CN111488604A - Data desensitization system and data desensitization method - Google Patents
Data desensitization system and data desensitization method Download PDFInfo
- Publication number
- CN111488604A CN111488604A CN202010263565.4A CN202010263565A CN111488604A CN 111488604 A CN111488604 A CN 111488604A CN 202010263565 A CN202010263565 A CN 202010263565A CN 111488604 A CN111488604 A CN 111488604A
- Authority
- CN
- China
- Prior art keywords
- desensitization
- data
- server
- reverse proxy
- proxy server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
Abstract
The present disclosure relates to a data desensitization system, comprising: desensitization server, database server and the reverse proxy server connected with the desensitization server, wherein the desensitization server obtains the authentication request message sent from the client device through the reverse proxy server, and feeds back the corresponding identity authentication information and desensitization rule to the reverse proxy server based on the received legal authentication request message, the database server obtains the data request message sent from the client device through the reverse proxy server, and feeds back the corresponding original data to the reverse proxy server based on the received data request message, and the reverse proxy server continuously analyzes the obtained original data and forwards the analyzed original data to the desensitization server, so that the desensitization server performs desensitization processing on the received original data by using the corresponding desensitization rule based on the identity information of the authenticated client device, therefore, desensitization data is continuously acquired from the desensitization server, and the desensitization data is continuously fed back to the client device sending the data request message.
Description
Technical Field
The present disclosure relates to the field of computer information processing, particularly to the field of data security, and more particularly to a data desensitization system and a data desensitization method.
Background
With the development of information technology, various kinds of information have been fully digitalized. The digitization of information brings convenience to people's work and life on the one hand, but also brings a huge crisis to the leakage of information on the other hand. Protecting information excessively gives people a sense of security on the one hand, but also poses some obstacles to the proper acquisition of information on the other hand. Therefore, how to secure information while a technology is needed to enable a legitimate user to rightfully obtain an information release desensitization technology that does not cause information leakage.
One currently used data desensitization technique is to query the requested data from the database based on a user's request, then perform desensitization processing, and transmit the desensitization data to the user. On the one hand, this prior art needs to store a large amount of user data to confirm whether these users are legal users, and on the other hand, for a large number of querying users, before desensitization processing is performed, all queried data needs to be cached, and the amount of cached data is related to a specific database querying manner, so that the cache size is unpredictable, and once the cached data exceeds a preset cache capacity, operation of the system is stalled. Moreover, when the network delay caused by the operation stagnation is large, real-time response cannot be realized, and the user request real-time response is poor.
It is desirable to have a data desensitization system and method that eliminates response network delays and enables real-time authentication.
Disclosure of Invention
In order to eliminate the drawbacks of desensitization system response delay and to authenticate users in real time, according to one aspect of the present disclosure, there is provided a data desensitization system comprising: desensitization server, database server and the reverse proxy server connected with the desensitization server, wherein the desensitization server obtains the authentication request message sent from the client device through the reverse proxy server, and feeds back the corresponding identity authentication information and desensitization rule to the reverse proxy server based on the received legal authentication request message, the database server obtains the data request message sent from the client device through the reverse proxy server, and feeds back the corresponding original data to the reverse proxy server based on the received data request message, and the reverse proxy server continuously analyzes the obtained original data and forwards the analyzed original data to the desensitization server, so that the desensitization server performs desensitization processing on the received original data by using the corresponding desensitization rule based on the identity information of the authenticated client device, therefore, desensitization data is continuously acquired from the desensitization server, and the desensitization data is continuously fed back to the client device sending the data request message.
A data desensitization system according to the present disclosure, wherein the reverse proxy server is an Nginx server.
A data desensitization system according to the present disclosure, wherein the client device decodes desensitization data continuously fed back from the reverse proxy server for presentation to a user based on desensitization rules fed back from the reverse proxy server.
According to the data desensitization system disclosed by the invention, the desensitization server encrypts identity authentication information and desensitization rules and feeds back the encrypted desensitization information and desensitization rules to the reverse proxy server.
According to the data desensitization system of the present disclosure, the desensitization server performs desensitization rule negotiation based on a request of a client device via the reverse proxy server, and feeds back a negotiation result as a desensitization rule of a corresponding client device to the client device via the reverse proxy server.
According to the data desensitization system disclosed by the invention, the desensitization server carries out encryption processing on desensitization rules and then feeds back the desensitization rules to the client device through the reverse proxy server after carrying out encryption processing.
The data desensitization system according to the present disclosure, wherein the reverse proxy server and the client device communicate encrypted via HTTPS protocol or SS L protocol.
According to another aspect of the present disclosure, there is provided a data desensitization method, comprising: sending an authentication request message and a data request message to a reverse proxy server through client equipment; the reverse proxy server forwards the authentication request message to the desensitization server and forwards the data request message to the database server; the desensitization server authenticates the legality of the client equipment based on the authentication request message acquired from the reverse proxy server and feeds back corresponding identity authentication information and desensitization rules to the reverse proxy server; the database server feeds back corresponding original data to the reverse proxy server based on the data request message acquired from the reverse proxy server; the reverse proxy server continuously analyzes the obtained original data and forwards the analyzed original data to the desensitization server; the desensitization server executes desensitization processing on the received original data by adopting a corresponding desensitization rule based on the authenticated identity information of the client equipment, so that desensitization data are continuously fed back to the reverse proxy server; and the reverse proxy server continuously feeds desensitization data back to the client device sending the data request message.
A data desensitization method according to the present disclosure, wherein the reverse proxy server is an Nginx server.
A method of data desensitization according to the present disclosure, further comprising: the client device decodes desensitization data continuously fed back from the reverse proxy server for presentation to a user based on desensitization rules fed back from the reverse proxy server.
A data desensitization system according to the present disclosure, further comprising: and the desensitization server encrypts the identity authentication information and the desensitization rule and feeds the desensitization rule back to the reverse proxy server.
According to the data desensitization system of the present disclosure, the desensitization server performs desensitization rule negotiation based on an authentication request of a client device via the reverse proxy server, and feeds back a negotiation result as a desensitization rule of a corresponding client device to the client device via the reverse proxy server.
By adopting the data desensitization system according to the disclosure, different users can view corresponding information according to their rights. And the data desensitization system disclosed by the invention can realize high-concurrency big data desensitization real-time transmission response through the reverse proxy server and the desensitization server. And the whole data desensitization system disclosed by the invention is simple to deploy and does not need to add too many devices.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present disclosure and together with the description, serve to explain the principles of the disclosure.
FIG. 1 illustrates a schematic diagram of a data desensitization system according to the present disclosure;
FIG. 2 is a flow chart illustrating a method of data desensitization according to the present disclosure.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The implementations described in the exemplary embodiments below are not intended to represent all implementations consistent with the present disclosure. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the present disclosure, as detailed in the appended claims.
The terminology used in the present disclosure is for the purpose of describing particular embodiments only and is not intended to be limiting of the disclosure. As used in this disclosure and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any and all possible combinations of one or more of the associated listed items.
It is to be understood that although the terms first, second, third, etc. may be used herein to describe various information, such information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, a first could also be termed a second, and, similarly, a second could also be termed a first, without departing from the scope of the present disclosure. The word "if" as used herein may be interpreted as "at … …" or "when … …" or "in response to a determination", depending on the context.
For a better understanding of the present disclosure, reference is made to the following detailed description taken in conjunction with the accompanying drawings.
FIG. 1 illustrates a schematic diagram of a data desensitization system according to the present disclosure. As shown in fig. 1, the data desensitization system 10 includes a desensitization server 130, a database server 120, and a reverse proxy server 110 connected to both. The reverse proxy server may be a kind of a Nginx server. The Nginx server is a high performance, lightweight HTTP and reverse proxy web server, while also providing IMAP/POP3/SMTP services. The Nginx server has the characteristic of low system resource consumption, occupies less memory and has strong concurrency capability, so that the Nginx server does not cause delay and page delay in order to realize the query result and plays a great help role in the streaming acquisition of the query result.
As shown in fig. 1, reverse proxy server 110 is a proxy server for client devices 20 or data querying users to communicate data with data desensitization system 10. The client device 20 need only know the network address of the reverse proxy server 110 to query for desensitization data. The client device 20 first needs to perform user authentication when performing an inquiry. Legitimate users may make data queries via reverse proxy server 110. To do so, the client device 20 sends an authentication request message to the reverse proxy server 110. All inquiry authentication request messages are legally verified by the pre-configured reverse proxy server 110 and then directly forwarded to the desensitization server 130 for user authentication. The desensitization server 130 may include various components for authentication and desensitization processing, for performing user authentication and data desensitization processing, for example, a transceiving component for communication with the reverse proxy server 110, a routing component configured to communicate with the reverse proxy server 110, a certificate management component for managing certificates of various users and issuing certificates of general users, a communication encryption component, a desensitization rule determination component, a data desensitization processing component, a raw data caching component, a desensitization data caching component, and the like. Since the present disclosure does not relate to desensitization itself but to fast communication and presentation of desensitization data and user authentication, detailed description is not given to specific technical means of data desensitization procedures, and how to desensitize and desensitization rule contents may adopt any existing rule to be applied to the technical solution of the present disclosure.
As described above, the desensitization server 130 feeds back the corresponding authentication information and desensitization rule to the client device 20 via the reverse server 130 via the authentication request message from the client device via the reverse server 110. In the authentication process, data needs to be encrypted to prevent desensitization rules from being intercepted by a third party. Specifically, the authentication information is a digital certificate containing an encrypted public key. The desensitization rule also carries out encryption processing, for example, the internet data transmission encryption is completed by adopting technologies such as a digital certificate, an encryption algorithm, an asymmetric key and the like through an HTTPS protocol, so that the internet transmission security protection is realized. AES can be adopted: advanced Encryption Standard and DES: data Encryption Standard (Data Encryption Standard).
By the desensitization server 130 performing user identity authentication on the client device, the desensitization rule and the user data access right of the user can be determined in the identity authentication process. Therefore, the desensitization server 130 acquires the authentication request message transmitted from the client device 20 via the reverse proxy server 110, and feeds back the corresponding identity authentication information and desensitization rule to the reverse proxy server based on the received legitimate authentication request message. This may provide the necessary desensitization rules for the subsequent desensitization process. Since the desensitization rule is determined in the user identity authentication process, the user needs to be authenticated in the login process. During the authentication process, user information needs to be transmitted to the desensitization server. And the desensitization system queries the user authority and the corresponding desensitization rule according to the user information. These desensitization rules may be determined by the desensitization system user or may be obtained by mutual negotiation. When the desensitization rules are negotiated with each other, data needs to be encrypted to prevent the data communicated with each other from being acquired and utilized by a third party. If the fixes are rules, the rules are modified periodically to prevent the rules from being deciphered.
As shown in fig. 1, after authentication via desensitization server 130, client device 20 issues a data query request to data desensitization system 10 or its reverse proxy server 110, thereby initiating a data request to database server 120. The reverse proxy server 110 receives the data query request and transmits the user request data to the corresponding database server 120. The database server 120 obtains the query condition of the data request message sent from the client device 20 via the reverse proxy server 110 to perform data query, and feeds back the original data required by the client device 20 to the reverse proxy server 110. These raw data are the data to be desensitized. Desensitization is required before reverse proxy server 110 forwards to client device 20. Reverse proxy server 110 parses the data after acquiring the original data to be desensitized, and transmits the data to be desensitized to desensitization server 130 after parsing the content. It should be noted that some raw data may not contain sensitive data at all. For security reasons, the reverse proxy server still transmits the original data to the desensitization server 130. At this time, since the original data does not contain sensitive data, the desensitization server will not perform desensitization processing substantially or desensitization processing will be very fast. To this end, the input port of the reverse proxy server 110 facing the database server 120 is configured by pre-routing, so that the query result from the input port facing the database server 120 is directly routed to the output port of the desensitization server 130 for desensitization of the original data. Reverse proxy server 110 includes the user's authentication information, such as the client device name, in the raw data sent to desensitization server 130. The desensitization server 130 performs desensitization processing on the received original data using a corresponding desensitization rule based on the authenticated identity information of the client device 20, generates desensitization data, and then transmits the desensitization data back to the reverse proxy server 110. The data desensitization rule comprises determination of sensitive data, type of the sensitive data and desensitization algorithm for desensitizing the sensitive data.
When performing a desensitization task, the data desensitization processing component in the desensitization server 130 may determine all possible sensitive data on one hand, then determine, according to a desensitization rule corresponding to the identity authentication information of the client device 20, sensitive data that needs to be desensitized among all the sensitive data, and determine a sensitive data type of the sensitive information and a corresponding desensitization algorithm; on the other hand, the original data may also be directly analyzed according to the desensitization rule corresponding to the identity authentication information of the client device 20, so as to locate the sensitive data in the original data at one time, and determine the sensitive data type of the sensitive information and the corresponding desensitization algorithm. And finally, the name holding data processing component generates replacement data for replacing the sensitive data based on a desensitization algorithm and performs replacement. The reverse proxy server 110 receives the desensitization data and sends it to the client device 20 according to the database message requirements.
FIG. 2 is a flow chart illustrating a method of data desensitization according to the present disclosure. As shown in fig. 2, first, at step S210, an authentication request message and a data request message are sent to the reverse proxy server 110 through the client device 20. At step S220, the reverse proxy server 110 forwards the authentication request message to the desensitization server 130. At step S230, the desensitization server 130 authenticates the validity of the client device 20 based on the authentication request message obtained from the reverse proxy server 110, and feeds back corresponding identity authentication information and desensitization rules to the reverse proxy server 110. At step S240, the reverse proxy server 110 forwards the authentication information and desensitization rules to the user equipment 20. At step S250, reverse proxy server 110 forwards the data request message to database server 120. At S260, the database server 120 feeds back corresponding original data to the reverse proxy server 110 based on the data request packet acquired from the reverse proxy server 110; at step S270, the reverse proxy server 110 continuously parses the obtained raw data and forwards the parsed raw data to the desensitization server 130. At step S280, the desensitization server 130 performs desensitization processing on the received raw data using a corresponding desensitization rule based on the identity information of the authenticated client device, thereby continuously feeding back desensitization data to the reverse proxy server. Finally, reverse proxy server 110 continuously feeds back desensitization data to client device 20 that sent the data request message at step S290.
In summary, by using the data desensitization system and method of the present disclosure, in the data desensitization process of the desensitization server, the desensitization rule is determined in the authentication process and the desensitization rule is determined by the user authority, so the desensitization process does not perform complete desensitization on the received data, but performs desensitization according to the needs of the user. On the other hand, because the reverse proxy server, which is a nginx server, is adopted and is configured to perform original data proxy between the database server and the desensitization server, the whole data transmission is performed in a streaming manner, and even in the case of a large number of data requests, the client device can be ensured to obtain the required desensitized query result data without delay. Moreover, because the data forwarding is carried out in a streaming mode, the desensitization server does not need to prepare a large number of buffers in advance for target data caching, and the defect that the demand of data cannot be predicted is reduced.
Therefore, the data desensitization system based on the nginx server is provided with the database server and the desensitization server respectively behind the homeward server, the desensitization server performs user identity authentication and desensitization rule generation, and the database server does not perform encryption data analysis, so that desensitization of desensitization data and efficient operation of sending are ensured, and data caching is reduced.
The basic principles of the present disclosure have been described in connection with specific embodiments, but it should be noted that it will be understood by those skilled in the art that all or any of the steps or components of the method and apparatus of the present disclosure may be implemented in any computing device (including processors, storage media, etc.) or network of computing devices, in hardware, firmware, software, or a combination thereof, which can be implemented by those skilled in the art using their basic programming skills after reading the description of the present disclosure.
Thus, the objects of the present disclosure may also be achieved by running a program or a set of programs on any computing device. The computing device may be a general purpose device as is well known. Thus, the object of the present disclosure can also be achieved merely by providing a program product containing program code for implementing the method or apparatus. That is, such a program product also constitutes the present disclosure, and a storage medium storing such a program product also constitutes the present disclosure. It is to be understood that the storage medium may be any known storage medium or any storage medium developed in the future.
It is also noted that in the apparatus and methods of the present disclosure, it is apparent that individual components or steps may be disassembled and/or re-assembled. These decompositions and/or recombinations are to be considered equivalents of the present disclosure. Also, the steps of executing the series of processes described above may naturally be executed chronologically in the order described, but need not necessarily be executed chronologically. Some steps may be performed in parallel or independently of each other.
The above detailed description should not be construed as limiting the scope of the disclosure. Those skilled in the art will appreciate that various modifications, combinations, sub-combinations, and substitutions can occur, depending on design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present disclosure should be included in the scope of protection of the present disclosure.
Claims (12)
1. A data desensitization system, comprising: desensitization server, database server and the reverse proxy server connected with the desensitization server, wherein the desensitization server obtains the authentication request message sent from the client device through the reverse proxy server, and feeds back the corresponding identity authentication information and desensitization rule to the reverse proxy server based on the received legal authentication request message, the database server obtains the data request message sent from the client device through the reverse proxy server, and feeds back the corresponding original data to the reverse proxy server based on the received data request message, and the reverse proxy server continuously analyzes the obtained original data and forwards the analyzed original data to the desensitization server, so that the desensitization server performs desensitization processing on the received original data by using the corresponding desensitization rule based on the identity information of the authenticated client device, therefore, desensitization data is continuously acquired from the desensitization server, and the desensitization data is continuously fed back to the client device sending the data request message.
2. A data desensitization system according to claim 1, wherein said reverse proxy server is an Nginx server.
3. The data desensitization system of claim 1, wherein the client device decodes desensitization data continuously fed back from the reverse proxy server for presentation to a user based on desensitization rules fed back from the reverse proxy server.
4. The data desensitization system of claim 1, wherein the desensitization server encrypts identity authentication information and desensitization rules and feeds back the encrypted desensitization information and desensitization rules to the reverse proxy server.
5. The data desensitization system of claim 1, wherein the desensitization server negotiates desensitization rules based on client device's requests via the reverse proxy server and feeds back negotiation results to the client devices via the reverse proxy server as desensitization rules for the corresponding client devices.
6. The data desensitization system of claim 5, wherein the desensitization server encrypts desensitization rules and feeds them back to the client device via the reverse proxy server.
7. A data desensitization system according to claim 4 or 6, wherein encrypted communications between said reverse proxy server and client devices are via HTTPS protocol or SS L protocol.
8. A method of data desensitization, comprising:
sending an authentication request message and a data request message to a reverse proxy server through a client device
The reverse proxy server forwards the authentication request message to the desensitization server and forwards the data request message to the database server;
the desensitization server authenticates the legality of the client equipment based on the authentication request message acquired from the reverse proxy server and feeds back corresponding identity authentication information and desensitization rules to the reverse proxy server;
the database server feeds back corresponding original data to the reverse proxy server based on the data request message acquired from the reverse proxy server;
the reverse proxy server continuously analyzes the obtained original data and forwards the analyzed original data to the desensitization server; and
the desensitization server executes desensitization processing on the received original data by adopting a corresponding desensitization rule based on the authenticated identity information of the client equipment, so that desensitization data are continuously fed back to the reverse proxy server; and
the reverse proxy server continuously feeds back desensitization data to the client device that sent the data request message.
9. A method of data desensitization according to claim 8, wherein said reverse proxy server is an Nginx server.
10. A data desensitization method according to claim 8, further comprising: the client device decodes desensitization data continuously fed back from the reverse proxy server for presentation to a user based on desensitization rules fed back from the reverse proxy server.
11. The data desensitization system according to claim 8, further comprising: and the desensitization server encrypts the identity authentication information and the desensitization rule and feeds the desensitization rule back to the reverse proxy server.
12. The data desensitization system of claim 8, wherein the desensitization server performs desensitization rule negotiation via the reverse proxy based on authentication requests of client devices and feeds back negotiation results to the client devices via the reverse proxy as desensitization rules for corresponding client devices.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010263565.4A CN111488604A (en) | 2020-04-07 | 2020-04-07 | Data desensitization system and data desensitization method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010263565.4A CN111488604A (en) | 2020-04-07 | 2020-04-07 | Data desensitization system and data desensitization method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111488604A true CN111488604A (en) | 2020-08-04 |
Family
ID=71811623
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010263565.4A Pending CN111488604A (en) | 2020-04-07 | 2020-04-07 | Data desensitization system and data desensitization method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111488604A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112073465A (en) * | 2020-08-07 | 2020-12-11 | 上海上讯信息技术股份有限公司 | Dynamic desensitization method and device based on SFTP transmission |
| CN112487486A (en) * | 2020-12-18 | 2021-03-12 | 平安普惠企业管理有限公司 | Data acquisition method and device based on block chain and computer equipment |
| CN114726605A (en) * | 2022-03-30 | 2022-07-08 | 医渡云(北京)技术有限公司 | Sensitive data filtering method, device and system and computer equipment |
| CN115277047A (en) * | 2022-05-31 | 2022-11-01 | 明珠数字科技股份有限公司 | Message desensitization method, system and storage medium based on Spring Cloud Gateway |
| CN116545776A (en) * | 2023-07-06 | 2023-08-04 | 中航金网(北京)电子商务有限公司 | Data transmission method, device, computer equipment and storage medium |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107315972A (en) * | 2017-06-01 | 2017-11-03 | 北京明朝万达科技股份有限公司 | A kind of dynamic desensitization method of big data unstructured document and system |
| CN108154047A (en) * | 2017-12-25 | 2018-06-12 | 网智天元科技集团股份有限公司 | A kind of data desensitization method and device |
| CN207489017U (en) * | 2017-10-23 | 2018-06-12 | 中恒华瑞(北京)信息技术有限公司 | Data desensitization system |
| CN109063511A (en) * | 2018-08-16 | 2018-12-21 | 深圳云安宝科技有限公司 | Data access control method, device, proxy server and medium based on Web API |
| WO2019091102A1 (en) * | 2017-11-07 | 2019-05-16 | 平安科技(深圳)有限公司 | Desensitization rule configuration method and program, application server and computer-readable storage medium |
| CN109977690A (en) * | 2017-12-28 | 2019-07-05 | 中国移动通信集团陕西有限公司 | A kind of data processing method, device and medium |
| CN110399733A (en) * | 2019-03-18 | 2019-11-01 | 国网安徽省电力有限公司黄山供电公司 | A kind of desensitization platform for structural data |
-
2020
- 2020-04-07 CN CN202010263565.4A patent/CN111488604A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107315972A (en) * | 2017-06-01 | 2017-11-03 | 北京明朝万达科技股份有限公司 | A kind of dynamic desensitization method of big data unstructured document and system |
| CN207489017U (en) * | 2017-10-23 | 2018-06-12 | 中恒华瑞(北京)信息技术有限公司 | Data desensitization system |
| WO2019091102A1 (en) * | 2017-11-07 | 2019-05-16 | 平安科技(深圳)有限公司 | Desensitization rule configuration method and program, application server and computer-readable storage medium |
| CN108154047A (en) * | 2017-12-25 | 2018-06-12 | 网智天元科技集团股份有限公司 | A kind of data desensitization method and device |
| CN109977690A (en) * | 2017-12-28 | 2019-07-05 | 中国移动通信集团陕西有限公司 | A kind of data processing method, device and medium |
| CN109063511A (en) * | 2018-08-16 | 2018-12-21 | 深圳云安宝科技有限公司 | Data access control method, device, proxy server and medium based on Web API |
| CN110399733A (en) * | 2019-03-18 | 2019-11-01 | 国网安徽省电力有限公司黄山供电公司 | A kind of desensitization platform for structural data |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112073465A (en) * | 2020-08-07 | 2020-12-11 | 上海上讯信息技术股份有限公司 | Dynamic desensitization method and device based on SFTP transmission |
| CN112487486A (en) * | 2020-12-18 | 2021-03-12 | 平安普惠企业管理有限公司 | Data acquisition method and device based on block chain and computer equipment |
| CN114726605A (en) * | 2022-03-30 | 2022-07-08 | 医渡云(北京)技术有限公司 | Sensitive data filtering method, device and system and computer equipment |
| CN115277047A (en) * | 2022-05-31 | 2022-11-01 | 明珠数字科技股份有限公司 | Message desensitization method, system and storage medium based on Spring Cloud Gateway |
| CN116545776A (en) * | 2023-07-06 | 2023-08-04 | 中航金网(北京)电子商务有限公司 | Data transmission method, device, computer equipment and storage medium |
| CN116545776B (en) * | 2023-07-06 | 2023-10-03 | 中航金网(北京)电子商务有限公司 | Data transmission method, device, computer equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111488604A (en) | Data desensitization system and data desensitization method | |
| JP6612358B2 (en) | Method, network access device, application server, and non-volatile computer readable storage medium for causing a network access device to access a wireless network access point | |
| US9673984B2 (en) | Session key cache to maintain session keys | |
| US9454673B1 (en) | Searchable encryption for cloud storage | |
| US10650119B2 (en) | Multimedia data processing method, apparatus, system, and storage medium | |
| US9350704B2 (en) | Provisioning network access through a firewall | |
| US11303431B2 (en) | Method and system for performing SSL handshake | |
| US11811950B1 (en) | Dynamic response signing capability in a distributed system | |
| US10104092B2 (en) | System and method for parallel secure content bootstrapping in content-centric networks | |
| US20140289531A1 (en) | Communication system, relay device, and non-transitory computer readable medium | |
| US20150381716A1 (en) | Method and system for sharing files over p2p | |
| US20210160203A1 (en) | System for disarming encrypted attachment files of e-mail and disarming method using same | |
| CN113645226B (en) | Data processing method, device, equipment and storage medium based on gateway layer | |
| US11695546B2 (en) | Decoupled custom event system based on ephemeral tokens for enabling secure custom services on a digital audio stream | |
| CN107026828A (en) | A kind of anti-stealing link method cached based on internet and internet caching | |
| JP2019505009A5 (en) | ||
| CN102195979B (en) | Method for performing network acceleration based on acceleration KEY, and acceleration KEY | |
| JP2010272951A (en) | Method and server for managing distribution of shared key | |
| US20130024543A1 (en) | Methods for generating multiple responses to a single request message and devices thereof | |
| CN113204721A (en) | Request processing method, node and storage medium | |
| WO2016127634A1 (en) | Service processing method, device and system for application program, and storage medium | |
| CN108259621B (en) | Method and device for auditing HTTPS (hypertext transfer protocol secure) content of Internet bar | |
| KR101315681B1 (en) | Information Processing Device In Cloud Computing Environment and Information Processing Method Therein | |
| US11888829B2 (en) | Dynamic routing and encryption using an information gateway | |
| JP6549518B2 (en) | Proxy device for content delivery network, transfer device, client device and program |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |