从多个角度分析了测控网面临的安全威胁,研究了ESA(欧空局)和NASA(美国国家航空航天局)安全标准体系、安全技术应用和安全管理,总结了国外安全防护体系建设在顶层设计、制度建设、安全训练、威胁感知等方面的特点.基于我国测控网的特点,研究了边界安全、数据安全、终端安全以及备份与恢复等层面安全技术的部署,提出一个基于安全域划分的安全防护技术框架,其中各安全域可根据任务需要进行裁剪或扩展,具有一定灵活性.同时,在综合考虑规章制度、安全训练、安全技术以及安全审计与咨询等多种因素基础上,提出一个安全管理模型,该模型提供了安全管理与安全技术紧密结合的方法.%Security threats facing TT&C (Tracking,Telemetry and Command) networks are analyzed from different perspectives.Following study of the security standards architecture,application of security technologies and security management of ESA (European Space Agency) and NASA (National Aeronautics and Space Administration),the paper summarizes the features of development of security protection systems of foreign space agencies in top level design,regulations,security training,awareness to threats,etc.Based on the characteristics of China's TT&C networks and considerations for deployment of security technologies in terms of edge security,data security,terminal security and backup and recovery,a security protection technology framework based on security domain division is proposed.A certain degree of flexibility is provided by tailoring or extension of each security domain according to mission requirements.Meanwhile,a security management model is proposed based on comprehensive consideration for rules and regulations,security training,security technologies,security audits,consulting,etc.and the model facilitates an approach for close combination of security management and security technologies.
展开▼
