How to ensure the security application of college virtual cards?

Today, a new generation of cards characterized by virtual card technology has gradually matured and put into use on a large scale. Unlike traditional physical cards, the use of virtual cards accompanied by corresponding information security issues, which has also become an important concern for the new generation of card systems.

Information guarantee technology framework model (IATF) is formulated and published by the National Security Agency and publicized by the National Security Agency. This article is guided by the IATF security model, focusing on the concepts of key business domains, deep defense, security and strong nature, etc., and conduct overall protection design of the network, computing environment, business regional boundary, etc., so that the virtual card has strong overall protection capabilities and achieve resistance to the Internet to resist the Internet Purpose of malicious attacks.

Safety model content framework

The IATF security model discussion is comprehensive and specific. Some of its core contents such as Defense Indept, the focus of technology framework, and security and strongness are of great significance to guide the security of the virtual card system. The IATF model defines the focus of information security: regional boundary, computing environment, network foundation and support infrastructure, and there are relevant security requirements and specific technical measures in each focus domain [1]. The focus domain contains the basic hardware support platform, which is the basic work of analyzing safety needs and formulating safety protection.

The depth of defense is one of the important connotations of IATF. It is believed that information security cannot be achieved by only a few single technologies or devices, through reasonable organization and planning, and through the protection of hierarchical focus domains, it is possible to minimize risk.

In -depth defense is non -plane, depth, and hierarchical safety measures to protect system safety. These include three core factors of human, operation and technology. The IATF model attaches great importance to the factors of "people". It is believed that it is the soul of security. While strengthening security technology prevention, it is necessary to strengthen human safety management.

In summary, the focus of information security protection is expanded from the following aspects:

1. In accordance with the principle of "minimum exposure", the new generation of card business layers are split. Clearly define the business functions that are open to the Internet, such as virtual card recharge, consumption, payment and other interfaces. The background of the virtual card system and the physical card system can be designed in layered, and it is still relatively independent in the inner network. The physical card system and the virtual card system remain relatively independent. The virtual card server cluster adopts DMZ method. The interaction between each other conducts data exchange and business interaction through the data interface and business port mode. interactive.

2. Protection of regional boundary, computing environment, and infrastructure. Any sub -item vulnerability in the information security system may lead to serious consequences, so it is not enough to protect the important parts. Calculating environment, etc. is a basic hardware support platform, and its security includes physical security and information protection security.

3. Depend on defense. It is often manifested as vertical defense or horizontal layered defense. This layered defense segregates the attacker and the attack target. Different strategy protection is deployed between the two, and each layer has set up obstacles for potential attackers. At the same time, the layered defense is not passive, and has certain countermeasures. Generally, through protecting key targets, detecting invasion, and locking target counterattack processes, focusing on the attacker's positioning and counterattack, making the attacker pay the price.

4. Safe and strong. Safety protection itself has several levels. Safety and strongness, on the one hand, reflect a evaluation of safety performance, and also include classification and protection of applications of different values. Due to the different values ​​of different system modules, the consequences of the corresponding damage and theft are also different. The higher the robustness of the general security component, the higher the cost.

Based on the security card security protection design according to the security model

Focusing on the core ideas of security models, the design of virtual card information security framework design. Because the virtual card system has a physical card system, its application functions are relatively complicated. Usually, different docking methods are adopted with third parties such as banks, Alipay, and WeChat. At present, the number of polymerization payment platforms gradually increases, and the Internet needs to be opened to the Internet to a certain extent. At the same time, the virtual card and the data center conduct data exchange on the campus network, and the functional classification and system boundary design according to the virtual card business.

Concept and division of virtual card security domain

The virtual card is extended on the basic function of the traditional physical card system. Generally, it includes virtual card systems, physical card systems, polymerization payment platforms, and online payment platforms. From the perspective of information security, the traditional physical card system can run on the internal network, the security is relatively high, and the mobile functions such as virtual cards need to run on the campus network or operator wireless network. The docking of the background with Alipay, WeChat, etc. need to run On the Internet. Therefore, it is important to divide the functional domain of the virtual card and formulate different security strategies.

According to the guidance of information security models, according to functional needs, and the risk levels, virtual card security domain can be divided into: virtual card domain, physical card domain, aggregate payment domain, virtual card front desk mobile terminal connection domain, etc. The focus is on the security division of the virtual card domain, and the internal security domain will continue to divide the molecular safety domain according to the function group. A reasonable security domain division can plan a targeted planning security strategy and configure special hardware protection equipment to achieve a security system with defense depth and ensure the security operation of various functions of online. The division of the security domain is to hide the internal structure as much as possible, reduce unnecessary exposure, and reduce the risk of attack. Related domains such as physical card domain and virtual cards can be designed as internal network operations to ensure the safety of basic platform systems. Key prevention in the interface domain class, etc., use WAF, firewall, and security logs to analyze and early warning in the domain to ensure interface safety.

The virtual card system is designed based on the principles of campus network and the Internet. It is divided into two parts: 1. The border of the virtual card special network, including the border between the virtual card and the campus network, the virtual card special network and the bank's special network. The virtual card special network and the campus network are logically isolation through the firewall, and the hardware isolation between the virtual card internal network and the campus network is used to use the network gate. 2. The virtual card access layer is on the boundary of the campus network DMZ area, and defines the relationship between virtual card special network and the border between inside and outside the school.

Technical framework focus

The environment of the virtual card system is relatively complicated, involving a large focus area. By sorting out the areas and possible weaknesses that need to be focused on, the focus of a cartoon technology framework includes calculation environment, regional boundary, and infrastructure. The specific summary is as follows:

1. Calculate the environment. Including server, OS, virtual card application software, web services, directory services, printing services, electronic business and database access.

2. Regional boundary. Including the border of the virtual card special network; the border of the physical card special network; the boundary between the special network and the campus network; the boundary between the Internet and the bank, Alipay, WeChat and other Internet. Internal boundary of the virtual card system. Virtual Card Campus Network DMZ District boundary: network boundary with inside and outside the school.

3. Network infrastructure. It involves virtual card special network, campus network, physical card system special network; banking line; management of infrastructure; database, data center, etc.

4. Support infrastructure. Key management infrastructure KMI. Detection and response: Equipment detection and service monitoring platform.

Depth defense

Deep defense is of great significance in the information security model, protecting regional boundaries, computing environment, network infrastructure and other important locations. In accordance with the system hierarchical definition of definition strategies and specifications at each level, the overall planning of the decentralized local security strategies is the core component of the safety norm [2].

1. Protection of virtual card special network physical equipment

The virtual card system network infrastructure protection data main transmission network schools use new data networks. Adopt network layers and business isolation methods to isolate communication between clients and data transmission networks. Laying virtual card application network lines such as cafeteria, supermarkets, and building access control. Using the original card special network's main network spare optical fiber and access layer switches to lay the logical isolation of the original network system with a Cartoon Special Network. Newly laid the network between the switch to the code scanning machine.

Protection of virtual card special network physical equipment: Virtual card special network belongs to the three -layer network architecture. The core and convergence of the aggregation layer switch are deployed in the core switch room. There are more complete protection and guarantee equipment, such as equipment monitoring system, power monitoring system, video surveillance System, etc.; The access to the virtual card special network switch is authorized to protect it to prevent illegal device access.

Diger Rank Anti -Protection: The database uses mature technologies such as RAC and MySQL. By opening audit and access strategy control, it is equipped with security protection. At the same time, it is equipped with a database audit server to further enhance the service reliability of a cartoon system. Integrate the protection capabilities based on AIX and CentOS platform levels, integrate with Oracle's permissions management system, and unified management of log management, port management, and table space management.

Storage equipment protection: Storage system is an important part of data protection and one of the core of information protection. Access management through encryption and certification technology, including read -write permissions certification, data access control, and encryption of sensitive data for controller management and business communication management. Due to the online transaction characteristics of the virtual card system, the application layer of the storage system is designed towards a distributed direction, which is open to the designated server. At the same time, considering storage security technology, disaster recovery and data backup technology [3], storage controller formulates business data access Channels, reasonably set LUN and divide target disks, and control the source address/MAC to enhance the storage system to resist the attack capability.

2. Calculate environmental protection of the virtual card system

Calculating environmental protection focuses on the following instructions: server protection. Rangers -type server, blade server and other enable security modules to configure suitable security strategies to enhance server hardware resistance risk attack capabilities. Operating system type protection. AIX, Linux, WindowsSserver and other series, formulate security strategies, start auditing functions to prevent attackers from attacking the operating system, and enhance the risk prediction perception ability.

Virtual card application software protection. The software authorization system is adopted, combined with the firewall against the application layer of the virtual card system. Virtual card -related web service protection. Because the web service is directly open to the Internet, the minimum opening principle is strictly implemented, and equipment such as WAF is equipped with against attacks.

Data exchange service protection. Virtual cards and banks are used to connect to the firewall. Data exchange with data centers, WeChat, Alipay, etc. need to develop special switching interfaces, and simultaneously consider enabling the ACL control list to ensure credible IP access access.

3. Event depth defense

Because typical external attacks have distinctive levels, it can generally be divided into Internet attacks, campus network attacks, and virtual card special network attacks from the outside to the inside.

Internet attack prevention: The virtual card system only opens specific ports, and on the basis of dedicated equipment and special attack analysis software, it will timely perceive the attack, position attack and countermeasures. Campus network attack prevention: Set up firewalls to open specific port services; enable web firewalls; equipped with network gates to logically isolated campus network and virtual card special network, so that virtual cards and physical cards are transmitted to data centers unilaterally.

Virtual Card Special Network Protection: Because virtual card special networks are located on campus, malicious physical physical access to a Card special network needs to be prevented. The design of the online transaction data transmission network is isolated by VLAN. The teacher and student Client device is directly carried out through the campus network. Business requests are forwarded and feedback through the designated server entrance to complete the transaction process. The campus network is isolated from the data transmission network; the aggregation payment platform is the physical card and virtual card, and the operation is VLAN2 and other business processes; Settings; about third -party calling a cartoon virtual card import security strategy, multimedia machines, Alipay, WeChat, APP, etc.

The virtual card server cluster uses DMZ mode; offline equipment such as logistics consumption code equipment to form online transaction data transmission networks; isolation from campus network applications.

VLAN1: The virtual card server cluster uses the DMZ area and logistics consumer code brush equipment offline equipment, using the "virtual card special network backbone network spare optical fiber+switch of the special network area" to set the isolation port, the entire communication link adopts a new allocation IP address using the IP address part.

VLAN2: The virtual card server cluster uses the internal isolation of the DMZ area, and the aggregation payment platform and the virtual card system areolate each other.

VLAN3: In the financial data stream, the aggregation branch platform is separated from Alipay, WeChat, and banks to connect with different pairs and aggregate payment platforms. Outside and school third -party applications and virtual card platforms are isolated from each other.

4. Virtual card system external service interface safety precautions

The defense of virtual card interfaces includes the following three aspects: virtual card online transaction security precautions; transaction import applications and server -related precautions; third -party docking related security precautions.

Close directly to the channel that has nothing to do with a cartoon business. Because a series of applications such as virtual cards, polymerization payment platforms, library deductions, and data centers are logically associated with a cartoon service area, in order to protect the stability of the core application of the card, the interface is designed.

Online trading interface: Third -party applications communicate with the virtual card platform through HTTP, and initiate service calls in a post. After receiving the request, a card platform is judged by the corresponding business logic, and the response parameters in HTTPS are returned. Transaction interface encryption: Considering the use of certificates issued by the CA center to enhance the security of customer accounts, and give different resource access permissions to different users. Digital certificates effectively confirm account users in the form of network digital encryption electronic vouchers to help the new generation of cards confirm whether the user is legal. At the same time, enhance the security of account use, effectively protect the information transmitted online, and enhance the security of information transmission.

In terms of password technology, the support of SSL encryption transmission technology is realized, the key information of the user is encrypted to prevent the Trojan program from cutting the keyboard records.

Security and strong

The virtual card system is directly related to financial security and exposed to the Internet. Therefore, illegal attacks are very easy to occur. The attacker achieved stealing by trying to tampering the transaction data, causing the virtual card system to lose money, causing teachers and students and merchants to lose. The virtual card system contains a large number of teachers and students' financial data and personal information. As the hiddenness of the new network threats becomes higher and higher, the risk of data leakage is also increasing [4].

For the security and strong nature of the virtual card, IATF proposes three strong levels (SML), and divides the value of information into 5 levels, and divides the environment into 7 levels according to the threat layer.

In response to the high value characteristics of the virtual card system, it is necessary to strengthen the security and strong nature, and focus on protecting the following four levels:

1. The virtual card system is difficult to break through

By using the safety configuration of firewalls, WAF, and operating systems, combined with access source access control, the principle of openness as small as possible, and control of behavior. Use the network security equipment to intercept typical attack behavior, and use big data algorithms for transaction logs, access logistics to extract, further improve the security of the virtual card system, and achieve the purpose of difficulty attacking.

2. It is difficult to steal trading data

To prevent data from being stolen, we must first formulate data strategies to avoid common technical and human errors. Protection of database files. The data file is prohibited directly on the web directory. At present, there are more scanning tools to find the database file, which is downloaded and left a hidden danger. Prevent the library. Due to the various web application vulnerabilities, especially when there is a high -risk zero vulnerability, the web application is easily dangerous by the dragging library.

Web server protection. Web security also depends on the security of the web server, which is implemented by the operating system security settings of the web server. When the web server burst out of vulnerabilities, the web cannot guarantee safety and will be dangerous by the dragging library.

Database protection. Reasonably set up database SCHEMA, table space management, read and write permissions design, etc. These operations are also very important for preventing data stealing.

3. Sensitive data is difficult to use

Through the key management system to distribute the device key, the background is encrypted to encrypt the algorithm to the sensitive data, making it difficult to use the attacker even if it obtains data. It is necessary to focus on the encryption of transaction data transmission and database sensitive field encryption.

4. Business data is difficult to tamper

Tampered with data is one of the main goals of theft and external attacks. Generally, tampering can only be performed on the basis of data structure analysis after obtaining data structure.

By increasing database audit functions, business layers, data protection (business data protection), set up a reasonable database preparation period, and a special card special transaction audit software to discover tampering behaviors and retain evidence of tampering. At the same time, CDP (Continuous Data Protection) needs to be considered to solve illegal deletion data problems. In order to cope with problems that are difficult to find in time, it is difficult to discover in time.

Through the above -mentioned three -dimensional data protection solutions, the difficulty of the attacker will be greatly increased, making the attacker give up due to the cost and energy of the attacker.

Due to the relatively open characteristics of the virtual card system, its existence and various hidden dangers and risks are faced with various hidden dangers and risks. By using the IATF security model guidance, combing the resources that the virtual card system needs to protect, determine the key prevention boundary, design a reasonable depth defense plan, and timely evaluate the feedback feedback Security and strong, prevent data leakage and tampering [5], etc., can better guarantee the information security of the virtual card system and the stable operation of the virtual card system.

references

[1] IATF3.1 Chinese version (IATF Release 3.1) [s]. 2003.9. P52.

[2] Wang Cheng. The design of a cartoon security system based on IATF security model [J]. China Education Informatization, 2016.10.

[3] http://baike.baidu.com/linkurl=7w4lggowoflzzoibfsjktbrbwzns6e98tkwwv3xys28zhdncz9afjv17b0WR1-EXJD-2cjehnb_n4bwsa.

[4] http://tech.xinmin.cn/2015/06/25/27958435.html.

[5] http://tech.sina.com.cn/t/2014-0627/10469463198.shtml.

Author: Wang Cheng, Li Qianmu, Zhai Yongsi (Nanjing University of Technology Information Construction and Management Office)

Responsible editor: Chen Yongjie

- END -