期刊文献+

美国政府云计算安全策略分析与思考 被引量:6

Research on Security Policies of U.S Government Cloud
下载PDF
导出
摘要 近年来,政务云成为各国电子政务发展的新方向。文章介绍了美国政府云计算的发展现状及趋势,深入分析了美国联邦政府和主流云服务商在云计算安全保障上的战略、方案和措施,并且从合规性需求、传统安全发展趋势、云中安全技术发展趋势、云中安全管理发展趋势等几个方面提出了对我国政务云安全建设的一些思考。 Recently, E-government cloud construction is carried out by governments. In this paper, the development of U.S government cloud is introduced, and the cloud security strategies adopted by U.S. government and mainstream cloud providers are deeply analysis. Based on the requirements of compliance and the development trend of security technology and security management in cloud, some considerations on our government cloud security strategies are proposed.
出处 《信息网络安全》 2015年第9期257-261,共5页 Netinfo Security
基金 北京市工程实验室创新能力建设项目[132110108084000558]
关键词 政务云 安全 FedRAMP NIST云计算安全参考架构 government cloud security FedRAMP NIST cloud computing security reference architecture
  • 相关文献

参考文献15

  • 1Vivek Kundra. A25-Point Implementation Plan to Reform Federal IT Management [EB/OL]. https://www.whitehouse.gov/sites/default/ files/omb/assets/egov docs/25 -point-implementation-plan-to -reform- federal-it.pdf, 2010/2015-6-16.
  • 2Vivek Kundra. Federal Cloud Computing Strategy [EB/OL]. https:// www.dhs.gov/sites/default/files/publications/digital-strategy/federal- cloud- computing-strategy.pdf, 2011/2015-6-16.
  • 3GAO. CLOUD COMPUTING Additional Opportunities and Savings Need to Be Pursued [EB/OL], http://www.gao.gov/assets/670/666133. pdf, 2014/2015-6-16.
  • 4侯俐至,崔毅东.基于Cloud Foundry的云计算PaaS平台拓扑展示设计与实现[J].信息网络安全,2014(8):55-60. 被引量:5
  • 5IDC. Technology Selection: Government Cloud Spending by U.S. Federal Agency - Growth and Slight Contraction [EB/OL]. http://www. idc.com/getdoc.jsp?containerld= GI241746, 2013/2015-6-16.
  • 6章恒,禄凯.构建云计算环境的安全检查与评估指标体系[J].信息网络安全,2014(9):115-119. 被引量:11
  • 7NIST. NIST Special Publication 500-299 NIST Cloud Computing Security Reference Architecture [EB/OL]. http://collaborate.nist.gov/ twiki-cloud-computing/pub/CloudComputing/CloudSecurity/NIST_ Security_Reference_Architecture_2013.05,15_vl.0.pdf, 2015-6-16.
  • 8王威,吴羽翔,金鑫,李宁滨.基于可信第三方的公有云平台的数据安全存储方案[J].信息网络安全,2014(2):68-74. 被引量:14
  • 9IDC. IDC MarketScape: U.S. Government Private Cloud IaaS 2014 Vendor Assessment [EB/OL]. http://idcdocserv.com/252460e HP, 2014/2015-6-16.
  • 10AWS. Amazon Web Services: Overview of Security Processes [EB/OL]. https://media.amazonwebservices.cona/pdf/AWS_Security_ Whitepaper.pdf, 2014/2015-6-16.

二级参考文献83

  • 1林秦颖,桂小林,史德琴,王小平.面向云存储的安全存储策略研究[J].计算机研究与发展,2011,48(S1):240-243. 被引量:19
  • 2卓继亮,蔺慧丽,李先贤.具有可信第三方的认证协议的安全性[J].计算机应用研究,2004,21(12):109-112. 被引量:4
  • 3王飞,康晓博.基于第三方支付平台的银行卡网上支付模式研究[J].华南金融电脑,2006,14(10):56-59. 被引量:3
  • 4泽华.基于DB2的DBaaS系统中计算资源隔离方法研究与实现[D].天津:天津大学,2011.
  • 5Assessing the Security Risks of Cloud Computing[R]. Gartner, 2008.
  • 6Top Threats to Cloud Computing V1,0[R], Cloud Security Alliance,2010.
  • 7The Notorious Nine Cloud Computing Top Threats in 2013[R].Cloud Security Alliance, 2013.
  • 8云控制矩阵(CCM)V3.0[R].Cloud Security Alliance, 2013.
  • 9NIST 800—144: Guidelines on Security and Privacy in Public CloudComputing [R]. National Institute of Standards and Technology,USA,2011.
  • 10关于国内外云计算组织有关标准分析[R]. ISO/IEC JTC1 SC38,2011.

共引文献50

同被引文献34

  • 1武少杰.云计算下虚拟环境安全的关键技术研究[D].郑州:解放军信息工程大学,2012.
  • 2LIN Guoyuan, BIE Yuyu, LEI Min, et al. ACO-BTM A Behavior Trust Model in Cloud Computing Environment [J]. International Journal of Computational Intelligence Systems, 2014, 7(4):785-795.
  • 3BELL D E, PADULA L J L. Unified Exposition and Multics Interpretation[R]. USA: Secure Computer System. MTR 2997 Rev 1, 1976.
  • 4Biba K J. Integrity Consideratiom for Secure Computer Systems[R]. USA: US Air Force Electronic System Division, Technical Report. MTR 3153, 1977.
  • 5MYERS A C, LISKOV B. Protecting Privacy Using the Decentralized Label Model [J]. ACM Transactiom on Computer Systems, 2000, 9(4):410-442.
  • 6SHI Q, ZHANG N. An effective model for composition of secure systems [J]. The Journal of Systems and Software, 1998, 43 (3) :233-244.
  • 7LU W P, SUNDARESHAN M K. A model for multilevel security in computer networks [J]. IEEE Transactions on Software Engineering, 1990, 16(6): 647-659.
  • 8LEVIN TE, IRVINE CE, NGUYEN TD. Least Privilege in Separation Kernels [C]//IEEE. Proceedings of the IEEE International Conference on Security and Cryptography. Piscataway, NJ: IEEE Press, 2006: 355-362.
  • 9RUSHBY J. Noninterference, Transitivity, and Channel-control Security Policies[R]. Menlo Park: Stanford Research Institute, CSL-92-02, 1992.
  • 10DIJKSTRA E W. Hierarchical Ordering of Sequential Processes. Operating System Techniques, 1972.

引证文献6

二级引证文献24

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部