摘要
敏感信息是介于公开信息和秘密信息之间的一类具有情报价值的信息,广泛分布在涉及政务、商务、科学研究和公民个人等领域中。文章介绍了美国受控非密信息、欧盟敏感非密信息和英国公务信息的概念和范围,在此基础上提出了敏感信息的定义。梳理了英国敏感信息管理相关政策文件,论述了英国对信息资产的分类,敏感信息管理的法律框架,敏感信息处理原则、标识和安全保护措施。构建了“管理+技术+人员”三管齐下的敏感信息管理模式,建议要统一界定和标识敏感信息,推动敏感信息管理制度建设,完善敏感信息安全保护的技术手段,培养情报观念和提高风险意识。
Sensitive information is the type of information between public information and secrets,which has intelligence value.It is widely exist in government affairs,business activities,scientific research and personal information areas.This paper studies the definition and scope of controlled unclassified information in US,sensitive non-classified information in EU,and official information in UK,to define sensitive information.This paper further studies UK official information related policies,analysing the classification of information asset,official information management policy framework,the principles of handling official information,the marking of official information and protection mechanism for official information.This paper then creates a new ternary sensitive information management model focusing on management,technology and staff.The new model recommends to have a uniformed approach to identify and mark sensitive information,promote the construction of sensitive information management policy system,continuously perfect protective technologies for sensitive information and strengthen staff awareness of intelligence and risk.
出处
《情报理论与实践》
CSSCI
北大核心
2021年第7期184-190,共7页
Information Studies:Theory & Application
基金
中央高校基本科研业务费项目“高校保密管理体制机制研究——基于军工武器装备科研生产单位保密资格标准”的研究成果,项目编号:328202008。
关键词
敏感信息
英国
公务信息
信息管理
信息安全
sensitive information
UK
official information
information management
information security
