随着民航空管信息化建设的持续深化, 空管系统作为支撑航空运输业高效、 安全运作的关键, 面临着数据交换安全性、 实时性和高效性的严峻挑战, 实现跨行业、 跨业务领域、 跨组织机构的多源异构空管运行数据安全交换成为当前空管系统信息化建设的重要任务。该文聚焦多源异构空管运行数据安全自动分级模型的构建, 旨在通过自动化和智能化的手段对多源异构空管运行数据安全进行自动分级。根据空管运行数据所属业务类型, 构造空管运行数据安全分级数据集, 并设计13项安全分级特征以全面反映数据安全属性。结合相关法律法规和空管运行数据安全特征, 设定5个数据安全级别。基于以决策树为基础分类器的系综算法, 建立空管运行数据安全自动分级模型。通过与其他机器学习算法的对比实验, 验证了所提算法在自动分级准确率上的优越性, 达到了95.5%。
Abstract
[Objective] With the continuous advancement of the informationization of air traffic control (ATC) in civil aviation, the ATC system currently acts as a hub supporting the efficient and safe operation of the aviation transportation industry. In this process, a large volume of business data is generated and processed within the ATC system that needs to be exchanged across different domains with external entities or organizations to meet the growing demands of informatization. However, data security, real-time processing, and efficiency issues have become increasingly prominent, posing bottlenecks to the further development of the ATC system. Driven by the promotion of informationization of the ATC system, the application subsystems within the civil aviation ATC system have gradually become fragmented, forming multiple information silos. This not only hinders the effective circulation of information but also limits the overall operational efficiency of the ATC system. Therefore, facilitating information sharing and system integration has become a critical task in the current phase of informationization. The exchange of information across industries, business domains, and organizations is a key aspect of achieving these goals. The process of cross-domain information exchange is considerably more complex than simply transmitting information from one place to another, involving multiple stages such as information storage, metadata registration, user identity authentication, and access control. Moreover, cross-domain information exchange also faces many challenges, including data heterogeneity, platform heterogeneity, distribution, autonomy, and security. This study aims to address these challenges by proposing a model for the automatic classification of multisource heterogeneous ATC operational data security to enhance data management, ensure security, promote information sharing, and facilitate business collaboration within the civil aviation ATC system. [Methods] Herein, first, a dataset is constructed to facilitate the classification of the ATC operational data security. Representative data from various operational categories are selected, and 13 key security attributes are identified to design the data security classification. Five security levels are established based on relevant laws and regulations pertaining to data security and the characteristics of the civil aviation ATC operational data. Subsequently, an automatic classification model is developed based on the AdaBoost algorithm with the classification and regression tree (CART) as the base classifier, considering the unique characteristics of the ATC operational data. [Results] Experimental results demonstrate the effectiveness of the proposed automatic classification model. A comparative analysis of the proposed model against other machine learning algorithms reveals that the proposed model achieves the highest accuracy rate, reaching 95.5%. Thus, the proposed model successfully classifies multisource heterogeneous ATC operational data according to their security attributes, enabling the formulation of tailored security strategies and access control mechanisms for different data security levels. [Conclusions] This proposed model considerably enhances the data management capabilities of the civil aviation ATC system, ensures data security, promotes information sharing, and facilitates business collaboration within the system. Thus, this study provides a robust framework for addressing the challenges associated with data security and integration in complex operational environments, laying a foundation for further advancements in civil aviation ATC informationization.
关键词
多源异构数据 /
空管运行数据 /
数据安全 /
自动分级
Key words
multisource heterogeneous data /
air traffic control operational data /
data security /
automatic classification
{{custom_sec.title}}
{{custom_sec.title}}
{{custom_sec.content}}
参考文献
[1] 戴剑伟,张海粟,王强,等.跨领域信息交换方法与技术[M]. 2版.北京:电子工业出版社, 2021. DAI J W, ZHANG H S, WANG Q, et al. Cross domain information exchange methods and technologies[M]. 2nd ed. Beijing:Publishing House of Electronics Industry, 2021.(in Chinese)
[2] 黄伟庆.合规视角下数据要素的分类分级管理机制研究[J].上海政法学院学报(法治论丛), 2024, 39(2):121-140. HUANG W Q. A research on the hierarchical and classified management mechanism of data elements under the compliance perspective[J]. Journal of Shanghai University of Political Science and Law (The Rule of Law Forum), 2024, 39(2):121-140.(in Chinese)
[3] 龚钢军,常卓越,陈志敏,等.网络安全视角下配电网数据资产分类分级探讨.华北电力大学学报(自然科学版), 2024:1-14.(2024-03-11). http://kns.cnki.net/kcms/detail/13.1212.tm.20240307.1031.002.html. GONG G J, CHANG Z Y, CHEN Z M, et al. Discussion on classification and grading of distribution network data assets from the perspective of network security. Journal of North China Electric Power University (Natural Science Edition), 2024:1-14.(2024-03-11). http://kns.cnki.net/kcms/detail/13.1212.tm.20240307.1031.002.html.(in Chinese)
[4] 罗海宁.政府数字化转型中探索建立数据安全堡垒的实践研究[J].中国信息安全, 2020(11):42-45. LUO H N. Practical research on exploring the establishment of data security fortresses in government digital transformation[J]. China Information Security, 2020(11):42-45.(in Chinese)
[5] TAWALBEH L, DARWAZEH N S, AL-QASSAS R S, et al. A secure cloud computing model based on data classification[J]. Procedia Computer Science, 2015, 52:1153-1158.
[6] SABETTA A, BEZZI M. A practical approach to the automatic classification of security-relevant commits[C]//2018 IEEE International Conference on Software Maintenance and Evolution (ICSME). Madrid, Spain:IEEE, 2018:579-582.
[7] 彭剑峰,徐保民,张义祥.基于等保2.0的铁路敏感数据安全关键技术及研究[J].网络安全技术与应用, 2021(1):138-142. PENG J F, XU B M, ZHANG Y X. Key technologies and research on railway sensitive data security based on equal protection 2.0[J]. Network Security Technology&Application, 2021(1):138-142.(in Chinese)
[8] 胡能鹏,刘晓光.互联网企业数据安全管理应用研究[J].网络安全技术与应用, 2020(12):76-77. HU N P, LIU X G. Research on the application of Internet enterprise data security management[J]. Network Security Technology&Application, 2020(12):76-77.(in Chinese)
[9] 张雪莹,杨帅锋,王冲华,等.工业互联网数据安全分类分级防护框架研究[J].信息技术与网络安全, 2021, 40(1):2-9. ZHANG X Y, YANG S F, WANG C H, et al. Research on industrial Internet data security classification and grading protection framework[J]. Information Technology and Network Security, 2021, 40(1):2-9.(in Chinese)
[10] 刘莉,陈先来,李忠民,等.精准医学大数据应用安全分类分级研究[J].医学信息学杂志, 2021, 42(1):9-15, 35. LIU L, CHEN X L, LI Z M, et al. Study on security classification of big data application in precision medicine[J]. Journal of Medical Informatics, 2021, 42(1):9-15, 35.(in Chinese)
[11] 程军军,杜少雄,姚轶崭.对数字经济环境下数据安全与开放共享的思考[J].中国信息安全, 2021(5):52-54. CHENG J J, DU S X, YAO Y Z. Reflections on data security and open sharing in the digital economy environment[J]. China Information Security, 2021(5):52-54.(in Chinese)
[12] 李玉亮.数据分类分级的现状与发展[J].中国信息安全, 2021(5):55-56. LI Y L. Current status and development of data classification and grading[J]. China Information Security, 2021(5):55-56.(in Chinese)
[13] 陈家宁,张建文.跨境数据流动治理的中国方案:以《数据安全法(草案)》为视角[J].长春理工大学学报(社会科学版), 2021, 34(2):35-40. CHEN J N, ZHANG J W. China's solution for cross-border data flow governance:From the perspective of Data Security Law (Draft)[J]. Journal of Changchun University of Science and Technology (Social Sciences Edition), 2021, 34(2):35-40.(in Chinese)
[14] 黄长春,齐雅楠.民航A-CDM系统数据安全保护方案探析[J].信息安全研究, 2023, 9(5):482-489. HUANG C C, QI Y N. Preliminary study on data security protection scheme of civil aviation A-CDM system[J]. Journal of Information Security Research, 2023, 9(5):482-489.(in Chinese)
[15] 白宇晨.西北空管局基于私有云数据平台的网络安全防控体系设计[J].网络安全技术与应用, 2022(11):57-59. BAI Y C. Design of network security prevention and control system based on private cloud data platform in Northwest Air Traffic Management Bureau[J]. Network Security Technology&Application, 2022(11):57-59.(in Chinese)
[16] 刘龙庚.基于异构网络空管安全监控关联算法研究[J].信息网络安全, 2022, 22(4):58-66. LIU L G. Research on association algorithm of heterogeneous network security monitoring[J]. Netinfo Security, 2022, 22(4):58-66.(in Chinese)
[17] 黄洪,刘增良,余达太.一种智能化的数据分类、分级及保护模型[J].北京工业大学学报, 2011, 37(6):921-927. HUANG H, LIU Z L, YU D T. An intelligent model of data classification and protection[J]. Journal of Beijing University of Technology, 2011, 37(6):921-927.(in Chinese)
[18] ZHU J, ROSSET S, ZOU H, et al. Multi-class AdaBoost[J]. Statistics and Its Interface, 2009, 2(3):349-360.
[19] LOH W Y. Classification and regression trees[J]. WIREs Data Mining and Knowledge Discovery, 2011, 1(1):14-23.
[20] MONTGOMERY D C, PECK E A, VINING G G. Introduction to linear regression analysis[M]. 6th ed. Hoboken, USA:John Wiley&Sons, 2021.
[21] MCDONALD G C. Ridge regression[J]. WIREs Computational Statistics, 2009, 1(1):93-100.
[22] RANSTAM J, COOK J A. LASSO regression[J]. British Journal of Surgery, 2018, 105(10):1348-1348.
[23] ZOU H, HASTIE T. Regularization and variable selection via the elastic net[J]. Journal of the Royal Statistical Society Series B:Statistical Methodology, 2005, 67(2):301-320.
[24] RIGATTI S J. Random forest[J]. Journal of Insurance Medicine, 2017, 47(1):31-39.
[25] SHARAFF A, GUPTA H. Extra-tree classifier with metaheuristics approach for email classification[M]//BHATIA S, TIWARI S, MISHRA K, et al. Advances in computer communication and computational sciences:Proceedings of IC4S 2018. Singapore:Springer, 2019:189-197.
[26] BREIMAN L. Bagging predictors[J]. Machine Learning, 1996, 24(2):123-140.
[27] NATEKIN A, KNOLL A. Gradient boosting machines, a tutorial[J]. Frontiers in Neurorobotics, 2013, 7:21.
[28] CHEN T, HE T, BENESTY M, et al. XGBoost:Extreme gradient boosting[Z]. R Package Version 0.4-2. 2015:1-4.
[29] ZHANG W G, WU C Z, ZHONG H Y, et al. Prediction of undrained shear strength using extreme gradient boosting and random forest based on Bayesian optimization[J]. Geoscience Frontiers, 2021, 12(1):469-477.
基金
国家自然科学基金重点项目(62133002)
PDF(5645 KB)
