智慧城市信息安全运营平台研究

信息安全研究 ›› 2019, Vol. 5 ›› Issue (5): 420-429.

智慧城市信息安全运营平台研究

李贵鹏,李思艺,徐冰清

杭州安恒信息技术股份有限公司

收稿日期:2019-05-06 出版日期:2019-05-15 发布日期:2019-05-06
通讯作者: 李贵鹏
作者简介:李贵鹏硕士研究生，主要研究方向安全运营和项目管理 ororo.li@dbappsecurity.com.cn 徐冰清硕士研究生，主要研究方向安全运营 casey.xu@dbappsecurity.com.cn 李思艺本科毕业生，主要研究方向安全运营 Shirley.li@dbappsecurity.com.cn

Research on Smart City Information Security Operation Platform

Received:2019-05-06 Online:2019-05-15 Published:2019-05-06

摘要/Abstract

摘要： 信息安全作为新智慧城市建设的辅助支撑体系，是重中之重.如何建设信息安全综合运营监控平台，如何强化信息安全风险评估体系，将成为新型智慧城市建设的战略重点.现有的安全运营还存在效率低、不专业、成本高的痛点，AICSO安全运营为用户提供了一个适应业务的信息系统安全治理流程和工作方法，首先依托完整科学的七大体系，结合用户业务，以资产管理为基础、风险管理为核心、事件处理为主线，辅以有效的管理、监视与响应功能，实现流程标准化，提升用户运营效率；其次基于平台的海量数据处理、机器学习能力，结合漏洞和情报实现自动化风险评估，实时推送解决策略，提升用户的安全预警能力、安全应急响应能力和安全保障能力，实现主动安全防御；最后在统一安全管理框架下实现对各类系统、应用、设备、安全产品的集中管理和监控，实现集中管理和监控解决了用户无规划重复建设、购买多厂家产品和服务，管理成本增加的问题，避免了重复改造、重复建设，也可统筹管理安全产品和安全服务，提高分析转化效率，降低管理成本，解决了售后多接口多沟通的成本、效率、信息准确传递的问题.

关键词: 安全运营平台, 网络安全产品与服务的结合, 智慧城市, 运营管理体系, 安全服务业务, 主动安全防御

Abstract: Information security is an auxiliary support system for the construction of new smart cities, and has high priority. How to build a comprehensive information security operation monitoring platform and how to strengthen the information security risk assessment system have become the strategic focus in the construction of new smart cities. The existing security operations still have pain points such as low efficiency, lack of professionalism and high cost. AICSO security operation provides users an information system security governance process and working method that is suitable for businesses. Firstly, it relies on seven comprehensive and scientific systems, combined with user services. The platform is based on asset management, takes risk management as the core and event processing as the main approach, and is supplemented by effective management, monitoring and response functions to realize process standardization and improve users' operational efficiency. Secondly, based on the platform's big data processing and machine learning capabilities, and combined with vulnerability analysis and intelligence, automatic risk assessment and real-time push solution strategies are implemented to enhance users' early security warning capabilities, security emergency response and security assurance capabilities, and realize active security defense. Finally, centralized management and monitoring of various systems, applications, equipment and safety products are realized under a unified safety management framework, and problems such as unplanned repeated construction, purchase of products and services from multiple manufacturers and increase in management cost are resolved. The platform reduces the need for repetitive construction, security products and services are better managed, analysis conversion efficiency is improved, management cost is reduced, the problems of cost and efficiency of post-sale multi-interface communication systems are resolved, and information transmission accuracy is increased.

Key words: security operation platform, combination of network security products and services, smart city, operational management system, security services, active security defense technology

李贵鹏李思艺徐冰清. 智慧城市信息安全运营平台研究[J]. 信息安全研究, 2019, 5(5): 420-429.

[1]	王广清韩金丽方铁城申彦龙. 北京燃气集团工业互联网安全运营平台建设与实践[J]. 信息安全研究, 2019, 5(8): 734-739.
[2]	曾伟东. 一种面向智慧城市的安全智能承载网网络架构研究Research on a Security Intelligent Bearing Network Architecture for Smart City[J]. 信息安全研究, 2019, 5(11): 1033-1039.
[3]	刘东常清雪马楠韦早裕. NB-IoT移动通信技术的应用及安全防护[J]. 信息安全研究, 2018, 4(8): 728-733.
[4]	张大江. 智慧城市信息安全体系研究[J]. 信息安全研究, 2017, 3(8): 0-0.
[5]	吕欣. 智慧城市网络安全体系框架研究[J]. 信息安全研究, 2016, 2(9): 827-833.
[6]	王惠莅. 智慧城市网络安全标准化研究及进展 [J]. 信息安全研究, 2016, 2(5): 442-446.
[7]	吕欣. 智慧城市网络安全保障评价体系研究[J]. 信息安全研究, 2016, 2(5): 447-452.