摘要
针对广州蓄能发电厂相关信息系统的现状,结合信息安全等级保护测评存在问题,依据国家等级保护的有关标准和规范,进行重新规划和合规性整改,提出了基于可信计算和主动防御的等级保护体系模型,在可信计算技术和主动防御技术理念的指引下,利用密码、代码验证、可信接入控制等核心技术,在"一个中心三重防御"的框架下实现对信息系统的全面防护,旨在建立一个完整的安全保障体系,有效保障其系统业务的正常开展,保护敏感数据信息的安全。
Based on the present situation of information system in Guangzhou Pumped Storage Power Station, aiming at the existing problems in infosec hierarchical protection evaluation, and in accordance with the related standards of national hierarchical protection, this paper proposes a hierarchical protection architecture model based on trusted computing and active defense. With password, password validation, trusted access control and other core technologies, and under the framework of" one center, triple defenses", the comprehensive protection of information systems is realized, thus to build up a complete security assurance architecture and ensure the security of sensitive data information.
出处
《信息安全与通信保密》
2013年第12期127-129,133,共4页
Information Security and Communications Privacy
关键词
信息安全
可信计算
主动防御
等级保护
information security
trusted computing
active defense
hierarchical protection
