摘要
随着国家对数据安全的重视不断提升,政务数据作为新时代数字政府的核心资产,不仅会涉及公民个人信息数据,还会涉及政府机构相关的敏感信息等重要数据,因此,政务数据的安全防护保障能力不容忽视.目前国内针对政务数据安全方面的防护机制与研究相对欠缺.从法律法规政策、复杂的业务场景以及新型技术3个层面给政务数据带来的风险进行剖析,结合政务数据的安全管理、安全技术和安全运营3大安全层面,提出符合政务数据安全需求的政务数据安全组织能力框架,为后续政务数据安全保障体系的研究提供思路.
As the country pays more and more attention to data security,government data,as the core assets of the digital government in the new era,will involve not only personal information data of citizens,but also important data such as government agencies.Therefore,the security protection and protection capabilities of government data cannot be ignored.At present,domestic protection mechanisms and research on government data security are relatively lacking.This paper analyzes the risks brought by laws,regulations and policies,complex business scenarios and new technologies to government data.Combining the three security levels of security management,security technology and security operation of government data.This paper proposes a government data security organization capability framework that meets the security requirements of government data,providing ideas for the subsequent research on government data security assurance system.
作者
余晓斌
Yu Xiaobin(Shenzhen Information Security Management Center,Shenzhen,Guangdong 518038)
出处
《信息安全研究》
2022年第11期1061-1068,共8页
Journal of Information Security Research
关键词
数据安全
政务数据
数据全生命周期
数据安全能力
运营保障
data security
government data
data life cycle
data security capabilities
operational guarantee
