Research on Security Construction of County-Level Media Convergence Information Systems

(Jianhu County Media Convergence Center, Jianhu, Jiangsu 224700)

Abstract

Objective: With the rapid development of information technology and its extensive application in broadcast television technical systems, county-level media convergence information systems face numerous security issues during construction due to various factors. Traditional control measures alone are insufficient to counter these threats. Methods: To address these security problems, Jianhu Media Convergence Center conducted research on security construction across information system architecture, operations and maintenance, networking, and management. Results/Conclusion: By establishing multi-dimensional security safeguards and constructing an integrated security system, the overall security of county-level media convergence information systems can be effectively enhanced.

Keywords: Broadcasting and Television; Information Systems; Security Construction; County-Level Media Convergence; System
CLC Number: G202
Document Code: A
Article ID: 1671-0134(2025)03-150-04
DOI: 10.19483/j.cnki.11-4653/n.2025.03.033
Citation Format: Xu Xu. Research on Security Construction of County-Level Media Convergence Information Systems [J]. China Media Technology, 2025, 32(3): 150-153.

Introduction

With the rapid development of information technology bringing unprecedented technological innovation to the broadcasting industry, broadcasting institutions at all levels are actively advancing the informationization of their technical systems to fully leverage the positive role of information systems in media convergence. However, due to various subjective and objective factors such as budget constraints and technical limitations, county-level media convergence information systems commonly suffer from prominent issues including inadequate infrastructure, non-standardized system operations and maintenance, unprofessional network protection, and insufficient security management [1], posing serious challenges to system security. To address these security concerns, county-level media convergence centers should actively pursue systematic security construction to drive high-quality development.

1. Security Issues in Broadcasting Information Systems

1.1 Inadequate Infrastructure

As the primary technical platform for converged production, broadcasting information systems require standardized infrastructure construction with no stability issues, redundant core equipment to eliminate single points of failure, and the capacity to meet program production business needs under the premise of system security [3]. Due to insufficient budgetary funds, county-level media convergence information systems commonly exhibit inadequate infrastructure during the design and construction phases, primarily manifested in the adoption of hybrid topological structures that degrade overall system stability, and single-node operation of core equipment such as servers, storage devices, and switches without redundant backup [4]. Security risks arising from inadequate infrastructure may not be apparent during the early and mid-term operation phases, but frequent safety issues emerge in later stages due to aging critical hardware, seriously affecting the safe and stable operation of broadcasting information systems.

1.2 Non-Standardized Operations and Maintenance

In the early days, broadcasting technical system operations and maintenance primarily addressed physical-level issues such as aging proprietary equipment, power failures, and cable connections. With the widespread application of broadcasting information systems, county-level media convergence centers face generally non-standardized system operations and maintenance due to insufficient technical personnel capabilities in computer hardware, software, and networking. This is mainly manifested as: unfamiliarity with technical standards, parameters, operational status, and failure characteristics of complex hardware equipment, preventing proactive detection and timely reporting of information system failures; lack of understanding of system software kernels, underlying technologies, security policies, and privilege management, hindering proactive monitoring of system cluster status to ensure normal service access and timely closure of high-risk ports and unnecessary services to block network attack vectors; inadequate database maintenance with non-standardized plans and methods, failure to perform regular database backups, and incomplete terminal image backups [5].

1.3 Unprofessional Network Protection

Currently, computer and network technologies serve as crucial technical support for information systems, playing an increasingly important role in county-level media convergence production platform construction, media integration, and IP-based broadcasting. However, while applying advanced technologies, the lack of necessary network security equipment and weak network security technical capabilities result in numerous system vulnerabilities that are not promptly patched, exposing systems to severe threats of network attacks and virus infections.

1.3.1 System Vulnerabilities

As the fundamental platform for software operation, operating systems achieve stable information system operation by allocating hardware and software resources, controlling input/output devices, managing file systems, and controlling permissions. However, operating systems inevitably contain inherent known or unknown security vulnerabilities that pose risks to system operation, requiring regular scanning and patching. Broadcasting information systems support safe program production and broadcasting, and their operating systems must regularly repair security vulnerabilities according to risk levels; otherwise, normal program production is directly affected. Due to the lack of professional talent and equipment, vulnerability detection and remediation pose significant challenges for county-level media convergence information systems, representing a weak link in their security construction.

1.3.2 Network Attacks

Network attacks have become a critical factor affecting the secure operation of various information systems. Depending on severity, they can result in partial data theft and short-term system failures at minimum, or illegal system network occupation and severe data destruction at worst. As the primary technical system for news program production, broadcasting information systems must strictly guard against network attacks to ensure operational security. County-level media convergence information systems suffer from insufficient professional network equipment such as firewalls, centralized monitoring systems, log audit systems, vulnerability scanning systems, endpoint threat defense systems, and bastion hosts, resulting in low network protection capabilities and significant network attack risks.

1.3.3 Virus Infections

Computer virus infection is one of the most common security issues in information systems, posing serious threats by executing illegal instructions and malicious code to damage system components or delete data. With the rapid development of computer coding technology, virus transmission channels and infection methods have become increasingly complex, making prevention more difficult. Although county-level media convergence information systems have deployed network gates and virus scanning hosts for file format validation and malware detection, they still exhibit significant deficiencies in preventing and handling new types of computer viruses, making the security risk non-negligible.

1.4 Insufficient Security Management

Effective security management plays a crucial role in the stable operation of any system, and broadcasting information systems are no exception. County-level media convergence information systems face four main security management issues: First, lack of security management planning, where personnel and organizational constraints prevent unified management of critical security components; second, insufficient security management technical capabilities without professional talent support; third, inadequate security mechanism support—although county-level media convergence centers have established security management departments for safe broadcasting and technical operations with defined responsibilities, system security supervision, detection, and response mechanisms remain incomplete due to objective constraints; fourth, security awareness needs strengthening, with some personnel treating security work as mere formality and failing to correct behaviors that compromise system security.

2. Security Construction of Jianhu Media Convergence Information System

The core information system of Jianhu County Media Convergence Center is a converged production platform that relies on the cloud services, technical capabilities, and infrastructure resources of the provincial "Litchi Cloud" platform to support content acquisition, data analysis, converged production, and converged distribution operations [6]. The Jianhu Media Convergence information system reasonably applies current broadcasting, computer, and network technologies to achieve a relative balance between security and efficiency while meeting converged production business requirements. Through analysis of the Jianhu Media Convergence information system's infrastructure, system operation, data interaction, and post-management aspects, its security construction can be divided into four components: structural security construction, operations and maintenance security construction, network security construction, and management security construction. To address infrastructure-related risks, the system actively implements reinforced redundancy for service nodes, storage devices, and network equipment [7], combined with system control to achieve structural security. During system operation, hardware and software security monitoring and prevention are implemented alongside the development of user operation specifications to effectively manage user behavior, thereby achieving operations security. As the information system interfaces with the provincial technical platform via public networks, posing significant data interaction risks, network security is realized through independent physical lines, access control, content detection, vulnerability scanning, and virus protection. Management security is achieved through strengthened institutional and behavioral management, along with regular security assessments. Through these four aspects of security construction, the overall security of the Jianhu Media Convergence information system is effectively enhanced.

2.1 Structural Security Construction

In the Jianhu Media Convergence information system, structural security based on core components can be divided into four aspects: service security, storage security, link security, and control security, forming the foundation of the entire information system's security construction [8-9].

2.1.1 Service Security

For county-level media convergence information systems, uninterrupted service is typically achieved through multi-server cluster operation. With the rapid development of computer network technology, distributed service architecture has gradually become mainstream and been adopted in county-level media convergence information systems, albeit with relatively smaller node scales. The Jianhu Media Convergence information system employs a three-node distributed service architecture characterized by low budget investment, easy scalability, convenient maintenance, and minimal impact on overall service from single-point failures. Services such as backend management, packaging and synthesis, cluster transcoding, and cluster migration are modularly deployed across different node servers, with unified scheduling management achieved through real-time task monitoring, resulting in relatively high overall security.

2.1.2 Storage Security

Media data represents the core resource of information systems for all media convergence units, making storage system security crucial to the overall information system's security construction. Storage infrastructure should be strengthened with redundant mutual backup to avoid single points of failure and achieve high security and availability of storage equipment. The broadcasting industry currently employs two primary storage architectures: traditional redundant hot backup storage and multi-node distributed storage. Based on practical application requirements, the Jianhu Media Convergence information system adopts redundant hot backup storage. Although this offers lower security compared to multi-node distributed storage, years of deployment and use in the broadcasting industry have proven it capable of meeting data storage security requirements.

2.1.3 Link Security

As two network topologies commonly adopted in the broadcasting industry, FC-SAN offers higher transmission bandwidth and functionality compared to IP-NAS architecture, with clear advantages for core data connectivity. However, due to limitations in budget, technical expertise, and operational experience, county-level media convergence centers more commonly favor IP-NAS architecture. With the maturation and popularization of 10 Gigabit Ethernet technology, its performance can also meet their requirements. The Jianhu Media Convergence information system employs an IP-NAS network architecture with a security design featuring dual core switches in active-standby deployment. Gigabit Ethernet interconnects switches to terminal stations, while 10 Gigabit Ethernet connects switches to servers, ensuring data link security through multiple 10 Gigabit and Gigabit Ethernet connections.

2.1.4 Control Security

The Jianhu Media Convergence information system deploys system management software to monitor equipment status, core software operation, network traffic, and computing resources in real time. It monitors program production workflows, connection configurations between business systems, and process node operation and execution progress. Through security control, priorities for backend packaging synthesis and data migration are adjusted to handle emergency events first. Through system control, technical personnel can accurately understand the information system's operational status and obtain complete operational data, thereby better maintaining system security.

2.2 Operations and Maintenance Security Construction

Operations and maintenance security ensures that system hardware equipment and software systems maintain normal operation, preventing damage to data storage, processing, and transmission due to failures or malfunctions. It is the fundamental guarantee for information system normal operation. For broadcasting information systems, hardware and software constitute the main body of the information system and are critical to its security. In daily operations, information system status should be regularly inspected, and identified hardware and software security issues should be promptly addressed. Failure to do so will constitute serious system security risks.

2.2.1 Hardware System Security

Hardware equipment forms the physical foundation for system security operation. County-level media convergence technical personnel should regularly inspect the hardware system operating environment to ensure electrical and temperature control indicators meet system requirements. Core equipment such as servers, storage arrays, and core switches should be monitored regularly through dedicated software on the basis of redundant hot backup to ensure equipment redundancy is online, with operational failures reported and repaired promptly. Hardware systems should be configured scientifically and rationally, with equipment and cards that have exceeded their service life or are severely aged inspected and replaced regularly. Unnecessary bus interfaces should be physically sealed to prevent unauthorized access.

2.2.2 Software System Security

For county-level media convergence information systems, hardware systems as infrastructure have relatively fixed and predictable security factors, whereas software systems pose greater security risks due to their operational complexity and unpredictability. Therefore, managing information systems from system software to application software levels is crucial. For system software management, strict user privilege access control should be implemented [10], with standardized configurations for permissions, passwords, and software policies. User behavior should be regulated through operational specifications to prevent users from modifying operating system settings, technical measures should be adopted to seal configuration entries affecting software system stability, and non-essential service ports should be closed. For application software management, to avoid system security failures caused by applications, software with strong reliability and secure development guarantees should be prioritized during installation. Additionally, scientific and reasonable upgrade plans should be formulated based on actual software usage to improve application stability, with unauthorized software installation strictly prohibited.

2.3 Network Security Construction

Due to insufficient professional equipment and talent, network security has become a critical security factor prevalent throughout the current broadcasting industry and represents both a weak link and prominent challenge in broadcasting information system security construction. Current county-level media convergence information systems face primary security threats including network attacks, virus infections, and unauthorized access [11]. The Jianhu Media Convergence information system deploys security firewalls and intrusion detection systems for boundary security protection; deploys vulnerability scanning systems to detect and repair network security vulnerabilities to effectively resist network attacks; deploys security network gates and virus scanning hosts for safe virus and malware elimination; and applies network security devices such as access control, log auditing, internet behavior management, and bastion hosts to achieve privilege control and security auditing of network access, effectively enhancing information system network security protection.

2.3.1 Boundary Protection

Information systems achieve boundary protection for internal network zones through security firewalls, managing network access permissions for internal users and implementing access control for system entry and exit [12]. Intrusion detection equipment filters network transmission data in real time, detecting network intrusion behaviors and anomalies to meet information system network security requirements. The Jianhu Media Convergence information system deploys a single NetGuard Power V6000 firewall for boundary protection. Considering emergency recovery from equipment failures and the need to enhance network security level protection, plans are in place to add one additional cold standby firewall with the same configuration and one intrusion detection system to further improve boundary protection capabilities.

2.3.2 Vulnerability Remediation

Network security vulnerability management has always been a challenge in network security protection. For network security technical personnel, using vulnerability scanning systems is key to effective vulnerability management. By scanning and analyzing core network equipment such as servers and switches, network security vulnerabilities can be discovered and repaired to enhance network security performance. The Jianhu Media Convergence information system deploys the NetGuard vulnerability scanning system to detect security vulnerabilities and defects in systems, networks, and applications. Additionally, vulnerability scanning tools conduct automated testing on the system to identify potential security vulnerabilities and defects for timely remediation.

2.3.3 Virus Protection

Broadcasting information systems feature frequent data interactions and diverse file formats. Viruses disguised and hidden in file transmissions can cause serious system failures, and even timely removal can severely damage the system. Therefore, proactive virus protection measures should be prioritized. The Jianhu Media Convergence information system employs two methods for virus protection: network gate isolation and virus scanning. For network gate isolation, security network gates are deployed to validate data before it enters the information system, thereby blocking direct interaction between the information system and external data and logically preventing external dangerous data from launching virus attacks. For virus scanning, system resources and permissions are reasonably configured, normal business processes are optimized, and real-time virus scanning is implemented. All external data entering the information system must undergo antivirus scanning and be confirmed safe before entry, ensuring the information system remains free from virus infection threats.

2.3.4 Access Control

Access control through core network devices such as routers or switches enables privilege control for network access. Broadcasting information systems must control system access permissions [13], allowing entry only under secure conditions. The Jianhu Media Convergence information system utilizes dual H3C core switches to transmit traffic, achieving high-speed data processing and forwarding while supporting access control settings. By configuring ACL access control policies, isolation between different zones is realized, reducing the possibility of illegal intrusion.

2.3.5 Log Auditing

Log auditing systems record and analyze information system security events and user operation behaviors in bypass mode, enabling traceability of system security activities and timely detection of security hazards. The Jianhu Media Convergence information system deploys the Topsec log auditing system to comprehensively collect operational logs from system information equipment for auditing, analysis, and reporting, effectively enhancing information system network security.

2.3.6 Internet Behavior Management

For county-level media convergence centers, implementing internal internet behavior management and content auditing within information systems is crucial. Through internet behavior management, functions such as behavior management, traffic management, application control, and information control are realized, effectively preventing personnel from engaging in work-unrelated network activities within the information system and ensuring data security. With limited outbound bandwidth, the Jianhu Media Convergence information system uses internet behavior management to guarantee bandwidth for system applications, ensuring transmission of critical business traffic and effectively enhancing information system network stability and security.

2.3.7 Bastion Host

Bastion hosts implement fine-grained security control policies to effectively ensure the reliability of core information system equipment including network devices, security equipment, servers, and databases, reducing human operation security risks and effectively enhancing system security [14]. The Jianhu Media Convergence information system deploys the Topsec bastion host to provide full-process auditing for remote IT operations and maintenance, ensuring manageable and controllable remote IT operations while achieving unified operations entry and unified asset management.

2.4 Management Security Construction

Security is 30% technology and 70% management. Security issues largely stem from insufficient understanding of threats and risks, lack of clear security policies, incomplete security management systems, and lax implementation [15]. Jianhu Media Convergence Center attaches great importance to information system management security construction. In terms of institutional development, it clearly defines the objectives and direction of information system security management, organizational responsibilities, management principles, and security frameworks; issues standardized documents for computer room management and personnel management systems, and regularly updates them. For personnel management, it conducts system usage training, regulates end-user behavior, provides targeted education for violations, formulates comprehensive emergency response plans, and comprehensively enhances technical personnel's emergency handling capabilities. For inspection and assessment, it regularly conducts information system security evaluation and testing through multiple methods including daily self-inspections, vendor patrol inspections, and professional institution assessments to identify potential hidden security issues early and repair them promptly.

3. Conclusion

The broadcasting information system security system comprises the management layer, operation layer, and technical layer. From these three perspectives, county-level media convergence information systems commonly face certain security issues that represent key difficulties in their construction. The construction of the Jianhu Media Convergence information system aligns with current media convergence development trends, but still exhibits numerous security issues when measured against high standards of reliability and availability. Through targeted construction in structural security, operations and maintenance security, network security, and management security, the overall security of the information system has been effectively enhanced [16]. Currently, information technology is evolving rapidly, and associated security risks are increasing daily. Broadcasting technical personnel should adopt a system security perspective, strengthen security knowledge learning, improve security skill levels, and make due contributions to maintaining information system security.

References

[1] Wu Yongsheng. Construction and Implementation of TV Safe Broadcasting Guarantee System for Nanjing Radio and Television Group [C]. 2021 Academic Annual Meeting of China Federation of News Technology Workers, 2021: 386-392.

[2] Li Ping. Research on Security Construction of Broadcasting and Television Information Systems [J]. China Media Technology, 2021(12): 158-160.

[3] Chai Xiaoyu. Analysis of Current Situation and Strategies for Cybersecurity in Broadcasting and Television Industry [J]. Broadcasting and Television Network, 2024(7): 52-54.

[4] Yang Zhen. Design and Construction of HD Integrated Non-linear Editing and Media Asset Network [J]. Modern Television Technology, 2016(8): 105-110.

[5] Zhong Chao, Jia Ruoyu. Program Production Security Guarantee Scheme for Xuzhou TV Station's Non-linear Editing Network [J]. Audio-Visual World, 2017(6): 92-95.

[6] Zhang Xiaocun. Exploration on the Construction of Jianhu County Media Convergence Center in Jiangsu Province [J]. Broadcasting and Television Information, 2021(12): 26-29.

[7] Ren Xiaowei. Research on Network Security Hardening Methods for Broadcasting and Television Information Systems [J]. Radio and Television Technology, 2019(2): 12-16.

[8] Yang Shuhai. Security Design of All-Media Content Production Network for Small and Medium TV Stations [J]. Television Technology, 2016(8): 80-83.

[9] Gao Xiaoqing. Network Security Risks and Strategies for Broadcasting and Television Information Systems [J]. Communications World, 2019(11): 51-52.

[10] Xu Jimeng. Some Thoughts on Network Security Protection of Broadcasting and Television Information Systems [J]. Digital Media Research, 2024(1): 78-80.

[11] Yang Yang. Design and Implementation of Network Security for Broadcast Media Convergence Production [J]. Radio and Television Technology, 2022(11): 45-49.

[12] Jiang Yuncui. Application of Network Security Technology in Broadcasting and Television [J]. Electronics World, 2020(1): 181-182.

[13] Wu Chongfeng, Zhang Gaopeng. Application of Cybersecurity Classification Protection System in Broadcasting and Television Field [J]. Television Technology, 2024(7): 196-198.

[14] Hu Limin. Application of Network Security Technology in County-Level Media Convergence Technical Systems [J]. Shanxi Youth, 2024(17): 196-198.

[15] Yu Tao. Practice of Information Security Strategy Design in Research Institutes [J]. Cybersecurity and Informatization, 2019(1): 107-109.

[16] Yang Jing. Reflection and Practice on Information Security Situation of Broadcasting and Television [J]. New Media Research, 2017(1): 120-121.

Author Profile

Xu Xu (born 1981), male, from Jianhu, Jiangsu, holds a bachelor's degree and works as an engineer. His research focuses on broadcasting information system construction, operation and maintenance, and signal transmission and broadcasting.
(Responsible Editor: Li Yansong)