智慧城市信息安全体系研究

Research on Smart City Information Security System

以智慧城市信息安全体系为核心,通过研究国内外信息安全相关标准和文献,结合调研沈阳、嘉兴等城市的智慧城市信息安全需求,从安全管理、安全技术、安全建设与安全运营几个方面分析了智慧城市信息安全风险和安全需求,从安全角色与安全保障2个维度出发,提出了智慧城市信息安全体系框架,明确了智慧城市信息安全体系中的安全角色及其职责,明确了智慧城市安全保障措施的关键要素,梳理了智慧城市安全体系框架中各部分之间的关系,并基于安全体系框架总结了智慧城市信息安全总体要求.可以为现阶段智慧城市的信息安全规划、建设、验收和运营,以及智慧城市信息安全技术研究提供参考.

The smart city information security system covers more aspects than a standalone information system.Through analyzing the main information security risks of smart city and summarizing the general security requirements of smart city,the information security framework of smart city can be figured out,and the roles involved in the smart city information security system and their responsibilities can be clarified.The smart city information security system proposed in this paper reflects the common understanding of the domestic and international information security standards and literatures,and the practice of the smart city development in China.The smart city information security requirements should be addressed from the viewpoints of management,technology,construction and operation.Accordingly the smart city security assurance is presented from the perspectives of strategy,management,technology,construction and operation,and infrastructure support.The main roles in the lifetime of the system are decision maker,administrator,implementor,operator,service provider and consumer.These roles shall support each other to ensure the samrt city information security system operating harmoniously.This paper could be used in the planning,development,acceptance and operation of smart city information security system,and could be a reference for further research of smart city information security.