摘要
以数据为中心的数字经济连续几年快速发展,占国民GDP的比重不断提高.但在发展的同时,数据安全事件频发,数据安全问题愈加突出.在已经将数据视为生产要素的大背景下,以规范数据处理活动、提高数据安全能力、建设数据健康生态为目标的数据安全治理是引导数据产业继续稳步前进的关键.《中华人民共和国数据安全法》的推行可以为数据安全治理提供方向,但还需要相应的技术来配合数据安全治理的落地.数据安全治理的技术研究,需要从数据安全的基本概念出发,围绕用于数据安全治理的数据生命周期,研究数据生命周期各个阶段的适用技术.此外,也需要根据数据安全治理的主要理念,如隐私保护或数据权属,进行数据安全治理的技术路线研究,形成推进数据安全治理的相应思路.
The data-centric digital economy has developed rapidly in recent years,and its proportion in GDP continuously increases.However,data security incidents occur frequently behind the development,and data security issues have attracted much attention.Under the background that data is regarded as a factor of production,data security governance with the goals of standardizing data processing activities,improving data security capabilities,and building a healthy data ecology is the key to make the data industry continue to develop.Though the"Data Security Law of the People’s Republic of China"provides direction for data security governance,the implementation of data security governance also requires corresponding technologies.In this paper,we introduce the basic concepts of data security,propose the data life cycle for data security governance,and study the applicable technologies at each stage of the data life cycle.After that,under the guidance of privacy protection and data ownership,we respectively introduce two technical routes of data security governance.Finally,we propose the ideas of data security governance.
作者
吴振豪
高健博
李青山
陈钟
Wu Zhenhao;Gao Jianbo;Li Qingshan;Chen Zhong(Key Laboratory of High Confidence Software Technologies(Peking University),Ministry of Education,Beijing 100871;Department of Computer Science and Technology,School of Electronics Engineering and Computer Science,Peking University,Beijing 100871)
出处
《信息安全研究》
2021年第10期907-914,共8页
Journal of Information Security Research
关键词
数据安全治理
数据生命周期
数据安全技术
隐私保护
数据权属
data security governance
data life cycle
data security technologies
privacy protection
data ownership