摘要
随着信息通信技术(ICT)在党政部门、重点行业领域的普及应用,加强ICT产品服务供应链的安全可控保障变得至关重要。研究从指标框架、指标体系、指标释义和实施过程等方面构建了一套针对关键信息基础设施ICT供应链安全的评估指标体系,该体系主要围绕关键信息基础设施ICT供应链涉及的各个方面衡量其安全性,并输出可能的风险点,可作为评价关键信息基础设施ICT供应链安全程度的依据,进而促进关键信息基础设施ICT供应链安全的检测评估工作开展。
With the popularization and application of information and communication technology(ICT)in party,government departments and key industries,it is very important to strengthen the security and controllable guarantee of ICT product service supply chain.The risk assessment system for ICT supply chain security of critical information infrastructures from the index framework,index system,index definition and implementation process.The system mainly measures the security around all aspects of key information infrastructure of ICT supply chain,and outputs possible risk points,which can be used as the basis for evaluating the security degree of key information infrastructure ICT supply chain.Then,the system can promote the detection and evaluation of ICT supply chain security of key information infrastructure.
作者
王博
吴舟婷
吴倩
罗森林
WANG Bo;WU Zhouting;WU Qian;LUO Senlin(National Computer Network Emergency Response Technical Team/Coordination Center of China,Beijing 100029,China;Beijing Institute of Technology,Beijing 100081,China)
出处
《信息安全与通信保密》
2020年第12期103-111,共9页
Information Security and Communications Privacy
关键词
信息通信技术
关键信息基础设施
供应链
风险评估
information and communication technology
critical information infrastructures
supply chain
risk assessment
