PDF(2239 KB)
PDF(2239 KB)
PDF(2239 KB)
网络安全战略与方法发展现状、趋势及展望
Development Status, Trends, and Prospects of Cybersecurity Strategies and Methods
在全球数字生态系统底层驱动范式转型的推动下,网络安全已成为一个至关重要的议题,其重要性与日俱增。本文深入分析了当前网络安全战略与方法的发展现状和未来发展趋势,全面评估了全球网络安全格局的变化,详细介绍了国外网络安全战略的发展现状,重点分析了美国和欧盟的相关政策;探讨了网络弹性、设计安全和零信任等国际主流网络安全方法,以及我国原创的内生安全理论和拟态构造技术;在此基础上指出我国网络安全发展具有庞大的市场应用前景、完整的信息产业链、系统化的人才培养体系和原创技术理论等优势,但在安全责任分配机制、法律法规体系完善度以及安全标准建设等方面仍存在提升空间;研究建议,加快制定中国特色网络安全政策法规,构建基于内生安全的网络安全架构,推动网络安全责任从用户侧向制造侧转移,为建立全面的网络安全责任和质量控制体系提供有力支撑,提升数字产品的整体安全性。
Under the impetus of the paradigm shift driven by the global digital ecosystem, cybersecurity has become a critical issue of ever-increasing importance. This study provides an in-depth analysis of the current state and future trends of cybersecurity strategies and methods, offering a comprehensive assessment of the changes in the global cybersecurity landscape. It details the development of international cybersecurity strategies, with a focus on the policies of the United States and the European Union. The study also explores mainstream cybersecurity methods such as cyber resilience, security by design, and zero trust, as well as China's original theories on endogenous safety and security and the mimic defense technology. Based on this, this study points out that the cybersecurity development in China has advantages such as a vast-market application scenario, a complete information industry chain, a systematic talent training system, and original technical theories. However, there is still room for improvement in security responsibility allocation mechanisms, legal system completeness, and security standards development. The study recommends accelerating the formulation of cybersecurity policies and regulations with Chinese characteristics, constructing a cybersecurity architecture based ons endogenous safety and security, and shifting cybersecurity responsibilities from the user side to the manufacturing side. These measures aim to provide strong support for establishing a comprehensive cybersecurity responsibility and quality control system, enhancing the overall security of digital products.
网络安全战略 / 网络安全方法 / 内生安全 / 网络安全责任转移
cybersecurity strategies / cybersecurity methods / endogenous safety and security / cybersecurity responsibility shift
| [1] |
Gianmarco B, Josefa B, Gil G D, et al. Cybersecurity, our digital anchor: A European perspective [R]. Luxembourg: Publications Office of the European Union, 2020.
|
| [2] |
Ross R, Pillitteri V, Graubart R, et al. Developing cyber resilient systems: A systems security engineering approach [R]. Gaithersburg: National Institute of Standards and Technology, 2021.
|
| [3] |
何占博, 王颖, 刘军. 我国网络安全等级保护现状与2.0标准体系研究 [J]. 信息技术与网络安全, 2019, 38(3): 9‒14, 19.
He Z B, Wang Y, Liu J. Research on the status and 2.0 standard system of network security classified protection in China [J]. Information Technology and Network Security, 2019, 38(3): 9‒14, 19.
|
| [4] |
Petrenko S. Cyber resilience [M]. New York: River Publishers, 2022.
|
| [5] |
Stafford V. Zero trust architecture [R]. Gaithersburg: National Institute of Standards and Technology, 2020.
|
| [6] |
Bodeau D, Graubart R, Picciotto J, et al. Cyber resiliency engineering framework [R]. Bedford: MITRE Corporation, 2011.
|
| [7] |
Bodeau D, Graubart R. Cyber resiliency design principles [R]. Bedford: MITRE Corporation, 2017.
|
| [8] |
Bodeau D, Graubart R, McQuaid R, et al. Cyber resiliency metrics, measures of effectiveness, and scoring: Enabling systems engineers and program managers to select the most useful assessment methods [R]. Bedford: MITRE Corporation, 2018.
|
| [9] |
Bodeau D, Graubart R, Heinbockel W, et al. Cyber resiliency engineering aid-the updated cyber resiliency engineering framework and guidance on applying cyber resiliency techniques [R]. Bedford: MITRE Corporation, 2015.
|
| [10] |
邬江兴, 季新生, 贺磊, 等. 内生安全赋能网络弹性研究 [J]. 信息通信技术, 2023, 17(4): 4‒11.
Wu J X, Ji X S, He L, et al. Research on network elasticity of endogenous security empowerment [J]. Information and Communications Technologies, 2023, 17(4): 4‒11.
|
| [11] |
Souppaya M, Scarfone K, Dodson D. Secure software development framework (SSDF) version 1.1: Recommendations for mitigating the risk of software vulnerabilities [R]. Gaithersburg: National Institute of Standards and Technology, 2022.
|
| [12] |
U.S. Department of Defense. DoD zero trust strategy [EB/OL].(2022-11-07)[2024-11-15]. https://dodcio.defense.gov/Portals/0/Documents/Library/DoD-ZTStrategy.pdf.
|
| [13] |
邬江兴. 论网络空间内生安全问题及对策 [J]. 中国科学: 信息科学, 2022, 52(10): 1929‒1937.
Wu J X. Cyberspace's endogenous safety and security problem and the countermeasures [J]. SCIENTIA SINICA Informationis, 2022, 52(10): 1929‒1937.
|
| [14] |
沈昌祥, 张焕国, 王怀民, 等. 可信计算的研究与发展 [J]. 中国科学: 信息科学, 2010, 40(2): 139‒166.
Shen C X, Zhang H G, Wang H M, et al. Research and development of trusted computing [J]. SCIENTIA SINICA Informations, 2010, 40(2): 139‒166.
|
| [15] |
胡俊, 沈昌祥, 公备. 可信计算3.0工程初步 [M]. 北京: 人民邮电出版社, 2017.
Hu J, Shen C X, Gong B. Preliminary study on trusted computing 3.0 project [M]. Beijing: Posts and Telecommunications Press, 2017.
|
| [16] |
邬江兴. 网络空间内生安全发展范式 [J]. 中国科学: 信息科学, 2022, 52(2): 189‒204.
Wu J X. Development paradigms of cyberspace endogenous safety and security [J]. SCIENTIA SINICA Informationis, 2022, 52(2): 189‒204.
|
| [17] |
邬江兴. 网络空间拟态防御研究 [J]. 信息安全学报, 2016, 1(4): 1‒10.
Wu J X. Research on cyber mimic defense [J]. Journal of Cyber Security, 2016, 1(4): 1‒10.
|
| [18] |
邬江兴. 网络空间内生安全—拟态防御与广义鲁棒控制(下册) [M]. 北京: 科学出版社, 2020.
Wu J X. Intrinsic security in cyberspace: Hypothetical defense and generalized robust control (Volume 2) [M]. Beijing: Science Press, 2020.
|
| [19] |
Ross R. Security and privacy controls for federal information systems and organizations [R]. Gaithersburg: National Institute of Standards and Technology, 2020.
|
| [20] |
Souppaya M, Morello J, Scarfone K. Application container security guide [R]. Gaithersburg: National Institute of Standards and Technology, 2017.
|
/
| 〈 |
|
〉 |
