Dynamic security assessment mechanism for the entire lifecycle of scientific data
Scientific data are strategic and fundamental resources for scientific research and innovation and socio-economic development.Data sharing under open science can accelerate scientific progress and innovation.Scientific data,generated from scientific research activities,require dynamic security access control throughout their entire lifecycle.Scientific data security is the adoption of measures to ensure that scientific data can be effectively protected and legally utilized in a state of continuous security.Based on the three characteristics of confidentiality,integrity and usability,scientific data security is more dynamic.Along with data processing activities and data security testing,the data processors,user credibility and data confidentiality level are undergoing dynamic changes,and data security management should be dynamically adjusted accordingly to achieve the purpose of protection.However,a corresponding security assessment mechanism has not been established yet,and there is a lack of pertinent assessment indicators,models,and methods.This paper provides a comprehensive analysis of the current state and shortcomings of scientific data security assessment research.For the first time,it proposes a dynamic security assessment model,a security metrics system,and an evaluation method applicable to the full lifecycle of scientific data,thereby establishing a scientific data security assessment mechanism.The scientific data security assessment index system proposed in this paper includes infrastructure security,data transmission security,data storage security,data backup and recovery,security management system and other aspects.The system evaluates scientific data security from multiple aspects such as data generation,processing,transmission,storage and management.Then this paper gives a dynamic security model(DSM).The DSM model is based on trustworthy authentication and measurement,defines the trustworthiness of indicators,and can dynamically analyze the dynamic changes of safety assessment information during the operation of scientific data systems.Based on the DSM model and the corresponding indexes,this paper gives the assessment method and the corresponding process of scientific data,including the life cycle of scientific data generation,transmission,processing,management and storage.Based on the DSM model,subjective and objective weights are calculated for multidimensional indicators using hierarchical analysis and entropy weighting methods,respectively,followed by a gray correlation decision-making method based on the combination of weights,which realizes a comprehensive assessment of the security of scientific data by integrating subjective and objective weights of quantitative characterization into the security assessment.These findings have been further applied to the practice of secure access to scientific data on the Tibetan Plateau to verify the scientific validity and feasibility of the proposed security assessment mechanism.The dynamic assessment of scientific data by the National Tibetan Plateau Data Center is a success of the scientific data safety assessment mechanism.The scientific data security assessment mechanism of the Tibetan Plateau Data Center helps scientific research teams to balance sharing and security in handling various types of data,so that various types of researchers can efficiently access and use the data while allowing them to obtain basic data intellectual property protection in the process of data use.The security assessment mechanism of scientific data proposed in this paper is of great significance for realizing the security management of scientific data.
scientific datadata security standards and systemsregional developmentdata serviceNational Tibetan Plateau Data Center
聂晓伟、潘小多、李新、汪寿阳、金婧、杨洋
展开 >
中国科学院青藏高原研究所,国家青藏高原科学数据中心,北京 100101
西藏大学生态环境学院,拉萨 850000
广东省灵山论坛科学中心,广州 511466
中国科学院数学与系统科学研究院,北京 100190
中国人民大学生态环境学院,北京 100872
展开 >
scientific data data security standards and systems regional development data service National Tibetan Plateau Data Center
NETL
NSTL
万方数据
