WATERBOX防水墙系统中硬件接口及设备管理设计与实现

封面I随着网络时代的到来，互联网的触角已经深入到中国的每一个角落。在网络化的同时，有关网络信息安全的问题也日益突出。绝大多数的企业、学校、政府机构把内网的安全重点放在防范来自外部的攻击，依赖于防火墙、防病毒软件。然而对一系列计算机犯罪统计数字分析的结果，促使人们更多地关注来自内部人员的安全威胁。其中计算机系统的外部设备泄密是信息泄露事件发生的一大重要根源。如今越来越多的敏感信息、秘密数据和档案资料被存贮在计算机里，大量的秘密文件和资料变为磁性介质、光学介质，存贮在无保护的介质里，外设的泄密隐患相当大，内部员工可以通过光驱、软驱、USB等外设非法拷贝敏感信息和涉密信息，这些行为造成严重的后果和不可弥补的损失。本文旨在对主机设备管理技术进行研究，建立一个主机设备管理系统。该系统具有身份认证、在线主机扫描、主机设备监控等功能。本文首先分析了现阶段主机设备管理的研究背景及现状，然后从需求分析入手，分析了系统的层次结构，接下来结合现有的技术，设计了一个主机设备管理系统，最后对该系统进行了实现和测试。课题的最终成果为：设计了一个主机设备管理模块，并依据该模块实现了一个主机设备管理系统。实践证明，该系统具备良好的实际应用价值。关键词：防水墙，主机设备管理，网络安全，信息安全AbstractIIAbstractNetworkhasbeenpopularinChinawhenthenetworkageiscoming,buttheproblemofinformationsecuritybecomesmoreandmoreserious.Mostofenterprises,schoolsandgovernmentsfocusonexternalattackdependingonfirewareandanti-virus.Whileaseriesofstatisticresultofcomputercrimeindicatesthatpeopleshouldattendthesecuritythreatofinteriorpersonnel.Theoneofthereasonsofblowingthegaffisthecomputerdevice,becausemoreandmoresensitiveinformation、privatedataandarchivesaresavedinthecomputer,amassoffilesanddatumarechangedintomagneticmediumandopticalmediumsothatthepossibilityofblowingthegaffisbigowingtointeriorpersonnelcopyinginformationthroughCD-ROM,floppydriveandUSB.Inthisthesis,theconceptualarchitectureofsuchasystemwasdescribed,andourexperiencewithitsinitialimplementationwasaddressedaswell.Thissystemconsistsofidentityauthentication,on-linecomputerscananddevicemanagement.Theachievementsofthisthesisincludethedesignandimplementationofadevicemanagementsystem.Therequirementanalysiswasfinished.Alsothemodulesofthesystemandsomekeytechnologiesweredescribed.Thesystemwasimplementedandtestedaswell.Inconclusion,thedevicemanagementsystemhasgoodperformanceandwecanensurethattheinformationisnotblabedthroughthedevice.Keywords:WaterBox,hostdevicemanagement,networksecurity,informationsecurity目录III目录第一章引言........................................................11.1背景以及国内外现状...........................................11.2主要内容.....................................................11.3论文章节安排.................................................1第二章需求分析.....................................................32.1系统需求.....................................................32.2功能需求.....................................................32.3性能需求.....................................................42.4硬件环境.....................................................52.5软件环境及开发环境...........................................52.6小结.........................................................6第三章总体设计.....................................................73.1系统总体结构简介.............................................73.2子系统总体设计...............................................83.2.1验证模块模块...........................................93.2.2系统主控平台...........................................93.2.3扫描在线主机模块.......................................93.2.4主机设备管理模块......................................103.3系统基本处理流程............................................103.3.1主机设备管理系统的数据流设计[6].........................103.3.2验证模块的流程图......................................113.3.3系统主控平台的流程图..................................123.3.4在线主机扫描模块的流程图..............................133.3.5主机设备管理模块的流程图..............................153.4小结........................................................18第四章详细设计....................................................194.1权限验证模块................................................194.1.1权限验证IPO图........................................194.1.2权限验证模块的界面设计................................19目录IV4.1.3权限验证模块的实现....................................204.2系统主控平台................................................214.2.1主控平台界面设计......................................214.2.2主控平台的实现........................................214.3基于UDP的网段扫描模块[7]....................................224.3.1设计思路..............................................224.3.2编程原理..............................................224.3.2.1UDP与TCP简介...................................224.3.2.2Csocket类中的UDP相关函数......................234.3.2.3事件函数和线程创建函数...........................254.3.3实例祥解..............................................264.3.3.1初始化例程.......................................264.3.3.2启动扫描.........................................274.3.3.3扫描线程.........................................274.3.3.4获得扫描结果.....................................284.3.3.5保存扫描结果.....................................284.3.3.6双击动作.........................................294.3.3.7退出扫描.........................................304.4主机设备的管理..............................................304.4.1概述..................................................304.4.1.1对于控制光驱接口,我们可以通过若干方法来实现[2]....304.4.1.2对于控制USB接口,我们可以通过若干方法来实现[3]....334.4.1.3其他设备的管理...................................354.4.2Client/Server模式.....................................354.4.2.1概述.............................................354.4.2.2套接字调用的流程.................................364.4.2.3Winsock编程原理................................404.4.2.4系统中C/S模式的实现.............................454.4.3控制主机设备的关键技术................................504.