To a certain extent, the issue of big data security has brought about the fiery and value of blockchain technology. Emphasizing the construction of blockchain technology with trust, its application scenario is slowly emerging. Experts present the blockchain technology in The value of application cases such as 'Superbooks' is located. How to define and determine whether there are bubbles in the blockchain has also become one of the hot topics discussed by experts and scholars of the 'Digital Expo'.
Every Reporter Wang Lin Photographs Every edited by Junjie Chen
In April this year, the National Cyber Security and Informatization Conference was held in Beijing. The impact was far-reaching. On the “Digital Fair” held in Guiyang from May 25th to 29th, the issue of big data security was still one of the hot topics of discussion. A number of experts expressed that data security is the premise of data value.
With the deepening understanding of big data security issues, participating experts believe that the key basic information facilities are the most important aspect of network security, and the standard system of certification testing is an important means to solve the protection of basic information facilities. In addition to standardization, Big data security has to emphasize controllability. In addition, with the EU's GDPR in force, personal big data security is considered to be equally important as national security.
Big data security should emphasize controllability
The leakage of Facebook user information is an important event node under the issue of big data security. Its influence is still pending.
The other side of the data security issue that has become increasingly prominent is the proliferation of data. Vice Minister of Industry and Information Chen Xiongxiong stated at the 'Digital Fair' that it is expected that by 2020, the global share of China’s total data will reach 20%, and China will become the data volume. Largest, one of the most data-rich countries.
In response to the security problems in the era of big data, as early as the end of 2016, China introduced the “Network Security Law” and officially implemented it on June 1, 2017. At the same time, the National Information Security Standardization Technical Committee continued to The "White Book on Big Data Security Standardization" of 2017 and 2018 was formulated.
'However, our standards and laws and regulations are not implemented to a very high extent, and companies' self-prevention capabilities and control of safety are also inadequate.' Wei Wei, Director of China Cyber Security Review Technology and Certification Center, said, 'Data ownership must be available. Control'.
Also stressing on controllability is Ni Guangnan, an academician of the Chinese Academy of Engineering. He said that the fact that core technologies are subject to people will not only bring supply chain risks, but also bring about security risks. The latter is as serious as the former; China needs to be broken in the area of cyberspace. Foreign monopoly, reducing the degree of foreign technology dependence.
Basic information facilities protection is the key
The key basic information facilities are considered to be the top priority of network security, and the current key information infrastructure is also vulnerable to attacks. For example, the Ukrainian power system was invaded by malicious code in 2015, and the US disconnected network in October 2016.
On July 11, 2017, the State Internet Information Office drafted and promulgated the "Regulations on the Safeguarding of Critical Information Infrastructure Security (Draft for Solicitation of Comments)" in conjunction with relevant departments. The Regulations will provide guidelines for supervisory authorities and operators.
Standard formulation is the main method to strengthen the protection of key basic information facilities. Countries all over the world also adopt standard measures, inspection, inspection, certification and other means to build network and information security protection system.
The infrastructure for certification and inspection can effectively protect the security system, protect big data security from the source, promote institutional rules, improve the quality of supply of big data product systems and applications, establish and transfer trust, and promote the open and sharing of big data. The chief engineer of the Accreditation Administration and Management Committee, Min Shumin said.
In 2016, China also issued a standard system for information security product certification by the National Certification and Accreditation Regulatory Commission.
In addition to the formulation of standards, Shen Changxiang, academician of the Chinese Academy of Engineering, stated, 'Our calculation science still lacks the offensive and defensive concept, the system lacks protective parts, and engineering applications have no safety services; that is, we have already had defects in design and manufacturing. These Defects can be exploited for attack. Therefore, it is difficult for us to form a security proposition for attacking networks in the face of human-use defects.
In this regard, Shen Changxiang proposes to establish an active immune computing framework, that is, to adopt a safe and trusted strategy to control and coexist with the active immunity of protection, and change the traditional one-sided computational efficiency rather than safety protection.
In addition, the same technological innovation is also reflected in data encryption. Pan Jianwei, an academician of the Chinese Academy of Sciences, said that the existing information security bottlenecks, which rely on computational complexity of classical encryption algorithms, can be broken in principle. Quantum communication is, in principle, unconditional security. Communication method.
Personal big data security is equally important
On May 25 of this year, the EU's "General Data Protection Regulation" (GDPR), which is known as the strictest data protection regulation, came into effect.
'In the era of big data, personal privacy and national security are equally important.' Wei Wei said.
The laws and regulations for privacy protection of personal data in China are mainly embodied in the “Network Security Law.” Article 45 states: The departments and their staff who are legally responsible for the supervision and management of network security must have personal information that they know in performing their duties. Privacy and trade secrets are strictly confidential and must not be disclosed, sold or illegally provided to others.
However, in fact, the incidents of personal data leakage in our country have occurred from time to time. There are even black business chains for data transactions.
'The companies that have control over a large amount of data have not kept up with their personal data privacy protection awareness, willingness, and ability.' Wei Wei said, 'We have done a good job some time ago, that is, the privacy provisions of Internet service companies are This is fine, but from the normative point of view, the specification itself needs to be standardized, which means that the same thing is not the same in privacy terms.
It is worth mentioning that many companies have also expressed their respect for and importance of personal data privacy at this Expo.
'The EU's GDPR regulations come into force, which also specifically emphasizes that genetic data is highly sensitive data, and you have to re-examine your privacy rules.' said Yang Meng, head of blockchain of Huada Gene Technology Co., Ltd., 'We hope to give All personal data is given good privacy protection, full traceability and supervision.