水利关键信息基础设施安全保护探索与实践

doi:10.3969/j.issn.1671-1122.2023.08.011

摘要/Abstract

摘要：

水利是国家关键信息基础设施保护的重要行业之一，因此，对其开展网络安全保护研究是十分迫切且必要的。文章阐述了水利关键信息基础设施安全保护的法律法规和标准规范要求，总结了水利行业的保护基础和面临的风险挑战。在此基础上，文章提出了以完善组织管理体系、创新安全技术体系、强化监督检查体系和规范安全运营体系为主体，提升监测预警、纵深防御、应急响应和实战对抗4项能力的水利网络安全综合防御架构。同时，文章提出了网络IPv6升级、国产密码数据保护和水利工控分区管控等关键技术路径及应用，可为行业网络安全建设提供指引和参考。

关键词: 水利关键信息基础设施, 关键信息基础设施安全保护, 网络安全

Abstract:

Water conservancy is one of the important industries of national critical information infrastructure, so it is very urgent and necessary to carry out water conservancy research and application of network security protection. This paper expounded the laws, regulations and standard requirements for the security protection of critical information infrastructure of water conservancy, and summarized the protection basis and the risks and challenges faced by the water conservancy industry. On this basis, a comprehensive water conservancy network security system was proposed that focused on improving the organizational management system, innovating the security technology system, strengthening the supervision and inspection system, which standardizing the security operation system, and improving the four capabilities of monitoring and early warning, defense in depth, emergency response, and actual combat confrontation. At the same time, this paper proposed critical technical paths and applications such as network IPv6 upgrade, domestic password data protection, and water conservancy industrial control partition management and control, which can provide guidance and reference for the construction of industry network security.

Key words: critical information infrastructure of water conservancy, security protection of critical information infrastructure, network security

中图分类号:

TP309

付静. 水利关键信息基础设施安全保护探索与实践[J]. 信息网络安全, 2023, 23(8): 121-127.

FU Jing. Exploration and Practice of Security Protection of Critical Information Infrastructure of Water Conservancy[J]. Netinfo Security, 2023, 23(8): 121-127.

图/表 5

参考文献 16

[1]	GUO Qiquan, ZHANG Haixia. Technology System for Security Protection of Critical Information Infrastructures[J]. Netinfo Security, 2020, 20(11): 1-9.
	郭启全, 张海霞. 关键信息基础设施安全保护技术体系[J]. 信息网络安全, 2020, 20(11): 1-9.
[2]	BI Ting, CHEN Xuehong, YANG Shuaifeng. Thoughts on Protecting Critical Information Infrastructures[J]. China Information Security, 2019, 114(6): 92-94.
	毕婷, 陈雪鸿, 杨帅锋. 关键信息基础设施保护工作思考[J]. 中国信息安全, 2019, 114(6): 92-94.
[3]	FENG Dengguo. Three Perspectives on Security Protection of Key Information Infrastructure[J]. China Information Security, 2022, 154(9): 25.
	冯登国. 关键信息基础设施安全保护的三个视角[J]. 中国信息安全, 2022, 154(9): 25.
[4]	XIE Yongjiang. Striving to Build a National Integrated Security System for Critical Information Infrastructures[J]. Secret Work, 2022, 403(12): 50-52.
	谢永江. 着力构建全国一体化的关键信息基础设施安全体系[J]. 保密工作, 2022, 403(12): 50-52.
[5]	CAI Yang. Implement Cybersecurity Law and Construction of Water Conservancy Guarantee System[J]. Water Resources Information, 2017(3): 1-4, 15.
	蔡阳. 贯彻《网络安全法》构建水利网络安全保障体系[J]. 水利信息化, 2017(3): 1-4, 15.
[6]	CAI Yang, FU Jing, ZHAN Quanzhong, et al. Implement Concept of “Three-Six-Prevention” and Protect Safety of Water Conservancy Key Information Infrastructure[J]. Water Resources Information, 2021, 165(6): 1-4, 21.
	蔡阳, 付静, 詹全忠, 等. 贯彻“三化六防”理念,保护水利关键信息基础设施安全[J]. 水利信息化, 2021, 165(6): 1-4, 21.
[7]	YE Jianchun. Using Management Methods as a Starting Point to Firmly Guard the Bottom Line of Water Conservancy Network Security[J]. Online Communication, 2020(2): 28-31.
	叶建春. 以管理办法为抓手守牢水利网络安全底线[J]. 网络传播, 2020(2): 28-31.
[8]	QIAN Feng, ZHANG Chao. Carrying out Network Security Attack and Defense Exercises and Defense with Data as the Core[J]. Water Conservancy Informatization, 2020(6): 17-20, 42.
	钱峰, 张潮. 以数据为核心开展网络安全攻防演练防守[J]. 水利信息化, 2020(6): 17-20, 42.
[9]	SHEN Zhibin, ZHANG Chao, GAO Jianfeng, et al. Cryptogram Infrastructure Construction Practice of the Ministry of Water Resources[J]. Water Resources Informatization, 2020(4): 4-8.
	沈智镔, 张潮, 高剑峰, 等. 水利部密码基础设施建设实践[J]. 水利信息化, 2020(4): 4-8.
[10]	ZHANG Chao, WAN Chenglin, FAN Yunan, et al. Practice of Optimizing and Upgrading SDN in the Organ Network of the Ministry of Water Resources[J]. Water Resources Informatization, 2019(3): 62-67.
	张潮, 万成林, 范宇楠, 等. 水利部机关网络SDN优化升级实践[J]. 水利信息化, 2019(3):62-67.
[11]	BAO Songlin. Accelerating the Shortcomings of Water Resources Informatization and Serving the Healthy Development of Water Resources[J]. Inner Mongolia Water Conservancy, 2019, 203 (7): 10-12.
	包松林. 加快补齐水利信息化短板服务水利健康发展[J]. 内蒙古水利, 2019, 203(7): 10-12.
[12]	CAI Yang. Establishing a Smart Water System with “Forecast, Early-Warning, Rehearsal and Plan” Functions by Focusing on the Construction of Digital Twin Basin[J]. China Water Resources, 2022(20): 2-6, 60.
	蔡阳. 以数字孪生流域建设为核心构建具有“四预”功能智慧水利体系[J]. 中国水利, 2022(20): 2-6, 60.
[13]	LIANG Siyu. Key Information Infrastructure Protection from the Blackmail Attack of the US Oil Pipeline[J]. China Information Security, 2021(9): 44-47.
	梁思雨. 从美国输油管道勒索攻击看关键信息基础设施保护[J]. 中国信息安全, 2021(9): 44-47.
[14]	LI Zhongwei, TONG Weiming, JIN Xianji. Construction of Cyber Security Defense Hierarchy and Cyber Security Testing System of Smart Grid: Thinking and Enlightenment for Network Attack Events to National Power Grid of Ukraine and Israel[J]. Automation of Electric Power Systems, 2016, 40(8): 147-151.
	李中伟, 佟为明, 金显吉. 智能电网信息安全防御体系与信息安全测试系统构建乌克兰和以色列国家电网遭受网络攻击事件的思考与启示[J]. 电力系统自动化, 2016, 40(8): 147-151.
[15]	CHEN Xingchi, WU Xiaowei. Analysis and Prevention of Current APT Attack Situation in China[J]. Network Security Technology & Application, 2022, 264(12): 1-3.
	陈星池, 吴晓尉. 当前针对我国APT攻击形势分析与防范[J]. 网络安全技术与应用, 2022, 264(12): 1-3.
[16]	CAI Yang, XIE Wenjun, CHENG Yilian, et al. A Review of Key Technology Research on the National Water One Map System[J]. Journal of Hydraulic Engineering, 2020, 51(6): 685-694.
	蔡阳, 谢文君, 程益联, 等. 全国水利一张图关键技术研究综述[J]. 水利学报, 2020, 51(6): 685-694.