电信科学 ›› 2013, Vol. 29 ›› Issue (6): 170-176.doi: 10.3969/j.issn.1000-0801.2013.06.029

• 运营创新论坛 • 上一篇    

基于安全管控平台的“金库模式”分析及应用

宁建创,谭彬,,梁业裕   

  1. 中国移动通信集团广西壮族自治区有限公司网络运营中心 南宁530022
  • 出版日期:2013-06-20 发布日期:2017-07-18

Treasury Pattern Analysis and Application Based on Security Control Platform

Jianchuang Ning,Bin Tan,Yeyu Liang   

  1. Network Operations Center, China Mobile Group Guangxi Co., Ltd., Nanning 530022, China
  • Online:2013-06-20 Published:2017-07-18

摘要:

为降低高权限账号被滥用引起违规操作和客户信息泄露的风险,借鉴银行金库管理中开关库房必须由两名管库员在场共同进行的方式,以多人制衡的手段对高权限的使用进行监督和控制。通过对广西移动网络运营中心“金库模式”的各种应用场景的调查和分析,对“金库模式”的触发模式、授权模式和工作效率优化进行了分析和实现设计。并在网运中心的语音交换网元、WAP、信令监测等系统进行了成功的实施和应用,敏感数据查询量显著下降,有效遏制了权限滥用的情况,降低了客户敏感信息泄露的风险。

关键词: 金库管理, 应用场景, 触发模式, 授权模式

Abstract:

In order to reduce illegal operations and customer information disclosure of risk caused by the high privilege account abuse, drawing lessons from the way of the bank vault management in warehouse that must switch consist of two warehouse keepers who jointly conduct the warehouse, high authority for supervision and control was used in many means of checks and balances. Through the investigation and analysis of various application scenarios for Guangxi mobile network operation center treasury management, trigger mode, authorization model and working efficiency optimization of treasury management were analyzed, designed and implemented. And it was successfully implemented and applicated in the systems such as voice switching network, WAP and signaling monitoring in network operation center. The results show the query sensitive data volume decrease significantly, and it can effectively curb the abuse of authority of the customer and reduce the risks of disclosure of sensitive information.

Key words: treasury management, application scenarios, trigger mode, approval mode

No Suggested Reading articles found!