商用密码在机场旅客个人信息保护中的实践  被引量：1

作　　者：杨琪 朱明娟 王勇[2] Yang Qi;Zhu Mingjuan;Wang Yong(Beijing Capital Airport Food Management Co.,Ltd.,Beijing 100621;Beijing Capital International Airport Co.,Ltd.,Beijing 100621)

机构地区：[1]北京首都机场餐饮发展有限公司,北京100621 [2]北京首都国际机场股份有限公司,北京100621

出　　处：《网络空间安全》2023年第5期42-50,共9页Cyberspace Security

摘　　要：[目的/意义]民航机场为了向旅客提供便捷服务,采集、存储、使用了大量旅客个人信息,一旦发生泄露、被盗用或滥用事件,后果严重。随着我国《中华人民共和国数据安全法》《中华人民共和国个人信息保护法》的颁行,民航机场的个人信息保护在实战和合规双轮驱动下,已由“或有”变为“刚需”。商用密码是数据安全防护的核心手段,通过商用密码技术保障民航机场个人信息安全成为数字时代的必然要求。[方法/过程]通过分析民航机场在旅客个人信息保护工作中面临的安全挑战,结合当下安全防护的实战与合规需求,提出基于免改造安全技术和高性能商用密码技术,在不需要对民航机场业务系统升级改造、不影响数据系统运营的前提下,对系统中存储的包括个人信息在内的敏感数据进行安全保护,为民航机场打造密码安全一体化的数据保护体系。[结果/结论]基于“网络”与“数据”并重的建设思路,为民航机场设计出多维度、多种安全技术有机组合的纵深防御战法,进一步增强民航业务系统的安全防护能力,提升民航数据资产的保护水平。[Purpose/Significance]In order to provide convenient services to passengers,civil aviation airports collect,store and use a large amount of passengers'personal information,and once an incident of leakage,theft or abuse occurs,the consequences will be serious.With the successive promulgation of China's"Data Security Law of the People's Republic of China"and"Personal Information Protection Law of the People's Republic of China",the protection of personal information of civil aviation airports has changed from"contingent"to"just needed"driven by practical combat and compliance.Commercial cryptography is the core means of data security protection,and ensuring the security of personal information of civil aviation airports through commercial cryptography technology has become an inevitable requirement in the digital era.[Method/Process]By analyzing the security challenges faced by civil aviation airports in the protection of passengers'personal information,combined with the actual combat and compliance needs of current security protection,it is proposed that based on transformation-free security technology and high-performance commercial cryptography technology,the sensitive data stored in the system,including personal information,be safely protected without upgrading the business system of civil aviation airports and not affecting the operation of the data system,so as to create a cryptographic security integrated data protection system for civil aviation airports.[Results/Conclusion]Based on the construction idea of"network"and"data",this paper designs a multi-dimensional and in-depth defense method with an organic combination of multiple security technologies for civil aviation airports,which further enhances the security protection capability of civil aviation business systems and improves the protection level of civil aviation data assets.

关 键 词：旅客个人信息 商用密码 数据安全 防护体系 密码安全一体化 

分 类 号：TN918.4[电子电信—通信与信息系统]