中文摘要：

通过引入IT服务管理的理念，将安全运营管理定位为IT基础设施库ITIL中的服务，同时综合借鉴BS7799、NISTSF800系列以及其它有关信息安全标准的特点，构建基于ITIL的网络安全运营管理体系，帮助解决安全运营管理平台相关技术和产品的研究开发过程缺乏标准和规范的问题。服务级别管理是基于ITIL的网络安全运营管理体系保证安全服务达到组织或客户的期望并获得认可的关键，是基于安全服务级别协议的协商、定案、监控、报告和总结的过程。详细阐述了安全服务级别管理的相关概念、流程以及与安全运营管理体系其它过程间的关系。

英文摘要：

By introducing the theory of IT service management and positioning security operation management as service in ITIL as well as utilizing BS7799, NIST 800 series and other security standards for reference, a network security management architecture based on ITIL is proposed to solve the problem of lacking of the uniform standard and criterion in developing the techniques and products of security operation. Security service level management is the key to meet expectations of organizations or customers and satisfy them in security services. SLM is the process of negotiation, agreement, monitoring, reporting and summary, which is based on service level agreement （SLA）. The relevant concepts, procedures as well as relations with other processes are expounded.