[转载]基于APDR信息系统安全防护体系模型的分级防护策略研究
文章作者:裴晋泽 国防科大Classified Protection Policy Based on APDR Information System
Security Protection Architecture Model
裴晋泽1 胡华平1 周金泉1,2
(1 国防科技大学计算机学院 湖南 长沙 410073,
2 昆明陆军学院 云南 昆明 650207)
摘要:信息时代网络安全正成为社会关注的焦点,积极研究科学的计算机信息系统安全防护体系模型和制定分级防护安全策略,对构筑安全的信息系统具有极为重要的意义。本文在提出APDR信息系统安全防护体系模型的基础上,对信息系统中信息价值级别及其可能面临的最大威胁强度进行了划分,并针对相应的安全防护强度等级和安全防护技术等级制定出了相应的安全防护策略,这对信息系统进行安全防护体系设计具有非常重要的意义。
关键词:信息类型;威胁级别;分级防护;安全策略;安全防护体系;信息系统
Abstract:With the rapid development of information technology, network security has become an urgent social problem. It is very significant for building Computer Information System (CIS) security to study scientific CIS security protection architecture model and establish classified security policy. By the related study, an APDR(Analysis and Assessment Protection Detection Response and recovery)security protection architecture model is proposed. Based on the model, Information Value Level and the biggest threat strength of CIS are compartmentalized, and according to the different Security Protection Strength Level and Security Protection Technology Level, security protection policy is presented correspondingly. The study result will bring important effect to design more effective CIS security protection architecture.
Key words:information class;threat level;classified protection;security policy;security protection architecture;information system
页:
[1]