基于零信任的省级气象信息网络防护技术研究
    点此下载全文
引用本文:刘晓波1,2,冯冼1,张思睿1,郑秋生1,周武宁3.基于零信任的省级气象信息网络防护技术研究[J].计算技术与自动化,2024,(2):151-155
摘要点击次数: 24
全文下载次数: 0
作者单位
刘晓波1,2,冯冼1,张思睿1,郑秋生1,周武宁3 (1.湖南省气象信息中心,湖南 长沙 4101182.气象防灾减灾湖南省重点实验室湖南 长沙 4101183.奇安信科技集团股份有限公司湖南 长沙 410000) 
中文摘要:随着省级气象部门对外服务统一出口要求,系统和数据逐步集约化,部分省级单位建立了专门对外提供数据服务的数据中台,传统网络安全技术在当前新的业务形态和场景下显得捉襟见肘。零信任作为一种全新的网络安全理念,为重构网络安全架构提供了理论指引。设计了一种基于零信任的适用于省级气象部门的安全架构体系,并基于零信任构建了气象网络的可信访问通道解决数据访问管道安全问题,提出了一种数据动态授权访问的方法解决气象数据安全访问授信问题,给出终端可信空间方案解决端上数据泄露问题。
中文关键词:零信任模型  动态授权  可信访问通道  可信终端空间
 
Research on Provincial Meteorological Information Network Protection Technology Based on Zero Trust
Abstract:With the unified export requirements for external services of provincial meteorological departments,the system and data are gradually intensified,and some provincial units have established data centers dedicated to providing external data services,and traditional network security technology is strained under the current new business forms and scenarios. As a new concept of network security,zero trust provides theoretical guidance for reconstructing network security architecture. This paper designs a zero-trust-based security architecture applicable to provincial meteorological departments,constructs a trusted access channel of meteorological network based on zero-trust to solve the security problem of data access pipeline,proposes a method of dynamic data authorization access to solve the problem of meteorological data security access credit,and proposes a terminal trusted space scheme to solve the data leakage problem on the terminal.
keywords:zero trust model  dynamic authorization  trusted access channel  trusted terminal space
查看全文   查看/发表评论   下载pdf阅读器