信息系统安全等级保护能力构成框架研究

本文首先从威胁与安全保护能力之间的关系出发,说明威胁和安全保护能力通过信息系统中的业务信息和系统服务相互作用、相互影响。同时提出安全保护能力分级,不同安全等级的信息系统应具有与其等级相适应的安全保护能力。然后从安全技术和安全管理两方面,提出信息系统等级保护能力构成框架,把保护能力分为防护类、检测类、恢复响应类、制度类、组织人员类、安全工程类和安全运行类。最后在信息系统等级保护能力构成框架指导下,分析了不同级别保护能力的体现,为信息系统选择措施进行恰当保护以到达相对安全提供指导,也为信息系统安全等级保护基本要求提供理论依据。

Research on Framework of Information classified Security Protection Capability

Firstly, this paper studies on relationship between threat and security protection capability, explains that they interact by business information ＆ system service of information system. At the same time, points out that security protection capability need to be classified, and the capability must be accord with information system＇ s security protection classification. Then we points out framework of protection capability from two aspects of security technology and management. And protection capacity is divided into different sorts, including protection, testing, resume ＆ response, system, organization ＆ person, security engineering, security operation and so on. Lastly, analyzes main embodiment of different classify protection capacity based on this framework. All these guide to choose security measure that they properly protect information system and make it relatively security, and provide theory basis for developing basic requirements for classified information system security.