Basedon the cloud computing firecloud detection array, Y&D reforms and upgrades the new generation of railway passenger ticket system in in the way of network virtualization and security cloud, so as to provide highly effective and secure system services for “the three-leveled ticket network, 18 railway bureaus.

Solution Background

The threats to the Internet come from many aspects. A single product can not solve all the security problems. There are potential safety hazards due to loopholes in equipment and application technologies, also insecurity caused by inadequate management measures. Network information security system is a multidimensional, multi-factor, multi-level and multi-objective system. Facing the professional and particularity of information security and the trend of network application technology in the future, we should deeply understand the principle of information security technology and network information security model from a comprehensive over-all perspective.

Ticketing system uses many security technologies in its hardware and software structure designs, and it is advanced and secure in the large domestic network application system. However, with the progress of network technology, network security is constantly encountering new challenges. The original security measures can no longer meet the needs of modern network security. Therefore, network security measures should be further improved with the continuous development of networks. Ticket system security technology should be improved to better serve the passengers.

Deployment Solution

1Adopts Y&D SOC solution to analyze the resources in a holistic way and establish a unified target safety network, and form a secure zone with the ticket center of the Ministry of Railways, the ticket centers of major railway stations and stations as the core. Conducts inter-level configuration and monitoring of all devices on the integrated platform and interface. And sets security policies and incident response mechanisms uniformly to achieve a balance between resources and efficiency.

2By reengineering ticket booking business process and using the self-developed secure communication software, Y&D SOC solution encrypts the contact information between all ticket terminals and security components to ensure data transmission security.

3Y&D security agent software and authentication U-KEY will be installed in each ticketing terminal. Through centralized ID authentication system, users log in to the operating system and perform operations such as buying ticket according to the approved authority. At the same time, Y&D security agent software can effectively protect ticketing terminals and take the initiative to prevent malware and Trojans, viruses and other attacks, and solve the terminal security issues.

4Y&D SOC has a complete products chain and an active network management structure, which enables security risk assessment of information systems. With automatic security incidents handling, security threats are effectively reduced.

5The log and audit systems of Y&D SOC make all user operation well documented, and make simulated reappearance of hacker attacks, providing more intuitive data for decision-making management.

Program Advantages

The function and performance are designed with full consideration to business system application needs, realizing unified management, policies, and target between business and security. The overall resources planning avoids resource contention and raises overall system operational efficiency

Based on effective system risk assessment, through powerful security knowledge base and strategy base, security incidents can be handled automatically with automatic early warning and automatic emergency response, thus ensuring reliable system operation and efficiency for a long time

For the first time, "human" behavior in information security technology management is standardized. The user-friendly user logic division function ensures that all management users’ login and operation permissions are under complete control, so as to ensure that security management procedures and related data are transparent. Association of user and behavior ensures that users are responsible for their own behaviors

SOC solution has effectively solved information security risks control through active defense, continuous security service and multi-guarantee and coordinated management, completely solving the information security problem

With full support for the already deployed security devices and systems, it provides users with a transparent and unified management approach, which completely solves the problems of diverse types of information assets, complex systems and hard configurations in a very large and complex networks

The secure business workflow revolution enables monitoring of business operations, thus ensuring data transmission security. The overall planning and establishing of the system can quickly serve the information security system without affecting original system operation