摘要
大数据时代,信息安全保障能力的提升与制度体系的完善,是世界各国奋力攀登的制高点和国家战略。本文运用文献分析法、比较分析法,对中外信息安全保障概念、立法原则及其法律制度的演化路径进行深入分析。信息安全保障是大安全观下对信息内容安全、数据安全、物理安全、网络安全和信息基础设施安全等的积极防御措施;其法律制度建设正在由分散走向统一,由单纯立法走向"立法与实施机制"并进;其保障体系正在形成一个由技术、管理、法制、文化等多元素、跨国跨区域、全方位的主动积极防御整体联动框架。中国特色的国家安全体制机制,以及"总体安全观"下以《国家安全法》为基准的信息安全法律体系正走向健全与发展之路;新型信息安全保障体系的构建正在成为前沿课题。
The information security system is a legal regime that ensures the safety of nations, organizations and personal data, and regulates the information security behavior of various social subjects. With the arrival of big data era, information crime incidents such as network hackers, information thefts and privacy violations threaten not only security of network environment, but also national sovereignty of cyber space. Governments have raised "moderate security" principle to "big security" principle of national information security and network security strategy, and have promulgated a series of policies, laws and regulations to maintain information security environment and improve information security capability. According to relevant legislations and researches of each country, this paper analyzes evolutionary path of information security system from three levels of information security concepts, legislative principles and construction of legal system. By using the methods of literature analysis, comparative analysis and comprehensive analysis, the evolution of the concept has experienced three stages: information confidentiality, computer security and information security. The principle has evolved from "moderate security" to "big security". The national information security legal system path has evolved along the communications and computer security legislation, network security legislation and information security system legislation. The legislative framework, legislative scope and legislative content of each stage are different. This paper provides areference for the whole framework of building a new information security system through a multi-angle and three-dimensional analysis. Information security is a positive defense measure of content security, data security, physical security, network security and information infrastructure security under the big security concept. Information security system is moving from dispersion to unity, from simple legislation to "Legislation and Implementation Mechanism". The security system is the formation of a technology, management, legal system, culture and other elements, transnational and cross-regional, all-round active defense overall linkage framework. Above it, some international consensuses have been reached, including information security from passive defense to active defense, information security legislation by the decentralized single-line legislation to a unified legislative transformation, information security efforts to upgrade, the construction of international coverage of information security system become a trend, national information security strategy and its action plan in full swing. Under the guidance of the principle of overall national security, China's national information security guarantee system based on the "National Security Law" is also on the road to soundness and development. In the future, the main research contents in this field should include the new information security initiative defense technology, the overall linkage framework of the new information security system, the all-round construction of the new information security cultural security system and management system, the international information security sharing and risk prevention, and other new contents about the construction of information security system as well. 2 figs. 5 tabs. 105 refs.
出处
《中国图书馆学报》
CSSCI
北大核心
2018年第2期113-131,共19页
Journal of Library Science in China
关键词
信息安全
信息安全法
法律制度
Information security. Information security law. Legal system.