用科学的网络安全观指导关键信息基础设施安全保护

doi:10.11959/j.issn.2096-3750.2019.00114

物联网学报 ›› 2019, Vol. 3 ›› Issue (3): 1-4.doi: 10.11959/j.issn.2096-3750.2019.00114

• 前言与综述 • 下一篇

用科学的网络安全观指导关键信息基础设施安全保护

李旸照^1,²,沈昌祥³,田楠⁴

¹ 中国长江三峡集团有限公司，北京 100038
² 浙江大学控制科学与工程学院，浙江杭州 310027
³ 中国工程院，北京 100088
⁴ 中国人民解放军91977部队，北京 100089

修回日期:2019-09-12 出版日期:2019-09-30 发布日期:2019-10-14
作者简介:李旸照（1986- ），男，湖北黄冈人，博士，中国长江三峡集团有限公司高级工程师，主要研究方向为网络安全和工业控制。|沈昌祥（1940- ），男，浙江奉化人，中国工程院院士，国家集成电路产业发展咨询委员会委员、国家信息化专家咨询委员会委员、国家三网融合专家组成员，主要研究方向为网络安全和密码工程。|田楠（1988- ），男，湖北宜昌人，中国人民解放军 91977 部队工程师，主要研究方向为网络安全和密码工程。

Guiding the security protection of critical information infrastructure with scientific network security concept

Yangzhao LI^1,²,Changxiang SHEN³,Nan TIAN⁴

¹ China Yangtze Three Gorges Group Co.,Ltd.,Beijing 100038,China
² School of Control Science and Engineering,Zhejiang University,Hangzhou 310027,China
³ Chinese Academy of Engineering,Beijing 100088,China
⁴ Chinese People’s Liberation Army 91977 Force,Beijing 100089,China

Revised:2019-09-12 Online:2019-09-30 Published:2019-10-14

摘要/Abstract

摘要：

在当前竞争日益激烈的国际网络空间安全博弈中，关键信息基础设施安全形势严峻。从科学原理上看，网络安全风险的实质是人们对信息科学认知逻辑的局限性，建设“刀枪不入”的网络防御体系是不可能的；从经济效益上看，建设这种网络防御体系也不一定划算。网络安全工作的关键是安全目标的收敛，重点是确保完成计算任务的逻辑组合不被篡改和破坏，从而实现正确计算。围绕这个安全目标，从逻辑正确验证理论、计算体系结构和计算工程应用模式等方面进行科学技术创新，解决了逻辑缺陷不被攻击者利用的问题，形成攻防矛盾的统一体，为信息系统建立主动免疫能力。

关键词: 关键信息基础设施, 网络安全, 可信计算, 主动免疫

Abstract:

In the current increasingly competitive international cyberspace security game,critical information infrastructure is facing a severe security situation.From the view of scientific principle,the essence of network security risk is the limitation of people’s cognitive logic of information science.It is impossible to build a solid network defense system,and it is not necessarily cost-effective from the view of economic benefits.In network security work,the most important thing is the convergence of security objectives.The key is to ensure that the logical combination of computing tasks is not tampered with or destroyed,and to achieve correct calculation.Focusing on this security goal,scientific and technological innovations were made in such aspects as logical correct verification theory,computing architecture and application mode of computing engineering.The problem that logical defects were not exploited by attackers was solved,a unity of offensive and defensive contradictions was formed,and the active immunity capability for information systems was established.

Key words: critical information infrastructure, network security, trusted computing, active immunization

中图分类号:

TP393

李旸照,沈昌祥,田楠. 用科学的网络安全观指导关键信息基础设施安全保护[J]. 物联网学报, 2019, 3(3): 1-4.

Yangzhao LI,Changxiang SHEN,Nan TIAN. Guiding the security protection of critical information infrastructure with scientific network security concept[J]. Chinese Journal on Internet of Things, 2019, 3(3): 1-4.

[1]	沈昌祥 . 可信计算构筑主动防御的安全体系[J]. 信息安全与通信保密, 2016(6):34.
	SHEN C X . Trusted computing constructs a security system for active defense[J]. Information Security and Communications Privacy, 2016(6):34.
[2]	沈昌祥, 张焕国, 王怀民 ,等. 可信计算的研究与发展[J]. 中国科学:信息科学, 2010,40(2): 139-166.
	SHEN C X , ZHANG H G , WANG H M ,et al. Research and develop-ment of trusted computing[J]. Science China (Informations), 2010,40(2): 139-166.
[3]	沈昌祥 . 用可信计算构筑网络安全[J]. 中国信息化, 2015(11): 33-34.
	SHEN C X . Constructing network security with trusted computing[J]. Zhongguo Xinxihua, 2015(11): 33-34.

用科学的网络安全观指导关键信息基础设施安全保护

Guiding the security protection of critical information infrastructure with scientific network security concept

在线阅读

PDF下载

可视化

摘要/Abstract

引用本文

使用本文

参考文献 3

相关文章 1

Metrics

推荐阅读 0