摘要
根据《国家政务信息化项目建设管理办法》和《商用密码应用安全性评估管理办法(试行)》等相关要求,政务信息系统需要在规划、建设和运行阶段合规使用密码技术和产品,确保政务信息系统的安全。提出了政务信息系统密码应用工作流程以及具体技术方案,从政务信息系统中物理和环境安全、网络和通信安全、设备和计算安全、应用和数据安全、密钥管理等层次和维度设计了密码技术的合规应用。
According to the relevant requirements of the National Administrative Measures and the Security Evaluation and Management Measures of Commercial Cryptography Application(Trial),the e-government information system needs to use the cryptography technology and products in compliance with the planning,construction and operation stage to ensure the security of the e-government information system.This paper gives the cryptography application workflow and specific technical scheme of e-government information system,which can guide the compliance application of the levels and dimensions of physical and environmental security,network and communication security,equipment and computing security,application and data security,and key management in e-government information system.
作者
蔡友保
陈翼
冯暄
王斯梁
CAI Youbao;CHEN Yi;FENG Xuan;WANG Siliang(Institute of Computer Science of Sichuan Province,Chengdu 610041,China)
出处
《技术与市场》
2023年第5期36-39,共4页
Technology and Market
基金
四川省重点研发项目(2021YFG0384)
四川省科研院所科技成果转化项目(2022JDZH0019)。
关键词
政务信息系统
密码法
工作流程
技术方案
E-government information system
cryptography law
work flow
technical proposal
