IMCAFS

 Home

data security from the perspective of production security system

Posted by santillano at 2020-03-05
all

Click the blue words above to follow us!

Introduction: with the rapid development of the Internet, more and more new scenes, technologies and names have emerged with the development of the Internet; from gdpr to AI security, From Internet of things security to big data security, but the whole system of network security is basically based on the earliest concept of information security, such as CIA three elements to describe our security system in cyberspace. But for many new network security problems, information security system has limitations, how do we think about the future cyberspace system? At the same time, these new changes bring challenges as well as new opportunities. As security practitioners, how can we see the end of future security and see the direction of this rapidly changing era?

1、 From information security to network security to Cyberspace Security

The modern sense of network security, from the beginning of the 19th century, the use of electronic technology to transmit information technology has gradually emerged, followed by the use of military and national affairs and other fields. It brings the earliest information security problem of electronic communication. At this stage, it focuses on the confidentiality of traditional information storage and transmission, and the core technology is encryption technology.

In the 1940s, computers came into being. The first generation of computers took computing as the core, the second generation took transaction processing as the core, the third generation took information processing (words and pictures) as the core, and the fourth generation took information interaction of various scenes as the core. Traditional information security is expanded from the confidentiality requirements of information security in the previous era of electronic information transmission, combined with the requirements of computing, transaction, information processing and information interaction, to three elements of confidentiality, integrity, availability (CIA), and later elements of non repudiation, authenticity, reliability, controllability, etc. At present, our traditional computer network security is based on this model system. The core of these security elements is to regard the computer network system as an asset, and emphasize how to protect it. The owner of the asset has the ownership and control of the information and computer network system. In essence, it is to form the corresponding protection boundary around the assets, to defend the unauthorized access, control and use of information and computer network from the outside. As shown in the figure below is a classic network security boundary protection system: physical security, network and transmission security, host system security, application security, host and application use storage information carrier security.

From the beginning of the 21st century, we have entered the era of cyberspace. Due to the penetration of the Internet, as an information communication infrastructure, the network links more and more people and things together, and many people's lives also start to rely on the Internet, while organizations / enterprises and countries are increasingly using the Internet to carry out the behavior of organizations and countries. At this time, it is difficult to solve all kinds of new network security problems with information security system (even the connotation of information security after the expansion of it facilities), such as using public opinion guidance, network violence, scalpers' brushing, collecting wool, using data analysis to influence voters' political voting, etc.

What are these new network security? Why can't we deal with these problems with the traditional information security system? No matter information security or network security extended to it facilities, it emphasizes that information or information related computer network system, as a valuable thing, as the legal owner's ownership and control right, is essentially an asset / property security. After cyberspace maps the activities of human beings and human organizations, these new security problems are actually the existing security problems of human beings and human organizations in the real world. Many security problems are not necessarily an asset security perspective. We need to understand the security of human beings and human organizations in the physical world from a more essential point of view, in order to understand the security of the new situation in cyberspace, and to think about the evolution path of Cyberspace Security in the future.

2、 Think about change with constancy / think about the future from the past

All the development and changes in the world can be understood and thought about with some more basic and unchanging things. What changes are often new scenes and new technologies, but what does not change is human nature, as well as the cognitive system and commercial value formed around human nature; if we master the unchanging things, we can grasp the unchanging pulse in the face of the uncertain future of change.

Safety refers to the state in which people or things are not threatened, dangerous, harmful or lost. But first of all, we need to understand that all security issues are related to the interests of a certain subject. A supernova explosion 100 million light-years away will blow up the material around him, and we will not consider it a security issue. That is to say, only when the danger, harm and loss affect the main interests of an individual or organization, race and country, can it become a specific security issue.

Therefore, we can stand in different dimensions of the main interests to see individual security, organizational security, national or ethnic security, human community security.

2.1 personal safety

The safety core of an individual consists of three layers. The first layer is personal safety, including the safety of life, body, health, personal freedom and the related living environment that affects personal safety. The second level is the security of property owned by individuals, and the third level is the social and psychological security of individuals as community species, including privacy, respect, etc.

2.2 organizational safety

An organization realizes its own value around a specific value proposition. The security of an organization also includes three levels. The first level is the financial security of an organization / the security of its existence. The normal operation of any organization is based on funds. The financial situation determines the life and death of an organization. The second layer is the realization of the security of the organization's value. The organization needs to realize its own value through a series of activities. It is necessary to guarantee the realization of the organization's own value. The third level is the social security of the organization. The organization is a social group. Whether it can exist and operate normally and gain social identity requires a certain social security foundation.

2.3 national or ethnic security

The state represents a more overall interest, including the security of territory and sovereignty, the security of foreign interests (such as national trade and national investment), the security of internal social order (social, economic and financial), and the security of national development space (resources, science and Technology).

2.4 security of human community

This piece is rarely mentioned, but with the development of biotechnology and AI technology, human beings, as some communities, will form some security consensus.

From the perspective of human security needs in the real world, there are many kinds of security. When we regard information and computer network system as a kind of property, the security system from the perspective of information security or network security is matched, but when people and organizations are active in cyberspace, they will bring other levels of security issues to the cyberspace, which may exceed the dimension of assets.

3、 Thinking about enterprise security system from the perspective of organization's security demand

Return to the specific thinking of enterprise security. Enterprise is one of the most common forms of organization, so the security of enterprise also includes three levels:

3.1 the financial safety of the enterprise is ignored.

3.2 enterprise value realization safety

The core goal of an enterprise is to achieve its own value and profit by providing products or services to third parties legally. The core process for an enterprise to realize its own value can be expressed by the enterprise value chain:

Around the enterprise's value chain, we can understand the security of the realization of four types of enterprise's value

3.2.1 asset safety

The goal of an enterprise is to obtain legitimate profits by providing valuable services or products to third parties. In this process, enterprises need to have capital operation to transform capital into enterprise assets, means of production, equipment and products or services. For valuable entity funds, assets, means of production, equipment and products, they may suffer harm or loss:

Loss that may be caused by malicious acts inside and outside.

Possible damage due to poor internal management.

Generally speaking, from the perspective of security, we pay more attention to the first situation. In this case, we can see that the source of threat and malicious personnel inside and outside want to illegally occupy (ownership) the funds, assets, equipment and means of production of the enterprise, or illegally use them for profit (illegal use right) or damage through illegal behaviors. From the perspective of security, it will According to the value dimension of assets, we design a trust system to access assets, check and identify the illegal controlled use and operation of assets, so as to achieve the purpose of asset security.

3.2.2 business security

In the process of realizing its own value, an enterprise inevitably carries out various business activities with customers or partners, which may involve security risks, mainly including:

Malicious customers or partners may use fraud to bring losses to the enterprise.

Some customers get more benefits through unfair way, which brings unfair to other customers of the enterprise and causes harm to the enterprise.

Malicious personnel through the information obtained in business activities, counterfeiting the identity of enterprises or related personnel of enterprise products to cheat the third party brings harm to enterprises.

The harm to enterprises, customers or partners caused by business behavior in high-risk environment.

3.2.3 production safety

Enterprises need to present their own value by providing their own products and services. In the process of production and service provision, there may be many production safety risks, mainly including:

It needs to work in a dangerous environment, which may bring harm or loss to the assets of the enterprise, the employees of the enterprise and the third party related to the surrounding environment.

It is necessary to use production equipment and means of production with a certain degree of risk for operation. Due to the quality problem of the safety attribute of production equipment, or the poor management or operation of production equipment and means of production, it may bring harm or loss to the assets, employees and related third parties of the enterprise.

There are defects in the quality control of products with safety attributes (toxic, explosive, non insulation, etc.) that need to be processed in multiple processes, resulting in the output of products to bring harm or loss to customers, partners and related third parties of the enterprise.

3.2.4 ecological security

In the modern production process, it is difficult for an enterprise to independently complete all the value chain processes from the initial raw materials to the products and then to the customers. We need partners to work together. There may be security risks, mainly including:

The products, equipment and raw materials delivered by the partners for production purposes may have quality problems with safety attributes (toxic, explosive, non insulating, etc.), and the final conduction is production safety problems.

The product, equipment or service delivered by the partner for the enterprise may have its own security problems that can be used by malicious people.

By providing services to enterprises, partners can obtain data, information, knowledge and intelligence related to enterprise operation. Partners may deliver this data and information to other unlicensed third parties, such as competitors, which may bring risks to the enterprise. (in enterprise competitive intelligence, there are cases in which an enterprise establishes a supply chain company to supply goods at a lower price to its competitors to obtain information about their operations and major orders.)

3.2.5 summary

Asset security: focus on the damage and loss of the value of the property that the protected user has ownership or custody responsibility.

Business security: focus on the harm and loss to the business in the business process.

Production safety: focus on the hazards and losses that may be brought to the enterprise, employees and external third parties due to the problems in the production environment, means of production, equipment and production process.

Ecological security: focus on the upstream and downstream supply chains and partners of enterprises, production security problems caused by the transmission of products and services delivered by supply chains and partners, and the security of information and data obtained by supply chains and partners in cooperation.

The summary is as follows:

Threat source

Threat behavior

Threatened object

Assets safety

Internal and external malicious personnel

Theft and invasion

Enterprise property

Business security

Malicious customers

External malicious personnel related to business environment

Fraudulent conduct

Enterprise business

production safety

Internal and outsourcing personnel

Operational errors

Lack of environmental protection

Lack of quality control

Enterprise property

Enterprise staff

Enterprise business

Other third parties

ecological safety

Cooperative partner

Defects in delivered products and services

Give the acquired enterprise information to a third party

Enterprise property

Enterprise staff

Enterprise business

Other third parties

The perspectives of the above are quite different:

The core of asset security is to protect the current value of the asset as the best. In order to protect the value of the asset, we can sacrifice the interests of other related parties to some extent, such as ease of use, possible harm to other third parties and so on. Therefore, the security system developed from the perspective of asset security is generally based on the safe mode of limiting asset liquidity, which protects assets through border control and reducing dangerous access.

The core of business security is to protect the maximum value of business, so it is necessary to ensure the experience and fairness of real customers while identifying the probability of malicious users. Therefore, the security system developed from the perspective of business security generally focuses on risk / credible identification and control mode of business related factors (business object, equipment, behavior), and controls risk by reducing untrusted or fraudulent transactions / businesses while not reducing legitimate transactions / businesses.

The core of production safety is to protect the process of enterprise investment to realize the potential value in the future as the best, to ensure the production efficiency and reduce the possible loss to other assets and third parties in the production process. Therefore, the safety system developed from the perspective of production safety is generally based on the behavior standard control of relevant factors (production materials, equipment, production personnel, products) in the production process, the identification and monitoring of high-risk substances, and the management and monitoring system focusing on the traceability of the whole process, so as to ensure the production efficiency, reduce the probability of external losses, and be able to cause safety accidents Post rapid positioning and disposal.

4、 Security requirements mapping of enterprise security in Cyberspace

How to use the security system in physical life to think about the security needs of enterprises in cyberspace? Regardless of the financial security of an enterprise, I think the Cyberspace Security of an enterprise can be designed according to the following architecture:

4.1 basic computer and network security

No matter how complex the virtual cyberspace human behavior is, the physical basis or computer network system that supports them, this system can bring impact on the assets, business, production, ecology and society above. Therefore, this is the foundation of everything. The core of this foundation is to put aside the perspective of other layers and take the various basic security capabilities (such as protocol security, link security, identity authentication) realized by computers and networks and the security vulnerabilities of underlying basic systems as the core.

4.2 enterprise asset security in Cyberspace

In the cyberspace, the most important assets include all kinds of information of enterprise business operation and corresponding business systems of various information applications, the actual and virtual assets of enterprises or enterprise customers represented by the information, or the rights and interests with equal interests (such as account balance, housing property rights, credits). At the same time, the security of the business information system of the enterprise is guaranteed to protect the information in a more extensive way, as well as the ability of the enterprise to use and control the information system, so as to provide services for the production of the enterprise and the customers of the enterprise.

Information security concerns that information is not illegally stolen, tampered with, can be effectively provided to legitimate businesses and personnel, and can verify its authenticity and non repudiation.

Information system security focuses on information security, focusing on the availability, reliability and controllability of information system. In order to ensure that the information system can correctly and efficiently provide services for the realization of enterprise value chain without worries.

4.3 enterprise business security in Cyberspace

In the future, enterprises will increasingly rely on the Internet to online their business (providing products and services and related business processes for third parties), which will face more and more business security problems in cyberspace.

Online business risk control: focus on the behaviors and attributes of customers using products and services or business processes, analyze the authenticity of their identities and the purpose of their behaviors, and judge that their business behaviors are in line with the business expectations of the enterprise, and will not use unfair means to obtain benefits, or use the information obtained to cheat third parties.

It transaction environment security, focusing on online transaction scenarios, to ensure that they and their legitimate counterparts are in a safe and reliable environment, or can identify unsafe environment and malicious deception information or behavior from the environment. For example, search engines mark official websites.

Big data business risk analysis: even if business behavior is launched offline, if there is more online data, business risk analysis can be conducted for specific business behavior objects, but this is easy to involve privacy protection issues.

Information fraud protection: for potential customers and scenarios prone to fraud, it is necessary to make relevant reminders, protect relevant business information, and cooperate with relevant national departments to crack down on relevant gangs.

4.4 enterprise production safety in Cyberspace

Several scenarios have begun to let production security enter the vision of cyberspace: the production process of traditional enterprises is gradually it oriented, the production process between IT systems (SOA), and the data as a new energy business.

It based production process of traditional production: for example, industrial control safety, asset safety from the perspective of attack and defense, and production safety management from the perspective of production safety, focusing on operation.

SOA between IT systems: upstream and downstream systems become a kind of output dependency, such as data services, technical capability output services, management nodes. The problems of each node will bring about production security problems.

Cloud computing and cloud SaaS services make us more and more need to put the online business system and data into the uncontrollable environment of the third party to operate. On the one hand, it is an ecological security management problem. But more often, the company's inequality makes the enterprise have no better choice, which has evolved into a problem that needs to protect the production security of the enterprise in the high-risk environment. It is not only the problem of data encryption from the perspective of asset security, but also to ensure that the production and operation can continue safely in an insecure environment.

As a new energy, data itself contains many production processes. Large demand scenarios include:

⊙ data contains sensitive elements, which may include human identification information and national security information, so Data may bring harm and loss to individuals, third parties and countries in the use and release scenarios of value mining, so there are safety and compliance requirements for the processing, use, operation, release, exchange and other production and circulation links of privacy and important data.

⊙ data needs multi-dimensional integration to create value, but often each party has its own data property rights protection, personal data and important data compliance responsibility, so it needs to be able to find a more secure multi-party data fusion environment, that is, it can produce the value of data, but also reduce the security risk of data leakage to other parties.

⊙ as the output of a business, the data itself becomes the processing chain between various systems (multiple process links). The quality problems and compliance risks of the data itself will be transmitted to the next link, which may trigger the data quality loss event or privacy violation event or national information security Disclosure Event in the follow-up link. Therefore, it is necessary to control the output of each link of data production.

4.5 enterprise ecological security in Cyberspace

The earliest discussion about supply chain security is a part of the enterprise's ecological security, but it is often ignored that under the cyberspace, there is a greater risk for partners, which is the flow security of information and data in the ecology.

Supply chain security: the IT products delivered by partners, and the IT services provided, such as data services, it capability services, SDKs, and it products, may have major security problems (such as backdoor), and the ability to respond to security problems.

The flow security of information and data in the ecosystem: on the one hand, the traditional supply chain itself can obtain a lot of enterprise information. The online business has deepened the business information and data issues that enterprises provide to the supply chain service providers, such as the user information of many enterprises that do app reinforcement services. For example, a large factory has provided a phone number small number identification service (for many black and grey businesses, the phone number used for black and grey businesses will be purchased to avoid tracing to the real identity when committing a crime, and someone on the network will specially collect and purchase some numbers to provide small number services). The business risk control of some manufacturers lacks the ability of large factories, and they will use the services of large factories, To identify whether the telephone number of customers in their business is small to control business risk, but in this way, large factories can clearly know the new customers of these small factories, including specific customers. If large factories sell these data to rival or advertising companies, it will bring about ecological security problems. On the other hand, the business collaboration ecology is online: for example, Taobao orders, logistics delivery, so that the data between enterprises must be connected. There are a lot of information and data flows between enterprises and supply chain manufacturers, which bring security and compliance challenges. But at present, there are not many enterprises that realize these problems (I have heard that the core of supply chain security of some large banks abroad is to sort out the data flow)

4.6 corporate social security in Cyberspace

For enterprises with Internet social and platform attributes, the content generated by customers, and the behavior of customers on the platform may bring social security problems. At the same time, after the online business of some traditional industries, if the production or trading platform of customer content is provided, these social security problems will also be brought. Of course, the spread of corporate brand in cyberspace is also A social security issue.

Content security: information content submitted by customers that can be presented to the public needs to be guaranteed to comply with relevant laws and regulations.

Platform security: customers' behaviors on the platform, such as selling fake goods and drugs, and initiating gambling, need to be managed and controlled.

Corporate brand cyberspace communication security: malicious people may use cyberspace to launch malicious public opinion attacks, for example, some short companies, through public opinion to influence corporate reputation and achieve short profits.

5、 Thinking about data security from the perspective of production security

Above recognition, we can use the production safety system to map to the technical route of data security to confirm. We can know the three categories of production safety. In addition to external production environment safety, we can summarize some system frameworks, as follows:

5.1 safety system for dangerous equipment and dangerous means of production

For the safety system of dangerous equipment and dangerous means of production, we

1) First of all, we need to establish a safe production environment to reduce accidents caused by high-risk environment.

2) Classified storage of hazardous production materials to avoid the risk of high-risk substances, and daily management of high-risk production equipment.

3) In the process of transportation and use of high-risk means of production, we will develop some technologies to degrade its risk, such as inert additives, to reduce the probability of risk.

4) In high-risk operation, we need to strictly follow the safety operation process for control.

5) Conduct real-time monitoring on high-risk operation behaviors.

6) Provide sensing technology to detect the leakage of high-risk substances and sense the dangerous environment in time.

7) Track and control the destination of high-risk production materials.

5.2 safety system for Safety Attribute quality assurance production

For the safety system of quality assurance production with safety attributes, we

1) First of all, it is necessary to establish a safe production environment to reduce the possible impact of high-risk environment on the quality assurance of safety attributes.

2) Classify the substances that affect the means of production to ensure the quality of safety attributes (for example, the food safety may be that the content of Kun in a certain raw material is too high, and the explosion of pressure cooker may be that some impurity in steel is too high)

3) For these impurities that affect safety properties, we will develop some technologies to extract or degrade high-risk substances.

4) During the operation, we need to strictly follow the operation process to ensure the quality.

5) For the phased products, the retained high-risk substances are detected, and the destructive quality experiment of safety attribute is carried out.

6) Record and track the operation process to ensure that the operation behavior path can be traced to provide sensing technology.

7) The path of product circulation can be traced back to the source.

5.3 data security as a production safety perspective

When we summarize these production security systems, we can see that many new directions and technologies emerging from data security are just mapped in these production security systems. In fact, the internal explanation shows that it is necessary to look at data security from the perspective of production security, which may also guide us to think and innovate.

Data security production environment:

Security of big data analysis platform: when the data are collected for analysis and processing, a more controllable security environment is needed to control the security risks intentionally or not. There are few corresponding security protection systems in the native Hadoop big data analysis platform. Some big data platform manufacturers, such as alicloud ODPs, have added some security features. Data analysis needs a more secure environment.

Ciphertext retrieval / homomorphic encryption: more and more business systems and data are stored in the third-party cloud platform. If only storage can be stored with encryption, but if it needs to be used and calculated in the third-party platform, what should be done? By means of ciphertext retrieval / homomorphic encryption, the data confidentiality and service availability are guaranteed. However, at present, the performance and the types of operations supported need to be further improved.

Multiparty Computing: a variety of homomorphic computing; scenario is that if both parties have valuable data, they need to do common computing, but they don't want each other to get their own data, which is realized through the data operation of ciphertext state. There are many medium deformations here: single party Computing: A has data, B has demand, and B's model runs in a's data environment. In this case, a's data is not available It needs to be encrypted, and the main audit model and the result information carried by the model. However, in engineering, multi-party computing is not mature. In practice, the SGX mode of introducing the third-party trust is often used instead: the data of a and B are encrypted respectively, then loaded into the memory device with SGX of trusted service provider C for decryption operation, and the decryption data is destroyed after the results are calculated.

Privacy intersection: privacy intersection is mainly for query business. A has data and B has query demand. For example, insurance companies want to find out whether customers have heart disease treatment records in medical data. Insurance companies do not want their customers to be known by the owners of medical data, and the owners of medical data do not want the insured companies to query more user privacy records, such as the specific date of medical treatment hospital and so on. Therefore, by using encryption and set operation, the insurance company submits a batch of query lists and the set of hit fields that it wants to query. The owner of medical data controls the set of data that can be queried. The intersection hit part is given by set operation, so as to protect the data of the insurance company and the owner of medical data in two ways.

Edge computing: due to the potential privacy risks brought by the collection of privacy data to the data center for analysis, the industry is trying a new system to decompose the model to the device of the customer terminal for calculation and return the calculation results, so as to reduce the data security risks of the collection of customer's privacy data back to the data center.

High sensitive data production data storage and use management:

Data classification & Classification: network security law has clear requirements for data classification, but there are so many types of data, each industry and each enterprise has great differences. The classification of data itself still faces many challenges, but from the perspective of production safety, it is a necessary step.

Automatic data recognition: with the classification and classification of data, it also needs the ability of automatic and intelligent data recognition. For example, there are many difficulties in the algorithm of semantic and digital data classification.

Data storage security: according to the type and sensitivity of data, we need to consider when storing. One is to prohibit centralized storage of data or to add certain measures to centralized storage of data, such as biometric data. One is that from the perspective of sensitive data itself, data not in a single table should be separated, which is identity data and specific business behavior data. Of course, some sensitive data is best stored after encryption or desensitization. There is also the destruction of privacy data when the authorization expires.

Data job management:

Privacy collection authorization: when collecting personal data, you must obtain the authorization of the person to be collected before collection.

Compliance of data use: after data collection, the use and processing must comply with the authorization agreement. One solution is to clean the data that meets the authorization requirements from the legal data set according to the purpose of the enterprise data business after the data authorization analysis.

Fine grained permission control: with the rise of data analysis, a large number of internal data users and processors are required to control the data types, desensitization levels, permitted data processing and operation types (such as whether statistics and association are allowed).

Data release, exchange sharing and exit compliance: the release, exchange sharing and exit of personal data and important data may affect personal privacy security and national security, and operations need to be carried out in accordance with relevant national requirements.

Data use, processing, operation and maintenance security and compliance: data may suffer from related leakage risks in processing and operation and maintenance, which need to be controlled.

Data subject rights protection: according to gdpr (in fact, there are some domestic personal information security norms), many data subject rights protection needs to be provided for individuals, such as the right to know, the right to control and the right to correct, which needs to be realized and protected by enterprises through the establishment of specific technical systems. In this way, the user's control ability in data use, processing, exchange and other links is given, resulting in the need for corresponding production processes to respond to the user's claims. (for example, when data is fused for a certain purpose, the user raises an objection and needs to be able to quickly extract the objection user's data from the whole data job.).

The whole process monitoring and audit of high-sensitivity data:

Records of high-sensitivity data processing activities: according to gdpr and personal information security specifications, if personal data is involved, data processing activities need to be recorded for compliance audit. In fact, there are still requirements for important data that have not come out, the same is true.

High sensitive data exchange and sharing leave traces and audit in the whole process: it involves the exchange and sharing of privacy and important data, but also needs to leave traces and audit in the whole process.

High sensitive data degradation technology:

Desensitization: desensitization techniques such as masking and de labeling.

Differential privacy: in data collection, how to make the collected data statistical through the distortion disturbance of data, but it can not be located to specific individuals.

K anonymity: when data is published, used, and shared, the attacker can avoid using link attack (even if the identity data is de identified and desensitized, the attacker can associate multiple linkable attributes, such as height, gender, region, and age), which need to be fuzzed to reduce chained attributes The possibility of an attack.

Data domain: if the data owner needs to split the data to multiple untrusted third parties (the most typical is data analysis outsourcing, in order to reduce the risk, we can find several outsourcing teams to split the data and work). At the same time, in order to prevent the collusion of these third parties, we need to combine the data desensitization and anti link attack to splice the data from each other back to the complete data set Algorithm.

High risk substances or environmental awareness monitoring:

Non desensitized data and desensitization intensity are not perceived enough: in the operation of high-risk data, such as release, exchange, exit, it can perceive the high-sensitivity data that may not be compliant.

Sensitive data exposure risk perception: to perceive the exposure of high-sensitivity data (such as the interface that can pull sensitive data anonymously) and monitor it.

Privacy data usage violation operation or fusion awareness: automatically identify whether there is data usage violation in the process of complex data processing.

High sensitive data disclosure awareness: if sensitive data is leaked to an environment that should not exist, how to quickly perceive it.

Traceability of operation and circulation:

Data consanguinity tracking: tracking the transfer path of data in data storage (database, file). Generally used to control data quality risks.

Data operation path traceability: the path link of data in use (such as database to middleware, middleware to service interface a, service interface a to application b). Generally used to control data quality risks related to data services.

Tracing to the source of high-sensitivity data: the last destination of high-sensitivity data, which is generally used for tracing to the source of data abuse and data leakage events.

Data export traceability: data is transferred out through non online system, and after data leakage, the way of data export can be traced. It is generally used to trace the source of data leakage events.

The research of data watermark is different from the file watermark. If it is printed on the data ontology, it can avoid the invalidation of the watermark when copying data out of the file. But if it is printed on the data ontology, it may affect the use of the data itself. Therefore, it is mainly to study how not to affect the use of the data itself and how to resist the watermark. It can also be used in many path tracing scenarios.

Product safety and quality inspection:

Desensitization quality test revealed by high-sensitivity data during product release

Data interface quality inspection

Data extraction quality inspection

5.4 summary

It can be seen that many practical scenario problems faced by new data security technologies are actually problems from the perspective of production security. But on the whole, we still lack the technology of disruptive innovation to solve these problems. One is, of course, the research on the relevant technology of data itself is very immature, the computer and data science are still very young, and the production safety system of each traditional industry is gradually mature after years of research. The other is that most of our practitioners do not realize that the core of data security is to think about the data security system from a more holistic perspective.

6、 About omniscience and technology

Quanzhi Technology (Hangzhou) Co., Ltd. is a start-up company that leads the concept and technological innovation in the field of data security. It is necessary to understand the business requirements of enterprises for data security from a new perspective to control the risks brought by data while creating due value in the circulation of data as means of production. We help our customers protect the value of data together in the wave of digital transformation by providing data security management and protection, data risk perception and traceability, data compliance and other products in the process of data production.

Note: please retain personal and company information for reprint.

© 2023