| 电力系统信息安全基线标准体系的构建 |
| |
| 引用本文: | 张鑫,陈雪华,刘新.电力系统信息安全基线标准体系的构建[J].电力信息化,2013(11):110-114. |
| |
| 作者姓名: | 张鑫 陈雪华 刘新 |
| |
| 作者单位: | 山东电力集团公司,山东济南250001 |
| |
| 摘 要: | 为消减电网设备自身的安全脆弱性,进一步深化信息安全管理,文章提出了构建信息安全基线标准体系的原则和分层集成的安全基线标准体系架构,重点从强化意识、构建体系、建立制度3方面论述了如何构建信息安全基线标准体系。山东电力集团公司信息安全基线建设实践证明。该体系可以建立符合各信息安全监管部门和应用部门的规范和标准。形成一整套可推广的落地自查、检查方案,从而有效支撑等级保护,并提升企业信息安全管理的规范化、标准化和精益化水平。
|
| 关 键 词: | 电力信息安全 信息安全基线 体系架构 等级保护 动态管理 |
Construction of Information Security Baseline Standardization System for Power Systems |
| |
| ZHANG Xin,CHEN Xue-hua,LIU Xin.Construction of Information Security Baseline Standardization System for Power Systems[J].Electric Power Information Technology,2013(11):110-114. |
| |
| Authors: | ZHANG Xin CHEN Xue-hua LIU Xin |
| |
| Affiliation: | (Shandong Electric Power Corporation, Jinan 250001, China) |
| |
| Abstract: | To reduce security vulnerability of power devices and deepen the information security management, a hierarchical architecture of information security baseline standardization system, as well as the construction principles, are proposed. Then we analyze how to construct the system from aspects of awareness strengthening, system building, and rules and regulations establishment. The practice of Shandong Electric Power Corporation shows that, the information security baseline standardization system can not only produce various information security specifications and standards to fulfill the compliance requirements by security administration authorities and business sectors, but also can be extended to form a complete set of self-examination and inspection programs. In such a way, the system can effectively support the graded protection of power grid. and further enhance the standardization and lean level of enterprise information security management. |
| |
| Keywords: | information security of power system information security baseline system architecture graded protection dynamic management |
| 本文献已被 维普 等数据库收录! |
