期刊文献+

大数据安全保护技术 被引量:47

Big Data Security Technology
下载PDF
导出
摘要 大数据技术的发展和应用对国家的治理模式、企业的决策架构、商业的业务策略以及个人的生活方式都产生了深远影响。但是,大量数据的汇集不仅加大了用户隐私泄露的风险,而且大数据中包含的巨大信息和潜在价值吸引了更多的潜在攻击者。此外,大数据的应用是跨学科领域集成的应用,引入了很多新的技术,可能面临更多更高的风险。作者回顾了大数据的定义和特征,提出大数据架构和大数据安全体系,在此基础上分析大数据安全在法律法规、标准、数据生命周期保护和大数据平台4个方面的研究进展。梳理美国、欧盟、中国等在大数据安全方面的法律法规现状和国际标准化组织、美国、中国等大数据安全标准化研究现状。大数据在生命周期过程中需要大数据平台为其提供支撑,以实现大数据的收集、传输、存储和分析等功能。从大数据生命周期和大数据平台两个维度分析大数据面临的安全问题和关键技术研究现状。生命周期包括收集、存储、使用、分发和删除5个阶段。收集阶段的数据质量决定了数据价值,提升数据质量的技术手段主要有数据与模型不一致性的检测、数据清洗两类。大数据分发将处理后的大数据传递给外部实体,隐私保护或敏感信息保护至关重要,相关的关键技术有数据匿名化、支持隐私保护的数据检索和分析等。大数据的管理主要包含元数据管理、数据血缘管理等方面,可以为有效使用大数据和确保大数据安全提供支持。大数据平台安全主要解决大数据组件之间的身份认证、数据隔离、数据加密存储、大数据平台边界保护和审计,主要的关键技术有身份认证、访问控制、数据加密和审计等。目前,在国际上仍缺乏完善的大数据安全标准体系,在隐私保护、数据共享和数据跨境传输等方面缺乏标准的规范和指导。大数据分析技术仍处于快速发展阶段,很难预测今后的大数据关联分析对隐私保护和敏感信息保护带来的问题,因此,现有的数据脱敏技术和隐私保护技术有待进一步研究。数据同态加密实现了分析数据时不暴露数据隐私和敏感信息,现有的同态加密算法还远未成熟。现有的大数据平台的身份认证、数据加密、访问控制仍采用的传统技术,不能适应大数据面临的数据规模大、处理逻辑复杂、用户量大等新环境。一些大数据安全关键技术在性能和可用性方面还值得深入研究,以期可早日投入实际应用。另外,使用大数据处理技术研发安全态势感知、网络安全入侵检测、威胁情报分析等安全应用,利用大数据技术抵御针对大数据的攻击威胁也已成为大数据安全领域新的研究热趋势。大数据安全的发展需要法律法规、标准和关键技术的共同支撑和推动。 The development and application of big data technology has a deep influence on the national governance model,corporate decision-making architecture,business strategy and personal lifestyle.The data aggretation not only increases the risk of user privacy leaks,but the huge information and potential value contained in big data also attract more potential attackers.Moreover,the big data application is a cross-disciplinary application,which introduces not only a lot of new technologies but more and higher risks.The definition and characteristics of big data is reviewed,and the big data architecture and big data security system are put forward in this paper.Based on this system,the security challenges facing the current big data and research progress of big data security technologies are analyzed from four perspectives:laws and regulations,standards,data life cycle protection and big data platform key technology.Laws and regulations in America,European Union,China and the research status of big data security standarlization of International Organization for Standardization,America, China and so on was introduced.Big data platform is needed to realize the collection,transmission,storage and analysis and so on in big data lifeeycle.In this paper,the security problems and key technologies of big data are analyzed from two dimensions of big data lifeeycle and big data platform.The lifecycle includes collection,storage,usage,distribution and deletion five phases.Data value is determined by the data quality of the collection phase.Data and model inconsistency detection and data cleaning are the main technical means to improve data quality.The processed big data is transmit to external entit- ies in big data distribution phase,so the protection of privacy and sensitive information is essential.The retalted key technologies are data anonymity,privacy-protecting data retrieval and analysis.The big data management support the effective use of big data and en- sure big data security,which mainly contains metadata management and data lineage.The problems of authentication,data isolation,data encryption storage,big data platform border protection and audit between big data components can be solved by the big data platform security with the key technologies such as authentication,access control,data encryption and audit.At present,a perfect big data security standard system is still lacking in the world.The norms and guidance for privacy protection,data sharing,cross-border data transmission from standards are urgent needed.With the rapid development of big data analysis technology,it's difficult to predict the challenge of privacy protection and sensitive information protection from big data association analysis in the future.The existing data masking and privacy protection technology will face a great challenge.The data analysis without exposure to data privacy and sensitive information can be achieved by data homomorphie eneryption,but the existing homomorphic encryption algorithm is far from mature.The current authentication,data encryption and access control in the big data platform use the traditional techno logy,which can't adapt to the new environment with large scale of data,complex processing logic and huge amount of users.Some of the big data security key technologies are also worthy of indepth study in the performance and availability for early practical application.In addition,using big data pro-cessing technology to develop security applications such as network security situation perception,intrusion detection and network threat intelligence analysis,and using big data technology to resist attacks against big data have become a new research trend in the field of big data security.The development of big data security requires the united support and promotion of laws and regulations,standards and key technologies.
出处 《工程科学与技术》 EI CAS CSCD 北大核心 2017年第5期1-12,共12页 Advanced Engineering Sciences
基金 国家自然科学基金资助项目(61272447)
关键词 大数据 安全 身份认证 访问控制 隐私保护 big date security authentication access control privacy protection
  • 相关文献

参考文献10

二级参考文献188

  • 1邵良杉,王军.基于关联规则的手写体汉字识别技术[J].计算机应用,2004,24(9):37-40. 被引量:3
  • 2罗永龙,黄刘生,荆巍巍,姚亦飞,陈国良.一个保护私有信息的布尔关联规则挖掘算法[J].电子学报,2005,33(5):900-903. 被引量:33
  • 3黄毅群,卢正鼎,胡和平,李瑞轩.分布式环境下保持隐私的关联规则挖掘算法[J].计算机工程,2006,32(13):12-14. 被引量:7
  • 4张鹏,童云海,唐世渭,杨冬青,马秀莉.一种有效的隐私保护关联规则挖掘方法[J].软件学报,2006,17(8):1764-1774. 被引量:53
  • 5AGRAWAL R,SRIKANT R. Privacy-Preserving Data Mining [C]//WEIDONG C, JEFFREY F, eds. Proc. of the ACM SIGMOD Conf. on Management of Data. Dallas: ACM Press, 2000 : 439-- 450.
  • 6RIZVI SJ, HARITSA JR. Maintaining Data Privacy in Association Rule Mining[C]//BERNSTEIN PA, IOANNIDIS YE, RAMAKRISHNAN R, PAPADIAS D, eds. Proc. of the 28th Int'l Conf. on Very Large Data Bases. Hong Kong: Morgan Kaufmann Publishers, 2002 : 682-693.
  • 7EVFIMIEVSKI A, SRIKANT R, AGRAWAL R, GEHRKE J. Privacy Preserving Mining of Association Rules [C]// HAND D,KEIM D,NG R,eds. Proc. of the 8th ACM SIGKDD Int'l Conf. on Knowledge Discovery and Data Mining. Edmonton: ACM Press, 2002 : 217-- 228.
  • 8KANTARCIOGLU M, CLIFTON C. Privacy-Preserving Distributed Mining of Association Rules on Horizontally Partitioned Data [J]. IEEE Trans on Knowledge and Data Engineering, 2004,16(9) : 1026-- 1037.
  • 9SAYGIN Y, VERYKIOS VS, CLIFTON C. Using Unknowns to Prevent Discovery of Association Rules[J]. ACM SIGMOD Record, 2001,30(4) :45--54.
  • 10OLIVEIRA S,ZAIANE O. Privacy Preserving Clustering by Data Transformation[C]//Manaus,Amazonas,Brazil. Proc. of the 18th Brazilian Symposium on Databases, 2003:304-- 318.

共引文献286

同被引文献498

引证文献47

二级引证文献291

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部