The formal implementation of the data security law marks that China has guaranteed the right of data as a factor of production at the legal level. The data security law regulates data processing activities and defines the obligations and responsibilities of data processors. It is of far-reaching significance for protecting citizens' privacy rights, safeguarding national security and social stability, and promoting the development of the digital economy.

Data security issues

the flow of data causes changes in protected objects and protected boundaries. During data flow, the security risks of key nodes are greatly improved. The traditional security architecture is more like & ldquo; Enclosure Protection & rdquo;, which cannot provide more flexible and efficient security protection for business and data. Currently, business systems have the following problems in data security protection.

Incomplete data classification or incomplete data classification: data collected by the business system is not managed uniformly, sensitive data is not identified, data classification and classification protection is not performed, increases the risk of data leakage and data non-compliance operations.

Insufficient data asset identification: the access path of the data stream lacks security management, does not identify and protect the full data stream, does not know the data & ldquo; Where does it come from, where does it go & rdquo;, as a result, key businesses and key data cannot be identified, resulting in risks such as data outflow without approval.

The data is not desensitized or the data is not completely desensitized.: Test/demonstration environment, data analysis/mining do not use desensitization data, or data desensitization algorithm does not meet irreversible security requirements, desensitization data is vulnerable to heavy identification attacks, threats such as background attacks, link attacks, and privacy Inference attacks.

Insufficient data access control and authentication mechanisms: O & M developers may set up management backdoors or unauthorized access to unauthorized data. Insufficient authentication mechanisms may also result in insufficient behavior log records and failure to perform post-event security audits, increases the risk of data leakage or data tampering in business systems.

Insufficient data security risk identification: Traditional application system risk identification mainly focuses on independent sections such as application security, network security, and physical security, and does not perform sufficient risk assessment on the flowing data, data risk upgrades caused by data aggregation cannot be fully identified.

Incomplete data security management system and organizational structure: the organizational structure is not clearly defined, the support of the company's senior managers is not obtained, the security policy is not agreed internally, and the compliance approval process is not clearly defined; Business continuity and disaster recovery, plans such as emergency response have not been formulated, tested, or implemented.

Technical framework for data security

take data as the center, focus on data flow direction and data lifecycle, follow the construction guidelines of relevant laws, regulations and standards for data security, and master the data asset distribution, business relationship and data flow map, do a good job in data security classification, perform business impact analysis and data security risk assessment, and build a data security protection system suitable for business development in combination with risk preferences of relevant stakeholders. The data security construction framework is shown in Figure 1.

Figure 1 data security construction framework

1. Data Classification

based on the practice guide of network security standards & mdash;& mdash; Guidelines for classification and grading of network data, data assets are identified according to the degree of business impact and the opinions of relevant stakeholders, and classify. Develop data protection policies and data protection technical frameworks based on data asset tables and data classification tables. The data security construction framework is shown in figure 2.

Figure 2 data classification system

2. Data Transmission Security

encrypt all API access of the application system to secure data transmission. All front-end access to the system uses the secure network protocol HTTPS, and uses the SSL HTTP protocol to build encrypted communication between browsers and services, effectively protecting data privacy and information security. All interfaces must carry an encrypted credential to access the backend. The validity period of the interface access credential is adjusted according to different business requirements to prevent the credential from being stolen. Use the application gateway control to audit the access permissions of all interfaces and perform unified authentication based on the user's identity.

3. Data Storage Security

identify the existing data involved in the business system, establish data classification and grading rules, generate data classification and grading record tables, and encrypt and store data by calling the encryption system key, and use the ID to efficiently call and decrypt data.

4. Data Security flow

ensure the security management of sensitive data in circulation. For example, data security exchange and data sharing with partners, data flow of application system calling Production library, data security transfer between production environment and test environment, data flow and other business scenarios that may be involved in the O & M process, data flow analysis and business case preparation.

During the O & M process, security O & M tools should be used to identify, manage, and audit all behaviors, restrict sensitive data from flowing out of the production environment without approval, and prevent data from falling into security domains with lower security levels, even in the office computer. The data used in the Test environment shall be completely desensitized to ensure that the data is irreversible, and access control between the production environment and the Test environment shall be ensured to avoid illegal transfer and flow of production data. In the cooperation with partners, if data sharing and data circulation are involved, the confidentiality responsibilities and compliance obligations shall be clearly defined in the contract or confidentiality agreement, and the security management requirements of both parties shall be clearly defined, data that needs to be transferred and shared shall be reviewed and monitored to avoid illegal data transmission and sharing.

5. Data security processing

data security classification and grading: Formulate Data security classification and grading standards, compile data asset tables for the existing data of the data application system, and realize real-time identification and grading of new data.

Data desensitization: the data used in the Test environment or the big data platform is deidentified and further analyzed and used after ensuring data security and reliability.

Data O & M: O & M operations shall be implemented through security O & M software (Bastion machine), all operations shall be recorded and audited regularly; Other unauthorized access paths shall be prohibited through monitoring and implementing early warning policies, avoid exporting unapproved data.

Access control: when accessing data through API calls or other means, you must obtain authentication and formulate access control policies to implement the minimum permission requirements and avoid unauthorized access by technicians, use authentication and access control policies to prevent code backdoors during development.

Data Backup: perform business continuity analysis and disaster recovery analysis on applications, identify RTO and RPO, formulate backup policies, regularly test backup data, and implement protective measures for the security domain of the backup database, prevent unauthorized access or theft of backup databases by malicious users.

Data Destruction: Destroy expired production database data in a timely manner, and destroy returned terminal office computers that involve sensitive data to avoid data leakage due to data expiration and other reasons.

Establishment of data security management system

establish and improve the data security management system and system specification documents, clarify the responsible departments and main responsible persons, and formulate a four-level security management system. Among them, the first-level document is formulated by senior management/Leading Group, which clearly defines strategic objectives, management requirements and basic principles; The second-level document is composed of management committees of various departments according to the first-level strategic objectives, the general management methods, systems and standards for policy formulation, as the upper management requirements, should have scientificity, completeness, rationality and universal applicability; the third-level documents are determined by the management layer and the executive layer according to the second-level management system to determine the specific operation guidelines and specifications of each business process stage; The fourth-level and below documents are auxiliary documents, including procedure documents, approval documents, process documents such as lists are detailed interpretations of upper-level management requirements, as well as detailed asset lists and operational documents for guiding or recording specific business scenarios and business processes.

Conclusion

This paper constructs a data-centered overall protection framework, establishes a data security guarantee system for the whole life cycle with data as the core, a risk assessment management system based on data flow, A protection framework based on business impact analysis and risk assessment. The promotion of digital construction will bring more data security risks. It is necessary to further strengthen technical exploration in data security governance and security supervision, and further strengthen the construction of data security guarantee system and guarantee capacity, build a technology governance system that pays equal attention to security and development.

SOURCE: Journal of network security and informatization

author: Qiao Riying of Wanda Information Co., Ltd.

(This article is not confidential)