摘要
以等级保护标准规范为基础,遵循等级保护、风险评估等各项标准和规范,结合电力监控系统的特点,建立适合于电力监控系统的安全基线库及漏洞库。改变现有的全人工的等级保护安全测评方式,利用安全基线等技术手段,建立安全基线模型,设计等级保护合规分析模块,实现等保测评的自动化、常态化,并实现信息安全的闭环管理。
On the basis of grade protection standard specification,following the standards and specifications of grade protection,risk assessment and so on,combined with the characteristics of power monitoring system,a safety baseline library and vulnerability library suitable for power monitoring system is established.We should change the existing all manual rating protection safety assessment method,establish the safety baseline model by using the safety baseline and other technical means,design the grade protection compliance analysis module,realize the automation and normalization of the equal protection evaluation,and achieve the closed loop management of information security.
作者
朱红勤
陈艳
Zhu Hongqin;Chen Yan(State Grid Nanjing Power Supply Company,Nanjing Jiangsu 210019,China;State Grid Yangzhou Power Supply Company,Yangzhou Jiangsu 225000,China)
出处
《信息与电脑》
2017年第24期29-31,共3页
Information & Computer
关键词
等级保护
安全基线
电力监控系统
level protection
safety baseline
power monitoring system
