Table of Content

15 May 2019, Volume 5 Issue 5

Previous Issue    Next Issue

Asiainfo Security: Secure the Digital World, Safe-Guard the Industrial Internet

2019, 5(5):  362-369. 

Asbtract ( )   PDF (2060KB) ( )  

Related Articles | Metrics

Research on Reference Architecture for Government Big Data Security

2019, 5(5):  370-376. 

Asbtract ( )   PDF (2263KB) ( )  

References | Related Articles | Metrics

Government informatization has gradually moved from electronic and computerized information, to networked government information, and government big data (GBD) is a new stage in government informatization development. This stage features openness, sharing, dynamic, real-time and intelligence. In view of these features and the current situation of government big data development, this paper analyzes the technical and managemental challenges and basic security principles of the GBD platform development. Based on analysis, this paper proposes a new kind of reference architecture for GBD security based on an appropriate management organization structure. The paper also reviews related security regulatory mechanisms and security measures of this architecture. Compared to the US government's national institute of standards and technology (NIST) big data reference architecture, the proposed architecture is simpler, has a higher security level, clearer functional requirements, and is easier to implement. The proposed architecture can meet the actual current needs of big data security management, and has practical value in guiding the future government cloud platform, and security design and regulation of the GBD system.

Construction and Practice of Emergency Plans for Cyber Security Events in E-Government Institutes

2019, 5(5):  377-382. 

Asbtract ( )   PDF (2124KB) ( )  

References | Related Articles | Metrics

With the frequent occurrence of various types of security risks in recent years, cyber security is becoming more and more serious. Once the critical information systems such as core business systems and goverment portals been attacked, will be having a wide range of impacts, endangering nation security, national economy and people's life and public interests.. In order to reduce the losses caused by cyber security incidents, it is very necessary for E-Government institutes to establish standardized and efficient emergency plan. Due to the limitations of consciousness, technology and resources, E-Government institutes have common problems in the construction and practice of common emergency plans. In view of this, it's necessary to put forward some suggestions for the optimization of emergency plans, which can help the information security staff of E-Government institutes to standardize the response process of cyber security incidents.

Research on Cyber-Attack Defense System Based on Big Data and Threat Intelligence

2019, 5(5):  383-387. 

Asbtract ( )   PDF (1670KB) ( )  

References | Related Articles | Metrics

Cyber-attacks are the use of network vulnerabilities and security flaws to attack the hardware, software and data of a cyber system. The earlier a cyber-attack is identified, the less adverse effect it has. The traditional network intrusion detection system (IDS) has some limitations in detecting cyber-attacks, such as passive protection and limited capability of threat identification. Threat intelligence technology provides a more scientific and effective method for identifying potential or actual cyber-attacks by using big data analysis,and provides a comprehensive and relevant cyber-attack defense model.

Research and Suggestions on Government Data Management Policy in the Age of Big Data

2019, 5(5):  388-393. 

Asbtract ( )   PDF (1357KB) ( )  

References | Related Articles | Metrics

The arrival of the era of big data is on the rise in the world. The implementation of big data technology is making great strides in the government areas. The reforms, governance methods, institutional systems and infrastructure reforms are constantly impacting government datamanagement. This paper compares and analyzes the current data management policies and platform construction in major developed countries, clarifies the opening data and governance policy documents issued by major local governments in China, as well as the operating online data portals system. Based on it, summaries the problems and reasons of domestic government data management, and proposes the suggestions and measures for improving further government data management.

The Research on Personal Information Classification Protection in Big Data Application

2019, 5(5):  394-399. 

Asbtract ( )   PDF (1772KB) ( )  

References | Related Articles | Metrics

In recent years, the big data technology has been widely applied, which is of great significance for promoting the scientific and refined management decisions of the government and enterprises and improving the level of public services. However, the big data technology itself has many security risks, especially the problem of datasecurity, due to the data classification and classification protection mechanism is not perfect,which leads to frequent data leakage and abuse in the application of personal information. This paper analyzes the application status of personal information in big data, summarizes the security risk faced bypersonal information, meanwhile, this paper also analyzes the attributes of personal information, next, proposes the classification methods of personal information as well as the determination principles of its importance degree, then combined with the system data security protection level and safety assessment forms,finally the personal information safety protection requirements at all levels are also presented.

The Study of Security Audit Framework and Key Technologies in Big Data Era

2019, 5(5):  400-405. 

Asbtract ( )   PDF (1234KB) ( )  

References | Related Articles | Metrics

The aggregation and sharing of data resources contributes to the concentration of security risks, and security audit technology in big data environment is facing many challenges. Firstly, the reference framework for big data security auditing is proposed based on big data reference framework and cloud security audit framework,which conducts security auditing from user dimension and data life-cycle dimension. Secondly,the security audit technology monitors the behaviors of data provider, system orchestrator, big data application provider, big data framework provider and data consumer. And which tracks the entire data life-cycle process which consists of data collection, transmission, storge, curation, exchange and destruction. Finally, this paper discusses the data provenance and privacy protection problems during security auditing, in order to serve as useful references for the development of big data security audit technology.

Evolution Research of Network Security Technology in Big Data Era

2019, 5(5):  406-413. 

Asbtract ( )   PDF (1284KB) ( )  

References | Related Articles | Metrics

With the advent of the era of big data, information systems have exhibited some new features, including boundary obfuscation, system virtualization, unstructure and diversification, and the low coupling degree of function and data. These features not only lead to a big difference between big data technology (DT) and information technology (IT), but also promote the upgrading and evolution of network security technology. In response to these changes, in this paper we compare the characteristics between IT era and DT era, and then propose four DT security principles: privacy, integrity, traceability, and controllability, as well as active and dynamic defense strategy based on “propagation prediction, tracking audit, dynamic management and control”. We further discusses the security challenges faced by DT and the corresponding assurance strategies. On this basis, the big data security technologies can be divided into four levels: “elimination, continuation, improvement, and innovation”, and we provide analyzation, combination and explaination for these technologies according to six categories: access control, identification and authentication, data encryption, data privacy, intrusion prevention, security audit and disaster recovery. These results will offer important assistance for the evolution of security technologies in the DT era, the construction of big data platform, the designation of security assurance strategies, and technology suitable for big data.

A Mission Profile-Based Information Security Vulnerability Assessment Method for Warship Systems

2019, 5(5):  414-419. 

Asbtract ( )   PDF (1406KB) ( )  

References | Related Articles | Metrics

To evaluate the information security vulnerability of warships during different missions, this paper proposes a mission profile-based vulnerability assessment framework that utilizes in-depth analysis of the characteristics of warship systems and their information security issues. Firstly, the vulnerability of the equipment is evaluated based on the vulnerability indicators, then, the vulnerability of the individual mission is evaluated, and finally the vulnerability level of the overall mission profile is evaluated. The case analysis results reveal that the method can feasibly provide reference for warship information security vulnerability as-sessment.

Research on Smart City Information Security Operation Platform

2019, 5(5):  420-429. 

Asbtract ( )   PDF (3498KB) ( )  

References | Related Articles | Metrics

Information security is an auxiliary support system for the construction of new smart cities, and has high priority. How to build a comprehensive information security operation monitoring platform and how to strengthen the information security risk assessment system have become the strategic focus in the construction of new smart cities. The existing security operations still have pain points such as low efficiency, lack of professionalism and high cost. AICSO security operation provides users an information system security governance process and working method that is suitable for businesses. Firstly, it relies on seven comprehensive and scientific systems, combined with user services. The platform is based on asset management, takes risk management as the core and event processing as the main approach, and is supplemented by effective management, monitoring and response functions to realize process standardization and improve users' operational efficiency. Secondly, based on the platform's big data processing and machine learning capabilities, and combined with vulnerability analysis and intelligence, automatic risk assessment and real-time push solution strategies are implemented to enhance users' early security warning capabilities, security emergency response and security assurance capabilities, and realize active security defense. Finally, centralized management and monitoring of various systems, applications, equipment and safety products are realized under a unified safety management framework, and problems such as unplanned repeated construction, purchase of products and services from multiple manufacturers and increase in management cost are resolved. The platform reduces the need for repetitive construction, security products and services are better managed, analysis conversion efficiency is improved, management cost is reduced, the problems of cost and efficiency of post-sale multi-interface communication systems are resolved, and information transmission accuracy is increased.

Research on Information Security Requirements and Certification Model of Geographic Information Products

2019, 5(5):  430-433. 

Asbtract ( )   PDF (1048KB) ( )  

References | Related Articles | Metrics

As a special data product, geographic information products have the characteristics of time and space and are easy to spread. They are important information resources and are widely used in economic development. With the strong demand of geographic information from the whole society, the security problem of geographic information products cannot be ignored for the data leakage, data tampering and illegal infringement. This paper takes geographic information products as the research object among the geographic information products life cycle, focusing on the exited information security risks, proposes corresponding information security requirements and investi-gates the product certification modoel. The research results provide references for establishing geographic information security protection system and carrying out geographic information product certification for the relevant institutions.

Research on Non-Litigation Remedy Mechanism of Erasure Right

2019, 5(5):  434-439. 

Asbtract ( )   PDF (1090KB) ( )  

References | Related Articles | Metrics

The extensive collection and use of personal data in the information society has threatened and damaged the rights of data subjects, and a right is urgently needed to strengthen the status of data subjects and the autonomy of individuals to data. The European Unions General Data Protection Regulations give data subjects a series of data rights, among which the establishment of right to erasure has attracted extensive attention from the legal profession and the Internet. Data subjects can apply for deletion of relevant personal data links under certain conditions. Whether it is based on the personal data protection in China, or in order to deal with the EU data legally and reasonably, it is necessary to have a thorough understanding of right to erasure and to sort out the ways of right remedy. This paper mainly discusses the nonlitigation remedy mechanism of right to erasure. Data subjects can get timely and adequate remedy of rights through the network platform and administrative agencies. The introduction of the relevant provisions of right to erasure should clearly define the conditions and scope of the exercise of rights, as well as the benefit measurement with freedom of speech and the protection of the data industry.

The Reasearch of Internet Identity System Based on eID and Personal Information Protection Legal System

2019, 5(5):  440-447. 

Asbtract ( )   PDF (1072KB) ( )  

References | Related Articles | Metrics

The identity of users in cyberspace is virtual and difficult to determine, which makes it difficult to effectively manage the disordered state of cyberspace virtual society. The Internet real-name system is an Internet management method based on the real name of the user. It is an important means and system for restraining, guiding and protecting Internet users. However, with the arrival of big data era, more and more information exist in the cyberspace, and personal information leakage incidents are common. The Internet identity management system based on the Internet electronic identity (eID) can ensure that the Internet service agencies can effectively identify users' real identity without disclosing their personal information, which provides a good solution to the conflict between the Internet real-name system and personal information protection. At present, China's Internet electronic identity management is still in the preliminary development and pilot application stage, and relevant legal system is still not perfect, which must be explored.

Make Special Action of APP Govermance Long-Acting

2019, 5(5):  448-449. 

Asbtract ( )   PDF (1030KB) ( )  

Related Articles | Metrics

Developing our Own CPU Should Take the Road of Marketing Driven Technology

2019, 5(5):  450-453. 

Asbtract ( )   PDF (993KB) ( )  

Related Articles | Metrics

Blocking Ransomware Viruses to Build a Secure Digital World

2019, 5(5):  454-456. 

Asbtract ( )   PDF (1015KB) ( )  

Related Articles | Metrics