《電子技術(shù)應(yīng)用》
您所在的位置:首頁 > 其他 > 設(shè)計(jì)應(yīng)用 > 網(wǎng)絡(luò)安全視角下數(shù)據(jù)要素安全治理研究
網(wǎng)絡(luò)安全視角下數(shù)據(jù)要素安全治理研究
網(wǎng)絡(luò)安全與數(shù)據(jù)治理
唐珂,宋崴,張文瑾,柳碧嵐,史曉莉
中國人民解放軍96941部隊(duì)
摘要: “數(shù)據(jù)要素”是驅(qū)動數(shù)字經(jīng)濟(jì)發(fā)展的核心資源,其本質(zhì)是通過數(shù)據(jù)資源的整合、加工和流通,釋放數(shù)據(jù)價值,賦能業(yè)務(wù)決策、社會治理和經(jīng)濟(jì)增長。在網(wǎng)絡(luò)安全領(lǐng)域,數(shù)據(jù)要素不僅僅是“原始數(shù)據(jù)”,而是通過采集、整合、加工、流通、應(yīng)用等過程,能直接發(fā)揮其網(wǎng)絡(luò)安全價值的數(shù)據(jù)資源形態(tài),例如網(wǎng)絡(luò)威脅告警和威脅情報等。隨著信息技術(shù)的快速發(fā)展,網(wǎng)絡(luò)安全工作所產(chǎn)生海量的數(shù)據(jù)要素成為網(wǎng)絡(luò)安全治理的核心要素之一。這些安全數(shù)據(jù)的收集、存儲、傳輸與處理在協(xié)助提供網(wǎng)絡(luò)安全決策支持的同時,也帶來了巨大的安全隱患。從數(shù)據(jù)要素的安全角度出發(fā),分析網(wǎng)絡(luò)安全數(shù)據(jù)匯聚過程中面臨的主要安全威脅,提出相關(guān)的保護(hù)措施和技術(shù)方案,旨在為網(wǎng)絡(luò)安全治理提供實(shí)踐指導(dǎo)。
中圖分類號:TP309文獻(xiàn)標(biāo)識碼:ADOI:10.19358/j.issn.2097-1788.2025.10.009
引用格式:唐珂,宋崴,張文瑾,等. 網(wǎng)絡(luò)安全視角下數(shù)據(jù)要素安全治理研究[J].網(wǎng)絡(luò)安全與數(shù)據(jù)治理,2025,44(10):54-58.
Research on data element security governance from a cybersecurity perspective
Tang Ke,Song Wei,Zhang Wenjin,Liu Bilan,Shi Xiaoli
Unit 96941 of the Chinese People′s Liberation Army
Abstract: Data elements are the core resources driving the development of the digital economy. Their essence lies in the integration, processing, and circulation of data resources to unlock data value and empower business decisionmaking, social governance, and economic growth. In the field of cybersecurity, data elements are not merely "raw data",but take the form of data resources that can directly deliver cybersecurity value through processes such as collection, integration, processing, circulation, and application—for example, network threat alerts and threat intelligence. With the rapid development of information technology, the massive data generated in cybersecurity operations has become a key component of cybersecurity governance. While the collection, storage, transmission, and processing of these security data support cybersecurity decisionmaking, they also introduce significant security risks. This paper examines the security of data elements from a cybersecurity perspective, analyzes the major security threats encountered during the aggregation of cybersecurity data, and proposes corresponding protection measures and technical solutions, aiming to provide practical guidance for cybersecurity governance.
Key words : data elements;cybersecurity large model;big data;network detection

引言

當(dāng)前,網(wǎng)絡(luò)安全治理正面臨數(shù)據(jù)規(guī)模與處理效能的雙重挑戰(zhàn)?;ヂ?lián)網(wǎng)、物聯(lián)網(wǎng)及云計(jì)算技術(shù)的普及催生了海量異構(gòu)安全數(shù)據(jù),如網(wǎng)絡(luò)流量、系統(tǒng)日志、攻擊行為等結(jié)構(gòu)化與非結(jié)構(gòu)化信息。這些數(shù)據(jù)的采集、存儲與分析因?qū)崟r性要求高、復(fù)雜度大而面臨瓶頸,傳統(tǒng)技術(shù)難以支撐高效治理。與此同時,安全威脅持續(xù)演進(jìn),從傳統(tǒng)病毒攻擊升級為APT攻擊、零日漏洞利用等高級威脅,防御難度顯著提升。確保安全數(shù)據(jù)的保密性、完整性和可用性,已成為構(gòu)建網(wǎng)絡(luò)安全治理體系的關(guān)鍵環(huán)節(jié)。

然而,現(xiàn)有研究多聚焦于單一環(huán)節(jié)的防護(hù)措施(如加密存儲、訪問控制等),缺乏覆蓋數(shù)據(jù)全生命周期的系統(tǒng)化與智能化安全治理方案。同時,尚未充分發(fā)揮安全大模型在語義理解、威脅溯源和響應(yīng)決策方面的潛能,導(dǎo)致安全數(shù)據(jù)價值未能有效轉(zhuǎn)化為智能防御能力。為此,本文提出基于安全大模型的全生命周期安全治理框架,通過多模態(tài)融合與攻擊鏈動態(tài)建模實(shí)現(xiàn)智能化風(fēng)險識別與響應(yīng),為網(wǎng)絡(luò)安全治理提供新的技術(shù)路徑。


本文詳細(xì)內(nèi)容請下載:

http://ihrv.cn/resource/share/2000006827


作者信息:

唐珂,宋崴,張文瑾,柳碧嵐,史曉莉

(中國人民解放軍96941部隊(duì),北京100085)


subscribe.jpg

此內(nèi)容為AET網(wǎng)站原創(chuàng),未經(jīng)授權(quán)禁止轉(zhuǎn)載。