Study on the Security Evaluation Scheme before the Information System Go Online

With the rapid development of the national information construction,information systems are used widely,and attack on information systems is becoming more and more popular,security incidents have occurred from time to time,how to ensure that information systems have enough security.The system meets the on-line operating conditions,will become an important topic.In this paper,a set of before the on-line information system carry out the safety evaluation of the program,including four aspects:code security audit,security vulnerability scanning,security configuration verification and permeability test,and gives the discriminant information system on-line safety standards.This scheme can effectively detect the hidden information at all levels of the system of security vulnerabilities,and according to the safety standards,can come to the conclusion that whether accords with on-line running,and can ensure the safety of the information system on-line operation strongly.