Research and Thinking on Data Classification and Grading of Important Information Systems#br#

Journal of Information Security Reserach ›› 2023, Vol. 9 ›› Issue (7): 631-.

Previous Articles Next Articles

Research and Thinking on Data Classification and Grading of Important Information Systems#br#

Online:2023-07-01 Published:2023-07-01

重要信息系统数据分类分级的研究与思考

李萌1李健2徐平洋1张荷1林琳1

1(国家药品监督管理局信息中心北京100044)
2(中国食品药品检定研究院北京102629)

通讯作者: 李萌高级工程师.主要研究方向为网络安全、信息化基础设施建设、云平台建设. brushli@163.com
作者简介:李萌高级工程师.主要研究方向为网络安全、信息化基础设施建设、云平台建设. brushli@163.com 李健硕士，正高级工程师.主要研究方向为信息化建设. lijian@nifdc.org.cn 徐平洋硕士，工程师.主要研究方向为网络安全. cpul12@sina.com 张荷工程师.主要研究方向为网络安全与运行维护管理. eldeast@sohu.com 林琳硕士，高级工程师.主要研究方向为网络安全. linlin@nmpaic.org.cn

Abstract

Abstract: With the development of information technology and networking, incidents surrounding data security are also increasing. The data as a new production factor, is particularly important to ensure the security of important data. The “Data Security Law of the People’s Republic of China” clearly stipulates that the country should establish a data classification and grading protection system to implement classification and grading protection for data. This paper will study China’s data safety management regulations and policies, analyze the the degree of impact and influening objects of data damage, propose specific data classification and grading methods, and provide security protection and governance measures under data classification and grading management based on the industry characteristics and application scenarios of government data. It will achieve the openness and sharing of the data under safety protection, and provide reference for the classification and classification protection of the data in the future.

Key words: data security, classification and grading, drug safety data, openness and sharing, protection governance

摘要： 随着信息技术和网络化发展，围绕数据安全的事件风波也在不断增多，数据作为新的生产要素，确保重要数据的安全尤为重要，《中华人民共和国数据安全法》中明确规定国家建立数据分类分级保护制度，对数据实行分类分级保护.将通过研究我国数据安全管理法规政策，分析数据遭受破坏后的影响程度、影响对象等因素，提出具体的数据分类分级方法，并根据政务数据的行业特点、应用场景等，给出数据分类分级管理下的安全防护治理措施，实现数据在安全防范下的开放性、共享性，给未来政务数据分类分级保护工作提供参考.

关键词: 数据安全, 分类分级, 政务数据, 开放共享, 防护治理

李萌, 李健, 徐平洋, 张荷, 林琳, . 重要信息系统数据分类分级的研究与思考[J]. 信息安全研究, 2023, 9(7): 631-.

References

［1］Verizon. 2021 data breach investigations report［EBOL］. (20200525) ［20220327］. https:www.verion.combusinessresourcesreportsdbir［2］IBM Security and Ponemon Institute LLC. IBM security:2021 cost of data breach study［EBOL］. (20200710) ［20220327］. https:www.ibm.comsecuritydatabreach［3］侯利阳, 贺斯迈. 如何对数据进行分类分级保护［J］. 检察风云, 2020, 28(19): 1415［4］全国人民代表大会常务委员会. 中华人民共和国网络安全法［EBOL］. (20161107)［20220327］. http:www.cac.gov.cn20161107c_1119867116_3.html［5］全国人民代表大会常务委员会. 中华人民共和国数据安全法［EBOL］. (20210610)［20220327］. http:www.npc.gov.cnnpcc308342021067c9af12f51334a73b56d7938f99a 788a.shtml［6］全国人民代表大会常务委员会. 中华人民共和国个人信息保护法［EBOL］. (20210820) ［20220327］. http:www.cac.gov.cn20210820c_1631050028355286.html［7］全国信息安全标准化技术委员会. TC260PG20212A 网络安全标准实践指南——网络数据分类分级指引［S］. 北京: 全国信息安全标准化技术委员会, 2021［8］国金融标准化技术委员会. JRT 0197—2020 金融数据安全数据安全分级指南［S］. 北京: 国金融标准化技术委员会, 2020［9］中国通信标准化协会. YDT 3813—2020 基础电信企业数据分类分级方法［S］. 北京: 中国通信标准化协会, 2020［10］钟璐潞, 卢栋. 基于数据分类分级的港口企业数据安全管理［J］. 中国港口, 2021 (10): 6264［11］何维群. 基于分类分级的个人信息保护［J］. 信息安全与通信保密, 2021 (10): 107114［12］王世晞, 张亮, 李娇娇. 大数据时代下的数据安全防护——以数据安全治理为中心［J］. 信息安全与通信保密, 2020 (2): 8288［13］高磊, 赵章界, 林野丽, 等. 基于《数据安全法》的数据分类分级方法研究［J］. 信息安全研究, 2021, 7(10): 933940

[1]	. Research and Practice on Data Security Compliance Check Technology for Operators [J]. Journal of Information Security Reserach, 2023, 9(7): 643-.
[2]	. Study on Data Transparency Technologies [J]. Journal of Information Security Reserach, 2023, 9(7): 643-.
[3]	. Exploration and Research on Security Guarantee of Data Transaction and Circulation [J]. Journal of Information Security Reserach, 2023, 9(7): 662-.
[4]	. Consideration on Some Problems in the Development of GPT4 and Its Regulation Scheme [J]. Journal of Information Security Reserach, 2023, 9(6): 510-.
[5]	. ChatGPT’s Security Threaten Research [J]. Journal of Information Security Reserach, 2023, 9(6): 533-.
[6]	. Research on the Integration of Full Lifecycle Data Security Management and Artificial Intelligence Technology#br# [J]. Journal of Information Security Reserach, 2023, 9(6): 543-.
[7]	. Research on Security Risk Response for Internet of Body Applications [J]. Journal of Information Security Reserach, 2023, 9(5): 433-.
[8]	. Preliminary Study on Data Security Protection Scheme of Civil Aviation A-CDM System [J]. Journal of Information Security Reserach, 2023, 9(5): 482-.
[9]	. A Survey of Data Security Sharing Technology Development and Its Application in Power Domain [J]. Journal of Information Security Reserach, 2023, 9(3): 208-.
[10]	. Research on On-chain and Off-chain Data Supervision Scheme for Energy Big Data [J]. Journal of Information Security Reserach, 2023, 9(3): 235-.
[11]	. Research and Implementation of Crossplatform Encryption Technology for Mobile Storage Devices [J]. Journal of Information Security Reserach, 2023, 9(3): 271-.
[12]	. Research on Data Transfer Security Model of Digital Twin City Big Data Platform [J]. Journal of Information Security Reserach, 2023, 9(1): 48-.
[13]	. Road Analysis of Platform Data Security Governance Optimization —From the Perspective of “DiDi Cyber Security Review Case” [J]. Journal of Information Security Reserach, 2023, 9(1): 66-.
[14]	. Analysis on the Division of Data Security Management Responsibilities and Accountability Mechanism [J]. Journal of Information Security Reserach, 2023, 9(1): 73-.
[15]	. Methodological Exploration of Data Security Standard Construction in Health Industry [J]. Journal of Information Security Reserach, 2023, 9(1): 87-.

Research and Thinking on Data Classification and Grading of Important Information Systems#br#

重要信息系统数据分类分级的研究与思考

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics