摘要
由于业务需要,如开发新的系统或升级业务模块时,软件产商需要业务部门提供真实业务数据做测试。敏感信息脱离单位的运行环境进入第三方存在非常大的泄露风险。根据数据脱敏全生命周期过程的管理思想,在提供给第三方含有敏感信息的数据之前需要进行脱敏处理。本文基于python+flask+mysql设计和实现了隐私信息管理系统。通过建立单位信息系统隐私信息台账、数据交换以及输出的数据脱敏方案的审核评估机制,可有效降低隐私信息泄露风险。
Due to business needs,such as developing new systems or upgrading business modules,software manufacturers need business departments to provide real business data for testing.There is a great risk of leakage of sensitive information out of the operating environment of the unit and entering the third party.According to the management idea of the whole life cycle process of data desensitization,desensitization is needed before providing the data with sensitive information to the third party.A privacy information management system based on python+flask+mysql was designed and implemented in this paper.The risk of privacy information disclosure can be effectively reduced by establishing the privacy information account of the unit information system as well as the audit and evaluation mechanism of data desensitization scheme for data exchange and output.
作者
柳小文
雷军程
刘雪婷
LIU Xiaowen;LEI Juncheng;LIU Xueting(School of Information Engineering,Shaoyang University,Shaoyang 422000,China;School of Political Science and Law,Shaoyang University,Shaoyang 422000,China)
出处
《邵阳学院学报(自然科学版)》
2020年第6期54-58,共5页
Journal of Shaoyang University:Natural Science Edition
基金
湖南省教育厅科研项目(18C0802)
邵阳市科技局计划项目(2019GZ55)
湖南省社会科学成果评审委员会项目(XSP19YBC088)
湖南省教育科学“十三五”规划项目(XJK19CGD048)。
