摘要
电子档案管理系统的安全保障需求主要源于档案管理流程的两个特点:一是电子档案管理系统从其他业务系统接收电子文件并提供利用,其所管理的数据相对复杂而集中;二是电子档案管理系统要为电子档案移交奠定基础。据此,本文从档案管理需求出发,明确电子政务环境下档案保管和利用阶段的安全保障目标,并对两个阶段及贯穿全流程的安全保障需求和现有措施进行了梳理。在保管阶段,现有的电子档案真实性与长期可读性安全保障措施存在一定矛盾,应进一步协调统一;在利用阶段,应通过副本利用和利用跟踪审计来保障电子档案实体与信息的安全;电子档案管理全流程的支撑性安全保障主要通过四性检验和档案备份来实现。
The security requirements of ERMS root in two characteristics of archival process: First, ERMS collects electronic records from other business systems and provides access, which means the repository is relatively more complicated and centralized; Secondly, ERMS should lay a foundation for the transfer of records to archives. Accordingly, basing on the requirements of archival management, this article clarifies the ultimate goals of security assurance respectively in the stage of records custody and access, and analyzes the actual requirements and current strategies used in the two stages and along the complete procedure of records management. The article finds that, in the stage of custody, there are certain conflicts between current strategies for the assurance of authenticity and long-term readability, which calls for further coordination; in the stage of access, it should focus on the assurance of entity security and information security through providing access to duplication and establishing access tracking and auditing; and the security assurance of whole procedure of records management is supported by quality inspection and backup strategy.
出处
《档案学研究》
CSSCI
北大核心
2015年第4期29-40,共12页
Archives Science Study
关键词
电子政务
电子档案
信息安全
安全保障
E-government, Electronic records, Information security, Security assurance
