Industry demand

                        Large amounts of important industry information are stored in military industry database, such as military product planning information, process design information and production management information. Leakage of these contents will cause irreparable damage on national military industry and affect social stability. Therefore, it is imperative to establish robust and reliable data security protection system.

                        1. It is required to strengthen data security protection for secret-involved system according to national classified protection requirement. The State Secrets Bureau issued and implemented No. BMB22 document in 2007, put forward a series of technical and evaluation requirements on data security scheme from operation management, identity certification, access control, security audit, storage encryption and database security.

                        2. As military product planning, process design and production management information are kept confidential highly, it is required to perform inner audit and control on internal production and management staffs to ensure no leakage of important information, besides, learn the occurrence of risk incidents as soon as possible and inform relevant staffs to handle quickly.

                        Project overview

                        Referring to data security demand of military industry, Ankki Technology raised solutions toward military industry system, performing all-round audit on database, giving warning on risk events, accurately recording and localizing risk behaviors, assisting military units in inner audit and control and protecting database security from inside.

                         

                        Project value

                        1. Responding to requirements of central military commission and secrets bureau

                        Respond to Suggestions on Strengthening Military Information Security Guarantee Work under New Situation issued by central military commission and Technical Requirement on Classified Protection of National Secret-involved Information System from national secrets bureau and perfect IT inner control system of the organization to meet various compliance requirements and ensure the organization pass IT audit smoothly.

                        2. Reduce destruction and leakage of core information assets effectively

                        Database security audit system can be able to strengthen database audit and discover risks and prevent quickly, so as to effectively reduce deconstruction and data leakage of core information assets.

                        3. Trace the source

                        It is convenient to investigate the cause and define responsibility after relevant incidents. As departments responsible for operation and maintenance usually have the highest authority of database management system (mastering the password of DBA account), they also undertake high risks (maloperation or malicious deconstruction of individual personnel). Audit system can help conduct cause investigation and responsibility definition after relevant incidents.

                        4. Control security conditions of service system operation directly to ensure normal operation

                        Normal operation of military information system requires a stable and secure network environment. For management department, the security condition of network environment is a serious matter. Database audit system provides service flow monitoring and audit incident statistics analysis functions, which can visually reflect security conditions of network environment.

                        5. Support multiple types of database:

                        • Support audit on mainstream database including Oracle, MS-SQL, DB2, MYSQL, Caché DB, Sybase, POSTGRESQL, DM and KingBase at the same time.

                        • Support audit on multiple systems at the same time.

                        • Support audit on multiple database (such as database or cluster , supporting information system with multiple types of database in a single institution) at the same time.

                        6. Realize independent audit

                        From the perspective of inner control, the separation of three powers including system use, management and supervision rights is a must to perfect IT inner control mechanism. Audit system aims to perfect military IT inner control mechanism through independent audit and assisting supervisors obtain technical means.

                        Project advantages

                        1. Bypass deployment does not affect original network architecture nor normal operation of service system.

                        2. Inner anti-attack rules can effectively detect SQL injection hacker attack.

                        Unlike general database audit products, Ankki database audit system can prevent higher level data query operations including function and bind variables and specialize in seizing “master”. Inner anti-attack rules can effectively detect SQL injection and cross-site scripting attack.

                        3. Responding to requirements of central military commission and secrets bureau

                        Respond to Suggestions on Strengthening Military Information Security Guarantee Work under New Situation issued by central military commission and Technical Requirement on Classified Protection of National Secret-involved Information System from national secrets bureau and perfect IT inner control system of the organization to meet various compliance requirements and ensure the organization pass IT audit smoothly.

                        4. Real-time warning

                        Ankki database audit system will send key information of event to security audit personnel via email and short message, and give disposal suggestions through system after investigating, obtaining evidence and confirming legality, determining the end of event. Audit administrators can decide if there are shielding or omission behaviors by tracing security event disposal information.

                        5、事件場景還原

                        Ankki AAS can build correlation and scene through event and terminal factors to simulate the whole process of event along with simulating playback. Large screen display is convenient for analytic and technical staffs to directly trace cross-correlation of event and operation behaviors with higher risks through playback clue.

                         

                        Success Case

                        More