衡水市电子政务保密管理工作研究
|
摘要
近年来,电子政务系统多次发生泄密事件,给社会造成重大损失,保密管理形势异常严峻。我国的电子政务建设还有很多理论和实践问题没有得到很好的解决,信息安全保密问题是电子政务建设和应用中必须解决的重大问题之一,急需对电子政务安全保密体制和安全策略认真研究,提出改进建议和措施。
本文第一部分简要介绍了电子政务保密管理工作的研究背景和国内外研究进展情况,为以后各章做准备。第二部分对电子政务和保密工作的基本知识进行了论述,列举了在电子政务中常见的泄密渠道。第三部分对衡水市电子政务保密管理工作进行了较为详尽分析,叙述了衡水市的管理现状和在保密管理工作中采取的措施,对存在的泄密隐患和问题进行了总结归纳,并研究分析了存在问题的根源。第四部分是本文重点。首先对衡水市电子政务保密管理工作提出具体改进措施和现代信息技术在保密管理工作的运用。其次是提出发展衡水市电子政务保密管理工作新策略。最后从宏观的角度对发展我国电子政务保密管理工作提出改进建议。
本文作者一直在保密部门工作,对电子政务保密管理工作进行了深入广泛调查了解,提出的问题和建议均来自工作实践,具有一定的针对性和代表性,本文的研究工作在电子政务及其他信息系统的安全领域具有一定的理论和实用价值。
In recent years, the divulgence in E-Goverment administrationsecurity system has made our society suffered great losses. So the Secrecymanagement status is more and more serious. There are many problems intheory and practice pending to be resolved in the course of theconstruction of the E-Goverment administratrion. The infromationsecurity is one of them. The studies in the corresponding security systemand policy is urgently needed so that some improving measures can beraised.
Part I of the paper, as the foreshadow of the forthcoming parts,briefly introduces the background of the E-Goverment Secrecy managementand the overseas research status. Part II elaborates the basic knowledgeof the E-Goverment Secrecy management and lists some general ways ofdivulgence. Part III of the paper is a detailed analyzation of theE-Goverment Secrecy management in HengShui. Both the current managementstatus and the adopted measures in practice are included. Part IV is thecenter of the paper. First, some specific measures for improving theE-Goverment Secrecy management in HengShui are raised and how to applythe modern information technology to this work is also explained here.Second, a few new tactics for developing the E-Goverment Secrecymanagement in HengShui are raised. Finally, some improvement proposalsare put forward from the maroscopic point of view to our country.
The author has been working in the Secrecy department for years andconducting extensive studies in the E-Goverment Secrecy management soit is granted that all the problems and advices raised in this paper comefrom practice and shall be directive and representative. This paper isof great theorietic and practical value in the security management studyof E-Goverment administration and other information system.
本文第一部分简要介绍了电子政务保密管理工作的研究背景和国内外研究进展情况,为以后各章做准备。第二部分对电子政务和保密工作的基本知识进行了论述,列举了在电子政务中常见的泄密渠道。第三部分对衡水市电子政务保密管理工作进行了较为详尽分析,叙述了衡水市的管理现状和在保密管理工作中采取的措施,对存在的泄密隐患和问题进行了总结归纳,并研究分析了存在问题的根源。第四部分是本文重点。首先对衡水市电子政务保密管理工作提出具体改进措施和现代信息技术在保密管理工作的运用。其次是提出发展衡水市电子政务保密管理工作新策略。最后从宏观的角度对发展我国电子政务保密管理工作提出改进建议。
本文作者一直在保密部门工作,对电子政务保密管理工作进行了深入广泛调查了解,提出的问题和建议均来自工作实践,具有一定的针对性和代表性,本文的研究工作在电子政务及其他信息系统的安全领域具有一定的理论和实用价值。
In recent years, the divulgence in E-Goverment administrationsecurity system has made our society suffered great losses. So the Secrecymanagement status is more and more serious. There are many problems intheory and practice pending to be resolved in the course of theconstruction of the E-Goverment administratrion. The infromationsecurity is one of them. The studies in the corresponding security systemand policy is urgently needed so that some improving measures can beraised.
Part I of the paper, as the foreshadow of the forthcoming parts,briefly introduces the background of the E-Goverment Secrecy managementand the overseas research status. Part II elaborates the basic knowledgeof the E-Goverment Secrecy management and lists some general ways ofdivulgence. Part III of the paper is a detailed analyzation of theE-Goverment Secrecy management in HengShui. Both the current managementstatus and the adopted measures in practice are included. Part IV is thecenter of the paper. First, some specific measures for improving theE-Goverment Secrecy management in HengShui are raised and how to applythe modern information technology to this work is also explained here.Second, a few new tactics for developing the E-Goverment Secrecymanagement in HengShui are raised. Finally, some improvement proposalsare put forward from the maroscopic point of view to our country.
The author has been working in the Secrecy department for years andconducting extensive studies in the E-Goverment Secrecy management soit is granted that all the problems and advices raised in this paper comefrom practice and shall be directive and representative. This paper isof great theorietic and practical value in the security management studyof E-Goverment administration and other information system.
引文
[1]魏万滨,2004 年我国信息网络安全状况调查分析报告,信息安全与保密,2005,3:63~64
[2]孙福泉,在全省保密工作会议上的讲话,内部文件,2005
[3]河北省保密局,保密知识简明读本,内部资料,2002
[4]孙德刚,美国信息安全政务研究,信息安全与通信保密,2003,1:71~73
[5]衡水市信息化办公室,衡水市信息化规划(2003-2020),内部资料,2003
[6]朱雪兵,浅谈电子政务的安全威胁与防范对策,南通职业大学学报,2003,17(3):102~105
[7]衡水市保密局,衡水市党、政机关及涉密单位办公计算机(网络)统计表,内部文件,2004
[8]衡水市政务中心,2004 年工作总结,内部文件,2004
[9]李远,谈计算机网络系统的安全与保密,电脑与网络,2003,7:107~108
[10]Andrew S.Tanenbaum,Vryje Universiteit,Computer Networks,Four Edition,Pearson Education,2004
[11]Sihan Qing and Jan Eloff,Information Security For Global Information Infastructures,Jluwer Academic Publishers,2000
[12]Greg Holden,Guide to Network Defense and Countermeasures ,黄开枝、孙岩译,清华大学出版社,2004
[13]Dieter Gollmann ,Computer Security,John Wiley & Sons ,2004
[14]V.V.Preetham,Internet Security and Firewalls,Thomson ,2004
[15]Bruce Schneier,Secrets and Lies:Digital Security in a Networked World,Join Wiley&Sons,Inc,2001
[16]Steve Kalman,Web Security Field Guide,Cisco Press,2003
[17]Teri Bidwell Michael Cross Ryan Russell , Hack Proofing Your Identity in the Information Age,Syngress Publishing,2003
[18]Chris Hare and Karanjit Siyan,Internet Firewall and Network Security,New Eiders Publishing,1997
[19]Mariea.Wright,The Advanced Encryption Standard,Network Securtity,2001(10):11~13
[20]Internet Systems Consortium,Internet Domain Survey,Jan,2004
[21]Riptech, Inc.Riptech Internet Security Threat Report, VolumeⅡ.Jul.2002,URL:http://www.securitystats.com
[22]段立坤,计算机局域网的保密措施,煤炭技术,2003,23
[23]许兆然,美国电子政务的借鉴之处和电子政务的中国特色,信息安全与通信保密 2003,5:56~58
[24]钟乐海,网络安全技术,电子工业出版社,2003
[25]建军,电子政务安全解决方案,现代通信,2003,12:29~30
[26]林枫,电子商务安全技术及应用,北京航空航天大学出版社,2001
[27]国家信息研究中心,电子政务总体设计与技术实现,电子工业出版社,2003
[28]杨晨光、李海霞,计算机网络安全,西安电子科技大学出版社,2002
[29]韩建武, 突发事件应急机制研究,北京理工大学学报(社会科学版),2004,6(4):6~8
[30]刘扬,论新时期计算机网络的信息保密策略,电脑知识与技术,2004,14:35~37
[31]张晓伟,信息安全策略与机制,机械工业出版社,2004
[32]国家保密局,BMZ2-2001,涉及国家秘密的计算机信息系统安全保密方案设计指南,内部文件,2001
[33]国家保密局,BMZ3-2001,涉及国家秘密的计算机信息系统安全保密测评指南,内部文件,2001
[34]魏春光,北京电子政务系统安全策略,硕士学位论文,北京工业大学,2003
[35]叶俊志,成都市电子政务网络安全体系设计,硕士学位论文,四川大学,2003
[36]王如龙,信息安全保密中信息泄密途径及其防护,微计算机应用,2004,25(4):406~410
[37]陈春风,计算机网络安全技术浅析,信息安全与保密,2005,3:58~59
[38]戴生龙,国家信息安全战略,金城出版社,2000
[39]国家保密局法规处,美国保密法律制度,金城出版社,2000
[40]赵军,对信息安全保密问题的思考,通讯论坛,2001,10:50~52
[41]姚小兰,网络安全管理与技术防护,北京理工大学出版社,2002
[42]高树友、翟自雾,计算机网络安全及保密对策,河北建筑科技学院学报,2002,3:48~50
[43]赵国俊,电子政务,电子工业出版社,2003
[2]孙福泉,在全省保密工作会议上的讲话,内部文件,2005
[3]河北省保密局,保密知识简明读本,内部资料,2002
[4]孙德刚,美国信息安全政务研究,信息安全与通信保密,2003,1:71~73
[5]衡水市信息化办公室,衡水市信息化规划(2003-2020),内部资料,2003
[6]朱雪兵,浅谈电子政务的安全威胁与防范对策,南通职业大学学报,2003,17(3):102~105
[7]衡水市保密局,衡水市党、政机关及涉密单位办公计算机(网络)统计表,内部文件,2004
[8]衡水市政务中心,2004 年工作总结,内部文件,2004
[9]李远,谈计算机网络系统的安全与保密,电脑与网络,2003,7:107~108
[10]Andrew S.Tanenbaum,Vryje Universiteit,Computer Networks,Four Edition,Pearson Education,2004
[11]Sihan Qing and Jan Eloff,Information Security For Global Information Infastructures,Jluwer Academic Publishers,2000
[12]Greg Holden,Guide to Network Defense and Countermeasures ,黄开枝、孙岩译,清华大学出版社,2004
[13]Dieter Gollmann ,Computer Security,John Wiley & Sons ,2004
[14]V.V.Preetham,Internet Security and Firewalls,Thomson ,2004
[15]Bruce Schneier,Secrets and Lies:Digital Security in a Networked World,Join Wiley&Sons,Inc,2001
[16]Steve Kalman,Web Security Field Guide,Cisco Press,2003
[17]Teri Bidwell Michael Cross Ryan Russell , Hack Proofing Your Identity in the Information Age,Syngress Publishing,2003
[18]Chris Hare and Karanjit Siyan,Internet Firewall and Network Security,New Eiders Publishing,1997
[19]Mariea.Wright,The Advanced Encryption Standard,Network Securtity,2001(10):11~13
[20]Internet Systems Consortium,Internet Domain Survey,Jan,2004
[21]Riptech, Inc.Riptech Internet Security Threat Report, VolumeⅡ.Jul.2002,URL:http://www.securitystats.com
[22]段立坤,计算机局域网的保密措施,煤炭技术,2003,23
[23]许兆然,美国电子政务的借鉴之处和电子政务的中国特色,信息安全与通信保密 2003,5:56~58
[24]钟乐海,网络安全技术,电子工业出版社,2003
[25]建军,电子政务安全解决方案,现代通信,2003,12:29~30
[26]林枫,电子商务安全技术及应用,北京航空航天大学出版社,2001
[27]国家信息研究中心,电子政务总体设计与技术实现,电子工业出版社,2003
[28]杨晨光、李海霞,计算机网络安全,西安电子科技大学出版社,2002
[29]韩建武, 突发事件应急机制研究,北京理工大学学报(社会科学版),2004,6(4):6~8
[30]刘扬,论新时期计算机网络的信息保密策略,电脑知识与技术,2004,14:35~37
[31]张晓伟,信息安全策略与机制,机械工业出版社,2004
[32]国家保密局,BMZ2-2001,涉及国家秘密的计算机信息系统安全保密方案设计指南,内部文件,2001
[33]国家保密局,BMZ3-2001,涉及国家秘密的计算机信息系统安全保密测评指南,内部文件,2001
[34]魏春光,北京电子政务系统安全策略,硕士学位论文,北京工业大学,2003
[35]叶俊志,成都市电子政务网络安全体系设计,硕士学位论文,四川大学,2003
[36]王如龙,信息安全保密中信息泄密途径及其防护,微计算机应用,2004,25(4):406~410
[37]陈春风,计算机网络安全技术浅析,信息安全与保密,2005,3:58~59
[38]戴生龙,国家信息安全战略,金城出版社,2000
[39]国家保密局法规处,美国保密法律制度,金城出版社,2000
[40]赵军,对信息安全保密问题的思考,通讯论坛,2001,10:50~52
[41]姚小兰,网络安全管理与技术防护,北京理工大学出版社,2002
[42]高树友、翟自雾,计算机网络安全及保密对策,河北建筑科技学院学报,2002,3:48~50
[43]赵国俊,电子政务,电子工业出版社,2003