通过TISAX模式加强汽车产业链信息安全的途径分析
Analysis of Approach to Strengthen Information Security in the Automotive Industry Chain Through TISAX Model
刘海 1韦斌生1
作者信息
- 1. 德凯质量认证(上海)有限公司,上海,200436;杭州德凯认证有限公司,浙江杭州,310052
- 折叠
摘要
汽车产业链上的各级厂商通常需要与世界各地的客户或下级供应商频繁交换与产品设计、技术研究项目或商业计划有关的商业敏感和机密信息,因而沿产业链传递的信息安全对于各级厂商非常重要.本文通过考察现有的汽车产品开发模式和方法,分析了汽车产业链内生产厂商信息安全的特征和保障内容,总结了在汽车产业链上保障信息安全的特殊需求.依据可信信息安全评估交换(TISAX)机制及其所依赖的信息安全评估准则(ISA),本文描述了一种加强汽车产业链全链条信息安全的实现途径,说明了如何利用TISAX模式为汽车产业链上的各级厂商提供一种通用的信息安全要求的传递机制.
Abstract
All of manufactures in the automotive industry chain interact with clients and subcontractors worldwide,often needing to exchange commercially sensitive and confidential information related to product designs,technology research projects or business plans.Therefore,information security is of great importance for manufactures at all levels of the automotive industry chain.This article analyzes the characteristics and protection content of information security for manufacturers in the automotive industry chain.By investigating existing models and methods of automotive product development,it summarizes the special needs for ensuring information security within the automotive industry chain.Based on the Trusted Information Security Assessment Exchange(TISAX)mechanism and the Information Security Assessment(ISA)criteria it relies on,this article describes an implementation approach to strengthen the full chain information security of the automotive industry,and explains how to provide a universal transfer mechanism of information security through TISAX model for all levels of manufacturers in the automotive industry chain.
关键词
可信信息安全/评估交换/汽车产业链/管理体系Key words
Trusted Information Security/Assessment Exchange/Automobile Industry Chain/Management System引用本文复制引用
出版年
2024
NETL
NSTL
万方数据