摘要
目的:探求一种更加安全的网络架构,从而解决日益严峻的医院网络安全问题.方法:利用微分隔和细粒度边界策略,通过风险汇聚与分析、持续的信任评估及不断地对外部风险进行评估、对漏洞进行修复来降低医院网络的访问风险.结果:零信任安全架构应用于医院网络后,任何对医院数据的访问请求都必须经过认证、授权,提升了医院内部安全风险感知能力,显著降低了医院网络安全风险和不良事件发生的概率.结论:零信任安全架构可以解决医院现存的网络风险问题,可有效提升医院网络安全防护水平.
Objective:Explore a more secure network architecture to solve the increasingly severe hospital network security issues.Methods:Use micro-separation and fine-grained boundary strategies to reduce the access risk of the hospital network through risk aggregation and analysis,continuous trust assessment,continuous evaluation of external risks,and repair of vulnerabilities.Results:After the zero-trust security architecture is applied to the hospital network,any request for access to hospital data must be authenticated and authorized,which improves the hospital’s internal security risk perception ability and significantly reduces the probability of hospital network security risks and adverse events.Conclusion:The zero-trust security architecture can solve the existing network risk problems in hospitals and effectively improve the level of network security protection in hospitals.
作者
李梦悦
陈敏
LI Meng-yue;CHEN Min(School of Medicine and Health Management,Tongji Medical College,Huazhong University of Science and Technology,Wuhan 430030,Hubei Province,P.R.C.)
出处
《中国数字医学》
2021年第9期106-109,共4页
China Digital Medicine
关键词
零信任安全架构
医院网络
安全防护
zero-trust security architecture
hospital network
security protection
作者简介
通讯作者:陈敏,华中科技大学同济医学院医药卫生管理学院,430030,湖北省武汉市航空路13号,E-mail:chmn@mails.tjmu.edu.cn
