摘要
为全面落实拜登政府2021年颁布的《关于改善国家网络安全》,美国管理和预算办公室发布《联邦零信任战略》,该战略旨在摆脱传统的基于边界的网络防御,转向对所有用户、设备、应用程序及业务的持续验证。通过阐述零信任实施的5大目标,提供整合身份系统、运营设备资产清单、加密进出流量等行动措施,并强调了支柱工作的短期、长期时限,以供联邦各机构着手实施零信任。
In order to fully implement the Executive Order on Improving the Nation’s Cybersecurity issued promulgated the Biden administration in 2021,the U.S.Office of Management and Budget issued the Federal Zero Trust Strategy,which aims to move away from traditional perimeter-based cyber defenses and turn to continuous protection of all users,devices,applications and businesses.By articulating five goals for the implementation of the zero trust strategy,providing actions such as integrating identity systems,operating device asset inventories,encrypting incoming and outgoing traffic,and highlighting short-and long-term timelines for the pillars of work for federal agencies to begin implementing zero trust.
作者
无
郝志超(译)
张依梦(译)
无;HAO Zhichao;ZHANG Yimeng(United States Office of Management and Budget;No.30 Institute of CETC,Chengdu Sichuan 610041,China;China Electronics Technology Cyber Security Co.,Ltd.,Chengdu Sichuan 610041,China)
出处
《信息安全与通信保密》
2022年第4期44-51,共8页
Information Security and Communications Privacy
关键词
零信任
身份认证
数据安全
网络分析
zero trust
identity authentication
data security
network analysis
