| Informatization degree has become the important symbol of a country's modernization level and integrated national power along with the knowledge economic era develops. It is a trend to accelerate the government department's, automatization network electronic and comprehensive info-shared from the view of all over the world. Now our country has treated informatization as a giant strategy, according to the layout of the State Department Information Leading Group, E-government construction is one of the emergent tasks in the future years. The country has paid much more attention on it and devoted abundant financial resources to develop it. However, more higher the country's informatization degree, more information security challenges the country will face. So, security issues become the key problem during the construction of the E-government.As one of Chongqing city 's government department and the unit in charge of information industry, the Information Industry Bureau of Chongqing ranks the top in the field of government automatization construction. Integrated Operation Declaration Based On Network is an important measure for enhancing informatization construction.. The author participates in the scenario scheming and the developing of the system.. The security issues are ascensively analyzed and studied.First, the author expatiates the security requirement of the system, according to the second grading protection standard of GB17859-1999, a security assurance system which is considered from security isolation security defense security trust and centralized management is brought forward. This resolving scheme has been proved operable and credible in practice. The main innovative points of this dissertation include the folio wings:(1) During the security risk evaluation of the system, the author first compares several different evaluation methods, then evaluates the system adopting quantitative measure based on SSE-CMM. At present, domestic risk evaluation methods are mostly qualitative Many of the factors are analyzed by quantitative methods, so the result is more convictive and more intuitionistic in this dissertation.(2) During the construction of the information security assurance system, according to the nation standard GB17859-1999, aiming at practical and operable, the cost and risk control is achieved by grade protection, The baseline and weakness issue isresoled by equipoise design.(3) The information security assurance system brought forward in this dissertation embodies the characteristic of combining theory and practice. The dissertation concretely expatiates the application of various related security technology in the system.
|
PDF Full Text Request