDIAN UNIV
View PDF2 Cites 23 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The security policies that can be verified by the existing security policy verification methods can only be applied to policies with clear subjects, objects, and actions. Other security policies such as whether to allow remote login, whether the installed anti-virus software virus database is expired, etc. are not checked. Describe and verify
[0006] (3) High professional requirements for users

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network security strategy verification system and method on basis of formalizing method
  • Network security strategy verification system and method on basis of formalizing method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0056] The present invention will be further described below in conjunction with the accompanying drawings.

[0057] refer to figure 1 , the system of the present invention includes a policy verification and issuance center 1, a terminal device 2 and a database server 3.

[0058] Policy verification and release center 1, including vulnerability detection and repair module, policy formalization module, policy consistency verification module, policy completeness verification module, policy comparison module and policy distribution module.

[0059] The vulnerability detection and repair module is used to compare the relevant information obtained from the host or server with the standard vulnerability database, detect whether there are known vulnerabilities, and search for and download relevant patches on the Internet for repair.

[0060] The policy formalization module is used to convert the relevant information extracted from the terminal device into a custom security policy fo...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a safety strategy verification system and method on the basis of a formalizing method. The system comprises a strategy verification and release center, a terminal device and a database server. The method includes the steps that information is extracted from the terminal device through an information collecting module of the strategy verification and release center, a leak detection and repair module carries out leak detection and repair, a safety strategy is generated through a strategy formalizing module, a strategy consistence verification module carries out conflict detection and elimination on the safety strategy, a strategy completeness verification module carries out completeness verification and repair on the safety strategy, a strategy comparison module compares the safety strategy operating on the current terminal device with configurations expected by an administrator, and the safety strategy is converted into a command capable of being identified by the terminal device through a strategy configuration module and is sent to the terminal device to be carried out. In terms of network safety strategy verification, the system and method have the advantages of universality, completeness, usability and automation.

Description

technical field [0001] The invention belongs to the field of information technology, and further relates to a formal method-based network security policy verification system and method in the field of information technology. The invention can be used to verify the consistency and completeness of the security policy adopted on the terminal equipment under different network environments, and perform specific configuration on the corresponding equipment according to the requirement of the network administrator. Background technique [0002] Network security policy is the basis of network security management and normal network operation, and is the description of behavior rules related to network security. In practical applications, network security policies are usually expressed as a series of constraint rule sets. In order to ensure the effective implementation of security policies, the security rule sets themselves need to meet the requirements of consistency and completeness...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
Inventor 朱辉李晖赵兴文任海苏胆张云
Owner XIDIAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap