fujian_water_biz_doc/output/water_biz_security_design.html

1577 lines
117 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" lang="" xml:lang="">
<head>
<meta charset="utf-8" />
<meta name="generator" content="pandoc" />
<meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=yes" />
<meta name="author" content="系统设计团队" />
<title>福建水务营收系统-安全设计</title>
<style>
code{white-space: pre-wrap;}
span.smallcaps{font-variant: small-caps;}
div.columns{display: flex; gap: min(4vw, 1.5em);}
div.column{flex: auto; overflow-x: auto;}
div.hanging-indent{margin-left: 1.5em; text-indent: -1.5em;}
/* The extra [class] is a hack that increases specificity enough to
override a similar rule in reveal.js */
ul.task-list[class]{list-style: none;}
ul.task-list li input[type="checkbox"] {
font-size: inherit;
width: 0.8em;
margin: 0 0.8em 0.2em -1.6em;
vertical-align: middle;
}
.display.math{display: block; text-align: center; margin: 0.5rem auto;}
/* CSS for syntax highlighting */
pre > code.sourceCode { white-space: pre; position: relative; }
pre > code.sourceCode > span { line-height: 1.25; }
pre > code.sourceCode > span:empty { height: 1.2em; }
.sourceCode { overflow: visible; }
code.sourceCode > span { color: inherit; text-decoration: inherit; }
div.sourceCode { margin: 1em 0; }
pre.sourceCode { margin: 0; }
@media screen {
div.sourceCode { overflow: auto; }
}
@media print {
pre > code.sourceCode { white-space: pre-wrap; }
pre > code.sourceCode > span { display: inline-block; text-indent: -5em; padding-left: 5em; }
}
pre.numberSource code
{ counter-reset: source-line 0; }
pre.numberSource code > span
{ position: relative; left: -4em; counter-increment: source-line; }
pre.numberSource code > span > a:first-child::before
{ content: counter(source-line);
position: relative; left: -1em; text-align: right; vertical-align: baseline;
border: none; display: inline-block;
-webkit-touch-callout: none; -webkit-user-select: none;
-khtml-user-select: none; -moz-user-select: none;
-ms-user-select: none; user-select: none;
padding: 0 4px; width: 4em;
color: #aaaaaa;
}
pre.numberSource { margin-left: 3em; border-left: 1px solid #aaaaaa; padding-left: 4px; }
div.sourceCode
{ background-color: #f8f8f8; }
@media screen {
pre > code.sourceCode > span > a:first-child::before { text-decoration: underline; }
}
code span.al { color: #ef2929; } /* Alert */
code span.an { color: #8f5902; font-weight: bold; font-style: italic; } /* Annotation */
code span.at { color: #204a87; } /* Attribute */
code span.bn { color: #0000cf; } /* BaseN */
code span.cf { color: #204a87; font-weight: bold; } /* ControlFlow */
code span.ch { color: #4e9a06; } /* Char */
code span.cn { color: #8f5902; } /* Constant */
code span.co { color: #8f5902; font-style: italic; } /* Comment */
code span.cv { color: #8f5902; font-weight: bold; font-style: italic; } /* CommentVar */
code span.do { color: #8f5902; font-weight: bold; font-style: italic; } /* Documentation */
code span.dt { color: #204a87; } /* DataType */
code span.dv { color: #0000cf; } /* DecVal */
code span.er { color: #a40000; font-weight: bold; } /* Error */
code span.ex { } /* Extension */
code span.fl { color: #0000cf; } /* Float */
code span.fu { color: #204a87; font-weight: bold; } /* Function */
code span.im { } /* Import */
code span.in { color: #8f5902; font-weight: bold; font-style: italic; } /* Information */
code span.kw { color: #204a87; font-weight: bold; } /* Keyword */
code span.op { color: #ce5c00; font-weight: bold; } /* Operator */
code span.ot { color: #8f5902; } /* Other */
code span.pp { color: #8f5902; font-style: italic; } /* Preprocessor */
code span.sc { color: #ce5c00; font-weight: bold; } /* SpecialChar */
code span.ss { color: #4e9a06; } /* SpecialString */
code span.st { color: #4e9a06; } /* String */
code span.va { color: #000000; } /* Variable */
code span.vs { color: #4e9a06; } /* VerbatimString */
code span.wa { color: #8f5902; font-weight: bold; font-style: italic; } /* Warning */
</style>
<link rel="stylesheet" href="output/document_style.css" />
<meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1.0">
</head>
<body>
<header id="title-block-header">
<h1 class="title">福建水务营收系统-安全设计</h1>
<p class="author">系统设计团队</p>
<p class="date">2024年12月19日</p>
</header>
<nav id="TOC" role="doc-toc">
<ul>
<li><a href="#福建水务营收系统安全设计文档"
id="toc-福建水务营收系统安全设计文档"><span
class="toc-section-number">1</span> 福建水务营收系统安全设计文档</a>
<ul>
<li><a href="#文档信息" id="toc-文档信息"><span
class="toc-section-number">1.1</span> 文档信息</a></li>
<li><a href="#目录" id="toc-目录"><span
class="toc-section-number">1.2</span> 目录</a></li>
<li><a href="#一安全设计概述" id="toc-一安全设计概述"><span
class="toc-section-number">1.3</span> 一、安全设计概述</a>
<ul>
<li><a href="#安全目标" id="toc-安全目标"><span
class="toc-section-number">1.3.1</span> 1.1 安全目标</a></li>
<li><a href="#安全原则" id="toc-安全原则"><span
class="toc-section-number">1.3.2</span> 1.2 安全原则</a></li>
<li><a href="#总体安全架构" id="toc-总体安全架构"><span
class="toc-section-number">1.3.3</span> 1.3 总体安全架构</a></li>
</ul></li>
<li><a href="#二等级保护三级安全设计"
id="toc-二等级保护三级安全设计"><span
class="toc-section-number">1.4</span> 二、等级保护三级安全设计</a>
<ul>
<li><a href="#技术安全要求" id="toc-技术安全要求"><span
class="toc-section-number">1.4.1</span> 2.1 技术安全要求</a>
<ul>
<li><a href="#安全通信网络" id="toc-安全通信网络"><span
class="toc-section-number">1.4.1.1</span> 2.1.1 安全通信网络</a></li>
<li><a href="#安全区域边界" id="toc-安全区域边界"><span
class="toc-section-number">1.4.1.2</span> 2.1.2 安全区域边界</a></li>
<li><a href="#安全计算环境" id="toc-安全计算环境"><span
class="toc-section-number">1.4.1.3</span> 2.1.3 安全计算环境</a></li>
</ul></li>
<li><a href="#管理安全要求" id="toc-管理安全要求"><span
class="toc-section-number">1.4.2</span> 2.2 管理安全要求</a>
<ul>
<li><a href="#安全管理中心" id="toc-安全管理中心"><span
class="toc-section-number">1.4.2.1</span> 2.2.1 安全管理中心</a></li>
<li><a href="#安全管理制度" id="toc-安全管理制度"><span
class="toc-section-number">1.4.2.2</span> 2.2.2 安全管理制度</a></li>
</ul></li>
</ul></li>
<li><a href="#三opengauss数据库安全"
id="toc-三opengauss数据库安全"><span
class="toc-section-number">1.5</span> 三、OpenGauss数据库安全</a>
<ul>
<li><a href="#数据库安全架构" id="toc-数据库安全架构"><span
class="toc-section-number">1.5.1</span> 3.1 数据库安全架构</a></li>
<li><a href="#国产密码算法应用" id="toc-国产密码算法应用"><span
class="toc-section-number">1.5.2</span> 3.2 国产密码算法应用</a>
<ul>
<li><a href="#传输加密" id="toc-传输加密"><span
class="toc-section-number">1.5.2.1</span> 3.2.1 传输加密</a></li>
<li><a href="#透明数据加密" id="toc-透明数据加密"><span
class="toc-section-number">1.5.2.2</span> 3.2.2 透明数据加密</a></li>
</ul></li>
<li><a href="#行级安全策略" id="toc-行级安全策略"><span
class="toc-section-number">1.5.3</span> 3.3 行级安全策略</a></li>
<li><a href="#数据脱敏策略" id="toc-数据脱敏策略"><span
class="toc-section-number">1.5.4</span> 3.4 数据脱敏策略</a></li>
</ul></li>
<li><a href="#四应用系统安全" id="toc-四应用系统安全"><span
class="toc-section-number">1.6</span> 四、应用系统安全</a>
<ul>
<li><a href="#spring-security安全配置"
id="toc-spring-security安全配置"><span
class="toc-section-number">1.6.1</span> 4.1 Spring Security安全配置</a>
<ul>
<li><a href="#认证配置" id="toc-认证配置"><span
class="toc-section-number">1.6.1.1</span> 4.1.1 认证配置</a></li>
<li><a href="#多因素认证" id="toc-多因素认证"><span
class="toc-section-number">1.6.1.2</span> 4.1.2 多因素认证</a></li>
</ul></li>
<li><a href="#数据传输安全" id="toc-数据传输安全"><span
class="toc-section-number">1.6.2</span> 4.2 数据传输安全</a>
<ul>
<li><a href="#https配置" id="toc-https配置"><span
class="toc-section-number">1.6.2.1</span> 4.2.1 HTTPS配置</a></li>
<li><a href="#敏感数据加密" id="toc-敏感数据加密"><span
class="toc-section-number">1.6.2.2</span> 4.2.2 敏感数据加密</a></li>
</ul></li>
<li><a href="#接口安全防护" id="toc-接口安全防护"><span
class="toc-section-number">1.6.3</span> 4.3 接口安全防护</a>
<ul>
<li><a href="#接口签名验证" id="toc-接口签名验证"><span
class="toc-section-number">1.6.3.1</span> 4.3.1 接口签名验证</a></li>
<li><a href="#接口限流防护" id="toc-接口限流防护"><span
class="toc-section-number">1.6.3.2</span> 4.3.2 接口限流防护</a></li>
</ul></li>
</ul></li>
<li><a href="#五网络安全设计" id="toc-五网络安全设计"><span
class="toc-section-number">1.7</span> 五、网络安全设计</a>
<ul>
<li><a href="#网络拓扑安全" id="toc-网络拓扑安全"><span
class="toc-section-number">1.7.1</span> 5.1 网络拓扑安全</a></li>
<li><a href="#防火墙策略配置" id="toc-防火墙策略配置"><span
class="toc-section-number">1.7.2</span> 5.2 防火墙策略配置</a>
<ul>
<li><a href="#边界防火墙策略" id="toc-边界防火墙策略"><span
class="toc-section-number">1.7.2.1</span> 5.2.1 边界防火墙策略</a></li>
<li><a href="#应用层防火墙策略" id="toc-应用层防火墙策略"><span
class="toc-section-number">1.7.2.2</span> 5.2.2
应用层防火墙策略</a></li>
</ul></li>
<li><a href="#入侵检测与防护" id="toc-入侵检测与防护"><span
class="toc-section-number">1.7.3</span> 5.3 入侵检测与防护</a>
<ul>
<li><a href="#idsips规则配置" id="toc-idsips规则配置"><span
class="toc-section-number">1.7.3.1</span> 5.3.1 IDS/IPS规则配置</a></li>
</ul></li>
</ul></li>
<li><a href="#六数据安全设计" id="toc-六数据安全设计"><span
class="toc-section-number">1.8</span> 六、数据安全设计</a>
<ul>
<li><a href="#数据分类分级" id="toc-数据分类分级"><span
class="toc-section-number">1.8.1</span> 6.1 数据分类分级</a>
<ul>
<li><a href="#数据分类标准" id="toc-数据分类标准"><span
class="toc-section-number">1.8.1.1</span> 6.1.1 数据分类标准</a></li>
<li><a href="#数据保护策略" id="toc-数据保护策略"><span
class="toc-section-number">1.8.1.2</span> 6.1.2 数据保护策略</a></li>
</ul></li>
<li><a href="#数据备份与恢复安全" id="toc-数据备份与恢复安全"><span
class="toc-section-number">1.8.2</span> 6.2 数据备份与恢复安全</a>
<ul>
<li><a href="#备份加密策略" id="toc-备份加密策略"><span
class="toc-section-number">1.8.2.1</span> 6.2.1 备份加密策略</a></li>
<li><a href="#数据恢复流程" id="toc-数据恢复流程"><span
class="toc-section-number">1.8.2.2</span> 6.2.2 数据恢复流程</a></li>
</ul></li>
<li><a href="#数据销毁与清理" id="toc-数据销毁与清理"><span
class="toc-section-number">1.8.3</span> 6.3 数据销毁与清理</a>
<ul>
<li><a href="#安全数据销毁" id="toc-安全数据销毁"><span
class="toc-section-number">1.8.3.1</span> 6.3.1 安全数据销毁</a></li>
</ul></li>
</ul></li>
<li><a href="#七运维安全设计" id="toc-七运维安全设计"><span
class="toc-section-number">1.9</span> 七、运维安全设计</a>
<ul>
<li><a href="#安全监控体系" id="toc-安全监控体系"><span
class="toc-section-number">1.9.1</span> 7.1 安全监控体系</a>
<ul>
<li><a href="#安全监控架构" id="toc-安全监控架构"><span
class="toc-section-number">1.9.1.1</span> 7.1.1 安全监控架构</a></li>
<li><a href="#安全事件检测规则" id="toc-安全事件检测规则"><span
class="toc-section-number">1.9.1.2</span> 7.1.2
安全事件检测规则</a></li>
</ul></li>
<li><a href="#漏洞管理" id="toc-漏洞管理"><span
class="toc-section-number">1.9.2</span> 7.2 漏洞管理</a>
<ul>
<li><a href="#漏洞扫描策略" id="toc-漏洞扫描策略"><span
class="toc-section-number">1.9.2.1</span> 7.2.1 漏洞扫描策略</a></li>
<li><a href="#补丁管理流程" id="toc-补丁管理流程"><span
class="toc-section-number">1.9.2.2</span> 7.2.2 补丁管理流程</a></li>
</ul></li>
<li><a href="#应急响应预案" id="toc-应急响应预案"><span
class="toc-section-number">1.9.3</span> 7.3 应急响应预案</a>
<ul>
<li><a href="#安全事件分级" id="toc-安全事件分级"><span
class="toc-section-number">1.9.3.1</span> 7.3.1 安全事件分级</a></li>
<li><a href="#应急响应流程" id="toc-应急响应流程"><span
class="toc-section-number">1.9.3.2</span> 7.3.2 应急响应流程</a></li>
</ul></li>
</ul></li>
<li><a href="#八安全管理制度" id="toc-八安全管理制度"><span
class="toc-section-number">1.10</span> 八、安全管理制度</a>
<ul>
<li><a href="#安全组织架构" id="toc-安全组织架构"><span
class="toc-section-number">1.10.1</span> 8.1 安全组织架构</a>
<ul>
<li><a href="#安全管理组织" id="toc-安全管理组织"><span
class="toc-section-number">1.10.1.1</span> 8.1.1 安全管理组织</a></li>
</ul></li>
<li><a href="#安全管理制度-1" id="toc-安全管理制度-1"><span
class="toc-section-number">1.10.2</span> 8.2 安全管理制度</a>
<ul>
<li><a href="#人员安全管理" id="toc-人员安全管理"><span
class="toc-section-number">1.10.2.1</span> 8.2.1 人员安全管理</a></li>
<li><a href="#系统建设安全管理" id="toc-系统建设安全管理"><span
class="toc-section-number">1.10.2.2</span> 8.2.2
系统建设安全管理</a></li>
<li><a href="#系统运维安全管理" id="toc-系统运维安全管理"><span
class="toc-section-number">1.10.2.3</span> 8.2.3
系统运维安全管理</a></li>
</ul></li>
<li><a href="#合规管理" id="toc-合规管理"><span
class="toc-section-number">1.10.3</span> 8.3 合规管理</a>
<ul>
<li><a href="#法律法规合规" id="toc-法律法规合规"><span
class="toc-section-number">1.10.3.1</span> 8.3.1 法律法规合规</a></li>
<li><a href="#行业标准合规" id="toc-行业标准合规"><span
class="toc-section-number">1.10.3.2</span> 8.3.2 行业标准合规</a></li>
<li><a href="#合规检查清单" id="toc-合规检查清单"><span
class="toc-section-number">1.10.3.3</span> 8.3.3 合规检查清单</a></li>
</ul></li>
</ul></li>
<li><a href="#总结" id="toc-总结"><span
class="toc-section-number">1.11</span> 总结</a></li>
</ul></li>
</ul>
</nav>
<h1 data-number="1" id="福建水务营收系统安全设计文档"><span
class="header-section-number">1</span> 福建水务营收系统安全设计文档</h1>
<h2 data-number="1.1" id="文档信息"><span
class="header-section-number">1.1</span> 文档信息</h2>
<table>
<thead>
<tr>
<th>项目信息</th>
<th>详情</th>
</tr>
</thead>
<tbody>
<tr>
<td><strong>项目名称</strong></td>
<td>福建水务营收系统</td>
</tr>
<tr>
<td><strong>文档类型</strong></td>
<td>安全设计文档</td>
</tr>
<tr>
<td><strong>技术框架</strong></td>
<td>RuoYi-Vue-Pro + OpenGauss</td>
</tr>
<tr>
<td><strong>文档版本</strong></td>
<td>v1.0</td>
</tr>
<tr>
<td><strong>编写日期</strong></td>
<td>2024-12-19</td>
</tr>
<tr>
<td><strong>文档状态</strong></td>
<td>✅ 已完成</td>
</tr>
</tbody>
</table>
<h2 data-number="1.2" id="目录"><span
class="header-section-number">1.2</span> 目录</h2>
<ul>
<li><a href="#一安全设计概述">一、安全设计概述</a></li>
<li><a href="#二等级保护三级安全设计">二、等级保护三级安全设计</a></li>
<li><a href="#三opengauss数据库安全">三、OpenGauss数据库安全</a></li>
<li><a href="#四应用系统安全">四、应用系统安全</a></li>
<li><a href="#五网络安全设计">五、网络安全设计</a></li>
<li><a href="#六数据安全设计">六、数据安全设计</a></li>
<li><a href="#七运维安全设计">七、运维安全设计</a></li>
<li><a href="#八安全管理制度">八、安全管理制度</a></li>
</ul>
<h2 data-number="1.3" id="一安全设计概述"><span
class="header-section-number">1.3</span> 一、安全设计概述</h2>
<p>福建水务营收系统安全设计严格按照《网络安全等级保护基本要求》第三级标准,结合水务行业特点和国产化要求,构建全方位、多层次的安全防护体系。</p>
<h3 data-number="1.3.1" id="安全目标"><span
class="header-section-number">1.3.1</span> 1.1 安全目标</h3>
<ul>
<li><strong>机密性</strong>:确保敏感数据不被未授权访问</li>
<li><strong>完整性</strong>:防止数据被恶意篡改或损坏</li>
<li><strong>可用性</strong>保障系统7×24小时稳定运行</li>
<li><strong>可审计性</strong>:完整记录系统操作审计轨迹</li>
<li><strong>合规性</strong>:满足等保三级和行业监管要求</li>
</ul>
<h3 data-number="1.3.2" id="安全原则"><span
class="header-section-number">1.3.2</span> 1.2 安全原则</h3>
<ul>
<li><strong>纵深防御</strong>:多层安全防护,避免单点故障</li>
<li><strong>最小权限</strong>:用户和应用仅具备必要的最小权限</li>
<li><strong>默认安全</strong>:系统默认采用最严格的安全配置</li>
<li><strong>持续监控</strong>7×24小时安全监控和威胁检测</li>
<li><strong>国产化优先</strong>:优先采用国产安全产品和技术</li>
</ul>
<h3 data-number="1.3.3" id="总体安全架构"><span
class="header-section-number">1.3.3</span> 1.3 总体安全架构</h3>
<p><strong>图表 1</strong></p>
<figure>
<img src="temp_mermaid_water_biz_security_design_6403/diagram_1.png"
alt="图表 1" />
<figcaption aria-hidden="true">图表 1</figcaption>
</figure>
<details>
<summary>
查看图表源码
</summary>
<pre class="mermaid"><code>graph TB
subgraph &quot;外部威胁&quot;
THREAT1[网络攻击]
THREAT2[恶意软件]
THREAT3[数据泄露]
THREAT4[内部威胁]
end
subgraph &quot;安全防护层&quot;
subgraph &quot;边界安全&quot;
WAF[Web应用防火墙]
FW[网络防火墙]
IPS[入侵防护系统]
VPN[VPN网关]
end
subgraph &quot;应用安全&quot;
AUTH[身份认证]
AUTHZ[访问控制]
AUDIT[操作审计]
ENCRYPT[数据加密]
end
subgraph &quot;数据安全&quot;
TDE[透明数据加密]
RLS[行级安全]
MASK[数据脱敏]
BACKUP[安全备份]
end
subgraph &quot;运维安全&quot;
MONITOR[安全监控]
LOG[日志分析]
ALERT[告警响应]
PATCH[安全更新]
end
end
subgraph &quot;核心资产&quot;
APP[水务营收系统]
DB[OpenGauss数据库]
FILE[文件存储]
API[接口服务]
end
THREAT1 --&gt; WAF
THREAT2 --&gt; FW
THREAT3 --&gt; IPS
THREAT4 --&gt; VPN
WAF --&gt; AUTH
FW --&gt; AUTHZ
IPS --&gt; AUDIT
VPN --&gt; ENCRYPT
AUTH --&gt; TDE
AUTHZ --&gt; RLS
AUDIT --&gt; MASK
ENCRYPT --&gt; BACKUP
TDE --&gt; MONITOR
RLS --&gt; LOG
MASK --&gt; ALERT
BACKUP --&gt; PATCH
MONITOR --&gt; APP
LOG --&gt; DB
ALERT --&gt; FILE
PATCH --&gt; API
</code></pre>
</details>
<h2 data-number="1.4" id="二等级保护三级安全设计"><span
class="header-section-number">1.4</span> 二、等级保护三级安全设计</h2>
<h3 data-number="1.4.1" id="技术安全要求"><span
class="header-section-number">1.4.1</span> 2.1 技术安全要求</h3>
<h4 data-number="1.4.1.1" id="安全通信网络"><span
class="header-section-number">1.4.1.1</span> 2.1.1 安全通信网络</h4>
<p><strong>网络架构安全</strong></p>
<p><strong>图表 2</strong></p>
<figure>
<img src="temp_mermaid_water_biz_security_design_6403/diagram_2.png"
alt="图表 2" />
<figcaption aria-hidden="true">图表 2</figcaption>
</figure>
<details>
<summary>
查看图表源码
</summary>
<pre class="mermaid"><code>graph TB
subgraph &quot;安全区域划分&quot;
DMZ[DMZ区&lt;br/&gt;Web服务器]
APP_ZONE[应用区&lt;br/&gt;应用服务器]
DB_ZONE[数据区&lt;br/&gt;数据库服务器]
MGT_ZONE[管理区&lt;br/&gt;运维管理]
end
subgraph &quot;边界防护&quot;
INTERNET[互联网]
FW1[边界防火墙]
FW2[内部防火墙]
IDS[入侵检测系统]
end
subgraph &quot;访问控制&quot;
VPN[VPN接入]
JUMP[跳板机]
BASTION[堡垒机]
end
INTERNET --&gt; FW1
FW1 --&gt; DMZ
DMZ --&gt; FW2
FW2 --&gt; APP_ZONE
APP_ZONE --&gt; DB_ZONE
VPN --&gt; JUMP
JUMP --&gt; BASTION
BASTION --&gt; MGT_ZONE
IDS --&gt; DMZ
IDS --&gt; APP_ZONE
</code></pre>
</details>
<p><strong>网络安全措施</strong> - 网络边界部署防火墙,实现网络访问控制
- 重要网络设备和服务器前端部署网络入侵检测设备 -
网络分段部署DMZ区、应用区、数据区物理隔离 -
关键网络设备提供双机热备功能 - 网络设备登录实现身份标识和鉴别</p>
<h4 data-number="1.4.1.2" id="安全区域边界"><span
class="header-section-number">1.4.1.2</span> 2.1.2 安全区域边界</h4>
<p><strong>区域边界防护</strong> -
在网络边界部署防火墙设备,设置访问控制策略 -
在网络边界部署入侵检测设备,监控网络攻击行为 -
在应用层部署Web应用防火墙防护Web应用攻击 -
对进出网络的数据流进行过滤和监控 -
建立网络访问控制策略,限制不必要的网络连接</p>
<h4 data-number="1.4.1.3" id="安全计算环境"><span
class="header-section-number">1.4.1.3</span> 2.1.3 安全计算环境</h4>
<p><strong>身份鉴别</strong></p>
<p><strong>图表 3</strong></p>
<figure>
<img src="temp_mermaid_water_biz_security_design_6403/diagram_3.png"
alt="图表 3" />
<figcaption aria-hidden="true">图表 3</figcaption>
</figure>
<details>
<summary>
查看图表源码
</summary>
<pre class="mermaid"><code>graph LR
subgraph &quot;多因素认证&quot;
USER[用户] --&gt; AUTH1[用户名密码]
AUTH1 --&gt; AUTH2[短信验证码]
AUTH2 --&gt; AUTH3[邮箱验证]
AUTH3 --&gt; TOKEN[JWT Token]
end
subgraph &quot;认证集成&quot;
LDAP[LDAP认证]
SSO[单点登录]
OAUTH[OAuth2.0]
SAML[SAML认证]
end
TOKEN --&gt; LDAP
TOKEN --&gt; SSO
TOKEN --&gt; OAUTH
TOKEN --&gt; SAML
</code></pre>
</details>
<p><strong>访问控制设计</strong> - 实现基于角色的访问控制(RBAC) -
支持基于属性的访问控制(ABAC) - 实现最小权限原则 -
支持权限的动态调整和审批流程</p>
<h3 data-number="1.4.2" id="管理安全要求"><span
class="header-section-number">1.4.2</span> 2.2 管理安全要求</h3>
<h4 data-number="1.4.2.1" id="安全管理中心"><span
class="header-section-number">1.4.2.1</span> 2.2.1 安全管理中心</h4>
<ul>
<li>建立安全管理中心,统一管理安全策略</li>
<li>配置安全管理员角色,负责安全策略制定</li>
<li>建立安全事件响应机制</li>
<li>定期进行安全评估和风险分析</li>
</ul>
<h4 data-number="1.4.2.2" id="安全管理制度"><span
class="header-section-number">1.4.2.2</span> 2.2.2 安全管理制度</h4>
<ul>
<li>制定信息安全管理制度和操作规程</li>
<li>建立人员安全管理制度</li>
<li>制定系统建设管理制度</li>
<li>建立系统运维管理制度</li>
</ul>
<h2 data-number="1.5" id="三opengauss数据库安全"><span
class="header-section-number">1.5</span> 三、OpenGauss数据库安全</h2>
<h3 data-number="1.5.1" id="数据库安全架构"><span
class="header-section-number">1.5.1</span> 3.1 数据库安全架构</h3>
<p><strong>图表 4</strong></p>
<figure>
<img src="temp_mermaid_water_biz_security_design_6403/diagram_4.png"
alt="图表 4" />
<figcaption aria-hidden="true">图表 4</figcaption>
</figure>
<details>
<summary>
查看图表源码
</summary>
<pre class="mermaid"><code>graph TB
subgraph &quot;OpenGauss安全特性&quot;
subgraph &quot;身份认证&quot;
PWD[密码认证]
CERT[证书认证]
LDAP_AUTH[LDAP认证]
KERBEROS[Kerberos认证]
end
subgraph &quot;访问控制&quot;
RBAC_DB[基于角色的访问控制]
RLS_DB[行级安全策略]
CLS_DB[列级访问控制]
SCHEMA[模式权限控制]
end
subgraph &quot;数据加密&quot;
TDE_SM4[TDE透明加密&lt;br/&gt;SM4国密算法]
SSL_SM[SSL传输加密&lt;br/&gt;SM2/SM3/SM4]
FIELD_ENC[字段级加密]
BACKUP_ENC[备份加密]
end
subgraph &quot;审计监控&quot;
AUDIT_LOG[操作审计日志]
LOGIN_LOG[登录审计]
DDL_LOG[DDL操作记录]
SECURITY_LOG[安全事件日志]
end
end
PWD --&gt; RBAC_DB
CERT --&gt; RLS_DB
LDAP_AUTH --&gt; CLS_DB
KERBEROS --&gt; SCHEMA
RBAC_DB --&gt; TDE_SM4
RLS_DB --&gt; SSL_SM
CLS_DB --&gt; FIELD_ENC
SCHEMA --&gt; BACKUP_ENC
TDE_SM4 --&gt; AUDIT_LOG
SSL_SM --&gt; LOGIN_LOG
FIELD_ENC --&gt; DDL_LOG
BACKUP_ENC --&gt; SECURITY_LOG
</code></pre>
</details>
<h3 data-number="1.5.2" id="国产密码算法应用"><span
class="header-section-number">1.5.2</span> 3.2 国产密码算法应用</h3>
<h4 data-number="1.5.2.1" id="传输加密"><span
class="header-section-number">1.5.2.1</span> 3.2.1 传输加密</h4>
<div class="sourceCode" id="cb5"><pre
class="sourceCode sql"><code class="sourceCode sql"><span id="cb5-1"><a href="#cb5-1" aria-hidden="true" tabindex="-1"></a><span class="co">-- 配置国密SSL连接</span></span>
<span id="cb5-2"><a href="#cb5-2" aria-hidden="true" tabindex="-1"></a><span class="kw">ALTER</span> <span class="kw">SYSTEM</span> <span class="kw">SET</span> ssl <span class="op">=</span> <span class="kw">on</span>;</span>
<span id="cb5-3"><a href="#cb5-3" aria-hidden="true" tabindex="-1"></a><span class="kw">ALTER</span> <span class="kw">SYSTEM</span> <span class="kw">SET</span> ssl_ciphers <span class="op">=</span> <span class="st">&#39;SM4-GCM-SM3:SM4-CCM-SM3&#39;</span>;</span>
<span id="cb5-4"><a href="#cb5-4" aria-hidden="true" tabindex="-1"></a><span class="kw">ALTER</span> <span class="kw">SYSTEM</span> <span class="kw">SET</span> ssl_cert_file <span class="op">=</span> <span class="st">&#39;server-sm2.crt&#39;</span>;</span>
<span id="cb5-5"><a href="#cb5-5" aria-hidden="true" tabindex="-1"></a><span class="kw">ALTER</span> <span class="kw">SYSTEM</span> <span class="kw">SET</span> ssl_key_file <span class="op">=</span> <span class="st">&#39;server-sm2.key&#39;</span>;</span></code></pre></div>
<h4 data-number="1.5.2.2" id="透明数据加密"><span
class="header-section-number">1.5.2.2</span> 3.2.2 透明数据加密</h4>
<div class="sourceCode" id="cb6"><pre
class="sourceCode sql"><code class="sourceCode sql"><span id="cb6-1"><a href="#cb6-1" aria-hidden="true" tabindex="-1"></a><span class="co">-- 启用TDE透明数据加密使用SM4算法</span></span>
<span id="cb6-2"><a href="#cb6-2" aria-hidden="true" tabindex="-1"></a><span class="kw">CREATE</span> <span class="kw">KEY</span> ENCRYPTION <span class="kw">KEY</span> water_biz_kek </span>
<span id="cb6-3"><a href="#cb6-3" aria-hidden="true" tabindex="-1"></a><span class="kw">WITH</span> ALGORITHM <span class="op">=</span> <span class="st">&#39;SM4-CTR&#39;</span>, KEY_STORE <span class="op">=</span> <span class="st">&#39;localkms&#39;</span>;</span>
<span id="cb6-4"><a href="#cb6-4" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb6-5"><a href="#cb6-5" aria-hidden="true" tabindex="-1"></a><span class="co">-- 为敏感表启用加密</span></span>
<span id="cb6-6"><a href="#cb6-6" aria-hidden="true" tabindex="-1"></a><span class="kw">CREATE</span> <span class="kw">TABLE</span> water_customer (</span>
<span id="cb6-7"><a href="#cb6-7" aria-hidden="true" tabindex="-1"></a> <span class="kw">id</span> SERIAL <span class="kw">PRIMARY</span> <span class="kw">KEY</span>,</span>
<span id="cb6-8"><a href="#cb6-8" aria-hidden="true" tabindex="-1"></a> customer_name <span class="dt">VARCHAR</span>(<span class="dv">100</span>) ENCRYPTED <span class="kw">WITH</span> (</span>
<span id="cb6-9"><a href="#cb6-9" aria-hidden="true" tabindex="-1"></a> COLUMN_ENCRYPTION_KEY <span class="op">=</span> water_biz_kek,</span>
<span id="cb6-10"><a href="#cb6-10" aria-hidden="true" tabindex="-1"></a> ENCRYPTION_TYPE <span class="op">=</span> DETERMINISTIC,</span>
<span id="cb6-11"><a href="#cb6-11" aria-hidden="true" tabindex="-1"></a> ALGORITHM <span class="op">=</span> <span class="st">&#39;SM4-CTR&#39;</span></span>
<span id="cb6-12"><a href="#cb6-12" aria-hidden="true" tabindex="-1"></a> ),</span>
<span id="cb6-13"><a href="#cb6-13" aria-hidden="true" tabindex="-1"></a> id_card <span class="dt">VARCHAR</span>(<span class="dv">18</span>) ENCRYPTED <span class="kw">WITH</span> (</span>
<span id="cb6-14"><a href="#cb6-14" aria-hidden="true" tabindex="-1"></a> COLUMN_ENCRYPTION_KEY <span class="op">=</span> water_biz_kek,</span>
<span id="cb6-15"><a href="#cb6-15" aria-hidden="true" tabindex="-1"></a> ENCRYPTION_TYPE <span class="op">=</span> RANDOMIZED,</span>
<span id="cb6-16"><a href="#cb6-16" aria-hidden="true" tabindex="-1"></a> ALGORITHM <span class="op">=</span> <span class="st">&#39;SM4-CTR&#39;</span></span>
<span id="cb6-17"><a href="#cb6-17" aria-hidden="true" tabindex="-1"></a> )</span>
<span id="cb6-18"><a href="#cb6-18" aria-hidden="true" tabindex="-1"></a>);</span></code></pre></div>
<h3 data-number="1.5.3" id="行级安全策略"><span
class="header-section-number">1.5.3</span> 3.3 行级安全策略</h3>
<div class="sourceCode" id="cb7"><pre
class="sourceCode sql"><code class="sourceCode sql"><span id="cb7-1"><a href="#cb7-1" aria-hidden="true" tabindex="-1"></a><span class="co">-- 创建多租户行级安全策略</span></span>
<span id="cb7-2"><a href="#cb7-2" aria-hidden="true" tabindex="-1"></a><span class="kw">CREATE</span> <span class="kw">ROW</span> <span class="kw">LEVEL</span> SECURITY POLICY tenant_isolation_policy</span>
<span id="cb7-3"><a href="#cb7-3" aria-hidden="true" tabindex="-1"></a><span class="kw">ON</span> water_customer</span>
<span id="cb7-4"><a href="#cb7-4" aria-hidden="true" tabindex="-1"></a><span class="kw">USING</span> (tenant_id <span class="op">=</span> current_setting(<span class="st">&#39;app.current_tenant_id&#39;</span>):<span class="ch">:bigint</span>);</span>
<span id="cb7-5"><a href="#cb7-5" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb7-6"><a href="#cb7-6" aria-hidden="true" tabindex="-1"></a><span class="co">-- 启用行级安全</span></span>
<span id="cb7-7"><a href="#cb7-7" aria-hidden="true" tabindex="-1"></a><span class="kw">ALTER</span> <span class="kw">TABLE</span> water_customer <span class="kw">ENABLE</span> <span class="kw">ROW</span> <span class="kw">LEVEL</span> SECURITY;</span>
<span id="cb7-8"><a href="#cb7-8" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb7-9"><a href="#cb7-9" aria-hidden="true" tabindex="-1"></a><span class="co">-- 创建数据访问角色</span></span>
<span id="cb7-10"><a href="#cb7-10" aria-hidden="true" tabindex="-1"></a><span class="kw">CREATE</span> <span class="kw">ROLE</span> water_data_reader;</span>
<span id="cb7-11"><a href="#cb7-11" aria-hidden="true" tabindex="-1"></a><span class="kw">CREATE</span> <span class="kw">ROLE</span> water_data_writer;</span>
<span id="cb7-12"><a href="#cb7-12" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb7-13"><a href="#cb7-13" aria-hidden="true" tabindex="-1"></a><span class="co">-- 配置列级权限</span></span>
<span id="cb7-14"><a href="#cb7-14" aria-hidden="true" tabindex="-1"></a><span class="kw">GRANT</span> <span class="kw">SELECT</span> (<span class="kw">id</span>, customer_name, phone) <span class="kw">ON</span> water_customer <span class="kw">TO</span> water_data_reader;</span>
<span id="cb7-15"><a href="#cb7-15" aria-hidden="true" tabindex="-1"></a><span class="kw">GRANT</span> <span class="kw">ALL</span> <span class="kw">ON</span> water_customer <span class="kw">TO</span> water_data_writer;</span></code></pre></div>
<h3 data-number="1.5.4" id="数据脱敏策略"><span
class="header-section-number">1.5.4</span> 3.4 数据脱敏策略</h3>
<div class="sourceCode" id="cb8"><pre
class="sourceCode sql"><code class="sourceCode sql"><span id="cb8-1"><a href="#cb8-1" aria-hidden="true" tabindex="-1"></a><span class="co">-- 创建数据脱敏函数</span></span>
<span id="cb8-2"><a href="#cb8-2" aria-hidden="true" tabindex="-1"></a><span class="kw">CREATE</span> <span class="kw">OR</span> <span class="kw">REPLACE</span> <span class="kw">FUNCTION</span> mask_phone(phone_num TEXT) </span>
<span id="cb8-3"><a href="#cb8-3" aria-hidden="true" tabindex="-1"></a>RETURNS TEXT <span class="kw">AS</span> $$</span>
<span id="cb8-4"><a href="#cb8-4" aria-hidden="true" tabindex="-1"></a><span class="cf">BEGIN</span></span>
<span id="cb8-5"><a href="#cb8-5" aria-hidden="true" tabindex="-1"></a> <span class="kw">RETURN</span> SUBSTRING(phone_num, <span class="dv">1</span>, <span class="dv">3</span>) <span class="op">||</span> <span class="st">&#39;****&#39;</span> <span class="op">||</span> SUBSTRING(phone_num, <span class="dv">8</span>, <span class="dv">4</span>);</span>
<span id="cb8-6"><a href="#cb8-6" aria-hidden="true" tabindex="-1"></a><span class="cf">END</span>;</span>
<span id="cb8-7"><a href="#cb8-7" aria-hidden="true" tabindex="-1"></a>$$ LANGUAGE plpgsql;</span>
<span id="cb8-8"><a href="#cb8-8" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb8-9"><a href="#cb8-9" aria-hidden="true" tabindex="-1"></a><span class="co">-- 创建脱敏视图</span></span>
<span id="cb8-10"><a href="#cb8-10" aria-hidden="true" tabindex="-1"></a><span class="kw">CREATE</span> <span class="kw">VIEW</span> water_customer_masked <span class="kw">AS</span></span>
<span id="cb8-11"><a href="#cb8-11" aria-hidden="true" tabindex="-1"></a><span class="kw">SELECT</span> </span>
<span id="cb8-12"><a href="#cb8-12" aria-hidden="true" tabindex="-1"></a> <span class="kw">id</span>,</span>
<span id="cb8-13"><a href="#cb8-13" aria-hidden="true" tabindex="-1"></a> customer_name,</span>
<span id="cb8-14"><a href="#cb8-14" aria-hidden="true" tabindex="-1"></a> mask_phone(phone) <span class="kw">as</span> phone,</span>
<span id="cb8-15"><a href="#cb8-15" aria-hidden="true" tabindex="-1"></a> <span class="kw">LEFT</span>(id_card, <span class="dv">6</span>) <span class="op">||</span> <span class="st">&#39;********&#39;</span> <span class="op">||</span> <span class="kw">RIGHT</span>(id_card, <span class="dv">4</span>) <span class="kw">as</span> id_card_masked</span>
<span id="cb8-16"><a href="#cb8-16" aria-hidden="true" tabindex="-1"></a><span class="kw">FROM</span> water_customer;</span>
<span id="cb8-17"><a href="#cb8-17" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb8-18"><a href="#cb8-18" aria-hidden="true" tabindex="-1"></a><span class="co">-- 授权普通用户只能访问脱敏视图</span></span>
<span id="cb8-19"><a href="#cb8-19" aria-hidden="true" tabindex="-1"></a><span class="kw">GRANT</span> <span class="kw">SELECT</span> <span class="kw">ON</span> water_customer_masked <span class="kw">TO</span> water_normal_user;</span></code></pre></div>
<h2 data-number="1.6" id="四应用系统安全"><span
class="header-section-number">1.6</span> 四、应用系统安全</h2>
<h3 data-number="1.6.1" id="spring-security安全配置"><span
class="header-section-number">1.6.1</span> 4.1 Spring
Security安全配置</h3>
<h4 data-number="1.6.1.1" id="认证配置"><span
class="header-section-number">1.6.1.1</span> 4.1.1 认证配置</h4>
<div class="sourceCode" id="cb9"><pre
class="sourceCode java"><code class="sourceCode java"><span id="cb9-1"><a href="#cb9-1" aria-hidden="true" tabindex="-1"></a><span class="at">@Configuration</span></span>
<span id="cb9-2"><a href="#cb9-2" aria-hidden="true" tabindex="-1"></a><span class="at">@EnableWebSecurity</span></span>
<span id="cb9-3"><a href="#cb9-3" aria-hidden="true" tabindex="-1"></a><span class="at">@EnableMethodSecurity</span><span class="op">(</span>prePostEnabled <span class="op">=</span> <span class="kw">true</span><span class="op">)</span></span>
<span id="cb9-4"><a href="#cb9-4" aria-hidden="true" tabindex="-1"></a><span class="kw">public</span> <span class="kw">class</span> SecurityConfig <span class="op">{</span></span>
<span id="cb9-5"><a href="#cb9-5" aria-hidden="true" tabindex="-1"></a> </span>
<span id="cb9-6"><a href="#cb9-6" aria-hidden="true" tabindex="-1"></a> <span class="at">@Bean</span></span>
<span id="cb9-7"><a href="#cb9-7" aria-hidden="true" tabindex="-1"></a> <span class="kw">public</span> PasswordEncoder <span class="fu">passwordEncoder</span><span class="op">()</span> <span class="op">{</span></span>
<span id="cb9-8"><a href="#cb9-8" aria-hidden="true" tabindex="-1"></a> <span class="co">// 使用国密SM3哈希算法</span></span>
<span id="cb9-9"><a href="#cb9-9" aria-hidden="true" tabindex="-1"></a> <span class="cf">return</span> <span class="kw">new</span> <span class="fu">SM3PasswordEncoder</span><span class="op">();</span></span>
<span id="cb9-10"><a href="#cb9-10" aria-hidden="true" tabindex="-1"></a> <span class="op">}</span></span>
<span id="cb9-11"><a href="#cb9-11" aria-hidden="true" tabindex="-1"></a> </span>
<span id="cb9-12"><a href="#cb9-12" aria-hidden="true" tabindex="-1"></a> <span class="at">@Bean</span></span>
<span id="cb9-13"><a href="#cb9-13" aria-hidden="true" tabindex="-1"></a> <span class="kw">public</span> JwtAuthenticationTokenFilter <span class="fu">jwtAuthenticationTokenFilter</span><span class="op">()</span> <span class="op">{</span></span>
<span id="cb9-14"><a href="#cb9-14" aria-hidden="true" tabindex="-1"></a> <span class="cf">return</span> <span class="kw">new</span> <span class="fu">JwtAuthenticationTokenFilter</span><span class="op">();</span></span>
<span id="cb9-15"><a href="#cb9-15" aria-hidden="true" tabindex="-1"></a> <span class="op">}</span></span>
<span id="cb9-16"><a href="#cb9-16" aria-hidden="true" tabindex="-1"></a> </span>
<span id="cb9-17"><a href="#cb9-17" aria-hidden="true" tabindex="-1"></a> <span class="at">@Bean</span></span>
<span id="cb9-18"><a href="#cb9-18" aria-hidden="true" tabindex="-1"></a> <span class="kw">public</span> SecurityFilterChain <span class="fu">filterChain</span><span class="op">(</span>HttpSecurity http<span class="op">)</span> <span class="kw">throws</span> <span class="bu">Exception</span> <span class="op">{</span></span>
<span id="cb9-19"><a href="#cb9-19" aria-hidden="true" tabindex="-1"></a> <span class="cf">return</span> http</span>
<span id="cb9-20"><a href="#cb9-20" aria-hidden="true" tabindex="-1"></a> <span class="co">// CSRF防护</span></span>
<span id="cb9-21"><a href="#cb9-21" aria-hidden="true" tabindex="-1"></a> <span class="op">.</span><span class="fu">csrf</span><span class="op">(</span>csrf <span class="op">-&gt;</span> csrf<span class="op">.</span><span class="fu">csrfTokenRepository</span><span class="op">(</span>CookieCsrfTokenRepository<span class="op">.</span><span class="fu">withHttpOnlyFalse</span><span class="op">()))</span></span>
<span id="cb9-22"><a href="#cb9-22" aria-hidden="true" tabindex="-1"></a> <span class="co">// 请求授权</span></span>
<span id="cb9-23"><a href="#cb9-23" aria-hidden="true" tabindex="-1"></a> <span class="op">.</span><span class="fu">authorizeHttpRequests</span><span class="op">(</span>auth <span class="op">-&gt;</span> auth</span>
<span id="cb9-24"><a href="#cb9-24" aria-hidden="true" tabindex="-1"></a> <span class="op">.</span><span class="fu">requestMatchers</span><span class="op">(</span><span class="st">&quot;/api/login&quot;</span><span class="op">,</span> <span class="st">&quot;/api/register&quot;</span><span class="op">).</span><span class="fu">permitAll</span><span class="op">()</span></span>
<span id="cb9-25"><a href="#cb9-25" aria-hidden="true" tabindex="-1"></a> <span class="op">.</span><span class="fu">requestMatchers</span><span class="op">(</span><span class="st">&quot;/api/admin/**&quot;</span><span class="op">).</span><span class="fu">hasRole</span><span class="op">(</span><span class="st">&quot;ADMIN&quot;</span><span class="op">)</span></span>
<span id="cb9-26"><a href="#cb9-26" aria-hidden="true" tabindex="-1"></a> <span class="op">.</span><span class="fu">anyRequest</span><span class="op">().</span><span class="fu">authenticated</span><span class="op">()</span></span>
<span id="cb9-27"><a href="#cb9-27" aria-hidden="true" tabindex="-1"></a> <span class="op">)</span></span>
<span id="cb9-28"><a href="#cb9-28" aria-hidden="true" tabindex="-1"></a> <span class="co">// JWT过滤器</span></span>
<span id="cb9-29"><a href="#cb9-29" aria-hidden="true" tabindex="-1"></a> <span class="op">.</span><span class="fu">addFilterBefore</span><span class="op">(</span><span class="fu">jwtAuthenticationTokenFilter</span><span class="op">(),</span> UsernamePasswordAuthenticationFilter<span class="op">.</span><span class="fu">class</span><span class="op">)</span></span>
<span id="cb9-30"><a href="#cb9-30" aria-hidden="true" tabindex="-1"></a> <span class="co">// 会话管理</span></span>
<span id="cb9-31"><a href="#cb9-31" aria-hidden="true" tabindex="-1"></a> <span class="op">.</span><span class="fu">sessionManagement</span><span class="op">(</span>session <span class="op">-&gt;</span> session<span class="op">.</span><span class="fu">sessionCreationPolicy</span><span class="op">(</span>SessionCreationPolicy<span class="op">.</span><span class="fu">STATELESS</span><span class="op">))</span></span>
<span id="cb9-32"><a href="#cb9-32" aria-hidden="true" tabindex="-1"></a> <span class="op">.</span><span class="fu">build</span><span class="op">();</span></span>
<span id="cb9-33"><a href="#cb9-33" aria-hidden="true" tabindex="-1"></a> <span class="op">}</span></span>
<span id="cb9-34"><a href="#cb9-34" aria-hidden="true" tabindex="-1"></a><span class="op">}</span></span></code></pre></div>
<h4 data-number="1.6.1.2" id="多因素认证"><span
class="header-section-number">1.6.1.2</span> 4.1.2 多因素认证</h4>
<div class="sourceCode" id="cb10"><pre
class="sourceCode java"><code class="sourceCode java"><span id="cb10-1"><a href="#cb10-1" aria-hidden="true" tabindex="-1"></a><span class="at">@Service</span></span>
<span id="cb10-2"><a href="#cb10-2" aria-hidden="true" tabindex="-1"></a><span class="kw">public</span> <span class="kw">class</span> MFAService <span class="op">{</span></span>
<span id="cb10-3"><a href="#cb10-3" aria-hidden="true" tabindex="-1"></a> </span>
<span id="cb10-4"><a href="#cb10-4" aria-hidden="true" tabindex="-1"></a> <span class="at">@Autowired</span></span>
<span id="cb10-5"><a href="#cb10-5" aria-hidden="true" tabindex="-1"></a> <span class="kw">private</span> SmsService smsService<span class="op">;</span></span>
<span id="cb10-6"><a href="#cb10-6" aria-hidden="true" tabindex="-1"></a> </span>
<span id="cb10-7"><a href="#cb10-7" aria-hidden="true" tabindex="-1"></a> <span class="at">@Autowired</span></span>
<span id="cb10-8"><a href="#cb10-8" aria-hidden="true" tabindex="-1"></a> <span class="kw">private</span> RedisTemplate<span class="op">&lt;</span><span class="bu">String</span><span class="op">,</span> <span class="bu">String</span><span class="op">&gt;</span> redisTemplate<span class="op">;</span></span>
<span id="cb10-9"><a href="#cb10-9" aria-hidden="true" tabindex="-1"></a> </span>
<span id="cb10-10"><a href="#cb10-10" aria-hidden="true" tabindex="-1"></a> <span class="kw">public</span> <span class="dt">boolean</span> <span class="fu">sendSmsCode</span><span class="op">(</span><span class="bu">String</span> phone<span class="op">)</span> <span class="op">{</span></span>
<span id="cb10-11"><a href="#cb10-11" aria-hidden="true" tabindex="-1"></a> <span class="bu">String</span> code <span class="op">=</span> <span class="fu">generateRandomCode</span><span class="op">();</span></span>
<span id="cb10-12"><a href="#cb10-12" aria-hidden="true" tabindex="-1"></a> <span class="bu">String</span> key <span class="op">=</span> <span class="st">&quot;mfa:sms:&quot;</span> <span class="op">+</span> phone<span class="op">;</span></span>
<span id="cb10-13"><a href="#cb10-13" aria-hidden="true" tabindex="-1"></a> </span>
<span id="cb10-14"><a href="#cb10-14" aria-hidden="true" tabindex="-1"></a> <span class="co">// 存储验证码5分钟过期</span></span>
<span id="cb10-15"><a href="#cb10-15" aria-hidden="true" tabindex="-1"></a> redisTemplate<span class="op">.</span><span class="fu">opsForValue</span><span class="op">().</span><span class="fu">set</span><span class="op">(</span>key<span class="op">,</span> code<span class="op">,</span> <span class="bu">Duration</span><span class="op">.</span><span class="fu">ofMinutes</span><span class="op">(</span><span class="dv">5</span><span class="op">));</span></span>
<span id="cb10-16"><a href="#cb10-16" aria-hidden="true" tabindex="-1"></a> </span>
<span id="cb10-17"><a href="#cb10-17" aria-hidden="true" tabindex="-1"></a> <span class="co">// 发送短信</span></span>
<span id="cb10-18"><a href="#cb10-18" aria-hidden="true" tabindex="-1"></a> <span class="cf">return</span> smsService<span class="op">.</span><span class="fu">send</span><span class="op">(</span>phone<span class="op">,</span> <span class="st">&quot;您的验证码是:&quot;</span> <span class="op">+</span> code <span class="op">+</span> <span class="st">&quot;5分钟内有效。&quot;</span><span class="op">);</span></span>
<span id="cb10-19"><a href="#cb10-19" aria-hidden="true" tabindex="-1"></a> <span class="op">}</span></span>
<span id="cb10-20"><a href="#cb10-20" aria-hidden="true" tabindex="-1"></a> </span>
<span id="cb10-21"><a href="#cb10-21" aria-hidden="true" tabindex="-1"></a> <span class="kw">public</span> <span class="dt">boolean</span> <span class="fu">verifySmsCode</span><span class="op">(</span><span class="bu">String</span> phone<span class="op">,</span> <span class="bu">String</span> code<span class="op">)</span> <span class="op">{</span></span>
<span id="cb10-22"><a href="#cb10-22" aria-hidden="true" tabindex="-1"></a> <span class="bu">String</span> key <span class="op">=</span> <span class="st">&quot;mfa:sms:&quot;</span> <span class="op">+</span> phone<span class="op">;</span></span>
<span id="cb10-23"><a href="#cb10-23" aria-hidden="true" tabindex="-1"></a> <span class="bu">String</span> storedCode <span class="op">=</span> redisTemplate<span class="op">.</span><span class="fu">opsForValue</span><span class="op">().</span><span class="fu">get</span><span class="op">(</span>key<span class="op">);</span></span>
<span id="cb10-24"><a href="#cb10-24" aria-hidden="true" tabindex="-1"></a> </span>
<span id="cb10-25"><a href="#cb10-25" aria-hidden="true" tabindex="-1"></a> <span class="cf">if</span> <span class="op">(</span>storedCode <span class="op">!=</span> <span class="kw">null</span> <span class="op">&amp;&amp;</span> storedCode<span class="op">.</span><span class="fu">equals</span><span class="op">(</span>code<span class="op">))</span> <span class="op">{</span></span>
<span id="cb10-26"><a href="#cb10-26" aria-hidden="true" tabindex="-1"></a> redisTemplate<span class="op">.</span><span class="fu">delete</span><span class="op">(</span>key<span class="op">);</span></span>
<span id="cb10-27"><a href="#cb10-27" aria-hidden="true" tabindex="-1"></a> <span class="cf">return</span> <span class="kw">true</span><span class="op">;</span></span>
<span id="cb10-28"><a href="#cb10-28" aria-hidden="true" tabindex="-1"></a> <span class="op">}</span></span>
<span id="cb10-29"><a href="#cb10-29" aria-hidden="true" tabindex="-1"></a> <span class="cf">return</span> <span class="kw">false</span><span class="op">;</span></span>
<span id="cb10-30"><a href="#cb10-30" aria-hidden="true" tabindex="-1"></a> <span class="op">}</span></span>
<span id="cb10-31"><a href="#cb10-31" aria-hidden="true" tabindex="-1"></a><span class="op">}</span></span></code></pre></div>
<h3 data-number="1.6.2" id="数据传输安全"><span
class="header-section-number">1.6.2</span> 4.2 数据传输安全</h3>
<h4 data-number="1.6.2.1" id="https配置"><span
class="header-section-number">1.6.2.1</span> 4.2.1 HTTPS配置</h4>
<div class="sourceCode" id="cb11"><pre
class="sourceCode yaml"><code class="sourceCode yaml"><span id="cb11-1"><a href="#cb11-1" aria-hidden="true" tabindex="-1"></a><span class="fu">server</span><span class="kw">:</span></span>
<span id="cb11-2"><a href="#cb11-2" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">port</span><span class="kw">:</span><span class="at"> </span><span class="dv">8443</span></span>
<span id="cb11-3"><a href="#cb11-3" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">ssl</span><span class="kw">:</span></span>
<span id="cb11-4"><a href="#cb11-4" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">enabled</span><span class="kw">:</span><span class="at"> </span><span class="ch">true</span></span>
<span id="cb11-5"><a href="#cb11-5" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">key-store</span><span class="kw">:</span><span class="at"> classpath:keystore/server.p12</span></span>
<span id="cb11-6"><a href="#cb11-6" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">key-store-password</span><span class="kw">:</span><span class="at"> ${SSL_KEYSTORE_PASSWORD}</span></span>
<span id="cb11-7"><a href="#cb11-7" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">key-store-type</span><span class="kw">:</span><span class="at"> PKCS12</span></span>
<span id="cb11-8"><a href="#cb11-8" aria-hidden="true" tabindex="-1"></a><span class="co"> # 支持国密算法</span></span>
<span id="cb11-9"><a href="#cb11-9" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">ciphers</span><span class="kw">:</span><span class="at"> SM4-GCM-SM3,SM4-CCM-SM3,ECDHE-SM2-WITH-SM4-SM3</span></span>
<span id="cb11-10"><a href="#cb11-10" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">protocols</span><span class="kw">:</span><span class="at"> TLSv1.2,TLSv1.3</span></span></code></pre></div>
<h4 data-number="1.6.2.2" id="敏感数据加密"><span
class="header-section-number">1.6.2.2</span> 4.2.2 敏感数据加密</h4>
<div class="sourceCode" id="cb12"><pre
class="sourceCode java"><code class="sourceCode java"><span id="cb12-1"><a href="#cb12-1" aria-hidden="true" tabindex="-1"></a><span class="at">@Component</span></span>
<span id="cb12-2"><a href="#cb12-2" aria-hidden="true" tabindex="-1"></a><span class="kw">public</span> <span class="kw">class</span> DataEncryptionService <span class="op">{</span></span>
<span id="cb12-3"><a href="#cb12-3" aria-hidden="true" tabindex="-1"></a> </span>
<span id="cb12-4"><a href="#cb12-4" aria-hidden="true" tabindex="-1"></a> <span class="kw">private</span> <span class="dt">final</span> SM4Cipher sm4Cipher <span class="op">=</span> <span class="kw">new</span> <span class="fu">SM4Cipher</span><span class="op">();</span></span>
<span id="cb12-5"><a href="#cb12-5" aria-hidden="true" tabindex="-1"></a> </span>
<span id="cb12-6"><a href="#cb12-6" aria-hidden="true" tabindex="-1"></a> <span class="kw">public</span> <span class="bu">String</span> <span class="fu">encryptSensitiveData</span><span class="op">(</span><span class="bu">String</span> plaintext<span class="op">)</span> <span class="op">{</span></span>
<span id="cb12-7"><a href="#cb12-7" aria-hidden="true" tabindex="-1"></a> <span class="cf">try</span> <span class="op">{</span></span>
<span id="cb12-8"><a href="#cb12-8" aria-hidden="true" tabindex="-1"></a> <span class="cf">return</span> sm4Cipher<span class="op">.</span><span class="fu">encrypt</span><span class="op">(</span>plaintext<span class="op">);</span></span>
<span id="cb12-9"><a href="#cb12-9" aria-hidden="true" tabindex="-1"></a> <span class="op">}</span> <span class="cf">catch</span> <span class="op">(</span><span class="bu">Exception</span> e<span class="op">)</span> <span class="op">{</span></span>
<span id="cb12-10"><a href="#cb12-10" aria-hidden="true" tabindex="-1"></a> <span class="cf">throw</span> <span class="kw">new</span> <span class="bu">SecurityException</span><span class="op">(</span><span class="st">&quot;数据加密失败&quot;</span><span class="op">,</span> e<span class="op">);</span></span>
<span id="cb12-11"><a href="#cb12-11" aria-hidden="true" tabindex="-1"></a> <span class="op">}</span></span>
<span id="cb12-12"><a href="#cb12-12" aria-hidden="true" tabindex="-1"></a> <span class="op">}</span></span>
<span id="cb12-13"><a href="#cb12-13" aria-hidden="true" tabindex="-1"></a> </span>
<span id="cb12-14"><a href="#cb12-14" aria-hidden="true" tabindex="-1"></a> <span class="kw">public</span> <span class="bu">String</span> <span class="fu">decryptSensitiveData</span><span class="op">(</span><span class="bu">String</span> ciphertext<span class="op">)</span> <span class="op">{</span></span>
<span id="cb12-15"><a href="#cb12-15" aria-hidden="true" tabindex="-1"></a> <span class="cf">try</span> <span class="op">{</span></span>
<span id="cb12-16"><a href="#cb12-16" aria-hidden="true" tabindex="-1"></a> <span class="cf">return</span> sm4Cipher<span class="op">.</span><span class="fu">decrypt</span><span class="op">(</span>ciphertext<span class="op">);</span></span>
<span id="cb12-17"><a href="#cb12-17" aria-hidden="true" tabindex="-1"></a> <span class="op">}</span> <span class="cf">catch</span> <span class="op">(</span><span class="bu">Exception</span> e<span class="op">)</span> <span class="op">{</span></span>
<span id="cb12-18"><a href="#cb12-18" aria-hidden="true" tabindex="-1"></a> <span class="cf">throw</span> <span class="kw">new</span> <span class="bu">SecurityException</span><span class="op">(</span><span class="st">&quot;数据解密失败&quot;</span><span class="op">,</span> e<span class="op">);</span></span>
<span id="cb12-19"><a href="#cb12-19" aria-hidden="true" tabindex="-1"></a> <span class="op">}</span></span>
<span id="cb12-20"><a href="#cb12-20" aria-hidden="true" tabindex="-1"></a> <span class="op">}</span></span>
<span id="cb12-21"><a href="#cb12-21" aria-hidden="true" tabindex="-1"></a><span class="op">}</span></span></code></pre></div>
<h3 data-number="1.6.3" id="接口安全防护"><span
class="header-section-number">1.6.3</span> 4.3 接口安全防护</h3>
<h4 data-number="1.6.3.1" id="接口签名验证"><span
class="header-section-number">1.6.3.1</span> 4.3.1 接口签名验证</h4>
<div class="sourceCode" id="cb13"><pre
class="sourceCode java"><code class="sourceCode java"><span id="cb13-1"><a href="#cb13-1" aria-hidden="true" tabindex="-1"></a><span class="at">@Component</span></span>
<span id="cb13-2"><a href="#cb13-2" aria-hidden="true" tabindex="-1"></a><span class="kw">public</span> <span class="kw">class</span> ApiSignatureValidator <span class="op">{</span></span>
<span id="cb13-3"><a href="#cb13-3" aria-hidden="true" tabindex="-1"></a> </span>
<span id="cb13-4"><a href="#cb13-4" aria-hidden="true" tabindex="-1"></a> <span class="kw">public</span> <span class="dt">boolean</span> <span class="fu">validateSignature</span><span class="op">(</span>HttpServletRequest request<span class="op">)</span> <span class="op">{</span></span>
<span id="cb13-5"><a href="#cb13-5" aria-hidden="true" tabindex="-1"></a> <span class="bu">String</span> timestamp <span class="op">=</span> request<span class="op">.</span><span class="fu">getHeader</span><span class="op">(</span><span class="st">&quot;X-Timestamp&quot;</span><span class="op">);</span></span>
<span id="cb13-6"><a href="#cb13-6" aria-hidden="true" tabindex="-1"></a> <span class="bu">String</span> nonce <span class="op">=</span> request<span class="op">.</span><span class="fu">getHeader</span><span class="op">(</span><span class="st">&quot;X-Nonce&quot;</span><span class="op">);</span></span>
<span id="cb13-7"><a href="#cb13-7" aria-hidden="true" tabindex="-1"></a> <span class="bu">String</span> signature <span class="op">=</span> request<span class="op">.</span><span class="fu">getHeader</span><span class="op">(</span><span class="st">&quot;X-Signature&quot;</span><span class="op">);</span></span>
<span id="cb13-8"><a href="#cb13-8" aria-hidden="true" tabindex="-1"></a> <span class="bu">String</span> body <span class="op">=</span> <span class="fu">getRequestBody</span><span class="op">(</span>request<span class="op">);</span></span>
<span id="cb13-9"><a href="#cb13-9" aria-hidden="true" tabindex="-1"></a> </span>
<span id="cb13-10"><a href="#cb13-10" aria-hidden="true" tabindex="-1"></a> <span class="co">// 检查时间戳,防止重放攻击</span></span>
<span id="cb13-11"><a href="#cb13-11" aria-hidden="true" tabindex="-1"></a> <span class="cf">if</span> <span class="op">(</span><span class="fu">isTimestampExpired</span><span class="op">(</span>timestamp<span class="op">))</span> <span class="op">{</span></span>
<span id="cb13-12"><a href="#cb13-12" aria-hidden="true" tabindex="-1"></a> <span class="cf">return</span> <span class="kw">false</span><span class="op">;</span></span>
<span id="cb13-13"><a href="#cb13-13" aria-hidden="true" tabindex="-1"></a> <span class="op">}</span></span>
<span id="cb13-14"><a href="#cb13-14" aria-hidden="true" tabindex="-1"></a> </span>
<span id="cb13-15"><a href="#cb13-15" aria-hidden="true" tabindex="-1"></a> <span class="co">// 生成签名</span></span>
<span id="cb13-16"><a href="#cb13-16" aria-hidden="true" tabindex="-1"></a> <span class="bu">String</span> expectedSignature <span class="op">=</span> <span class="fu">generateSignature</span><span class="op">(</span>timestamp<span class="op">,</span> nonce<span class="op">,</span> body<span class="op">);</span></span>
<span id="cb13-17"><a href="#cb13-17" aria-hidden="true" tabindex="-1"></a> </span>
<span id="cb13-18"><a href="#cb13-18" aria-hidden="true" tabindex="-1"></a> <span class="co">// 验证签名</span></span>
<span id="cb13-19"><a href="#cb13-19" aria-hidden="true" tabindex="-1"></a> <span class="cf">return</span> signature<span class="op">.</span><span class="fu">equals</span><span class="op">(</span>expectedSignature<span class="op">);</span></span>
<span id="cb13-20"><a href="#cb13-20" aria-hidden="true" tabindex="-1"></a> <span class="op">}</span></span>
<span id="cb13-21"><a href="#cb13-21" aria-hidden="true" tabindex="-1"></a> </span>
<span id="cb13-22"><a href="#cb13-22" aria-hidden="true" tabindex="-1"></a> <span class="kw">private</span> <span class="bu">String</span> <span class="fu">generateSignature</span><span class="op">(</span><span class="bu">String</span> timestamp<span class="op">,</span> <span class="bu">String</span> nonce<span class="op">,</span> <span class="bu">String</span> body<span class="op">)</span> <span class="op">{</span></span>
<span id="cb13-23"><a href="#cb13-23" aria-hidden="true" tabindex="-1"></a> <span class="bu">String</span> message <span class="op">=</span> timestamp <span class="op">+</span> nonce <span class="op">+</span> body<span class="op">;</span></span>
<span id="cb13-24"><a href="#cb13-24" aria-hidden="true" tabindex="-1"></a> <span class="cf">return</span> SM3Utils<span class="op">.</span><span class="fu">hash</span><span class="op">(</span>message<span class="op">);</span></span>
<span id="cb13-25"><a href="#cb13-25" aria-hidden="true" tabindex="-1"></a> <span class="op">}</span></span>
<span id="cb13-26"><a href="#cb13-26" aria-hidden="true" tabindex="-1"></a><span class="op">}</span></span></code></pre></div>
<h4 data-number="1.6.3.2" id="接口限流防护"><span
class="header-section-number">1.6.3.2</span> 4.3.2 接口限流防护</h4>
<div class="sourceCode" id="cb14"><pre
class="sourceCode java"><code class="sourceCode java"><span id="cb14-1"><a href="#cb14-1" aria-hidden="true" tabindex="-1"></a><span class="at">@Component</span></span>
<span id="cb14-2"><a href="#cb14-2" aria-hidden="true" tabindex="-1"></a><span class="kw">public</span> <span class="kw">class</span> RateLimitService <span class="op">{</span></span>
<span id="cb14-3"><a href="#cb14-3" aria-hidden="true" tabindex="-1"></a> </span>
<span id="cb14-4"><a href="#cb14-4" aria-hidden="true" tabindex="-1"></a> <span class="at">@Autowired</span></span>
<span id="cb14-5"><a href="#cb14-5" aria-hidden="true" tabindex="-1"></a> <span class="kw">private</span> RedisTemplate<span class="op">&lt;</span><span class="bu">String</span><span class="op">,</span> <span class="bu">String</span><span class="op">&gt;</span> redisTemplate<span class="op">;</span></span>
<span id="cb14-6"><a href="#cb14-6" aria-hidden="true" tabindex="-1"></a> </span>
<span id="cb14-7"><a href="#cb14-7" aria-hidden="true" tabindex="-1"></a> <span class="kw">public</span> <span class="dt">boolean</span> <span class="fu">isAllowed</span><span class="op">(</span><span class="bu">String</span> key<span class="op">,</span> <span class="dt">int</span> limit<span class="op">,</span> <span class="bu">Duration</span> window<span class="op">)</span> <span class="op">{</span></span>
<span id="cb14-8"><a href="#cb14-8" aria-hidden="true" tabindex="-1"></a> <span class="bu">String</span> redisKey <span class="op">=</span> <span class="st">&quot;rate_limit:&quot;</span> <span class="op">+</span> key<span class="op">;</span></span>
<span id="cb14-9"><a href="#cb14-9" aria-hidden="true" tabindex="-1"></a> <span class="bu">String</span> current <span class="op">=</span> redisTemplate<span class="op">.</span><span class="fu">opsForValue</span><span class="op">().</span><span class="fu">get</span><span class="op">(</span>redisKey<span class="op">);</span></span>
<span id="cb14-10"><a href="#cb14-10" aria-hidden="true" tabindex="-1"></a> </span>
<span id="cb14-11"><a href="#cb14-11" aria-hidden="true" tabindex="-1"></a> <span class="cf">if</span> <span class="op">(</span>current <span class="op">==</span> <span class="kw">null</span><span class="op">)</span> <span class="op">{</span></span>
<span id="cb14-12"><a href="#cb14-12" aria-hidden="true" tabindex="-1"></a> redisTemplate<span class="op">.</span><span class="fu">opsForValue</span><span class="op">().</span><span class="fu">set</span><span class="op">(</span>redisKey<span class="op">,</span> <span class="st">&quot;1&quot;</span><span class="op">,</span> window<span class="op">);</span></span>
<span id="cb14-13"><a href="#cb14-13" aria-hidden="true" tabindex="-1"></a> <span class="cf">return</span> <span class="kw">true</span><span class="op">;</span></span>
<span id="cb14-14"><a href="#cb14-14" aria-hidden="true" tabindex="-1"></a> <span class="op">}</span></span>
<span id="cb14-15"><a href="#cb14-15" aria-hidden="true" tabindex="-1"></a> </span>
<span id="cb14-16"><a href="#cb14-16" aria-hidden="true" tabindex="-1"></a> <span class="dt">int</span> count <span class="op">=</span> <span class="bu">Integer</span><span class="op">.</span><span class="fu">parseInt</span><span class="op">(</span>current<span class="op">);</span></span>
<span id="cb14-17"><a href="#cb14-17" aria-hidden="true" tabindex="-1"></a> <span class="cf">if</span> <span class="op">(</span>count <span class="op">&lt;</span> limit<span class="op">)</span> <span class="op">{</span></span>
<span id="cb14-18"><a href="#cb14-18" aria-hidden="true" tabindex="-1"></a> redisTemplate<span class="op">.</span><span class="fu">opsForValue</span><span class="op">().</span><span class="fu">increment</span><span class="op">(</span>redisKey<span class="op">);</span></span>
<span id="cb14-19"><a href="#cb14-19" aria-hidden="true" tabindex="-1"></a> <span class="cf">return</span> <span class="kw">true</span><span class="op">;</span></span>
<span id="cb14-20"><a href="#cb14-20" aria-hidden="true" tabindex="-1"></a> <span class="op">}</span></span>
<span id="cb14-21"><a href="#cb14-21" aria-hidden="true" tabindex="-1"></a> </span>
<span id="cb14-22"><a href="#cb14-22" aria-hidden="true" tabindex="-1"></a> <span class="cf">return</span> <span class="kw">false</span><span class="op">;</span></span>
<span id="cb14-23"><a href="#cb14-23" aria-hidden="true" tabindex="-1"></a> <span class="op">}</span></span>
<span id="cb14-24"><a href="#cb14-24" aria-hidden="true" tabindex="-1"></a><span class="op">}</span></span></code></pre></div>
<h2 data-number="1.7" id="五网络安全设计"><span
class="header-section-number">1.7</span> 五、网络安全设计</h2>
<h3 data-number="1.7.1" id="网络拓扑安全"><span
class="header-section-number">1.7.1</span> 5.1 网络拓扑安全</h3>
<p><strong>图表 5</strong></p>
<figure>
<img src="temp_mermaid_water_biz_security_design_6403/diagram_5.png"
alt="图表 5" />
<figcaption aria-hidden="true">图表 5</figcaption>
</figure>
<details>
<summary>
查看图表源码
</summary>
<pre class="mermaid"><code>graph TB
subgraph &quot;外网区域&quot;
INTERNET[互联网]
CDN[CDN加速]
DNS[DNS服务]
end
subgraph &quot;边界防护&quot;
WAF[Web应用防火墙&lt;br/&gt;国产WAF产品]
FW_BORDER[边界防火墙&lt;br/&gt;安全审计]
IPS[入侵防护系统&lt;br/&gt;威胁检测]
DPI[深度包检测&lt;br/&gt;流量分析]
end
subgraph &quot;DMZ区域&quot;
LB[负载均衡器&lt;br/&gt;SSL卸载]
WEB1[Web服务器1]
WEB2[Web服务器2]
PROXY[反向代理]
end
subgraph &quot;内网安全&quot;
FW_INTERNAL[内部防火墙]
VLAN_APP[应用VLAN]
VLAN_DB[数据库VLAN]
VLAN_MGT[管理VLAN]
end
subgraph &quot;应用层&quot;
APP1[应用服务器1]
APP2[应用服务器2]
APP3[应用服务器3]
end
subgraph &quot;数据层&quot;
DB_MASTER[OpenGauss主库]
DB_SLAVE[OpenGauss从库]
REDIS[Redis集群]
end
subgraph &quot;管理层&quot;
JUMP[跳板机]
MONITOR[监控服务器]
LOG[日志服务器]
end
INTERNET --&gt; CDN
CDN --&gt; DNS
DNS --&gt; WAF
WAF --&gt; FW_BORDER
FW_BORDER --&gt; IPS
IPS --&gt; DPI
DPI --&gt; LB
LB --&gt; WEB1
LB --&gt; WEB2
WEB1 --&gt; PROXY
WEB2 --&gt; PROXY
PROXY --&gt; FW_INTERNAL
FW_INTERNAL --&gt; VLAN_APP
FW_INTERNAL --&gt; VLAN_DB
FW_INTERNAL --&gt; VLAN_MGT
VLAN_APP --&gt; APP1
VLAN_APP --&gt; APP2
VLAN_APP --&gt; APP3
VLAN_DB --&gt; DB_MASTER
VLAN_DB --&gt; DB_SLAVE
VLAN_DB --&gt; REDIS
VLAN_MGT --&gt; JUMP
VLAN_MGT --&gt; MONITOR
VLAN_MGT --&gt; LOG
</code></pre>
</details>
<h3 data-number="1.7.2" id="防火墙策略配置"><span
class="header-section-number">1.7.2</span> 5.2 防火墙策略配置</h3>
<h4 data-number="1.7.2.1" id="边界防火墙策略"><span
class="header-section-number">1.7.2.1</span> 5.2.1 边界防火墙策略</h4>
<div class="sourceCode" id="cb16"><pre
class="sourceCode bash"><code class="sourceCode bash"><span id="cb16-1"><a href="#cb16-1" aria-hidden="true" tabindex="-1"></a><span class="co"># 允许HTTPS访问</span></span>
<span id="cb16-2"><a href="#cb16-2" aria-hidden="true" tabindex="-1"></a><span class="ex">iptables</span> <span class="at">-A</span> INPUT <span class="at">-p</span> tcp <span class="at">--dport</span> 443 <span class="at">-j</span> ACCEPT</span>
<span id="cb16-3"><a href="#cb16-3" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb16-4"><a href="#cb16-4" aria-hidden="true" tabindex="-1"></a><span class="co"># 允许HTTP重定向到HTTPS</span></span>
<span id="cb16-5"><a href="#cb16-5" aria-hidden="true" tabindex="-1"></a><span class="ex">iptables</span> <span class="at">-A</span> INPUT <span class="at">-p</span> tcp <span class="at">--dport</span> 80 <span class="at">-j</span> ACCEPT</span>
<span id="cb16-6"><a href="#cb16-6" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb16-7"><a href="#cb16-7" aria-hidden="true" tabindex="-1"></a><span class="co"># 禁止直接数据库访问</span></span>
<span id="cb16-8"><a href="#cb16-8" aria-hidden="true" tabindex="-1"></a><span class="ex">iptables</span> <span class="at">-A</span> INPUT <span class="at">-p</span> tcp <span class="at">--dport</span> 5432 <span class="at">-s</span> ! 192.168.1.0/24 <span class="at">-j</span> DROP</span>
<span id="cb16-9"><a href="#cb16-9" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb16-10"><a href="#cb16-10" aria-hidden="true" tabindex="-1"></a><span class="co"># 允许内网SSH管理</span></span>
<span id="cb16-11"><a href="#cb16-11" aria-hidden="true" tabindex="-1"></a><span class="ex">iptables</span> <span class="at">-A</span> INPUT <span class="at">-p</span> tcp <span class="at">--dport</span> 22 <span class="at">-s</span> 192.168.100.0/24 <span class="at">-j</span> ACCEPT</span>
<span id="cb16-12"><a href="#cb16-12" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb16-13"><a href="#cb16-13" aria-hidden="true" tabindex="-1"></a><span class="co"># 拒绝其他所有入站连接</span></span>
<span id="cb16-14"><a href="#cb16-14" aria-hidden="true" tabindex="-1"></a><span class="ex">iptables</span> <span class="at">-A</span> INPUT <span class="at">-j</span> DROP</span></code></pre></div>
<h4 data-number="1.7.2.2" id="应用层防火墙策略"><span
class="header-section-number">1.7.2.2</span> 5.2.2 应用层防火墙策略</h4>
<div class="sourceCode" id="cb17"><pre
class="sourceCode bash"><code class="sourceCode bash"><span id="cb17-1"><a href="#cb17-1" aria-hidden="true" tabindex="-1"></a><span class="co"># 只允许来自DMZ区的连接</span></span>
<span id="cb17-2"><a href="#cb17-2" aria-hidden="true" tabindex="-1"></a><span class="ex">iptables</span> <span class="at">-A</span> INPUT <span class="at">-s</span> 192.168.1.0/24 <span class="at">-j</span> ACCEPT</span>
<span id="cb17-3"><a href="#cb17-3" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb17-4"><a href="#cb17-4" aria-hidden="true" tabindex="-1"></a><span class="co"># 允许访问数据库</span></span>
<span id="cb17-5"><a href="#cb17-5" aria-hidden="true" tabindex="-1"></a><span class="ex">iptables</span> <span class="at">-A</span> OUTPUT <span class="at">-d</span> 192.168.2.0/24 <span class="at">-p</span> tcp <span class="at">--dport</span> 5432 <span class="at">-j</span> ACCEPT</span>
<span id="cb17-6"><a href="#cb17-6" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb17-7"><a href="#cb17-7" aria-hidden="true" tabindex="-1"></a><span class="co"># 允许访问Redis</span></span>
<span id="cb17-8"><a href="#cb17-8" aria-hidden="true" tabindex="-1"></a><span class="ex">iptables</span> <span class="at">-A</span> OUTPUT <span class="at">-d</span> 192.168.2.0/24 <span class="at">-p</span> tcp <span class="at">--dport</span> 6379 <span class="at">-j</span> ACCEPT</span>
<span id="cb17-9"><a href="#cb17-9" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb17-10"><a href="#cb17-10" aria-hidden="true" tabindex="-1"></a><span class="co"># 允许DNS查询</span></span>
<span id="cb17-11"><a href="#cb17-11" aria-hidden="true" tabindex="-1"></a><span class="ex">iptables</span> <span class="at">-A</span> OUTPUT <span class="at">-p</span> udp <span class="at">--dport</span> 53 <span class="at">-j</span> ACCEPT</span>
<span id="cb17-12"><a href="#cb17-12" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb17-13"><a href="#cb17-13" aria-hidden="true" tabindex="-1"></a><span class="co"># 拒绝其他出站连接</span></span>
<span id="cb17-14"><a href="#cb17-14" aria-hidden="true" tabindex="-1"></a><span class="ex">iptables</span> <span class="at">-A</span> OUTPUT <span class="at">-j</span> DROP</span></code></pre></div>
<h3 data-number="1.7.3" id="入侵检测与防护"><span
class="header-section-number">1.7.3</span> 5.3 入侵检测与防护</h3>
<h4 data-number="1.7.3.1" id="idsips规则配置"><span
class="header-section-number">1.7.3.1</span> 5.3.1 IDS/IPS规则配置</h4>
<div class="sourceCode" id="cb18"><pre
class="sourceCode bash"><code class="sourceCode bash"><span id="cb18-1"><a href="#cb18-1" aria-hidden="true" tabindex="-1"></a><span class="co"># Suricata规则示例</span></span>
<span id="cb18-2"><a href="#cb18-2" aria-hidden="true" tabindex="-1"></a><span class="ex">alert</span> tcp any any <span class="at">-</span><span class="op">&gt;</span> <span class="va">$HOME_NET</span> 443 <span class="er">(</span><span class="ex">msg:</span><span class="st">&quot;Suspicious HTTPS traffic&quot;</span><span class="kw">;</span> <span class="dt">\</span></span>
<span id="cb18-3"><a href="#cb18-3" aria-hidden="true" tabindex="-1"></a> <span class="ex">content:</span><span class="st">&quot;POST&quot;</span><span class="kw">;</span> <span class="ex">http_method</span><span class="kw">;</span> <span class="ex">content:</span><span class="st">&quot;/api/admin&quot;</span><span class="kw">;</span> <span class="ex">http_uri</span><span class="kw">;</span> <span class="dt">\</span></span>
<span id="cb18-4"><a href="#cb18-4" aria-hidden="true" tabindex="-1"></a> <span class="ex">threshold:type</span> limit, track by_src, count 10, seconds 60<span class="kw">;</span> <span class="dt">\</span></span>
<span id="cb18-5"><a href="#cb18-5" aria-hidden="true" tabindex="-1"></a> <span class="ex">sid:10001</span><span class="kw">;</span> <span class="ex">rev:1</span><span class="kw">;)</span></span>
<span id="cb18-6"><a href="#cb18-6" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb18-7"><a href="#cb18-7" aria-hidden="true" tabindex="-1"></a><span class="ex">alert</span> tcp any any <span class="at">-</span><span class="op">&gt;</span> <span class="va">$HOME_NET</span> 5432 <span class="er">(</span><span class="ex">msg:</span><span class="st">&quot;Direct database access attempt&quot;</span><span class="kw">;</span> <span class="dt">\</span></span>
<span id="cb18-8"><a href="#cb18-8" aria-hidden="true" tabindex="-1"></a> <span class="ex">content:</span><span class="st">&quot;SELECT&quot;</span><span class="kw">;</span> <span class="ex">content:</span><span class="st">&quot;FROM&quot;</span><span class="kw">;</span> <span class="ex">distance:0</span><span class="kw">;</span> <span class="dt">\</span></span>
<span id="cb18-9"><a href="#cb18-9" aria-hidden="true" tabindex="-1"></a> <span class="ex">sid:10002</span><span class="kw">;</span> <span class="ex">rev:1</span><span class="kw">;)</span></span>
<span id="cb18-10"><a href="#cb18-10" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb18-11"><a href="#cb18-11" aria-hidden="true" tabindex="-1"></a><span class="ex">alert</span> tcp any any <span class="at">-</span><span class="op">&gt;</span> <span class="va">$HOME_NET</span> any <span class="er">(</span><span class="ex">msg:</span><span class="st">&quot;Brute force attack detected&quot;</span><span class="kw">;</span> <span class="dt">\</span></span>
<span id="cb18-12"><a href="#cb18-12" aria-hidden="true" tabindex="-1"></a> <span class="ex">flags:S</span><span class="kw">;</span> <span class="ex">threshold:type</span> threshold, track by_src, count 100, seconds 60<span class="kw">;</span> <span class="dt">\</span></span>
<span id="cb18-13"><a href="#cb18-13" aria-hidden="true" tabindex="-1"></a> <span class="ex">sid:10003</span><span class="kw">;</span> <span class="ex">rev:1</span><span class="kw">;)</span></span></code></pre></div>
<h2 data-number="1.8" id="六数据安全设计"><span
class="header-section-number">1.8</span> 六、数据安全设计</h2>
<h3 data-number="1.8.1" id="数据分类分级"><span
class="header-section-number">1.8.1</span> 6.1 数据分类分级</h3>
<h4 data-number="1.8.1.1" id="数据分类标准"><span
class="header-section-number">1.8.1.1</span> 6.1.1 数据分类标准</h4>
<p><strong>图表 6</strong></p>
<figure>
<img src="temp_mermaid_water_biz_security_design_6403/diagram_6.png"
alt="图表 6" />
<figcaption aria-hidden="true">图表 6</figcaption>
</figure>
<details>
<summary>
查看图表源码
</summary>
<pre class="mermaid"><code>graph TB
subgraph &quot;数据分类&quot;
TOP_SECRET[绝密级&lt;br/&gt;核心商业机密]
SECRET[机密级&lt;br/&gt;重要业务数据]
INTERNAL[内部级&lt;br/&gt;一般业务数据]
PUBLIC[公开级&lt;br/&gt;公开业务数据]
end
subgraph &quot;水务业务数据&quot;
CUSTOMER[客户身份信息&lt;br/&gt;机密级]
METER[水表计量数据&lt;br/&gt;内部级]
BILLING[收费账务数据&lt;br/&gt;机密级]
REPORT[统计报表数据&lt;br/&gt;内部级]
CONFIG[系统配置数据&lt;br/&gt;内部级]
LOG[日志审计数据&lt;br/&gt;内部级]
end
subgraph &quot;保护措施&quot;
ENC_HIGH[强加密&lt;br/&gt;SM4+数字签名]
ENC_MID[加密存储&lt;br/&gt;SM4算法]
ENC_LOW[访问控制&lt;br/&gt;权限管理]
ENC_NONE[公开访问&lt;br/&gt;无特殊保护]
end
TOP_SECRET --&gt; ENC_HIGH
SECRET --&gt; ENC_MID
INTERNAL --&gt; ENC_LOW
PUBLIC --&gt; ENC_NONE
CUSTOMER --&gt; SECRET
BILLING --&gt; SECRET
METER --&gt; INTERNAL
REPORT --&gt; INTERNAL
CONFIG --&gt; INTERNAL
LOG --&gt; INTERNAL
</code></pre>
</details>
<h4 data-number="1.8.1.2" id="数据保护策略"><span
class="header-section-number">1.8.1.2</span> 6.1.2 数据保护策略</h4>
<div class="sourceCode" id="cb20"><pre
class="sourceCode sql"><code class="sourceCode sql"><span id="cb20-1"><a href="#cb20-1" aria-hidden="true" tabindex="-1"></a><span class="co">-- 客户敏感信息表(机密级)</span></span>
<span id="cb20-2"><a href="#cb20-2" aria-hidden="true" tabindex="-1"></a><span class="kw">CREATE</span> <span class="kw">TABLE</span> water_customer_sensitive (</span>
<span id="cb20-3"><a href="#cb20-3" aria-hidden="true" tabindex="-1"></a> <span class="kw">id</span> SERIAL <span class="kw">PRIMARY</span> <span class="kw">KEY</span>,</span>
<span id="cb20-4"><a href="#cb20-4" aria-hidden="true" tabindex="-1"></a> customer_id BIGINT <span class="kw">NOT</span> <span class="kw">NULL</span>,</span>
<span id="cb20-5"><a href="#cb20-5" aria-hidden="true" tabindex="-1"></a> <span class="co">-- 身份证号:强加密存储</span></span>
<span id="cb20-6"><a href="#cb20-6" aria-hidden="true" tabindex="-1"></a> id_card_encrypted <span class="dt">VARCHAR</span>(<span class="dv">200</span>) ENCRYPTED <span class="kw">WITH</span> (</span>
<span id="cb20-7"><a href="#cb20-7" aria-hidden="true" tabindex="-1"></a> COLUMN_ENCRYPTION_KEY <span class="op">=</span> customer_sensitive_key,</span>
<span id="cb20-8"><a href="#cb20-8" aria-hidden="true" tabindex="-1"></a> ENCRYPTION_TYPE <span class="op">=</span> RANDOMIZED,</span>
<span id="cb20-9"><a href="#cb20-9" aria-hidden="true" tabindex="-1"></a> ALGORITHM <span class="op">=</span> <span class="st">&#39;SM4-CTR&#39;</span></span>
<span id="cb20-10"><a href="#cb20-10" aria-hidden="true" tabindex="-1"></a> ),</span>
<span id="cb20-11"><a href="#cb20-11" aria-hidden="true" tabindex="-1"></a> <span class="co">-- 银行卡号:强加密存储</span></span>
<span id="cb20-12"><a href="#cb20-12" aria-hidden="true" tabindex="-1"></a> bank_account_encrypted <span class="dt">VARCHAR</span>(<span class="dv">200</span>) ENCRYPTED <span class="kw">WITH</span> (</span>
<span id="cb20-13"><a href="#cb20-13" aria-hidden="true" tabindex="-1"></a> COLUMN_ENCRYPTION_KEY <span class="op">=</span> customer_sensitive_key,</span>
<span id="cb20-14"><a href="#cb20-14" aria-hidden="true" tabindex="-1"></a> ENCRYPTION_TYPE <span class="op">=</span> RANDOMIZED,</span>
<span id="cb20-15"><a href="#cb20-15" aria-hidden="true" tabindex="-1"></a> ALGORITHM <span class="op">=</span> <span class="st">&#39;SM4-CTR&#39;</span></span>
<span id="cb20-16"><a href="#cb20-16" aria-hidden="true" tabindex="-1"></a> ),</span>
<span id="cb20-17"><a href="#cb20-17" aria-hidden="true" tabindex="-1"></a> <span class="co">-- 手机号:确定性加密,支持查询</span></span>
<span id="cb20-18"><a href="#cb20-18" aria-hidden="true" tabindex="-1"></a> phone_encrypted <span class="dt">VARCHAR</span>(<span class="dv">200</span>) ENCRYPTED <span class="kw">WITH</span> (</span>
<span id="cb20-19"><a href="#cb20-19" aria-hidden="true" tabindex="-1"></a> COLUMN_ENCRYPTION_KEY <span class="op">=</span> customer_sensitive_key,</span>
<span id="cb20-20"><a href="#cb20-20" aria-hidden="true" tabindex="-1"></a> ENCRYPTION_TYPE <span class="op">=</span> DETERMINISTIC,</span>
<span id="cb20-21"><a href="#cb20-21" aria-hidden="true" tabindex="-1"></a> ALGORITHM <span class="op">=</span> <span class="st">&#39;SM4-CTR&#39;</span></span>
<span id="cb20-22"><a href="#cb20-22" aria-hidden="true" tabindex="-1"></a> ),</span>
<span id="cb20-23"><a href="#cb20-23" aria-hidden="true" tabindex="-1"></a> created_at <span class="dt">TIMESTAMP</span> <span class="kw">DEFAULT</span> <span class="fu">CURRENT_TIMESTAMP</span>,</span>
<span id="cb20-24"><a href="#cb20-24" aria-hidden="true" tabindex="-1"></a> updated_at <span class="dt">TIMESTAMP</span> <span class="kw">DEFAULT</span> <span class="fu">CURRENT_TIMESTAMP</span></span>
<span id="cb20-25"><a href="#cb20-25" aria-hidden="true" tabindex="-1"></a>);</span>
<span id="cb20-26"><a href="#cb20-26" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb20-27"><a href="#cb20-27" aria-hidden="true" tabindex="-1"></a><span class="co">-- 创建行级安全策略</span></span>
<span id="cb20-28"><a href="#cb20-28" aria-hidden="true" tabindex="-1"></a><span class="kw">CREATE</span> POLICY customer_sensitive_policy <span class="kw">ON</span> water_customer_sensitive</span>
<span id="cb20-29"><a href="#cb20-29" aria-hidden="true" tabindex="-1"></a><span class="cf">FOR</span> <span class="kw">ALL</span> <span class="kw">TO</span> water_customer_service_role</span>
<span id="cb20-30"><a href="#cb20-30" aria-hidden="true" tabindex="-1"></a><span class="kw">USING</span> (</span>
<span id="cb20-31"><a href="#cb20-31" aria-hidden="true" tabindex="-1"></a> customer_id <span class="kw">IN</span> (</span>
<span id="cb20-32"><a href="#cb20-32" aria-hidden="true" tabindex="-1"></a> <span class="kw">SELECT</span> customer_id <span class="kw">FROM</span> water_customer </span>
<span id="cb20-33"><a href="#cb20-33" aria-hidden="true" tabindex="-1"></a> <span class="kw">WHERE</span> tenant_id <span class="op">=</span> current_setting(<span class="st">&#39;app.current_tenant_id&#39;</span>):<span class="ch">:bigint</span></span>
<span id="cb20-34"><a href="#cb20-34" aria-hidden="true" tabindex="-1"></a> )</span>
<span id="cb20-35"><a href="#cb20-35" aria-hidden="true" tabindex="-1"></a>);</span></code></pre></div>
<h3 data-number="1.8.2" id="数据备份与恢复安全"><span
class="header-section-number">1.8.2</span> 6.2 数据备份与恢复安全</h3>
<h4 data-number="1.8.2.1" id="备份加密策略"><span
class="header-section-number">1.8.2.1</span> 6.2.1 备份加密策略</h4>
<div class="sourceCode" id="cb21"><pre
class="sourceCode bash"><code class="sourceCode bash"><span id="cb21-1"><a href="#cb21-1" aria-hidden="true" tabindex="-1"></a><span class="co">#!/bin/bash</span></span>
<span id="cb21-2"><a href="#cb21-2" aria-hidden="true" tabindex="-1"></a><span class="co"># OpenGauss安全备份脚本</span></span>
<span id="cb21-3"><a href="#cb21-3" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb21-4"><a href="#cb21-4" aria-hidden="true" tabindex="-1"></a><span class="co"># 设置备份参数</span></span>
<span id="cb21-5"><a href="#cb21-5" aria-hidden="true" tabindex="-1"></a><span class="va">BACKUP_DIR</span><span class="op">=</span><span class="st">&quot;/backup/opengauss&quot;</span></span>
<span id="cb21-6"><a href="#cb21-6" aria-hidden="true" tabindex="-1"></a><span class="va">DATE</span><span class="op">=</span><span class="va">$(</span><span class="fu">date</span> +%Y%m%d_%H%M%S<span class="va">)</span></span>
<span id="cb21-7"><a href="#cb21-7" aria-hidden="true" tabindex="-1"></a><span class="va">BACKUP_FILE</span><span class="op">=</span><span class="st">&quot;water_biz_backup_</span><span class="va">${DATE}</span><span class="st">.tar.gz&quot;</span></span>
<span id="cb21-8"><a href="#cb21-8" aria-hidden="true" tabindex="-1"></a><span class="va">ENCRYPT_KEY</span><span class="op">=</span><span class="st">&quot;/etc/opengauss/backup_key.key&quot;</span></span>
<span id="cb21-9"><a href="#cb21-9" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb21-10"><a href="#cb21-10" aria-hidden="true" tabindex="-1"></a><span class="co"># 创建加密备份</span></span>
<span id="cb21-11"><a href="#cb21-11" aria-hidden="true" tabindex="-1"></a><span class="ex">gs_backup</span> <span class="at">-D</span> <span class="va">$GAUSSDATA</span> <span class="at">-U</span> gaussdb <span class="dt">\</span></span>
<span id="cb21-12"><a href="#cb21-12" aria-hidden="true" tabindex="-1"></a> <span class="at">--encrypt</span> <span class="at">--encrypt-key-file</span><span class="op">=</span><span class="va">$ENCRYPT_KEY</span> <span class="dt">\</span></span>
<span id="cb21-13"><a href="#cb21-13" aria-hidden="true" tabindex="-1"></a> <span class="at">--backup-format</span><span class="op">=</span>tar <span class="dt">\</span></span>
<span id="cb21-14"><a href="#cb21-14" aria-hidden="true" tabindex="-1"></a> <span class="at">--backup-path</span><span class="op">=</span><span class="va">$BACKUP_DIR</span>/<span class="va">$BACKUP_FILE</span></span>
<span id="cb21-15"><a href="#cb21-15" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb21-16"><a href="#cb21-16" aria-hidden="true" tabindex="-1"></a><span class="co"># 验证备份完整性</span></span>
<span id="cb21-17"><a href="#cb21-17" aria-hidden="true" tabindex="-1"></a><span class="ex">openssl</span> dgst <span class="at">-sm3</span> <span class="va">$BACKUP_DIR</span>/<span class="va">$BACKUP_FILE</span> <span class="op">&gt;</span> <span class="va">$BACKUP_DIR</span>/<span class="va">$BACKUP_FILE</span>.sm3</span>
<span id="cb21-18"><a href="#cb21-18" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb21-19"><a href="#cb21-19" aria-hidden="true" tabindex="-1"></a><span class="co"># 安全传输到异地备份中心</span></span>
<span id="cb21-20"><a href="#cb21-20" aria-hidden="true" tabindex="-1"></a><span class="fu">rsync</span> <span class="at">-avz</span> <span class="at">--delete</span> <span class="va">$BACKUP_DIR</span>/ backup-server:/backup/remote/</span></code></pre></div>
<h4 data-number="1.8.2.2" id="数据恢复流程"><span
class="header-section-number">1.8.2.2</span> 6.2.2 数据恢复流程</h4>
<div class="sourceCode" id="cb22"><pre
class="sourceCode sql"><code class="sourceCode sql"><span id="cb22-1"><a href="#cb22-1" aria-hidden="true" tabindex="-1"></a><span class="co">-- 恢复前验证备份完整性</span></span>
<span id="cb22-2"><a href="#cb22-2" aria-hidden="true" tabindex="-1"></a><span class="co">-- 1. 验证SM3摘要</span></span>
<span id="cb22-3"><a href="#cb22-3" aria-hidden="true" tabindex="-1"></a><span class="co">-- 2. 解密备份文件</span></span>
<span id="cb22-4"><a href="#cb22-4" aria-hidden="true" tabindex="-1"></a><span class="co">-- 3. 验证数据库结构</span></span>
<span id="cb22-5"><a href="#cb22-5" aria-hidden="true" tabindex="-1"></a><span class="co">-- 4. 执行恢复操作</span></span>
<span id="cb22-6"><a href="#cb22-6" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb22-7"><a href="#cb22-7" aria-hidden="true" tabindex="-1"></a><span class="co">-- 创建恢复测试环境</span></span>
<span id="cb22-8"><a href="#cb22-8" aria-hidden="true" tabindex="-1"></a><span class="kw">CREATE</span> <span class="kw">DATABASE</span> water_biz_recovery_test;</span>
<span id="cb22-9"><a href="#cb22-9" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb22-10"><a href="#cb22-10" aria-hidden="true" tabindex="-1"></a><span class="co">-- 恢复数据到测试环境</span></span>
<span id="cb22-11"><a href="#cb22-11" aria-hidden="true" tabindex="-1"></a><span class="co">-- 执行恢复SQL脚本</span></span>
<span id="cb22-12"><a href="#cb22-12" aria-hidden="true" tabindex="-1"></a>\i <span class="op">/</span><span class="kw">backup</span><span class="op">/</span>water_biz_recovery.sql;</span>
<span id="cb22-13"><a href="#cb22-13" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb22-14"><a href="#cb22-14" aria-hidden="true" tabindex="-1"></a><span class="co">-- 验证数据完整性</span></span>
<span id="cb22-15"><a href="#cb22-15" aria-hidden="true" tabindex="-1"></a><span class="kw">SELECT</span> <span class="fu">COUNT</span>(<span class="op">*</span>) <span class="kw">FROM</span> water_customer;</span>
<span id="cb22-16"><a href="#cb22-16" aria-hidden="true" tabindex="-1"></a><span class="kw">SELECT</span> <span class="fu">COUNT</span>(<span class="op">*</span>) <span class="kw">FROM</span> water_meter_reading;</span>
<span id="cb22-17"><a href="#cb22-17" aria-hidden="true" tabindex="-1"></a><span class="kw">SELECT</span> <span class="fu">COUNT</span>(<span class="op">*</span>) <span class="kw">FROM</span> water_billing;</span>
<span id="cb22-18"><a href="#cb22-18" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb22-19"><a href="#cb22-19" aria-hidden="true" tabindex="-1"></a><span class="co">-- 验证加密数据</span></span>
<span id="cb22-20"><a href="#cb22-20" aria-hidden="true" tabindex="-1"></a><span class="kw">SELECT</span> <span class="kw">id</span>, </span>
<span id="cb22-21"><a href="#cb22-21" aria-hidden="true" tabindex="-1"></a> pgp_sym_decrypt(id_card_encrypted, <span class="st">&#39;encryption_key&#39;</span>) <span class="kw">as</span> id_card</span>
<span id="cb22-22"><a href="#cb22-22" aria-hidden="true" tabindex="-1"></a><span class="kw">FROM</span> water_customer_sensitive <span class="kw">LIMIT</span> <span class="dv">1</span>;</span></code></pre></div>
<h3 data-number="1.8.3" id="数据销毁与清理"><span
class="header-section-number">1.8.3</span> 6.3 数据销毁与清理</h3>
<h4 data-number="1.8.3.1" id="安全数据销毁"><span
class="header-section-number">1.8.3.1</span> 6.3.1 安全数据销毁</h4>
<div class="sourceCode" id="cb23"><pre
class="sourceCode sql"><code class="sourceCode sql"><span id="cb23-1"><a href="#cb23-1" aria-hidden="true" tabindex="-1"></a><span class="co">-- 创建安全数据销毁函数</span></span>
<span id="cb23-2"><a href="#cb23-2" aria-hidden="true" tabindex="-1"></a><span class="kw">CREATE</span> <span class="kw">OR</span> <span class="kw">REPLACE</span> <span class="kw">FUNCTION</span> secure_data_destroy(table_name TEXT, where_clause TEXT)</span>
<span id="cb23-3"><a href="#cb23-3" aria-hidden="true" tabindex="-1"></a>RETURNS <span class="dt">BOOLEAN</span> <span class="kw">AS</span> $$</span>
<span id="cb23-4"><a href="#cb23-4" aria-hidden="true" tabindex="-1"></a><span class="kw">DECLARE</span></span>
<span id="cb23-5"><a href="#cb23-5" aria-hidden="true" tabindex="-1"></a> sql_cmd TEXT;</span>
<span id="cb23-6"><a href="#cb23-6" aria-hidden="true" tabindex="-1"></a> affected_rows <span class="dt">INTEGER</span>;</span>
<span id="cb23-7"><a href="#cb23-7" aria-hidden="true" tabindex="-1"></a><span class="cf">BEGIN</span></span>
<span id="cb23-8"><a href="#cb23-8" aria-hidden="true" tabindex="-1"></a> <span class="co">-- 构建删除SQL</span></span>
<span id="cb23-9"><a href="#cb23-9" aria-hidden="true" tabindex="-1"></a> sql_cmd <span class="op">:=</span> <span class="st">&#39;DELETE FROM &#39;</span> <span class="op">||</span> table_name <span class="op">||</span> <span class="st">&#39; WHERE &#39;</span> <span class="op">||</span> where_clause;</span>
<span id="cb23-10"><a href="#cb23-10" aria-hidden="true" tabindex="-1"></a> </span>
<span id="cb23-11"><a href="#cb23-11" aria-hidden="true" tabindex="-1"></a> <span class="co">-- 执行删除</span></span>
<span id="cb23-12"><a href="#cb23-12" aria-hidden="true" tabindex="-1"></a> <span class="kw">EXECUTE</span> sql_cmd;</span>
<span id="cb23-13"><a href="#cb23-13" aria-hidden="true" tabindex="-1"></a> GET DIAGNOSTICS affected_rows <span class="op">=</span> ROW_COUNT;</span>
<span id="cb23-14"><a href="#cb23-14" aria-hidden="true" tabindex="-1"></a> </span>
<span id="cb23-15"><a href="#cb23-15" aria-hidden="true" tabindex="-1"></a> <span class="co">-- 记录审计日志</span></span>
<span id="cb23-16"><a href="#cb23-16" aria-hidden="true" tabindex="-1"></a> <span class="kw">INSERT</span> <span class="kw">INTO</span> data_destroy_audit (</span>
<span id="cb23-17"><a href="#cb23-17" aria-hidden="true" tabindex="-1"></a> table_name, where_clause, affected_rows, </span>
<span id="cb23-18"><a href="#cb23-18" aria-hidden="true" tabindex="-1"></a> <span class="kw">operator</span>, operation_time</span>
<span id="cb23-19"><a href="#cb23-19" aria-hidden="true" tabindex="-1"></a> ) <span class="kw">VALUES</span> (</span>
<span id="cb23-20"><a href="#cb23-20" aria-hidden="true" tabindex="-1"></a> table_name, where_clause, affected_rows,</span>
<span id="cb23-21"><a href="#cb23-21" aria-hidden="true" tabindex="-1"></a> current_user, <span class="fu">current_timestamp</span></span>
<span id="cb23-22"><a href="#cb23-22" aria-hidden="true" tabindex="-1"></a> );</span>
<span id="cb23-23"><a href="#cb23-23" aria-hidden="true" tabindex="-1"></a> </span>
<span id="cb23-24"><a href="#cb23-24" aria-hidden="true" tabindex="-1"></a> <span class="co">-- 执行VACUUM清理物理空间</span></span>
<span id="cb23-25"><a href="#cb23-25" aria-hidden="true" tabindex="-1"></a> <span class="kw">EXECUTE</span> <span class="st">&#39;VACUUM FULL &#39;</span> <span class="op">||</span> table_name;</span>
<span id="cb23-26"><a href="#cb23-26" aria-hidden="true" tabindex="-1"></a> </span>
<span id="cb23-27"><a href="#cb23-27" aria-hidden="true" tabindex="-1"></a> <span class="kw">RETURN</span> <span class="kw">TRUE</span>;</span>
<span id="cb23-28"><a href="#cb23-28" aria-hidden="true" tabindex="-1"></a><span class="kw">EXCEPTION</span></span>
<span id="cb23-29"><a href="#cb23-29" aria-hidden="true" tabindex="-1"></a> <span class="cf">WHEN</span> OTHERS <span class="cf">THEN</span></span>
<span id="cb23-30"><a href="#cb23-30" aria-hidden="true" tabindex="-1"></a> RAISE <span class="kw">EXCEPTION</span> <span class="st">&#39;数据销毁失败: %&#39;</span>, SQLERRM;</span>
<span id="cb23-31"><a href="#cb23-31" aria-hidden="true" tabindex="-1"></a> <span class="kw">RETURN</span> <span class="kw">FALSE</span>;</span>
<span id="cb23-32"><a href="#cb23-32" aria-hidden="true" tabindex="-1"></a><span class="cf">END</span>;</span>
<span id="cb23-33"><a href="#cb23-33" aria-hidden="true" tabindex="-1"></a>$$ LANGUAGE plpgsql;</span>
<span id="cb23-34"><a href="#cb23-34" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb23-35"><a href="#cb23-35" aria-hidden="true" tabindex="-1"></a><span class="co">-- 示例销毁3年前的历史数据</span></span>
<span id="cb23-36"><a href="#cb23-36" aria-hidden="true" tabindex="-1"></a><span class="kw">SELECT</span> secure_data_destroy(</span>
<span id="cb23-37"><a href="#cb23-37" aria-hidden="true" tabindex="-1"></a> <span class="st">&#39;water_meter_reading_history&#39;</span>,</span>
<span id="cb23-38"><a href="#cb23-38" aria-hidden="true" tabindex="-1"></a> <span class="st">&#39;reading_date &lt; CURRENT_DATE - INTERVAL </span><span class="ch">&#39;&#39;</span><span class="st">3 years</span><span class="ch">&#39;&#39;</span><span class="st">&#39;</span></span>
<span id="cb23-39"><a href="#cb23-39" aria-hidden="true" tabindex="-1"></a>);</span></code></pre></div>
<h2 data-number="1.9" id="七运维安全设计"><span
class="header-section-number">1.9</span> 七、运维安全设计</h2>
<h3 data-number="1.9.1" id="安全监控体系"><span
class="header-section-number">1.9.1</span> 7.1 安全监控体系</h3>
<h4 data-number="1.9.1.1" id="安全监控架构"><span
class="header-section-number">1.9.1.1</span> 7.1.1 安全监控架构</h4>
<p><strong>图表 7</strong></p>
<figure>
<img src="temp_mermaid_water_biz_security_design_6403/diagram_7.png"
alt="图表 7" />
<figcaption aria-hidden="true">图表 7</figcaption>
</figure>
<details>
<summary>
查看图表源码
</summary>
<pre class="mermaid"><code>graph TB
subgraph &quot;数据采集层&quot;
AGENT1[系统日志采集]
AGENT2[应用日志采集]
AGENT3[数据库日志采集]
AGENT4[网络流量采集]
end
subgraph &quot;数据处理层&quot;
KAFKA[消息队列&lt;br/&gt;Kafka集群]
STREAM[流处理&lt;br/&gt;Flink/Storm]
ETL[数据清洗&lt;br/&gt;Logstash]
end
subgraph &quot;存储分析层&quot;
ES[Elasticsearch&lt;br/&gt;日志存储]
SIEM[安全信息事件管理&lt;br/&gt;SIEM平台]
AI[智能分析&lt;br/&gt;机器学习]
end
subgraph &quot;可视化层&quot;
DASHBOARD[监控仪表盘&lt;br/&gt;Grafana]
ALERT[告警系统&lt;br/&gt;AlertManager]
REPORT[安全报告&lt;br/&gt;自动生成]
end
AGENT1 --&gt; KAFKA
AGENT2 --&gt; KAFKA
AGENT3 --&gt; KAFKA
AGENT4 --&gt; KAFKA
KAFKA --&gt; STREAM
STREAM --&gt; ETL
ETL --&gt; ES
ES --&gt; SIEM
SIEM --&gt; AI
AI --&gt; DASHBOARD
DASHBOARD --&gt; ALERT
ALERT --&gt; REPORT
</code></pre>
</details>
<h4 data-number="1.9.1.2" id="安全事件检测规则"><span
class="header-section-number">1.9.1.2</span> 7.1.2 安全事件检测规则</h4>
<div class="sourceCode" id="cb25"><pre
class="sourceCode yaml"><code class="sourceCode yaml"><span id="cb25-1"><a href="#cb25-1" aria-hidden="true" tabindex="-1"></a><span class="co"># 安全事件检测规则配置</span></span>
<span id="cb25-2"><a href="#cb25-2" aria-hidden="true" tabindex="-1"></a><span class="fu">security_rules</span><span class="kw">:</span></span>
<span id="cb25-3"><a href="#cb25-3" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> </span><span class="fu">name</span><span class="kw">:</span><span class="at"> </span><span class="st">&quot;暴力破解检测&quot;</span></span>
<span id="cb25-4"><a href="#cb25-4" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">type</span><span class="kw">:</span><span class="at"> </span><span class="st">&quot;authentication&quot;</span></span>
<span id="cb25-5"><a href="#cb25-5" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">condition</span><span class="kw">:</span><span class="at"> </span><span class="st">&quot;failed_login_count &gt; 5 in 5 minutes&quot;</span></span>
<span id="cb25-6"><a href="#cb25-6" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">severity</span><span class="kw">:</span><span class="at"> </span><span class="st">&quot;high&quot;</span></span>
<span id="cb25-7"><a href="#cb25-7" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">action</span><span class="kw">:</span><span class="at"> </span><span class="kw">[</span><span class="st">&quot;block_ip&quot;</span><span class="kw">,</span><span class="at"> </span><span class="st">&quot;send_alert&quot;</span><span class="kw">]</span></span>
<span id="cb25-8"><a href="#cb25-8" aria-hidden="true" tabindex="-1"></a><span class="at"> </span></span>
<span id="cb25-9"><a href="#cb25-9" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> </span><span class="fu">name</span><span class="kw">:</span><span class="at"> </span><span class="st">&quot;异常数据访问&quot;</span></span>
<span id="cb25-10"><a href="#cb25-10" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">type</span><span class="kw">:</span><span class="at"> </span><span class="st">&quot;data_access&quot;</span></span>
<span id="cb25-11"><a href="#cb25-11" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">condition</span><span class="kw">:</span><span class="at"> </span><span class="st">&quot;query_count &gt; 1000 in 1 minute&quot;</span></span>
<span id="cb25-12"><a href="#cb25-12" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">severity</span><span class="kw">:</span><span class="at"> </span><span class="st">&quot;medium&quot;</span></span>
<span id="cb25-13"><a href="#cb25-13" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">action</span><span class="kw">:</span><span class="at"> </span><span class="kw">[</span><span class="st">&quot;rate_limit&quot;</span><span class="kw">,</span><span class="at"> </span><span class="st">&quot;send_alert&quot;</span><span class="kw">]</span></span>
<span id="cb25-14"><a href="#cb25-14" aria-hidden="true" tabindex="-1"></a><span class="at"> </span></span>
<span id="cb25-15"><a href="#cb25-15" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> </span><span class="fu">name</span><span class="kw">:</span><span class="at"> </span><span class="st">&quot;权限提升检测&quot;</span></span>
<span id="cb25-16"><a href="#cb25-16" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">type</span><span class="kw">:</span><span class="at"> </span><span class="st">&quot;privilege_escalation&quot;</span></span>
<span id="cb25-17"><a href="#cb25-17" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">condition</span><span class="kw">:</span><span class="at"> </span><span class="st">&quot;role_change to admin&quot;</span></span>
<span id="cb25-18"><a href="#cb25-18" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">severity</span><span class="kw">:</span><span class="at"> </span><span class="st">&quot;critical&quot;</span></span>
<span id="cb25-19"><a href="#cb25-19" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">action</span><span class="kw">:</span><span class="at"> </span><span class="kw">[</span><span class="st">&quot;block_user&quot;</span><span class="kw">,</span><span class="at"> </span><span class="st">&quot;send_alert&quot;</span><span class="kw">,</span><span class="at"> </span><span class="st">&quot;create_incident&quot;</span><span class="kw">]</span></span>
<span id="cb25-20"><a href="#cb25-20" aria-hidden="true" tabindex="-1"></a><span class="at"> </span></span>
<span id="cb25-21"><a href="#cb25-21" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> </span><span class="fu">name</span><span class="kw">:</span><span class="at"> </span><span class="st">&quot;异常时间访问&quot;</span></span>
<span id="cb25-22"><a href="#cb25-22" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">type</span><span class="kw">:</span><span class="at"> </span><span class="st">&quot;abnormal_access&quot;</span></span>
<span id="cb25-23"><a href="#cb25-23" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">condition</span><span class="kw">:</span><span class="at"> </span><span class="st">&quot;access_time between 22:00 and 06:00&quot;</span></span>
<span id="cb25-24"><a href="#cb25-24" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">severity</span><span class="kw">:</span><span class="at"> </span><span class="st">&quot;medium&quot;</span></span>
<span id="cb25-25"><a href="#cb25-25" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">action</span><span class="kw">:</span><span class="at"> </span><span class="kw">[</span><span class="st">&quot;log_event&quot;</span><span class="kw">,</span><span class="at"> </span><span class="st">&quot;send_alert&quot;</span><span class="kw">]</span></span></code></pre></div>
<h3 data-number="1.9.2" id="漏洞管理"><span
class="header-section-number">1.9.2</span> 7.2 漏洞管理</h3>
<h4 data-number="1.9.2.1" id="漏洞扫描策略"><span
class="header-section-number">1.9.2.1</span> 7.2.1 漏洞扫描策略</h4>
<div class="sourceCode" id="cb26"><pre
class="sourceCode bash"><code class="sourceCode bash"><span id="cb26-1"><a href="#cb26-1" aria-hidden="true" tabindex="-1"></a><span class="co">#!/bin/bash</span></span>
<span id="cb26-2"><a href="#cb26-2" aria-hidden="true" tabindex="-1"></a><span class="co"># 系统漏洞扫描脚本</span></span>
<span id="cb26-3"><a href="#cb26-3" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb26-4"><a href="#cb26-4" aria-hidden="true" tabindex="-1"></a><span class="co"># 扫描操作系统漏洞</span></span>
<span id="cb26-5"><a href="#cb26-5" aria-hidden="true" tabindex="-1"></a><span class="fu">nmap</span> <span class="at">-sV</span> <span class="at">--script</span> vulners localhost</span>
<span id="cb26-6"><a href="#cb26-6" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb26-7"><a href="#cb26-7" aria-hidden="true" tabindex="-1"></a><span class="co"># 扫描Web应用漏洞</span></span>
<span id="cb26-8"><a href="#cb26-8" aria-hidden="true" tabindex="-1"></a><span class="ex">nikto</span> <span class="at">-h</span> https://water.example.com <span class="at">-ssl</span></span>
<span id="cb26-9"><a href="#cb26-9" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb26-10"><a href="#cb26-10" aria-hidden="true" tabindex="-1"></a><span class="co"># 扫描数据库漏洞</span></span>
<span id="cb26-11"><a href="#cb26-11" aria-hidden="true" tabindex="-1"></a><span class="fu">nmap</span> <span class="at">-p</span> 5432 <span class="at">--script</span> pgsql-brute,pgsql-databases localhost</span>
<span id="cb26-12"><a href="#cb26-12" aria-hidden="true" tabindex="-1"></a></span>
<span id="cb26-13"><a href="#cb26-13" aria-hidden="true" tabindex="-1"></a><span class="co"># 生成漏洞报告</span></span>
<span id="cb26-14"><a href="#cb26-14" aria-hidden="true" tabindex="-1"></a><span class="fu">cat</span> <span class="op">&gt;</span> vulnerability_report.html <span class="op">&lt;&lt; EOF</span></span>
<span id="cb26-15"><a href="#cb26-15" aria-hidden="true" tabindex="-1"></a><span class="st">&lt;!DOCTYPE html&gt;</span></span>
<span id="cb26-16"><a href="#cb26-16" aria-hidden="true" tabindex="-1"></a><span class="st">&lt;html&gt;</span></span>
<span id="cb26-17"><a href="#cb26-17" aria-hidden="true" tabindex="-1"></a><span class="st">&lt;head&gt;</span></span>
<span id="cb26-18"><a href="#cb26-18" aria-hidden="true" tabindex="-1"></a><span class="st"> &lt;title&gt;安全漏洞扫描报告&lt;/title&gt;</span></span>
<span id="cb26-19"><a href="#cb26-19" aria-hidden="true" tabindex="-1"></a><span class="st">&lt;/head&gt;</span></span>
<span id="cb26-20"><a href="#cb26-20" aria-hidden="true" tabindex="-1"></a><span class="st">&lt;body&gt;</span></span>
<span id="cb26-21"><a href="#cb26-21" aria-hidden="true" tabindex="-1"></a><span class="st"> &lt;h1&gt;福建水务营收系统漏洞扫描报告&lt;/h1&gt;</span></span>
<span id="cb26-22"><a href="#cb26-22" aria-hidden="true" tabindex="-1"></a><span class="st"> &lt;p&gt;扫描时间:</span><span class="va">$(</span><span class="fu">date</span><span class="va">)</span><span class="st">&lt;/p&gt;</span></span>
<span id="cb26-23"><a href="#cb26-23" aria-hidden="true" tabindex="-1"></a><span class="st"> &lt;h2&gt;高危漏洞&lt;/h2&gt;</span></span>
<span id="cb26-24"><a href="#cb26-24" aria-hidden="true" tabindex="-1"></a><span class="st"> &lt;pre&gt;</span><span class="va">$(</span><span class="fu">grep</span> <span class="at">-i</span> <span class="st">&quot;high\|critical&quot;</span> scan_results.txt<span class="va">)</span><span class="st">&lt;/pre&gt;</span></span>
<span id="cb26-25"><a href="#cb26-25" aria-hidden="true" tabindex="-1"></a><span class="st"> &lt;h2&gt;中危漏洞&lt;/h2&gt;</span></span>
<span id="cb26-26"><a href="#cb26-26" aria-hidden="true" tabindex="-1"></a><span class="st"> &lt;pre&gt;</span><span class="va">$(</span><span class="fu">grep</span> <span class="at">-i</span> <span class="st">&quot;medium&quot;</span> scan_results.txt<span class="va">)</span><span class="st">&lt;/pre&gt;</span></span>
<span id="cb26-27"><a href="#cb26-27" aria-hidden="true" tabindex="-1"></a><span class="st">&lt;/body&gt;</span></span>
<span id="cb26-28"><a href="#cb26-28" aria-hidden="true" tabindex="-1"></a><span class="st">&lt;/html&gt;</span></span>
<span id="cb26-29"><a href="#cb26-29" aria-hidden="true" tabindex="-1"></a><span class="op">EOF</span></span></code></pre></div>
<h4 data-number="1.9.2.2" id="补丁管理流程"><span
class="header-section-number">1.9.2.2</span> 7.2.2 补丁管理流程</h4>
<p><strong>图表 8</strong></p>
<figure>
<img src="temp_mermaid_water_biz_security_design_6403/diagram_8.png"
alt="图表 8" />
<figcaption aria-hidden="true">图表 8</figcaption>
</figure>
<details>
<summary>
查看图表源码
</summary>
<pre class="mermaid"><code>graph LR
DISCOVER[漏洞发现] --&gt; ASSESS[风险评估]
ASSESS --&gt; PLAN[补丁计划]
PLAN --&gt; TEST[测试验证]
TEST --&gt; DEPLOY[生产部署]
DEPLOY --&gt; VERIFY[部署验证]
VERIFY --&gt; DOCUMENT[文档记录]
subgraph &quot;评估标准&quot;
HIGH[高危&lt;br/&gt;24小时内]
MEDIUM[中危&lt;br/&gt;7天内]
LOW[低危&lt;br/&gt;30天内]
end
ASSESS --&gt; HIGH
ASSESS --&gt; MEDIUM
ASSESS --&gt; LOW
</code></pre>
</details>
<h3 data-number="1.9.3" id="应急响应预案"><span
class="header-section-number">1.9.3</span> 7.3 应急响应预案</h3>
<h4 data-number="1.9.3.1" id="安全事件分级"><span
class="header-section-number">1.9.3.1</span> 7.3.1 安全事件分级</h4>
<table>
<colgroup>
<col style="width: 18%" />
<col style="width: 18%" />
<col style="width: 31%" />
<col style="width: 31%" />
</colgroup>
<thead>
<tr>
<th>级别</th>
<th>描述</th>
<th>响应时间</th>
<th>处理措施</th>
</tr>
</thead>
<tbody>
<tr>
<td>P0</td>
<td>系统完全不可用,数据泄露</td>
<td>15分钟</td>
<td>立即启动应急预案,通知管理层</td>
</tr>
<tr>
<td>P1</td>
<td>核心功能受影响,安全风险高</td>
<td>30分钟</td>
<td>启动应急预案,组建应急小组</td>
</tr>
<tr>
<td>P2</td>
<td>部分功能受影响,安全风险中等</td>
<td>2小时</td>
<td>安排专人处理,定期汇报</td>
</tr>
<tr>
<td>P3</td>
<td>轻微影响,安全风险较低</td>
<td>8小时</td>
<td>正常工作时间处理</td>
</tr>
</tbody>
</table>
<h4 data-number="1.9.3.2" id="应急响应流程"><span
class="header-section-number">1.9.3.2</span> 7.3.2 应急响应流程</h4>
<p><strong>图表 9</strong></p>
<figure>
<img src="temp_mermaid_water_biz_security_design_6403/diagram_9.png"
alt="图表 9" />
<figcaption aria-hidden="true">图表 9</figcaption>
</figure>
<details>
<summary>
查看图表源码
</summary>
<pre class="mermaid"><code>graph TB
INCIDENT[安全事件发生] --&gt; DETECT[事件检测]
DETECT --&gt; REPORT[事件上报]
REPORT --&gt; ASSESS[影响评估]
ASSESS --&gt; RESPONSE[应急响应]
subgraph &quot;应急响应措施&quot;
ISOLATE[系统隔离]
PRESERVE[证据保全]
RECOVER[系统恢复]
INVESTIGATE[调查分析]
end
subgraph &quot;后续处理&quot;
LESSON[经验总结]
IMPROVE[流程改进]
TRAIN[培训加强]
DOC[文档更新]
end
RESPONSE --&gt; ISOLATE
RESPONSE --&gt; PRESERVE
RESPONSE --&gt; RECOVER
RESPONSE --&gt; INVESTIGATE
INVESTIGATE --&gt; LESSON
LESSON --&gt; IMPROVE
IMPROVE --&gt; TRAIN
TRAIN --&gt; DOC
</code></pre>
</details>
<h2 data-number="1.10" id="八安全管理制度"><span
class="header-section-number">1.10</span> 八、安全管理制度</h2>
<h3 data-number="1.10.1" id="安全组织架构"><span
class="header-section-number">1.10.1</span> 8.1 安全组织架构</h3>
<h4 data-number="1.10.1.1" id="安全管理组织"><span
class="header-section-number">1.10.1.1</span> 8.1.1 安全管理组织</h4>
<p><strong>图表 10</strong></p>
<figure>
<img src="temp_mermaid_water_biz_security_design_6403/diagram_10.png"
alt="图表 10" />
<figcaption aria-hidden="true">图表 10</figcaption>
</figure>
<details>
<summary>
查看图表源码
</summary>
<pre class="mermaid"><code>graph TB
CEO[总经理&lt;br/&gt;安全最高责任人]
CISO[信息安全负责人&lt;br/&gt;CISO]
subgraph &quot;安全管理委员会&quot;
IT_DIR[IT总监]
SECURITY_DIR[安全总监]
COMPLIANCE[合规负责人]
LEGAL[法务负责人]
end
subgraph &quot;安全执行团队&quot;
SEC_ADMIN[安全管理员]
SYS_ADMIN[系统管理员]
DBA[数据库管理员]
NET_ADMIN[网络管理员]
end
subgraph &quot;业务安全责任人&quot;
BUS_OWNER[业务负责人]
DATA_OWNER[数据负责人]
USER_ADMIN[用户管理员]
end
CEO --&gt; CISO
CISO --&gt; IT_DIR
CISO --&gt; SECURITY_DIR
CISO --&gt; COMPLIANCE
CISO --&gt; LEGAL
IT_DIR --&gt; SEC_ADMIN
IT_DIR --&gt; SYS_ADMIN
IT_DIR --&gt; DBA
IT_DIR --&gt; NET_ADMIN
SECURITY_DIR --&gt; BUS_OWNER
SECURITY_DIR --&gt; DATA_OWNER
SECURITY_DIR --&gt; USER_ADMIN
</code></pre>
</details>
<h3 data-number="1.10.2" id="安全管理制度-1"><span
class="header-section-number">1.10.2</span> 8.2 安全管理制度</h3>
<h4 data-number="1.10.2.1" id="人员安全管理"><span
class="header-section-number">1.10.2.1</span> 8.2.1 人员安全管理</h4>
<ul>
<li><strong>入职安全审查</strong>:对关键岗位人员进行背景调查</li>
<li><strong>安全培训</strong>:定期进行信息安全意识培训</li>
<li><strong>权限管理</strong>:建立权限申请、审批、回收流程</li>
<li><strong>离职管理</strong>:离职人员权限及时回收,签署保密协议</li>
</ul>
<h4 data-number="1.10.2.2" id="系统建设安全管理"><span
class="header-section-number">1.10.2.2</span> 8.2.2
系统建设安全管理</h4>
<ul>
<li><strong>安全需求分析</strong>:项目立项阶段进行安全需求分析</li>
<li><strong>安全设计评审</strong>:设计阶段进行安全架构评审</li>
<li><strong>安全测试</strong>:上线前进行安全渗透测试</li>
<li><strong>安全验收</strong>:系统上线前进行安全验收</li>
</ul>
<h4 data-number="1.10.2.3" id="系统运维安全管理"><span
class="header-section-number">1.10.2.3</span> 8.2.3
系统运维安全管理</h4>
<ul>
<li><strong>变更管理</strong>:所有系统变更都需要安全评估</li>
<li><strong>备份管理</strong>:定期备份,异地存储,加密保护</li>
<li><strong>监控管理</strong>7×24小时安全监控</li>
<li><strong>应急管理</strong>:建立应急响应机制</li>
</ul>
<h3 data-number="1.10.3" id="合规管理"><span
class="header-section-number">1.10.3</span> 8.3 合规管理</h3>
<h4 data-number="1.10.3.1" id="法律法规合规"><span
class="header-section-number">1.10.3.1</span> 8.3.1 法律法规合规</h4>
<ul>
<li>《中华人民共和国网络安全法》</li>
<li>《中华人民共和国数据安全法》</li>
<li>《中华人民共和国个人信息保护法》</li>
<li>《关键信息基础设施安全保护条例》</li>
</ul>
<h4 data-number="1.10.3.2" id="行业标准合规"><span
class="header-section-number">1.10.3.2</span> 8.3.2 行业标准合规</h4>
<ul>
<li>GB/T 22239-2019《信息安全技术 网络安全等级保护基本要求》</li>
<li>GB/T 25070-2019《信息安全技术
网络安全等级保护安全设计技术要求》</li>
<li>GB/T 32918《信息安全技术 SM2椭圆曲线公钥密码算法》</li>
<li>GB/T 32905《信息安全技术 SM3密码杂凑算法》</li>
</ul>
<h4 data-number="1.10.3.3" id="合规检查清单"><span
class="header-section-number">1.10.3.3</span> 8.3.3 合规检查清单</h4>
<ul class="task-list">
<li><label><input type="checkbox" />等级保护三级备案完成</label></li>
<li><label><input type="checkbox" />年度安全评估报告</label></li>
<li><label><input type="checkbox" />安全管理制度建立</label></li>
<li><label><input type="checkbox" />安全技术措施落实</label></li>
<li><label><input type="checkbox" />安全培训记录完整</label></li>
<li><label><input type="checkbox" />应急预案演练记录</label></li>
<li><label><input type="checkbox" />安全事件处置记录</label></li>
<li><label><input type="checkbox" />第三方安全服务合同</label></li>
</ul>
<hr />
<h2 data-number="1.11" id="总结"><span
class="header-section-number">1.11</span> 总结</h2>
<p>福建水务营收系统安全设计严格按照等级保护三级要求结合OpenGauss数据库的安全特性建立了全方位、多层次的安全防护体系。通过技术防护、管理制度、人员培训等多重措施确保系统安全稳定运行满足水务行业的安全合规要求。</p>
<p>本安全设计方案的核心特点: 1.
<strong>国产化安全</strong>采用OpenGauss数据库和国密算法 2.
<strong>纵深防御</strong>:网络、应用、数据多层安全防护 3.
<strong>合规导向</strong>:严格按照等保三级标准设计 4.
<strong>持续改进</strong>:建立安全监控和应急响应机制</p>
</body>
</html>