浏览全部资源
扫码关注微信
1. 四川大学 网络空间安全研究院四川,成都,610065
2. 四川大学 计算机学院四川,成都,610065
纸质出版日期:2017,
网络出版日期:2017-9-8,
扫 描 看 全 文
陈兴蜀,杨露,罗永刚.大数据安全保护技术[J].工程科学与技术,2017,49(5):1-12.
CHEN Xingshu, Yang Lu, Luo Yonggang. Big Data Security Technology[J]. Advanced Engineering Sciences, 2017,49(5):1-12.
陈兴蜀,杨露,罗永刚.大数据安全保护技术[J].工程科学与技术,2017,49(5):1-12. DOI: 10.15961/j.jsuese.201700726.
CHEN Xingshu, Yang Lu, Luo Yonggang. Big Data Security Technology[J]. Advanced Engineering Sciences, 2017,49(5):1-12. DOI: 10.15961/j.jsuese.201700726.
中文摘要: 大数据技术的发展和应用对国家的治理模式、企业的决策架构、商业的业务策略以及个人的生活方式都产生了深远影响。但是,大量数据的汇集不仅加大了用户隐私泄露的风险,而且大数据中包含的巨大信息和潜在价值吸引了更多的潜在攻击者。此外,大数据的应用是跨学科领域集成的应用,引入了很多新的技术,可能面临更多更高的风险。作者回顾了大数据的定义和特征,提出大数据架构和大数据安全体系,在此基础上分析大数据安全在法律法规、标准、数据生命周期保护和大数据平台4个方面的研究进展。梳理美国、欧盟、中国等在大数据安全方面的法律法规现状和国际标准化组织、美国、中国等大数据安全标准化研究现状。大数据在生命周期过程中需要大数据平台为其提供支撑,以实现大数据的收集、传输、存储和分析等功能。从大数据生命周期和大数据平台两个维度分析大数据面临的安全问题和关键技术研究现状。生命周期包括收集、存储、使用、分发和删除5个阶段。收集阶段的数据质量决定了数据价值,提升数据质量的技术手段主要有数据与模型不一致性的检测、数据清洗两类。大数据分发将处理后的大数据传递给外部实体,隐私保护或敏感信息保护至关重要,相关的关键技术有数据匿名化、支持隐私保护的数据检索和分析等。大数据的管理主要包含元数据管理、数据血缘管理等方面,可以为有效使用大数据和确保大数据安全提供支持。大数据平台安全主要解决大数据组件之间的身份认证、数据隔离、数据加密存储、大数据平台边界保护和审计,主要的关键技术有身份认证、访问控制、数据加密和审计等。目前,在国际上仍缺乏完善的大数据安全标准体系,在隐私保护、数据共享和数据跨境传输等方面缺乏标准的规范和指导。大数据分析技术仍处于快速发展阶段,很难预测今后的大数据关联分析对隐私保护和敏感信息保护带来的问题,因此,现有的数据脱敏技术和隐私保护技术有待进一步研究。数据同态加密实现了分析数据时不暴露数据隐私和敏感信息,现有的同态加密算法还远未成熟。现有的大数据平台的身份认证、数据加密、访问控制仍采用的传统技术,不能适应大数据面临的数据规模大、处理逻辑复杂、用户量大等新环境。一些大数据安全关键技术在性能和可用性方面还值得深入研究,以期可早日投入实际应用。另外,使用大数据处理技术研发安全态势感知、网络安全入侵检测、威胁情报分析等安全应用,利用大数据技术抵御针对大数据的攻击威胁也已成为大数据安全领域新的研究热趋势。大数据安全的发展需要法律法规、标准和关键技术的共同支撑和推动。
Abstract:The development and application of big data technology has a deep influence on the national governance model
corporate decision-making architecture
business strategy and personal lifestyle.The data aggretation not only increases the risk of user privacy leaks
but the huge information and potential value contained in big data also attract more potential attackers.Moreover
the big data application is a cross-disciplinary application
which introduces not only a lot of new technologies but more and higher risks.The definition and characteristics of big data is reviewed
and the big data architecture and big data security system are put forward in this paper.Based on this system
the security challenges facing the current big data and research progress of big data security technologies are analyzed from four perspectives:laws and regulations
standards
data life cycle protection and big data platform key technology.Laws and regulations in America
European Union
China and the research status of big data security standarlization of International Organization for Standardization
America
China and so on was introduced.Big data platform is needed to realize the collection
transmission
storage and analysis and so on in big data lifecycle.In this paper
the security problems and key technologies of big data are analyzed from two dimensions of big data lifecycle and big data platform.The lifecycle includes collection
storage
usage
distribution and deletion five phases.Data value is determined by the data quality of the collection phase.Data and model inconsistency detection and data cleaning are the main technical means to improve data quality.The processed big data is transmit to external entities in big data distribution phase
so the protection of privacy and sensitive information is essential.The retalted key technologies are data anonymity
privacy-protecting data retrieval and analysis.The big data management support the effective use of big data and ensure big data security
which mainly contains metadata management and data lineage.The problems of authentication
data isolation
data encryption storage
big data platform border protection and audit between big data components can be solved by the big data platform security with the key technologies such as authentication
access control
data encryption and audit.At present
a perfect big data security standard system is still lacking in the world.The norms and guidance for privacy protection
data sharing
cross-border data transmission from standards are urgent needed.With the rapid development of big data analysis technology
it’s difficult to predict the challenge of privacy protection and sensitive information protection from big data association analysis in the future.The existing data masking and privacy protection technology will face a great challenge.The data analysis without exposure to data privacy and sensitive information can be achieved by data homomorphic encryption
but the existing homomorphic encryption algorithm is far from mature.The current authentication
data encryption and access control in the big data platform use the traditional technology
which can’t adapt to the new environment with large scale of data
complex processing logic and huge amount of users.Some of the big data security key technologies are also worthy of indepth study in the performance and availability for early practical application.In addition
using big data pro-cessing technology to develop security applications such as network security situation perception
intrusion detection and network threat intelligence analysis
and using big data technology to resist attacks against big data have become a new research trend in the field of big data security.The development of big data security requires the united support and promotion of laws and regulations
standards and key technologies.
大数据安全身份认证访问控制隐私保护
big datasecurityauthenticationaccess controlprivacy protection
大数据安全标准化白皮书(2017)[R].北京:全国信息技术标准化技术委员会大数据安全标准特别工作组,2017.
中华人民共和国工业和信息化部.中华人民共和国网络安全法[EB/OL].(2016-11-08)[2017-06-12].http://www.miit.gov.cn/n1146295/n1146557/n1146614/c5345009/content.html.
中华人民共和国国家互联网信息办公室.国家网络空间安全战略[EB/OL].(2016-12-27)[2017-06-12].http://www.cac.gov.cn/2016-12/27/c_1120195926.htm.
McKinsey & Company.Big data:The next frontier for innovation,competition,and productivity[EB/OL].[2017-06-12].https://bigdatawg.nist.gov/pdf/MGI_big_data_full_report.pdf.
National Institute of Standards and Technology.NIST big data interoperability framework:Volume 1,Definitions[EB/OL].(2015-09-16)[2017-06-12].https://bigdatawg.nist.gov/_uploadfiles/NIST.SP.1500-1.pdf.
中华人民共和国工业和信息化部.电信和互联网用户个人信息保护规定(工业和信息化部令第24号)[EB/OL].(2016-04-07)[2017-06-15].http://www.miit.gov.cn/n1146295/n1146557/n1146619/c4700556/content.html.
国务院关于印发促进大数据发展行动纲要的通知[EB/OL].(2015-08-31)[2017-06-14].http://www.gov.cn/zhengce/content/2015-09/05/content_10137.htm
中华人民共和国国家互联网信息办公室.《网络安全法》解读[EB/OL].(2016-11-07)[2017-06-14].http://www.cac.gov.cn/2016-11/07/c_1119866583.htm
Fan W,Geerts F,Ma S,et al.Detecting inconsistencies in distributed data[C]//Proceedings of the 2010 IEEE 26th International Conference on Data Engineering(ICDE).Long Beach:IEEE,2010:64-75.
Fan W,Li J,Tang N.Incremental detection of inconsistencies in distributed data[J].IEEE Transactions on Knowledge and Data Engineering,2014,26(6):1367-1383.
Beskales G,Ilyas I F,Golab L,et al.On the relative trust between inconsistent data and inaccurate constraints[C]//Proceedings of the 2013 IEEE 29th International Conference on Data Engineering (ICDE).Brisbane:IEEE,2013:541-552.
Chiang F,Miller R J.A unified model for data and constraint repair[C]//Proceedings of the 2011 IEEE 27th International Conference on Data Engineering(ICDE).Hannover:IEEE,2011:446-457.
Fan W,Li J,Ma S,et al.Towards certain fixes with editing rules and master data[J].Proceedings of the VLDB Endowment,2010,3(1/2):173-184.
Fan W,Ma S,Tang N,et al.Interaction between record matching and data repairing[J].Journal of Data and Information Quality,2014,4(4):16.
Fan W,Li J,Ma S,et al.CerFix:A system for cleaning data with certain fixes[J].Proceedings of the VLDB Endowment,2011,4(12):1375-1378.
Kanchi S,Sandilya S,Ramkrishna S,et al.Challenges and Solutions in Big Data Management-An Overview[C]//Proceedings of the 20153rd International Conference on IEEE Future Internet of Things and Cloud(FiCloud).Rome:IEEE,2015:418-426.
Siddiqa A,Hashem I A T,Yaqoob I,et al.A survey of big data management:Taxonomy and state-of-the-art[J].Journal of Network & Computer Applications,2016,71:151-166.
Zhang H,Chen G,Ooi B C,et al.In-memory big data management and processing:A survey[J].IEEE Transactions on Knowledge and Data Engineering,2015,27(7):1920-1948.
Sweeney L.
Machanavajjhala A,Kifer D,Gehrke J,et al.
0
浏览量
7790
下载量
67
CNKI被引量
关联资源
相关文章
相关作者
相关机构