检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:孟晓阳[1] 杨巍 张楠[1] 孙国强[1] MENG Xiaoyang;YANG Wei;ZHANG Nan;SUN Guoqiang(Peking Union Medical College Hospital,Beijing 100730,China)
机构地区:[1]北京协和医院,北京100730
出 处:《医学信息学杂志》2024年第9期87-90,共4页Journal of Medical Informatics
基 金:中国医学科学院医学与健康科技创新工程项目(项目编号:2022-I2M-1-019)。
摘 要:目的/意义分析医院面临的近源网络攻击风险,提出对策建议。方法/过程结合实际工作经验,先以近源网络攻击者视角对医院网络架构、现场物理环境、人员行为等方面进行风险分析,再以防守者视角,结合合规要求和技术实践做法,提出对策建议。结果/结论识别出无线局域网破解、有线网络插口暴露、自助机配置不当、投毒与钓鱼、敏感信息泄漏5类主要风险,提出加强Wi-Fi管理、联网终端准入全覆盖、多部门协作管理自助机设备、内网终端禁用移动存储介质、网络安全教育应与时俱进5条防范建议。Purpose/Significance To analyze the risks of near-source cyber-attacks faced by hospitals,and to propose countermeasures.Method/Process Combined with practical work experience,the risk analysis of hospital network architecture,on-site physical environment,personnel behavior and other aspects is carried out from the perspective of near-source cyber-attacker.Then,from the perspective of defender and in combination with regulatory requirements and technical practices,countermeasures and suggestions are proposed.Result/Conclusion 5 main risks are identified,including wireless LAN cracking,exposed wired network sockets,improper configuration of self-service machines,poisoning&phishing,and sensitive information leakage.5 preventive suggestions are put forward,including strengthening Wi-Fi management,full coverage of network terminal access,multi-department collaboration in self-service device management,disabling mobile storage media on Intranet terminals,and updating cyber-security education.
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.147