一体化“国网云”安全防护体系设计
|
摘要
随着云计算技术在生产、营销等方面迅速发展,国家电网有限公司构建了一体化"国网云"平台,但同时也带来了巨大的安全风险。文章在对公司云安全防护风险分析的基础上,充分借鉴等级保护2.0云计算安全扩展要求,考虑公司云平台安全防护需求,从云平台安全防护、云平台安全运营、云平台安全服务、云平台安全管理4个方面构建网络安全等级保护云计算安全防护技术体系,实现对云平台的整体安全防护,确保云平台运行的安全性与稳定性。
With the rapid development of cloud computing technology in production, marketing and other aspects, State Grid Corporation of China has built an integrated platform called State Grid Cloud, which also brings huge security risks. Based on the risk analysis of cloud security protection, this paper taking full advantage of the security expansion requirements of cloud computing in Level Protection 2.0 and considering the security protection requirements of the company's cloud platforms and constructs security protecting system of cloud platform from four aspects including security protection, security operation, security service and security management, which achieves the whole protecting system of cloud platform to ensure its stability and reliability.
With the rapid development of cloud computing technology in production, marketing and other aspects, State Grid Corporation of China has built an integrated platform called State Grid Cloud, which also brings huge security risks. Based on the risk analysis of cloud security protection, this paper taking full advantage of the security expansion requirements of cloud computing in Level Protection 2.0 and considering the security protection requirements of the company's cloud platforms and constructs security protecting system of cloud platform from four aspects including security protection, security operation, security service and security management, which achieves the whole protecting system of cloud platform to ensure its stability and reliability.
引文
[1]中华人民共和国公安部.信息安全技术网络安全等级保护基本要求第2部分:云计算安全扩展要求:GA/T 1390.2-2017[S].2017.
[2]拱长青,肖芸,李梦飞,等.云计算安全研究综述[J].沈阳航空航天大学学报,2017,34(4):1-17.GONG Changqing,XIAO Yun,LI Mengfei,et al.Summary of cloud computing security research[J].Journal of Shenyang Aerospace University,2017,34(4):1-17.
[3]邹涛.云计算环境下信息安全风险评估方法研究[D].南昌:南昌大学,2018.
[4]谭彬,杨明,梁业裕,等.基于等级保护的云计算安全防护体系研究[J].网络空间安全,2017,8(Z4):12-15.TAN Bin,YANG Ming,LIANG Yeyu,et al.Research on security protection system of cloud computing based on hierarchical protection[J].Cyberspace Security,2017,8(Z4):12-15.
[5]张坤.基于云计算技术等级保护测评标准完善的探讨[J].信息系统工程,2017(12):126-127.
[6]中华人民共和国公安部.信息安全技术网络安全等级保护定级指南:GA/T 1389-2017[S].2017.
[7]陈雪秀,沈锡镛,李秋香.网络安全等级保护云计算安全防护技术体系设计[J].警察技术,2017(5):7-10.
[8]徐丽娟,郭臣,张德馨,等.浅析云计算环境下等级保护访问控制测评技术[J].现代工业经济和信息化,2016,6(19):85-89.XU Lijuan,GUO Chen,ZHANG Dexin,et al.Analysis of the access control technology of classified protection in cloud computing environment[J].Modern Industrial Economy and Informatization,2016,6(19):85-89.
[9]冯斌,孙强强,赵铭.一种混合云环境下适应等级保护要求的安全策略[J].电力信息与通信技术,2014,12(10):124-127.FENG Bin,SUN Qiangqiang,ZHAO Ming.A security policy for adapting to classified protection in hybrid cloud environment[J].Electric Power Information and Communication Technology,2014,12(10):124-127.
[10]沈亮,王栋,玄佳兴.电力信息系统云安全风险分析与评估技术[J].电信科学,2018,34(2):153-160.SHEN Liang,WANG Dong,XUAN Jiaxing.Security risk analysis and evaluation techniques in power information system cloud[J].Telecommunications Science,2018,34(2):153-160.
[11]丁伟,唐洁瑶,曹扬,等.电网信息物理系统网络安全风险分析与防护对策[J].电力信息与通信技术,2018,16(9):33-38.DING Wei,TANG Jieyao,CAO Yang,et al.Network security risk analysis and protective countermeasures for power grid cyber physical system[J].Electric Power Information and Communication Technology,2018,16(9):33-38.
[12]刘磊.云计算等新环境下的信息安全等级保护[J].网络安全技术与应用,2016(8):53.
[13]刘川,李志伟,沈卫康.基于云计算及SDN的电力数据中心安全问题分析和防护策略[J].电子设计工程,2016,24(9):136-138,143.LIU Chuan,LI Zhiwei,SHEN Weikang.Analysis and protection strategy of power data center security based on cloud computing and SDN technology[J].Electronic Design Engineering,2016,24(9):136-138,143.
[14]张祥东.基于等级保护策略的云计算安全风险评估探讨分析[J].网络安全技术与应用,2016(6):65-66.
[15]中华人民共和国国家质量监督检验检疫总局,中国国家标准化管理委员会.信息安全技术云计算服务安全指南:GB/T31167-2014[S].2014.
[16]中华人民共和国国家质量监督检验检疫总局,中国国家标准化管理委员会.信息安全技术云计算服务安全能力要求:GB/T 31168-2014[S].2014.
[17]魏勇军.浅谈等级保护技术与云计算[J].网络安全技术与应用,2015(9):63-64.
[18]朱圣才,徐御,金铭彦,等.基于等级保护策略的云计算安全风险评估[J].计算机安全,2013(5):39-42.ZHU Shengcai,XU Yu,JIN Mingyan,et al.Cloud computing security risk assessment based on level protection strategy[J].Computer Security,2013(5):39-42.
[2]拱长青,肖芸,李梦飞,等.云计算安全研究综述[J].沈阳航空航天大学学报,2017,34(4):1-17.GONG Changqing,XIAO Yun,LI Mengfei,et al.Summary of cloud computing security research[J].Journal of Shenyang Aerospace University,2017,34(4):1-17.
[3]邹涛.云计算环境下信息安全风险评估方法研究[D].南昌:南昌大学,2018.
[4]谭彬,杨明,梁业裕,等.基于等级保护的云计算安全防护体系研究[J].网络空间安全,2017,8(Z4):12-15.TAN Bin,YANG Ming,LIANG Yeyu,et al.Research on security protection system of cloud computing based on hierarchical protection[J].Cyberspace Security,2017,8(Z4):12-15.
[5]张坤.基于云计算技术等级保护测评标准完善的探讨[J].信息系统工程,2017(12):126-127.
[6]中华人民共和国公安部.信息安全技术网络安全等级保护定级指南:GA/T 1389-2017[S].2017.
[7]陈雪秀,沈锡镛,李秋香.网络安全等级保护云计算安全防护技术体系设计[J].警察技术,2017(5):7-10.
[8]徐丽娟,郭臣,张德馨,等.浅析云计算环境下等级保护访问控制测评技术[J].现代工业经济和信息化,2016,6(19):85-89.XU Lijuan,GUO Chen,ZHANG Dexin,et al.Analysis of the access control technology of classified protection in cloud computing environment[J].Modern Industrial Economy and Informatization,2016,6(19):85-89.
[9]冯斌,孙强强,赵铭.一种混合云环境下适应等级保护要求的安全策略[J].电力信息与通信技术,2014,12(10):124-127.FENG Bin,SUN Qiangqiang,ZHAO Ming.A security policy for adapting to classified protection in hybrid cloud environment[J].Electric Power Information and Communication Technology,2014,12(10):124-127.
[10]沈亮,王栋,玄佳兴.电力信息系统云安全风险分析与评估技术[J].电信科学,2018,34(2):153-160.SHEN Liang,WANG Dong,XUAN Jiaxing.Security risk analysis and evaluation techniques in power information system cloud[J].Telecommunications Science,2018,34(2):153-160.
[11]丁伟,唐洁瑶,曹扬,等.电网信息物理系统网络安全风险分析与防护对策[J].电力信息与通信技术,2018,16(9):33-38.DING Wei,TANG Jieyao,CAO Yang,et al.Network security risk analysis and protective countermeasures for power grid cyber physical system[J].Electric Power Information and Communication Technology,2018,16(9):33-38.
[12]刘磊.云计算等新环境下的信息安全等级保护[J].网络安全技术与应用,2016(8):53.
[13]刘川,李志伟,沈卫康.基于云计算及SDN的电力数据中心安全问题分析和防护策略[J].电子设计工程,2016,24(9):136-138,143.LIU Chuan,LI Zhiwei,SHEN Weikang.Analysis and protection strategy of power data center security based on cloud computing and SDN technology[J].Electronic Design Engineering,2016,24(9):136-138,143.
[14]张祥东.基于等级保护策略的云计算安全风险评估探讨分析[J].网络安全技术与应用,2016(6):65-66.
[15]中华人民共和国国家质量监督检验检疫总局,中国国家标准化管理委员会.信息安全技术云计算服务安全指南:GB/T31167-2014[S].2014.
[16]中华人民共和国国家质量监督检验检疫总局,中国国家标准化管理委员会.信息安全技术云计算服务安全能力要求:GB/T 31168-2014[S].2014.
[17]魏勇军.浅谈等级保护技术与云计算[J].网络安全技术与应用,2015(9):63-64.
[18]朱圣才,徐御,金铭彦,等.基于等级保护策略的云计算安全风险评估[J].计算机安全,2013(5):39-42.ZHU Shengcai,XU Yu,JIN Mingyan,et al.Cloud computing security risk assessment based on level protection strategy[J].Computer Security,2013(5):39-42.
© 2004-2018 中国地质图书馆版权所有 京ICP备05064691号 京公网安备11010802017129号 地址:北京市海淀区学院路29号 邮编:100083 电话:办公室:(+86 10)66554848;文献借阅、咨询服务、科技查新:66554700 |