TID-MOP:The Comprehensive Framework of Security Management and Control in the Scenario of Data Exchange
Du Ziran1,Dou Yue2(),Yi Chengqi2,Hong Boran3,Gu Mingze3,Li Lin3
1Department of Platform Research and Development, Greater Bay Area Big Data Research Institute, Shenzhen 518048, China 2Department of Big Data Development, State Information Center, Beijing 100045, China 3Department of Engineering Management, Greater Bay Area Big Data Research Institute, Shenzhen 518048, China
[Objective] In order to promote the safety and compliance development of data exchange, this paper proposes a comprehensive framework of data transaction security management and control which takes both technical path and mechanism guarantee into account for data transaction risk, data security risk and infrastructure security risk in data exchange scenarios. [Methods] Using literature research method, this paper reviews the current literature of technology and management in the field of data transaction security at home and abroad. Combining the practice of data exchange, this paper puts forward a “TID-MOP” data transaction security management and control framework which contains both technology and mechanism. [Results] The “TID-MOP” comprehensive framework designs a core technology architecture to realize transaction security, that is, “separation of business flow, computing flow and capital flow, and convergence of circulation environment through blockchain”; “Separate the experimental environment from the production computing environment, and link the computing environment through model management and data management”; “Data computing is separated from safety supervision, and the supervision environment is uniformly managed through the control and management center”. The technology architecture improves the safety of data circulation and transaction, and realizes the safety control and unified supervision of the whole process. [Limitations] Further research is needed to verify the actual operation efficiency of the comprehensive framework. [Conclusions] The “TID-MOP” framework takes the data transaction process as the core, and provides an effective reference for the development and innovation of data transaction.
杜自然, 窦悦, 易成岐, 洪博然, 谷明泽, 李琳. TID-MOP:面向数据交易所场景下的安全管控综合框架*[J]. 数据分析与知识发现, 2022, 6(1): 13-21.
Du Ziran, Dou Yue, Yi Chengqi, Hong Boran, Gu Mingze, Li Lin. TID-MOP:The Comprehensive Framework of Security Management and Control in the Scenario of Data Exchange. Data Analysis and Knowledge Discovery, 2022, 6(1): 13-21.
( Zhang Xiaofang, Zhu Rongrong. Design and Implementation of Data Security Platform Based on Blockchain Smart Contract[J]. Wireless Internet Technology, 2021, 18(4):73-75.)
( Chen Naigang, Yao Minwei, Yuan Lingxuan, et al. Application of Blockchain in Data Transaction[J]. Electric Power Information and Communication Technology, 2021, 19(10):119-125.)
( Fu Fangcheng, Hou Chen, Cheng Yong, et al. Key Technology and Innovation of Privacy Preserving Computing[J]. Information and Communications Technology and Policy, 2021, 47(6):27-37.)
( Qin Jing. Design and Implementation of Docker-based OpenStack Cloud Platform Automation Deployment Scheme[D]. Wuhan:Wuhan Academy of Posts and Telecommunications, 2019.)
[6]
Gupta H, Sharma V K. Role of Multiple Encryption in Secure Electronic Transaction[J]. International Journal of Network Security & Its Applications, 2011. DOI: 10.5121/ijnsa.2011.3606
doi: 10.5121/ijnsa.2011.3606
[7]
Kodge B G. Information Security: A Review on Steganography with Cryptography for Secured Data Transaction[J]. International Journal of Scientific Research in Network Security and Communication, 2017, 5(6):1-4.
[8]
Brindha B T, Shaji R S. An Efficient Framework for Providing Secured Transaction of Data in Cloud Environment[J]. Indian Journal of Science and Technology, 2016, 9(44):1-6.
( Han Peiyi, Liu Chuanyi, Wang Jiahui, et al. Research on Data Encryption System and Technology for Cloud Storage[J]. Journal on Communications, 2020, 41(8):55-65.)
( Chen Yi, Jiang Zhimeng, Zhang Yu. Security Transmission Mechanism of Big Data Based on Homomorphic Hash Authentication in Cloud System[J]. Computer Engineering and Design, 2021, 42(5):1250-1256.)
[11]
Grigorios L, Aris G-D, Shao J H. Efficient and Flexible Anonymization of Transaction Data[J]. Knowledge and Information Systems, 2013, 36(1):153-210.
doi: 10.1007/s10115-012-0544-3
[12]
Sutradhar K, Om H. A Cost-effective Quantum Protocol for Secure Multi-party Multiplication[J]. Quantum Information Processing, 2021, 20(11):1-10.
doi: 10.1007/s11128-020-02935-8
( Huang Jianhua, Jiang Yahui, Li Zhongcheng. Constructing Fair Secure Multi-party Computation Based on Blockchain[J]. Application Research of Computers, 2020, 37(1):225-230, 244.)
( Liu Qingxiang, Xu Xiaolong, Zhang Xuyun, et al. Federated Learning Based Method for Intelligent Computing with Privacy Preserving in Edge Computing[J]. Computer Integrated Manufacturing Systems, 2021, 27(9):2604-2610.)
[15]
Bakir C, Hakkoymaz V. Classifying Database Users for Intrusion Prediction and Detection in Data Security[J]. Technical Gazette, 2020, 27(6):1857-1862.
[16]
Chen Y L, Guo J Y, Li C L, et al. FaDe: A Blockchain-Based Fair Data Exchange Scheme for Big Data Sharing[J]. Future Internet, 2019, 11(11):225.
doi: 10.3390/fi11110225
[17]
谢永江. 论数据流通的治理机制[J]. 信息安全与通信保密, 2021(7):19-27.
[17]
( Xie Yongjiang. Discussion on the Governance Mechanism of Data Circulation[J]. Information Security and Communications Privacy, 2021(7):19-27.)
[18]
谢登科. 论数据跨境流动的安全与自由原则[J]. 中国信息安全, 2021(5):78-81.
[18]
( Xie Dengke. On the Principle of Security and Freedom of Cross-border Data Flow[J]. China Information Security, 2021(5):78-81.)
( Zhang Feng, Yu Le, Ma Yusheng, et al. Research and Practice of Data Security Classification and Grading[J]. Information and Communications Technology and Policy, 2021, 47(8):45-50.)
( Feng Xinyao, Zhuang Hong, Liang Yingwei, et al. Data Management and Distribution Status of Foreign Electric Power Exchanges and Its Enlightenment[J]. Guangdong Electric Power, 2021, 34(8):12-21.)
[21]
范文仲. 数据价值与数据交易[J]. 中国金融家, 2021(8):27-30.
[21]
( Fan Wenzhong. Data Value and Data Transaction[J]. China Financialyst, 2021(8):27-30.)
( Li Yi, Yang Fan, An Kewan. Data Security and Privacy Protection in Big Data Transactions[J]. Network Security Technology & Application, 2017(10):74-75.)