| Security risks in the course of tread secret data of illegally leaked, tampered and counterfeited without authorization, such as identity, credit cards, location, behavior, preferences, and other private data become the main target to ulterior motives people, stealing for profit. In order to reduce the possibility of sensitive data from being illicitly utilized, national authorities, corporate trade secret protection technical standards issued. Meanwhile, relevant research institutions and enterprises at home and abroad, data desensitization techniques and model studied and applied. The effectiveness of the data services is maintained, as well as the sensitive information covered. By correlation technology and algorithm of data processing, convert the original message into the same business rules and the actual service attributes included, alternative data information without having real business function. Achieve the purpose of effectively reducing the risk of sensitive data leakage.Rely on study of “Risk management of Information technology in Banking”, based on trade secret protection Technical Specifications of central enterprises, protection needs of sensitive data analyzed about core commercial secret, common commercial secret, internal sensitive for current banking. On the analysis, classification of sensitive customer information is given, the nature and content of bank customers considered. Based on the confidentiality, integrity and availability of sensitive data, the value of its security classified, classification and grading methods is proposed., Safety management on full lifecycle of definition, extraction, desensitization, transport, use and destroy of sensitive, sensitive information protection technology adopted, a model of banking customer sensitive data is designed, studying on sensitive data without dependence reversible, repeatability, business representative, completeness, relevance, completeness, and traceability. Finally, desensitization system of banking data, on the model, realized the data desensitization application, desensitization rules' settings, desensitization processing, output controls, analysis of desensitizing effect and other functions. Tests show that the data desensitization platform reached the target, reduce the risk of sensitive data leakage.Specific work in this thesis include:(1) Needs of sensitive data security in current banking analyzed;(2) Classification and grading methods for sensitive information of banking customers is proposed;(3) A desensitization model for banking customer sensitive data designed;(4) Implemented a desensitization system for banking sensitive data, testing and analysis, the feasibility and applicability of the model was verified.This study for reducing risks of illegally leaked and use, tampered without authorization has a certain practical significance and value, to achieve sensitive information of trade secret sharing and utilization, important support provided. |
PDF Full Text Request