数据共享安全框架研究
|
摘要
随着大数据技术和应用的快速发展,促进跨部门、跨行业数据共享的需求已经非常迫切.但是,安全问题是影响数据共享发展的关键问题,世界各国对数据共享的安全越来越关注,包括美国、欧盟和中国在内的很多国家都在制定数据安全相关的法律法规来推动数据共享的合法利用和安全保护.总结分析了国内外数据共享安全管控情况,对数据共享模型和相关方角色进行设计,在分析数据共享存在的安全风险和问题的基础上,提出数据共享安全框架,最后给出加强数据共享安全治理的建议.
With the rapid development of big data technologies and applications,the need to promote data sharing across departments and industries has become very urgent. However,the impact of security issues is a key issue in the development of data sharing. Countries around the world are paying more and more attention to the security of data sharing. Many countries,including the United States, the European Union and China, have formulated laws and regulations related to data security to promote the legal use and security protection of data sharing. This paper summarizes and analyzes the security management and control of data sharing at home and abroad,designs the data sharing model and related party roles, and proposes a data sharing security framework based on analyzing the security risks and problems of data sharing. Finally, suggestions for strengthening the security governance of data sharing are given.
With the rapid development of big data technologies and applications,the need to promote data sharing across departments and industries has become very urgent. However,the impact of security issues is a key issue in the development of data sharing. Countries around the world are paying more and more attention to the security of data sharing. Many countries,including the United States, the European Union and China, have formulated laws and regulations related to data security to promote the legal use and security protection of data sharing. This paper summarizes and analyzes the security management and control of data sharing at home and abroad,designs the data sharing model and related party roles, and proposes a data sharing security framework based on analyzing the security risks and problems of data sharing. Finally, suggestions for strengthening the security governance of data sharing are given.
引文
[1]张静,曾剑秋.国有企业大数据演进的路径、问题与对策[J].华北电力大学学报:社会科学版,2017(6):62-67
[2]冯坚坚,刘晓春.对“数据共享合法化”的分析与思考系列之一:以《关于欧洲企业间数据共享的研究》为起点[EB/OL].(2018-05-26)[2018-10-12]. http://www. shua999.com/bbs/portal.php?mod=view&aid=3091
[3]国家金融IC卡安全监测中心信息安全实验室等.《一般数据保护法(GDPR)》全文译文[EB/OL].(2018-03-30)[2018-10-12]. http://www.docin.com/p-2122346249.html
[4]黄如花,陈闯.美国政府数据开放共享的合作模式[J].图书情报工作,2016, 60(19):6-14
[5]上海市经济和信息化委员会.全球五大顶级大数据交易平台[EB/OL].(2016-04-05)[2018-10-12]. http://www.sheitc.gov.cn/jjyw/669713. htm
[6]邵培基,陈瑶.美国的信息自由法案及启示[EB/OL].(2016-06-11)[2018-10-12]. https://www. docin. com/p-1633919957.html
[7]白海将,田华伟,李俊蕙.美国联邦调查局反恐情报共享机制分析及启示[J].情报杂志,2015, 34(4):8-12
[8]洪延青.美国快速通过Cloud法案清晰明确数据主权战略[EB/OL].(2018-05-03)[2018-10-12]. http://www.globalview.cn/html/societies/info_24334.html
[9]蒋晓芹.学生隐私权与公共安全和健康之间的平衡——解读美国《家庭教育权利和隐私法案》的修改[J].同济教育研究,2012(1):29-33
[10]罗洁,孔令杰.美国信息隐私法的发展历程[J].湖北社会科学,2008(12):154-157
[11]刘熠炯.2015年日本个人信息保护法修正案解读[EB/OL].(2016-12-14)[2018-10-12]. http://www. zhengxinb ao. com/4031. html
[12]全国信息安全标准化技术委员会大数据安全标准特别工作组.大数据安全标准化白皮书(2018版).[EB/OL].(2018-04-16)[2018-10-12]. http://www. cesi. cn/201804/3789.html
[13]于洋.一文读懂大数据及大数据产业[J].中国机电工业,2016(11):75-79
[14]唐斯斯,刘叶婷.我国大数据交易的发展现状、面临困难及政策建议[EB/OL].(2018-05-04)[2018-10-12]. http://www.sic.gov.cn/News/574/9195.htm
[15]中国信息通信研究院.大数据白皮书(2018年)[EB/OL].(2018-04-17)[2018-10-12]. http://www. caict. ac. cn/kxyj/qwfb/bps/201804/t20180426_158555.htm
[16]吕欣,韩晓露,毕钰,等.大数据安全保障框架与评价体系研究[J].信息安全研究,2016, 2(10):913-919
[2]冯坚坚,刘晓春.对“数据共享合法化”的分析与思考系列之一:以《关于欧洲企业间数据共享的研究》为起点[EB/OL].(2018-05-26)[2018-10-12]. http://www. shua999.com/bbs/portal.php?mod=view&aid=3091
[3]国家金融IC卡安全监测中心信息安全实验室等.《一般数据保护法(GDPR)》全文译文[EB/OL].(2018-03-30)[2018-10-12]. http://www.docin.com/p-2122346249.html
[4]黄如花,陈闯.美国政府数据开放共享的合作模式[J].图书情报工作,2016, 60(19):6-14
[5]上海市经济和信息化委员会.全球五大顶级大数据交易平台[EB/OL].(2016-04-05)[2018-10-12]. http://www.sheitc.gov.cn/jjyw/669713. htm
[6]邵培基,陈瑶.美国的信息自由法案及启示[EB/OL].(2016-06-11)[2018-10-12]. https://www. docin. com/p-1633919957.html
[7]白海将,田华伟,李俊蕙.美国联邦调查局反恐情报共享机制分析及启示[J].情报杂志,2015, 34(4):8-12
[8]洪延青.美国快速通过Cloud法案清晰明确数据主权战略[EB/OL].(2018-05-03)[2018-10-12]. http://www.globalview.cn/html/societies/info_24334.html
[9]蒋晓芹.学生隐私权与公共安全和健康之间的平衡——解读美国《家庭教育权利和隐私法案》的修改[J].同济教育研究,2012(1):29-33
[10]罗洁,孔令杰.美国信息隐私法的发展历程[J].湖北社会科学,2008(12):154-157
[11]刘熠炯.2015年日本个人信息保护法修正案解读[EB/OL].(2016-12-14)[2018-10-12]. http://www. zhengxinb ao. com/4031. html
[12]全国信息安全标准化技术委员会大数据安全标准特别工作组.大数据安全标准化白皮书(2018版).[EB/OL].(2018-04-16)[2018-10-12]. http://www. cesi. cn/201804/3789.html
[13]于洋.一文读懂大数据及大数据产业[J].中国机电工业,2016(11):75-79
[14]唐斯斯,刘叶婷.我国大数据交易的发展现状、面临困难及政策建议[EB/OL].(2018-05-04)[2018-10-12]. http://www.sic.gov.cn/News/574/9195.htm
[15]中国信息通信研究院.大数据白皮书(2018年)[EB/OL].(2018-04-17)[2018-10-12]. http://www. caict. ac. cn/kxyj/qwfb/bps/201804/t20180426_158555.htm
[16]吕欣,韩晓露,毕钰,等.大数据安全保障框架与评价体系研究[J].信息安全研究,2016, 2(10):913-919