摘要
目前,有组织、有预谋的网络攻击成为常态,传统以合规性要求为基础的网络安全防护方法面临挑战。首先,文章讨论威胁驱动的网络安全防护模型内涵及结构;然后,分析威胁驱动的网络安全防护模型的应用;最后,提出威胁驱动的网络安全防护新思路。研究将威胁发现融入安全防护各个环节的方法,所提方法有助于提升新技术条件下的网络安全防护能力。
Under the new situation of cyber attacks getting more and more systematic and premeditative,the traditional cyber security protection approach with compliance requirements faces strong challenges.Firstly,the connotation and structure of threat-driven cyber security protection model is discussed.Then,the application of threat-driven cyber security protection model is studied.Finally,a threat-driven cyber security protection method is presented,and the threat discover is considered in each cyber security protection phase.The presented method will improve the ability of cyber security protection in the future.
作者
兰昆
喻显茂
唐林
LAN Kun;YU Xianmao;TANG Lin(China Electronic Science and Technology Network Information Security Co.,Ltd.,Chengdu 610041,China;State Grid Sichuan Electric Power Company,Chengdu 610041,China)
出处
《电力信息与通信技术》
2020年第10期20-27,共8页
Electric Power Information and Communication Technology
基金
军委装备发展部装备预研领域基金项目“面向复杂战场环境的物联网软件链漏洞分析与安全增强技术研究”(61403120502)
四川省重大科技专项项目“智能汽车网络安全模型”(2018GZDZX0008)。
关键词
威胁驱动
网络安全
防护模型
threat-driven
cyber security
protection model
