Abstract: The data is the company’s core assets, data security is the core of the system security. With cloud computing, big data technologies are widely used to increase the difficulty of data protection, data security risks automatic recognition model for data security will play a very important role. Firstly, the use of Cartesian set to establish a formal risk characterization, lay the foundation for the automatic identification of risk; Secondly, according to the data flow through the filter of risk, determine the data security risks set different environments; Finally, in order to improve rules adaptation, the use of rough set learning the rules of security incidents, which greatly improves the accuracy of risk identification, the model for the data security protection provides a new and effective means. The theory and the algorithm of the artificial neural network are applied in the research of the technique and the composition, the gross mass fraction of element, the thickness of surface alloying layer as well as the absorption rate is built. The calculation results are in good agreement with the experimental results.

Key words: security test and evaluation, data security, risk identification, information flow, rough set

摘要： 数据是企业的核心资产，数据安全是系统安全的核心。随着云计算、大数据技术的广泛应用，加大了数据保护的难度，建立数据安全风险自动识别模型，对于数据安全保护将起到极为重要的作用。利用笛卡尔集建立一种形式化风险描述，为风险自动识别打下基础；根据数据流经的环境对风险进行过滤，确定不同环境下的数据安全风险集；为了提高风险筛选规则的适应性，利用粗糙集对安全事件进行规则学习，极大提高了风险识别的准确性，该模型为数据安全保护提供了一种新的有效手段。

关键词: 安全测评, 数据安全, 风险识别, 信息流, 粗糙集