摘要
随着我国铁路客票系统支付方式趋于多样化、网络化,运营管理模式逐步智能化的同时,铁路客票系统的信息安全将面临更大威胁。通过深入分析我国铁路客票系统的信息安全现状及需求,设计符合信息系统等级保护四级要求的信息安全防护体系。提出"一个中心支撑下的三重防护体系"结构,并构造形式化的安全策略模型,划分以铁道部客票中心、地区客票中心和车站客票系统为核心的三级安全区域。采用整合的安全管理中心制定和下发访问控制策略及事件响应机制,对客票系统计算环境安全、区域边界安全、通信网络安全实施统一标记的全程访问控制,跨级对所有设备进行统一配置和监控,以达到系统的信息安全整体防护的目的。
With TRS payment tending to diversification and networking, and the operation management pattern becoming gradually intelligent, the information security of TRS will face great threat. In view of the present conditions and demand of information security of TRS deeply, the information security protection system matched up with requirements for level 4th classified protection of information systems was proposed. A structure named triple protection systems supported by a center was proposed and a formal security policy model was constructed, and the core security regions of Ministry of Railways Ticketing Center, Regional Ticketing Center and station ticketing system were divided. By using integrated security management center to formulate and issued the access control policy and incident response mechanism, the tickets system can be visited and controlled by unified mark to make sure the security of computing environment, region boundary as well as communication network. All of the instruments can be canfigured and supervised crossing seaurity levels so as to realize information security of TRS.
出处
《铁道科学与工程学报》
CAS
CSCD
北大核心
2012年第5期119-124,共6页
Journal of Railway Science and Engineering
基金
铁道部科技研究开发计划项目(2012X010-B)
中国铁道科学研究院基金资助项目(1052DZ1301)
关键词
铁路客票系统
信息安全
等级保护
安全管理中心
访问控制策略
railway passenger ticket system
information security
classified protection
security management center
access control policy
