A security monitoring method in a distributed network environment

Abstract

The invention discloses a safety monitoring method in a distributed network environment, and relates to the safety monitoring problem in the field of information safety. The invention consists of three parts: a monitoring module, a safety module and a safety mechanism, wherein the safety module is composed of a safety function coordination module, a safety control module, a safety measurement module, a safety decision module and a local reference database. In the present invention, the monitored dynamic data is delivered by the monitoring module, and then measured by the safety measurement module, which is used to measure the safety of the behavior of the monitoring node; the safety decision-making module determines the qualitative safety problem according to the measurement result; the safety control module dispatches the monitored data according to the decision-making result The security mechanism in the system implements the response strategy; the security function coordination module is responsible for communicating with the security measurement module, the security decision-making module and the security control module to realize the security function collaboration. The invention can dynamically customize security policies for the distributed network environment, and maintain the security of monitoring nodes in the distributed network environment.

Description

technical field [0001] The invention relates to the field of information security, and relates to a security monitoring method in a distributed network environment. The security subsystems on the distributed nodes cooperate and dynamically update, customize a dynamic security strategy for the distributed network environment, and realize a security monitoring process. Background technique [0002] With the rapid development of information technology in the 21st century, people pay more and more attention to information security. Distributed network: It is formed by the interconnection of node machines distributed in different locations and having multiple terminals. Any point in the network is connected to at least two lines. If any line fails, the communication can be completed through other links. It has high reliability and the network is easy to expand. The advantage is that the distributed network has no center, so the overall collapse will not be caused by the destruct...

AI Technical Summary

Problems solved by technology

First of all, the introduction of virtualization sharing technology improves the efficiency of resource utilization, but at the same time, due to the dynamic nature of the virtual machine environment and the weak security relative to the physical environment brought about by technical vulnerabilities, it leaves hidden dangers for the security of the virtualization environment.

Secondly, the application model in which users outsource services to cloud service providers separates the ownership, management rights, and use rights of resources. Users no longer have absolute control over resources, which naturally brings data security risks.

In addition, the multi-tenant feature of cloud computing requires cloud service providers to deal with the multi-tenant operating environment in the process of providing services to the outside world, ensuring that different users can only access their own data, applications, and storage resources. The problem of data leakage will have a negative impact on the service quality of cloud computing

Finally, cloud computing provides an open computing environment. This openness is mainly reflected in the openness of services to users and the openness of external calls to internal interfaces. Under openness, the authentication mechanism is naturally relatively weak, which allows illegal users to The cloud computing environment is attacked to steal the required information, and the benign cloud computing environment may also be used by illegal users for improper purposes, which will affect the security of the cloud

Images