烟草行业数据安全管理平台的研究
摘要
本文通过梳理和分析全行业数据资产,对数据敏感分类分级,结合国内相关安全标准及法规,制定相应的管理体系。通过对数据泄露原因、途径的深入分析,研究规避泄露技术措施,建设数据安全管理平台,通过平台下发安全防护策略,确保数据的安全使用,为保证烟草行业业务的长期稳定和发展提供有力保障。
引文
[1]姜鑫.科学数据开放政策研究现状分析及未来研究动向评判[J].现代情报,2016.
[2]宋筱璇,王延飞,钟灿涛.数据安全管理系统的构建[J]情报理论与实践,2016.
[3]陈兴跃,刘晓滔.数字时代的数据资产安全管理[J].互联网经济,2017.
[4]王挺,单慧敏.数据安全管理工作现状及应对措施[J].金融科技时代,2017.
[5]陈驰,马红霞,赵延帅.基于分类分级的数据资产安全管控平台设计与实现[J].计算机应用.2016.
[6]WENG J,DENG R H,DING X H,et al.Conditional proxy re-encryption secure against chosen-ciphertext attack[C]//The 4th International Symposium on Information,Computer,and Communications Security(ASIACCS).c2009.322-332.
[7]FANG L M,SUSILO W,GE C P,et al.Chosen-ciphertext secure anonymous conditional proxy re-encryption with keyword search[J].Theoretical Computer Science,2012,462(1):39-58.
[8]FANG L M,WANG J D,GE C P,et al.Fuzzy conditional proxy re-encryption[J].Science China Information Sciences,201556(5):1-13.
[9]LAN C H,WANG C F.A new conditional proxy reencryption scheme based on secret sharing[J].Chinese Journal of Computers,2013,36(4):895-902.
[10]ATENIESE G,BURNS R,CURTMOLA R,et al.Provable data possession at untrusted stores[C]//The 14th ACMConference on Computer and Communications Security(CCS)c2007:598-609.
[11]WANG C,WANG Q,REN,K,et al.Privacy-preser ving public auditing for data storage security in cloud comp-uting[C]//The 29th IEEE Infocom.c2010:1-9.
[12]ZHU Y,WANG H,HU Z,et al.Dynamic audit services for integrity verification of outsourced storages in clouds[C]//The2011 ACM Symposium on Applied Computing(SAC).c2011:1550-1557.
[13]YANG K,JIA X.An efficient and secure dynamic a uditing protocol for data storage in cloud computing[J].IEE-E Transactions on Parallel and Distributed Systems,2013,24(9):1717-1726.
[14]YANG K,JIA X.An efficient and secure dynamic auditing protocol for data storage in cloud computing[J].IEE-E Transactions on Parallel and Distributed Systems,2013,24(9):1717-1726.
[15]DODIS Y,VADHAN S,WICHS D.Proofs of retrievability via hardness amplification[C]//The 6th Theory of Cryptography Conference(TCC).c2009:109-127.
[16]SANDHU R S,COYNE E J,FEINSTEIN H L,et al Role-based access control models[J].Ansi Incits,2009,4(3):554-563.
[17]ZHANG Y J,FENG D G.A role-based access control model based on space,time and scale[J].Journal of Computer Research and Development,2010,47(7):1252-1260.
[18]YANG K,JIA X H.Attribute-based access control formulti-authority systems in cloud storage[C]//The 32nd International Conference on Distributed Computing Systems.c2012:536-545.
[2]宋筱璇,王延飞,钟灿涛.数据安全管理系统的构建[J]情报理论与实践,2016.
[3]陈兴跃,刘晓滔.数字时代的数据资产安全管理[J].互联网经济,2017.
[4]王挺,单慧敏.数据安全管理工作现状及应对措施[J].金融科技时代,2017.
[5]陈驰,马红霞,赵延帅.基于分类分级的数据资产安全管控平台设计与实现[J].计算机应用.2016.
[6]WENG J,DENG R H,DING X H,et al.Conditional proxy re-encryption secure against chosen-ciphertext attack[C]//The 4th International Symposium on Information,Computer,and Communications Security(ASIACCS).c2009.322-332.
[7]FANG L M,SUSILO W,GE C P,et al.Chosen-ciphertext secure anonymous conditional proxy re-encryption with keyword search[J].Theoretical Computer Science,2012,462(1):39-58.
[8]FANG L M,WANG J D,GE C P,et al.Fuzzy conditional proxy re-encryption[J].Science China Information Sciences,201556(5):1-13.
[9]LAN C H,WANG C F.A new conditional proxy reencryption scheme based on secret sharing[J].Chinese Journal of Computers,2013,36(4):895-902.
[10]ATENIESE G,BURNS R,CURTMOLA R,et al.Provable data possession at untrusted stores[C]//The 14th ACMConference on Computer and Communications Security(CCS)c2007:598-609.
[11]WANG C,WANG Q,REN,K,et al.Privacy-preser ving public auditing for data storage security in cloud comp-uting[C]//The 29th IEEE Infocom.c2010:1-9.
[12]ZHU Y,WANG H,HU Z,et al.Dynamic audit services for integrity verification of outsourced storages in clouds[C]//The2011 ACM Symposium on Applied Computing(SAC).c2011:1550-1557.
[13]YANG K,JIA X.An efficient and secure dynamic a uditing protocol for data storage in cloud computing[J].IEE-E Transactions on Parallel and Distributed Systems,2013,24(9):1717-1726.
[14]YANG K,JIA X.An efficient and secure dynamic auditing protocol for data storage in cloud computing[J].IEE-E Transactions on Parallel and Distributed Systems,2013,24(9):1717-1726.
[15]DODIS Y,VADHAN S,WICHS D.Proofs of retrievability via hardness amplification[C]//The 6th Theory of Cryptography Conference(TCC).c2009:109-127.
[16]SANDHU R S,COYNE E J,FEINSTEIN H L,et al Role-based access control models[J].Ansi Incits,2009,4(3):554-563.
[17]ZHANG Y J,FENG D G.A role-based access control model based on space,time and scale[J].Journal of Computer Research and Development,2010,47(7):1252-1260.
[18]YANG K,JIA X H.Attribute-based access control formulti-authority systems in cloud storage[C]//The 32nd International Conference on Distributed Computing Systems.c2012:536-545.