摘要
企业知识资产不仅需要创造,同样也需要保护。本文分析了常用的文档、操作系统、口令、物理隔离等加密手段的局限,提出了基于企业利益的文档安全管理目标,即实时透明加密、多种介质兼容、集中远程控制、操作程序限制、身份权限验证、动态授权管理六个方面;探讨了文档安全管理系统的工作原理和系统组成及其在企业中的应用策略,即采用数据库管理文档的方式、RBAC与DAC结合的动态授权机制以及自动透明加密技术策略等等。
The enterprise knowledge property not only needs to create, also needs to protect. This paper analyzes the limitations of common encryption methods such as document,operating system,password and physical isolation, then proposes the document security management objectives based on enterprise's interests, such as real-time transparent encryption, multi-media compatibility, centralized remote control, operating procedures limit, identity access authentication, dynamic authorization management. Lastly, discusses the document security management system principles and the components and application strategies in the enterprises:using database management of the document, dynamic authorization mechanism combining RBAC with DAC, and automatic transparent encryption technology strategy, etc.
出处
《图书情报知识》
CSSCI
北大核心
2010年第2期106-110,共5页
Documentation,Information & Knowledge
关键词
文档加密
安全系统
企业知识资产
Document encryption Security system Enterprise knowledge property
