面向共享的数据存储平台安全体系建设——科学数据银行的建设实践
收稿日期: 2024-01-31
录用日期: 2024-06-04
网络出版日期: 2024-10-01
基金资助
国家重点研发计划项目(2023YFF0616900)
Construction of a Secure System for Data Sharing Repository: the Practice of Science Data Bank
Received date: 2024-01-31
Accepted date: 2024-06-04
Online published: 2024-10-01
开放科学数据是开放科学中的必要组成部分,平衡科学数据的开放共享与安全防护是开放数据实践中面临的重要问题。科学数据存储库作为数据共享主要的承载平台,在确保开放共享中的数据安全等关键问题上,发挥着重要作用。本研究通过ScienceDB的具体业务场景分析,构建了面向通用型数据存储库科学数据银行的数据安全治理体系框架。该框架在信息系统安全等级保护基本要求(三级)的基础上,重点在安全组织制度、资源安全管理、环境安全管理三个维度展开了设计和建设。研究总结了科学数据银行安全体系建设成效,从顶层布局到建设实践层面,对数据存储库的安全建设提出建设建议。
关键词: 数据开放共享; 数据安全; 数据存储库; ScienceDB数据安全治理框架
姜璐璐, 王鹏尧, 李宗闻, 李成赞, 廖方宇, 周园春 . 面向共享的数据存储平台安全体系建设——科学数据银行的建设实践[J]. 农业大数据学报, 2024 , 6(3) : 351 -362 . DOI: 10.19788/j.issn.2096-6369.000030
Open research data is a necessary component of open science. But balancing the open sharing with security protection represents a significant challenge in the practices. Data repository, as a primary support digital infrastructure for data sharing, play an important role in ensuring the security of data shared in an open environment. This study, through specific business scenario analysis, constructs a data security governance framework for Science Data Bank, a generalist data repository. The framework, basing upon the basic requirements of information system security level protection (Level Three), focuses on three dimensions including security organizational systems, resource security management, and environmental security management. Finally, this study summarizes the effectiveness of the security system construction for the Science Data Bank, proposes suggestions for the construction of a secure data repository from the top-level layout to the practical level of constructions.
| [1] | 郑思聪. 联合国教科文组织通过《开放科学建议书》[J]. 科技中国, 2022(5):102-104. |
| [2] | The State of Open Data 2023. Digital Science. Report. https://doi.org/10.6084/m9.figshare.24428194.v1 [2023-12-22]. |
| [3] | LANDI A, THOMPSON M, GIANNUZZI V, et al. The “A” of FAIR-As open as possible, as closed as necessary[J]. Data Intelligence, 2020, 2 (1-2): 47-55. doi: https://doi.org/10.1162/dint_a_00027. |
| [4] | 谢祎, 何波. 中国数据法律制度体系研究[J/OL]. 大数据: 1-22[2023-12-22]. http://kns.cnki.net/kcms/detail/10.1321.G2.20231012.1510.008.html. |
| [5] | Springer Nature. Legacy Data Policy Types.[EB/OL][2024-01-17]. https://www.springernature.com/gp/authors/research-data-policy/research-data-policy-types. |
| [6] | STM. STM is Committed to Supporting Research Data Sharing. 2020. https://www.stm-assoc.org/2020_10_16_STM_is_commited_to_data_sharing.pdf. [EB/OL] [2023/12/04]. |
| [7] | 中国科学技术协会,国际科学、技术与医学出版商协会. 中国开放获取出版发展报告(2022)[R]. |
| [8] | 毛欣娟, 任珈炎. 国家安全视域中我国数据主权安全面临的挑战及其对策[J]. 社会治理, 2023(1):41-51. |
| [9] | 姜璐璐, 张泽钰, 李宗闻, 等. 全球科学数据仓储平台的建设实践现状与展望[J/OL]. 中国科学数据, 2023, 8(1). (2023-03-27). DOI: 10.11922/11-6035.csd.2023.0027.zh. |
| [10] | 盛小平, 郭道胜. 科学数据开放共享中的数据安全治理研究[J]. 图书情报工作, 2020, 64(22): 25-36. |
| [11] | 李善青, 郑彦宁, 邢晓昭, 等. 科学数据共享的安全管理问题研究[J]. 中国科技资源导刊, 2019, 51(3):11-17. |
| [12] | 徐淋楠, 段美珍, 寇晶晶. 开放共享环境下科学数据安全治理路径[J]. 中华医学图书情报杂志, 2022, 31(6):1-8. |
| [13] | LIN D, CRABTREE J, DILLO I, et al. The TRUST principles for digital repositories[J/OL]. Scientific Data, 2020. https://doi.org/10.1038/s41597-020-0486-7. |
| [14] | 韩鹏. 小规模团队的敏捷开发研究[J]. 软件工程师, 2011(7): 42-46. |
| [15] | SINGH C, GABA N S, KAUR M, et al. Comparison of different CI/CD tools integrated with cloud platform[C]// 2019 9th International Conference on Cloud Computing, Data Science & Engineering (Confluence). IEEE, 2019: 7-12. |
| [16] | ScienceDB帮助中心. https://www.scidb.cn/help?p=data_policy [CP/OL][2024-03-10]. |
| [17] | RAO B T. A study on data storage security issues in cloud computing[J]. Procedia Computer Science, 2016, 92: 128-135. |
| [18] | FANG Y, ZHU H, LU G, et al. Modeling and Verifying MooseFS in CSP[C]// 2018 IEEE 42nd Annual Computer Software and Applications Conference (COMPSAC). IEEE, 2018, 1: 270-275. |
| [19] | WEIL S A, BRANDT S A, MILLER E L, et al. Ceph: A scalable, high-performance distributed file system[C]// Proceedings of the 7th symposium on Operating systems design and implementation. 2006: 307-320. |
| [20] | MongoDB. https://github.com/mongodb/mongo. [CP/OL][2024-01-17]. |
| [21] | ElasticSearch. https://github.com/elastic/elasticsearch. [CP/OL][2024-01-17]. |
| [22] | Dimensions. https://www.dimensions.ai/. [DB/OL][2024-01-17]. |
| [23] | RETTBERG N, SCHMIDT B. OpenAIRE-Building a collaborative Open Access infrastructure for European researchers[J]. LIBER Quarterly: The Journal of the Association of European research libraries, 2012, 22(3): 160-175. |
| [24] | BURTON A, KOERS H, MANGHI P, et al. The Scholix framework for interoperability in data-literature information exchange[J]. D-Lib Magazine, 2017, 23(1/2). |
| [25] | WEIBEL S L, KOCH T. The Dublin core metadata initiative[J]. D-lib magazine, 2000, 6(12): 1082-9873. |
| [26] | DEVARAKONDA R, PALANISAMY G, GREEN J M, et al. Data sharing and retrieval using OAI-PMH[J]. Earth Science Informatics, 2011, 4: 1-5. |
| [27] | GUHA R V, BRICKLEY D, MACBETH S. Schema. org: evolution of structured data on the web[J]. Communications of the ACM, 2016, 59(2): 44-51. |
| [28] | SciChan. https://www.scichain.cn/. [CP/OL][2024-01-17]. |
| [29] | AKKAR M L, GIRAUD C. An implementation of DES and AES, secure against some attacks[C]// Cryptographic Hardware and Embedded Systems—CHES 2001: Third International Workshop Paris, France, May 14-16, 2001 Proceedings 3. Springer Berlin Heidelberg, 2001: 309-318. |
| [30] | Skywalking. https://skywalking.apache.org/. [CP/OL][2024-01-17] |
| [31] | Sentry. https://sentry.io/. [CP/OL][2024-01-17]. |
| [32] | Site24x7. https://www.site24x7.cn/. [CP/OL][2024-01-17]. |
| [33] | STAFFORD V A. Zero trust architecture[M]. NIST special publication, 2020, 800: 207. |
| [34] | 阙天舒, 王子玥. 数字经济时代的全球数据安全治理与中国策略[J]. 国际安全研究, 2022(1):130-154. |
/
| 〈 |
|
〉 |