摘要
为保障数字孪生流域建设过程中的重要数据安全,针对破解海量高精度数据汇集面临的数据窃取、泄露、损毁等问题隐患开展研究,提出网络安全基础—数据分类分级—数据安全防护的数字孪生流域数据安全总体防护方案。针对数据安全传输、存储、使用中的安全薄弱点,提出全面通用防护和应用内加密相结合的点面结合加密保护方法,利用商用密码技术对数据进行机密性、完整性、可用性保护。本研究方法已在全国水利一张图等重要系统中得到应用,可实现数据安全保护和便捷高效应用平衡,广泛适用于数字孪生流域建设中的水利重要数据全生命周期保护。
In order to ensure the security of important data during the construction of digital twin basin,this paper mainly focuses on the hidden risks of data theft,leakage,and damage faced by cracking massive high-precision data aggregation,and proposes a comprehensive protection plan for data security in digital twin basin based on network security foundation-data classification and grading-data security protection.In view of the security vulnerabilities in data transmission,storage,and usage,a combining the point and surface encryption protection method combining full universal protection and application-level encryption is put forward,using commercial cryptographic techniques to protect data confidentiality,integrity,and availability.This research method has been applied in important systems such as the map of national water conservancy,achieving a balance between data security and application efficiency.Thus it can be widely applicable in water conservancy important data lifecycle protection of digital twin basin construction.
作者
付静
周维续
詹全忠
张潮
FU Jing;ZHOU Weixu;ZHAN Quanzhong;ZHANG Chao(Information Center,Ministry of Water Resources,Beijing 100053,China)
出处
《水利信息化》
2024年第1期1-5,共5页
Water Resources Informatization
基金
国家重点研发计划项目(2021YFB3900600)。
关键词
水利数据
重要数据
商用密码
点面结合
数字孪生
数据安全
网络安全
water conservancy data
important data
commercial encryption
combining point and surface
digital twin
data security
network security
