摘要
随着信息化的不断发展,电子政务和电子商务的模式被广泛应用,中国政府也在逐步采用计算机和互联网技术,采用网上交易系统实现网上交易业务模式,但同时这些系统面临了大量的安全风险,合理控制这些风险成为该系统建设的重中之重。文中通过对业务流程、系统生命周期和安全层次进行安全风险分析,并提出了有效的系统安全控制措施,从信息系统自身的安全风险和需求出发,结合国家信息安全等级保护相关要求,形成了覆盖安全管理和安全技术的网上交易系统安全控制。
With rapid development of IT technology, e-government e-commerce models are widely accepted and applied. The Chinese government also gradually realizes the online transaction model through the adoption of computer and Internet techniques, online trading system, although these techniques and system inevitably faces various security risks. Thus, how to reasonably control these risks becomes the most important task in the process of system construction. Based on security and risk analyses of service process, system lifecycle and security level, effective control measures of systems security are proposed. From the security risks and needs of the information system itself, and in combination with the related requirements of national information classified security protection, a safety control of online transaction system, covering safety management and safety technology is formed.
出处
《信息安全与通信保密》
2012年第7期126-128,131,共4页
Information Security and Communications Privacy
关键词
网上交易系统
安全风险
安全控制
等级保护
online transaction system
security risk
security control
classified protection