摘要
近年来,企业陆续上云,基于安全、可控的因素,中大型企业、研发型企业逐步开展了私有云建设,依托私有云降本增效,赋能企业发展。在私有云环境下,各分支机构可以基于私有云应用开展工作,但各分支机构终端面临复杂的终端环境,如多种类型终端、终端接入多网络、终端在多区域使用、终端访问不同等级应用。文中针对传统终端安全解决方案、SDP解决方案在4种场景下的安全能力覆盖情况,分析了无法解决的场景,并依托零信任的思想进行了进一步研究,提出了基于沙箱的安全方案以及解决多终端接入私有云问题的新方法。
In recent years,enterprises have been going to the cloud one after another.Based on security and controllable factors,medium and large enterprises and R&D enterprises have gradually carried out private cloud construction,relying on private cloud to reduce costs and increase fficiency,and empower enterprises to develop.In a private cloud environ-ment,each branch can work based on private cloud applications,but each branch end point faces a complex end point envi-ronment,such as multiple types of end points,end points connected to multiple networks,end points used in multiple re-gions,and end points accessing applications of different levels.In this paper,according to the security capability coverage of traditional end point security solutions and SDP solutions in four scenarios,the unsolvable scenarios are analyzed,and further research is carried out relying on the idea of zero trust.A sandbox-based security scheme and a new method to.solve the problem of multi-end point access to private cloud are proposed.
作者
张再峰
周振兴
于泳
ZHANG Zaifeng;ZHOU Zhenxing;YU Yong(AVIC Plaza Airbomne System Common Technology Co.,Ltd.,Yangzhou,Jiangsu 225002,China)
出处
《移动信息》
2023年第11期122-124,128,共4页
MOBILE INFORMATION
关键词
零信任
私有云
终端安全
终端接入
Zero trust
Private cloud
End point security
End point access
