网络与信息安全学报 ›› 2021, Vol. 7 ›› Issue (6): 56-67.doi: 10.11959/j.issn.2096-109x.2021106
邱洁1, 韩瑞2, 魏志丰2, 王志洋1
修回日期:
2021-07-08
出版日期:
2021-12-15
发布日期:
2021-12-01
作者简介:
邱洁(1986− ),女,江西吉安人,中国互联网络信息中心高级工程师,主要研究方向为智慧城市、物联网标识应用及安全、信息基础设施管理基金资助:
Jie QIU1, Rui HAN2, Zhifeng WEI2, Zhiyang WANG1
Revised:
2021-07-08
Online:
2021-12-15
Published:
2021-12-01
Supported by:
摘要:
以物理空间与网络空间的映射关系为研究思路,面向网络空间的对象、资源、活动等关键要素,综合考虑了网络空间设备、系统、数据及环境等方面的发展需求,构建了一种科学的网络空间公共基础设施体系,并从管理认证和应用认证的双重认证角度出发,针对用户/设备认证和访问控制等方面给出了一些相应的安全策略和实施建议。
中图分类号:
邱洁, 韩瑞, 魏志丰, 王志洋. 网络空间公共基础设施体系及安全策略研究[J]. 网络与信息安全学报, 2021, 7(6): 56-67.
Jie QIU, Rui HAN, Zhifeng WEI, Zhiyang WANG. Research of public infrastructure system and security policy in cyberspace[J]. Chinese Journal of Network and Information Security, 2021, 7(6): 56-67.
[1] | CNNIC. Statistical report on internet development in China[R]. 2021. |
[2] | ANBAR M , ABDULLAH R , AL-TAMIMI B N , ,et al. A machine learning approach to detect router advertisement flooding attacks in next-generation IPv6 networks[J]. Cognitive Computation, 2018,10(2): 201-214. |
[3] | China Mobile Internet Development Report (2020)[R]. 2020. |
[4] | TERRI MOON CRONK. White house releases first national cyber strategy in 15 years[R]. 2018. |
[5] | Economic Research Office. Overview of the 2019 White Paper on Information and Communications in Japan[R]. 2019. |
[6] | THOMAS B . Towards a common 5G strategy:the case for UK-Germany collaboration[R]. 2020. |
[7] | POTO?NIK J . Recover today,lead for 2030:a future-fit industrial strategy for Europe[R]. 2021. |
[8] | The Ministry of Finance. Government Standard No.5-Public Infrastructure[S]. 2017. |
[9] | GEORGE K . IoT analytics[EB]. 2018. |
[10] | GU Y , REN F J , JI Y S ,et al. The evolution of sink mobility management in wireless sensor networks:a survey[J]. IEEE Communications Surveys & Tutorials, 2016,18(1): 507-524. |
[11] | 陈宗章 . 网络空间:概念、特征及其空间归属[J]. 重庆邮电大学学报(社会科学版), 2019,31(2): 63-71. |
CHEN Z Z . Cyberspace:conception,characteristics and its attribu-tion[J]. Journal of Chongqing University of Posts and Telecommu-nications (Social Science Edition), 2019,31(2): 63-71. | |
[12] | 韩传峰 . 城市公共服务设施的一类价值评估计算模型[J]. 同济大学学报(自然科学版), 2004,32(9): 1239-1251. |
HAN C F . Computing model in evaluation on city public service Establishment[J]. Journal of Tongji University (Natural Science). 2004,32(9): 1239-1251. | |
[13] | 徐翀崎, 李锋, 韩宝龙 . 城市生态基础设施管理研究进展[J]. 生态学报, 2016,36(11): 3146-3155. |
XU C Q , LI F , HAN B L . Progress in research on urban ecological infrastructure management[J]. Acta Ecologica Sinica, 2016,36(11): 3146-3155. | |
[14] | 王坤岩 . 城市公共基础设施效益三维度评价研究[M]. 北京: 企业管理出版社, 2017. |
WANG K Y . Study on three-dimensional evaluation of urban public infrastructure benefit[M]. Beijing: Enterprise Management Pub-lishing House. | |
[15] | KITCHIN R M . Towards geographies of cyberspace[J]. Progress in Human Geography, 1998,22(3): 385-406. |
[16] | 郭莉, 曹亚男, 苏马婧 ,等. 网络空间资源测绘:概念与技术[J]. 信息安全学报, 2018,3(4): 1-14. |
GUO L , CAO Y N , SU M J ,et al. Cyberspace resources surveying and mapping:the concepts and technologies[J]. Journal of Cyber Security, 2018,3(4): 1-14. | |
[17] | 张江, 孙治, 徐锐 ,等. 一种网络空间资源的测度方法研究[J]. 信息技术与网络安全, 2019,38(5): 7-11. |
ZHANG J , SUN Z , XU R ,et al. A research on measure method of cyberspace resource[J]. Information Technology and Network Se-curity, 2019,38(5): 7-11. | |
[18] | CHEN Z Z . Cyberspace:conception,characteristics and its attribution[J]. Journal of Chongqing University of Posts and Telecommunications (Social Science Edition), 2019,31(2): 63-71. |
[19] | 方滨兴 . 定义网络空间安全[J]. 网络与信息安全学报, 2018,4(1): 1-5. |
FANG B X . Define cyberspace security[J]. Chinese Journal of Network and Information Security, 2018,4(1): 1-5. | |
[20] | OLIVEIRA L B , DAHAB R , LOPEZ J ,et al. Identity-based encryption for sensor networks[C]// Proceedings of Fifth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PerComW'07). 2007: 290-294. |
[21] | ROHBANIAN M R , KHARAZMI M R , KESHAVARZ-HADDAD A , ,et al. Watchdog- LEACH:a new method based on LEACH protocol to secure clustered wireless sensor networks[J]. Advances in Computer Science An International Journal, 2013,2(3): 105-117. |
[22] | 邹凯, 侯岚, 蒋知义 ,等. 智慧城市信息安全风险影响因素的三维结构框架与识别研究[J]. 现代情报, 2019,39(10): 15-23. |
ZOU K , HOU L , JIANG Z Y ,et al. Research on 3-D structure and recognition of influencing factors of information security risk in smart city[J]. Journal of Modern Information, 2019,39(10): 15-23. | |
[23] | ISO/IEC 29115-2013. Information technology-security techniquesentity authentication assurance framework[S]. 2013 |
[24] | ISO/IEC TS 29003:2018. Information technology-security techniques -Identity proofing[S]. 2018 |
[25] | 董发志, 丁洪伟, 杨志军 ,等. 基于遗传算法和模糊C均值聚类的WSN分簇路由算法[J]. 计算机应用, 2019,39(8): 2359-2365. |
DONG F Z , DING H W , YANG Z J ,et al. WSN clustering routing algorithm based on genetic algorithm and fuzzy C-means cluster-ing[J]. Journal of Computer Applications, 2019,39(8): 2359-2365. | |
[26] | 危蓉, 赵德正 . 基于身份的无线传感器网络层簇式密钥管理方案[J]. 武汉大学学报(工学版), 2015,48(4): 580-583,590. |
WEI R , ZHAO D Z . Key-management scheme based on identity and cluster layer for wireless sensor network[J]. Engineering Jour-nal of Wuhan University, 2015,48(4): 580-583,590. | |
[27] | 田野, 张玉军, 张瀚文 ,等. 移动 IPv6 网络基于身份的层次化接入认证机制[J]. 计算机学报, 2007,30(6): 905-915. |
TIAN Y , ZHANG Y J , ZHANG H W ,et al. Identity-based hierar-chical access authentication in mobile IPv6 network[J]. Chinese Journal of Computers, 2007,30(6): 905-915. | |
[28] | 张彬, 广晖, 陈熹 . 基于智能合约的无线Mesh网络安全架构[J]. 计算机工程, 2019,45(11): 16-23,31. |
ZHANG B , GUANG H , CHEN X . Smart contract-based security architecture for wireless mesh network[J]. Computer Engineering, 2019,45(11): 16-23,31. | |
[29] | CAO J W , YANG M B . Energy Internet:towards smart grid 2.0[C]// Proceedings of 2013 Fourth International Conference on Networking and Distributed Computing. Piscataway:IEEE Press, 2013: 105-110. |
[30] | XU G Q , CAO Y , REN Y Y ,et al. Network security situation awareness based on semantic ontology and user-defined rules for Internet of Things[J]. IEEE Access, 2017,5: 21046-21056. |
[31] | H?NISCH T , ROGGE S . IT-Sicherheit in der Industrie 4.0[M]. Wiesbaden,Germany: Springer, 2017. |
[32] | European Commission EU cyber security strategy[R]. 2018. |
[33] | 董亚南, 赵改侠, 谢宗晓 . 关键信息基础设施保护及其实践探讨[J]. 网络空间安全, 2018,9(8): 84-89. |
DONG Y N , ZHAO G X , XIE Z X . The practice of critical infor-mation infrastructure protection analysis[J]. Cyberspace Security, 2018,9(8): 84-89. | |
[34] | 郭朝先, 刘艳红 . 中国信息基础设施建设:成就、差距与对策[J]. 企业经济, 2020,39(9): 143-151. |
GUO C X , LIU Y H . The construction,achievements,gaps and countermeasures of information infrastructure in China[J]. Enter-prise Economy, 2020,39(9): 143-151. | |
[35] | SANI A S , YUAN D , JIN J ,et al. Cyber security framework for Internet of Things-based Energy Internet[J]. Future Generation Computer Systems, 2019,93: 849-859. |
[36] | TECHNOLOGY N I O S A . Framework for improving critical infrastructure cybersecurity:version 1.0[EB]. 2014. |
[37] | STINE K , BARRETT M . Portuguese translation of the framework for improving critical infrastructure cybersecurity version 1.1 (cybersecurity framework)[R]. National Institute of Standards and Technology, 2021. |
[38] | European Network and Information Security Agency. EU network and information security directive[R]. 2019. |
[1] | 朱春陶, 尹承禧, 张博林, 殷琪林, 卢伟. 基于多域时序特征挖掘的伪造人脸检测方法[J]. 网络与信息安全学报, 2023, 9(3): 123-134. |
[2] | 王贺立, 闫巧. 基于交易记录特征的自私挖矿检测方案[J]. 网络与信息安全学报, 2023, 9(2): 104-114. |
[3] | 曹进, 石小平, 马如慧, 李晖. 融合双层卫星网络的星地和星间AKA协议[J]. 网络与信息安全学报, 2023, 9(1): 18-31. |
[4] | 陈训逊, 李明哲, 吕宁, 黄亮. 内禀安全:网络安全能力体系化构建方法[J]. 网络与信息安全学报, 2023, 9(1): 92-102. |
[5] | 郭辉, 罗勇, 郭晓潞. 基于国密算法的车载以太网控制器身份认证方法[J]. 网络与信息安全学报, 2022, 8(6): 20-28. |
[6] | 刘军, 袁霖, 冯志尚. 集群网络密钥管理方案研究综述[J]. 网络与信息安全学报, 2022, 8(6): 52-69. |
[7] | 肖敏, 姚涛, 刘媛妮, 黄永洪. 具有隐私保护的动态高效车载云管理方案[J]. 网络与信息安全学报, 2022, 8(6): 70-83. |
[8] | 李东, 郝艳妮, 彭升辉, 訾瑞杰, 刘西蒙. 国家自然科学基金委员会网络安全现状与展望[J]. 网络与信息安全学报, 2022, 8(6): 92-101. |
[9] | 姜奇, 冯茹, 张瑞杰, 王金花, 陈婷, 魏福山. 基于GRU的智能手机多场景步态认证[J]. 网络与信息安全学报, 2022, 8(5): 26-39. |
[10] | 邢福康, 张铮, 隋然, 曲晟, 季新生. 面向进程多变体软件系统的攻击面定性建模分析[J]. 网络与信息安全学报, 2022, 8(5): 121-128. |
[11] | 易聪, 胡军. 新的基于鼠标行为的持续身份认证方法[J]. 网络与信息安全学报, 2022, 8(5): 179-188. |
[12] | 陈立全, 李潇, 杨哲懿, 钱思杰. 基于区块链的高透明度PKI认证协议[J]. 网络与信息安全学报, 2022, 8(4): 1-11. |
[13] | 王泽南, 李佳浩, 檀朝红, 皮德常. 面向网络安全资源池的智能服务链系统设计与分析[J]. 网络与信息安全学报, 2022, 8(4): 175-181. |
[14] | 牛建林, 任志宇, 杜学绘. 基于联盟链的跨域认证方案[J]. 网络与信息安全学报, 2022, 8(3): 123-133. |
[15] | 张伟成, 卫红权, 刘树新, 普黎明. 5G移动边缘计算场景下的快速切换认证方案[J]. 网络与信息安全学报, 2022, 8(3): 154-168. |
阅读次数 | ||||||
全文 |
|
|||||
摘要 |
|
|||||
|