客户隐私数据流转安全管理系统

Customer Privacy Data Lifecycle Security Management System

企业通过应用系统对公众提供业务的同时也收集到了个人隐私数据.这些个人隐私数据在与企业生产数据关联后,成为具有更高附加值的客户隐私数据.客户隐私数据面临诸多的安全威胁,在产生、传输、处理、存储、使用、销毁过程中涉及多个应用系统和多个网络边界,同时由于应用系统的不断扩建,与外部系统数据交换的接口不断增加,造成客户隐私数据分布在网络中的各个节点,无法进行统一管理和集中化安全保障,从客户隐私数据在网络流转过程的角度进行分析和设计,建立1个客户隐私数据流转安全管理系统,用于保护客户的隐私数据.该系统使用了深度包检测技术、文档加解密技术、数据脱密技术和异常行为检测技术,为结构化数据和非结构化数据在全生命周期过程中提供了安全技术保障.

Enterprises provide services to the public through web application systems,and theycollect personal privacydata at the same time. Associatedwithenterprises’productiondata,such personal privacy da t a has become higher value-added cus t omer privacy da ta. Mu lti pie applications and network boundaries are involved during the process of data creation,data transtorage, data usage and data destruction. Customers privacy data is faced with a lot of securitythreats. In the meantime？ due to continuous expansions of application systems and external system data exchange interface, customer privacy data is distributed in various nodes of the network,which makes the data hard to manage under unified management and centralized security. This paper analyzes the life cycle of customer privacy data,clarifies the distribution and security status of customer privacy data in the network,and establishes a customer privacy data lifecycle securitymanagement system for security protection. The system use DPI technology,document encryption and decryption technology, data desensitization technology and abnormal behavior detection technology and it provides security technical support for both structured data and unstructured data in the whole life cycle process.