信息安全研究 ›› 2021, Vol. 7 ›› Issue (8): 779-782.
• 技术应用 • 上一篇 下一篇
赵慧
出版日期:
发布日期:
通讯作者:
作者简介:
Online:
Published:
摘要: 2019年,欧盟出台《欧盟网络安全法》,推进了欧盟网络安全认证框架的建立和实施.在该框架下,专门成立特别工作组,研究起草《云服务网络安全认证计划(EUCS)》,于2020年底发布草案并公开征求意见.首先简要分析了计划草案的起草背景、依据、文本等基本情况;然后从利益相关方确定、安全保证级别划分、云计算服务分类等总结了该计划草案的要点内容;最后给出对我国加强云计算服务安全评估和认证的思考.
关键词: EUCS计划, 云计算, 云服务安全, 认证, 评估
Abstract: The European Union has promulgated the Cybersecurity Act to promote the establishment and implementation of the EU cybersecurity certification Framework in 2019. As a part of the Framework, a special working group has been set up to work on EU Cybersecurity Certification Scheme for Cloud Services(EUCS). The EUCS candidate draft has been released for public comments at the end of 2020.This article first briefly analyzes the background, basis, text and other basic conditions of the draft. Then it sums up the main points of the draft from the determination of stakeholders, the classification of security assurance levels, and the classification of cloud computing services. Finally, it gives some thoughts on strengthening the security certification and assessment of cloud computing services in our country.
Key words: EUCS scheme, cloud computing, cloud service security, certification, assessment
赵慧. 欧盟云安全认证计划的启示和借鉴[J]. 信息安全研究, 2021, 7(8): 779-782.
0 / / 推荐
导出引用管理器 EndNote|Ris|BibTeX
链接本文: http://www.sicris.cn/CN/
http://www.sicris.cn/CN/Y2021/V7/I8/779
[1]EU. EU Cybersecurity Act1[EBOL]. (20190607) [20210429]. https:europa.eu!bX86Fp
[2]EU. European Cybersecurity Certification Scheme for Cloud Services[EBOL]. (20201222) [20210429]. https:www.enisa. europa.eupublicationseucscloudservicescheme
[3]彭杜. 欧盟ENISA发布欧盟云服务网络安全认证计划候选草案[EBOL]. (20201228) [20210429]. http:www.pinlue.comarticle20201228203411452374741.html
[4]冯登国, 张敏, 张妍, 等. 云计算安全研究[J]. 软件学报, 2011, 22(1): 7183
[5]沈昌祥. 云计算安全与等级保护[J]. 信息安全与通信保密, 2012 (1): 1617
[6]中央网信办. 云计算服务安全评估办法[EBOL]. (20190722) [20210429]. http:www.cac.gov.cn20190722c_1124781475.htm
[7]贺海, 刘海峰, 成金爱. 云计算平台安全能力评估体系和评估指标研究[J]. 信息安全研究, 2020, 6(11): 990995
