Journal of Information Security Reserach ›› 2021, Vol. 7 ›› Issue (10): 954-.

Previous Articles     Next Articles

Practice and Exploration on the Construction of E-Government Data Security Situation Awareness Platform

  

  • Online:2021-10-09 Published:2021-10-09

电子政务数据安全态势感知平台建设实践探索

范絮妍 吴小倩 冯立胜 王欣   

  1. (全国海关信息中心网络与信息安全处总工办  北京  100005)
  • 通讯作者: 范絮妍
  • 作者简介:范絮妍 硕士,高级工程师. 主要研究方向为网络与信息安全、信息系统审计、信息保密. fanxuyan@mail.customs.gov.cn 吴小倩 硕士,高级工程师. 主要研究方向为网络与信息安全、信息系统审计. wuxq@mail.customs.gov.cn 冯立胜 总工程师. 主要研究方向为信息系统架构设计、安全运维. fenglisheng@customs.gov.cn 王欣 资深主任信息安全工程师. 主要研究方向为网络与信息安全 e_wx@sohu.com

Abstract: As our country vigorously promotes the cultivation of data element market, data value increasingly prominent, the damage from the data breach is growing, Data Security Law of the people's Republic of China  had been issued, which claims to complement Data security governance system, and strengthen data sharing and security measures. At this rate of development, some e-government operators begin to plan and design the data security technology protection system which covers the whole life cycle and takes the data security situation awareness platform as the core. This paper analyzes the data security risk and demand of e-government system, based on the research on the model of data security management capability building at home and abroad, try to design and construction of data security situational awareness platform, which provides a basis for e-government operators to gradually realize the business objectives of visible, clear, manageable, strong audit and traceability of data assets.

Key words: E-government , data security, full life cycle, situational awareness, risk monitoring

摘要: 随着国家大力推进数据要素市场培育,数据价值日益凸显,数据泄露造成的危害日益加剧,国家出台数据安全法,提出健全数据安全治理体系,加强数据开放共享和安全保障措施.在这种发展态势下,一些电子政务运营单位着手规划设计覆盖全生存周期、以数据安全态势感知平台为核心的数据安全技术防护体系.本文通过对电子政务系统数据安全风险及需求分析,在对国内外数据安全管理能力建设模型研究基础上,探索数据安全态势感知平台设计及建设实践,为促使电子政务运营者逐步实现数据资产看得见、说得清、管得住、强审计、能追溯的业务目标提供了依据.

关键词: 电子政务, 数据安全, 全生存周期, 态势感知, 风险监控