摘要
目的:剖析在"互联网+医疗"迅速发展的情况下,移动互联网安全的建设思路和实践方案。方法:以北京协和医院患者手机App为研究对象,在设计、研发和运行中进行迭代优化,梳理患者手机App的安全体系架构,调整和加固系统架构。结果:经过两年的努力已经取得良好成果,并通过了国家等级保护三级测评。结论:结合测评总结移动互联网安全的建设方案,并针对上线运行过程中受到非法入侵时进行技术应对的成功经验进行总结,在领域内具有参考意义。
Objective: To analyze the construction thought and practice plan of mobile Internet security under the rapid development of "Internet+health care". Methods: Patients’ App in our hospital is taken as the research object, and iteratively optimized in design,R&D and operation. The security system architecture of patients’ App system is sorted out, and the system architecture is adjusted and strengthened. Results: After two years of efforts, good results have been achieved, and it has passed the third-level evaluation of national grade protection. Conclusion: This paper summarizes the construction plan of mobile Internet security based on evaluation,and summarizes the successful experience of technical response when illegal intrusion occurs during online operation, which has reference significance in the field.
作者
孙国强
由丽孪
陈思
朱雯
朱卫国
孟晓阳
SUN Guo-qiang;YOU Li-luan;CHEN Si(Information Management Department,Peking Union Medical College Hospital,China Academy of Chinese Medical Sciences,Beijing 100730,P.R.C)
出处
《中国数字医学》
2019年第8期94-96,共3页
China Digital Medicine
关键词
信息安全等级保护
等保测评
APP
information security grade protection
grade protection evaluation
App