With the rapid growth of traffic volume and the increasing complexity of operation, the security pressure faced by civil aviation airports is increasing. The following is my paper on airport safety operation management for your reference.
model essay on airport security operation management 1: On the network security management of airport information system
Abstract: The improvement of the degree of informatization has led to the rapid development of airport information system network construction, and there have been essential changes in working methods and business application modes. The original working methods have been unable to keep up with the pace of informatization development, which requires more efficient solutions to promote the development of airport informatization. Taking an airport as an example, this paper expounds and analyzes the airport safety information management effectively.
Keywords: airport information system; System security analysis; Implement
Chinese library classification number: TL372 document identification code: A
I. Role analysis
(I) Role management
Due to the business needs, when the work accusation of a department in the organizational structure changes, the system administrator uses role management to maintain each business position of the system, and selects users who participate in event handling from the user list to join the position. When it is necessary to perform some operations on these users, it is only necessary to perform one operation on the positions containing these users. This has greatly improved the work efficiency of the unit. When temporarily transferring users to join the post, simply add them to the user list of the role. When things are finished, the post is no longer needed, and the role can be deleted through this module. The role of the airport safety supervision information management system is shown in Table 3-1.
table 3-1 system role table
(ii) user permission control
user permission control is used to set permissions, roles and verify permissions. Permission corresponds to an operation within a certain operation range, and a role corresponds to a set of multiple permissions. Through role-based access control, the authority management of the whole business is realized, and the existing authority management is flexibly extended within a certain range by implementing operation management. The authorization module is used to realize the decentralized management of permissions, and the upper manager can authorize the lower manager to ensure that some users will not have too much permissions.
user rights control adopts the rights management system of role-based access control. The role-based authority management system unifies the roles of all kinds of staff at all levels, which not only meets the requirements of the whole system, but also meets the needs of various departments. Unified management of all users of the system can avoid the confusion phenomenon that the same user has different codes and permissions in different application systems, achieve unification and standardization, and maximize the security of the system.
every registered system user is assigned certain rights according to the tasks he undertakes. This permission determines which activities this user is allowed to perform, what information should be obtained after completing some activities, what data objects are allowed to be transferred to which functions, and so on.
according to the different control methods of user rights, rights can be divided into static rights and dynamic rights. According to different control objects, permissions can be divided into function permissions and data permissions.
II. System security analysis
(I) Analysis of security requirements
Based on the analysis of security weaknesses, security threats and security risks of an airport security supervision information management system, the system security requirements include the following points: system security entity security; Security of host operating system and database system;
system network security, including network isolation, network access control, network monitoring and early warning; System information security, including information storage security, information transmission security, information privacy, integrity, authentication and non-repudiation; Security management of the system, including operation and maintenance management and dynamic security. The safety design of the airport safety supervision information management system requires ensuring the safety of data and business, and ensuring the safety of system computer system resources.
when designing the system, it is required that the overall security of the computer system will not be reduced when the system is put into production; Do not fundamentally change the existing application system and network system (except when the existing application system and network system have serious defects); Meet the requirements of national policies and industry norms, with advanced technical design and good scalability and continuity; Overall planning, step-by-step implementation of production, to ensure the quality of the project, control the risk of the project; Reduce costs and new investment to meet the needs of market occupation and profit; Establish a system safety management system to ensure the safety of system operation, maintenance and management.
(II) Principles of safety design
The principle of safety design is to reduce costs and improve efficiency as much as possible on the basis of controllable system safety risks. It is necessary to formulate scientific, reasonable and feasible security design principles in close combination with the information security requirements and threats faced by the system. The core of safety design is to ensure the safety of the whole process of system data processing. When designing and planning the safety scheme, follow the following principles:
The principle of comprehensive safety protection of the system. Prevent obvious weak links, including protection, monitoring and recovery.
the principle of hierarchy. Safety design should be based on demand, reasonably divide safety levels, and carry out targeted safety protection according to different safety levels.
On the principle of autonomy and controllability, domestic cryptographic equipment and security products are adopted to achieve the controllability of the software and hardware security products used.
security principles. It is very important to fully ensure the security of the system. In the whole process of design and implementation, the network security products and technical solutions used must have specific measures to fully ensure the security of all aspects.
reliability principle. For products, quality is the basic factor to ensure their reliability; For the project implementation process, strict organization and strict management are the necessary conditions to ensure the reliability of the system.
advanced principle. The advancement of specific technology and technical scheme is the guarantee to ensure the technological leadership and sustainable development of the whole system.
principle of scalability and dynamic adaptability: the safety design requires full consideration of the needs of system business development, adaptability to future scalability requirements, and good dynamics and adaptability.
(III) Design scheme of network communication security
The purpose of network communication security is to provide a secure communication channel and protect business data from being leaked during transmission, while ensuring the reliability and stability of the communication network. Mainly provide a secure channel between that client browser and the system serv.
TLS/SSL connection is used to establish a secure channel between the client and the system network, and at the same time, data encryption is used to ensure the security of key information (such as customer account PIN code aPIN and login PIN code ePIN).
the secure connection between the system client and the Web server is realized by SSL technology with two-way authentication. It is realized by using the security agent deployed in the client and the security gateway proxy server system deployed in the Web server, which ensures that the identities of both parties can be confirmed and the confidentiality, integrity and non-repudiation of information transmission are guaranteed.
general users use the SSL function of the browser itself to provide transmission protection. Sensitive information of customers is protected and transmitted by enhanced encryption measures in this system.
(4) Design scheme of firewall system
The main design ideas of the firewall system of the airport safety supervision information management system are as follows:
Set a firewall in the data center of the Administration Bureau to conceal the internal network structure; Establish a relatively independent and unified safety monitoring and control center. The application network includes multiple external accesses, and the internal and external networks are shielded by network isolation technologies such as routers and firewalls. In this system, firewall technology is adopted for access from the Internet, and unauthorized access is shielded through the definition of security rules, thus protecting the security of the internal network. Firewall is also used to provide security between WEB/ application server and database server. In this system, domestic high-performance firewall is used outside the WEB server.
system access to the Internet requires consideration of the security of the border network. (1) Intranet is prohibited from directly accessing the Internet in any form without taking security measures. (2) After taking adequate security measures, the intranet is allowed to open necessary services to the Internet. (3) Security measures should be taken to protect the information publicly released on the Internet from being tampered with. (4) A specific host from outside can access the designated host on the intranet after being authenticated, otherwise it will be prohibited.
(V) Database security design scheme
The database system is used to store the business data, basic user information, system parameters and public information of the system.
the security of database system needs to consider not only the security of operating system, but also the security of database system itself. When designing a database, we should fully consider the access integrity mechanism between database elements to ensure the legal modification and access of data in the database.
Access to the database can only be made through the designated application server, and any operation or modification of the database cannot directly reach the database server, and the database can only be accessed and managed through the processes on the application server.
the database server stores all local data of the system, including customer information, management information, running logs, etc.
Third, the implementation of airport network security management
(1) Establish strict rules and regulations
Formulate a series of rules and regulations, such as network construction plan, computer room management system, division of responsibilities of various personnel, security and confidentiality regulations, password management system, network security guide, user's online user manual, information security inspection, system risk assessment, emergency response plan, security protection record system, etc., to ensure the high security of the core departments of the network. From the inside out, it is implemented layer by layer and managed dynamically to adapt to new network requirements, such as promoting the continuous development of network topology, network application and network security technology, and adjusting network security management strategies.
(II) Strengthening the training of network technology
Network security is a comprehensive technology. Network managers must constantly learn new network knowledge, master the functions of new network products, and be familiar with various attack methods such as network virus, IP spoofing, packet eavesdropping, password attack, denial of service and port attack, so as to better manage the network.
(3) Strengthening users' security awareness
The biggest threat to network security is people's lack of knowledge about network security. Therefore, it is necessary to strengthen the security awareness of employees and users at different levels, guide users to consciously install anti-virus software, patch and automatically update the operating system, and do not install unfamiliar software easily.
Conclusion
Network security is a multi-level and multi-faceted problem. It is necessary to establish an airport information system network security management system with advanced technology, efficient management, safety and reliability from strengthening administrative supervision and building a technical support platform, and strive to take precautions and nip in the bud, so as to ensure safety through management and promote development through safety.
references
[1] Duan Hehua, Wang Sheng, Zhang Zhiming. The airport information security management system escorts Shanghai International Airport [J]. The airport information network security, 2118,15:65-66. The airport
[2] Chen Weifei. The airport on the construction of the airport information security system [J] 11:145-147. The airport
[3] Zhao Bing. The airport on the airport information security risks and protective countermeasures [J]. The airport Jilin labor protection, 2111,S1:318-321. The airport airport safety operation management paper Model 2: Analysis on the construction of airport safety management culture
Abstract: People related to safety accidents, people related to safety accidents, It is very important to strengthen the construction of safety culture with people as the center. According to the theory of enterprise safety culture, this paper points out the significance of airport safety management culture construction, and expounds the connotation of airport safety management culture construction, namely material culture, system culture, spiritual concept culture and behavior culture. At the same time, it is discussed that the construction of airport safety culture should be strengthened from six aspects: organizational management system construction, system construction, team construction, safety culture activities, technical support and information application.
keywords: airport; Safety management; Cultural construction; Route selection
Chinese picture classification number: V351.3 Document identification code: A Article number: 1116-8937(2113)16-1138-12
According to the safety principle, among the four factors related to accidents, human factor is the most important. People's unsafe behavior is the biggest hidden danger of accidents, and people's behavior mainly comes from the influence of education and training and cultural atmosphere. Culture determines consciousness, consciousness determines ideas, and ideas determine behavior. In other words, safety culture determines people's safety awareness, safety awareness determines people's safety concept, and safety concept determines people's safety behavior. Therefore, without safety culture, there can be no safe behavior. Enterprise safety culture is an invisible value and code of conduct of all employees in safety management, a conscious behavior and habit, and a leading position in safety management, which has important practical significance for ensuring safety production.
since the civil aviation administration of China vigorously promoted the construction of Safety Management System (SMS) of air traffic control in 2116, civil aviation safety management has made certain achievements. However, the construction of SMS is still in the initial stage, and it faces many problems, such as insufficient attention and implementation by management, weak safety awareness of employees, improper risk management measures, insufficient analysis and utilization of safety information, weak infrastructure of safety management, and weak system of safety management. In order to effectively prevent the occurrence of major accidents, airports must comprehensively, scientifically and systematically analyze, study, diagnose, predict and control the airport safety management system, and the first thing to do is to build a healthy and effective airport safety management culture.
1 connotation of airport safety management culture construction
Airport safety management culture includes a series of summation of airport safety management consciousness, objectives, responsibilities, accomplishments, habits, scientific and technological means, management facilities, supervision and inspection, and various safety management rules and regulations, and plays an important role in guiding, encouraging, condensing, restraining and standardizing airport safety management. It consists of four levels: material culture, system culture, spiritual concept culture and behavior culture.
1.1 Material and cultural objects of airport safety management