关键词: 安全中台, 数据安全中台, 安全能力抽象, 安全职能划分, 安全能力复用

Abstract:

Data is an important asset of an enterprise, and there are significant challenges in data security management. This paper proposes to solve the problem of data security management by establishing an enterprise-level middle platform of data security, ensure data security in the whole life cycle, and build the lifeline of enterprise data. The middle platform of data secrity provides security service capability through three steps: first, judge the security business boundary to form a relatively function boundary; Then the reusable part is abstracted into a security module component; Finally, business association and incremental packaging are performed between module components to provide security capabilities. The method in this paper can solve the problem of “repeatedly building wheels” in the data security industry, and further solve the problem of security boundary division and data islands of traditional platforms.

Key words: middle platform of security, middle platform of data security, abstraction of security capability, security boundary division, reuse of security capability