Pondering a New-generation Security Architecture Model for Power Information Network
-
摘要: 能源互联网的崛起正在迅速改变电力信息网络系统架构,电力信息网络面临着一系列新的安全挑战。以满足未来更高级别安全能力为出发点,秉承继承创新、自主可控、协同对抗、智能防护的原则,设计了一种适应新一代电力信息网络的安全架构模型,并提出了架构的构建措施。新一代电力信息网络安全架构模型提出了全新的九大安全需求,融合管理、策略、技术与角色四个维度于一体,构建了涵盖研发、测试、运行三平台并以分级防护、事件感知、预警调度、应急响应、灾难恢复和攻防对抗六环节为主体的闭环技术体系,以实现对信息安全全生命周期的可持续管控。在新一代电力信息网络安全架构建设过程中,需要统一开展信息安全顶层设计,打造高水平信息安全专业队伍,融合构建新型信息安全技防体系,以强化对风险、威胁和脆弱性的智能预警和防范能力,从而全面建成新一代信息网络安全防护体系,提升电力行业信息安全整体保障能力。Abstract: The rise of the energy internet is quickly changing the system architecture of electric power information network,which is faced with a series of new security challenges.To meet the higher level security capability of the future,a security architecture model that could adapt to the new generation electric power information network is built and the construction measures are given based on the principles of inheritance and innovation,autonomy and controllability,cooperative countermeasure and intelligent defense.The new generation security architecture model of power information network has made nine brand-new security demands,combined four dimensions:management,strategy,technology and role,built three platforms:research and development,test and operation,and designed a closed-loop repertoire containing six key links:classified protection, event sensor, warning scheduling, emergency response, disaster recovery and attack-defense confrontation,to achieve sustainable control of the full life cycle of information security.In the construction process of the new generation security architecture model of power information network,we need to carry out unified top-level design of information security,build a high-level professional information security team,establish an integrated new technology protection system of information security,strengthen intelligent prevention and warning ability against risk,threat and vulnerability,so as to construct a new-generation protection system of information security and promote the overall safeguarding capability of information security in the electric power industry.
-
[1] 张晓兵.下一代网络安全解决方案[J].电信工程技术与标准化,2014,27(6):59-61. ZHANG Xiaobing.The next generation network security solution[J].Telecom Engineering Technics and Standardization,2014,27(6):59-61.
[2] PALANIAPPAN S,RABIAH A,MARIANA Y.A conceptual framework of info structure for information security risk assessment(ISRA)[J].Journal of Information Security and Applications,2013,18:45-52.
[3] REBOLLO O,MELLADO D,FERNNDEZ-MEDINA E,et al.Empirical evaluation of a cloud computing information security governance framework[J].Information and Software Technology,2015,58:44-57.
[4] 高志远,曹阳,严春华,等.智能电网中的移动互联网应用探讨[J].电力信息与通信技术,2014,12(5):66-68. GAO Zhiyuan,CAO Yang,YAN Chunhua,et al.Discussion on application of mobile internet in smart grid[J].Electric Power Information and Communication Technology,2014,12(5):66-68.
[5] 杨杉,曹波.电网终端信息安全评估模型[J].计算机工程,2012,38(13):125-127. YANG Shan,CAO Bo.Grid terminal information security evaluation model[J].Computer Engineering,2012,38(13):125-127.
[6] 徐震,刘韧,于爱民,等.智能电网中的移动应用安全技术[J].电力系统自动化,2012,36(16):82-87. XU Zhen,LIU Ren,YU Aimin,et al.Mobile application security technology for smart grid[J].Automation of Electric Power Systems,2012,36(16):82-87.
[7] 易涛.云计算虚拟化安全技术研究[J].信息安全与通信保密,2012,34(5):63-65. YI Tao.Study on security technology of cloud computing virtualization[J].Information Security and Communications Privacy,2012,34(5):63-65.
[8] JIRASEK V.Practical application of information security models[J].Information Security Technical Report,2011,17(1):1-8.
[9] WANG Dong,LI Ruixue,WANG Huaiyu,et al.Research on the model of in-depth defense and control ability system of information security[C]//2014the 7th International Conference on Information Management,Innovation Management and Industrial Engineering,October 25-26,2014,Xi’an,China:153-155.
[10] 薛鹏.基于体系观的信息安全建设透视[J].北京联合大学学报(自然科学版),2014,28(3):63-65. XUE Peng.The study of the information security construction based on the systematic perspective[J].Journal of Beijing Union University(Natural Sciences),2014,28(3):63-65.
[11] 韦勇,连一峰.基于日志审计与性能修正算法的网络安全态势评估模型[J].计算机学报,2009,32(4):763-772. WEI Yong,LIAN Yifeng.A network security situational awareness model based on log audit and performance correction[J].Chinese Journal of Computers,2009,32(4):763-772.
[12] 骆钊,谢吉华,顾伟,等.基于SM2密码体系的电网信息安全支撑平台开发[J].电力系统自动化,2014,38(6):68-74.DOI: 10.7500/AEPS20130629002. LUO Zhao,XIE Jihua,GU Wei,et al.SM2-cryptosystem based information security supporting platform in power grid[J].Automation of Electric Power Systems,2014,38(6):68-74.DOI: 10.7500/AEPS20130629002.
[13] 秦超,张涛,林为民.电力移动作业PDA安全接入系统设计与实现[J].电力系统自动化,2012,36(11):82-85. QIN Chao,ZHANG Tao,LIN Weimin.Design and implementation of safe access system for electric mobile operation based on PDA[J].Automation of Electric Power Systems,2012,36(11):82-85.
[14] 余勇,林为民.基于等级保护的电力信息安全监控系统的设计[J].计算机科学,2012,39(11A):440-442. YU Yong,LIN Weimin.Design of the electric power system’s security monitoring system based on classified protection[J].Computer Science,2012,39(11A):440-442.
[15] 王春雷,方兰,王东霞,等.基于知识发现的网络安全态势感知系统[J].计算机科学,2012,39(7):11-24. WANG Chunlei,FANG Lan,WANG Dongxia,et al.Network security situation awareness system based on knowledge discovery[J].Computer Science,2012,39(7):11-24.
[16] 杨宏宇,江华.基于攻击图的多Agent网络安全风险评估模型[J].计算机科学,2013,40(2):148-152. YANG Hongyu,JIANG Hua.Multi-agents network security risk evaluation model based on attack graph[J].Computer Science,2013,40(2):148-152.
[17] 张拥军,唐俊.基于云模型的网络安全态势分析与评估[J].计算机工程与科学,2014,36(1):63-67. ZHANG Yongjun,TANG Jun.Analysis and assessment of network security situation based on cloud model[J].Computer Engineering&Science,2014,36(1):63-67.
[18] 彭勇,江常青,谢丰,等.工业控制系统信息安全研究进展[J].清华大学学报(自然科学版),2012,52(10):1396-1408. PENG Yong,JIANG Changqing,XIE Feng,et al.Industrial control system cybersecurity research[J].Journal of Tsinghua University(Science and Technology),2012,52(10):1396-1408.
[19] 郭创新,陆海波,俞斌,等.电力二次系统安全风险评估研究综述[J].电网技术,2013,37(1):112-118. GUO Chuangxin,LU Haibo,YU Bin,et al.A survey of research on security risk assessment of secondary system[J].Power System Technology,2013,37(1):112-118.
[20] 陈来军,梅生伟,陈颖.智能电网信息安全及其对电力系统生存性的影响[J].控制理论与应用,2012,29(2):240-244. CHEN Laijun,MEI Shengwei,CHEN Yi.Smart grid information security and its influence on power system survivability[J].Control Theory&Applications,2012,29(2):240-244.
[21] 阙华坤,杨劲锋,肖勇,等.基于一体化平台的信息安全等级评估[J].计算机工程,2013,39(10):133-142. QUE Huakun,YANG Jingfeng,XIAO Yong,et al.Information security level assessment based on integrated platform[J].Computer Engineering,2013,39(10):133-142.
[22] 曹军威,万宇鑫,涂国煜,等.智能电网信息系统体系结构研究[J].计算机学报,2013,36(1):143-167. CAO Junwei,WAN Yuxin,TU Guoyu,et al.Information system architecture for smart grids[J].Chinese Journal of Computers,2013,36(1):143-167.
[23] 连礼泉,彭武,王冬海.基于攻防对抗的网络安全动态评估方法[J].计算机科学,2013,40(11A):214-218. LIAN Liquan,PENG Wu,WANG Donghai.Method of network security dynamic assessment based on attack-defense confrontation[J].Computer Science,2013,40(11A):214-218.
计量
- 文章访问数: 0
- HTML全文浏览量: 0
- PDF下载量: 0
下载:
