图书情报工作 ›› 2019, Vol. 63 ›› Issue (7): 5-14.DOI: 10.13266/j.issn.0252-3116.2019.07.001

• 理论研究 • 上一篇    下一篇

云计算环境下国家学术信息资源安全控制与管理

万莉1, 胡昌平2   

  1. 1. 南昌大学新闻与传播学院 南昌 330031;
    2. 武汉大学信息管理学院 武汉 430072
  • 收稿日期:2018-07-16 修回日期:2018-10-27 出版日期:2019-04-05 发布日期:2019-04-05
  • 作者简介:万莉(ORCID:0000-0001-6178-1435),讲师,博士,E-mail:towanli@126.com;胡昌平(ORCID:0000-0002-9491-2160),教授,博士生导师。
  • 基金资助:
    本文系国家社会科学基金重大项目"云环境下国家数字学术资源信息安全保障体系研究"(项目编号:14ZDB168)研究成果之一。

Control and Management of National Academic Information Resources Security in Cloud Computing Environment

Wan Li1, Hu Changping2   

  1. 1. School of Journalism & Communication, Nanchang University, Nanchang 330031;
    2. School of Information Management, Wuhan University, Wuhan 430072
  • Received:2018-07-16 Revised:2018-10-27 Online:2019-04-05 Published:2019-04-05

摘要: [目的/意义]构建云计算环境下国家学术信息资源安全控制框架,为云计算环境下国家学术信息资源安全保障提供参考。[方法/过程]在借鉴传统复杂系统安全控制论的人、机、环有机整体以及信息保障技术框架(IATF)的人、操作、技术的模式基础上,结合云计算环境下信息安全控制关键域与治理域,构建云计算环境下国家学术信息资源安全控制框架。[结果/结论]云计算环境下国家学术信息资源安全涉及关键领域包括全员管理、控制策略、安全测评,云计算环境下国家学术信息资源安全控制框架既包括云计算环境下国家学术信息资源安全控制措施,同时包括对其安全控制措施的有效性测量。

关键词: 学术信息资源, 安全控制, 安全管理, 信息资源安全

Abstract: [Purpose/significance] In order to provide references for national academic information resources security, this paper aims to construct the security control framework for national academic resources in cloud computing environment. [Method/process] Based on Human-Machine-Environment organic unity in safety control theory of conventional complexity system, and Information Assurance Technical Framework that combines "the people, the operation, the technology", this paper integrates the key domain and governance domain in information security guarantee to construct the above security control framework. [Result/conclusion] Under the cloud computing environment, the key domains in the national academic information resources security include personnel management, control strategy, and safety assessment. The framework contains not only the national academic information resources security strategy, but also effectiveness measurements of it.

Key words: academic information resources, security control, security management, information resource security

中图分类号: