性videosgratis灌满|国产成人精品高清在线观看99|无码日本电影一区二区网站|成人性生交大片免费看京东小视频|熟妇与小伙子MATUR老熟妇E

政府行業5G專網零信任二次鑒權解決方案

解(jie)決5G專網(wang)接入(ru)、局域網(wang)接入(ru)、互聯網(wang)接入(ru)三大場景(jing)零信任安全接入(ru)

行業現狀

Industry status

國(guo)(guo)(guo)家(jia)(jia)電子(zi)(zi)政(zheng)(zheng)(zheng)(zheng)務(wu)(wu)(wu)(wu)外網(wang)(wang)(wang)(wang)(wang)(wang)作為(wei)(wei)我國(guo)(guo)(guo)電子(zi)(zi)政(zheng)(zheng)(zheng)(zheng)務(wu)(wu)(wu)(wu)重要(yao)公共(gong)基(ji)(ji)礎設(she)施(shi),是服(fu)務(wu)(wu)(wu)(wu)于(yu)(yu)(yu)各(ge)級(ji)黨委(wei)、人大、政(zheng)(zheng)(zheng)(zheng)府(fu)、政(zheng)(zheng)(zheng)(zheng)協、法(fa)(fa)院和檢察院等政(zheng)(zheng)(zheng)(zheng)務(wu)(wu)(wu)(wu)部門,滿足(zu)其(qi)經濟調(diao)節(jie)、市場監管(guan)、社會管(guan)理和公共(gong)服(fu)務(wu)(wu)(wu)(wu)等方面需(xu)(xu)(xu)要(yao)的(de)(de)(de)政(zheng)(zheng)(zheng)(zheng)務(wu)(wu)(wu)(wu)公用(yong)(yong)(yong)網(wang)(wang)(wang)(wang)(wang)(wang)絡(luo)(luo)。5G技術具有(you)(you)高帶寬、低時(shi)延、海量終(zhong)端(duan)通信(xin)(xin)(xin)三大基(ji)(ji)本特(te)征,正(zheng)賦(fu)能促進政(zheng)(zheng)(zheng)(zheng)務(wu)(wu)(wu)(wu)信(xin)(xin)(xin)息化(hua)(hua)、數(shu)字化(hua)(hua)、智(zhi)能化(hua)(hua)轉型。5G基(ji)(ji)礎設(she)施(shi)布局、以(yi)5G專(zhuan)(zhuan)網(wang)(wang)(wang)(wang)(wang)(wang)為(wei)(wei)代表的(de)(de)(de)創新技術發(fa)(fa)展基(ji)(ji)本成熟,足(zu)以(yi)支(zhi)撐政(zheng)(zheng)(zheng)(zheng)務(wu)(wu)(wu)(wu)行(xing)業賦(fu)能,各(ge)地政(zheng)(zheng)(zheng)(zheng)府(fu)單位已開展5G智(zhi)慧應(ying)(ying)用(yong)(yong)(yong)建(jian)設(she),如移動(dong)(dong)(dong)辦公、移動(dong)(dong)(dong)執法(fa)(fa)、疫(yi)情防(fang)控(kong)、安(an)(an)(an)(an)防(fang)監控(kong)等場景,5G新技術的(de)(de)(de)政(zheng)(zheng)(zheng)(zheng)務(wu)(wu)(wu)(wu)應(ying)(ying)用(yong)(yong)(yong)處于(yu)(yu)(yu)快(kuai)速發(fa)(fa)展階段。 在(zai)政(zheng)(zheng)(zheng)(zheng)策(ce)(ce)推動(dong)(dong)(dong)方面,《“十四(si)(si)五”國(guo)(guo)(guo)家(jia)(jia)信(xin)(xin)(xin)息化(hua)(hua)規(gui)劃》代表著由(you)中(zhong)(zhong)央(yang)從頂(ding)層規(gui)劃5G發(fa)(fa)展數(shu)字藍圖。國(guo)(guo)(guo)家(jia)(jia)大力支(zhi)持出(chu)(chu)(chu)臺(tai)包括《5G應(ying)(ying)用(yong)(yong)(yong)“揚帆”行(xing)動(dong)(dong)(dong)計(ji)劃(2021-2023年(nian))》在(zai)內的(de)(de)(de)政(zheng)(zheng)(zheng)(zheng)策(ce)(ce)文(wen)件(jian),其(qi)中(zhong)(zhong)各(ge)省(sheng)市重點(dian)扶持5G政(zheng)(zheng)(zheng)(zheng)策(ce)(ce)文(wen)件(jian)574個,全(quan)(quan)國(guo)(guo)(guo)各(ge)地掀起了(le)5G應(ying)(ying)用(yong)(yong)(yong)“揚帆”發(fa)(fa)展的(de)(de)(de)熱潮,各(ge)地政(zheng)(zheng)(zheng)(zheng)府(fu)紛紛結合(he)(he)當地實際需(xu)(xu)(xu)求(qiu)和產業特(te)色推出(chu)(chu)(chu)5G發(fa)(fa)展行(xing)動(dong)(dong)(dong)計(ji)劃。同時(shi),也對5G專(zhuan)(zhuan)網(wang)(wang)(wang)(wang)(wang)(wang)提出(chu)(chu)(chu)了(le)很高的(de)(de)(de)安(an)(an)(an)(an)全(quan)(quan)要(yao)求(qiu),例如十四(si)(si)五“國(guo)(guo)(guo)家(jia)(jia)信(xin)(xin)(xin)息化(hua)(hua)規(gui)劃”中(zhong)(zhong)提出(chu)(chu)(chu)要(yao)強化(hua)(hua)5G網(wang)(wang)(wang)(wang)(wang)(wang)絡(luo)(luo)安(an)(an)(an)(an)全(quan)(quan)保障體系;《廣(guang)東省(sheng)電子(zi)(zi)政(zheng)(zheng)(zheng)(zheng)務(wu)(wu)(wu)(wu)外網(wang)(wang)(wang)(wang)(wang)(wang)5G無(wu)線接(jie)(jie)入(ru)服(fu)務(wu)(wu)(wu)(wu)建(jian)設(she)規(gui)范》中(zhong)(zhong)要(yao)求(qiu):5G無(wu)線網(wang)(wang)(wang)(wang)(wang)(wang)絡(luo)(luo)應(ying)(ying)提供網(wang)(wang)(wang)(wang)(wang)(wang)絡(luo)(luo)側的(de)(de)(de)二次認證能力,并應(ying)(ying)對接(jie)(jie)政(zheng)(zheng)(zheng)(zheng)務(wu)(wu)(wu)(wu)外網(wang)(wang)(wang)(wang)(wang)(wang)認證服(fu)務(wu)(wu)(wu)(wu)器(qi),當5G無(wu)線網(wang)(wang)(wang)(wang)(wang)(wang)絡(luo)(luo)核(he)心網(wang)(wang)(wang)(wang)(wang)(wang)收到移動(dong)(dong)(dong)終(zhong)端(duan)的(de)(de)(de)業務(wu)(wu)(wu)(wu)請求(qiu)時(shi),觸(chu)發(fa)(fa)用(yong)(yong)(yong)戶二次鑒(jian)權(quan)(quan)。國(guo)(guo)(guo)家(jia)(jia)信(xin)(xin)(xin)息中(zhong)(zhong)心也于(yu)(yu)(yu)2022年(nian)7月1日頒布《政(zheng)(zheng)(zheng)(zheng)務(wu)(wu)(wu)(wu)外網(wang)(wang)(wang)(wang)(wang)(wang)終(zhong)端(duan)一機(ji)兩(liang)用(yong)(yong)(yong)安(an)(an)(an)(an)全(quan)(quan)管(guan)控(kong)技術指南(nan)》,5G專(zhuan)(zhuan)網(wang)(wang)(wang)(wang)(wang)(wang)作為(wei)(wei)政(zheng)(zheng)(zheng)(zheng)務(wu)(wu)(wu)(wu)外網(wang)(wang)(wang)(wang)(wang)(wang)組(zu)成的(de)(de)(de)一部分(fen)也應(ying)(ying)該參考該標準要(yao)求(qiu),利用(yong)(yong)(yong)零信(xin)(xin)(xin)任技術,確保只有(you)(you)合(he)(he)法(fa)(fa)合(he)(he)規(gui)的(de)(de)(de)終(zhong)端(duan)才能接(jie)(jie)入(ru)到5G專(zhuan)(zhuan)網(wang)(wang)(wang)(wang)(wang)(wang)訪(fang)問相應(ying)(ying)權(quan)(quan)限范圍內的(de)(de)(de)應(ying)(ying)用(yong)(yong)(yong)。 5G專(zhuan)(zhuan)網(wang)(wang)(wang)(wang)(wang)(wang)帶來高速、便捷(jie)的(de)(de)(de)政(zheng)(zheng)(zheng)(zheng)務(wu)(wu)(wu)(wu)業務(wu)(wu)(wu)(wu)訪(fang)問,同時(shi)也伴隨著安(an)(an)(an)(an)全(quan)(quan)風(feng)險(xian)(xian),這些風(feng)險(xian)(xian)來源于(yu)(yu)(yu):(1)5G專(zhuan)(zhuan)網(wang)(wang)(wang)(wang)(wang)(wang)二次認證安(an)(an)(an)(an)全(quan)(quan)風(feng)險(xian)(xian):終(zhong)端(duan)接(jie)(jie)入(ru)到5G網(wang)(wang)(wang)(wang)(wang)(wang)絡(luo)(luo)時(shi)通過(guo)5G核(he)心網(wang)(wang)(wang)(wang)(wang)(wang)UDM進行(xing)的(de)(de)(de)鑒(jian)權(quan)(quan)認證成功后,獲得5G專(zhuan)(zhuan)網(wang)(wang)(wang)(wang)(wang)(wang)網(wang)(wang)(wang)(wang)(wang)(wang)絡(luo)(luo)資(zi)源,在(zai)訪(fang)問電子(zi)(zi)政(zheng)(zheng)(zheng)(zheng)務(wu)(wu)(wu)(wu)網(wang)(wang)(wang)(wang)(wang)(wang)時(shi)不需(xu)(xu)(xu)要(yao)進行(xing)認證,存在(zai)安(an)(an)(an)(an)全(quan)(quan)風(feng)險(xian)(xian)。(2)5G專(zhuan)(zhuan)網(wang)(wang)(wang)(wang)(wang)(wang)熱點(dian)共(gong)享(xiang)安(an)(an)(an)(an)全(quan)(quan)風(feng)險(xian)(xian):終(zhong)端(duan)接(jie)(jie)入(ru)到5G專(zhuan)(zhuan)網(wang)(wang)(wang)(wang)(wang)(wang)存在(zai)熱點(dian)共(gong)享(xiang)非授(shou)權(quan)(quan)訪(fang)問風(feng)險(xian)(xian),即(ji)5G專(zhuan)(zhuan)網(wang)(wang)(wang)(wang)(wang)(wang)手機(ji)開啟(qi)WIFI熱點(dian),非授(shou)權(quan)(quan)終(zhong)端(duan)能夠通過(guo)該熱點(dian)訪(fang)問5G專(zhuan)(zhuan)網(wang)(wang)(wang)(wang)(wang)(wang)。

解決方案

Solution

以聯(lian)軟(ruan)UniEMM企(qi)業移動(dong)安(an)全(quan)管(guan)理(li)(li)平臺為基(ji)礎的《政府行業5G專網(wang)(wang)(wang)(wang)零信任鑒(jian)(jian)權解(jie)(jie)決方(fang)案(an)(an)》,采用零信任技術實(shi)現5G專網(wang)(wang)(wang)(wang)終端二次鑒(jian)(jian)權認(ren)證、移動(dong)數據(ju)安(an)全(quan)等安(an)全(quan)能力,也能夠(gou)與政務(wu)外網(wang)(wang)(wang)(wang)一機(ji)兩用解(jie)(jie)決方(fang)案(an)(an)形成聯(lian)防(fang)聯(lian)動(dong),解(jie)(jie)決5G專網(wang)(wang)(wang)(wang)接入、局域網(wang)(wang)(wang)(wang)接入、互(hu)聯(lian)網(wang)(wang)(wang)(wang)接入三大場(chang)景零信任安(an)全(quan)接入,提供更全(quan)面的安(an)全(quan)、更極致的體驗(yan)、更高(gao)效的管(guan)理(li)(li)。該方(fang)案(an)(an)內容如下(xia):

● 終端零信(xin)任準入APP/SDK:支持(chi)移動終端(Android、鴻蒙、iOS),提供SPA認(ren)證(zheng)

● 零(ling)信(xin)(xin)(xin)任(ren)(ren)安(an)全(quan)(quan)網關:為訪(fang)問(wen)政務專網業務系(xi)統(tong)(tong)提供(gong)了統(tong)(tong)一(yi)的對外(wai)訪(fang)問(wen)入口(kou),終端訪(fang)問(wen)內網應用必須經過零(ling)信(xin)(xin)(xin)任(ren)(ren)安(an)全(quan)(quan)網關,并且與零(ling)信(xin)(xin)(xin)任(ren)(ren)安(an)全(quan)(quan)網關之間通過安(an)全(quan)(quan)隧道進行連(lian)接(jie)。所有的內網業務均隱藏在安(an)全(quan)(quan)網關后面(mian),通過零(ling)信(xin)(xin)(xin)任(ren)(ren)安(an)全(quan)(quan)網關統(tong)(tong)一(yi)對外(wai)發布,實(shi)現遠程接(jie)入場景下(xia),業務系(xi)統(tong)(tong)的隱藏,同時通過SPA預認(ren)證技術,實(shi)現安(an)全(quan)(quan)網關本身對外(wai)的端口(kou)隱藏,有效防止被掃描攻擊;

● 零信任管理平(ping)臺(tai):提供控制平(ping)面的(de)統一控制及管理能力(li)(li)。具(ju)備(bei)身份認證(zheng)、終端管理、數據安全防(fang)護、動態權限控制、持續信任評估等能力(li)(li)。

● 統(tong)(tong)(tong)一認(ren)證(zheng):系統(tong)(tong)(tong)支持與省(sheng)統(tong)(tong)(tong)一身份認(ren)證(zheng)平臺對接,實現(xian)普通用戶賬密認(ren)證(zheng)、短信認(ren)證(zheng)、粵(yue)政易(yi)掃碼認(ren)證(zheng)。也支持與運營商(shang)超級SIM認(ren)證(zheng)系統(tong)(tong)(tong)對接,實現(xian)手機SIM認(ren)證(zheng)。

● 零信(xin)任安全接(jie)入(ru):終端(duan)接(jie)入(ru)5G專網(wang)訪問政(zheng)務(wu)外(wai)網(wang)辦公業(ye)務(wu)時(shi)需要經過零信(xin)任安全接(jie)入(ru)認證(zheng),基于(yu)每(mei)個業(ye)務(wu)應用建立獨(du)立的(de)國(guo)密安全隧道,保障遠程數據訪問的(de)通信(xin)安全;

● 政(zheng)務(wu)(wu)(wu)(wu)(wu)業(ye)務(wu)(wu)(wu)(wu)(wu)管理(li):以管理(li)平臺(tai)自身的業(ye)務(wu)(wu)(wu)(wu)(wu)全(quan)生命周(zhou)期管理(li)能力,靈活管理(li)CS/BS/H5/等政(zheng)務(wu)(wu)(wu)(wu)(wu)業(ye)務(wu)(wu)(wu)(wu)(wu)應用(yong),定義業(ye)務(wu)(wu)(wu)(wu)(wu)發(fa)布上(shang)線規則,確保(bao)每(mei)個業(ye)務(wu)(wu)(wu)(wu)(wu)系統在(zai)政(zheng)務(wu)(wu)(wu)(wu)(wu)外(wai)網上(shang)規范(fan)化管理(li),確保(bao)基于用(yong)戶身份(fen)進行(xing)業(ye)務(wu)(wu)(wu)(wu)(wu)訪問的整體管理(li)效果。

● 移動(dong)數據(ju)安(an)全:對政務(wu)外(wai)網業(ye)務(wu)應用產(chan)生(sheng)的(de)數據(ju)通(tong)過安(an)全沙(sha)箱、水(shui)(shui)印等手段進(jin)行防(fang)護(hu)(hu),用戶基(ji)于業(ye)務(wu)系統下載(zai)的(de)業(ye)務(wu)數據(ju),保存在移動(dong)安(an)全沙(sha)箱,與(yu)本地數據(ju)隔離,可通(tong)過安(an)全瀏覽器或安(an)全閱讀器進(jin)行查閱,同(tong)時(shi)附加屏幕水(shui)(shui)印防(fang)護(hu)(hu),預防(fang)拍照;禁止截屏,保護(hu)(hu)數據(ju)安(an)全。

客戶價值

Customer value

固移一體化(hua):一套(tao)系統管理PC終(zhong)端、移動(dong)終(zhong)端,節省投資、簡化(hua)運(yun)維。

有效隱(yin)身(shen):基于(yu)SPA,解(jie)決(jue)業務掃(sao)描帶來的安全(quan)風險,實現5G專網(wang)網(wang)絡及資源的“真”隱(yin)身(shen)。

數據(ju)安(an)全:集數據(ju)沙箱、水(shui)印、應用行為管控(復制/截屏/分享等)于一體的(de)數據(ju)保護(hu)能力,實現多場景下的(de)數據(ju)安(an)全保護(hu)。

統(tong)一(yi)(yi)兼容:覆蓋各類操作系統(tong):Android、iOS、鴻蒙(meng)、Windows、macOS、Linux、UOS、銀(yin)河麒麟,實現統(tong)一(yi)(yi)管理。

大(da)量實(shi)踐案(an)例證(zheng)明:中國家信息中心(xin)、安徽省大(da)數據中心(xin)、中山市(shi)政務服務數據管(guan)理(li)(li)局(ju)、深圳(zhen)市(shi)大(da)數據局(ju)資源管(guan)理(li)(li)中心(xin)、澳門博(bo)彩監察(cha)協調(diao)局(ju)等。