On the security of Digital archives information in cloud environment
Source: Internet
Author: User
KeywordsDigital archives Cloud environment information security
The advent of cloud computing has proclaimed the advent of Low-cost supercomputing, which has pushed human society into an era of hyper-sharing with its superior computing power, low cost and high efficiency, and the construction of digital archives has entered a qualitative change. In the past two years, all the archives have considered relying on the existing hardware network equipment to build a national and regional cloud computing platform to achieve the unified management of huge amount of archival information. The system platform of cloud computing architecture can make a large number of file servers work together, conveniently carry out archival business deployment and opening, quickly discover and recover the system faults, and bring the quality change to the daily Office and Archives management work of archivists.
Although cloud computing boasts "the most reliable and secure way to store data", according to the IDC survey, nearly 75% think Cloud security is the biggest obstacle to the development of digital archives. If the confidentiality of files is threatened, the validity of digital archives is questioned, and the information of files is randomly copied, downloaded and printed, it may cause immeasurable risks to enterprises, society and even the country.
At present, cloud computing at all levels of application, the actual level of security can be achieved many uncertainties. While cloud computing can improve efficiency and reduce capital and operating costs, security issues may negate these benefits. So, what is the information security threat in the digital archives under the cloud environment?
Gouffouin Information Security experts Analysis: the first is the security of digital archives information content. Data of digital archives in cloud computing environment, procedures are not on the library machine, how to prevent the accidental loss of data, damage and illegal collection, processing, use, how to ensure that the right users at the right time to access the correct data in the cloud, as well as the data risk, data isolation risk, data recovery risk, The survey supports risk and long-term development risk, so that data access to absolute security will become the most basic requirements.
As a cloud security Service provider, Gouffouin information security experts believe that in order to ensure the information security of digital archives, first of all, access control and authority management should be directed to the users. The purpose of access control is to ensure that each file data is not illegally accessed and used. Because the cloud itself not only centralizes the storage of various resources, but also has a high degree of complexity in the cloud environment, these vulnerabilities can easily be exploited to provide hackers with the opportunity to find security vulnerabilities in the cloud environment to steal user information or to corrupt archival information. Role-based User Rights Management is to ensure that the right users are accessing the right resources in the cloud at the right time. Users log into the cloud environment of digital archives Browsing, retrieval, download, create, update and other operations, but not every user can do all the operation, different users have different permissions. such as file data Update, maintenance, development and utilization, as well as user data updates, the staff of the archives are responsible. This requires the cloud environment to the ordinary users, archives staff and cloud computing service providers to conduct a reasonable division of authority and management to ensure data security.
The second is the system security problem. Because all archival resources are stored on the cloud, users are required to link the application and documents that provide the service through the Network Bridge. In a cloud environment, most of the user's service system updates and upgrades are performed remotely by the user, rather than by a traditional locally updated version, each of which can pose potential security issues and challenges to the original security policy. Therefore, Gouffouin information security experts suggested that in the cloud environment to establish a security assessment and supervision system, but also to improve the digital archives cloud security awareness.
Again, the use of advanced technical means to help the system to the ground. According to Gouffouin more than 10 years of information Security Service experience, it is far from enough to rely solely on the improvement of security awareness to prevent the risk. and advanced, rigorous audit technology can help to achieve the assessment and supervision system landing. The objective of the audit is to manage the network operation behavior under cloud environment comprehensively. By recording and analyzing each step of the user, and generating the visual analysis report, the detailed log record of the audit system is provided to realize real-time monitoring. At the same time, through the authorization of the identity of the administrator, for Audit Rights Management, only authorized administrators and trusted users have the right to use the management function, the greatest degree to reduce security risks.
Finally, Gouffouin information security experts believe that standards and policy and regulation of the formulation and improvement is also imperative. As a pioneer of a variety of standards, Gouffouin will rely on a wealth of operational and service experience to actively promote the establishment and improvement of the relevant standards of digital archives. Gouffouin believes that with the mature application of cloud computing technology in other fields, it will be widely used in the construction of digital archives, which has great application value and practical significance to promote the construction of digital archives.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.