{"id":1647,"date":"2022-09-19T17:15:54","date_gmt":"2022-09-19T09:15:54","guid":{"rendered":"https:\/\/www.twgrid.org\/wordpress\/?page_id=1647"},"modified":"2025-09-24T16:33:35","modified_gmt":"2025-09-24T08:33:35","slug":"information-security-policy-statement","status":"publish","type":"page","link":"https:\/\/www.twgrid.org\/wordpress\/index.php\/information-security-policy-statement\/","title":{"rendered":"\u8cc7\u8a0a\u5b89\u5168\u653f\u7b56\u5ba3\u544a"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">Information Security Policy<\/h2>\n\n\n\n<p>1. Policy Purpose<br>The Academia Sinica Grid Computing Centre for High Energy Physics and Scientific Computing (hereinafter referred to as \u201cthe Center\u201d) establishes this Information Security Policy (hereinafter referred to as \u201cthe Policy\u201d) to promote information security and cloud security management systems, to build a secure and trustworthy information operating environment, and to ensure the security of data, systems, equipment, and networks. This Policy aims to safeguard information security, enhance cloud security, and improve service quality.<br>________________________________________<br>2. Scope of Application<br>This Policy applies to all Center staff, partners, and external parties (such as government agencies, suppliers, etc.), all of whom are responsible for complying with the Policy.<br>________________________________________<br>3. All staff and external personnel should keep in mind the advocacy slogan:<br>\u201cInformation Security is Everyone\u2019s Responsibility.\u201d<br>________________________________________<br>4. Information Security Policy and Objectives<br>4.1 Information Security Management and Legal Compliance<br>4.1.1 All Center staff must sign the \u201cAcademia Sinica Employment Contract.\u201d External project participants must sign the \u201cExternal Personnel Agreement,\u201d and must comply with relevant national laws and regulations, including but not limited to: National Secrets Protection Act, Trade Secrets Act, Personal Data Protection Act, Copyright Act, Criminal Code,Cybersecurity Management Act and its Enforcement Rules and subordinate regulations. Staff and external parties must not cause information leaks or engage in illegal activities.<br>4.1.2 Third parties entrusted with services must implement appropriate cybersecurity management measures or obtain third-party certification. If subcontracting is involved, the scope, parties, and subcontractors must also comply with information security requirements.<br>________________________________________<br>4.2 Access to commissioned, collaborative, or project-related data must be strictly controlled. Sensitive (confidential) information must be encrypted before transmission.<br>________________________________________<br>4.3 Cloud Service Security Management<br>4.3.1 In response to cloud service security risks, cloud services must be designed, built, and provided in accordance with ISO 27001 and ISO 27017 requirements, with proper risk management.<br>4.3.2 All internal personnel involved in cloud service design, planning, construction, and operations must sign documents acknowledging their legal responsibilities and obligations at the time of employment.<br>4.3.3 Internal personnel must sign confidentiality agreements to ensure proper control over confidential or sensitive data.<br>4.3.4 Access to system information follows the principles of least privilege and minimum necessary information, with account and role-based access control.<br>4.3.5 Only designated platform administrators are allowed to register and apply for system access rights.<br>4.3.6 Cloud services operate on a multi-tenant platform. Each tenant is allocated an independent virtualized space, ensuring that VM deployment and usage are isolated from other tenants.<br>4.3.7 Users will be proactively notified in advance of any platform optimization, adjustments, or changes that may affect services.<br>4.3.8 Cloud service change management must be handled by designated personnel.<br>4.3.9 Management access to VMs must be secured through encrypted connections such as SSH or VPN.<br>4.3.10 Cloud service account lifecycle management must be enforced.<br>4.3.11 The cloud platform must maintain historical records of all operations, including resource provisioning, modification, and decommissioning.<br>4.3.12 The cloud service provider is located in Taiwan and is responsible for storing and protecting customer data.<br>4.3.13 Violations and incidents must be communicated and shared to support investigation and evidence collection.<br>________________________________________<br>4.4 Information Security Objectives and Metrics<br>4.4.1 Confidentiality Objective: The number of detected incidents of sensitive data leakage must not exceed one per year.<br>4.4.2 Integrity Objective: The number of detected incidents of data tampering must not exceed one per year.<br>4.4.3 Availability Objective: The number of unexpected outages of the backbone network connection to Academia Sinica lasting over 48 hours must not exceed two per year.<br>4.4.4 Compliance Objective: The number of violations of national laws and regulations (e.g., National Secrets Protection Act, Trade Secrets Act, Personal Data Protection Act, Copyright Act, Criminal Code, Cybersecurity Management Act) must not exceed two per year.<br>________________________________________<br>5. Policy Review<br>5.1 This Policy must be reviewed at least once annually to ensure compliance with government regulations and to reflect the latest developments in information technology, thereby ensuring the effectiveness of information security management operations.<br>5.2 This Policy must be approved by the Management Committee or the Management Representative. Upon promulgation, it shall take effect and be communicated in written, electronic, or other forms to all staff, partners, and relevant units. Revisions shall follow the same procedure.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">\u8cc7\u8a0a\u5b89\u5168\u653f\u7b56<\/h2>\n\n\n\n<p>1. \u653f\u7b56\u76ee\u7684\uff1a\u4e2d\u592e\u7814\u7a76\u9662\u7269\u7406\u6240\u9ad8\u80fd\u7269\u7406\u8207\u79d1\u5b78\u8a08\u7b97\u6280\u8853\u4e2d\u5fc3\uff08\u4ee5\u4e0b\u7c21\u7a31\u672c\u4e2d\u5fc3\uff09\u70ba\u63a8\u52d5\u8cc7\u8a0a\u5b89\u5168\u3001\u96f2\u7aef\u5b89\u5168\u7ba1\u7406\u7cfb\u7d71\uff0c\u5efa\u7acb\u5b89\u5168\u53ca\u53ef\u4fe1\u8cf4\u4e4b\u8cc7\u8a0a\u4f5c\u696d\u74b0\u5883\uff0c\u78ba\u4fdd\u8cc7\u6599\u3001\u7cfb\u7d71\u3001\u8a2d\u5099\u53ca\u7db2\u8def\u5b89\u5168\uff0c\u7279\u8a02\u5b9a\u300c\u8cc7\u8a0a\u5b89\u5168\u653f\u7b56\u300d\uff08\u4ee5\u4e0b\u7c21\u7a31\u672c\u653f\u7b56\uff09\uff0c\u4ee5\u78ba\u4fdd\u8cc7\u8a0a\u5b89\u5168\u3001\u96f2\u7aef\u5b89\u5168\u53ca\u63d0\u5347\u670d\u52d9\u54c1\u8cea\u3002<br>2. \u9069\u7528\u7bc4\u570d\uff1a\u6240\u6709\u672c\u4e2d\u5fc3\u4e4b\u540c\u4ec1\u3001\u5408\u4f5c\u5925\u4f34\u3001\u5916\u90e8\u65b9\uff08\u5982\u884c\u653f\u6a5f\u95dc\u3001\u4f9b\u61c9\u5546\u7b49\uff09\u7b49\uff0c\u7686\u6709\u8cac\u4efb\u9075\u5faa\u672c\u653f\u7b56\u3002<br>3. \u672c\u4e2d\u5fc3\u6240\u6709\u540c\u4ec1\u3001\u5916\u90e8\u65b9\u4eba\u54e1\u8b39\u8a18\uff1a\u5ba3\u5c0e\u6a19\u8a9e\uff1a\u300c\u8cc7\u901a\u5b89\u5168\uff0c\u4eba\u4eba\u6709\u8cac\u300d\u3002<br>4. \u8cc7\u5b89\u653f\u7b56\u53ca\u8cc7\u5b89\u76ee\u6a19\uff1a<br>4.1 \u8cc7\u8a0a\u5b89\u5168\u7ba1\u7406\u8207\u6cd5\u898f<br>4.1.1 \u672c\u4e2d\u5fc3\u540c\u4ec1\u5747\u9808\u7c3d\u7f72\u300c\u4e2d\u592e\u7814\u7a76\u9662\u8058\uff08\u50f1\uff09\u4eba\u54e1\u5951\u7d04\u66f8\u300d\uff0c\u5916\u90e8\u65b9\u53c3\u52a0\u672c\u4e2d\u5fc3\u5c08\u6848\u4eba\u54e1\u5747\u9808\u7c3d\u7f72\u300c\u5916\u90e8\u65b9\u5207\u7d50\u66f8\u300d\uff0c\u4e26\u9075\u5b88\u300c\u570b\u5bb6\u6a5f\u5bc6\u4fdd\u8b77\u6cd5\u300d\u3001\u300c\u71df\u696d\u79d8\u5bc6\u6cd5\u300d\u3001\u300c\u500b\u4eba\u8cc7\u6599\u4fdd\u8b77\u6cd5\u300d\u3001\u300c\u8457\u4f5c\u6b0a\u6cd5\u300d\u3001\u300c\u5211\u6cd5\u300d\u3001\u300c\u8cc7\u901a\u5b89\u5168\u7ba1\u7406\u6cd5\u300d\u3001\u300c\u8cc7\u901a\u5b89\u5168\u7ba1\u7406\u6cd5\u65bd\u884c\u7d30\u5247\u300d\u53ca\u8cc7\u901a\u5b89\u5168\u7ba1\u7406\u6cd5\u5b50\u6cd5\u7b49\u570b\u5bb6\u76f8\u95dc\u6cd5\u898f\u4e4b\u8981\u6c42\uff0c\u4e14\u4e0d\u5f97\u767c\u751f\u6d29\u5bc6\u6216\u9055\u6cd5\u4e8b\u4ef6\u3002<br>4.1.2 \u8fa6\u7406\u672c\u4e2d\u5fc3\u53d7\u8a17\u696d\u52d9\u4e4b\u7b2c\u4e09\u65b9\uff0c\u5176\u76f8\u95dc\u7a0b\u5e8f\u53ca\u74b0\u5883\u61c9\u5177\u5099\u5b8c\u5584\u4e4b\u8cc7\u901a\u5b89\u5168\u7ba1\u7406\u63aa\u65bd\u6216\u901a\u904e\u7b2c\u4e09\u65b9\u9a57\u8b49\u3002\u7b2c\u4e09\u65b9\u8fa6\u7406\u53d7\u8a17\u696d\u52d9\u5176\u8907\u59d4\u8a17\u4e4b\u7bc4\u570d\u8207\u5c0d\u8c61\uff0c\u53ca\u8907\u59d4\u8a17\u4ea6\u61c9\u5177\u5099\u8cc7\u901a\u5b89\u5168\u7dad\u8b77\u63aa\u65bd\u3002<br>4.2 \u59d4\u88fd\u3001\u5171\u540c\u5408\u4f5c\u6216\u5c08\u6848\u8cc7\u6599\u4e4b\u5b58\u53d6\u6216\u7570\u52d5\uff0c\u5c08\u6848\u6a94\u6848\u5747\u61c9\u8a2d\u7f6e\u5b58\u53d6\u6b0a\u9650\uff0c\u654f\u611f\uff08\u6a5f\u5bc6\uff09\u8cc7\u8a0a\u50b3\u8f38\u524d\u5fc5\u9808\u5148\u884c\u52a0\u5bc6\u3002<br>4.3 \u96f2\u7aef\u670d\u52d9\u5b89\u5168\u7ba1\u7406\uff1a<br>4.3.1 \u56e0\u61c9\u96f2\u7aef\u670d\u52d9\u4e4b\u8cc7\u8a0a\u5b89\u5168\u98a8\u96aa\uff0c\u4f9d\u7167ISO 27001\u53caISO 27017\u4e4b\u8cc7\u5b89\u8981\u6c42\uff0c\u8a2d\u8a08\u3001\u5efa\u7f6e\u8207\u63d0\u4f9b\u96f2\u7aef\u670d\u52d9\uff0c\u4e26\u505a\u597d\u98a8\u96aa\u7ba1\u7406\u3002<br>4.3.2 \u6240\u6709\u96f2\u7aef\u670d\u52d9\u8a2d\u8a08\u3001\u898f\u5283\u3001\u5efa\u7f6e\u3001\u904b\u7dad\u7b49\u76f8\u95dc\u5167\u90e8\u2f08\u54e1\uff0c\u7686\u65bc\u4efb\u7528\u6642\u5373\u7c3d\u7f72\u544a\u77e5\u61c9\u8ca0\u7684\u6cd5\u5f8b\u8cac\u4efb\u8207\u7fa9\u52d9\u3002<br>4.3.3 \u76f8\u95dc\u5167\u90e8\u4eba\u54e1\u5747\u4e86\u89e3\u4e26\u7c3d\u7f72\u4fdd\u5bc6\u5207\u7d50\u6587\u4ef6\uff0c\u4ee5\u5c0d\u6a5f\u5bc6\u6027\u6216\u654f\u611f\u6027\u8cc7\u6599\u7684\u63a7\u7ba1\u3002<br>4.3.4 \u5167\u90e8\u2f08\u54e1\u5c0d\u76f8\u95dc\u7cfb\u7d71\u8cc7\u8a0a\u5b58\u53d6\uff0c\u4ee5\u6700\u5c0f\u6b0a\u9650\u3001\u6700\u5c11\u8cc7\u8a0a\u70ba\u539f\u5247\uff0c\u4e26\u4ee5\u5e33\u865f\u7533\u8acb\u8207\u89d2\u8272\u5206\u985e\u63a7\u7ba1\u6b0a\u9650\u3002<br>4.3.5 \u96f2\u7aef\u5e73\u53f0\u904b\u7dad\u4eba\u54e1\u50c5\u9650\u5b9a\u7279\u5b9a\u4eba\u54e1\u53ef\u8a3b\u518a\u7533\u8acb\u5e73\u53f0\u7cfb\u7d71\u5b58\u53d6\u6b0a\u9650\u3002<br>4.3.6 \u96f2\u7aef\u670d\u52d9\u70ba\u591a\u79df\u6236\u5e73\u53f0\uff0c\u6bcf\u4e00\u79df\u6236\u7686\u53ef\u4eab\u6709\u7368\u7acb\u865b\u64ec\u5316\u4f7f\u7528\u7a7a\u9593\uff0c\u65bc\u90e8\u7f72VM\u670d\u52d9\u548c\u4f7f\u7528\u6642\uff0c\u4e0d\u8207\u5176\u4ed6\u79df\u6236\u9593\u7684\u670d\u52d9\u8cc7\u6e90\u4e92\u76f8\u5f71\u97ff\u3002<br>4.3.7 \u96f2\u7aef\u670d\u52d9\u5982\u9700\u9032\u884c\u5e73\u53f0\u512a\u5316\u3001\u7570\u52d5\u8abf\u6574\u7b49\u53ef\u80fd\u5f71\u97ff\u670d\u52d9\u6642\uff0c\u5c07\u4e3b\u52d5\u63d0\u524d\u901a\u77e5\u7528\u6236\u3002<br>4.3.8 \u96f2\u7aef\u670d\u52d9\u9032\u884c\u8b8a\u66f4\u7ba1\u7406\u6642\uff0c\u7531\u5c08\u4eba\u8655\u7406\u96f2\u7aef\u670d\u52d9\u4efb\u4f55\u76f8\u95dc\u554f\u984c\u3002<br>4.3.9 \u96f2\u7aef\u670d\u52d9\u9700\u900f\u904eSSH\u6216VPN\u52a0\u5bc6\u9023\u7dda\u81f3VM\u9032\u884c\u7ba1\u7406\uff0c\u4ee5\u78ba\u4fdd\u9023\u7dda\u5b89\u5168\u3002<br>4.3.10 \u843d\u5be6\u96f2\u7aef\u670d\u52d9\u5e33\u6236\u7684\u751f\u547d\u9031\u671f\u7ba1\u7406\u3002<br>4.3.11 \u96f2\u7aef\u5e73\u53f0\u63d0\u4f9b\u7533\u88dd\u8cc7\u6e90\u7684\u65b0\u589e\u3001\u7570\u52d5\u3001\u9000\u79df\u7b49\u6240\u6709\u64cd\u4f5c\u6642\u9593\u6b77\u53f2\u7d00\u9304\u3002<br>4.3.12 \u672c\u96f2\u670d\u52d9\u63d0\u4f9b\u5546\u4f4d\u65bc\u81fa\u7063\uff0c\u53ef\u4ee5\u5132\u5b58\u53ca\u4fdd\u8b77\u96f2\u670d\u52d9\u5ba2\u6236\u8cc7\u6599\u3002<br>4.3.13 \u6e9d\u901a\u9055\u898f\u884c\u70ba\u8207\u8cc7\u8a0a\u5171\u4eab\uff0c\u4ee5\u5354\u52a9\u8abf\u67e5\u8207\u53d6\u8b49\u3002<br>4.4 \u8cc7\u8a0a\u5b89\u5168\u76ee\u6a19\u53ca\u91cf\u6e2c\uff1a<br>4.4.1 \u6a5f\u5bc6\u6027\u76ee\u6a19\u53ca\u91cf\u6e2c\u6307\u6a19\uff1a\u6bcf\u5e74\u9032\u884c\u7d71\u8a08\u906d\u67e5\u7372\u6d29\u6f0f\u6a5f\u654f\u8cc7\u6599\u4ef6\u6578\u4e0d\u5f97\u8d85\u904e\u4e00\u4ef6\u3002<br>4.4.2 \u5b8c\u6574\u6027\u76ee\u6a19\u53ca\u91cf\u6e2c\u6307\u6a19\uff1a\u6bcf\u5e74\u9032\u884c\u7d71\u8a08\u56de\u5831\u8cc7\u6599\u906d\u7ac4\u6539\u4ef6\u6578\u4e0d\u5f97\u8d85\u904e\u4e00\u4ef6\u3002<br>4.4.3 \u53ef\u7528\u6027\u76ee\u6a19\u53ca\u91cf\u6e2c\u6307\u6a19\uff1a\u6bce\u5e74\u9032\u884c\u7d71\u8a08\u9023\u63a5\u9662\u90e8\u4e3b\u5e79\u7db2\u8def\u975e\u9810\u671f\u4e2d\u65b748\u5c0f\u6642\u4ef6\u6578\u4e0d\u5f97\u8d85\u904e\u4e8c\u4ef6\u3002<br>4.4.4 \u9069\u6cd5\u6027\u76ee\u6a19\u53ca\u91cf\u6e2c\u6307\u6a19\uff1a\u6bcf\u5e74\u9032\u884c\u8cc7\u8a0a\u5b89\u5168\u7ba1\u7406\u5236\u5ea6\u4f5c\u696d\u6aa2\u9a57\uff0c\u56e0\u9055\u53cd\u300c\u570b\u5bb6\u6a5f\u5bc6\u4fdd\u8b77\u6cd5\u300d\u3001\u300c\u71df\u696d\u79d8\u5bc6\u6cd5\u300d\u3001\u300c\u500b\u4eba\u8cc7\u6599\u4fdd\u8b77\u6cd5\u300d\u3001\u300c\u8457\u4f5c\u6b0a\u6cd5\u300d\u3001\u300c\u5211\u6cd5\u300d\u3001\u300c\u8cc7\u901a\u5b89\u5168\u7ba1\u7406\u6cd5\u300d\u7b49\u570b\u5bb6\u76f8\u95dc\u6cd5\u898f\u4ef6\u6578\u4e0d\u5f97\u8d85\u904e\u4e8c\u4ef6\u3002<br>5 \u653f\u7b56\u5be9\u67e5\uff1a<br>5.1 \u672c\u653f\u7b56\u61c9\u81f3\u5c11\u6bcf\u5e74\u8a55\u4f30\u5be9\u67e5\u4e00\u6b21\uff0c\u4ee5\u7b26\u5408\u653f\u5e9c\u76f8\u95dc\u6cd5\u898f\u4e4b\u8981\u6c42\uff0c\u4e26\u53cd\u6620\u8cc7\u8a0a\u79d1\u6280\u4e4b\u6700\u65b0\u767c\u5c55\u73fe\u6cc1\uff0c\u78ba\u4fdd\u8cc7\u8a0a\u5b89\u5168\u7ba1\u7406\u4f5c\u696d\u4e4b\u6709\u6548\u6027\u3002<br>\u672c\u653f\u7b56\u9808\u7d93\u7ba1\u7406\u59d4\u54e1\u6703\u5be9\u67e5\u6216\u7ba1\u7406\u4ee3\u8868\u6838\u51c6\uff0c\u65bc\u516c\u544a\u65e5\u65bd\u884c\uff0c\u4e26\u4ee5\u66f8\u9762\u3001\u96fb\u5b50\u6216\u5176\u4ed6\u65b9\u5f0f\u901a\u77e5\u6240\u6709\u540c\u4ec1\u53ca\u5408\u4f5c\u5ee0\u5546\u6216\u55ae\u4f4d\u9075\u5b88\uff0c\u4fee\u6b63\u6642\u4ea6\u540c\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Information Security Policy 1. Policy PurposeThe Academ [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-1647","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/www.twgrid.org\/wordpress\/index.php\/wp-json\/wp\/v2\/pages\/1647","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.twgrid.org\/wordpress\/index.php\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.twgrid.org\/wordpress\/index.php\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.twgrid.org\/wordpress\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.twgrid.org\/wordpress\/index.php\/wp-json\/wp\/v2\/comments?post=1647"}],"version-history":[{"count":20,"href":"https:\/\/www.twgrid.org\/wordpress\/index.php\/wp-json\/wp\/v2\/pages\/1647\/revisions"}],"predecessor-version":[{"id":1729,"href":"https:\/\/www.twgrid.org\/wordpress\/index.php\/wp-json\/wp\/v2\/pages\/1647\/revisions\/1729"}],"wp:attachment":[{"href":"https:\/\/www.twgrid.org\/wordpress\/index.php\/wp-json\/wp\/v2\/media?parent=1647"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}