信息安全技术在企业ERP系统中的应用
|
摘要
随着信息技术的发展和应用的不断深入,信息安全日益受到国家、企业和社会公众的关注。《信息产业科技发展"十一五"规划和2020年中长期规划纲要》中明确把信息安全技术作为优先发展的重点技术之一,主要包括应急响应、密码技术、电子认证、信息安全评测技术等。随着企业日常事务越来越依赖ERP系统,ERP系统的安全问题也逐渐得到了重视。四川成都烟草公司开发的安全管理信息平台,基于企业的私有云采用工作流技术进行管理。在信息平台的安全性设计方面,考虑私有云中的数据存储安全、工作流技术的代码越权防范措施、ERP系统安全的真实身份认证和对关键操作的审计等方面,确保ERP系统中信息的机密性和安全性。
With the development and application of information technology, information security has been paid more and more attention by the state, enterprises and the public. Information security technology is clearly regarded as one of the key technologies for priority development in the Eleventh Five-Year Plan for the Development of Information Industry Science and Technology and the outline of the medium-and long-term Plan for 2020. It mainly includes emergency response, cryptography technology, electronic authentication, information security evaluation technology and so on. As the daily affairs of enterprises rely more and more on ERP system, the security of ERP system has been paid more and more attention. The security management information platform developed by Sichuan Chengdu Tobacco Company is managed by workflow technology based on the private cloud of the enterprise. In the security design of the information platform, the data storage security in the private cloud, the code ultra vires prevention measures of workflow technology, the true identity authentication of ERP system security and the audit of key operations are considered, thus ensuring the confidentiality and security of information in ERP systems.
With the development and application of information technology, information security has been paid more and more attention by the state, enterprises and the public. Information security technology is clearly regarded as one of the key technologies for priority development in the Eleventh Five-Year Plan for the Development of Information Industry Science and Technology and the outline of the medium-and long-term Plan for 2020. It mainly includes emergency response, cryptography technology, electronic authentication, information security evaluation technology and so on. As the daily affairs of enterprises rely more and more on ERP system, the security of ERP system has been paid more and more attention. The security management information platform developed by Sichuan Chengdu Tobacco Company is managed by workflow technology based on the private cloud of the enterprise. In the security design of the information platform, the data storage security in the private cloud, the code ultra vires prevention measures of workflow technology, the true identity authentication of ERP system security and the audit of key operations are considered, thus ensuring the confidentiality and security of information in ERP systems.
引文
[1]阮进勇,徐凌宇,丁广太.数字海洋云计算平台工作流安全机制[J].计算机技术与发展,2015,25(01):155-158+182.
[2]叶鑫,梁继伟,尹艳丽.考虑信息安全因素的多目标云工作流调[J].计算机集成制造系统,2017,23(05):972-982.
[3]范月祺.云储存系统结构模型及安全策略[J].电脑与电信,2017(04):34-35+43.
[4]江涛.云存储安全技术分析与对策[J].电脑知识与技术,2017,13(03):28-29.
[5]王梅.云储存系统结构模型及安全策略[J].信息系统工程,2018(09):75.
[6]郭玉芝,唐国城.关于私有云的系统安全性研究[J].电脑知识与技术,2018,14(30):24-25.
[7]王亚文,郭云飞,刘文彦,等.面向云工作流安全的任务调度方法[J].计算机研究与发展,2018,55(06):1180-1189.
[8]De, S.J.,Pal, A.K.. A Policy-Based Security Framework for Storage and Computation on Enterprise Data in the Cloud[P].System Sciences(HICSS),2014 47th Hawaii International Conference on,2014.
[9]Anthony Lewis,Brychan Thomas,Sophie James. A critical analysis of the implementation of social networking as an e-recruitment tool within a security enterprise[J]. Cogent Business&Management,2015,2(1).
[2]叶鑫,梁继伟,尹艳丽.考虑信息安全因素的多目标云工作流调[J].计算机集成制造系统,2017,23(05):972-982.
[3]范月祺.云储存系统结构模型及安全策略[J].电脑与电信,2017(04):34-35+43.
[4]江涛.云存储安全技术分析与对策[J].电脑知识与技术,2017,13(03):28-29.
[5]王梅.云储存系统结构模型及安全策略[J].信息系统工程,2018(09):75.
[6]郭玉芝,唐国城.关于私有云的系统安全性研究[J].电脑知识与技术,2018,14(30):24-25.
[7]王亚文,郭云飞,刘文彦,等.面向云工作流安全的任务调度方法[J].计算机研究与发展,2018,55(06):1180-1189.
[8]De, S.J.,Pal, A.K.. A Policy-Based Security Framework for Storage and Computation on Enterprise Data in the Cloud[P].System Sciences(HICSS),2014 47th Hawaii International Conference on,2014.
[9]Anthony Lewis,Brychan Thomas,Sophie James. A critical analysis of the implementation of social networking as an e-recruitment tool within a security enterprise[J]. Cogent Business&Management,2015,2(1).