| 医疗云计算技术与信息安全等级保护 |
| |
| 引用本文: | 陈伟,;王强,;袁天祥.医疗云计算技术与信息安全等级保护[J].中国数字医学,2014(8):26-28. |
| |
| 作者姓名: | 陈伟 ;王强 ;袁天祥 |
| |
| 作者单位: | [1] 成都市锐信安信息安全技术有限公司,四川省成都市武候祠横街18号,610041; [2] 都江堰市医疗中心,四川省成都市都江堰市宝莲路622号,611830 |
| |
| 摘 要: | 随着现代信息技术的发展,医疗机构采用云计算技术进行信息化建设成为可能。但按照等级保护的基本要求,对云计算信息系统难以有效开展信息安全等级保护测评。以云安全服务模型参考,并以云安全管理中心为例,对云计算信息系统进行云安全等级保护建模和云安全建模,并将二者进行嵌套。针对嵌套的云计算信息系统模型进行等级保护控制项细粒度分析和风险分析,从而完成云计算信息系统的信息安全等级保护测评工作,为医疗机构采用云计算进行信息化建设并同时做好信息安全等级保护提供参考。
|
| 关 键 词: | 医疗机构 信息安全等级保护测评 云计算技术 云安全服务模型 云安全管理中心 |
Medical Cloud Computing Technology and Information Security Level Protection |
| |
| Institution: | CHEN Wei, WANG Qiang, YUAN Tian-xiang( Chengdu Ruixin' an Information Safety Technology Co., Ltd., Chengdu 610041, Sichuan Province, P.R.C.) |
| |
| Abstract: | With the development of modern information technology, it is possible for medical organizations to use cloud computing technology for informatization construction. But according to the basic requirements of level protection, it is difficult to effectively carry out information security level protection evaluation for cloud computing information system. With cloud security service model as the reference and with cloud security management center as an example, cloud security level protection modeling and cloud security model are carried out and nested for cloud computing information system. For the nested cloud computing information system model, fine-grained analysis and risk analysis of level protection control items are conducted, so as to complete the information security level protection evaluation of cloud computing information system and provide reference for medical organizations' informatization construction with cloud computing and information security level protection. |
| |
| Keywords: | medical organizations protection and evaluation of information security level cloud computing technology cloud security service model cloud security management center |
| 本文献已被 维普 等数据库收录! |
|
