检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:文星[1] Wen Xing(China Southern Power Grid EHV Power Transmission Company Information and Communication Center,Guangzhou 510663,China)
出 处:《信息技术与网络安全》2020年第1期38-41,49,共5页Information Technology and Network Security
基 金:2019年南方电网超高压公司信中心职工技术创新项目阶段性成果(CGYKJXM20190297)
摘 要:针对电网企业在内网环境下应用系统访问出现安全问题,结合传统访问控制机制,提出了一种基于软件定义边界(Software Defined Perimeter,SDP)的用户多维度数据身份验证模型。首先分析了当前电网企业应用系统中访问控制模型存在的不足,然后对现有的模型引入信任的属性,依照最小化授权方式,建立每个人与公司业务系统的对应关系,创建千人千面的安全软边界网关。实际应用和理论分析表明,该模型可以实现用户只能看到被授权访问的应用,建立强信任、强可控、强防护的新安全架构,有效保护电网企业的各类应用系统。Aiming at the security problem of application system access in power grid enterprises under intranet environment,a user multi-dimensional data authentication model based on Software Defined Perimeter(SDP)is proposed in combination with traditional access control mechanism.Firstly,the shortcomings of access control model in current power grid enterprise application system are analyzed.Then,the attribute of trust is introduced into the existing model.According to the minimal authorization method,the corresponding relationship between each person and the company business system is established,and a secure soft boundary gateway with thousands of people and thousands of faces is created.Practical application and theoretical analysis show that the model can achieve the application that users can only see authorized access,and establish a new security architecture with strong trust,strong control and strong protection,which can effectively protect various application systems of power grid enterprises.
分 类 号:TP391[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.222