Security Model Based on Network Business Security
Wu Kehe, Zhang Tong, Li Wei, Ma Gang
Department of Computer Science and Technology North China Electric Power University Beijing, China email@example.com, firstname.lastname@example.org, email@example.com, firstname.lastname@example.org
Abstract—Enterprise Network Information System is not only the platform for information sharing and information exchanging, but also the platform for Enterprise Production Automation System and Enterprise Management System working together. As a result, the security defense of Enterprise Network Information System does not only include information system network security and data security, but also include the security of network business running on information system network, which is the confidentiality, integrity, continuity and real-time of network business. According to the security defense of Enterprise Network Information System, this paper proposes the "network business security" concept. In this paper, the object of data information security is defined in three parts security, network system security and network business security, and the network business security model is described. The proposal of the concept "network business security" provides theoretical basis for security defense of enterprise automatic production system and enterprise management information system. Keywords-Information Security, Network Business Security, Network Business Security Model
Computer and network technology provide convenience to the people, but at the same time, security problems have emerged and become more and more serious. With the increasing popularity of computer applications, in particular, the rapid development of network technology, more and more security threat have appeared and information security has become a very important and urgent issue to be solved. Network information security has become the fifth security field after sea, land, air and space. In recent years, a great deal of theoretical research and technical studies on information security have been done. Currently, information security has developed along the two following directions : one is data security, another is network security. According to information (data) security defense in network environment, security theory based on data security  is established. Data security theory, based on cryptography theory, researches confidentiality, integrity and availability of data, data security defense 978-0-7695-3892-1/09 $26.00 © 2009 IEEE DOI 10.1109/ICCTD.2009.160 577
strategies and so on. The main information security models include the data confidentiality model (BLP model ), the data integrity model (Biba model ), and the PDR model  which can guide security defense process. According to Open Systems Internet Security Architecture, security theory based on network security research network security from security protocol, security mechanisms and security services  three levels, in order to provide theoretical basis for establishing a secure network system. Therefore, the existing theoretical system of information security can be expressed in figure 1. In the current practical application, the network environment can be simply divided into two types: one is a public information network, such as the Internet network, Chinanet network and Cernet network, which can provide information sharing and information exchange services; another is the enterprise information network , such as electric power dispatching data network (SPDnet) and electric power integrated data network (SPInet), which can work as the platform of enterprise business operating and collaborative working as well as provide information sharing and information exchange services. The information system running on the public information network is mainly the platform of information sharing and information exchange....