基于决策树的安全审计策略自适应管理控制平台

 目前国内众多信息安全企业针对电信运营商市场定制了4A（统一的账号、认证、授权、审计管理）解决方案。其中审计管理是展现4A整体效果，实施综合审计的最有力的功能模块之一，而审计策略的制定则是审计管理最核心的部分。现有审计策略定制方案主要为定制式，不具有通用性、可移植性等特点，且审计策略在制定的过程中，过多的人为因素带来的安全隐患往往是用户所不能接受的。本文所述基于决策树的安全审计策略自适应管理控制平台正是针对4A管理平台之审计管理子系统的业务需求和性能优化等方面存在的问题，结合用于处理海量数据的数据挖掘技术，实现了由系统自动生成审计策略，定期自适应优化审计策略等功能的审计策略通用平台。决策树优化的特殊方法使审计策略在应用过程中可以不断优化，从而满足不同业务系统的审计需求。

Self-adapting Security Auditing Management Controller Platform Based on Decision Tree

Currently, quite a few domestic information security enterprises have customized the 4A solution (integrated Accounting, Authentication, Authorization, Auditing management) for the Telecom Operators in China. Auditing management for integrated auditing is one of the most powerful function model which reflects a global effect of the 4A solution. Moreover, the auditing strategy customization is the core of the auditing management. The existing auditing strategy customization scheme is mainly the customization mode, which lacks generality, transportability and other important features. During the process of working out an auditing strategy, many human factors would be involved in security threats, which are not acceptable by the enterprises or corporation. The Self-adapting Security Auditing Management controller platform based on decision tree is a general auditing strategy platform which implements automatically the generation of the audit policy by the system and a self-adapting optimizing auditing strategy periodically. The implementation includes a data mining technology to deal with huge amount of data. The business requirements and performance optimization are dealt with in the integrated auditing subsystem of the integrated security controller platform. The decision tree optimization method enables the auditing strategy being optimized continuously during its operation, to satisfy the auditing requirements of different business systems.