县域数据安全治理体系建设与挑战
网络安全与数据治理
吕秋云1,2 ,娄肖琦1,任一支1,赵程遥3,张纪林4
1.杭州电子科技大学网络空间安全学院; 2.杭州电子科技大学平湖数字技术创新研究院有限公司; 3.浙江省大数据发展中心; 4.浙江省数据局
摘要: 县域数据逐渐成为地方治理和社会发展中不可或缺的要素。近年来,全国各县级政府积极建设数据管理平台并探索数据安全治理模式,但是,当前县域数据安全工作仍然面临合规性和新技术带来的挑战,无法满足县域信息系统的安全发展需求。对此,为确保县域数据安全,推动数据资源的有序开发利用,构建了面向数据全生命周期安全处理的县域数据安全治理体系,包括数据安全管理制度规范、数据安全技术防护、数据安全运营管理三大子体系。然而,数据安全治理过程是动态的,在当前数据要素化转型的背景下,县域数据安全治理能力亟需进一步提升。因此,为帮助县级政府更好地应对未来数据安全风险,在基于数据要素化本质特征的基础上,分析了数据分类分级自动化及精准化亟待解决的问题、数据安全治理过程中面临的数据流动管控及追踪溯源难以及用户行为异常检测误报率高的挑战,以期为县域构建更完善的数据安全治理体系提供参考。
中图分类号:TP309.2文献标识码:ADOI:10.19358/j.issn.2097-1788.2024.08.014
引用格式:吕秋云,娄肖琦,任一支,等.县域数据安全治理体系建设与挑战[J].网络安全与数据治理,2024,43(8):82-90.
引用格式:吕秋云,娄肖琦,任一支,等.县域数据安全治理体系建设与挑战[J].网络安全与数据治理,2024,43(8):82-90.
County data security governance system construction and challenges
Lv Qiuyun1,2,Lou Xiaoqi1,Ren Yizhi1,Zhao Chengyao3,Zhang Jilin4
1.School of Cyberspace Security, Hangzhou Dianzi University; 2.Pinghu Digital Technology Innovation Research Institute, Hangzhou Dianzi University; 3.Zhejiang Big Data Development Center;4.Zhejiang Provincial Data Bureau
Abstract: County data has gradually become an indispensable element in local governance and social development. In recent years, county governments across the country have actively constructed data management platforms and explored data security governance models, but the current county data security work is still facing challenges posed by compliance and new technologies, and is unable to meet the security development needs of county information systems. In this regard, in order to ensure county data security and promote the orderly development and utilization of data resources, a county data security governance system has been constructed for the secure handling of the entire life cycle of data, including three major subsystems: data security management system specification, data security technology protection, and data security operation and management. However, the process of data security governance is dynamic, and in the context of the current transformation of data elementalization, the county data security governance capability needs to be further improved. Therefore, in order to help county governments better cope with future data security risks, based on the essential characteristics of data factorization, the challenges of data classification and grading automation and precision that need to be solved, the difficulty of data flow control and tracking and tracing, and the high rate of false alarms in detecting anomalies in user behaviors are analyzed with a view to providing references for the construction of a more complete data security governance system for counties.
Key words : data security;county governance;data security governance;data elements;data security capabilities
引言
(无)
本文详细内容请下载:
http://www.chinaaet.com/resource/share/2000006111
作者信息:
吕秋云1,2 ,娄肖琦1,任一支1,赵程遥3,张纪林4
(1.杭州电子科技大学网络空间安全学院,浙江杭州310018;
2.杭州电子科技大学平湖数字技术创新研究院有限公司,浙江嘉兴314299;
3.浙江省大数据发展中心,浙江杭州310007;
4.浙江省数据局,浙江杭州310007)
此内容为AET网站原创,未经授权禁止转载。