摘要
为满足铁路敏感信息系统对数据安全的严苛要求,设计铁路敏感信息系统数据安全防护方案。文章阐述了该方案的架构及核心防护措施,严格遵循信息系统网络安全等级保护三级标准,融合数据分类分级、加密、脱敏、数据库审计及安全网关等关键技术,从安全管理中心、通信网络、区域边界、计算环境多个维度优化防护体系。实际应用表明,该方案可无缝融入铁路业务场景,并配套管理制度,全面保障数据安全与完整,为铁路敏感系统的安全稳定运行提供有力保障。
To meet the strict requirements of data security for railway sensitive information systems,this paper designed a data security protection scheme for railway sensitive information systems.It elaborated on the architecture and core protection measures of the scheme,and strictly followed the three-level standard of information system network security protection,integrated key technologies such as data classification and grading,encryption,desensitization,database auditing,and security gateway,and optimized the protection system from multiple dimensions including security management center,communication network,regional boundary,and computing environment.Practical application has shown that this scheme can seamlessly integrate into railway business scenarios,and is accompanied by management systems to comprehensively ensure data security and integrity,provides strong support for the safe and stable operation of railway sensitive systems.
作者
刘敏
史永乐
周发明
LIU Min;SHI Yongle;ZHOU Faming(Institute of Information Technology,China Railway Guangzhou Group Co.Ltd.,Guangzhou 510088,China)
出处
《铁路计算机应用》
2025年第9期52-57,共6页
Railway Computer Application
基金
广铁科技研究开发课题(2024K149-X)。
关键词
铁路敏感信息系统
数据安全
数据库网关
数据脱敏
数据加密
数据分类分级
数据库审计
railway sensitive information system
data security
database gateway
data desensitization
data encryption
data classification and grading
database audit
