国产密码技术对电信业个人信息保护的实践探索被引量：1

Practical exploration of SM-algorithms cryptography on the protection of personal information in the telecommunications industry

在线阅读下载PDF

导出

摘要 [目的/意义]电信运营商作为国内基础通信网络的提供者,拥有海量用户信息和重要数据在业务系统中高速流转,这些数据因蕴含着重要价值已成为网络攻击的重点对象.因此,构建实战化数据安全防护体系,提升应用系统的个人信息保护能力至关重要.[方法/过程]国产密码技术作为保障网络与信息安全的核心技术和基础支撑,是电信业个人信息保护的第一道安全防线.基于免开发改造应用的国产密码技术,提出了以"数据"为中心的新安全理念.根据电信运营商对数据的实际需求和安全防护的难点,结合国家法律法规和电信行业的监管要求,以"电信业务应用"为抓手,形成高覆盖的数据控制点,构建安全、可控的密码支撑体系.[结果/结论]经实际项目验证,基于免开发改造应用的国产密码技术,有效地提升了电信行业网络和数据安全的保障水平,可为电信运营商数据安全体系建设提供参考. [Purpose/Significance]Telecom operators,as providers of basic communication networks in China,possess massive amounts of user information and important data that circulate at high speed in business systems.These data have become the target of cyber attacks due to the important value.It is important to build a practical data security system and improve the personal information protection capability of the application system.[Method/Process]As the core technology and basic support for ensuring network and informat ion security,SM-algorithms encryption technology is the first line of defense for personal information protection in the telecommunications industry.Based on the SM-algorithms encryption technology which requires no re-development and transformation of application systems,according to the actual needs of telecommunications operators for data and the difficulties of security protection,combined with national laws and regulations and the regulatory requirements of the telecommunications industry,a new security concept centered on"data"is proposed,with"telecommunication business application"as the starting point,forming a high-coverage data control point and building a secure and controllable password support system.[Results/Conclusion]It has been verified by projects that this technology has effectively improved the level of network and data security in the telecommunications industry,and can be a good example for the construction of data security systems for telecommunications operators.

作者花小齐王晓春李铭阳 Hua Xiaoqi;Wang Xiaochun;Li Mingyang(China Mobile Communications Group Shaanxi Co.,Ltd.,Shaan Xi'an 710076)

机构地区中国移动通信集团陕西有限公司

出处《网络空间安全》 2022年第6期54-62,共9页 Cyberspace Security

关键词个人信息保护国产密码技术免开发改造密码安全一体化数据安全 personal information protection domestic encryption technology no re-development and modification cryptography security integration data security

分类号 TN918.4 [电子电信—通信与信息系统]

作者简介花小齐(1972-),男,汉族,陕西西安人,西安电子科技大学,硕士,主要研究方向和关注领域:信息与网络安全;王晓春(1982-),女,汉族,吉林吉林人,哈尔滨工业大学,硕士,主要研究方向和关注领域:数据安全;李铭阳(1985-),男,汉族,陕西商洛人,西安工程大学,本科,主要研究方向和关注领域:信息安全、通信业务运营。