鑄劍:電力行業(yè)數(shù)據(jù)安全保障之路
定 價(jià):79 元
- 作者:周文婷
- 出版時(shí)間:2024/1/1
- ISBN:9787121472893
- 出 版 社:電子工業(yè)出版社
- 中圖法分類:TM7-39
- 頁碼:164
- 紙張:
- 版次:01
- 開本:16開
作為當(dāng)前國內(nèi)講述電力行業(yè)數(shù)據(jù)安全實(shí)踐的著作���,本書以鑄造電力行業(yè)數(shù)據(jù)安全防御之劍,提高電力行業(yè)從業(yè)人員數(shù)據(jù)安全能力為目的��,講述了塑模�����、鑄范�����、鍛造�����、淬火�、拋光、出鞘�、劍舞七個(gè)步驟的內(nèi)容,從基本概念到具體實(shí)踐���,主要涵蓋了電力行業(yè)數(shù)據(jù)安全概述�����、數(shù)據(jù)安全政策法規(guī)�、數(shù)據(jù)安全保護(hù)體系�����、數(shù)據(jù)安全防護(hù)技術(shù)���、數(shù)據(jù)全生命周期安全風(fēng)險(xiǎn)分析及對(duì)策���、數(shù)據(jù)安全典型事件、數(shù)據(jù)安全未來發(fā)展趨勢(shì)等方面的內(nèi)容�。本書條理清晰,通俗易懂�����,語言流暢�,內(nèi)容豐富、實(shí)用�����,將理論與實(shí)踐相結(jié)合。本書適合廣大數(shù)據(jù)安全愛好者�、數(shù)據(jù)安全與網(wǎng)絡(luò)安全從業(yè)者學(xué)習(xí)和掌握數(shù)據(jù)安全相關(guān)技術(shù)和知識(shí),更適合電力行業(yè)信息技術(shù)從業(yè)人員開展數(shù)據(jù)安全業(yè)務(wù)�����,還適用于大專及本科院校數(shù)據(jù)安全相關(guān)課程的案例與實(shí)踐教學(xué)�����。
周文婷��,女��,碩士研究生���,正高級(jí)工程師��,現(xiàn)任新疆思極信息技術(shù)有限公司總經(jīng)理�����,歷任國網(wǎng)新疆電力信息通信有限公司副總經(jīng)理��、國網(wǎng)新疆電力有限公司科技數(shù)字化部副主任等職位�,先后從事電網(wǎng)調(diào)度通信、客戶服務(wù)���、企業(yè)發(fā)展����、電網(wǎng)安全生產(chǎn)管理����、科技創(chuàng)新等領(lǐng)域�,從事重點(diǎn)工程 30余項(xiàng),組織開展科技項(xiàng)目50 多項(xiàng)�����,獲得國網(wǎng)公司����、新疆維吾爾自治區(qū)、國家能源學(xué)會(huì)�、全國電子學(xué)會(huì)、新疆電機(jī)工程學(xué)會(huì)科技進(jìn)步獎(jiǎng) 15 項(xiàng)。榮獲國家電網(wǎng)公司���、自治區(qū)���、國網(wǎng)新疆電力有限公司各類榮譽(yù)稱號(hào)。
第一章 塑模:電力行業(yè)數(shù)據(jù)安全概述 ····································································.2
1.1 電力系統(tǒng)簡(jiǎn)介 ·····················································································.2
1.1.1 傳統(tǒng)電力系統(tǒng)·············································································.3
1.1.2 新型電力系統(tǒng)·············································································.5
1.2 電力行業(yè)數(shù)據(jù)特點(diǎn) ···············································································.8
1.2.1 數(shù)據(jù)來源廣泛·············································································.8
1.2.2 數(shù)據(jù)應(yīng)用全面·············································································.9
1.2.3 數(shù)據(jù)特征顯著·············································································.9
1.3 做好電力行業(yè)數(shù)據(jù)安全保護(hù)為何重要 ·······················································10
1.4 電力行業(yè)數(shù)據(jù)安全風(fēng)險(xiǎn)與挑戰(zhàn) ································································12
1.4.1 數(shù)據(jù)泄露危及國家安全·································································12
1.4.2 非法入侵導(dǎo)致電力系統(tǒng)服務(wù)中斷·····················································13
1.4.3 數(shù)據(jù)濫用帶來違法與犯罪風(fēng)險(xiǎn)························································13
1.4.4 數(shù)字化技術(shù)蘊(yùn)含新的安全風(fēng)險(xiǎn)························································14
1.4.5 數(shù)據(jù)全生命周期管理不足引發(fā)短板效應(yīng)············································15
1.5 本章小結(jié) ···························································································16
第二章 鑄范:電力行業(yè)數(shù)據(jù)安全政策法規(guī) ······························································18
2.1 電力行業(yè)數(shù)據(jù)安全相關(guān)法律法規(guī)解讀 ·······················································18
2.1.1 《中華人民共和國網(wǎng)絡(luò)安全法》 ······················································19
2.1.2 《中華人民共和國數(shù)據(jù)安全法》 ······················································22
2.1.3 《中華人民共和國密碼法》 ····························································24
2.1.4 《中華人民共和國個(gè)人信息保護(hù)法》 ················································24
2.1.5 《最高人民法院��、最高人民檢察院關(guān)于辦理侵犯公民個(gè)人信息刑事案件適用法律若干問題的解釋》····················26
2.1.6 《網(wǎng)絡(luò)安全審查辦法》 ··································································29
2.1.7 《信息安全技術(shù)—網(wǎng)絡(luò)安全等級(jí)保護(hù)基本要求》 ·································30
2.1.8 《關(guān)鍵信息基礎(chǔ)設(shè)施安全保護(hù)條例》 ················································33
2.2 電力行業(yè)數(shù)據(jù)安全相關(guān)政策要求 ·····························································35
2.2.1 《電力監(jiān)控系統(tǒng)安全防護(hù)規(guī)定》 ······················································35
2.2.2 《電力監(jiān)控系統(tǒng)安全防護(hù)總體方案》 ················································37
2.2.3 《加強(qiáng)工業(yè)互聯(lián)網(wǎng)安全工作的指導(dǎo)意見》 ··········································37
2.2.4 《工業(yè)和信息化領(lǐng)域數(shù)據(jù)安全管理辦法(試行)》································38
2.2.5 《關(guān)于加強(qiáng)電力行業(yè)網(wǎng)絡(luò)安全工作的指導(dǎo)意見》 ·································40
2.2.6 《電力行業(yè)網(wǎng)絡(luò)安全管理辦法》 ······················································41
2.2.7 《電力可靠性管理辦法(暫行)》·····················································42
2.2.8 《電力行業(yè)網(wǎng)絡(luò)安全等級(jí)保護(hù)管理辦法》 ··········································43
2.3 本章小結(jié) ···························································································44
第三章 鍛造:電力行業(yè)數(shù)據(jù)安全保護(hù)體系 ······························································46
3.1 如何做好電力企業(yè)的數(shù)據(jù)安全管理 ··························································48
3.1.1 至關(guān)重要的組織架構(gòu)····································································48
3.1.2 缺一不可的制度流程····································································50
3.1.3 必不可少的管理機(jī)制····································································52
3.1.4 不可或缺的人員管理····································································54
3.2 如何做好電力企業(yè)數(shù)據(jù)安全技術(shù)防護(hù) ·······················································56
3.2.1 數(shù)據(jù)分級(jí)分類安全防護(hù)·································································58
3.2.2 數(shù)據(jù)安全精準(zhǔn)防護(hù)·······································································59
3.2.3 數(shù)據(jù)交互開放可信·······································································60
3.3 如何做好電力企業(yè)數(shù)據(jù)安全運(yùn)營及服務(wù) ····················································61
3.3.1 數(shù)據(jù)安全監(jiān)測(cè)·············································································61
3.3.2 數(shù)據(jù)安全評(píng)估·············································································61
3.3.3 數(shù)據(jù)安全審計(jì)·············································································63
3.4 本章小結(jié) ···························································································63
第四章 淬火:電力數(shù)據(jù)安全防護(hù)技術(shù) ····································································65
4.1 傳統(tǒng)數(shù)據(jù)安全保護(hù)技術(shù) ·········································································65
4.1.1 邊界防護(hù)···················································································65
4.1.2 身份認(rèn)證及訪問控制····································································66
4.1.3 數(shù)據(jù)安全審計(jì)·············································································68
4.1.4 數(shù)據(jù)脫敏···················································································70
4.1.5 數(shù)據(jù)追蹤溯源·············································································71
4.1.6 數(shù)據(jù)加密···················································································72
4.1.7 數(shù)字簽名···················································································73
4.1.8 數(shù)據(jù)沙箱···················································································75
4.1.9 數(shù)據(jù)庫防火墻·············································································76
4.2 新型數(shù)據(jù)安全保護(hù)技術(shù) ·········································································77
4.2.1 基于人工智能的數(shù)據(jù)安全技術(shù)························································78
4.2.2 基于區(qū)塊鏈的數(shù)據(jù)安全技術(shù)···························································78
4.2.3 基于零信任架構(gòu)的數(shù)據(jù)安全技術(shù)·····················································79
4.2.4 基于安全多方計(jì)算的數(shù)據(jù)安全技術(shù)··················································81
4.2.5 基于差分隱私保護(hù)的數(shù)據(jù)安全技術(shù)··················································83
4.2.6 敏感數(shù)據(jù)識(shí)別技術(shù)·······································································84
4.2.7 基于 API 監(jiān)測(cè)的數(shù)據(jù)安全技術(shù) ·······················································86
4.2.8 基于數(shù)據(jù)流轉(zhuǎn)監(jiān)測(cè)的數(shù)據(jù)安全技術(shù)··················································87
4.3 本章小結(jié) ···························································································88
第五章 拋光:電力行業(yè)數(shù)據(jù)全生命周期安全風(fēng)險(xiǎn)分析及對(duì)策 ······································91
5.1 數(shù)據(jù)全生命周期概述 ············································································91
5.2 數(shù)據(jù)采集階段 ·····················································································92
5.2.1 電力行業(yè)數(shù)據(jù)采集方式·································································93
5.2.2 風(fēng)險(xiǎn)分析···················································································98
5.2.3 應(yīng)對(duì)措施···················································································99
5.3 數(shù)據(jù)傳輸階段 ··················································································.102
5.3.1 電力行業(yè)常用數(shù)據(jù)傳輸方式························································.102
5.3.2 風(fēng)險(xiǎn)分析················································································.107
5.3.3 應(yīng)對(duì)措施················································································.108
5.4 數(shù)據(jù)存儲(chǔ)階段 ··················································································.109
5.4.1 電力行業(yè)數(shù)據(jù)存儲(chǔ)方式······························································.109
5.4.2 風(fēng)險(xiǎn)分析················································································.111
5.4.3 應(yīng)對(duì)措施················································································.112
5.5 數(shù)據(jù)處理階段 ··················································································.114
5.5.1 電力行業(yè)常見數(shù)據(jù)處理場(chǎng)景························································.114
5.5.2 風(fēng)險(xiǎn)分析················································································.115
5.5.3 應(yīng)對(duì)措施················································································.116
5.6 數(shù)據(jù)交換階段 ··················································································.120
5.6.1 電力數(shù)據(jù)交換場(chǎng)景····································································.120
5.6.2 風(fēng)險(xiǎn)分析················································································.120
5.6.3 應(yīng)對(duì)措施················································································.122
5.7 數(shù)據(jù)銷毀階段 ··················································································.124
5.7.1 風(fēng)險(xiǎn)分析················································································.125
5.7.2 應(yīng)對(duì)措施················································································.126
5.8 運(yùn)維環(huán)節(jié)的安全風(fēng)險(xiǎn) ·········································································.128
5.8.1 風(fēng)險(xiǎn)分析················································································.128
5.8.2 應(yīng)對(duì)措施················································································.129
5.9 本章小結(jié) ························································································.129
第六章 出鞘:電力行業(yè)數(shù)據(jù)安全典型事件 ···························································.131
6.1 電力行業(yè)黑客攻擊典型案例 ································································.131
6.1.1 烏克蘭電力系統(tǒng)遭受攻擊···························································.132
6.1.2 委內(nèi)瑞拉電網(wǎng)遭受攻擊······························································.134
6.1.3 暴露的問題·············································································.135
6.1.4 應(yīng)對(duì)措施················································································.135
6.2 供應(yīng)鏈安全引發(fā)數(shù)據(jù)泄露事件 ·····························································.136
6.2.1 Equifax 公司信息泄露事件··························································.137
6.2.2 SolarWinds 供應(yīng)鏈攻擊事件························································.137
6.2.3 暴露的問題·············································································.138
6.2.4 應(yīng)對(duì)措施················································································.138
6.3 內(nèi)部人員由于安全意識(shí)淡薄導(dǎo)致數(shù)據(jù)泄露 ··············································.139
6.3.1 APT 黑客組織“蜻蜓”入侵美國電網(wǎng) ···········································.139
6.3.2 烏克蘭某核電廠發(fā)生重大網(wǎng)絡(luò)安全事故·········································.140
6.3.3 暴露的問題·············································································.141
6.3.4 應(yīng)對(duì)措施················································································.141
6.4 系統(tǒng)配置不當(dāng)造成數(shù)據(jù)泄露 ································································.142
6.4.1 美國德州電氣工程公司(PQE)服務(wù)器配置引發(fā)數(shù)據(jù)泄露 ·················.142
6.4.2 德國電網(wǎng)公司數(shù)據(jù)泄露事件························································.143
6.4.3 暴露的問題·············································································.144
6.4.4 應(yīng)對(duì)措施················································································.144
6.5 典型的電力行業(yè)成功防御網(wǎng)絡(luò)攻擊案例 ·················································.144
6.5.1 美國新墨西哥公共服務(wù)公司成功應(yīng)對(duì)網(wǎng)絡(luò)攻擊事件 ··························.144
6.5.2 愛爾蘭國家電網(wǎng)公司成功應(yīng)對(duì)網(wǎng)絡(luò)攻擊事件···································.145
6.6 本章小結(jié) ························································································.146
第七章 劍舞:電力行業(yè)數(shù)據(jù)安全未來發(fā)展趨勢(shì) ·····················································.148
7.1 電力行業(yè)數(shù)據(jù)安全面臨新挑戰(zhàn) ·····························································.148
7.1.1 電力數(shù)據(jù)主權(quán)維護(hù)面臨著“新數(shù)據(jù)孤島”挑戰(zhàn) ···································.148
7.1.2 個(gè)人信息和隱私保護(hù)成為電力數(shù)據(jù)保護(hù)的主戰(zhàn)場(chǎng)·····························.149
7.1.3 電力行業(yè)數(shù)據(jù)安全管控更加依賴新技術(shù)應(yīng)用···································.149
7.2 電力行業(yè)數(shù)據(jù)安全未來發(fā)展趨勢(shì) ··························································.149
7.2.1 數(shù)據(jù)安全政策法規(guī)和監(jiān)管措施將日趨完善······································.149
7.2.2 電力數(shù)據(jù)版權(quán)管理體系發(fā)展步入正軌············································.149
7.2.3 電力行業(yè)的安全體系建設(shè)逐步落地···············································.150
7.2.4 電力行業(yè)數(shù)據(jù)安全重要性日益突出···············································.150
書單推薦
