Information Security Guarantee Mechanism And System For National Academic Information Resources In Cloud Computing Environment

Information security is an important restriction factor for promoting cloud computing application in national academic information resources management. Faced with this problem, we focus on the security guarantee mechanism and system for the national academic information resources in cloud computing environment in this study. We analyze the impact of cloud computing on the security and security guarantee of the national academic information resources based on the change of their storage and utilization form at first; then construct the whole-process security guarantee mechanism for national academic information resources in cloud computing environment. On this basis and the relationship between information security mechanism and security guarantee system, we analyze the system barriers for national academic information resources security guarantee in the cloud computing environment. Confronted with theses system barriers, taking the system reform experiences of developed countries as references, we propose a socialization security guarantee system model for national academic information resources and analyze the construction strategy for it. At last, we conduct a case study by taking CALIS as example, in which we analyze the problems of security guarantee mechanism and system, and put forward suggestions for improvement.In chapter 1, we introduce the theoretical background. Our research is mainly based on the following theories: total quality management (TQM), classified information security protection, Defense-in-Depth strategy of information assurance and governance theory from public management. In this chapter, we introduce these theories at first, and explain their implications for the study on security guarantee mechanism and system respectively.In chapter 2, we study the influences of cloud computing on national academic information resources security and security guarantee. The changes on the storage and utilization forms of academic information resources, caused by the application of cloud computing, have a significant influence on the security and security guarantee. The main performances include diversification of security responsibility subject, dynamic development of security boundary, centralization of security assurance and complexity of security threats, while the main reasons for the complexity of security threats include cloud platform's security vulnerabilities, cloud computing abuse, unauthentic cloud service providers, and unauthentic neighbor tenants.In chapter 3, we study the formation of whole-process security guarantee mechanism for the national academic information resources in the cloud computing environment. First, we analyze the elements of national academic information resources security in cloud computing environment and their interaction mechanism. Then, we expound the organization mechanism of whole-process security guarantee from the selection of cloud computing deployment model based on the classified information security protection, security chain based on the organization and development process of academic information resources, and security measures deployment based on the Defense-in-Depth strategy. At last, we study the realization mechanism of the whole-process guarantee from security protection mechanism, early warning and detection mechanism, and disaster recovery mechanism.In chapter 4, we study the national academic information resources security system based on the whole-process security guarantee and the optimization model for it. At first, based on the investigation, we analyze the current national academic information resources security system of our country and the existing problems. Then, we investigate the reform practice of the academic information resources security guarantee system for the cloud computing environment in the United States, the European Union and Japan, and analyze the reference significances to our country. Finally, we propose a socialization security system optimization model.In chapter 5, we study the construction strategy of the national academic information resources socialization security system. In order to realize the socialization of the national academic information resources security assurance under the cloud computing environment, the system should be improved from the following four aspects:strengthening the security guarantee functions of government and industry organization, improving the related laws and standard system for national academic information resources security in cloud computing environment, promoting cloud services organization and credible certification for the academic information resources, and perfecting the security coordination mechanism between the national academic information resources service organizations and cloud service providers.In chapter 6, we conduct a case study by taking CALIS as example. We investigate the cloud computing application in CALIS, and their reform on security assurance mechanism and system during the cloud computing application. On this basis, we analyze the problems of the security assurance mechanism and system, and put forward some suggestions for improvement.In chapter 7, we summarize the findings of this paper, point out the limitations, and forecast the future direction of research.