欢迎访问中国科学院大学学报,今天是

中国科学院大学学报 ›› 2004, Vol. 21 ›› Issue (2): 202-209.DOI: 10.7523/j.issn.2095-6134.2004.2.009

• 综述 • 上一篇    下一篇

计算机应急响应系统体系研究

连一峰, 戴英侠   

  1. 信息安全国家重点实验室(中国科学院研究生院), 北京 100039
  • 收稿日期:2003-03-26 修回日期:2003-06-02 发布日期:2004-03-19
  • 基金资助:

    国家973课题(G1999035801);中国科学院研究生院院长基金(yzjj200209)资助项目

Study on the Architecture of Computer Emergency Response System

LIAN Yi-Feng, DAI Ying-Xia   

  1. State Key Lab. of Information Security, Graduate School of the Chinese Academy of Sciences, Beijing 100039, China
  • Received:2003-03-26 Revised:2003-06-02 Published:2004-03-19

摘要:

应急响应是维护计算机和网络系统动态安全性的关键问题.提出了基于层次化模型的计算机应急响应系统体系结构,从安全服务层、系统模块层、安全研究层的角度对系统的功能需求、模块划分和相应的技术支持给出了明确的定义,针对计算机应急响应系统所关注的事件响应、安全监控、入侵追踪、灾难恢复等问题,结合向用户提供的安全咨询、安全公告、安全状况分析等服务功能,进行了详细的阐述.

关键词: 应急响应, 计算机紧急响应小组, 体系结构

Abstract:

Emergency Response is regarded as the key problem of dynamic security of computer and network systems.In this paper, we propose the architecture of Computer Emergency Response System based on hierarchicalmodel, including security service layer, system module layer and security research layer. Explicit definitions offunctional requirements, module partitions and corresponding technical supports of this architecture are given. Severalconcerned items, such as Incident Response, Security Surveillance, Intrusion Traceback, Disaster Recovery,and other relevant security services (Security Consultation, Security Bulletin and Security Analysis),are also discussedin detail.

Key words: emergency response, computer emergency response team (CERT), architecture

中图分类号: