摘要
政务云的建设既需要解决政府职能部门间的"信息孤岛"问题,同时也要考虑云计算技术的各种安全风险。文章首先探讨了政务云面临的安全挑战,然后给出了政务云安全体系的总体设计方案,提出和总结了政务云各业务区域的分层分域安全规划及隔离、构建政务云安全等保立体防御矩阵和通过SDN/Overlay架构搭建安全调度网络等关键要素。最后,根据该套方案设计的安徽省政务云安全体系,实现了政务云平台的预警、检测、防护和响应安全能力的全面提升。
The construction of government cloud not only needs to solve the problem of"information island"between government departments,but also needs to consider various security risks of cloud computing technology.This paper first discusses the security challenges faced by the government cloud,then gives the overall design scheme of the security system of the government cloud,puts forward and summarizes the hierarchical and domain security planning and isolation of each business area of the government cloud,the construction of the three-dimensional defense matrix such as the security of the government cloud,and the construction of the security scheduling network through the SDN/overlay architecture.Finally,the Anhui Provincial Government Cloud Security System designed according to this set of plans has achieved a comprehensive improvement in the early warning,detection,protection and response security capabilities of the Government Cloud Platform.
作者
武海龙
Wu Hailong(Anhui Economic Information Center,AnhuiHefei 230001)
出处
《网络空间安全》
2020年第4期19-24,共6页
Cyberspace Security
关键词
政务云
安全体系
风险预警
响应联动
government cloud
security system
risk warning
response linkage
