Table of Content

    15 May 2016, Volume 2 Issue 5
    “Internet +”Power: Analyze the Network Security of Alibaba —The Information Security and Strategic Layout of Alibaba and Ants Gold Dress on the Basis of “Internet +” Background
    2016, 2(5):  384-395. 
    Asbtract ( )   PDF (1491KB) ( )  
    Related Articles | Metrics
    Special Topics on Network Security Standardization
    2016, 2(5):  396-396. 
    Asbtract ( )   PDF (722KB) ( )  
    Related Articles | Metrics
    The Research on International Cyber Security Standards
    2016, 2(5):  397-403. 
    Asbtract ( )   PDF (4976KB) ( )  
    Related Articles | Metrics
    With the development of new technologies and applications, such as cloud computing, big data and the internet of things, more and more countries issue cyber security strategies and a series of related policies. The standardization of cyber security became more crucial. In this paper, we briefly analysis some cyber security strategies in developed countries and then introduce several important international and foreign standardization organizations about cyber security. Finally, we give some advice for next work about cyber security standards in China.
    Survey and Research on Big Data Security Standardization
    2016, 2(5):  404-411. 
    Asbtract ( )   PDF (7046KB) ( )  
    References | Related Articles | Metrics
    AbstractStandardization of Big Data Security is a critical part of Big Data Security Assurance System. First, this paper briefly illustrates the security threats faced by big data applications, and introduces our nations state strategy for big data development. Then, big data security standard organizations and research results in home and abroad are analyzed, and related current big data security standards are summarized from the view of conventional data security, big data security and privacy protection, respectively. At last, some suggestions are given for our nations standardization on big data security, for the purpose of supporting state standardization work on Big Data security.
    Analysis on National Information Security Standards in China
    2016, 2(5):  412-416. 
    Asbtract ( )   PDF (3612KB) ( )  
    References | Related Articles | Metrics
    This paper describes the development process of information security standards in China. Whats more, according to the system framework of information security standards, the present situation of the standards is analyzed. With the emergence of new technologies and new applications, some advice are given for later standardization work in the face of new situations and trends of the cyber security.
    Technology Architecture of IoT Security
    2016, 2(5):  417-423. 
    Asbtract ( )   PDF (5847KB) ( )  
    References | Related Articles | Metrics
    With the deepening of the Internet of Things (IoT) technology, the scale of the IoT and its application are becoming more and more extensive, thus the impact of security issues is also growing more and more wide. In this paper, we proposed a reference architecture of IoT security on the basis of the stateofart security and privacy protection technologies. After reviewing of the key technologies and the latest development of IoT security and privacy protection, i.e., the threats of environmental perception security, data transmission security, information privacy disclosure, and other aspects in the IoT, we aim to provide effective technical methods to solve the security and privacy protection of IoT, to provide the safety behavior criterion that should be followed when the relevant manufacturers develop and provide the corresponding products, and to provide baseline for the third party testing organizations.
    The Present Situation and Thought of Cloud Computing Security Standards at Home and Abroad
    2016, 2(5):  424-428. 
    Asbtract ( )   PDF (4332KB) ( )  
    References | Related Articles | Metrics
    With the popularity of cloud computing, security of cloud computing is becoming particularly important, and has become the major factor that influences its development. Standardization of cloud computing security has become a hot research of goverments and international standardization organizations. For supporting the development of cloud computing industry, China attaches great importance to and vigorously promotes the standardization of cloud computing security. This paper summarizes the present research situation and results of cloud computing security, and gives the suggestions and reference for standardsetting work.
    Overview of Mobile Internet Security Standard
    2016, 2(5):  429-434. 
    Asbtract ( )   PDF (5140KB) ( )  
    References | Related Articles | Metrics
    Mobile Internet security has become the major challenge faced by the international community. To support the security assurance requirements, the National Information Assurance Partnership (NIAP) is currently working with industry, customers, and the Common Criteria community to create Protection Profiles (PP) for Mobile Security, MDF PP, MDM PP, and MP PP have been approved for use by vendors for evaluation of products under the NIAP Common Criteria Evaluation and Validation Scheme (CCEVS) and the Common Criteria Recognition Arrangement (CCRA). National Institute of Standards and Technology (NIST) uses Special Publication subseries to publish mobile security and guidelines, recommendations and reference materials including SP 800124r1, SP 800163, SP 18004, SP 80046r2, etc. To speed up the construction of mobile security standard system, 《Security architecture of mobile smart terminal》and 《Technical requirements for mobile device security》 are in the standardsetting process.
    Research on the Domestic and Foreign Standards for ICS Information Security
    2016, 2(5):  435-441. 
    Asbtract ( )   PDF (5431KB) ( )  
    References | Related Articles | Metrics
    Industrial control system (ICS) is widely used in various industries in electrical, petrochemical, water treatment, railway and so on. ICS gradually becomes the target of cyberattacks due to the open and important mission of itself. Lots of cyberattack events in recent years, such as "Stuxnet" virus, "Flame" virus and Trojan attack for Ukrainian power grid, have proven that the cyberattack threats for ICS are increasingly upgraded. The perfect ICS information security standards system are urgently needed to build for the information security assurance of ICS as a support. So the research on the domestic and foreign information security standard system for ICS is particularly important. Firstly, the characteristics of foreign standard system are summarized through the study on the technical framework and technical requirements of the foreign ICS information security standards, guidelines and norms. Secondly, the characteristics of the domestic ICS information security standards and norms are analyzed by summarizing the development trends of the domestic ICS information security standards. Finally, some existing deficiencies of the current domestic research on the ICS information security standard system are presented, and some suggestions for the further improving domestic standard system are given.
    Research and Progress of the Cyber Security Standardization of Smart City
    2016, 2(5):  442-446. 
    Asbtract ( )   PDF (4021KB) ( )  
    References | Related Articles | Metrics
    The security risks of smart city are the important problems with the development of smart city. The paper introduces cyber security policies of China, the report of ISOIEC JTC1 SG1, the security architecture of smart city proposed by ITUT FG SSC, the overview of Smart America, and the work on cyber security standardization of smart city of TC260. The paper suggests how we develop the cyber security standards of smart city in China.
    Research on the Evaluation System of Smart City Cyber Security Assurance
    Lv Xin
    2016, 2(5):  447-452. 
    Asbtract ( )   PDF (7143KB) ( )  
    References | Related Articles | Metrics
    In recent years, the construction of Chinas smart city has made positive progress, but also exposed the risks of cyber security. Smart city cyber security system needs to be established in order to guarantee the infrastructure network and key information system secure and controlled, critical information resource security effectively protected, residents information, business information and government information effectively protected. In this paper, cyber security threats faced by smart city are analyzed, and the reference architecture of smart city cyber security is proposed based on the system engineering approach. Besides, a comprehensive and practical evaluation system of smart city cyber security assurance is built from aspects of strategic planning, management organization security, business operation support and security technology through the method of targetlevel expansion. Moreover, the process model of smart city cyber security assurance is studied, to enhance cyber security management of smart city and to ensure smart city cyber security providing longterm method reference.
    Study on Security of Card System in Smart Campus
    2016, 2(5):  454-461. 
    Asbtract ( )   PDF (6098KB) ( )  
    References | Related Articles | Metrics
    It is increasingly important of the security for card system in smart campus. Firstly, it designs the system architecture of card system, and describes the function of each layer. Then, according to the system architecture, it analyzes the existing security risks about user card, foreterminal, data access and logical interface, respectively from physical layer, data layer and logic layer. It proposes the methods of security protection, implementation technology and the matters needing attention. By analyzing the disadvantages of data storage and operation of plaintext data in traditional memory card, for the first time, it introduces homomorphic encryption and data pointer in foreterminal. The scheme has been applied in the construction of card system in smart campus, and it effectively improves data security and processing efficiency of foreterminal.
    Query on Domestic Key Elements of Critical Information Infrastructure in Cyberspace
    2016, 2(5):  462-466. 
    Asbtract ( )   PDF (998KB) ( )  
    Related Articles | Metrics
    The Integrated World Needs Innovation of Safe Mode
    2016, 2(5):  467-470. 
    Asbtract ( )   PDF (844KB) ( )  
    Related Articles | Metrics
    Analysis and Enlightenment of American Cyber Deterrence Policy
    2016, 2(5):  471-476. 
    Asbtract ( )   PDF (1086KB) ( )  
    Related Articles | Metrics