网络安全等级保护测评中网络和通信安全测评研究

doi:10.3969/j.issn.1671-1122.2018.09.003

信息网络安全 ›› 2018, Vol. 18 ›› Issue (9): 19-24.doi: 10.3969/j.issn.1671-1122.2018.09.003

网络安全等级保护测评中网络和通信安全测评研究

黎水林, 陈广勇, 陶源

公安部第三研究所,上海 200031

收稿日期:2018-07-17 出版日期:2018-09-30 发布日期:2020-05-11
作者简介:
作者简介：黎水林（1981—）,男,湖北,助理研究员,硕士,主要研究方向为信息网络安全;陈广勇（1973—）,男,北京,副研究员,硕士,主要研究方向为信息网络安全;陶源（1981—）,男,江苏,高级测评师,博士,主要研究方向为等级保护、大数据安全。
基金资助:
国家重点研发计划[2018YFB0803503]

Research on Testing and Evaluation of Network and Communication Security in Classified Cybersecurity Protection

Shuilin LI, Guangyong CHEN, Yuan TAO

The Third Research Institute of Ministry of Public Security, Shanghai 200031, China

Received:2018-07-17 Online:2018-09-30 Published:2020-05-11

摘要/Abstract

摘要：

目前,网络安全等级保护系列国家标准大部分已基本修订完成,近期将正式颁布。文章针对新版国家标准《信息安全技术网络安全等级保护基本要求》（送审稿）,分析了其中网络和通信安全层面控制点的变化,并对该层面重要控制点的测评方法进行了详细阐述,为测评机构开展网络安全等级保护测评工作提供了参考。

关键词: 网络安全等级保护, 网络安全等级测评, 网络和通信安全

Abstract:

At present, most of the national standards of classified cybersecurity protection have been basically revised, and will be formally promulgated in the near future. In view of the new national standard "information security technology - evaluation requirement for classified cybersecurity protection" (draft), this paper analyzes the change of control points in the network and communication security level, and expounds the evaluation methods of important control points in this level, and provides reference for the evaluation organization of classified cybersecurity protection.

Key words: classified cybersecurity protection, testing and evaluation for classified cybersecurity protection, network and communication security

中图分类号:

TP309

黎水林, 陈广勇, 陶源. 网络安全等级保护测评中网络和通信安全测评研究[J]. 信息网络安全, 2018, 18(9): 19-24.

Shuilin LI, Guangyong CHEN, Yuan TAO. Research on Testing and Evaluation of Network and Communication Security in Classified Cybersecurity Protection[J]. Netinfo Security, 2018, 18(9): 19-24.

图/表 1

参考文献 15

[1]	GUO Qiquan, et al.Training Course of Network Security Law and Network Security Classification Protection System (2018) [M]. Beijing: Publishing House of Electronics Industry, 2018.
[2]	ZHAO Yanling.The New Ideas and Technologies of American Cybersecurity Game-change program[J]. Netinfo Security, 2015, 15(9) : 50-53.
	赵艳玲. 美国改变网络空间安全游戏规则的新理念与新技术[J]. 信息网络安全,2015,15(9):50-53.
[3]	ZHANG HuanGuo, HAN WenBao, LAI XueJia, et al.Survey on Cyberspace Security[J]. Science China Information Sciences, 2015, 58(11) :1-43.
[4]	LI Jing, LIU Hongmei, LIU Yangzi.Overview of Network Security Strategies of Major Foreign Countries[J]. China Infornation Security, 2012 (7) : 34-37.
	李婧, 刘洪梅, 刘阳子. 国外主要国家网络安全战略综述[J]. 中国信息安全, 2012 (7) : 34-37.
[5]	ZHANG Y C, FENG S D, ZHAO S, et al. Research on Critical Information Infrastructure Security[J]. Modern Science & Technology of Telecommunications, 2015 (5).
[6]	Standardization Administration of the People's Republic of China. Information Security Technology—Evaluation Requirements for Classified Protection of Cybersecurity (draft) [S]. Beijing:Standards Press of China,2018.
[7]	Standardization Administration of the People's Republic of China. Information Security Technology—Baseline for Classified Protection of Cybersecurity (draft) [S]. Beijing:Standards Press of China,2018.
[8]	YI, NEN T .SSH: Secure Login Connections over the Internet[C]//Usenix.SSYM'96 Proceedings of the 6th Conference on USENIX Security Symposium, Focusing on Applications of Cryptography,July 22 - 25, 1996,San Jose, California.Berkeley: Usenix,1996 :4.
[9]	TIAN Yanwei, YANG Songru, LI Jie.Research on Risks and Countermeasures of Wireless WiFi Key APP[J]. Netinfo Security, 2017, 17(70): 80-84.
	田延伟, 杨松儒, 李杰. 无线WiFi密钥APP风险隐患及对策研究[J]. 信息网络安全, 2017, 17(70): 80-84.
[10]	MILLER S K .Facing the Challenge of Wireless Security[J]. Computer, 2001, 34(7) :16-18.
[11]	ARBAUGH W A .Wireless Security is Different[J]. Computer, 2003, 36(8) :99-101.
[12]	LAWTON G .Web 2.0 Creates Security Challenges[J]. Computer, 2007, 40(10) :13-16.
[13]	MA Su’an, LUO Wen, ZHANG Jinxin.Establishing New Network Defense System for Responding to Advanced Network Threat[J]. Journal of Information Securyity Research, 2016, 2(4) : 377-382.
	马苏安, 骆文, 张金鑫. 应对高级网络威胁建立新型网络防御系统[J]. 信息安全研究, 2016, 2(4) : 377-382.
[14]	LANGNER R .Stuxnet: Dissecting a Cyberwarfare Weapon[J]. IEEE Security & Privacy, 2011, 9(3) : 49-51.
[15]	ZHANG Jiawei, ZHANG Dongmei, HUANG Siqi.Design and Implementation of Anti APT Attack Trusted Software Base[J]. Netinfo Security, 2017 ,17(6) :49-55.
	张家伟, 张冬梅, 黄偲琪. 一种抗APT攻击的可信软件基设计与实现[J]. 信息网络安全, 2017,17(6) :49-55.

网络安全等级保护测评中网络和通信安全测评研究

Research on Testing and Evaluation of Network and Communication Security in Classified Cybersecurity Protection

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

图/表 1

参考文献 15

相关文章 2

编辑推荐

Metrics

本文评价

[1]	黎水林, 祝国邦, 范春玲, 陈广勇. 一种新的等级测评综合得分算法研究[J]. 信息网络安全, 2020, 20(2): 1-6.
[2]	张振峰, 张志文, 王睿超. 网络安全等级保护2.0云计算安全合规能力模型[J]. 信息网络安全, 2019, 19(11): 1-7.