摘要
论文从核电仪控系统信息安全现状出发,介绍了当前信息安全标准体系现状,根据国内外的核电信息安全导则标准,给出了信息安全风险评估的流程和方法,并提出信息安全防御模型。从制度、物理、网络、主机、应用、数据六个域的角度,对信息安全的资产开展访问控制的主客体识别和信息安全需求分析,为信息安全保护措施的实施提供了一定理论基础。
This paper first introduce nuclear I&C system cyber security status, and then introduce current status of cyber security standards. According to domestic and foreign nuclear power cyber security standard and guide, risk assessment procedures and methods are provided, and security defense model is puts forward.From the point of view of six domain of security including system, physical, network, server, application and data, access control of host and guest identificationis carry out and cyber security requirements analysis based on assets is provided, which establish a certain theoretical basis for the implementation of security controls.
出处
《网络空间安全》
2016年第6期40-43,共4页
Cyberspace Security
关键词
仪控系统
网络安全
风险评估
i&c system
cyber security
risk evaluation
