摘要
随着电子政务事业的不断发展,跨部门的信息共享需求快速增加,目前采用的主要方式有部门之间直连共享、借助基于电子政务外网的政务信息资源交换共享平台进行信息共享等2种方式,但由于涉及部门多、系统多,这2种共享方式存在的网络信息安全问题也日益严重.零信任模型力图通过对信息系统和服务进行精准访问,消除判定所存在的不确定性来提高安全性,其本质是安全理念上从以系统为中心边界防护到以资源为中心动态防护的转变.通过对目前电子政务信息共享中存在的问题及其产生的原因进行分析,结合现有的技术,站在政府部门的角度,提出基于零信任模型的信息共享方案,并对其应用中存在的问题进行阐述.
With the continuous development of e-government,the demand for information sharing across departments is increasing rapidly.At present,there are two main ways to share information:direct connection between departments,and information exchanging and sharing method with the help of government information resources exchange and sharing platform based on the e-government external network.However,the problems of network information security exist in these two ways of sharing is getting worse because of many departments and systems which are involved.The zero trust model tries to improve security by accurately accessing information systems and services and eliminating the uncertainty in decision making.Its essence is the change of security concept from system-centric boundary protection to resource-centric dynamic protection.This paper analyses the problems and reasons of information sharing in e-government,puts forward the information sharing scheme based on zero trust model from the perspective of government departments combining the existing technology,and describes the problems in its application.
作者
达钰鹏
陈艳春
Da Yupeng;Chen Yanchun(School of Economics and Management,Shijiazhuang Tiedao University,Shijiazhuang 050043;Information Center,Hebei Provincial Department of Human Resources and Social Security,Shijiazhuang 050071)
出处
《信息安全研究》
2021年第8期739-744,共6页
Journal of Information Security Research
基金
河北省推进数字经济与实体经济融合发展对策研究项目(21557623D)。
关键词
零信任模型
电子政务外网
信息共享
动态访问控制
数据安全
等级保护
zero trust model
e-government external network
information sharing
dynamic access control
data security
classified protection