摘要
工业互联网作为国家重点信息基础设施的重要组成部分,正在成为全世界最新的地缘政治角逐战场。工业控制系统由封闭状态直接或者间接的与互联网连接,其固有的安全弱点将被暴露在互联网上并被无限放大,成为黑客未来攻击的热点和重点。如何确保工业企业的网络安全,保障国家和社会经济正常运转成为国家和企业的重要研究课题。从用户身份和访问控制的角度探讨由政府层面统筹规划建立的基于云服务模式的身份和访问控制体系模型的可行性,并描述了相应的建设内容,为工业互联网时代的企业网络安全建设提供了一个思路。
As an important part of national key information infrastructure,Industrial Internet is becoming the latest geopolitical battlefield around the world.Industrial control system is directly or indirectly connected to the Internet from a closed state,its inherent security weaknesses will be exposed on the Internet and infinitely amplified,and becoming a hot spot and focus of hacker attacks in the future.How to ensure the cyber security of industrial enterprises and ensure the normal operation of country and social economy becomes an important research topic for country and enterprises.From the perspective of user identity and access control,this paper discusses the feasibility of establishing an identity and access control system model based on cloud service mode by overall planning at the government level,and describes the corresponding construction content,which provides an idea for enterprise cyber security construction in the era of industrial Internet.
作者
吕波
LYU Bo(Petro-CyberWorks Information Technology Co.,Ltd.,Beijing 100020,China)
出处
《信息安全与通信保密》
2022年第2期99-108,共10页
Information Security and Communications Privacy
关键词
工业互联网
工业企业
用户身份
访问控制
industrial internet
industrial enterprise
user identity
access control