Page 51 - 捷運技術 第32期
P. 51
捷運技術半年刊 第 32 期 94 年 2 月 41
臺北捷運工程資訊安全
2
詹益創 1 董慶德
摘
要
摘摘 要要
摘 要
隨著網際網路廣泛高度應用,大家都為病毒、駭客、木馬等資訊安全名詞談虎變色,各
種複雜的攻擊威脅事件層出不窮,令人防不勝防,任何個人或企業都無法保證絕不會遭受其
害,輕則個人資料被破壞,重則企業資料損毀、資訊機密被竊取、篡改,甚至發生資訊網路
風暴,癱瘓整體企業機構運作機能。身處高度資訊化時代,我們無論是工作上或是生活上幾
乎離不開資訊環境,也都享受著四通八達的資訊網路所帶來方便性,但是,他所帶來的資訊
安全問題也讓人們吃盡苦頭,必須投入更多資源防患未然。
本局資訊系統已發展逾十五年,資訊網路早已是每日不可或缺重要設備之一,同樣也面
臨舉世皆然的資訊安全問題,無論資訊系統實體安全或管理安全都必須依時空環境逐一克
服。本文主要目的,即在說明本局對於資訊安全之應用與作為,提供經驗分享與交流。
關鍵詞:單一登入、自然人憑證、防火牆、無線網路、安全政策
Information Security for the Taipei Rapid
Transit Systems
Yih-chuang Jan Ching-der Tung
Abstract
With our increasing dependence on the Internet, people involved in computer networks also
begin to worry about the damage caused to computers by viruses and hackers, both of which will
hinder the overall functioning of an enterprise. The result is that individual material will be
destroyed and the enterprise material will be also damaged. Information can be secretly stolen,
tampered with, or the network can even be poisoned.
Virus attacks are becoming more and more complex and are unpreventable in the long run. No
individual or enterprise can be guaranteed against remaining undamaged. In this highly developed
information era, we should not only enjoy the convenience network resources bring to us, but must
also invest more resources in preventing the disaster from happening.
Having been developed over 15 years, the information system of Department of Rapid Transit
Systems (DORTS) has become one of the most essential facilities. We also face the same
information security problems as other countries. Problems pertaining to both the information
system entity security and management must be overcome. This paper aims to describe our
solutions to threats to information security.
Keywords:single sign-on, citizen digital certificate, firewall, wireless LAN, security policy
1.捷運工程局技術發展處 副工程司
2.捷運工程局技術發展處 幫工程司
