信息安全研究 ›› 2021, Vol. 7 ›› Issue (10): 941-.

• • 上一篇    下一篇

关于构建数据安全生态圈的研究与实践

曾令平1,2  杨浩淼3   李凯1   

  1. 1)( 成都神州绿盟科技有限公司, 成都 610213) 
    2)( 北京神州绿盟科技有限公司, 北京 100089)
    3)(电子科技大学, 成都 611731)

  • 出版日期:2021-10-09 发布日期:2021-10-09
  • 通讯作者: 曾令平
  • 作者简介:曾令平 主要研究方向为国内外信息安全标准、合规指引、数据安全和个人信息保护. 563758792@qq.com 杨浩淼 博士,教授,主要研究方向为数据安全、隐私保护. haomyang@uestc.edu.cn 李凯 硕士.主要研究方向为SASE技术架构、零信任架构、抗DDoS攻击技术. kyle_lee@126.com

Research and Practice on the Construction of Data Security Ecosystem

  • Online:2021-10-09 Published:2021-10-09

摘要: 2021年3月,《中华人民共和国国民经济和社会发展第十四个五年规划和2035年远景目标纲要》正式发布,其中提到“坚持放管并重,促进发展与规范管理相统一,构建数字规则体系,营造开放、健康、安全的数字生态”。“数字生态”的提出为构建数据安全生态圈的研究和实践提供了有力支撑,在国家数据安全战略的指导下,正逐渐形成全社会共同参与、共同维护数据安全和促进发展的良好环境。本次研究提出数据安全生态圈的整体框架包括一个中心、二个循环、三个体系、五个关键和八大路线。以数字生态为建设目标,从组织如何落实数据安全治理与建设要求的角度出发,确定数据安全生态圈的具体内容以及各个指标,最终形成数据安全各层级的落地执行路径。

关键词: 数据安全, 生态圈, 个人信息保护, 数据安全合规, 数据安全治理, 数据安全考核指标

Abstract: In March 2021, “the 14th five year plan for national economic and social development of the People's Republic of China and the outline of long-term objectives for 2035”were officially released, which mentioned that“we should pay equal attention to open and control, promote the unity of development and standardized management, build a digital rule system, and create an open, healthy and safe digital ecology”. The proposal of“digital ecology”provides strong support for the research and practice of building a data security ecosystem. Under the guidance of the national data security strategy, a good environment that the whole society participates, maintains data security and promotes development is gradually formed. This study proposes the overall framework of the data security ecosystem, including one center, two cycles, three systems, five keys and eight routes. Taking the digital ecology as the construction goal, the specific contents and indicators of the data security ecosystem are determined from the perspective of how to implement the data security governance and construction requirements. Finally, a landing execution path at all levels of data security is formed.

Key words: data security, ecosystem, personal information protection, data security compliance, data security governance, data security KPI