| 引用本文: |
-
张霄,张宏涛,郭毅,张连成,郝顺龙,李旭青.面向数据生命周期的安全技术研究[J].信息安全学报,已采用 [点击复制]
- zhangxiao,zhanghongtao,guoyi,zhangliancheng,haoshunlong,lixuqing.Research on security technology for data life cycle[J].Journal of Cyber Security,Accept [点击复制]
|
|
| 摘要: |
| 随着数字经济的迅速发展,数据已成为推动社会进步和经济增长的关键生产要素。然而,数据在日常使用和管理过程中面临着数据泄露、滥用、篡改等诸多安全风险和威胁,这些问题的日益突出使数据安全成为当下备受关注的热点话题。近年来,大量研究工作围绕保障数据的机密性、完整性与可用性展开,致力于解决数据全生命周期内的安全挑战,为数字化社会的发展保驾护航。本文首先从数据安全需求出发,结合微软公司提出的STRIDE安全威胁模型,构建了数据安全风险分层模型,对数据生命周期中获取与收集、存储与处理、传输与共享以及销毁与归档四个关键阶段所面临的安全风险进行了系统地梳理与分析。然后,基于数据安全风险分层模型,针对数据全生命周期内不同阶段所面临的主要安全风险及其影响,系统阐述和分析了近些年数据安全研究的主要内容、思路方法、关键技术和研究成果,其中涵盖了数据业务流程和生命周期中涉及到的主要安全机制,包括数据加密、访问控制、数据完整性校验以及区块链技术等。最后,本文通过对现有研究工作和成果的局限性进行了深入分析,指出了数据安全技术亟待解决的关键问题,并对该领域未来的发展方向进行了前瞻性的展望,以期为后续研究提供有价值的参考。 |
| 关键词: 数字经济 数据安全 威胁模型 生命周期 安全风险 |
| DOI: |
| 投稿时间:2024-08-20修订日期:2024-11-25 |
| 基金项目:河南省重点研发与推广专项(科技攻关)项目(NO.232102210135) |
|
| Research on security technology for data life cycle |
|
zhangxiao1, zhanghongtao1, guoyi2, zhangliancheng2, haoshunlong1, lixuqing1
|
| (1.Zhengzhou University;2.PLA Strategic Support Force Information Engineering University) |
| Abstract: |
| With the rapid development of the digital economy, data has become a crucial production factor in promoting social progress and economic growth. However, during the daily use and management of data, numerous security risks and threats such as data leakage, misuse, and tampering are encountered. The growing prominence of these issues has made data security a highly topical subject of concern at present. In recent years, a substantial amount of research work has been carried out centering on ensuring the confidentiality, integrity, and availability of data, with the aim of addressing the security challenges throughout the entire data lifecycle and safeguarding the development of the digital society. This paper initially sets out from the requirements of data security and, in combination with the STRIDE security threat model proposed by Microsoft Corporation, constructs a hierarchical data security risk mod-el. It systematically sorts out and analyzes the security risks faced in the four key stages of the data lifecycle, namely acquisition and collection, storage and processing, transmission and sharing, as well as destruction and ar-chiving. Subsequently, based on the hierarchical data security risk model, in light of the major security risks and their impacts faced at different stages within the entire data lifecycle, this paper systematically elaborates and ana-lyzes the main contents, thinking approaches, key technologies, and research achievements of data security re-search in recent years. This encompasses the major security mechanisms involved in the data business processes and lifecycle, including data encryption, access control, data integrity verification, and blockchain technology, among others. Finally, through an in-depth analysis of the limitations of the existing research work and achieve-ments, this paper points out the key issues that urgently need to be addressed in data security technologies and pro-vides a forward-looking outlook on the future development directions in this field, with the expectation of offering valuable references for subsequent research. |
| Key words: digital economy data security threat model life cycle security risk |
