检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:郭荣华 许世平[1] 刘喆 王鹏[1] 赵亚新 GUO Ronghua;XU Shiping;LIU Zhe;WANG Peng;ZHAO Yaxin(Unit 63891 of PLA,Luoyang Henan 471000,China)
机构地区:[1]中国人民解放军63891部队,河南洛阳471000
出 处:《信息安全与通信保密》2023年第3期103-112,共10页Information Security and Communications Privacy
摘 要:随着“震网”“NotPetya”“心脏滴血”“太阳风”等攻击事件的相继发生,软件供应链安全引起各国高度关注,而国家间竞争、地区冲突和全球性疫情等多种不利因素更加剧了对软件供应链安全生态的冲击,也对装备软件供应链安全提出严峻挑战。首先,从软件供应链全链条安全、软件源头把控、开源代码使用安全、软件供应链管控体系等几个方面入手,分析装备软件供应链面临的网络安全形势和安全风险。然后,从形成装备软件供应链的安全标准体系、安全监管体系、安全测评体系和安全技术体系等角度,提出相应对策措施,为装备软件供应链安全提供支持。With the successive attacks of“Stuxnet”“NotPetya”“HeartBleed”“SolarWinds”etc.,the security of software supply chain has attracted great attention from all countries.Many adverse factors,such as competitions between countries,regional conflicts and global epidemics,intensifies the impact on the security ecology of software supply chain,and also poses severe challenges to the security of equipment software supply chain.First,the cyber security situation and security risks faced by the equipment software supply chain are analyzed from the aspects of the whole chain security of the software supply chain,the control of the software source,the use security of open source code,and the software supply chain management and control system.Then,from the perspective of forming the security standard system,security management system,security evaluation system and security technology system of equipment software supply chain,this paper puts forward corresponding countermeasures to support the security of equipment software supply chain.
分 类 号:TP311.5[自动化与计算机技术—计算机软件与理论]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:18.190.207.221