基于电力数据中台的行为审计工具建设

Construction of Behavioral Audit Tool Based on Power Data Platform

目前电力数据中台围绕数据的安全使用,启用了数据库相关的审计功能,但是仍缺乏有效技术手段对应用层及数据使用者的风险行为进行自动化监测。为提升数据安全保障能力,本文提出建设数据中台行为审计工具,有效保障电力系统数据规范、数据安全;通过智能化手段能够实现电力系统数据异常访问行为分析和数据安全风险管控,自动识别数据异常访问、异常用户行为及数据安全风险隐患,辅助数据安全防护工作,防范因电力系统数据异常操作或内部泄漏造成的数据安全事件,实现数据安全风险可查、可控、可预警;对电力系统行为人的数据使用行为进行分析与画像,识别用户操作行为,对用户行为进行审计;实现电力数据流转动态监测、数据安全风险源头定位;通过电力数据安全风险实时监测、溯源核查、态势感知、精准定位、快速响应,全面提升电力数据安全事件的事前、事中、事后的技术管理水平。

At present,the power data center only focuses on the safe use of data and has enabled database related audit functions.However,there is still a lack of effective technical means to automatically monitor the risk behavior of the application layer and data users.In order to improve data security capabilities,this article proposes to build a data center behavior audit tool to effectively ensure the standardization and security of power system data.Being able to analyze abnormal data access behavior and control data security risks in the power system through intelligent means,automatically identify abnormal data access,abnormal user behavior,and potential data security risks,assist in data security protection work,prevent data security incidents caused by abnormal data operations or internal leaks in the power system,and achieve data security risks that can be detected,controlled,and warned.Analyze and profile the data usage behavior of power system actors,identify user operation behavior,and audit user behavior.Realize dynamic monitoring of power data flow and identify the source of data security risks.Through real-time monitoring,traceability verification,situational awareness,precise positioning,and rapid response of power data security risks,we comprehensively improve the technical management level of power data security events before,during,and after.