基于ipv4的网络安全管理系统的设计和实现-计算机应用技术专业论文.docx

摘要
本文完成的网络安全管理系统主要针对目前广泛使用的使用以太网技术构建的,基于IPv4协议的局域网,使用Windows系统作为操作系统环境。本系统操作简单、直观,提供了C/S和B/S两种形式的管理工具,有效地解决了内网安全问题,同时本系统结构灵活,具有很好的扩展性,可以在不改变系统体系结构的前提下通过插件扩展管理的资源类型。
关键词:身份认证,基于角色的访问控制(RBAC),网络监控,地址解析协议(ARP)
II
ABSTRACr
ABSTRACT
With the rapid development of work es the most primary tool step by step for information enterprises have built their own LmNs to share resource and ,at the beginning of design,engineers neglected security there are numbers of hidden troubles in the TCPflP
protocol security problems restrict work development heavily.
The factors which work security problems to LANs used by e from not only out of these LANs,such as hacking or vires infection,but also inner of them,and the later is more concealed,more difficult to discover,and e out more damage.
It is usually in reality that there is not enough attention taken to the security e from the inner works,and are no relevant regulations and management is because beacuase of the neglect about security problems of the work,the lack of the knowledge work security,and there is no system which is practical and easy to use could resolve these problems effectNely.
The main purpose of this paper is designing a system of LAN security audit and management to resolve these problems following functions are provided in this system:
Authorization-management:which operation is allowed to a particular user on
variant resources of variant hosts is decide by this authorization
-management is centralize and based on roles.
Auditing:operations performed by users are stored in security log;administrator could audit user behavior based on the log.
Remote Monitoring:administrator could remotely get user operations and host status,kill process on hosts,lock/unlock hosts and shutdown hosts.
Network Monitoring:detecting illegal hosts and sniffers,supporting across work monitoring,and work connecting of il