7.3. 1 Safety management practice in financial industry
Over the past 30 years of reform and opening up, China's financial informatization construction has grown from scratch, from single business to comprehensive business, and has achieved certain results. Nowadays, the traditional financial business processing mode has been fundamentally changed, and an electronic clearing system and a financial management system based on computers and the Internet have been established.
With the development of informatization in the financial industry, business systems are increasingly dependent on information systems, and information security issues are becoming more and more prominent. In order to effectively prevent and resolve risks and ensure the smooth operation of financial institutions' information systems and the sustainable development of their business, it is necessary to establish an information security guarantee system for financial institutions to enhance their ability to prevent information security risks.
7.3. 1. 1 demand analysis
With the development of globalization and networking of the world economy, foreign financial reform has a greater and greater impact on China. Driven by interests, the financial industry is facing more and more security threats. The financial industry must strengthen its own information security protection and establish a sound security mechanism to resist external and internal information security threats.
With the continuous development of banking business, its network system has also experienced years of continuous construction, and most commercial banks have concentrated data. With the continuous improvement of business level and network scale, the network of banks has become more and more complex, and this complexity has also made its security problems more and more serious. At present, it is difficult to unify the construction standards of various financial systems, which hinders the further development of financial informatization. Before the state-owned commercial banks fully implemented the national financial informatization standards, many banks had established their own systems. Because the model, system platform, computer interface and data standard are not uniform, the gap between different places is relatively large, and the system integration is difficult, so the standardization transformation will take some time. Financial institutions fully realize the importance of security to business systems, take corresponding security measures and deploy some security equipment. The public's awareness of information security has also improved, but the long-standing information security problems, such as the increase of information crimes, poor security protection ability, heavy dependence on foreign information databases, and lack of security testing of equipment, have not been solved. Strengthening the security research of computer system and network technology, perfecting internal control management mechanism, ensuring the security of business data and customer information, and comprehensively improving the security level of computers have become the same problems faced by major domestic banks. However, the dynamic and systematic nature of safety determines that safety is a comprehensive systematic project that needs the joint efforts of management, organization and technology.
7.3. 1.2 safety system construction
The goal of security system construction is to build an omni-directional, multi-level and dynamic in-depth security system by establishing a sound information security management system and intelligent and in-depth security defense technology, so as to realize the reliability, confidentiality, integrity, effectiveness and non-repudiation of the information system and provide a solid information system foundation guarantee for the development of financial business. The information security system covers the whole information system.
The main contents of safety system construction are:
(1) Establish and improve the organizational structure of bank information security management, and be responsible for the security management and supervision of information systems.
(2) Design and implement technical measures, including external network boundary protection, internal network area division and access control, endpoint access, internal network monitoring and management, mobile office access, dial-up security control, virus prevention, security audit, vulnerability scanning and patch management. By dividing security domains, the network system is divided into different security domains according to different levels of business processes, and each security domain can be divided into different security subdomains according to business element objects; Identify the key assets in each security domain or sub-domain, analyze the existing security risks and hidden dangers, and then give corresponding protection measures; There are data streams between different security subdomains and different security domains, so it is necessary to consider the implementation of security policies such as access control, authentication and audit at the boundaries of security domains.
(3) Formulate financial security strategies and security management systems. According to the actual situation of the bank information system, the security management department formulates reasonable security strategies, classifies information resources safely, divides security domains with different security levels, and implements different levels of protection. Such as strengthening system password management; Decentralization, clear responsibility; Strengthen the internal audit mechanism; Pay attention to the minimization and timeliness of authorization. Unless it is really necessary, only the minimum authority is granted, and the authorization is withdrawn after a certain period of time to form a system and process; Scan all servers for vulnerabilities and form an asset vulnerability report; Establish a data remote disaster recovery backup center; Physical and environmental safety. Formulate and implement various security systems and emergency recovery plans to ensure the safe operation of information systems. These include password management system, data encryption standard, identity authentication standard, regional division principle and access control strategy, virus prevention system, security monitoring system, security audit system, emergency response mechanism, security system upgrade system and so on.
(4) Establish a security operation and maintenance management center to centrally monitor the operation of the security system and handle all kinds of security incidents. There are more and more hacker attacks on financial application systems and databases. It is not enough to establish, improve and analyze the server log files only by setting up the border firewall. The best way to monitor hacker intrusion is to detect malicious network intrusion at that time and take countermeasures to correct it immediately, so the deployment of IDS is also essential.
(5) Develop a unified security system upgrade strategy, upgrade the security system in time, and ensure the improvement of the protection ability of the security system.
(6) Disaster recovery backup system. The loss of key data of financial institutions will interrupt the normal business operation, and the loss is immeasurable. In order to protect data and ensure high availability and uninterrupted data, it is necessary to establish a backup and disaster recovery system. Backup and disaster recovery systems are complementary, both of which are important guarantees for data security of financial institutions, with different goals. The purpose of disaster recovery system is to ensure the "online" of system data and services, that is, when the system fails, it can still provide data and services to the network system normally, so that the system will not stop. Backup is "the process of transferring online data to offline data", and its purpose is to deal with logical errors and historical data preservation in system data.
7.3.2 E-government Security Management Practice
As a functional organ of the country, the security of government information system is closely related to national security. The availability of information is particularly important, and the confidentiality of information in some fields is also the top priority of information security construction of government agencies. E-government involves the protection of state secrets and highly sensitive core government information, the maintenance of social public order and the accurate implementation of administrative supervision, and ensures the quality of public services for enterprises and citizens.
In the e-government system, the official correspondence, data storage and service provision of government agencies are all realized in electronic form. However, on the one hand, e-government can really improve office efficiency, streamline institutional personnel, expand service content and enhance the image of the government, on the other hand, it also provides the possibility for some people with ulterior motives to steal important information through technical means. Moreover, considering the inherent openness, internationality and unorganization of the network itself, the government affairs network puts forward higher requirements for security while increasing the freedom of application.
Demand analysis
E-government is a three-level network composed of government intranet, government extranet and Internet. Government Intranet is the key business management system and core data application system within government departments, while government extranet is all kinds of non-public application systems within and between government departments. The information involved should be transmitted on the government extranet and the network connected with the Internet, and the general application services and information provided to the society should be released, including all kinds of public information and non-sensitive social services. Because most government officials and civil servants in our country have not been exposed to information technology, network technology and computer technology, and lack of preventive means and technology, the overall quality is still far from the requirements of e-government security. The most common security problems in e-government, including websites being hacked, data being tampered with and stolen, leaks, unauthorized browsing, etc.
Therefore, the common information security requirements of government networks are as follows:
(1) unified safety management platform. At present, the common security threats of government information systems mainly come from many unintentional human factors, such as virus flooding caused by users' weak security awareness and weak account password security. Centralized and unified security management software is needed, such as virus software management system, identity authentication management system and network security equipment management software. Therefore, the safety management platform can effectively realize the safety management of the whole network, and at the same time, it can also carry out safety management and training for personnel and enhance their safety awareness. This puts forward higher requirements for security management platform and professional network security services.
(2) Confidentiality and integrity of information. Because there are important information on the government website, the confidentiality and integrity of the information are highly required. Information may face multi-level security threats, such as physical threats such as electromagnetic radiation or line interference, threats such as leaking or storing confidential information systems being attacked. At the same time, e-government applications such as online tax filing also require strict protection of information integrity. It is necessary to consider the whole network security, have a unified network security strategy, and choose corresponding security products to ensure network information security.
Reflections on the Construction of 7.3.2.2
(1) Physical isolation of internal and external networks. Generally speaking, the internal network of government agencies can be divided into two parts according to their functions: e-government network and office network. Security domain is a cyberspace divided by the degree of information confidentiality. The secret-related field is the cyberspace involving state secrets. Non-classified areas are cyberspace that does not involve state secrets, but involves the work secrets of the unit, the department and the system. Public service domain refers to a public information exchange space that is completely open to the Internet and does not involve state secrets and work secrets. Relevant national documents strictly stipulate that the government intranet and the government extranet should be strictly separated physically. The extranet of government affairs and the Internet should be logically separated. According to the division of security domains, the government intranet is classified, the government extranet is non-classified, and the Internet is a public service domain.
(2) Establish a strict prevention mechanism. The biggest threat to the extranet of government organizations is malicious attacks from the Internet, with the emphasis on "prevention". By deploying anti-spam system, anti-virus system, intrusion detection system and anti-denial-of-service attack system, the openness of government portal websites can be guaranteed. Establish a government information security review system, adhere to the principle of "whoever accesses the Internet is responsible", and access to information must be strictly reviewed and approved by information providers. Security departments and institutions at all levels are responsible for the security inspection of online information of their own departments in the local area, and handle problems in time when found.
(3) Follow the international standards of information security management. Changing China's information security management depends on traditional management methods and means and realizing modern system management technology. International standards BS7799 and ISO/IEC 17799 are popular information security management system standards. Among them, the management goal is the confidentiality, integrity and availability of data, and it has the ability and function of self-organization, self-learning, self-adaptation, self-repair and self-growth to ensure continuous effectiveness. Through the cycle of planning, implementation, inspection and measures, it is applied to its overall process, other processes and their sub-processes, such as information security risk assessment or business continuity planning, which facilitates the integrated operation of information security management system, quality management system and environmental management system. It is compatible in mode and method, and becomes a unified internal comprehensive management system, including information security solutions, multi-layer prevention and multi-level protection, level protection, risk assessment and key protection according to the trusted network architecture method; In view of possible accidents or disasters, formulate emergency plans for information security and establish new mechanisms to avoid risks and reduce losses; According to the corresponding policies and regulations, synchronous review shall be conducted in the stages of network engineering data design, construction and acceptance, and perfect applications such as data backup and disaster recovery shall be established to ensure real-time, safe, efficient and reliable operation effect.
(4) Establish and improve the network information security infrastructure. China's network security infrastructure construction is still in the primary stage, and national network security infrastructure such as network monitoring center, security product evaluation center, computer virus prevention center, disaster recovery center of key network systems, network security emergency response center, electronic transaction security certificate authorization center and key supervision center should be established as soon as possible. At present, the international entry-exit monitoring center and the safety product evaluation and certification center have been initially established. The safety product evaluation and certification center consists of safety standard research department, product safety testing department, system safety evaluation department, certification and registration department and network security expert Committee. Actively promote the construction of e-government public key infrastructure, establish government network security protection and notification mechanism and network identity authentication system, accelerate information exchange and sharing among government departments, enhance the security of network activities, and ensure the effectiveness and security of information. China's e-government public key infrastructure/certification center (PKI/CA) system construction is related to the overall situation. Local governments and departments at all levels should strictly follow the unified deployment of relevant state authorities and build it in an orderly manner under the national CA system.
7.3.3 Military safety management practice
After years of information construction, the military network has begun to take shape. With the increase of access to intranet resources, the threats and risks of network security and confidentiality also increase. According to the confidentiality qualification requirements of classified networks, there is a great threat and risk of leaking secrets under the current network situation. Moreover, the military network has a large number of confidential documents and information, and the requirements for confidentiality are particularly strict.
The military information system has a huge computer network, numerous terminals and network devices, and a complex application environment. In the information system, data security and network security require absolute secrecy, and the system is required to run continuously and reliably.
Security requirements analysis
At present, most of the information technologies used by our army are imported from western developed countries, and there is no core technology with independent intellectual property rights. The chips, operating systems, protocols, standards, advanced cryptographic technologies and security products used in network systems are almost monopolized by foreign countries. Due to the limitation of technical level, it is impossible to detect and eliminate the possibility of tampering with key information equipment imported from abroad, which objectively leads to a low level of protection of key information infrastructure in the army and potential safety hazards. In a report, the British Omega Foundation clearly pointed out that in Europe, all communications such as e-mail, telephone and fax are under the daily monitoring of the US National Security Agency. At present, China's information security research is busy plugging the existing information security loopholes. The solution of these problems depends on the construction of information security system in the final analysis. There are mainly the following needs:
Further improve the network security management system and law enforcement in the military industry to ensure that the security management of the entire network system is at a high level; Equipped with corresponding physical safety protection facilities to ensure the safety of important computer rooms in the network and the physical safety of key hosts and secret-related terminals; Establish a military CA certificate service center and build a certificate-based security basic support platform; Establish a unified identity authentication and access control platform, provide unified identity authentication and access control services for the management system, give corresponding personnel corresponding rights, and shield illegal activities such as ultra vires operation; Through firewall technology, an information security barrier is established between itself and the Internet. On the one hand, the military network is physically isolated from the internet to prevent hackers from entering the military network, on the other hand, data exchange between networks can be carried out safely. Ensure the security of network key hosts and secret-related terminals, ensure the security of confidential information stored by military network key hosts and secret-related terminals, effectively prevent illegal information acquisition or data tampering on the basis of ensuring smooth information, and avoid malicious destruction of the system leading to system paralysis; Improve the data backup/recovery and emergency handling mechanism, ensure the real-time backup of all kinds of data in the network information system, and start the backup and recovery mechanism in time when the data resources are damaged, which can not only ensure the rapid recovery of the system, but also not affect the normal operation of the whole network information system. For servers and workstations, it is necessary to establish an overall and comprehensive anti-virus architecture to solve the problem of virus spread and centralized anti-virus monitoring in the network; Using security assessment and performance testing tools, we can accurately and comprehensively report network vulnerabilities and weaknesses, thus providing users and managers with an understanding of service startup and system vulnerabilities of hosts and network devices, and providing decision-making basis for adjusting security policies and ensuring network security.
7.3.3.2 security solution creativity
(1) security domain access control. In the military WAN, multiple regional network entities are connected into a virtual independent network by tunneling technology, and the data in the network is encrypted and encapsulated by encryption (decryption) algorithm, and then transmitted between network entities through a virtual public network tunnel, thus preventing unauthorized users from stealing and tampering with information. The different security levels of military network strictly follow the high-level information, and it is forbidden to flow to the low-level information system. Data transmission between different security levels can only be "high density reading and low density, low density writing and high density"; Fine-grained or certificate-based access control, audit and detection strategies for boundaries with different security levels; In principle, mutual access rights are not open between different scientific research units of the same classification. By adding security encryption module on the router motherboard, the functions of router information and IP packet encryption, identity authentication and data integrity verification, distributed key management and so on can be realized. Using security router can realize the interconnection, isolation, flow control, network and information security maintenance between the internal network and external network of military units, and can also block the transmission of broadcast information and small well-known addresses to protect the internal informationization and network construction security. The military military project management system establishes certificate-based identity authentication and authority management, and users or user groups with different security levels divide different authorities. According to the security requirements and the actual security requirements of users, the access control strategy is established for the use of terminal software and hardware resources, and implemented, monitored and managed by technical means.
(2) Overview of confidentiality measures. Set up a special information security management organization, and its personnel should include leaders and professionals. Classify according to different tasks and establish their respective responsibilities. Class I personnel are responsible for determining safety measures, including formulating guidelines, policies and strategies, and coordinating, supervising and inspecting the implementation of safety measures; Another kind of personnel is responsible for the security of specific management systems, including information security administrators, information security officers and system administrators. On the basis of classification, a specific person in charge should be responsible for the security of the whole network system. The compulsory access control strategy is adopted to protect, detect, audit, manage and control the physical layer, network layer, system layer and application layer from the aspects of security domain division, border access control, intrusion detection, remote network encryption, host management, system security performance detection, digital signature non-repudiation and audit. In view of the threats to the availability and effectiveness of classified information brought by physical layer, network layer, system layer, application layer and management layer, the security of classified system is guaranteed from the aspects of restoring backup, virus and malicious code protection, emergency response system and system configuration management.
(3) Internet management and monitoring. In the network construction planning of classified networks, the network construction is carried out in strict accordance with the requirements of "physical isolation". However, according to the past experience of security management, some people who have weak security awareness or intend to leak secrets transmit confidential information through local extranet, resulting in serious leaks. Therefore, due to the need of scientific research and the existence of the Internet in a certain range in the military field, it is necessary to monitor and audit the network behavior on the Internet in real time and audit the Internet network. The main security measure is to deploy an Internet audit system at each Internet exit, which is managed by a special Internet information security audit management center system. It provides a unified management platform for managing users to safely handle various events on the Internet, provides all-round network control, remote query and detailed report statistics functions, adopts a unified database and a unified management interface for management, and comprehensively assists management departments in auditing and managing the Internet. The security and audit management of Internet users distributed in different networks can be centralized to achieve the purpose of effectively sharing, comprehensively analyzing and uniformly managing information under one platform.
(4) Using high security system and data encryption technology. According to the technical standards of the U.S. Department of Defense, the security level of the operating system is divided into D 1, C 1, C2, B 1, B2, B3 and A 1, and the security level is from low to high. At present, the main operating system level is C2. When using C2-level system, we should try our best to use C2-level security measures and functions to configure the operating system safely. In extremely important systems, B-class operating system should be adopted. Traditional information encryption technology and emerging information hiding technology can provide security for the storage and transmission of military secret information in the network. In the process of transmitting and storing military secret information, we should not only use encryption technology to hide the information content, but also use information hiding technology to hide the sender, receiver and even the information itself. By means of steganography, digital watermarking, data hiding and data embedding, fingerprinting and benchmark testing, secret information can be hidden in ordinary files and then transmitted through the network, thus improving the reliability of information confidentiality.
(5) Backup and recovery. The backup and recovery of classified network mainly consider the backup of classified data and application data, power supply security and equipment backup, and the backup environment is based on certain environmental security. According to the application data and confidential data of various research institutions, a special backup server is established, and a data backup number recovery strategy and related management system are established to help improve the emergency response system, and key data and confidential data can be recovered and reconstructed within 24 hours.
(6) Emergency response system. The construction of military network emergency system mainly relies on the corresponding detection, monitoring, auditing and other technical means based on physical security, operational security and information security, and implements different emergency response strategies and management systems for system operation events and classified events. Formulate corresponding treatment plan and safety drill training. Dealing with confidential events, through security inspection tools and audit tools, we can find and detect vulnerabilities in a targeted manner; Take decisive measures to cut off the leakage source and control the leakage range; Assess the risks of classified accidents, report and record them. Security incident handling finds operational security incidents through intrusion detection, virus protection, firewall, host audit, network audit and other technical means; Make corresponding incident handling plan and training; Evaluate the impact of the incident on the system, and fix vulnerabilities and records.