Research on Establishment of Network Security Service Ability System for A New Era

doi:10.3969/j.issn.1671-1122.2019.01.011

Abstract

Abstract:

Based on the supporting role of network security services in the development of network security and the characteristics of classified protection 2.0, focusing on the main objectives, service objects, service cycles and service contents of network security services, this paper discusses how to clarify the responsibilities of service providers and service demanders by establishing complete technical system, standard system and management system of network security services. This paper also discusses how to promote the continuous improvement of the level of network security service by establishing the supervision and evaluation system of the whole service process, thus injecting vitality into the development of network security.

Key words: classified protection, network security service, ability system construction

CLC Number:

TP309

Jie QU, Chunling FAN, Guangyong CHEN, Jintao ZHAO. Research on Establishment of Network Security Service Ability System for A New Era[J]. Netinfo Security, 2019, 19(1): 83-87.

Figures/Tables 8

References 7

[1]	Network Security Law of the People’s Republic of China [EB/OL]. , 2016-11-7.
	中华人民共和国网络安全法[EB/OL]., 2016-11-7.
[2]	GA/T 1390A/T 1390.2-2017.Information Security Technology—Baseline for Classified Protection of Cybersecurity —Part 2: Specialsecurity Requirements for Cloud Computing[S].Beijing: Standards Press of China,2017.
	GA/T 1390A/T 1390.2-2017.信息安全技术网络安全等级保护基本要求第二部分:云计算扩展要求[S].北京:中国标准出版社,2017.
[3]	CHEN Yuehua, YANG Dongsheng, MU Biao.The Thoughts of Information Security Service Outsourcing Management[J].Netinfo Security,2012,12(12):86-87.
	陈跃华,杨东升,穆彪. 信息安全服务外包管理思考[J].信息网络安全,2012,12(12):86-87.
[4]	SUN Mingliang, WEI Hua, WANG Yan. Escort Network Power Strategy to Promote the Development of Network Security Service Industry[EB/OL]. , 2018-4-19.
	孙明亮,位华,王琰. 护航网络强国战略促进网络安全服务业发展[EB/OL]., 2018-4-19.
[5]	ISO/IEC 27002-2013.Information technology-Security techniques -Code of practice for information security controls [EB/OL].,2018-10-30.
[6]	GB/T 30271-2013B/T 30271-2013.Information Security Technology—Assessment Criteria for Information Security Service Capability[S].Beijing: Standards Press of China,2013.
	GB/T 30271-2013B/T 30271-2013 .信息安全技术信息安全服务能力评估准则[S].北京:中国标准出版社,2013.
[7]	JI Hui.Controlling Information System Risk by Information Security Service[J]. Netinfo Security,2010,10(5):17-18.
	季辉. 通过信息安全服务实现信息系统风险可控[J].信息网络安全,2010,10(5):17-18.

[1]	Li MA. Research on the Quantitative Calculation Method Resulting from the Conclusions in the Assessment of Classified Protection of Cybersecurity [J]. Netinfo Security, 2020, 20(3): 1-8.
[2]	Yuan TAO, Tao HUANG, Moyan LI, Wei HU. Research on Log Audit Analysis Model of Cyberspace Security Classified Protection Driven by Knowledge Map [J]. Netinfo Security, 2020, 20(1): 46-51.
[3]	ZHENG Guogang. Implementation Methods and Technical Measures for Security Inspection of Important Information Systems [J]. Netinfo Security, 2019, 19(9): 16-20.
[4]	CHEN Guangyong, ZHU Guobang, FAN Chunling. Information Security Technology—Evaluation Requirement for Classified Protection of Cybersecurity(GB/T 28448-2019) Standard Interpretation [J]. Netinfo Security, 2019, 19(7): 1-8.
[5]	MA Li, ZHU Guobang, LU Lei. Baseline for Classified Protection of Cybersecurity (GB/T 22239-2019) Standard Interpretation [J]. 信息网络安全, 2019, 19(2): 77-84.
[6]	ZHANG Zhenfeng, ZHANG Zhiwen, WANG Ruichao. Model of Cloud Computing Security and Compliance Capability for Classified Protection of Cybersecurity 2.0 [J]. Netinfo Security, 2019, 19(11): 1-7.
[7]	ZENG Yu, GUO Jinquan. Research of the Security Situation about Industrial Control Information System [J]. 信息网络安全, 2016, 16(9): 169-172.
[8]	LI Tao, ZHANG Chi. Research on Network Security Risk Model Based on the Information Security Level Protection Standards [J]. 信息网络安全, 2016, 16(9): 177-183.
[9]	WANG Qun. Research on Information Security Protection System Based on Security Domain [J]. 信息网络安全, 2015, 15(9): 206-210.
[10]	YUAN Hui-ping. Research and Practice of the Classified Protection System of the Bank Data Center [J]. 信息网络安全, 2015, 15(4): 86-89.
[11]	FENG Rui. Design of Auto-start Control System of Information System Contingency Plan [J]. 信息网络安全, 2014, 14(9): 223-225.
[12]	WEI Feng, JIANG Fan. Assets Recognition and Importance Assessment Based on Information Flow [J]. 信息网络安全, 2014, 14(12): 83-87.