检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:曾勇 马睿 汪超 王营杰 夏海斌 虞江 ZENG Yong;MA Rui;WANG Chao;WANG Yingjie;XIA Haibin;YU Jiang(CETC Cyberspace Security Technology Co.,Ltd.,Chengdu Sichuan 610041,China;The PLA Joint Logistic Support Force,Wuhan Hubei 430010,China;Unit 93501 of PLA,Beijing 100061,China)
机构地区:[1]中国电科网络安全科技股份有限公司,四川成都610041 [2]中国人民解放军联勤保障部队,湖北武汉430010 [3]中国人民解放军93501部队,北京100061
出 处:《通信技术》2023年第7期882-888,共7页Communications Technology
摘 要:传统的办公系统以系统为中心,网络划分为内网和外网,用户分为内部用户和外部用户,通常在内、外网边界构建隔离认证区进行认证与控制,保障网络通信和办公业务访问安全。但随着移动办公、云计算等技术的广泛采用,应用方式向移动化转变,用户向外延伸,数据向云上迁移,导致网络、用户再无内、外之分,以网络边界防护的安全架构已不再适用。以用户为中心、先认证后连接、动态授权和加密传输的零信任网络架构,可有效解决现有办公系统的安全防护短板。Existing office systems are system-centric.Networks are divided into intranets and extranets,and users are divided into internal users and external users.Usually,isolated authentication zones are built at the boundaries of the intranets and extranets for authentication and control to ensure the security of network communication and office business access.However,with the widespread adoption of mobile office,cloud computing and other technologies,the application mode begins to shift to mobility,the user to the outside,the data to the cloud migration,resulting in the networks,the users are no longer have internal or external distinction,and the security architecture that realizes protection at the network boundary is no longer applicable.The zero trust network architecture with user-centricity,authentication before connection,dynamic authorization and encrypted transmission can effectively solve the security protection shortfalls of the existing office system.
关 键 词:零信任 边界防护 身份认证 动态授权 访问控制策略
分 类 号:TN918.8[电子电信—通信与信息系统]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:3.17.74.222