摘要
[目的/意义]云服务在图书馆的应用可有效提升图书馆的数据存储与计算能力,但也为图书馆带来众多信息资源安全问题,而云计算服务协议的不规范性更加剧了图书馆面临的信息安全风险。[方法/过程]选取8家云服务代表运营商的服务协议作为样本,聚焦云服务协议中有关信息安全的条款,从数据收集、数据存储、数据传输、数据访问和服务安全等5个方面深入分析当前云服务协议条款中存在的信息安全风险。[结果/结论]图书馆应用云服务可能面临的信息安全风险包括:云服务协议内容缺失,用户信息安全难以得到确切保护;云服务协议表述模糊,尚未建立健全的安全保障机制;云服务协议的制定更有利于云提供商,用户权利易受侵犯。在此环境下,图书馆应当进一步明确图书馆用户数据的所有权,强调图书馆信息资源的安全性。
[Purpose/significance]The application of cloud service in the library can effectively improve the data storage and computing capacity of the library,but it also brings a lot of information resource security problems,and the non-standard cloud computing service agreement aggravates the information security risks faced by the library.[Method/process]This paper focused on the information security clauses in the cloud service agreement,selected 8 cloud services on behalf of the operator's service agreement as a sample,and analyzed the information security risks that exist in the current cloud service agreement terms in depth from data collection,data storage,data transmission,data access and service security.[Result/conclusion]The information security risks that library application cloud services may face include:the lack of cloud service agreement content,the difficulty of obtaining accurate protection of user information security;the vague description of cloud service agreement,the establishment of a sound security guarantee mechanism;the formulation of cloud service agreement are more conducive to cloud providers,so user rights are vulnerable.In this environment,the library should further clarify the ownership of library user data and emphasize the security of library information resources.
作者
黄国彬
郑霞
王婷
Huang Guobin;Zheng Xia;Wang Ting(School of Government,Beijing Normal University,Beijing 100875;Capital Medical University Library,Beijing 100069)
出处
《图书情报工作》
CSSCI
北大核心
2020年第12期38-48,共11页
Library and Information Service
关键词
云服务
服务协议
信息安全
cloud service
service agreement
information security risk
