摘要
关键信息基础设施是国家重要的战略资产,很多国家都对关键信息基础设施进行重点保护,识别认定关键信息基础设施是对其进行安全保护的前提,也是实践中的难点之一.美国、欧盟等很早就开始对关键(信息)基础设施进行保护,在识别认定关键(信息)基础设施方面形成了一些值得借鉴的做法和经验,如遵循"关键领域-关键业务-所需资源"的方法、建立基于后果的识别认定准则等.我国正在制定《关键信息基础设施安全保护条例》,明确提出要制定关键信息基础设施识别指南并据此开展认定,美欧关于识别认定关键(信息)基础设施的做法对我国具有诸多启示,有必要进行深入研究,并据此提出对我国的相关建议.
Critical information infrastructure is the strategic asset of a nation.Many countries have raised critical infrastructure to the national strategic level to protect it.The identification of critical information infrastructure is the precondition to its protection,and is also one of the difficulties in practice.The United States and EU began to protect critical(information)infrastructure very early,and had formed some valuable practices on the identification,such as following the“key areas-key business-resources required”method,result-based identification criteria etc.China is developing the regulations on the protection of critical information infrastructures,which clearly put forward to develop critical information infrastructures identification guidelines and accordingly to identify.The practice of the identification of critical(information)infrastructure in the United States and EU has a lot of enlightenment to china.
作者
闫晓丽
孟洪杰
Yan Xiaoli;Meng Hongjie(Institute of Cyber-Space, China Center for Information Industry Development, Beijing 100846;The 33rd Research Institute, China Electronics Technology Group Corporation, Taiyuan 030032)
出处
《信息安全研究》
2017年第10期941-945,共5页
Journal of Information Security Research
关键词
美国
欧盟
关键信息基础设施
识别认定
启示
The United States
The European Union
critical information infrastructure
identification
enlightenment
