

【作者】 张淼

【导师】 刘忠玉;

【作者基本信息】 东北财经大学 , 企业管理, 2007, 硕士

【摘要】 建设电子政府是信息时代各国政府的必然选择,电子政府的信息安全是电子政府构建的前提和基础。目前,随着我国政府上网步伐的加快和范围的日益扩展,信息安全问题已经成为电子政府发展的“瓶颈”之一,保障我国电子政府信息安全的重要性和迫切性日益突出。本文从分析电子政府信息安全的重要性和电子政府的安全威胁入手,剖析了我国电子政府出现的信息安全方面的问题及原因,最后从四个方面提出保障电子政府信息安全的策略。围绕着信息安全,将技术、管理、法律、人的意识协调起来共同发展,构筑一个相对安全的电子政府安全体系。全文共分三个部分。第一部分简述了电子政府的定义和内容,介绍了信息安全的概念和特点,电子政府信息安全的重要性及面临的安全威胁。电子政府是运用信息技术建立起来的、旨在为公众提供实体性政府服务的虚拟政府。电子政府系统中存放着大量的信息资源,而且大部分都关系着国家和公民的保密数据,信息安全就尤显重要。电子政府面临的威胁来自系统内部和系统外部,而最主要的威胁是来自系统外部的人为威胁。第二部分着重分析了我国电子政府的信息安全风险,主要来自四个方面:技术、管理、法律、人的意识。几乎没有具备自主知识产权的核心技术,网络安全技术也比较落后,再加上网络技术本身的缺陷和计算机系统本身的脆弱性是导致我国电子政府信息安全技术水平低的重要原因。安全管理体制风险主要体现在安全责任制度不明确、管理职能分散、管理政策不到位、信息安全管理标准不完善以及缺乏安全风险评估机制等。信息安全法律法规问题主要体现在立法层次不高、体系不完善、法规之间不统一、执行力不强等方面。人的安全意识问题主要从国家和个人两个层次来分析,如果国家对信息安全的认识不足,那么这个围家将付出惨痛的代价;民众的信息安全意识淡漠,也会使某些居心叵测的犯罪分子有机可乘。第三部分分别针对第二部分四个方面的风险分析提出了一些应对策略。首先国家要加强信息安全法律法规建设,尽快制定专门的电子政府信息安全法,以完善我国的网络信息安全法律体系。其次保障电子政府安全的技术机制方面主要分三个部分阐述:计算机系统硬件安全、信息安全技术、技术安全框架。接着,又介绍了信息安全管理体系的完善需要从安全政策、安全标准、安全评估和安全审计等四个环节来加以规范并进而实现有效的管理。所谓“三分技术、七分管理”,在技术完善的基础上,电子政府的安全与否,信息安全管理体系起着决定性的作用。最后提出了如何增强政府工作人员及企业和群众的信息安全意识,主要是通过培训和宣传的方式来加强信息安全部门与其他部门和个人的沟通。

【Abstract】 Building the E-government is the necessary chance to all state government in the informational era, however, the security of E-government information is essential and basic for building the E-government. At present, the safe problem has already become the one of "bottleneck", as the pace that our country builds the E-government speed up and the range unceasingly enlarged. It is the more important and urgent to ensure the informational security of E-government.This thesis sets out from the importance of E-government’ information security and the tlireatening factor of the information security of E-government. and analyzes deeply the problem and causes, at last proposing the tactics of protecting security of E-government from four aspects.The full paper is divided into three parts.The first part of the article introduces the definition and content of E-government, the concept and character of information security, the importance of information security and the threaten of information security to E-government. E-government is a kind of virtue government that using information technology to build up and aim to provide the real government services for public. There are a great many information resources, and most of them are secret data related to state or citizens, so that information security is particularly important. Threaten factor is all from internal and external of the E-government system, however, the most important of them is from human beings refers to external system.The second part of the article analyzes the risk of information security of E-government. The risk are mainly from the four aspects, technology, management, law, awareness of human beings. The important reasons that leading to the low level of information security of Chinese E-government is very low that nearly no independent intellectual property rights of core technology , backward Internet information security, defects of net technology and vulnerability of computer system. The risk of security management system most reflected in unclear responsibility of security system, decentralized management functions, Imperfect management policies, imperfect information security management standards and lack of security risk assessment mechanism. The issue of information security laws and regulations are mainly embodied in the low legislative level, imperfect law system, not uniform regulations, not strong executive power, and so on. The main safety awareness issues are analyzed from the national and individual levels. If the state is lack of awareness of information security, this country will have to pay a painful price; the Public is lack of awareness of information security, it will also cause some of the criminals take advantage of the weekness.The third part of the article proposes many strategy that aim to solve the risks analyzed in the second part. Firstly, in order to improve our law system of internet security, the government needs to enhance the law system of information security, and make up information security law of E-government as soon as possible. Secondly, the technology for protecting E-government security concludes three parts: hardware security of computer system, technology of information security, structure of technology security. The management system of information security needs to be improved in four sections, security policy, security standard, security assessment and security audit. It’s said that thirty percent determined to technology and seventy percent determined management. In the basic of improved technology, whether the E-government is safe or not, the management system of information security play a decisive role. At last, this article proposes how to enhance the information security awareness of workers in government, entrepreneur, public, it can be solved by training and publicity, increase the communication among the information department, other departments and personality.

【关键词】 电子政府信息安全问题策略
【Key words】 E-governmentinformation securityproblemstrategy
  • 【分类号】TP309;D630
  • 【被引频次】12
  • 【下载频次】890

