CN106027382A - Anti-leakage device and method and user terminal - Google Patents
Anti-leakage device and method and user terminal Download PDFInfo
- Publication number
- CN106027382A CN106027382A CN201610615474.6A CN201610615474A CN106027382A CN 106027382 A CN106027382 A CN 106027382A CN 201610615474 A CN201610615474 A CN 201610615474A CN 106027382 A CN106027382 A CN 106027382A
- Authority
- CN
- China
- Prior art keywords
- security strategy
- keyword
- module
- prevention device
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L51/00—User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
- H04L51/21—Monitoring or handling of messages
- H04L51/212—Monitoring or handling of messages using filtering or selective blocking
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/30—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information
- H04L63/308—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information retaining data, e.g. retaining successful, unsuccessful communication attempts, internet access, or e-mail, internet telephony, intercept related information or call content
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Technology Law (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The embodiment of the invention provides an anti-leakage device and method and a user terminal, which are applied to e-mails. The anti-leakage method comprises the following steps: acquiring mails sent to a designated port; matching the mails with a preset security policy; and implementing network blocking on the mails matched with the security policy, and sending the mails unmatched with the security policy to a target server. Therefore, confidential data of enterprises can be prevented from being leaked through the mails, and thus the security of mail data is improved.
Description
Technical field
The present invention relates to field of information security technology, in particular to a kind of based on Email
Leakage prevention device, method and user terminal.
Background technology
Along with the development of network technology, there is more enterprise can join in the network system, no matter be wide
Branch's interconnection of territory net or each enterprise, mail becomes one of mutual important means of information, and this is just
Facing a problem, the confidential information of enterprise likely can be leaked out by mail, by technology hands
Section limits the requirement not allowing receiving and dispatching mail also not meet social informatization development, therefore, is badly in need of a kind of base
In the divulgence prevention method of mail so that enterprise can either normal receiving and dispatching mail, the machine of enterprise can be prevented again
Ciphertext data is leaked out by mail.
Summary of the invention
It is an object of the invention to provide a kind of leakage prevention device, method and user terminal, to solve enterprise
The technical problem that the confidential data of industry leaks out easily by mail.
To achieve these goals, the technical scheme that the embodiment of the present invention uses is as follows:
First aspect, embodiments provides a kind of leakage prevention device, is applied to Email,
Described leakage prevention device includes: interception module, for obtaining the mail sent to designated port;Coupling
Module, for mating described mail with security strategy set in advance;Perform module, be used for
The mail that mates with described security strategy is implemented network block, and will with described security strategy not
The mail joined sends to destination server.
Second aspect, the embodiment of the present invention additionally provides a kind of divulgence prevention method, is applied to Email,
Described divulgence prevention method includes: obtain the mail sent to designated port;By described mail with set in advance
Fixed security strategy is mated;The mail mated with described security strategy is implemented network block, with
And mail unmatched with described security strategy is sent to destination server.
The third aspect, the embodiment of the present invention additionally provides a kind of user terminal, and described user terminal includes:
Memorizer;Processor;And leakage prevention device, described leakage prevention device is installed in described memorizer
And include one or more software function module performed by described processor, described leakage prevention device bag
Include: interception module, for obtaining the mail sent to designated port;Matching module, for by described
Mail mates with security strategy set in advance;Perform module, for described security strategy
The mail of coupling is implemented network and is blocked, and sends mail unmatched with described security strategy to mesh
Mark server.
The embodiment of the present invention provides a kind of leakage prevention device, method and user terminal, by obtaining to finger
The mail that fixed end mouth sends;Described mail is mated with security strategy set in advance;To with institute
The mail stating security strategy coupling implements network blocking-up, and will postal unmatched with described security strategy
Part sends to destination server, so, is possible to prevent secret data in enterprise to be leaked out by mail,
Improve the safety of mail data.
For making the above-mentioned purpose of the present invention, feature and advantage to become apparent, preferable reality cited below particularly
Execute example, and coordinate appended accompanying drawing, be described in detail below.
Accompanying drawing explanation
In order to be illustrated more clearly that the technical scheme of the embodiment of the present invention, below will be to required in embodiment
Accompanying drawing to be used is briefly described, it will be appreciated that the following drawings illustrate only some of the present invention
Embodiment, is therefore not construed as the restriction to scope, for those of ordinary skill in the art,
On the premise of not paying creative work, it is also possible to obtain other according to these accompanying drawings relevant attached
Figure.
Fig. 1 shows a kind of leakage prevention device, method and the user terminal that the embodiment of the present invention provides
Applied environment schematic diagram;
Fig. 2 shows the structured flowchart of the user terminal that the embodiment of the present invention provides;
Fig. 3 shows the functional block diagram of a kind of leakage prevention device that the embodiment of the present invention provides;
Fig. 4 shows the flow chart of a kind of divulgence prevention method that the embodiment of the present invention provides.
Detailed description of the invention
Leakage prevention device, method and the user terminal that present pre-ferred embodiments is provided can be applicable to as
In applied environment shown in Fig. 1.As it is shown in figure 1, user terminal 100, destination server 200
In first network 300, first network 300 can be wireless network or cable network, by this
One network 300, user terminal 100 and destination server 200 carry out data interaction, wherein, target
Server 200 can collect the Email that user terminal 100 sends.It addition, user terminal 100,
Controlling server 500 to be positioned in the second network 400, the second network 400 can be wireless network or have
Gauze network, by this second network 400, user terminal 100 carries out data with controlling server 500
Alternately, wherein, control server 500 related data of user terminal 100 can be configured,
Management, it is possible to issue related data to user terminal 100.
In the embodiment of the present invention, user terminal 100 is preferably mobile terminal device, such as, can wrap
Include smart mobile phone, panel computer, E-book reader, pocket computer on knee, vehicle-mounted computer,
Wearable mobile terminal etc..
Leakage prevention device, method and the user terminal that the embodiment of the present invention proposes, it is provided that a kind of new
Divulgence prevention method based on Email.This leakage prevention device, method are applicable to have Android behaviour
Make system, iOS operating system, Windows Phone operating system or the user terminal of other platforms
100.In the embodiment of the present invention, this user terminal 100 is provided with E-mail address client, should
Leakage prevention device, method can run on the E-mail address client of user terminal 100, or, this is prevented
Device, the method for divulging a secret also can run on the E-mail address of the webpage version of user terminal 100.
Fig. 2 shows a kind of user terminal applying the leakage prevention device of the embodiment of the present invention, method
The structured flowchart of 100.As in figure 2 it is shown, user terminal 100 includes that memorizer 102, storage control
Device 104, one or more (only illustrating one in figure) processor 106, Peripheral Interface 108, radio frequency
Unit 110, audio unit 112, Touch Screen 114 and photographic head 116 etc..These assemblies lead to
Cross the mutual communication of one or more communication bus/holding wire 118.
Memorizer 102 can be used for storing software program and module, as anti-in the embodiment of the present invention lets out
Programmed instruction/module that close device, method are corresponding, processor 106 is stored in memorizer by operation
Software program in 102 and module, thus perform the application of various function and data process, such as this
The divulgence prevention method that inventive embodiments provides.
Memorizer 102 can include high speed random access memory, may also include nonvolatile memory, such as one
Individual or multiple magnetic storage device, flash memory or other non-volatile solid state memories.Processor
106 and other possible assemblies can be in the control of storage control 104 to the access of memorizer 102
Under carry out.
Various input/output devices are coupled to processor 106 and memorizer by Peripheral Interface 108
102.In certain embodiments, Peripheral Interface 108, processor 106 and storage control 104
Can realize in one single chip.In some other example, they can be respectively by independent chip
Realize.
Radio frequency unit 110 is used for receiving and sending electromagnetic wave, it is achieved electromagnetic wave is mutual with the signal of telecommunication
Conversion, thus carry out communication with communication network or other equipment.
Audio unit 112 provides a user with audio interface, its can include one or more mike, one
Individual or multiple speaker and voicefrequency circuit.
Touch Screen 114 provides an output and input circle between user terminal 100 and user simultaneously
Face.In the present embodiment, described Touch Screen 114 supports single-point and multi-point touch operation, such as,
This Touch Screen 114 can be to support single-point and the capacitance type touch control screen of multi-point touch operation or resistance-type
Touch screen etc..Support that single-point and multi-point touch operation are that Touch Screen 114 can sense from this touch-control
The touch control operation that on screen 11, one or more positions produce simultaneously, and tap what this sensed more
Control operation transfers to processor 106 to process.
Described photographic head 116 is used for shooting image.
Being appreciated that the structure shown in Fig. 2 is only signal, user terminal 100 may also include and compares Fig. 2
Shown in more or less assembly, or there is the configuration different from shown in Fig. 2.Institute in Fig. 2
The each assembly shown can use hardware, software or a combination thereof to realize.
Below in conjunction with accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out
Clearly and completely describe, it is clear that described embodiment is only a part of embodiment of the present invention,
Rather than whole embodiments.Generally herein described in accompanying drawing and the group of the embodiment of the present invention that illustrates
Part can be arranged with various different configurations and design.Therefore, below to the basis provided in the accompanying drawings
The detailed description of inventive embodiment is not intended to limit the scope of claimed invention, but only
Only represent the selected embodiment of the present invention.Based on embodiments of the invention, those skilled in the art are not having
There is on the premise of making creative work the every other embodiment obtained, broadly fall into present invention protection
Scope.
It should also be noted that similar label and letter represent similar terms, therefore, one in following accompanying drawing
A certain Xiang Yi the accompanying drawing of denier is defined, then need not it is carried out further in accompanying drawing subsequently
Definition and explanation.Meanwhile, in describing the invention, term " first ", " second " etc. are only used for district
Divide and describe, and it is not intended that indicate or hint relative importance.
First embodiment
Refer to Fig. 3, be the functional block diagram of a kind of leakage prevention device 600 that the embodiment of the present invention provides.
A kind of leakage prevention device 600 that the embodiment of the present invention provides includes: acquisition module 610, interception module
620, parsing module 630, matching module 640, execution module 650, alarm module 660 and figure
Table output module 670.
Acquisition module 610, is used for obtaining security strategy set in advance.
In embodiments of the present invention, after controlling server 500 startup, formulation security strategy can be configured,
And security strategy is saved in the data base controlling server 500.Security strategy can be about enterprise
The packet that the confidential information of industry is constituted, the confidential information about enterprise can include that first is crucial
Word, such as: secret, secret, password etc..First keyword of enterprise's confidential information is packaged into
Packet, and be stored in the data base controlling server 500.Electronics in user terminal 100
After mailbox client is opened, acquisition module 610 can be with control server 500 communication, from control
Server 500 obtains security strategy set in advance, and is saved in the memorizer of user terminal 100
In 102.
Interception module 620, for obtaining the mail sent to designated port.
In embodiments of the present invention, when user terminal 100 is connected with destination server 200 foundation,
User terminal 100 sends oneself identity (referring here to account and password) to destination server 200
And successfully confirmed by destination server 200, now, user terminal 100 can be to destination server
The designated port of 200 sends mail, such as, when destination server 200 is Simple Mail Transfer protocol
During (Simple Mail Transfer Protocol, SMTP) server, user terminal 100 can be to
The designated port 25 of smtp server sends mail.
Further, interception module 620 can be networks filter driver, by sending out to designated port
The mail sent does port redirection, to obtain the mail sent to designated port.Such as, take when target
Business device 200 is Simple Mail Transfer protocol (Simple Mail Transfer Protocol, SMTP) clothes
During business device, the mail sent to designated port 25 can be done port redirection by interception module 620,
So that the mail to designated port 25 transmission is sent to interception module 620, interception module 620 obtain
Take.
Parsing module 630, is used for resolving described security strategy and described mail.
In embodiments of the present invention, security strategy can include the first keyword, parsing module 630
The packet of security strategy can be decompressed, the most therefrom parse the first keyword and store
In the memorizer 102 of user terminal 100.
Content to the mail of designated port transmission can include text and adnexa, can include in mail
Second keyword, the second keyword both can be the content in text, it is also possible to for the content in adnexa,
In the first keyword that parsing module may be used for resolving in described security strategy and described mail
Two keywords.
Matching module 640, for mating described mail with described security strategy.
In embodiments of the present invention, described mail and described security strategy are carried out by matching module 640
The process joined can be: matching module 640 is by the second keyword in described mail and described safe plan
The first keyword in slightly mates, and confirms that the second keyword and the first keyword are the most consistent, if
Unanimously, then the second keyword and the first keyword be coupling, if inconsistent, then the second keyword and
First keyword is unmatched.
Perform module 650, block for the mail mated with described security strategy is implemented network, with
And mail unmatched with described security strategy is sent to destination server 200.
In embodiments of the present invention, when described second keyword is with described first keyword match, should
Mail i.e. carries the information relevant to enterprise secret, therefore triggers security strategy, performs module
Described mail can be implemented network by 650 to be blocked, and this mail cannot send to destination server 200.
In embodiments of the present invention, when described second keyword does not mates with described first keyword,
This mail does not i.e. carry the information relevant to enterprise secret, and therefore, this mail is peace for enterprise
Full mail, performing module 650 can send this mail to destination server 200.
Alarm module 660, for reporting to the police, such as after described mail is implemented network blocking-up:
Alarm module 660 sends warning message to mailbox management person by the way of mail or note, with this side
Formula informs that this mail of manager triggers security strategy.
Chart output module 670, for exporting the chart-information about described mail.
In embodiments of the present invention, the mail sent from user terminal 100 can be to trigger safe plan
Mail slightly and do not trigger the mail of security strategy, the mail sent from user terminal 100 can be
Control the data base of server 500 backs up, and perform module 650 and send out to mailbox management person
The warning message sent can also be saved in the data base controlling server 500.So, chart output
Module 670 can export chart according to the mail sent from user terminal 100 and warning message and open up
Show the security postures of enterprise.
Second embodiment
Refer to Fig. 4, be the flow chart of a kind of divulgence prevention method that the embodiment of the present invention provides.This
A kind of divulgence prevention method that bright embodiment provides comprises the following steps:
Step S1, obtains security strategy set in advance.
In embodiments of the present invention, step S1 can be performed by acquisition module 610.Security strategy can
Think the packet that the keyword about enterprise's confidential information is constituted, about the pass of enterprise's confidential information
Key word can include the first keyword, such as: secret, secret, password etc..Enterprise's confidential information
The first keyword be packaged into packet, and be stored in control server 500.When user terminal 100
In E-mail address client open after, acquisition module 610 can with control server 500 communication,
Obtain security strategy set in advance from controlling server 500, and be saved in depositing of user terminal 100
In reservoir 102.
Step S2, obtains the mail sent to designated port.
In embodiments of the present invention, step S2 can be performed by interception module 620.Work as user terminal
100 with destination server 200 set up be connected time, user terminal 100 sends to destination server 200
Oneself identity (referring here to account and password) is also successfully confirmed by destination server 200, now,
User terminal 100 can send mail to the designated port of destination server 200, such as, works as target
Server 200 is Simple Mail Transfer protocol (Simple Mail Transfer Protocol, SMTP)
During server, user terminal 100 can send mail to the designated port 25 of smtp server.
Further, interception module 620 can be networks filter driver, by sending out to designated port
The mail sent does port redirection, to obtain the mail sent to designated port.Such as, take when target
Business device 200 is Simple Mail Transfer protocol (Simple Mail Transfer Protocol, SMTP) clothes
During business device, the mail sent to designated port 25 can be done port redirection by interception module 620,
So that the mail to designated port 25 transmission is sent to interception module 620, interception module 620 obtain
Take.
Step S3, resolves described security strategy and described mail.
In embodiments of the present invention, step S3 can be performed by parsing module 630.In security strategy
Can include the first keyword, parsing module 630 can parse the first keyword from security strategy
And be stored in the memorizer 102 of user terminal 100.
Content to the mail of designated port transmission can include text and adnexa, can include in mail
Second keyword, the second keyword both can be the content in text, it is also possible to for the content in adnexa,
In the first keyword that parsing module 630 may be used for resolving in described security strategy and described mail
The second keyword.
Step S4, mates described mail with described security strategy.
In embodiments of the present invention, step S4 can be performed by matching module 640.Matching module 640
The process carrying out described mail with described security strategy mating can be: matching module 640 is by described
The second keyword in mail and the first keyword in described security strategy mate, and confirm second
Keyword and the first keyword are the most consistent, if unanimously, then the second keyword and the first keyword are
Joining, if inconsistent, then the second keyword and the first keyword are unmatched.
Step S5, implements network to the mail mated with described security strategy and blocks, and will be with institute
State the unmatched mail of security strategy to send to destination server 200.
In embodiments of the present invention, step S5 can be performed by performing module 650.Described second
When keyword and described first keyword match, this mail i.e. carries the letter relevant to enterprise secret
Breath, therefore triggers security strategy, performs module 650 and described mail can be implemented network blocking-up,
This mail cannot send to destination server 200.At described second keyword and described first keyword
When not mating, this mail does not i.e. carry the information relevant to enterprise secret, and therefore, this mail is for enterprise
Being safe mail for industry, performing module 650 can send this mail to destination server 200.
Step S6, reports to the police after network blocks implementing described mail, and step S6 can be by
Alarm module 660 performs.Such as: alarm module 660 sends warning by the way of mail or note
Information, to mailbox management person, informs that this mail of manager triggers security strategy in this way.
Step S7, exports the chart-information about described mail.
In embodiments of the present invention, step S7 can be performed by chart output module 670.From user
The mail that terminal 100 sends can be to trigger the mail of security strategy and do not trigger security strategy
Mail, the mail sent from user terminal 100 can enter among the data bases controlling server 500
Row backup, and perform module 650 and the warning message sent to mailbox management person can also be uploaded to
Control in the data base of server 500.So, chart output module 670 can be according to from user eventually
Mail and warning message that end 100 sends export chart to show the security postures of enterprise.
It addition, user can also be according to condition query alarm signal in the data base controlling server 500
Breath, such as, according to inquiry warning messages such as mail date issued, mail matter topics, keywords.
The embodiment of the present invention provides a kind of leakage prevention device, method and user terminal, by obtaining in advance
The security strategy set;Obtain the mail sent to designated port;By described mail and described safe plan
Slightly mate;The mail mated with described security strategy is implemented network block, and will be with described
The unmatched mail of security strategy sends to destination server, so, is possible to prevent enterprise's secret to pass through
Mail data leaks out, and can also warn mail when sending the mail triggering security strategy simultaneously
Sender or mailbox management person, and remain with outbox content and report in the data base controlling server
Alarming information, can show the security postures of enterprise by exporting various charts.
In several embodiments provided herein, it should be understood that disclosed apparatus and method,
Can also realize by another way.Device embodiment described above is only schematically,
Such as, the flow chart in accompanying drawing and block diagram show the device of multiple embodiments according to the present invention, side
Method and architectural framework in the cards, function and the operation of computer program.In this, stream
Each square frame in journey figure or block diagram can represent a module, program segment or a part for code, institute
The part stating module, program segment or code comprises one or more logic function for realizing regulation
Executable instruction.It should also be noted that at some as in the implementation replaced, square frame is marked
The function of note can also occur to be different from the order marked in accompanying drawing.Such as, two continuous print sides
Frame can essentially perform substantially in parallel, and they can also perform sometimes in the opposite order, and this depends on
Depending on involved function.It is also noted that each square frame in block diagram and/or flow chart, with
And the combination of the square frame in block diagram and/or flow chart, can be with performing the function of regulation or the special of action
Hardware based system realize, or can come with the combination of specialized hardware and computer instruction
Realize.
It addition, each functional module in each embodiment of the present invention can integrate formation one
Independent part, it is also possible to be modules individualism, it is also possible to two or more module collection
It is shaped as an independent part.
If described function realizes using the form of software function module and as independent production marketing or
During use, can be stored in a computer read/write memory medium.Based on such understanding, this
The part that the most in other words prior art contributed of technical scheme of invention or this technical side
The part of case can embody with the form of software product, and this computer software product is stored in one
In storage medium, including some instructions with so that computer equipment (can be personal computer,
Server, or the network equipment etc.) perform all or part of of method described in each embodiment of the present invention
Step.And aforesaid storage medium includes: USB flash disk, portable hard drive, read only memory (ROM,
Read-Only Memory), random access memory (RAM, Random Access Memory),
The various medium that can store program code such as magnetic disc or CD.
It should be noted that in this article, the relational terms of such as first and second or the like is only used
By an entity or operation separate with another entity or operating space, and not necessarily require or
Imply relation or the order that there is any this reality between these entities or operation.And, term
" include ", " comprising " or its any other variant are intended to comprising of nonexcludability, so that
Process, method, article or equipment including a series of key elements not only include those key elements, but also
Including other key elements being not expressly set out, or also include for this process, method, article or
The key element that person's equipment is intrinsic.In the case of there is no more restriction, by statement " including ... "
The key element limited, it is not excluded that in including the process of described key element, method, article or equipment also
There is other identical element.
The foregoing is only the preferred embodiments of the present invention, be not limited to the present invention, for
For those skilled in the art, the present invention can have various modifications and variations.All essences in the present invention
Within god and principle, any modification, equivalent substitution and improvement etc. made, should be included in the present invention
Protection domain within.It should also be noted that similar label represents similar with letter in following accompanying drawing
, therefore, the most a certain Xiang Yi accompanying drawing is defined, then it is right to need not in accompanying drawing subsequently
It defines further and explains.
The above, the only detailed description of the invention of the present invention, but protection scope of the present invention not office
Being limited to this, any those familiar with the art, can in the technical scope that the invention discloses
Readily occur in change or replace, all should contain within protection scope of the present invention.Therefore, the present invention
Protection domain should described be as the criterion with scope of the claims.
Claims (17)
1. a leakage prevention device, is applied to Email, it is characterised in that described anti-dress of divulging a secret
Put and include:
Interception module, for obtaining the mail sent to designated port;
Matching module, for mating described mail with security strategy set in advance;
Perform module, block for the mail mated with described security strategy is implemented network, and will
Mail unmatched with described security strategy sends to destination server.
2. leakage prevention device as claimed in claim 1, it is characterised in that described interception module is also
For the described mail sent to designated port is done port redirection, described to designated port to obtain
The mail sent.
3. leakage prevention device as claimed in claim 1, it is characterised in that described leakage prevention device
Also include that parsing module, described parsing module are used for resolving described security strategy and described mail.
4. leakage prevention device as claimed in claim 3, it is characterised in that described parsing module is used
In the first keyword resolved in described security strategy and the second keyword in described mail.
5. leakage prevention device as claimed in claim 4, it is characterised in that described matching module is also
For the second keyword in described mail and the first keyword in described security strategy being carried out
Join.
6. leakage prevention device as claimed in claim 5, it is characterised in that described execution module is also
For when described second keyword is with described first keyword match, described mail is implemented network resistance
Disconnected, and when described second keyword does not mates with described first keyword, described mail is sent
To destination server.
7. leakage prevention device as claimed in claim 1, it is characterised in that described leakage prevention device
Also including alarm module, described alarm module is for implementing the mail mated with described security strategy
Network is reported to the police after blocking.
8. leakage prevention device as claimed in claim 1, it is characterised in that described leakage prevention device
Also include that acquisition module, described acquisition module are used for obtaining described security strategy set in advance.
9. a divulgence prevention method, is applied to Email, it is characterised in that the described anti-side of divulging a secret
Method includes:
Obtain the mail sent to designated port;
Described mail is mated with security strategy set in advance;
The mail mated with described security strategy is implemented network block, and will be with described security strategy
Unmatched mail sends to destination server.
10. divulgence prevention method as claimed in claim 9, it is characterised in that described acquisition is to appointment
The mail that port sends includes: the described mail sent to designated port is done port redirection, to obtain
Take the described mail sent to designated port.
11. divulgence prevention methods as claimed in claim 9, it is characterised in that described divulgence prevention method
Also include: resolve described security strategy and described mail.
12. divulgence prevention methods as claimed in claim 11, it is characterised in that described in described parsing
Security strategy and described mail include: resolve the first keyword in described security strategy and described mail
In the second keyword.
13. divulgence prevention methods as claimed in claim 12, it is characterised in that described by described postal
Part carries out mating including with described security strategy: by the second keyword in described mail and described safety
The first keyword in strategy mates.
14. divulgence prevention methods as claimed in claim 13, it is characterised in that described to described
The mail of security strategy coupling is implemented network and is blocked, and will mail unmatched with described security strategy
Transmission to destination server includes: when described second keyword is with described first keyword match, right
Described mail is implemented network and is blocked, and does not mates with described first keyword at described second keyword
Time, described mail is sent to destination server.
15. divulgence prevention methods as claimed in claim 9, it is characterised in that described divulgence prevention method
Also include: report to the police after the mail mated with described security strategy is implemented network blocking-up.
16. divulgence prevention methods as claimed in claim 9, it is characterised in that described divulgence prevention method
Also include: obtaining before the mail that designated port sends, obtaining described safe plan set in advance
Slightly.
17. 1 kinds of user terminals, it is characterised in that described user terminal includes:
Memorizer;
Processor;And
Leakage prevention device, described leakage prevention device is installed in described memorizer and includes one or more
The software function module performed by described processor, described leakage prevention device includes:
Interception module, for obtaining the mail sent to designated port;
Matching module, for mating described mail with security strategy set in advance;
Perform module, block for the mail mated with described security strategy is implemented network, and will
Mail unmatched with described security strategy sends to destination server.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610615474.6A CN106027382A (en) | 2016-07-29 | 2016-07-29 | Anti-leakage device and method and user terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610615474.6A CN106027382A (en) | 2016-07-29 | 2016-07-29 | Anti-leakage device and method and user terminal |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106027382A true CN106027382A (en) | 2016-10-12 |
Family
ID=57115024
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610615474.6A Pending CN106027382A (en) | 2016-07-29 | 2016-07-29 | Anti-leakage device and method and user terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106027382A (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109542847A (en) * | 2018-11-05 | 2019-03-29 | 努比亚技术有限公司 | A kind of document handling method, terminal and readable storage medium storing program for executing |
| CN110808990A (en) * | 2019-11-08 | 2020-02-18 | 北京明朝万达科技股份有限公司 | Mail transmission method, device, electronic equipment and computer readable storage medium |
| CN111698236A (en) * | 2020-06-05 | 2020-09-22 | 浙江华途信息安全技术股份有限公司 | Method and system for preventing leakage of browser |
| CN112214970A (en) * | 2020-10-20 | 2021-01-12 | 上海科越信息技术股份有限公司 | Customs declaration form filling method and device |
| CN112258137A (en) * | 2020-09-06 | 2021-01-22 | 厦门天锐科技股份有限公司 | Mail blocking method and device |
| CN114598673A (en) * | 2022-05-09 | 2022-06-07 | 太平金融科技服务(上海)有限公司深圳分公司 | Electronic mailbox system, mailbox processing method, device and computer equipment |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101257378A (en) * | 2008-04-09 | 2008-09-03 | 南京航空航天大学 | Anti-disclosure mail safe card and method for detecting disclosure mail |
| CN101409686A (en) * | 2007-10-11 | 2009-04-15 | 鸿富锦精密工业(深圳)有限公司 | System and method for checking e-mail accessory content |
| CN104361097A (en) * | 2014-11-21 | 2015-02-18 | 国家电网公司 | Real-time detection method for electric power sensitive mail based on multimode matching |
| CN104518943A (en) * | 2013-09-27 | 2015-04-15 | 无锡华润微电子有限公司 | Method and system for e-mail management |
| CN104702451A (en) * | 2013-12-04 | 2015-06-10 | 大连东浦机电有限公司 | Method for monitoring risk of sent public mail based on keyword extraction strategy |
-
2016
- 2016-07-29 CN CN201610615474.6A patent/CN106027382A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101409686A (en) * | 2007-10-11 | 2009-04-15 | 鸿富锦精密工业(深圳)有限公司 | System and method for checking e-mail accessory content |
| CN101257378A (en) * | 2008-04-09 | 2008-09-03 | 南京航空航天大学 | Anti-disclosure mail safe card and method for detecting disclosure mail |
| CN104518943A (en) * | 2013-09-27 | 2015-04-15 | 无锡华润微电子有限公司 | Method and system for e-mail management |
| CN104702451A (en) * | 2013-12-04 | 2015-06-10 | 大连东浦机电有限公司 | Method for monitoring risk of sent public mail based on keyword extraction strategy |
| CN104361097A (en) * | 2014-11-21 | 2015-02-18 | 国家电网公司 | Real-time detection method for electric power sensitive mail based on multimode matching |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109542847A (en) * | 2018-11-05 | 2019-03-29 | 努比亚技术有限公司 | A kind of document handling method, terminal and readable storage medium storing program for executing |
| CN110808990A (en) * | 2019-11-08 | 2020-02-18 | 北京明朝万达科技股份有限公司 | Mail transmission method, device, electronic equipment and computer readable storage medium |
| CN110808990B (en) * | 2019-11-08 | 2021-11-05 | 北京明朝万达科技股份有限公司 | Mail transmission method, device, electronic equipment and computer readable storage medium |
| CN111698236A (en) * | 2020-06-05 | 2020-09-22 | 浙江华途信息安全技术股份有限公司 | Method and system for preventing leakage of browser |
| CN112258137A (en) * | 2020-09-06 | 2021-01-22 | 厦门天锐科技股份有限公司 | Mail blocking method and device |
| CN112214970A (en) * | 2020-10-20 | 2021-01-12 | 上海科越信息技术股份有限公司 | Customs declaration form filling method and device |
| CN114598673A (en) * | 2022-05-09 | 2022-06-07 | 太平金融科技服务(上海)有限公司深圳分公司 | Electronic mailbox system, mailbox processing method, device and computer equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106027382A (en) | Anti-leakage device and method and user terminal | |
| EP2984863B1 (en) | System and method for tracking sms messages | |
| CN105187599B (en) | A kind of method for managing contact person information and terminal | |
| CN107122673A (en) | A kind of information ciphering method and terminal | |
| CN104657254A (en) | Operation information processing method and device | |
| CN106487654A (en) | The method of message cluster transmition | |
| CN106034054A (en) | Redundant access control list ACL rule file detection method and apparatus thereof | |
| CN104917796A (en) | Credit account creating method, system and method | |
| CN104580108B (en) | Information cuing method and system, server | |
| JP2020524864A (en) | Controlling access to data | |
| CN104281272A (en) | Password input processing method and device | |
| CN102271332B (en) | End message time slot scrambling and device | |
| Gibson et al. | Vulnerability in massive api scraping: 2021 linkedin data breach | |
| CN110175316B (en) | Media number interaction method, system and storage medium based on blockchain | |
| CN107315934A (en) | Communication message processing method, mobile terminal and storage device | |
| CN110232286A (en) | A kind of electric quotient data cochain method and its equipment for applying intelligent contract | |
| CN107124457A (en) | Application data synchronous method, application data sychronisation and server | |
| CN106254680A (en) | Information processing method and device | |
| CN103795845A (en) | Historical interface access method, historical interface access device and mobile terminal | |
| CN110264206A (en) | A kind of electric quotient data cochain method and its equipment based on block chain | |
| CN107018224A (en) | Contact person's adding method and device during a kind of O2O transaction | |
| CN106295309A (en) | The management method of a kind of announcement information and equipment | |
| CN109598601A (en) | Account book monitoring method and account book monitoring system based on block chain | |
| CN104301876B (en) | The method and apparatus of transmission of message | |
| CN107292194A (en) | A kind of data guard method, mobile terminal and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20161012 |