Listen carefully to experts when you classify data: A generic data classification ontology encoded from regulations

Along with the proliferation of big data technology, organizations are involved in an overwhelming data ocean, the huge volume of data makes them at a loss in the face of frequent data breaches due to their failure of efficient data security management. Data classification has become a hot topic as a cornerstone of data protection especially in China in recent years, by categorizing information types and distinguishing protective measures at different classification levels. Both the text and tables of the promulgated data classification-related regulations (for simplicity, laws, regulations, policies, and standards are collectively referred to as “regulations”) contain a wealth of valuable information which can guide the work of data classification. To best assist data practitioners, in this paper, we automatically “grasp” expert experience on how to classify data from the analysis of such regulations. We design a framework, GENONTO, that automatically extracts data classification practices (DCPs), such as information types and their corresponding sensitive levels to construct an information type lexicon as well as to encode a generic ontology on top of 38 real-world regulations promulgated in China. GENONTO employs machine learning techniques and natural language processing (NLP) to parse unstructured text and tables. To our knowledge, GENONTO is the first work that explores critical information like the category and the sensitivity of information types from regulations, and organizes them in a structured form of ontology, characterizing the subsumptive relations between different information types. Our research helps provide a well-defined integrated view across regulations and bridges the gap between what experts say and how data practitioners do.     

图书馆大数据:权利界分、因应之道与风险破解

[目的/意义]迎合大数据时代发展潮流,应是图书馆迭代升级的基本方向。随着大数据产业的兴起,我国陆续修改现行法规或颁布新规定,对网络安全、个人信息保护及网络运行中的数据安全等领域加强规范。但是,数据的权利归属等基础问题尚属法律空白,而该问题关系到图书馆如何因应大数据发展潮流和防范大数据开发利用风险,是迫切需要图书馆人深入思考和研究的重大议题。[方法/过程]将图书馆大数据进行了原始数据和衍生数据的二层次界分:图书馆用户对原始数据拥有初始权利,可排除他人使用;图书馆合法收集的用户原始数据通过资产化、价值化形成的衍生数据,虽然其权属认定和权利范围相关法律法规尚未明确,但这部分数据归属于实现数据价值增值的主体即图书馆所有,符合财产性权利产生的法理基础和逻辑。[结果/结论]迈向大数据时代的图书馆,应从运营管理智能化、打破信息孤岛以及精准服务三个方面搭乘大数据发展的"快车",充分发挥大数据获取、分析技术的作用,把握大数据发展潮流的因应之道。为防范图书馆大数据利用侵犯用户隐私、个人信息以及数据歧视的风险,从图书馆层面、用户层面、行业协会层面以及外部合作层面,提出了从内而外多维度化解大数据开发利用风险的破解之道。     

HEMOS: A novel deep learning-based fine-grained humor detecting method for sentiment analysis of social media

In this paper we introduce HEMOS (Humor-EMOji-Slang-based) system for fine-grained sentiment classification for the Chinese language using deep learning approach. We investigate the importance of recognizing the influence of humor, pictograms and slang on the task of affective processing of the social media. In the first step, we collected 576 frequent Internet slang expressions as a slang lexicon; then, we converted 109 Weibo emojis into textual features creating a Chinese emoji lexicon. In the next step, by performing two polarity annotations with new “optimistic humorous type” and “pessimistic humorous type” added to standard “positive” and “negative” sentiment categories, we applied both lexicons to attention-based bi-directional long short-term memory recurrent neural network (AttBiLSTM) and tested its performance on undersized labeled data. Our experimental results show that the proposed method can significantly improve the state-of-the-art methods in predicting sentiment polarity on Weibo, the largest Chinese social network.     

A novel emerging topic detection method: A knowledge ecology perspective

Emerging topic detection has attracted considerable attention in recent times. While various detection approaches have been proposed in this field, designing a method for accurately detecting emerging topics remains challenging. This paper introduces the perspective of knowledge ecology to the detection of emerging topics and utilizes author-keywords to represent research topics. More precisely, we first improve the novelty metric and recalculate emergence capabilities based on the “ecostate” and “ecorole” attributes of ecological niches. Then, we take the perspective that keywords are analogous to living bodies and map them to the knowledge ecosystem to construct an emerging topics detection method based on ecological niches (ETDEN). Finally, we conduct in-depth comparative experiments to verify the effectiveness and feasibility of ETDEN using data extracted from scientific literature in the ACM Digital Library database. The results demonstrate that the improved novelty indicator helps to differentiate the novelty values of keywords in the same interval. More importantly, ETDEN performs significantly better performance on three terms: the emergence time point and the growth rate of pre-and post-emergence.     

SDRS: A new lossless dimensionality reduction for text corpora

In recent years, most content-based spam filters have been implemented using Machine Learning (ML) approaches by means of token-based representations of textual contents. After introducing multiple performance enhancements, the impact has been virtually irrelevant. Recent studies have introduced synset-based content representations as a reliable way to improve classification, as well as different forms to take advantage of semantic information to address problems, such as dimensionality reduction.These preliminary solutions present some limitations and enforce simplifications that must be gradually redefined in order to obtain significant improvements in spam content filtering. This study addresses the problem of feature reduction by introducing a new semantic-based proposal (SDRS) that avoids losing knowledge (lossless). Synset-features can be semantically grouped by taking advantage of taxonomic relations (mainly hypernyms) provided by BabelNet ontological dictionary (e.g. “Viagra” and “Cialis” can be summarized into the single features “anti-impotence drug”, “drug” or “chemical substance” depending on the generalization of 1, 2 or 3 levels).In order to decide how many levels should be used to generalize each synset of a dataset, our proposal takes advantage of Multi-Objective Evolutionary Algorithms (MOEA) and particularly, of the Non-dominated Sorting Genetic Algorithm (NSGA-II). We have compared the performance achieved by a Naïve Bayes classifier, using both token-based and synset-based dataset representations, with and without executing dimensional reductions. As a result, our lossless semantic reduction strategy was able to find optimal semantic-based feature grouping strategies for the input texts, leading to a better performance of Naïve Bayes classifiers.     

Influence of human behavior and the principle of least effort on library and information science research

This study identified the influence of the main concepts contained in Zipf's classic 1949 book entitled Human Behavior and the Principle of Least Effort (HBPLE) on library and information science (LIS) research. The study analyzed LIS articles published between 1949 and 2013 that cited HBPLE. The results showed that HBPLE has a growing influence on LIS research. Of the 17 cited concepts that were identified, the concept of “Zipf's law” was cited most (64.8%), followed by “the principle of least effort” (24.5%). Although the concept of “the principle of least effort,” the focus of HBPLE, was not most frequently observed, an increasing trend was evident regarding the influence of this concept. The concept of “the principle of least effort” has been cited mainly by researchers of information behavior and served to support the citing authors’ claims. By contrast, the concept of “Zipf's law” received the most attention from bibliometrics research and was used mainly for comparisons with other informetrics laws or research results.     

美国基于关键基础设施的信息安全法规概述

美国在关键基础设施的信息安全相关领域的法规主要围绕关键基础设施界定、机构设置、责任落实、政企合作、信息共享机制等方面展开,相关政策规定既有变化性又有延续性。总体上,有宏观层面国家顶层法规政策,细节上,有微观层面的具体针对性法规,同时,还有对进口关键基础设施的信息安全保护。总结美国基于关键基础设施信息安全的法律法规特点,对我国关键基础设施的信息安全建设是很好的借鉴。     

我国图书馆法律法规主题发现及演化分析

【目的/意义】通过分析近年来我国图书馆法律法规的内容特征及其发展脉络,探究其发展趋势,为我国图 书馆法律法规研究提供借鉴,为图书馆法律体系建设提供参考。【方法/过程】以中国知网作为数据源,选取 2008- 2018年《中国图书馆年鉴》中法律法规与政策性文件中法律法规的全文,作为研究样本,利用LDA模型进行主题内 容提取和挖掘。【结果/结论】通过主题研究发现我国图书馆专门法律法规较少,实施较晚,应加强专门法的研究,促 进综合性图书馆法出台,加快图书馆法律体系建设。【创新/局限】运用LDA主题建模方法对现行大量图书馆法律法 规文本进行主题数据分析,探究图书馆法律法规的内容特征和发展机理具有创新意义。由于算法中的分词方法对 个别专业词汇切分可能存在局部偏差,会对关键词提取准确性造成微小影响。     

A novel dropout mechanism with label extension schema toward text emotion classification

Researchers have been aware that emotion is not one-hot encoded in emotion-relevant classification tasks, and multiple emotions can coexist in a given sentence. Recently, several works have focused on leveraging a distribution label or a grayscale label of emotions in the classification model, which can enhance the one-hot label with additional information, such as the intensity of other emotions and the correlation between emotions. Such an approach has been proven effective in alleviating the overfitting problem and improving the model robustness by introducing a distribution learning component in the objective function. However, the effect of distribution learning cannot be fully unfolded as it can reduce the model’s discriminative ability within similar emotion categories. For example, “Sad” and “Fear” are both negative emotions. To address such a problem, we proposed a novel emotion extension scheme in the prior work (Li, Chen, Xie, Li, and Tao, 2021). The prior work incorporated fine-grained emotion concepts to build an extended label space, where a mapping function between coarse-grained emotion categories and fine-grained emotion concepts was identified. For example, sentences labeled “Joy” can convey various emotions such as enjoy, free, and leisure. The model can further benefit from the extended space by extracting dependency within fine-grained emotions when yielding predictions in the original label space. The prior work has shown that it is more apt to apply distribution learning in the extended label space than in the original space. A novel sparse connection method, i.e., Leaky Dropout, is proposed in this paper to refine the dependency-extraction step, which further improves the classification performance. In addition to the multiclass emotion classification task, we extensively experimented on sentiment analysis and multilabel emotion prediction tasks to investigate the effectiveness and generality of the label extension schema.     

Information extraction with automatic knowledge expansion

POSIE (POSTECH Information Extraction System) is an information extraction system which uses multiple learning strategies, i.e., SmL, user-oriented learning, and separate-context learning, in a question answering framework. POSIE replaces laborious annotation with automatic instance extraction by the SmL from structured Web documents, and places the user at the end of the user-oriented learning cycle. Information extraction as question answering simplifies the extraction procedures for a set of slots. We introduce the techniques verified on the question answering framework, such as domain knowledge and instance rules, into an information extraction problem. To incrementally improve extraction performance, a sequence of the user-oriented learning and the separate-context learning produces context rules and generalizes them in both the learning and extraction phases. Experiments on the “continuing education” domain initially show that the F1-measure becomes 0.477 and recall 0.748 with no user training. However, as the size of the training documents grows, the F1-measure reaches beyond 0.75 with recall 0.772. We also obtain F-measure of about 0.9 for five out of seven slots on “job offering” domain.     

数字经济关键信息基础设施安全保护义务:治理体系与改革建议

以《关键信息基础设施安全保护条例》为切入点，梳理分析运营者履行安全保护义务的主要环节与具体内容，评述现有治理体系的进步与不足，提出运营者应树立弹性安全的网络安全治理观念、完善网络安全信息共享制度、优化建立全生命周期的供应链安全管理体系的改革建议。     

Ethical pluralism and global information ethics

A global information ethics that seeks to avoid imperialistic homogenization must conjoin shared norms while simultaneously preserving the irreducible differences between cultures and peoples. I argue that a global information ethics may fulfill these requirements by taking up an ethical pluralism – specifically Aristotle’s pros hen [“towards one”] or “focal” equivocals. These ethical pluralisms figure centrally in both classical and contemporary Western ethics: they further offer important connections with the major Eastern ethical tradition of Confucian thought. Both traditions understand ethical judgment to lead to and thus require ethical pluralism – i.e., an acceptance of more than one judgment regarding the interpretation and application of a shared ethical norm. Both traditions invoke notions of resonance and harmony to articulate pluralistic structures of connection alongside irreducible differences. Specific examples within Western computer and information ethics demonstrate these pluralisms in fact working in praxis. After reviewing further resonances and radical differences between Western and Eastern views, I then argue that emerging conceptions of privacy and data privacy protection laws in China, Hong Kong, Japan, and Thailand in fact constitute a robust, pros hen pluralism with Western conceptions. In both theory and in praxis, then, this pluralism thus fulfills the requirement for a global information ethics that holds shared norms alongside the irreducible differences between cultures and peoples.     

《中华人民共和国国家情报法》中的“软法性条款”研究

[目的/意义]在情报法治体系建设中,存在着“软硬兼备”的特殊现象,所谓“软”,即“软法性条款”;所谓“硬”,即“硬法性条款”。由于“软法性条款”(“半软法性条款”)和“硬法性条款”具有效力上的互补性,因此,以“软法性条款”为切入视角,有利于透析《情报法》的内在构成要素,并为未来语境下的情报法治建设提供建议。[方法/过程]运用“连接词”分析和语义分析,可以识别出《情报法》中的“软法性条款”“半软法性条款”和“硬法性条款”。[结果/结论]“软法性条款”和“半软法性条款”广泛分布于《情报法》中,且占比分别为84.4%和3.1%。在立法层面,应拓展“软法性条款”与“硬法性条款”的有机转化模式;在执法层面,应建立“软法性条款”和“硬法性条款”的双重执行机制。     

美国信息无障碍法律法规研究

本文在对美国信息无障碍相关法律法规进行概述的基础上,归纳总结了美国信息无障碍法律法规建设的发展历程及特点,最后探讨了美国信息无障碍法律法规建设对我国信息无障碍法律法规支持体系建设的启示。     

我国科技信息保密工作中的法律规范

科学技术进步对我国经济和社会发展的重要作用日益突出，加强科技保密，确保国家秘密技术形成的技术优势得到充分发挥，对促进科技创新、推动科技发展方面有重要意义。本文论述了我国现行科技信息保密工作中的法律规范，并对我国科技信息保密的法律体系及其运行机制进行了分析。     

网上证券交易的信息安全管理与风险防范

网上证券交易正在迅速发展，如何解决信息安全问题是当务之急。根据证券交易的特点，提出了券商的信息安全管理措施、用户的交易安全防范措施以及网络信息安全法规举措。     

国外网络信息资源管理政策法规建设及其启示

立足本国实践,重视网络信息资源管理政策法规理论研究。重视网络信息政策法规对新技术开发与运用的指引,重视网络信息资源管理政策法规体系本身的建设,突出网络信息安全政策法规建设的战略意义,是国外网络信息资源管理政策法规建设的重要特点与趋势,也是给我们的最重要启示。     

Implementation and management of cloud security for industry 4.O - data using hybrid elliptical curve cryptography

Industry 4.0 places a premium on cloud security since more and more companies are moving their activities to the cloud to reap the benefits of the Fourth Industrial Revolution.The term “cloud computing” refers to a collection of Internet-based hardware and software tools. Providers of cloud services use data centers situated in various physical locations. Cloud computing makes life easier for users by making remote, simulated resources available over the internet. Google Apps and Microsoft SharePoint are two examples of popular cloud applications. In addition to its exciting potential, the “cloud computing” industry's lightning-fast expansion raises serious security concerns. When discussing security, cloud really suffers from Open Systems' and the internet's perennial problem. The only thing stopping the widespread use of cloud computing is the lack of trust in the system. There are a number of security concerns with cloud computing, including protecting user data and vetting cloud service providers' practices. Using encryption, confidential information can be sent over an unsecured channel without fear of data loss or manipulation. Data encryption using various protocols has been used in various settings. Different cryptosystems were developed and used at various times. Additionally, cloud computing enables multiple users to access and retrieve data simultaneously through their own personal Internet connections, which increases the risk of confidential data loss and exposure in a number of different places. Elliptic Curve Cryptography and other cryptographic algorithms have been used to develop numerous methods and protocols that guarantee the security and privacy of transmitted data. In this paper, we suggest a safe and efficient method for sharing information in the cloud without compromising its safety or integrity. The proposed system is able to guarantee authentication and data integrity because it uses a hybrid of the ECC and the Advanced Encryption Standard (AES) technique. The experimental results confirm the proposed approach outperforms the current gold standard.     

个人信息盗窃灰色产业链的技术手段与法律规制

大数据时代个人信息由于蕴含巨大的商业价值近年来频遭犯罪分子大规模非法窃取,从而引发社会对于个人信息安全的普遍关注。个人信息盗窃手段花样繁多,例如恶意捆绑、WIFI钓鱼、路由器入侵、远程控制后门技术、木马病毒等黑客攻击技术,以及各类社会工程学攻击技术。个人信息盗窃已经形成一条庞大、复杂的个人信息盗窃灰色产业链,造成了严重的社会影响。应当从个人信息盗窃产业链入手,明确产业链中不同的主体类型、行为方式,以现行法律法规为基础,对违法行为实施有效规制。