| 基于零信任的私有云终端安全接入框架 |
| |
| 引用本文: | 张再峰,周振兴,于泳.基于零信任的私有云终端安全接入框架[J].移动信息.新网络,2023,45(11):122-124. |
| |
| 作者姓名: | 张再峰 周振兴 于泳 |
| |
| 作者单位: | 中航机载系统共性技术有限公司江苏扬州 225002 |
| |
| 摘 要: | 近年来,企业陆续上云,基于安全、可控的因素,中大型企业、研发型企业逐步开展了私有云建设,依托私有云降本增效,赋能企业发展。在私有云环境下,各分支机构可以基于私有云应用开展工作,但各分支机构终端面临复杂的终端环境,如多种类型终端、终端接入多网络、终端在多区域使用、终端访问不同等级应用。文中针对传统终端安全解决方案、SDP解决方案在4种场景下的安全能力覆盖情况,分析了无法解决的场景,并依托零信任的思想进行了进一步研究,提出了基于沙箱的安全方案以及解决多终端接入私有云问题的新方法。
|
| 关 键 词: | 零信任 私有云 终端安全 终端接入 |
| 收稿时间: | 2023/8/6 0:00:00 |
Secure Access Framework for Private Cloud Terminals Based on Zero Trust |
| |
| ZHANG Zaifeng,ZHOU Zhenxing,YU Yong.Secure Access Framework for Private Cloud Terminals Based on Zero Trust[J].Mobile Information,2023,45(11):122-124. |
| |
| Authors: | ZHANG Zaifeng ZHOU Zhenxing YU Yong |
| |
| Affiliation: | AVIC Plaza Airborne System Common Technology Co.,Ltd., Yangzhou,Jiangsu 225002 ,China |
| |
| Abstract: | In recent vears, enterprises have been going to the cioud one after another, Based on security and controlabfactors, medium and large enterprises and R &. D enterprises have gradually carried out private cloud construction, relyingon private cloud to reduce costs and increase efficiency, and empower enterprises to develop, In a private cloud enyirorment, each branch can work based on private cloud applications, but each branch end point faces a complex end point environment, such as multiple types of end points, end points connected to multiple networks, end points used in multiple regions, and end points accessing applications of different levels, In this paper, according to the security capability coverageof traditional end point security solutions and SDP solutions in four scenarios. the unsolvable scenarios are analyzed. ancfurther research is carried out relying on the idea of zero trust, A sandbox-based security scheme and a new method tosolve the problem of multi-end point access to private cloud are proposed. |
| |
| Keywords: | |
|
| 点击此处可从《移动信息.新网络》浏览原始摘要信息 |
|
点击此处可从《移动信息.新网络》下载全文 |
|
