摘要
对集团内相关安全机制和管理方法进行了研究。在此基础上,提出了对“系统、网络、运维、用户”四个层面的信息安全管理举措,形成了统一的一体化安全管理体系,实现了从管理理念到技术保障、系统建设、运维支持和用户应用的全方位信息安全管理架构。在有关单位执行过程中,保证了系统的安全性、完整性、实用性;能有效提高安全信息系统的安全管理水平和安全保障能力。该体系对安全信息系统建设、评价、运维具有指导作用。
The relevant security mechanism and management methods within the group are studied.On this basis,it puts forward information security management measures at four levels of"system,network,operation and maintenance,user",forms a unified integrated security management system,and realizes comprehensive information security management architecture from management concept to technical support,system construction,operation and maintenance support,and user application.In the execution process of the relevant units,the security,integrity and practicability of the system are guaranteed;it can effectively improve the security management level and security guarantee ability of security information system.The system plays a guiding role in the construction,evaluation,operation and maintenance of security information system.
作者
惠建新
乔德志
娄洪伟
HUI Jianxin;QIAO Dezhi;LOU Hongwei(Purple Mountain Observatory,Chinese Academy of Sciences,Nanjing 210023,China;Dalian Institute of Chemical Physics,Chinese Academy of Sciences,Dalian 116023,China;Changchun Institute of Optics,Fine Mechanics and Physics,Chinese Academy of Sciences,Changchun 130033,China)
出处
《现代信息科技》
2021年第11期158-161,165,共5页
Modern Information Technology
基金
中国科学院十三五信息化专项项目(XXH13507-2)。
关键词
ISMS
系统管理
体系框架
安全信息
ISMS
system management
system framework
security information
