基于等级保护的财政信息系统安全建设探讨

以我国信息安全等级体系规范和标准为基础,分析财政信息系统的安全保护等级模型,讨论和设计财政信息系统网络安全域的划分和等级保护方案,提出方便有效地进一步完善财政信息系统安全的保障措施。     

安全保护模型与等级保护安全要求关系的研究

该文指出等级保护安全建设整改需要依据技术标准落实各项技术和管理措施,建立信息系统安全防护体系将会借鉴各种流行的安全保护模型,进而分析和说明了各种流行的安全保护模型与等级保护安全要求之间的关系,给出了基于等级保护安全要求结合流行安全保护模型形成信息系统安全防护体系的思路。     

大数据背景下高校人事信息安全问题研究

随着信息技术的深入发展,网络安全法律法规不断健全,信息安全和网络安全的重要性持续提高。高校作为一个人员密集程度极高的机构,其数据信息量十分庞杂,数据在传输,应用过程中的信息安全问题日益凸显。文章在分析人事信息安全的重要性和信息安全风险形式基础上,结合不同高校人事信息安全工作方面的做法,从管理和技术两个层面探究高校人事信息安全的问题与成因,以期探索建立人事信息安全管理长效机制,营造良好的人事信息网络生态环境,助力人事管理工作有效推进,为高校教职工信息安全提供参考。     

信息系统安全等级保护能力构成框架研究

本文首先从威胁与安全保护能力之间的关系出发,说明威胁和安全保护能力通过信息系统中的业务信息和系统服务相互作用、相互影响。同时提出安全保护能力分级,不同安全等级的信息系统应具有与其等级相适应的安全保护能力。然后从安全技术和安全管理两方面,提出信息系统等级保护能力构成框架,把保护能力分为防护类、检测类、恢复响应类、制度类、组织人员类、安全工程类和安全运行类。最后在信息系统等级保护能力构成框架指导下,分析了不同级别保护能力的体现,为信息系统选择措施进行恰当保护以到达相对安全提供指导,也为信息系统安全等级保护基本要求提供理论依据。     

浅谈金融业信息系统等级保护工作的常态化简

近年来,信息系统信息安全等级保护制度已成为我国一项基本国策,如何持续地做好将信息系统等级保护工作,提高自身信息系统安全防御能力,已成为金融机构必须关注的问题。本文主要结合人民银行实际的信息安全管理工作,对单位开展信息安全等级保护工作的情况进行了分析,并就如何实现信息系统等级保护工作常态化提出了几点想法。     

财政信息系统安全分析和建设

以我国信息安全等级体系规范和标准为基础,分析和测试和财政信息系统的安全,讨论和设计财政信息系统网络安全域的划分和等级保护建设,提出方便有效地进一步完善财政信息系统安全的保障措施.     

浅析管理在信息系统安全中的必要性

在信息系统安全规划和设计中,管理作为信息系统的安全基础和信息系统各安全层面的基本要素,已经成为构建安全、可用信息系统不可或缺的必要条件。文章针对管理在信息系统安全中的作用、特点进行了论述,并结合等级保护政策提出了相应的管理建议。     

Managing network security: Attack and defence strategies

Computing operates in an almost universally networked environment, but the technical aspects of information protection have not kept up. As a result, the success of information security programs has increasingly become a function of our ability to make prudent management decisions about organizational activities. Managing Network Security takes a management view of protection and seeks to reconcile the need for security with the limitations of technology.     

Managing network security: Simulating network security

Computing operates in an almost universally networked environment, but the technical aspects of information protection have not kept up. As a result, the success of information security programmes has increasingly become a function of our ability to make prudent management decisions about organizational activities. Managing Network Security takes a management view of protection and seeks to reconcile the need for security with the limitations of technology.     

高职院校校园网信息安全防护体系研究

高职院校校园网是一个复杂的网络,在支撑学校业务运营、发展的同时,面临的信息安全风险日益突出,成为 学校管理急需解决的问题之一。本文分析了高职院校校园网的网络特点和信息安全现状,提出在校园网构建“等级保护,区域 隔离,突出核心,纵深防御”的信息安全防护体系,并结合实践进行了探讨和分析,为校园网信息安全防护工作提供必要的参 考。     

Countering DCAs

Computing operates in an almost universally networked environment, but the technical aspects of information protection have not kept up. As a result, the success of information security programmes has increasingly become a function of our ability to make prudent management decisions about organizational activities. Managing Network Security takes a management view of protection and seeks to reconcile the need for security with the limitations of technology.     

Managing network security: The millisecond fantasy

Computing operates in an almost universally networked environment, but the technical aspects of information protection have not kept up. As a result, the success of information security programmes has increasingly become a function of our ability to make prudent management decisions about organizational activities. Managing Network Security takes a management view of protection and seeks to reconcile the need for security with the limitations of technology.     

Digital forensics

Computing operates in an almost universally networked environment, but the technical aspects of information protection have not kept up. As a result, the success of information security programs has increasingly become a function of our ability to make prudent management decisions about organizational activities. Managing Network Security takes a management view of protection and seeks to reconcile the need for security with the limitations of technology.     

Managing network security: Security education in the information age

Computing operates in an almost universally networked environment, but the technical aspects of information protection have not kept up. As a result, the success of information security programs has increasingly become a function of our ability to make prudent management decisions about organizational activities. Managing Network Security takes a management view of protection and seeks to reconcile the need for security with the limitations of technology.     

Managing network security: Returning fire

Computing operates in an almost universally networked environment, but the technical aspects of information protection have not kept up. As a result, the success of information security programmes has increasingly become a function of our ability to make prudent management decisions about organizational activities. Managing Network Security takes a management view of protection and seeks to reconcile the need for security with the limitations of technology.     

Managing Network Security: The limits of cryptography

Computing operates in an almost universally networked environment, but the technical aspects of information protection have not kept up. As a result, the success of information security programs has increasingly become a function of our ability to make prudent management decisions about organizational activities. Managing Network Security takes a management view of protection and seeks to reconcile the need for security with the limitations of technology.     

Managing Network Security: Watching the World

Computing operates in an almost universally networked environment, but the technical aspects of information protection have not kept up. As a result, the success of information security programmes has increasingly become a function of our ability to make prudent management decisions about organizational activities. Managing Network Security takes a management view of protection and seeks to reconcile the need for security with the limitations of technology.     

Managing network security: The limits of awareness

Computing operates in an almost universally networked environment, but the technical aspects of information protection have not kept up. As a result, the success of information security programmes has increasingly become a function of our ability to make prudent management decisions about organizational activities. Managing Network Security takes a management view of protection and seeks to reconcile the need for security with the limitations of technology.     

虚拟化安全建设研究

首先分析了虚拟化给传统信息安全带来的挑战,然后分别从边界防护、病毒防护、补丁管理以及虚拟化基础设施保护四个方面,阐述了在虚拟化环境下如何进行安全防护。     

个人信息保护的RFID标签信息读取模块设计

RFID技术虽然给我们的日常生活带来了便利,但是此技术的广泛应用同样带来了个人信息安全的盲区。所以在不增加RFID标签成本和用户私人信息管理成本的前提下,提出了一个具有个人信息保护功能的新的系统结构,利用现有的RFID硬件,通过对信息的加密和策略管理,使系统自动、实时地对用户的个人信息进行权限控制和保护,从而加强对用户私有信息的管理和保护,提高用户对商家的信任度和忠诚度。