| 57 | 0 | 3 |
| 下载次数 | 被引频次 | 阅读次数 |
数字化时代下,云网融合推动网络向虚拟化、服务化深度演进,传统基于边界防护的被动安全体系难以满足远程办公、智能运维等新兴场景的需求。聚焦新一代电信云网架构演进趋势,系统梳理业界内生安全技术路线,剖析其面临的云网环境下安全可见性不足、安全能力与云网业务协同滞后等挑战,提出一种深度嵌入云网基础设施的内生安全架构。该架构涵盖智能威胁感知、零信任策略联动等关键技术。本研究可为电信云网的安全范式转型及产业实践提供理论支撑与技术参考。
Abstract:In the digital era, the cloud-network convergence drives networks toward deeper virtualization and servitization, while traditional passive perimeter-based security systems struggle to meet the demands of emerging scenarios such as remote work and intelligent operations. This paper focuses on the evolution trends of next-generation telecom cloud-network architectures, systematically analyzes existing endogenous security technical approaches in the industry, and examines the challenges they face in cloud-network environments, such as insufficient security visibility and delayed coordination between security capabilities and cloud-network services. We propose an endogenous security architecture deeply embedded in cloud-network infrastructure, which incorporates key technologies such as intelligent threat detection and zero-trust strategy coordination. The proposed architecture and technologies offer both theoretical foundations and technical references for the security paradigm transformation and industrial implementation of telecom cloud-network systems.
[1]王瀚洲,刘建伟.网络内生安全研究现状与关键技术[J].中兴通讯技术,2022,28(6):2-11.DOI:10.12142/ZTETJ.202206002
[2]CN-SEC中文网.几乎所有客户被波及!美国电信巨头AT&T再曝重大数据泄漏事故[EB/OL].(2024-07-17)[2025-03-25].https://cnsec.com/archives/2967820.html
[3]LIU X Y,WANG H Z,LI C X.A review of endogenous security research[J].Electronics,2024,13(11):2185.DOI:10.3390/electronics13112185
[4]199IT.Cybersecurity Insiders:2023年云安全报告[EB/OL].(2023-07-29)[2025-03-25].https://www.199it.com/archives/1625456.html
[5]中国电信.云网内生安全白皮书[R].2023
[6]邬江兴.网络空间内生安全发展范式[J].中国科学:信息科学,2022,52(2):189-204
[7]JI X S,WU J X,JIN L,et al.Discussion on a new paradigm of endogenous security towards 6G networks[J].Frontiers of information technology&electronic engineering,2022,23(10):1421-1450.DOI:10.1631/FITEE.2200060
[8]吴建军,孙黎,王东晖,等.面向6G网络的内生安全架构和关键技术思考[J].中国科学:信息科学,2024,54(12):2881-2904
[9]AHMADI S.Zero trust architecture in cloud networks:application,challenges and future opportunities[J].Journal of engineering research and reports,2024,26(2):215-228.DOI:10.9734/jerr/2024/v26i21083
[10]王群,袁泉,李馥娟,等.零信任网络及其关键技术综述[J].计算机应用,2023,43(4):1142-1150
[11]刘云峰,翟大海,段张珏.零信任网络理念、架构及关键技术综述[J].现代传输,2024(5):61-70
[12]3GPP.Study on enablers for zero trust security:3GPP TR 33.794[S].2023
[13]史凡.云网络:云网融合的新型网络发展趋势[J].中兴通讯技术,2022,28(1):8-10.DOI:10.12142/ZTETJ.202201004
[14]中国电信.云网融合2030技术白皮书[R].2020
[15]DHIMAN P,SAINI N,GULZAR Y,et al.A review and comparative analysis of relevant approaches of zero trust network model[J].Sensors,2024,24(4):1328.DOI:10.3390/s24041328
[16]粟栗,庄小君,杜海涛,等.6G网络内生安全架构研究[J].中国科学:信息科学,2022,52(2):205-216
[17]QiAnXin Strategy Consulting and Planing Department&QiAnXin Industry Research Center.Built-in security:new generation of network security frame system and practice[M].Beijing:People’s Posts and Telecom Press,2021
[18]何国锋,段赟,刘东鑫,等.面向未来网络的高可信内生安全体系研究[J].网络安全与数据治理,2023,42(4):45-50.DOI:10.19358/j.issn.2097-1788.2023.04.008
[19]PATEL N.Secure access service edge (SASE):evaluating the impact of converged network security architectures in cloud computing[J].Journal of emerging technologies and innovative research,2024,11(3):12
基本信息:
DOI:
中图分类号:TP393.08
引用信息:
[1]袁超颖,白景鹏,袁淑美等.新一代电信云网内生安全架构研究[J].中兴通讯技术,2025,31(03):3-8.
基金信息: