商用密码应用安全性评估中的数据分类分级研究
Research on Data Classification in Security Evaluation of Commercial Cryptography Applications
董桂斋 1唐松 1王惠君2
作者信息
- 1. 湖南省密码工程技术研究中心,湖南 长沙 410001
- 2. 长沙中安密码检测有限公司,湖南 长沙 410001
- 折叠
摘要
商用密码应用安全性评估是保障信息安全的重要环节.在商用密码应用评估过程中,收集、生成、存储、处理和使用的与评估相关的数据种类繁多,应根据不同的维度进行分类和分级管理.文章分析了评估相关数据的特点,研究搜集了分类的标准和法律法规,提出了相应的分类方法和分类模型.通过对相关数据的分类研究与思考,为商用密码应用安全性评估中的数据管理提供了参考和借鉴,对促进商用密码应用安全性评估工作的标准化、规范化具有积极意义.
Abstract
Commercial cryptography application security evaluation is a crucial aspect of ensuring information security.During the application evaluation process,various types of data are collected,generated,stored,processed and utilized.These data should be classified and managed according to different dimensions.In this paper,the characteristics of the evaluation data were analyzed,the classification standards and laws and regulations were studied and collected,and the corresponding classification methods and classification models were proposed.Through the classification research of these data,it provides a reference for the data management in the evaluation of commercial cryptography application,and has a positive meaning to promote the standardization of the evaluation work.
关键词
商用密码/数据管理/安全性评估Key words
commercial cryptography/data management/security evaluation引用本文复制引用
基金项目
湖南省科技创新计划项目(2022GK4067)
出版年
2024
NETL
NSTL
维普
万方数据