基于零信任理念的广播电视网络安全架构设计与应用  

Design and Application of Radio and Television Network Security Architecture Based on Zero Trust Concept

在线阅读下载全文

作  者:桂旭东 付明远 Gui Xudong;Fu Mingyuan(Zhaotong Radio and Television Safety Broadcasting Monitoring Center,Yunnan 657000,China;Zhaotong Radio and Television Relay Station,Yunnan 657000,China)

机构地区:[1]昭通市广播电视安全播出监测中心,云南657000 [2]昭通市广播电视转播台,云南657000

出  处:《广播与电视技术》2024年第9期111-116,共6页Radio & TV Broadcast Engineering

摘  要:在传统范式下,网络边界固定,网络协议存在原生漏洞,严重依赖边界安全设备防护,且执行“先连接后验证”,这种传统防护理念与技术架构已不能阻止当下越发高端的网络攻击。本文对传统边界防护理念、技术架构的局限性进行深度分析,同时阐述零信任理念、分析其优势,并设计广电零信任SDP(软件定义边界)技术架构。通过应用零信任SDP架构执行“先验证后连接”,能实现细粒度访问控制与动态策略管控,不断缩小信任域与暴露面,隐藏核心资产和设施。该技术架构持续演变进化的免疫力,能有效防御横向纵向流量攻击,能有力应对未来复杂多变的安全威胁。Under the traditional paradigm,network boundaries are fixed,network protocols have native vulnerabilities,heavily rely on border security equipment protection,and the implementation of“connect before verify”,these traditional protection concepts and technical architecture can no longer prevent the current increasingly high-end network attacks.This article conducts a deep analysis of the limitations of traditional boundary protection concepts and technical architectures,while elaborating on the zero trust concept,analyzing its advantages,and designing a zero trust SDP(software-defined Boundary)technical architecture for broadcasting and television.By applying the zero-trust SDP architecture to implement“Verify before connect”,finegrained access control and dynamic policy management can be achieved,continuously narrowing the trust domain and exposed surface,and hiding core assets and facilities.The technology architecture continues to evolve and evolve immunity,which can effectively defend against horizontal and vertical traffic attacks and effectively cope with complex and changeable security threats in the future.

关 键 词:网络安全 零信任 SDP架构 广电系统 架构应用 

分 类 号:TN918.91[电子电信—通信与信息系统]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象