基于数据生命周期的海洋科学数据安全治理框架研究

doi:10.11978/2024094

Abstract

Abstract:

This paper reviews the basic concepts of data security governance, summarizes the current status and challenges for data security in marine science in China, points out its basic characteristics, and extracts possible security risks for security process areas in the data life cycle. With the whole life cycle of marine scientific data as the core, a data security governance framework is constructed from three levels of governance objectives, security capabilities and governance systems, and specific security strategies are proposed, which provide theoretical support and practical reference for improving the security governance capabilities of data centers in marine science in China.

Key words: marine scientific data, data security governance, data life cycle

CLC Number:

P781

WANG Yi, HE Long, FU Yu, JIANG Xiaoyi, JIANG Bing, WANG Lei. Research on the governance framework for data security in marine science based on the data life cycle[J].Journal of Tropical Oceanography, 2025, 44(2): 208-214.

Figures/Tables 3

Fig. 1

Tab. 1

Fig. 2

References 17

[1]	国家市场监督管理总局, 国家标准化管理委员会, 2019. GB/T 37988-2019 信息安全技术数据安全能力成熟度模型[S]. 北京: 中国标准出版社.
	STATE ADMINISTRATION FOR MARKET REGULATION, STANDARDIZATION ADMINISTRATION, 2019. GB/T 37988-2019 Information security technology - data security capability maturity model[S]. Beijing: Standards Press of China (in Chinese).
[2]	韩春花, 杨锦坤, 韦广昊, 等, 2022. 海洋大数据安全现状及其工作对策建议[J]. 海洋信息技术与应用, 37(2): 42-49.
	HAN CHUNHUA, YANG JINKUN, WEI GUANGHAO, et al, 2022. Current situation and countermeasures of marine big data security[J]. Journal of Marine Information Technology and Application, 37(2): 42-49 (in Chinese with English abstract).
[3]	黄冬梅, 赵丹枫, 魏立斐, 等, 2016. 大数据背景下海洋数据管理的挑战与对策[J]. 计算机科学, 43(6): 17-23. doi: 10.11896/j.issn.1002-137X.2016.06.003
	HUANG DONGMEI, ZHAO DANFENG, WEI LIFEI, et al, 2016. Managing marine data as big data: uprising challenges and tentative solutions[J]. Computer Science, 43(6): 17-23 (in Chinese with English abstract).
[4]	李善青, 郑彦宁, 邢晓昭, 等, 2019. 科学数据共享的安全管理问题研究[J]. 中国科技资源导刊, 51(3): 11-17.
	LI SHANQING, ZHENG YANNING, XING XIAOZHAO, et al, 2019. Study on security managements of scientific data sharing[J]. China Science & Technology Resources Review, 51(3): 11-17 (in Chinese with English abstract).
[5]	李洋, 温亮明, 2019. 我国科学数据外流: 表现、问题与对策[J]. 图书馆杂志, 38(12): 72-81, 115.
	LI YANG, WEN LIANGMING, 2019. Scientific data outflow in China: phenomena, problems and countermeasures[J]. Library Journal, 38(12): 72-81, 115 (in Chinese with English abstract).
[6]	李宜展, 刘细文, 李泽霞, 等, 2022. 科学数据安全边界概念模型研究——基于利益相关者视角[J]. 中国科学基金, 36(2): 339-347.
	LI YIZHAN, LIU XIWEN, LI ZEXIA, et al, 2022. Study on conceptual analysis model of scientific data security boundary: from the perspective of stakeholders[J]. Bulletin of National Natural Science Foundation of China, 36(2): 339-347 (in Chinese with English abstract).
[7]	廖方宇, 胡良霖, 王健, 等, 2024. 科学数据安全标准研究与工作建议[J]. 科学通报, 69(9): 1142-1148.
	LIAO FANGYU, HU LIANGLIN, WANG JIAN, et al, 2024. Research and suggestions on scientific data security standards[J]. Chinese Science Bulletin, 69(9): 1142-1148 (in Chinese with English abstract).
[8]	申家双, 周德玖, 2016. 海战场环境特征分析及其建设策略[J]. 海洋测绘, 36(6): 32-37.
	SHEN JIASHUANG, ZHOU DEJIU, 2016. The characteristic analysis and its construction strategy of sea battlefield environment[J]. Hydrographic Surveying and Charting, 36(6): 32-37 (in Chinese with English abstract).
[9]	数据安全治理委员会, 2018. 数据安全治理白皮书概要版[J]. 网络安全和信息化, (7): 22-26 (in Chinese).
[10]	数治网, [2023-12-21]. Zed解读: 《数据安全治理实践指南(3.0)全新发布》[EB/OL]. https://dtzed.com/talks/2023/12/8824/.
	SHU ZHIWANG, [2023-12-21]. Zed Understanding:data security governance practice guide(3.0) released[EB/OL]. https://dtzed.com/talks/2023/12/8824/ (in Chinese).
[11]	孙苗, 王子珂, 童心, 等, 2022. 典型海洋环境观测数据产品应用现状及对我国的启示[J]. 大数据, 8(1): 73-83. doi: 10.11959/j.issn.2096-0271.2022007
	SUN MIAO, WANG ZIKE, TONG XIN, et al, 2022. Status of classical marine environmental observing data products application and enlightenment to China[J]. Big Data Research, 8(1): 73-83 (in Chinese with English abstract).
[12]	王漪, 康林冲, 姜晓轶, 等, 2023. 海洋科学数据流通与交易推进思路[J]. 海洋信息技术与应用, 38(4): 193-199.
	WANG YI, KANG LINCHONG, JIANG XIAOYI, et al, 2023. Promoting ideas on marine scientific data circulation and transaction[J]. Journal of Marine Information Technology and Application, 38(4): 193-199 (in Chinese with English abstract).
[13]	王漪, 徐墨庚, 童心, 等, 2024. 国家海洋科学数据中心建设与发展实践[J]. 自然资源信息化, (1): 1-9.
	WANG YI, XU MOGENG, TONG XIN, et al, 2024. Construction and development practices of the national marine scientific data center in China[J]. Natural Resources Informatization, (1): 1-9 (in Chinese).
[14]	朱艳华, 廖方宇, 胡良霖, 等, 2021. 科学数据安全标准规范关键问题探索[J]. 信息网络安全, 21(11): 1-8.
	ZHU YANHUA, LIAO FANGYU, HU LIANGLIN, et al, 2021. Research on key problems of scientific data security standard[J]. Netinfo Security, 21(11): 1-8 (in Chinese with English abstract).
[15]	CIPHERGATEWAY NETWORKS TECHNOLOGY CO., LTD., 2022. Report on data security policy (2022) V1.0.0.[R]. Beijing Lianshi Networks Technology Co.., Ltd, 2022. Data security policy research report (2022) V1.0.0.[R].
[16]	GARTNER, [2015-08-15]. How to use the data security governance framework[EB/OL]. https://www.gartner.com/en/documents/how-to-use-the-data-security-governance-framework.
[17]	MICROSOFT, [2018-04-09]. Microsoft Dynamics 365(online) security and compliance planning guide[EB/OL]. https://learn.microsoft.com/en-us/previous-versions/dynamicscrm-2016/white-papers.

安全过程域	安全风险
数据传输	数据泄露、身份冒用、数据丢失、数据篡改
加工整理	数据处理环境与数据密级不符、人员泄密
数据质量控制	数据不准确、不完整、不可用、不一致等质量问题
汇交形式审查	非访问授权、数据外流、数据篡改
汇交质量审查	非访问授权、敏感数据外传、数据篡改
存储媒介	人为破坏、设备被盗被毁
逻辑存储	黑客攻击、病毒和木马、数据存储与数据密级不符、操作失误、非授权访问、数据篡改
应急与备份	数据丢失、非访问授权
平台建设运行	操作失误、非法跨境、系统漏洞、代码漏洞、数据泄露、接口调用非访问授权
数据审核	非访问授权、敏感数据外传
增值服务	数据融合与推理引发新安全风险
出版与引用	侵犯知识产权
有偿服务	数据泄露、数据篡改、安全监管缺失、数据定价不合规、收益分配失衡

Research on the governance framework for data security in marine science based on the data life cycle

RichHTML

PDF (PC)

Like

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 3

References 17

Related Articles 3

Metrics

Comments

Recommended 0

[1]	XU Xiao-lu, LI Sha, XU Chao. On South China Sea marine data collection and management [J]. Journal of Tropical Oceanography, 2015, 34(6): 42-48.
[2]	HE Hong-qian, LI Sha, XU Chao. Study on data sharing for scientific investigation in the South China Sea based on cloud computing [J]. Journal of Tropical Oceanography, 2015, 34(6): 49-56.
[3]	ZHANG Guang-ping, XIE Zhong, LUO Xian-gang, ZHANG Chen-xiao. The Hainan typhoon disaster command management systems based on WebGIS [J]. Journal of Tropical Oceanography, 2014, 33(6): 80-87.