当前位置>主页 > 期刊在线 > 信息安全 >

信息安全2019年8期

浅谈基于协议代理的运维堡垒主机在空管网络安全中的应用
廉文超
(民航华北空管局通信网络中心,北京 100621)

摘  要:随着空管信息化建设的不断深入,运维人员维护的设备也随之增加,在以往的项目建设中,网络安全方面的设计仅针对于防护外部攻击,对内部网络安全并无涉及。国家网络安全相关部门发布的报告显示,超过70% 的网络安全威胁源于内部。公安部在《信息系统安全等级保护基本要求》中明确要求,对于重要信息系统网络安全、主机安全、应用安全均要求具备安全审计功能。今年,民航系统对其下属单位的网络安全问题也尤为重视,就在前不久,由民航局空管局网信办、民航大学等多家部门就对我局核心信息系统进行了网络安全评估工作,在提出的整改意见中,其中一条就是对设备维护行为采取行之有效的安全审计。基于以上情况,本文探讨了运用堡垒主机提高空管系统网络安全的理念。


关键词:堡垒主机;空中交通管制;网络安全



中图分类号:TP309         文献标识码:A        文章编号:2096-4706(2019)08-0149-03


Talking about the Application of Operation and Maintenance Bastion Host Based on
Protocol Agent in ATM Network Security
LIAN Wenchao
(CAAC North China Regional Administration Communications Network Center,Beijing 100621,China)

Abstract:With the deepening of the construction of air traffic control informatization,the equipment maintained by operation and maintenance personnel has also increased. In the past project construction,the design of network security only aims at protecting external attacks,but does not involve the internal network security. The report issued by the relevant departments of national network security shows that more than 70% of network security threats originate from inside. In the Basic Requirements of Information System Security Grade Protection,the Ministry of Public Security clearly requires that the security auditing function be provided for the network security,host security and application security of important information systems. This year,the Civil Aviation System attaches great importance to the network security of its subordinate units. Just recently,many departments,such as the Network Communications Office of the Air Administration of Civil Aviation Administration and the Civil Aviation University,have carried out network security assessment on the core information system of the Civil Aviation Bureau. Among the suggestions for improvement,one of them is to take effective safety audits on equipment maintenance behavior. Based on the above situation,this paper discusses the idea of using the bastion host to improve the network security of air traffic control system.

Keywords:bastion host;air traffic control;network security


参考文献:

[1] 张笑笑,邹春明,顾健. 堡垒机在信息系统中的应用 [A].第二届全国信息安全等级保护技术大会. 第二届全国信息安全等级保护技术大会会议论文集 [C]. 中国安徽合肥:公安部第三研究所,2013:207-209.

[2] 王栋,来风刚,李静. 数据中心IT 运维审计体系研究 [J].电力信息化,2012,10(1):20-23.

[3] 戴莹. 浅谈如何运用堡垒机系统解决单位信息管理内控风险 [J]. 网络安全技术与应用,2015(8):53-54.


作者简介:廉文超(1986.12-),女,汉族,天津人,工程师,本科,主要研究方向:民航平面通信。