TID-MOP:面向数据交易所场景下的安全管控综合框架  被引量：7

作　　者：杜自然 窦悦[2] 易成岐 洪博然 谷明泽 李琳 Du Ziran;Dou Yue;Yi Chengqi;Hong Boran;Gu Mingze;Li Lin(Department of Platform Research and Development,Greater Bay Area Big Data Research Institute,Shenzhen 518048,China;Department of Big Data Development,State Information Center,Beijing 100045,China;Department of Engineering Management,Greater Bay Area Big Data Research Institute,Shenzhen 518048,China)

机构地区：[1]深圳市数聚湾区大数据研究院平台研发部,深圳518048 [2]国家信息中心大数据发展部,北京100045 [3]深圳市数聚湾区大数据研究院工程管理部,北京518048

出　　处：《数据分析与知识发现》2022年第1期13-21,共9页Data Analysis and Knowledge Discovery

基　　金：国家社会科学基金青年项目(项目编号:18CSH018)的研究成果之一。

摘　　要：【目的】为促进数据交易所安全合规发展,本文针对数据交易所场景下的数据交易风险、数据安全风险与基础安全风险,提出兼顾技术路径与机制保障的数据交易安全管控综合框架。【方法】运用文献调研法,梳理近几年国内外数据交易安全领域的技术与管理研究现状,结合数据交易所实践,提出技术与机制相结合的"TID-MOP"数据交易安全管控体系。【结果】"TID-MOP"综合框架设计了实现交易安全的"三分三合"核心技术架构,即"业务流、计算流、资金流相分离,通过区块链汇合流通环境";"撮合实验环境与生产计算环境相分离,通过模型管理、数据管理联动计算环境";"数据计算与安全监管相分离,通过控制管理中心统一管理监管环境",提升了数据流通和交易安全性,实现了全流程的安全控制和统一监管。【局限】需进一步研究验证安全管控综合框架的实际运行效率。【结论】"TID-MOP"数据交易安全管控综合框架以数据交易过程为核心,为数据交易业务的发展与创新提供重要参考。[Objective] In order to promote the safety and compliance development of data exchange, this paper proposes a comprehensive framework of data transaction security management and control which takes both technical path and mechanism guarantee into account for data transaction risk, data security risk and infrastructure security risk in data exchange scenarios. [Methods] Using literature research method, this paper reviews the current literature of technology and management in the field of data transaction security at home and abroad.Combining the practice of data exchange, this paper puts forward a“TID-MOP”data transaction security management and control framework which contains both technology and mechanism. [Results] The“TID-MOP”comprehensive framework designs a core technology architecture to realize transaction security, that is,“separation of business flow, computing flow and capital flow, and convergence of circulation environment through blockchain”;“Separate the experimental environment from the production computing environment, and link the computing environment through model management and data management”;“Data computing is separated from safety supervision, and the supervision environment is uniformly managed through the control and management center”. The technology architecture improves the safety of data circulation and transaction, and realizes the safety control and unified supervision of the whole process. [Limitations] Further research is needed to verify the actual operation efficiency of the comprehensive framework. [Conclusions] The“TID-MOP”framework takes the data transaction process as the core, and provides an effective reference for the development and innovation of data transaction.

关 键 词：数据交易所 数据交易安全 技术路径 机制保障 

分 类 号：TP391[自动化与计算机技术—计算机应用技术]