新形势下档案网络安全等级保护:变化与对策

Classified Protection of Archives Network Securityin the New Situation:Changes and Countermeasures

2017年《中华人民共和国网络安全法》的施行将等级保护工作提升到法律层面,随后9个相关国家标准先后完成修订,原档案信息系统安全等级保护相关文件的局限性逐渐凸显。在分析当前档案信息化建设面临云计算、物联网、大数据、移动互联网的新技术环境与我国等级保护2.0体系要求变化的基础上,构建了包含法规标准层、对象层、保障层、制度层、目标层的档案网络安全等级保护框架,梳理了档案网络安全等级保护工作的角色和流程,提出了重视新技术档案安全扩展要求建设、构建纵深互补的档案安全防御体系、保证档案系统内外一致的安全强度、健全长效的档案安全集中管理机制的档案网络安全建设建议。

The implementation of the Internet Security Law of the people's Republic of China in 2017 has promoted the work of classified protection to the legal level.Subsequently,nine relevant national standards were revised successively.The limitation of the original archives information system security classified protection related documents is gradually highlighted.This paper analyzes the new technology environment of cloud computing,Internet of things,big data and mobile Internet in the current archives informatization construction,and the changes of China's classified protection 2.0 system requirements.The new technology environment of cloud computing,Internet of things,big data and mobile Internet in the current archives informatization construction,and the changes of China's classified protection 2.0 system requirements were analyzed.This paper constructs a classified protection framework of archival network security,which includes standard layer,object layer,guarantee layer,system layer and target layer,and combs the role and process of classified protection of archival network security,and puts forward some suggestions on the construction of archives network security,such as attaching importance to the construction of new technology archives security expansion requirements,building a complementary archives security defense system,ensuring the consistent security intensity inside and outside the archives system,and improving the long-term centralized management mechanism of archives security.