零信任技术在铁路信息网络安全场景的应用构想  被引量:2

The Conception of Applying Zero Trust Technologies to Railway Information Network Security

在线阅读下载全文

作  者:王一芃 代娇 兰柳 马家骥 WANG Yipeng;DAI Jiao;LAN Liu;MA Jiaji(China Railway Information Technology Group Co.Ltd.Beijing 100044,China)

机构地区:[1]中国铁路信息科技集团有限公司,北京100044

出  处:《交通工程》2024年第7期36-43,共8页Journal of Transportation Engineering

基  金:中国国家铁路集团有限公司科技研究开发计划课题(P2022W002)。

摘  要:铁路信息网络承载客运、货运、经营管理等核心系统,网络安全关乎国家关键信息基础设施安全和人民群众财产安全。铁路信息网络除需提供持续增强的计算、通信、存储支撑能力外,还应不断完善安全保障体系和防御手段。考虑大数据、云计算、人工智能等新兴技术规模化应用导致的访问方式多元化、网络边界泛化、基础环境复杂异构化、数据资产规模化等特点,基于铁路信息网络基础设施、应用系统和安全防护现状,结合零信任模型和关键技术,针对既有应用访问控制措施的补强思路,设计提出基于零信任的铁路网络访问架构,以期管控访问行为,收敛应用网络暴露面。The railway information network serves as the core system for passenger and freight transportation,operation,and management,providing vital support for the railway business field.Its network security is directly linked to the security of national key information infrastructure and people's property.With the rapid advancement of railway informatization and digitalization,the network not only needs to continuously enhance computing,communication,and storage capabilities but also continuously improve its security system and defense measures.This paper addresses the diversified access modes,generalized network boundaries,and complex isomerization of the basic environment and scale of data assets caused by the large-scale application of emerging technologies such as big data,cloud computing,and artificial intelligence.Based on the current status of railway information network infrastructure,application systems,and security protection,combined with the zero-trust model and key technologies,this paper proposes an approach to strengthen the existing application access control measures in order to effectively control access behavior and converge the exposed surface of the application network.

关 键 词:铁路信息网络 访问控制 零信任模型 单包授权 安全网关 

分 类 号:U285[交通运输工程—交通信息工程及控制]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象