摘要
大数据的发展及广泛应用加大了信息化系统及数据的脆弱性,信息安全风险向系统化、复杂化方向发展。在搜集、整理国内外相关研究成果基础上,系统辨识数据采集、数据传输、数据存储、数据分析4个大数据核心环节的信息安全风险,围绕"风险辨识、脆弱性降低、风险沟通、强化风险管理"的风险治理流程,以防范与化解信息安全风险为目标,提出大数据发展的信息安全防御策略。研究结果表明:大数据全生命周期是信息安全风险辨识的起点,强化大数据发展的信息安全风险防御,需要在风险辨识基础上,积极推进预防准备、风险沟通、信息安全事件处置及恢复总结。
The development and extensive application of big data have increased the vulnerability of information systems and data,and the risk of information security has developed towards the systematic and complex direction. In collecting and sorting out the domestic and foreign related research literature on the basis of system identification,data acquisition,data transmission,data storage and information security risk analysis of four core data link,focus on risk identification,risk reduction,fragile process management,strengthen risk communication risk management,information security and defense strategy to prevent and resolve information security risks are put forward for the purpose of the development of big data. The results show that the data lifecycle is the starting point of the information security risk identification,information security risk defense strengthen the development of big data,based on risk identification,risk prevention,to actively promote the communication of information security incidents,disposal and recovery summary.
作者
牟明福
苏正泉
MU Mingfu SU Zhengquan(CPC Guizhou provincial Party School, Guiyang Guizhou 550025, China National School of Administration, Beijing 100059, China)
出处
《中国安全生产科学技术》
CAS
CSCD
北大核心
2017年第9期66-71,共6页
Journal of Safety Science and Technology
关键词
大数据
信息安全
风险防御
Big data
information security
risk defense
