| 张烨阳,刘 蔚.美国《改善国家网络安全的行政命令》政策理念初探[J].全球科技经济瞭望,2022,(8):9~15 |
| 美国《改善国家网络安全的行政命令》政策理念初探 |
| A Preliminary Study on the Policy Concept of the US Executive Order on Improving the Nation’s Cybersecurity |
| 投稿时间:2022-06-22 |
| DOI:10.3772/j.issn.1009-8623.2022.08.002 |
| 中文关键词: 美国;网络安全;SolarWinds;行政命令;供应链安全;信息安全标准 |
| 英文关键词: the U.S.; cybersecurity; SolarWinds; executive orders; supply chain security; information security standards |
| 基金项目: |
|
| 摘要点击次数: 581 |
| 全文下载次数: 517 |
| 中文摘要: |
| 2021年美国政府因受 SolarWinds等网络安全事件的影响,发布了《改善国家网络安全的行政命令》,拟通过强化美国联邦信息系统软件供应链安全、推广基于零信任架构的云技术使用、统一联邦信息系统运维阶段安全标准等手段全面提升美国联邦信息系统的网络安全防护能力,并借助市场的力量引领美国软件业在安全方面达到新的高度。本文从该行政命令出台的背景出发,分析了SolarWinds安全事件对于美国信息安全领域造成的挑战,对行政命令框架和应对网络安全挑战所采取的措施进行了解读,在此基础上提出该行政命令对我国信息安全领域的借鉴意义。 |
| 英文摘要: |
| In 2021, the US government issued the “Executive Order on Improving the Nation’s Cybersecurity” due to the impact of cybersecurity incidents such as SolarWinds. The executive order is planned to comprehensively improve the cybersecurity protection capabilities of the US federal information system by enhancing the security of the US federal information system software supply chain, promoting the use of cloud technology based on a zero-trust architecture, and unifying the security standards for the operation and maintenance phase of the federal information system, as well as leveraging the power of the market, leading the US software industry to new heights in security. Starting from the background of the executive order, this paper analyzes the challenges caused by the SolarWinds security incident to the US information security field, and interprets the framework of the executive order and the measures taken to deal with the cybersecurity challenges. On this basis, it puts forward the reference significance of the executive order to the field of information security in China. |
|
查看全文
查看/发表评论 下载PDF阅读器 |
| 关闭 |
