从“透明人”到“践行者”:高校信息安全面临的挑战与应对——《2021地平线报告(信息安全版)》之启示  被引量：17

作　　者：李艳[1] 陈新亚 孙丹 朱雨萌 翟雪松 Li Yan;Chen Xinya;Sun Dan;Zhu Yumeng;Zhai Xuesong(College of Education,Zhejiang University,Hangzhou Zhejiang 310058)

机构地区：[1]浙江大学教育学院,浙江杭州310058

出　　处：《远程教育杂志》2021年第3期11-19,共9页Journal of Distance Education

基　　金：2019年度国家社科科学基金重大项目“人工智能促进未来教育发展研究”(项目编号:19ZDA364)子课题“人工智能支撑大规模教育的个性化实现研究”的研究成果;中央高校基本科研业务费专项资金“基于多模态情感计算的自适应学习信息系统架构及应用策略研究”资助。

摘　　要：技术的“双刃剑”效应在教育应用中也未能例外,大数据和人工智能等新兴技术在推动着高等教育现代化进程的同时,也给高校信息安全带来了巨大的风险与挑战。在各种教育数据采集和分析过程中,高校师生很容易成为“透明人”,这促使技术伦理和隐私保护议题被提上日程。2021年2月,美国高等教育信息化协会(EDUCAUSE)发布了《2021地平线报告(信息安全版)》,该报告以信息安全为主题,重点分析了未来影响高校信息安全的六项关键技术和实践,主要包括:云供应商管理、端点检测与响应、多因素验证和单点登录、保存数据的真实性和完整性、研究安全性以及学生数据隐私和管理。目前,我国高校信息安全领域也面临着诸多风险与挑战,如数据采集过程中的合法性和真实合理性问题、数据存储和共享过程中的泄露问题以及数据分析与应用中的价值伦理取向问题等。在此背景下,《2021地平线报告(信息安全版)》的发布,给我国高校应对信息安全挑战带来了有益的启示:加快顶层框架设计,完善职能部门责权;利用技术制约效应,建立自评自测体系;探索校企联防机制,严守数据安全红线;普及技术伦理教育,践行信息安防行为。The“double-edged sword”effect of technology is not an exception in education domain.Emerging technologies,such as big data and artificial intelligence,are promoting the modernization of higher education,as well as bringing huge risks and challenges to the information security.In all kinds of educational data collection and analysis,teachers and students in colleges and universities are easy to become“transparent people”,and issues of ethics and privacy protection are put on the agenda.In this situation,EDUCAUSE published the report of 2021 EDUCAUSE Horizon Report(Information Security Edition)in February 2021.Rather than previous reports on analyzing the trends in the technology application,the theme shed light on analysis of information security that will affect higher education,including cloud vendor management,endpoint detection and response,multifactor authentication and single sign-on,preserving data authenticity/integrity,research security,and student data privacy and governance.The recent years have witnessed risks and challenges brought from information security in China’s higher education,such as the legality,authenticity and rationality of data collection process,the issues in data storage and sharing,and the ethical evaluation in data analysis and application.This report provides enlightenment for our country’s response to the challenge of information security in higher education from the following four aspects:firstly,speeding up construction of the top-level framework and improving the responsibilities and powers of functional departments;secondly,utilizing the feature of technological constraints to establish a self-evaluation and self-test system;thirdly,exploring school-enterprise joint defense and strictly observing the red line of data security;and finally,popularizing technical ethics in education and practicing information security behavior.

关 键 词：地平线报告 高等教育 信息安全 技术伦理 数据安全 

分 类 号：G434[文化科学—教育学]