摘要
梳理天地网络的特征,针对天地网络中的安全威胁,系统地梳理测控/运控信息、终端接入、无线信道、传输、业务信息系统、运维管理等方面的安全风险,提出融合安全支撑层、接入安全层、网络安全层、安全服务层及安全态势预警、统一安全管理等的天地网络安全保障架构,设计统一安全管理与安全态势预警、实体认证与接入防护、多域网络互联安全控制、密码按需服务、安全服务动态重构等的实现机制,为天地网络安全提供有效支撑。
The characteristics of space-ground network was combed.Against security threats in space-ground network,the security risks faced by measurement control,operation control,terminal access,wireless transmission,transmission,business information system,maintenance management were analyzed.Further,by dividing space-ground network security into four layers:foundation layer,access layer,network layer and application layer,a security architecture to protect space-ground network was proposed.An implement mechanism(including unifi ed security management and security situation aware,entity authentication and access protection,interconnection control,cipher on-demand service,dynamic reconstruction of security service)was designed to guarantee the security of space-ground network.
作者
李凤华
张林杰
陆月明
耿魁
郭云川
LI Fenghua;ZHANG Linjie;LU Yueming;GENG Kui;GUO Yunchuan(Institute of Information Engineering,Chinese Academy of Science,Beijing 100195,China;School of Cyber Security,University of Chinese Academy of Sciences,Beijing 100049,China;The 54th Research Institute of China Electronics Technology Group Corporation,Shijiazhuang 050081,China;Beijing University of Posts and Telecommunications,Beijing 100876,China)
出处
《天地一体化信息网络》
2020年第1期17-25,共9页
Space-Integrated-Ground Information Networks
基金
国家重点研发计划基金资助项目(No.2016YFB0801001)
国家自然科学基金资助项目(No.U1836203)。
关键词
天地网络安全保障
安全态势预警
实体认证与接入防护
安全互联控制
密码按需服务
安全服务动态重构
space-ground network security guarantee
security situation aware
entity authentication and access protection
interconnection control
cipher on-demand service
dynamic reconstruction of security service
