摘要
等级保护制度是国内网络安全领域的基本制度,需要对等保安全保障方案防护能力进行分析评估,要求安全保障机制形成体系,满足“可信、可控、可管”的要求。在等级保护信息系统的特点和能力要求下,针对信息系统时刻面临的网络安全问题,提出了一种以业务流程为保护对象,通过轻量级软件重建应用场景,在应用场景下,从安全属性和信息流角度模拟攻击行为和部署纵深防御机制,通过安全攻防的推演来判断系统安全防护能力的安全分析方法。该方法针对等级保护对网络系统安全防御的要求提出,可以低成本模拟多种应用场景,分析应用的安全性并尝试不同安全保障改进方案的效果。最后,通过工业控制系统震网病毒应用实例说明了该方法的实施方式和验证效果。
Graded protection system is the basic system of Cyberspace Security in China.It needs to analyze and evaluate the protection capability of peer-to-peer protection security scheme,and requires the security mechanism to form a system to meet the requirements of"credibility,controllability and manageability".Under the characteristics and capability requirements of graded protection information system,aiming at the network security problems faced by information system at all times,a security analysis method is proposed,which takes the business process as the protection object,reconstructs the application scenario through lightweight software,simulates the attack behavior and deploys the defense in depth mechanism from the perspective of security attributes and information flow,and judges the system security protection capability through the deduction of security attack and defense.This method is proposed in response to the requirements of graded protection for network system security defense,which can simulate a variety of application scenarios at low cost,analyze the security of the application and try the effect of different security improvement schemes.Finally,an application example of Stuxnet virus in an industrial control system is used to illustrate the implementation and verification effect of the method.
作者
回赛男
胡俊
HUI Sai-nan;HU Jun(Faculty of Information,Beijing University of Technology,Beijing 100124,China)
出处
《计算机技术与发展》
2022年第8期96-102,共7页
Computer Technology and Development
基金
国家重点研发计划(2I007016202102)。
关键词
等级保护
轻量级
应用场景
攻击模拟
防御模拟
grade protection
lightweight
application scenario
attack simulation
defense simulation
