|
|
|
| TID-MOP:The Comprehensive Framework of Security Management and Control in the Scenario of Data Exchange |
Du Ziran1,Dou Yue2( ),Yi Chengqi2,Hong Boran3,Gu Mingze3,Li Lin3 |
1Department of Platform Research and Development, Greater Bay Area Big Data Research Institute, Shenzhen 518048, China
2Department of Big Data Development, State Information Center, Beijing 100045, China
3Department of Engineering Management, Greater Bay Area Big Data Research Institute, Shenzhen 518048, China |
|
|
|
|
Abstract [Objective] In order to promote the safety and compliance development of data exchange, this paper proposes a comprehensive framework of data transaction security management and control which takes both technical path and mechanism guarantee into account for data transaction risk, data security risk and infrastructure security risk in data exchange scenarios. [Methods] Using literature research method, this paper reviews the current literature of technology and management in the field of data transaction security at home and abroad. Combining the practice of data exchange, this paper puts forward a “TID-MOP” data transaction security management and control framework which contains both technology and mechanism. [Results] The “TID-MOP” comprehensive framework designs a core technology architecture to realize transaction security, that is, “separation of business flow, computing flow and capital flow, and convergence of circulation environment through blockchain”; “Separate the experimental environment from the production computing environment, and link the computing environment through model management and data management”; “Data computing is separated from safety supervision, and the supervision environment is uniformly managed through the control and management center”. The technology architecture improves the safety of data circulation and transaction, and realizes the safety control and unified supervision of the whole process. [Limitations] Further research is needed to verify the actual operation efficiency of the comprehensive framework. [Conclusions] The “TID-MOP” framework takes the data transaction process as the core, and provides an effective reference for the development and innovation of data transaction.
|
|
Received: 15 December 2021
Published: 22 February 2022
|
|
|
| Fund:National Social Science Fund of China(18CSH018) |
|
Corresponding Authors:
Dou Yue,ORCID:0000-0001-8185-0741
E-mail: douyue@pku.edu.cn
|
| [1] |
雷震光. 基于区块链的数据交易关键技术研究与实现[D]. 广州:广州大学, 2020.
|
| [1] |
( Lei Zhenguang. Research and Implementation of Key Technologies of Data Transaction Based on Blockchain[D]. Guangzhou:Guangzhou University, 2020.)
|
| [2] |
张小芳, 朱熔熔. 基于区块链智能合约的数据安全平台设计与实现[J]. 无线互联科技, 2021, 18(4):73-75.
|
| [2] |
( Zhang Xiaofang, Zhu Rongrong. Design and Implementation of Data Security Platform Based on Blockchain Smart Contract[J]. Wireless Internet Technology, 2021, 18(4):73-75.)
|
| [3] |
陈乃刚, 姚民伟, 苑令轩, 等. 区块链在数据交易场景中的应用[J]. 电力信息与通信技术, 2021, 19(10):119-125.
|
| [3] |
( Chen Naigang, Yao Minwei, Yuan Lingxuan, et al. Application of Blockchain in Data Transaction[J]. Electric Power Information and Communication Technology, 2021, 19(10):119-125.)
|
| [4] |
符芳诚, 侯忱, 程勇, 等. 隐私计算关键技术与创新[J]. 信息通信技术与政策, 2021, 47(6):27-37.
|
| [4] |
( Fu Fangcheng, Hou Chen, Cheng Yong, et al. Key Technology and Innovation of Privacy Preserving Computing[J]. Information and Communications Technology and Policy, 2021, 47(6):27-37.)
|
| [5] |
秦菁. 基于Docker的OpenStack云平台自动化部署方案的设计与实现[D]. 武汉: 武汉邮电科学研究院, 2019.
|
| [5] |
( Qin Jing. Design and Implementation of Docker-based OpenStack Cloud Platform Automation Deployment Scheme[D]. Wuhan:Wuhan Academy of Posts and Telecommunications, 2019.)
|
| [6] |
Gupta H, Sharma V K. Role of Multiple Encryption in Secure Electronic Transaction[J]. International Journal of Network Security & Its Applications, 2011. DOI: 10.5121/ijnsa.2011.3606
doi: 10.5121/ijnsa.2011.3606
|
| [7] |
Kodge B G. Information Security: A Review on Steganography with Cryptography for Secured Data Transaction[J]. International Journal of Scientific Research in Network Security and Communication, 2017, 5(6):1-4.
|
| [8] |
Brindha B T, Shaji R S. An Efficient Framework for Providing Secured Transaction of Data in Cloud Environment[J]. Indian Journal of Science and Technology, 2016, 9(44):1-6.
|
| [9] |
韩培义, 刘川意, 王佳慧, 等. 面向云存储的数据加密系统与技术研究[J]. 通信学报, 2020, 41(8):55-65.
|
| [9] |
( Han Peiyi, Liu Chuanyi, Wang Jiahui, et al. Research on Data Encryption System and Technology for Cloud Storage[J]. Journal on Communications, 2020, 41(8):55-65.)
|
| [10] |
陈艺, 江芝蒙, 张渝. 云系统中基于同态哈希认证的大数据安全传输[J]. 计算机工程与设计, 2021, 42(5):1250-1256.
|
| [10] |
( Chen Yi, Jiang Zhimeng, Zhang Yu. Security Transmission Mechanism of Big Data Based on Homomorphic Hash Authentication in Cloud System[J]. Computer Engineering and Design, 2021, 42(5):1250-1256.)
|
| [11] |
Grigorios L, Aris G-D, Shao J H. Efficient and Flexible Anonymization of Transaction Data[J]. Knowledge and Information Systems, 2013, 36(1):153-210.
doi: 10.1007/s10115-012-0544-3
|
| [12] |
Sutradhar K, Om H. A Cost-effective Quantum Protocol for Secure Multi-party Multiplication[J]. Quantum Information Processing, 2021, 20(11):1-10.
doi: 10.1007/s11128-020-02935-8
|
| [13] |
黄建华, 江亚慧, 李忠诚. 利用区块链构建公平的安全多方计算[J]. 计算机应用研究, 2020, 37(1):225-230,244.
|
| [13] |
( Huang Jianhua, Jiang Yahui, Li Zhongcheng. Constructing Fair Secure Multi-party Computation Based on Blockchain[J]. Application Research of Computers, 2020, 37(1):225-230, 244.)
|
| [14] |
刘庆祥, 许小龙, 张旭云, 等. 基于联邦学习的边缘智能协同计算与隐私保护方法[J]. 计算机集成制造系统, 2021, 27(9):2604-2610.
|
| [14] |
( Liu Qingxiang, Xu Xiaolong, Zhang Xuyun, et al. Federated Learning Based Method for Intelligent Computing with Privacy Preserving in Edge Computing[J]. Computer Integrated Manufacturing Systems, 2021, 27(9):2604-2610.)
|
| [15] |
Bakir C, Hakkoymaz V. Classifying Database Users for Intrusion Prediction and Detection in Data Security[J]. Technical Gazette, 2020, 27(6):1857-1862.
|
| [16] |
Chen Y L, Guo J Y, Li C L, et al. FaDe: A Blockchain-Based Fair Data Exchange Scheme for Big Data Sharing[J]. Future Internet, 2019, 11(11):225.
doi: 10.3390/fi11110225
|
| [17] |
谢永江. 论数据流通的治理机制[J]. 信息安全与通信保密, 2021(7):19-27.
|
| [17] |
( Xie Yongjiang. Discussion on the Governance Mechanism of Data Circulation[J]. Information Security and Communications Privacy, 2021(7):19-27.)
|
| [18] |
谢登科. 论数据跨境流动的安全与自由原则[J]. 中国信息安全, 2021(5):78-81.
|
| [18] |
( Xie Dengke. On the Principle of Security and Freedom of Cross-border Data Flow[J]. China Information Security, 2021(5):78-81.)
|
| [19] |
张峰, 于乐, 马禹昇, 等. 数据安全分类分级研究与实践[J]. 信息通信技术与政策, 2021, 47(8):45-50.
|
| [19] |
( Zhang Feng, Yu Le, Ma Yusheng, et al. Research and Practice of Data Security Classification and Grading[J]. Information and Communications Technology and Policy, 2021, 47(8):45-50.)
|
| [20] |
冯歆尧, 庄弘, 梁盈威, 等. 国外电力交易所数据管理分发现状以及启示[J]. 广东电力, 2021, 34(8):12-21.
|
| [20] |
( Feng Xinyao, Zhuang Hong, Liang Yingwei, et al. Data Management and Distribution Status of Foreign Electric Power Exchanges and Its Enlightenment[J]. Guangdong Electric Power, 2021, 34(8):12-21.)
|
| [21] |
范文仲. 数据价值与数据交易[J]. 中国金融家, 2021(8):27-30.
|
| [21] |
( Fan Wenzhong. Data Value and Data Transaction[J]. China Financialyst, 2021(8):27-30.)
|
| [22] |
罗文华. 基于生命周期的数据跨境流动程序性与实质性监管[J]. 中国政法大学学报, 2021(5):142-154.
|
| [22] |
( Luo Wenhua. Procedural and Substantive Supervision of Cross-border Data Flow Based on Life Cycle[J]. Journal of CUPL, 2021(5):142-154.)
|
| [23] |
李怡, 杨帆, 安克万. 大数据交易中的数据安全与隐私保护[J]. 网络安全技术与应用, 2017(10):74-75.
|
| [23] |
( Li Yi, Yang Fan, An Kewan. Data Security and Privacy Protection in Big Data Transactions[J]. Network Security Technology & Application, 2017(10):74-75.)
|
|
Viewed |
|
|
|
Full text
|
|
|
|
|
Abstract
|
|
|
|
|
Cited |
|
|
|
|
| |
Shared |
|
|
|
|
| |
Discussed |
|
|
|
|
