摘要
随着云服务模式的广泛采用,不同厂商的云平台已大规模实际应用,云安全受到广泛关注。基于等级保护标准对云安全防护的要求,从云安全防护能力的第三方监管角度,提出了多云安全监管模型、云安全监测机制、云安全评估机制和云安全管控机制,以便监测云内资产状态,评估安全合规性,快速分析定位安全问题,优化安全部署和防护策略。
With the wide adoption of cloud service models,cloud platforms from various vendors are applied on a large scale.More and more attention is paid to cloud security.Based on the requirements of hierarchical protection standards for cloud security protection from the perspective of third-party supervision of cloud security protection capabilities,this paper proposes a multi-cloud security supervision model,cloud security monitoring mechanism,cloud security assessment mechanism and cloud security management and control mechanism,so as to monitor the status of assets in the cloud,evaluate security compliance,quickly analyze and locate security issues,and optimize security deployment and protection strategies.
作者
伍荣
刘晓毅
王进
崔阳
温尚国
郝子龙
WU Rong;LIU Xiaoyi;WANG Jin;CUI Yang;WEN Shangguo;HAO Zilong(No.30 Institute of CETC,Chengdu Sichuan 610041,China)
出处
《信息安全与通信保密》
2022年第5期81-89,共9页
Information Security and Communications Privacy
基金
国防科技重点实验室项目“面向边缘计算的异构密态分布式存储研究”(No.6142103010711)。
关键词
多云安全监管
云安全监测
云安全评估
云安全管控
multi-cloud security management
cloud security monitoring
cloud security assessment
cloud security control
