新疆地震行业网零信任网络安全模型初步研究
A preliminary study on Zero Trust network security model of Xinjiang earthquake industry network
王范霞 1朱翔国 1马睿 1刘东亚1
作者信息
- 1. 中国乌鲁木齐 830011 新疆维吾尔自治区地震局
- 折叠
摘要
在了解国际上成熟的零信任构架、相关方案及国内零信任网络安全研究的基础上,概述零信任网络基本构架,分析新疆地震行业网络构架和网络安全防护现状,将"零信任"理念引入新疆地震行业网.在尽可能不改变现有网络构架的基础上,建立新疆地震行业网网络数字身份库,根据业务需求,赋予数字身份最小访问权限;在业务访问时对身份权限实施持续的权限验证、安全评估,不再根据资源所处的网络位置决定其安全与否,由此设计出新疆地震行业网零信任网络安全模型.
Abstract
Based on the understanding of international mature Zero-Trust architecture,related programs and domestic Zero-Trust network security research,this study outlines the basic architecture of Zero-Trust network.It analyzes the network architecture and current situation of network security protection in the Xinjiang earthquake industry,introducing the concept of"Zero-Trust"into the Xinjiang seismic industry network.Without significantly altering the existing network architecture,a digital identity library of Xinjiang seismic industry network is established,and the digital identity is given the minimum access privileges according to the business requirements.During the business access,the identity privileges are subjected to continuous privilege verification and security assessment,and the security of the resources is no longer determined according to the location of the network,so as to design the Zero-Trust network security model of Xinjiang seismic industry network.
关键词
零信任/网络安全/新疆地震行业网Key words
Zero-Trust/network security/Xinjiang seismic industry network引用本文复制引用
基金项目
中国地震局信息青年重点任务项目(CEAITNS202312)
出版年
2024
国家科技期刊平台
NSTL
万方数据