Aerospace physical exploration database system security is mainly based on the hierarchical structure of the network system, the division of information systems security level and architecture (Figure 3-1). For some of the weak links using the appropriate security technology, so that the system can resist attacks from internal or external against a variety of objects in various ways to prevent the dissemination of harmful information; can provide strict control capabilities and efficient means of verification, to achieve a more secure than the existing mode of work and management mechanism; **** enjoy the classification of information hierarchical management, the use of public-key based on digital certificates through the Strict authorization management and audit management mechanism to ensure the security of the system.
Figure 3-1 System Security System Architecture
Entity security: the entity is mainly for the computer equipment, network equipment and storage equipment, to prevent damage from earthquakes, floods, fires and other accidents, as well as damage caused by man-made crimes.
System security: the data server runs on UNIX system, and the UNIX operating system meets the C2 level security standards; at the same time, the UNIX system provides the corresponding backup and recovery mechanism, which meets the security requirements of the information system of aerial material exploration.
Network security: the center's network department through the network transmission of authentication, firewalls, intrusion detection, review and analysis of suspicious information to ensure that the operation of the network security means.
Data security: Oracle database with C2 level security standards, fully meet the requirements of aviation physical exploration database storage security. In addition, the system also provides data access rights, important data encryption, data log tracking and data backup functions to protect the database data security.
Use of security: through the user authentication and system function rights to control the use of the system security.