Table of Content

    20 April 2022, Volume 7 Issue E1
    Security Operation Solution for Video Surveillance Private Network
    2021, 7(E1):  16. 
    Asbtract ( )   PDF (3491KB) ( )  
    Related Articles | Metrics
    In recent years, video surveillance is widely used in safe city, skynet project, xueliang project, public order, transportation, environmental protection, urban management and other fields. According to the statistics, the number of public safety video surveillance cameras installed in China has been more than 30 million, initially covering public areas, key units and key parts,and video surveillance has become a fundamental project to enhance the building capacity and level of safe China. Due to the wide application of public security video surveillance services, the spreading development of networking and the continuous expansion of intelligent applications, video surveillance image information resources have become national important basic information resources. With the change of domestic and foreign network security situation, while video private network plays an important role, it also faces various security threats. There is a large amount of sensitive information on the video private network, and the leakage of such sensitive information or the failure of video surveillance may cause serious harm to citizens and legal persons, public order, economic development and even national security. Based on many years of security construction experience in video surveillance network, this paper puts forward the concept of security operation and construction for the network, so as to break the era of not only construction, but really help users operate and maintain the network well.Key wordssecurity operations center; security operations system; IPDRR; TPM; white list
    Design of Unified Password Service Platform Based on Cloud Architecture
    2021, 7(E1):  22. 
    Asbtract ( )   PDF (1317KB) ( )  
    Related Articles | Metrics
    Through reasonable scheme design and compatibility transformation, the unified password service platform gives full play to the resource advantages of cloud services, provides unified password applications for various businesses, controls information security risks, and solves the problem of low resource utilization in decentralized system construction. The unified password service platform is the core of the unified password infrastructure construction, which makes the password give full play to its core driving role in the deeply integrated development of business, and ensures the full scene and ecological security and controllability of business systems.Key wordspassword security management; hardware virtualization; key management protocol; digital signature
    NSFOCUS Cloud Security System Container, NCSSC
    2021, 7(E1):  26. 
    Asbtract ( )   PDF (3120KB) ( )  
    Related Articles | Metrics
    tCloudnative applications will dominate the second half of the cloud computing era, and the resulting cloudnative security will be an important channel for future security development. In the wake of the new infrastructure, the integration of cloudnative technology and information infrastructure has also become a clear trend. Cloudnative security will integrate information systems and various cloud computing scenarios to enable a flexible, agile, and ondemand cloudnative environment. NSFOCUS insists on technological innovation to lead product development, combines security attack and defense system with cloudnative application scenarios, and launches NCSSC to boost the rapid development of cloudnative technology.
    The NSFOCUS Internet of Vehicles Security Monitoring and Protection (SDK+SOC) System
    2021, 7(E1):  32. 
    Asbtract ( )   PDF (2772KB) ( )  
    Related Articles | Metrics
    At present, there are two main security issues which are common in intelligent connected vehicles system: First, there is a lack of effective security components which can directly detect, monitor and protect against network security threats. Second, there is no standard unified platform on the market for vehicle security situation perception, data visualization threat analysis, realtime threat monitoring and warning. The NSFOCUS develops the Internet of vehicles security monitoring and protection system, and adopts SDK+SOC endtoend vehicle cloud security linkage mechanism, which can form an integrated security supervision and operation mechanism for Internet of vehicles security situation, such as onboard terminal security detection, monitoring, protection, response and recovery. It serves the security monitoring and early warning of vehicle and parts enterprises, supports the security supervision of national Internet of vehicles industry, and accelerates the breakthrough of core technology in the field of Internet of vehicles information security in China.
    Hardware Security Module Based on Loongson Platform
    2021, 7(E1):  37. 
    Asbtract ( )   PDF (934KB) ( )  
    Related Articles | Metrics
    The hardware security module based on Loongson Platform is a HSM server which uses Loongson 3 series CPU and commercial cryptographic algorithms. This server uses commercial cryptographic chips that support SM1, SM2, SM3 and SM4 algorithms, and uses an embedded architecture with completely independent intellectual property rights. The product is fully compatible with standard cryptographic algorithms, and the application development interface is flexible and easy to use. This HSM server has been tested and certified by Kylin OS, UniontechUOS, Super Red OS and other operating systems.
    Network Security Individual Soldier Detection System Based on “ATT&CK” Tactical Framework
    2021, 7(E1):  41. 
    Asbtract ( )   PDF (2677KB) ( )  
    Related Articles | Metrics
    In recent years, with the emergence of new applications and new business models, network security risks are rising, and active defense has gradually become one of the most important means of network security. WebRAY’s Network security individual soldier detection system is based on the ATT&CK technical framework, this system adopts innovative technologies of cyberspace resources mapping, multiengine combined exposure surface detection and full scene infiltration chain processing, integrating the practical experience of cyber asset identification,  vulnerability detection and the actual combat of attack and defense. The system can automatically achieve the complete attack chain process of "target detection, exposed surface detection, infiltration and utilization" and the traceability and evidence collection of incident investigation. It is committed to standardizing, systematizing and processizing the attack and defense confrontation capabilities. It solves the problems such as the lack of network security professionals and  the insufficient capability of internal personnel. The system is suitable for a variety of application scenarios such as attack and defense confrontation, attack and defense drills, security testing, internal training and so on.
    Advanced Threat Protection with Memory as the Target
    2021, 7(E1):  46. 
    Asbtract ( )   PDF (1474KB) ( )  
    Related Articles | Metrics
    In recent years, memorybased attack methods are increasing, including fileless attacks, memory Webshells, buffer overflows etc., can easily bypass the existing security detection mechanism. These memorybased attacks has brought great challenges to the existing security solutions. In the memory level, the current host environment, cloud environment or terminal environment are exposed in danger. Under this context, new defense systems are needed to mitigate the risks of memorylevel attack. Studies have shown that these advanced attacks have little trace in APIbased surveillance detection methods, but will eventually be performed and executed in memory. Therefore, memory can be considered as s a gathering point for all threats. Feng. In Neumann’s computer architecture points out that any data needs to be operated by the CPU and stored in memory, so theoretically, a security solution based on the CPU instruction set and memory levels is effective against all threats.

    Intelligent Data Management Platform
    2021, 7(E1):  50. 
    Asbtract ( )   PDF (2215KB) ( )  
    Related Articles | Metrics
    In June 2021, the “Data Security Law of the People’s Republic of China” was officially promulgated, marking that China’s data security has entered a new development stage of legal construction. According to the overall national security concept of the data security law, the intelligent data governance platform should completethe data security governance system and improve the data security guarantee, including metadata management, data classification and grading, data security risks analysis, and data security rules.

    Solution of MultiTenant Asset Risk Management Based on the Cloud Platform
    2021, 7(E1):  54. 
    Asbtract ( )   PDF (1392KB) ( )  
    Related Articles | Metrics
    Driven by the development of cloud computing, there are more and more assets on the cloud. It is difficult for cloudnative assert risk management products to manage them effectively and securely. At the same time, the cloud security operators cannot manage the asset security of all tenants on the cloud effectively and uniformly. Combining the actual business scenarios of customers, we provide the solution of multitenant asset risk management for cloud platform through the XRay product. From the perspective of cloudnative, we deeply integrate the XRay with cloud business platform, so that it has the characteristics of cloudnative automation, lightweight, high availability, elasticity and scalability. Security operators can manage cloud asset risks in a unified manner. And in the meanwhile it meets the risk selfcheck requirements of cloud platform tenants and guarantees business continuity.
    Cloud Host Security Management Platform Construction
    2021, 7(E1):  58. 
    Asbtract ( )   PDF (863KB) ( )  
    Related Articles | Metrics
    The development of cloud computing technology brings new challenges to network security management. The security management of host assets is more difficult and complex. However, security administrators do not fully grasp the host status, vulnerability and attack behavior. Therefore, they need to establish a comprehensive security detection and analysis system for cloud hosts to improve the ability of security risk discovery, to improve the level of security event management and to detect all kinds of intrusion and attack behaviors.

    Topsec Security SD-WAN Solution
    2021, 7(E1):  63. 
    Asbtract ( )   PDF (653KB) ( )  
    Related Articles | Metrics
    In recent years, with the development of business, the trend of enterprise digital transformation has become more and more clear. The traditional enterprise networking model can not meet the existing business needs. In this context, SDWAN came into being. Topsec Security SDWAN solution is a set of WAN intelligent interconnection solution rooted in the bottom of security and combined with SDN technology and WAN optimization technology. The scheme has the four core capabilities of intelligence access, intelligent routing, security protection, and minimalist operation and maintenance. The scheme is supplemented by highperformance hardware and a special acceleration chip, so as to bring a highperformance and secure networking experience more in line with the actual business and provide a substantial boost for the digital transformation of enterprises.
    Topsec Industrial  Intrusion Detection and Audit System
    2021, 7(E1):  67. 
    Asbtract ( )   PDF (1783KB) ( )  
    Related Articles | Metrics
    As our country’s manufacturing industry is transforming and upgrading to digital, networked, and intelligent, cyber security threats are increasingly spreading to the industrial field. In addition, with the advancement of new infrastructure construction, the number of objects that industrial systems need to protect has increased significantly, the attack surface of industrial systems has continued to expand, and the requirements and difficulty of protection have also increased. These new challenges promote the acceleration of industrial Internet security technology products. TOPSEC took the lead in proposing advanced security concepts based on behavior analysis, whitelisting as the main means, and blacklisting as auxiliary verification methods. The innovative product industrial control intrusion detection and audit system released by it has five application values, such as industrial intrusion detection, industrial vulnerability attack detection,  industrial operational behavior audit, industrial traffic audit, and industrial asset discovery. The system help customers discover attacks and threats from inside and outside the production network, provide customers with intuitive and grounded security protection suggestions, and ensure the safe operation of industrial production networks.
    Data Security Governance Solutions for the Banking Industry
    2021, 7(E1):  71. 
    Asbtract ( )   PDF (4170KB) ( )  
    Related Articles | Metrics
    In the digital era, the data of the banking industry presents a state of large concentration. With the continuous innovation of financial technology, the banking industry faces more severe data security risks. The banking data security governance solution adopts scientific data security governance methods in accordance with external regulatory requirements, banking business characteristics and its own development needs, and conducts organization construction, management construction, and technology construction from top to bottom, and integrates governance evaluation and safe operation to build a data security governance system with banking characteristics, improve data security assurance capabilities, and it helps users to meet compliance requirements, resist attack threats, and achieve twoway promotion of data security and business development. The scheme can be directly copied and applied in the data security governance of the whole industry, and it also provides a reference for the data security governance of other industries.
    Xcheck Open Source Security Platform
    2021, 7(E1):  78. 
    Asbtract ( )   PDF (2353KB) ( )  
    Related Articles | Metrics
    Xcheck open source security platform is an open source application security defect detection technology based on multisource SCA. Combined with the unique application probe of Xmirror Security, it accurately identifies the open source thirdparty components intentionally or illegally referenced by software developers in the process of application development, extracts the characteristics of open source components and calculates the component fingerprint information through the application composition analysis engine, and deeply tap various security vulnerabilities and open source protocol risks hidden in components. Compared with the traditional SCA detection platform, Xcheck OSS focuses more on the thirdparty components and dependencies dynamically loaded during the actual operation of the application system, and carries out indepth and more effective threat analysis on this basis. At the same time, Xcheck OSS timely obtains open source component information and related vulnerability information worldwide through the intelligent data collection engine, reduces the security risks brought by open source components and ensures software security.

    Data Security Monitoring Scheme for Government Data Leakage Risk
    2021, 7(E1):  83. 
    Asbtract ( )   PDF (639KB) ( )  
    Related Articles | Metrics
    The scheme in this paper is a set of data security monitoring solutions for government data leakage risk based on Internet export network traffic, using big data, machine learning, sensitive data identification, abnormal behavior analysis and other technologies, and combining with government affairs and their characteristics. The scheme realizes government data identification, data flow monitoring, user operation anomaly and interface transmission anomaly monitoring, and realizes active and passive identification, monitoring and early warning of risks in the process of government sensitive data flow.

    Data Backup and Recovery System of Independent Innovation Platform
    2021, 7(E1):  87. 
    Asbtract ( )   PDF (3027KB) ( )  
    Related Articles | Metrics
    Data security is the bottom line of network security and the top priority of the development of information technology innovation industry. At present, the construction of information technology innovation field is mainly based on infrastructure and business applications, and there is still a need for continuous improvement in data protection. Through the introduction of innovative research on trusted computing technology, continuous protection of big data, emergency takeover of business system, early warning and defense and other technologies. This paper explains that the data backup and recovery system of information innovation platform guarantees that the data is not lost from the datalevel security technology, ensures that the business does not stop from the applicationlevel security technology, and realizes the multidimensional unified disaster recovery management of different branches and different users from the platform level, so as to provide safe, reliable, efficient, comprehensive and sustainable information security protection for domestic information systems.
    Endogenous Safety Protection and Attack Monitoring of Electric Power Industrial Control System Solution
    2021, 7(E1):  93. 
    Asbtract ( )   PDF (1291KB) ( )  
    Related Articles | Metrics
    The current power industrial control system generally presents the characteristics of a wide range of threats and destruction, fast transmission speed, and more concealed attack methods, the security protection of the system is getting more and more difficult. To effectively solve the above problems, this paper is based on the idea of “credible hardware, system immunity, unified framework, and controllable software”, breakthrough the key technologies for secure operating systems, trusted computing, edge computing frameworks, and terminal detection and response, and build an endogenous safety and attack monitoring system which is based on hardware, operating systems, as well as the integration between the industrial control software functional safety and information safety. Through the study of this paper, the protection level of key infrastructures of the power system will be enhanced significantly, and the independence and control of national basic software will be promoted.
    Twins Emulation Cyber Range Based on Cyber Physical Domain Fusion
    2021, 7(E1):  98. 
    Asbtract ( )   PDF (3120KB) ( )  
    Related Articles | Metrics
    Twins Emulation Cyber range based on CyberPhysical domain fusion is a cyber security application service platform, based on digital twins technology, virtualization technology to carry out digital emulation of the cyber and physical domain of the target system, it uses the software definition hierarchical architecture to decouple software logic and hardware resources, and gives it software definition capability. It can be flexibly constructed and deployed through scenario definition, application definition, network definition, system definition and vulnerability definition, covering the whole industry scenario, the whole industry element, the whole domain space and the whole security element, providing security research, innovation incubation, simulation experiment, attack and defense drill, talent training and evaluation and certification services.
    Identity Access Management with Trusted Device Solution
    2021, 7(E1):  106. 
    Asbtract ( )   PDF (3234KB) ( )  
    Related Articles | Metrics
    The Identity Access Management with trusted device solution is pivoted around the Digital Access Management Platform. Based on the trusted identity data at its core, the platform can be integrated with thirdparty device security products to achieve binding endpoint information, identity information, and application information dynamically. Providing various secure authentication methods, the Identity Access Management with Trusted Device Solution utilized the dynamic access control model and powerful identity management system to realize authenticating user identity dynamically based on device status. Such solution redefines the secured perimeter of an enterprise. The main features of this solution are as follows: 1) Based on user identity information at its core, binding device information and application information together to achieve full user lifecycle management in one console. 2) With full capabilities of identity management, combined with the twoway synchronization mechanism, the solution provides a smooth and seamless replacement of AD Domain, which has security risks, as a user data source.  3) In accordance with the “domestic made, independent and controllable” policy, this solution works seamlessly with systems created under China Information Technology Innovation Program. Providing efficient and secure authentication methods based on trusted devices, this solution creates a complete ecosystem based on all domestic made, innovative information technology devices.
    A Camouflage Trap and Threat Perception Product Based on  Active Defense Mechanism
    2021, 7(E1):  112. 
    Asbtract ( )   PDF (2000KB) ( )  
    Related Articles | Metrics
    The HaoTian industrial honeypot system is an active deception defense product based on industrial control environment independently developed by CloudSky Security technology company. The system design adopts a purely passive working mode, which can be deployed in various industrial scenes through customization. The system uses multiple types of bait probes to build a honeynet to lure attackers to attack, so as to find attack events in time and generate threat alarm. The system captures and analyzes the attack behavior, understands the tools and methods used by the attacker, and speculates the attack intention and motivation. Clearly understanding the security threats faced by the industrial network can enhance the security protection ability of the actual industrial system through technical and management means. The product can be widely used in petrochemical, energy, transportation, water, municipal and other industrial scenes to help enterprises effectively reduce and avoid security risks.
    HiSec Zero Trust Security Solution
    2021, 7(E1):  117. 
    Asbtract ( )   PDF (2795KB) ( )  
    Related Articles | Metrics
    With the vigorous development of digital industrialization and industrial digitization, the formation of a new datadriven digital industry system is accelerating. The wave of industrial digitization not only opens the door to business model reconstruction and industrial transformation and upgrading, but also brings many severe security challenges to enterprises. Enterprises urgently need a new generation of information security protection system to support digital transformation. The zerotrust architecture and guidance model have made significant progress to become a mainstream security model, which is gradually recognized and valued by an increasing number of government agencies and enterprise customers. This paper mainly analyzes the security problems brought by digital transformation and the characteristics of the zerotrust security architecture. In addition, it elaborates on the architecture characteristics through scenariospecific practices. Finally, it shares typical application cases, discusses the value of zero trust to users, and concludes that the zerotrust architecture can meet existing and future service security needs so as to provide a reliable and solid guarantee for digital transformation.
    Brand-New AI Firewall Empowered by Intelligent Technologe
    2021, 7(E1):  122. 
    Asbtract ( )   PDF (1428KB) ( )  
    Related Articles | Metrics
    Huawei HiSecEngine USG6000E series AI firewalls remove the defense bottlenecks of traditional firewalls by employing intelligent technologies. Powered by an intelligent threat detection engine, the AI firewalls can detect unknown threats effectively with an accuracy above 99%. Also, with the use of intelligent technologies, the firewalls support 12000+ IPS vulnerability signatures. Additionally, the builtin intelligent scanner can help detect unknown malicious files, delivering a detection rate of up to 97%.Key wordsAI firewall (AIFW); intelligent defense; unknown threats; encrypted; contentbased detection engine
    NetSensor Network Traffic Analysis Solution
    2021, 7(E1):  126. 
    Asbtract ( )   PDF (2647KB) ( )  
    Related Articles | Metrics
    With the rapid development of network technology, the security problem has become more and more serious as the number and types of assets in cyberspace have become more and more complex, which poses a new challenge to the management department of cyber security. DCLingCloud NetSensor Network Traffic Analysis Solution is an endtoend network monitoring solution that adopts the selfdeveloped and patentedbased protocol analysis on multicore processors technology. The solution is proved to have the best packet capture performance in the industry. It has a unique architecture that integrates network volume and network security analysis into one platform among all competitors. Native cloud is also fully supported. Fullsize data packets analysis is creatively integrated into the detection of network security issues and backtracking audit. Thus, this solution has the ability of network application traffic analysis and cyber security analysis and can provide the entire raw data for users for network security guarantee.Key words cyber security; network traffic analysis; network forensic; network packets; attack detection

    ID.LINK Full-Stack Identity and Access Management Solution
    2021, 7(E1):  131. 
    Asbtract ( )   PDF (1097KB) ( )  
    Related Articles | Metrics
    As the modern information technology has been gradually integrated into all aspects of the enterprise, the supporting role of the information system in the daily work of the enterprise is becoming more and more prominent. The integrated application, information sharing and security of the information system within the enterprise have become the focuses and difficulties of the enterprise informatization construction work. In order to better reflect the effect of enterprise informatization construction work, enterprises need to rebuild and upgrade the identity and access management system. Based on modern scalable architecture, with unified identity map, ABAC model and lowcode identity development platform as the core technologies, ID.LINK fullstack identity and access management solution is dedicated to providing government and enterprise customers with an infrastructurelevel access control platform for new technology application scenarios. The main functional application scenarios of ID.LINK fullstack identity and access management product include unified identity authentication, user lifecycle management, terminal identity authentication and sensitive data access control.Key words fullstack; unified identity map; ABAC; identity and access management; unified identity authentication; user lifecycle

    Network Security O&M Solution Based on Sugarnms
    2021, 7(E1):  134. 
    Asbtract ( )   PDF (1396KB) ( )  
    Related Articles | Metrics
    As the Internet popularization, the Internet of things, big data and cloud computing technology rapid development, network security moment under severe threat. Enterprises and institutions have more demands for network operation and maintenance, but they are faced with problems such as multiple devices, different models, and different manufacturers. Therefore, when building network security operation and maintenance platforms, it is generally required that the platforms have high availability, high reliability, high expansibility, and stable security architecture. At the same time, under the new policy guidance, domestic alternative accelerated by hardware and software, hardware and software for imports also requires deep localization deployment network security operations platform, independent research and development, safe and controllable. The paper analyze the present situation and the threat to network security operations, study the practical measures of network security platform implementation by analyzing SugarNMS, in order to improve the efficiency of network operations and ensure the safe operation of network.
    The Knowing, Practices and Thoughts on “Cybersecurity Maps” from CubeSec
    2021, 7(E1):  140. 
    Asbtract ( )   PDF (984KB) ( )  
    Related Articles | Metrics
    In the field of cyberspace security, the “cybersecurity maps” refers to the visualization and analysis of assets, vulnerabilities, and threats through new technologies such as knowledge mapping and graph computing. The product adopt a variety of technological means to sort out networkwide asset and vulnerability data for users, and use knowledge mapping, graph computing, and other new technologies to draw a “vulnerability derivation maps” according to the firewall release rules, which can provide important data support, aid decision making and command operations in various red teamblue team exercises.Key words cybersecurity maps; red team-blue team exercises; vulnerability visualization; information security; cybersecurity
    Smart Park Big Data Network Security Management Platform Solution
    2021, 7(E1):  143. 
    Asbtract ( )   PDF (1284KB) ( )  
    Related Articles | Metrics
    Security is a kind of ability to realize “peopleoriented, data as the core and technology as the support”. The construction of smart park big data network security management platform is to build the center of smart park security ability. Based on security infrastructure, the platform provides the comprehensive park security situation monitoring and early warning through centralized collection of park security data, comprehensive big data analysis technology and unified security management of assets and systems. The platform covers the security requirements at all levels from physical facilities to network communication and to business platform, so as to ensure that the industrial development of the park is more secure, scientific and stable. The main goal of the smart park big data network security management platform solution is to build a big data security management center, demonstrate its application in the smart park, solve the security risk problems of the smart park in the whole business cycle, such as facilities, construction, operation, service and management, and realize the safe operation of the smart park.Key wordssmart park; IoT monitoring; AI intelligent detection; security orchestration, automation and response; information security and event management; security actual attack and defense
    Internet of Things Security Monitoring Platform Based on AI Big Data
    2021, 7(E1):  147. 
    Asbtract ( )   PDF (1116KB) ( )  
    Related Articles | Metrics
    With the rapid development of the Internet of things, the Internet of things is becoming more and more networked, integrated, and intelligent. At present, most of the smart networking devices on the market have security vulnerabilities. They are in an unprotected state and extremely vulnerable to be attacked. When the terminal is attacked or invaded by the network, the user cannot perceive and control it, which brings serious harm to the information life, even endangers the key infrastructure of the network and national security. In view of the current security situation of the Internet of things, based on AI big data analysis and facing the ubiquitous connection scenario, DAS provides a security management platform integrating asset identification, security detection, security auditing, and security operation, which can realize realtime perception of asset information threats from the five dimensions of asset risk sorting, border security monitoring, cyberspace surveying and mapping, threat intrusion monitoring and security situation awareness, and display the current asset security status in a multidimensional visual form.Key words irregularities; weak password; system vulnerability; cyberspace surveying and mapping; signaling security; border security

    Research and Application of SSL Encryption Threat Detection Technology Based on Machine Learning Multi-Model
    2021, 7(E1):  151. 
    Asbtract ( )   PDF (4429KB) ( )  
    Related Articles | Metrics
    At present, the proportion of encrypted traffic in government and enterprise networks has exceeded 60%, and the trend of threat encryption is becoming more and more obvious. It is difficult for the existing traffic security detection scheme to detect the threat under encrypted traffic, thus, encryption threat detection has become a major problem in the security protection of government and enterprise networks. This paper will explain the current situation, classification of encrypted traffic threats and the research of SSL encryption threat detection technology routes. It presents single model experiment, the multimodel comparison and practical application case description, and proposes a synthesis decision detection technology scheme based on machine learning multimodel , which can realize the detection and identification of SSL encryption threats.Key words machine learning; multimodel; SSL encrypted traffic; encryption threat; synthesis decision-making
    Data Security Supervision Program of Telecommunications and Internet
    2021, 7(E1):  158. 
    Asbtract ( )   PDF (841KB) ( )  
    Related Articles | Metrics
    With the rapid development of my country’s Internet technology, data leakage have emerged one after another, and data security has become one of the main factors affecting the development of my country’s Internet economy. Since most of the existing data security monitoring construction programs tend to meet enterprises’ internal data security review, there is a lack of overall solutions for the supervision of the circulation of industry data on the Internet. By proposing solutions for data security supervision with the IDC data center as the core, we will promote the construction of industry data security and improve the ability of data security risk control. It expounds on the policy background and overall solution ideas on which the solution depends and demonstrates the feasibility of the solution and the social and economic effects from the application process from the perspective of actual application effects.
    Enlink Zero Trust Solution
    2021, 7(E1):  162. 
    Asbtract ( )   PDF (1809KB) ( )  
    Related Articles | Metrics
    Zero trust has become the next generation security trend. Based on zero trust security idea and software defined perimeter security architecture, Enlink zero trust solution provides an endtoend security protection for the whole life cycle of organizational application access. The solution includes six modules: Identity and access management supports multi factor authentication to ensure user credibility; Terminal environment perception provides multidimensional terminal environment inspection to ensure terminal compliance; Enlink software defined perimeter uses attribute based access control to realize finegrained dynamic permission controllability; Multi domain segmentation of security workspace make sure that your business data will not leaked out; Application programming interface gateway enables decoupling of business system to ensure application credibility; User behavior analysis continuously monitors the legally users to ensure their behavior compliance. Based on above, Enlink zero trust solution provides application access security protection for enterprises and institutions with trusted access, secure transmission, reliable isolation and continuous monitoring, comprehensively ensures the organization’s network security and data security.
    Network Security of LargeTraffic Retrospective Analysis System for Serving Critical Informational Infrastructures
    2021, 7(E1):  174. 
    Asbtract ( )   PDF (3593KB) ( )  
    Related Articles | Metrics
    The network security market demands for Network Traffic Analysis (NTA) and traffic retrospective analysis products are increasing rapidly in recent years, whereas NTA is still facing some challenges concerning on the deficiency of low speed, lack of accuracy when analyzing the security of data flow and lack of situation awareness capability. In this paper, we design a network security largetraffic retrospective analysis system, which is carried on dedicated hardware and deployed in the form of a bypass on the network boundary or security domain boundary. It can analyze the entire traffic of the enterprise and combine with Eversec threat intelligence to detect traffic anomalies, Network asset changes, event behavior characteristics, attack source behaviors, which can be displayed in a visual interface, and the attack chain can be replayed for successful attack events, allowing users to quickly trace the source of the attack process.
    Whole Process Solution of Classified Protection 2.0
    2021, 7(E1):  182. 
    Asbtract ( )   PDF (2533KB) ( )  
    Related Articles | Metrics
    The national standards of cybersecurity classified protection 2.0 were officially released in 2019, marking the entry of classified protection into the 2.0 era. At the same time, a number of classified protection 2.0 solutions have emerged, including eyecatching solutions such as “product packages” and “definitely pass”, which are essentially just a stack of security products, misleading some network operators. Relying solely on safety products can only solve part of the technical problems, and does not really implement the requirements of the classified protection standards. Based on the perspective of network operators carrying out classified protection construction, this paper proposes a “process & product & service” classified protection 2.0 whole process solution by using design thinking, and combines with auxiliary tools such as classified protection process management platform (CPPM) and compliance autoinspection platform (CAIP) to improve efficiency and ensure the quality of scheme delivery. The solution is designed to help the majority of network operators complete the construction of classified protection with less worry and effort and build a cornerstone of comprehensive cybersecurity defense system of our country.
    Zero Trust Helps Work Digitization Sangfor Zero Trust Security Solution
    2021, 7(E1):  187. 
    Asbtract ( )   PDF (673KB) ( )  
    Related Articles | Metrics
    Digital transformation has caused businesses to become more open and decentralized in recent years. The internal and external risks faced by work have increased significantly. Traditional network security architecture is difficult to adapt to flexible and changeable digital work scenarios due to the high cost of construction and operation and maintenance management costs and poor user experience. Combining the advantages of network security products and the accumulation of remote office scenarios, Sangfor creates security solutions for digital work scenarios based on the concept of zero trust. The solution integrates multidimensional capabilities based on a unified identity and authority, including endpoint detection and response, behavior analysis, and data leakage prevention. The solution enables users to access safely and conveniently anytime, anywhere with a better experience. The solution also simplifies management and operation and maintenance. Security can be implemented more simply and effectively. Based on the existing network architecture, users can quickly implement zero trust through smooth upgrades. As a result, users’ digital work becomes safer and more efficient.
    SIMKEY Solution for Chinese SM Hardware Cryptography Module on  Mobile Terminal
    2021, 7(E1):  191. 
    Asbtract ( )   PDF (2368KB) ( )  
    Related Articles | Metrics
    For mobile smart terminals such as mobile phones and tablet computers, there has been a lack of universal cryptographic devices similar to USB Key on the PC side. This leads to a lack of security support when carrying out key services on the mobile side, which hinders the development of the depth and breadth of the mobile side business. In order to address this problem, Asiainfo Security has proposed a universal solution  about Chinese SM hardware cryptographic module called SIMKEY on the mobile side. As a dedicated SIM card, SIMKEY conforms to the SIM card specifications of telecom operators and is suitable for all kinds of smart phones and tablet computers. The product has a commercial cryptographic product certification certificate. In addition to standard communication functions, the card can also provide various cryptographic capabilities, including: encryption and decryption, signature and signature verification, hashing and other cryptographic computing services, as well as key generation and management, digital certificate storage and use, and key data storage. SIMKEY has a variety of application scenarios, such as: digital identity authentication, electronic signature verification, VPN dialin authentication, PCside scanning code use, etc. Meanwhile, in response to the needs of the Internet of Things, SIMKEY also supports IOT security solutions with different key systems.
    Information Security Solution of Power Industry Control System  Based on Trusted Computing 3.0
    2021, 7(E1):  198. 
    Asbtract ( )   PDF (2521KB) ( )  
    Related Articles | Metrics
    According to the information security requirements of the electric power industry control system and the technical characteristics of the existing defense means, this paper presents a security immune solution for the electric power industry control system based on trusted computing 3.0. An active immune indepth protection system for power industry control system is constructed, and the application of trusted computing 3.0 technology in the environment of power industry control system is studied. A series of trusted computing hardware and software products with active immunity are designed to resist the organized and targeted directed attack effectively, and to use for the localization substitution of electric power industry control system.