CN111885023A - Method and system for self-adaptive digital asset management - Google Patents
Method and system for self-adaptive digital asset management Download PDFInfo
- Publication number
- CN111885023A CN111885023A CN202010658962.1A CN202010658962A CN111885023A CN 111885023 A CN111885023 A CN 111885023A CN 202010658962 A CN202010658962 A CN 202010658962A CN 111885023 A CN111885023 A CN 111885023A
- Authority
- CN
- China
- Prior art keywords
- digital asset
- digital assets
- digital
- mobile terminal
- node
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
- H04L63/205—Network architectures or network communication protocols for network security for managing network security; network security policies in general involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a method and a system for self-adaptive digital asset management, which solve the problem that the existing method for managing digital virtual assets is lacked, can virtualize files, keys, addresses, equipment and transmitted service data in an enterprise network into digital assets for management, and provide a targeted protection strategy, wherein scene mining is introduced, so that enterprise users can manage better.
Description
Technical Field
The present application relates to the field of network security technologies, and in particular, to a method and a system for adaptive digital asset management.
Background
The existing enterprise asset management lacks a management method for digital virtual assets, and the digital virtual assets become more and more important assets in an enterprise and need to be effectively managed. At the same time, there is also a need to be able to give targeted protection strategies.
Therefore, a method and system for targeted digital asset management is urgently needed.
Disclosure of Invention
The invention aims to provide a method and a system for self-adaptive digital asset management, which solve the problem that the existing method for managing digital virtual assets is lacked, can virtualize files, keys, addresses, equipment and transmitted service data in an enterprise network into digital assets for management, and provide a targeted protection strategy, wherein scene mining is introduced, so that better management of enterprise users is facilitated.
In a first aspect, the present application provides a method of adaptive digital asset management, the method comprising:
sending an instruction to each node of the designated network, instructing each node to scan a locally stored file, a key stored in a database, an email of a local area network and an IP address of each node, and informing each node of uploading a scanning result in a service transmission gap; the scanning result carries one or a plurality of combinations of node identifiers, file identifiers, database identifiers, network identifiers, email addresses and IP addresses;
analyzing the scanning result, decomposing a plurality of single files, a single key, a single email address and a single IP address contained in the scanning result, respectively virtualizing the single files, the single key, the single email address and the single IP address into single digital assets, and respectively naming the single digital assets by corresponding identifications carried by the scanning result;
summarizing the equipment types and equipment identifications of all nodes, and virtualizing all nodes into single digital assets respectively according to the equipment types and the equipment identifications;
monitoring data packets transmitted by each node in real time, acquiring a data encryption mode by analyzing the data packets, combining the data packets related to each other into a service data packet, virtualizing the service data packet and the encryption mode into a single digital asset respectively, forming a digital asset group by the digital asset of the single service data packet and the single encryption mode digital asset, and attaching a service identifier and an encryption mode identifier;
positioning an appointed network through a base station, acquiring a mobile terminal identifier near the enterprise positioning, and sending a confirmation request to the mobile terminal near the positioning, so that a user can confirm whether the mobile terminal is used by related enterprise personnel on a mobile terminal client, and virtualizing the confirmed mobile terminal into a single digital asset;
intensively displaying all digital assets, establishing an incidence relation among the digital assets according to business incidence, user incidence and positioning incidence, monitoring the flow of the digital assets, judging whether the flow direction of the appointed digital assets meets the incidence relation or not, if the flow direction does not meet the incidence relation, determining that the digital assets are abnormal in use, and marking as an abnormal point;
the method comprises the steps that a use range, a use right and a use time period are marked for each digital asset, wherein the use range comprises a position, a flow direction, whether the digital asset can be transmitted to a mobile terminal or not and services which can be supported, the use right comprises the use of only specified personnel and confidentiality, and the use time period comprises the use time and the spare time release of the specified mobile terminal;
monitoring the cooperative use of each digital asset, judging whether the cooperative use of the designated digital asset meets the use range of the related digital asset, if not, identifying that the digital asset is abnormal in use and marking as an abnormal point;
the method comprises the steps of counting type proportion of digital assets in real time, adaptively and dynamically adjusting a management framework according to the type proportion, adopting a centralized management framework when the proportion of the file data class in the digital assets is larger than that of equipment classes, and monitoring the use range of all the digital assets by a central server; when the equipment class example in the digital assets is larger than the file data class, a distributed management architecture is adopted, and each node monitors the use range of all the digital assets respectively;
according to the abnormal points and the pre-and-post association relationship of the abnormal points, forming abnormal tracks, inputting the abnormal points and the pre-and-post association relationship of the abnormal points into a scene mining model, calling corresponding rules according to specified services or specified users, finding out corresponding scene information by using a specified data mining algorithm, and formulating a corresponding protection strategy according to the scene information.
With reference to the first aspect, in a first possible implementation manner of the first aspect, the single digital asset further includes digital asset type information, and the type information is divided into a file data class and a device class.
With reference to the first aspect, in a second possible implementation manner of the first aspect, the associating includes: whether the services have relevance or not or whether the services are the same or not is analyzed, whether the related nodes are on the potential propagation path or not is analyzed, and whether the users are the same or whether a relation chain exists between the users is analyzed.
With reference to the first aspect, in a third possible implementation manner of the first aspect, the designated enterprise personnel can manually register the digital asset according to the management authority.
In a second aspect, the present application provides an adaptive digital asset management system, the system comprising: the device comprises a registration unit, a judgment unit, an architecture unit and an analysis unit;
the registration unit is used for issuing an instruction to each node of the designated network, instructing each node to scan a locally stored file, a key stored in a database, an electronic mailbox of a local area network and an IP address of each node, and informing each node of uploading a scanning result in a service transmission interval; the scanning result carries one or a plurality of combinations of node identifiers, file identifiers, database identifiers, network identifiers, email addresses and IP addresses;
analyzing the scanning result, decomposing a plurality of single files, a single key, a single email address and a single IP address contained in the scanning result, respectively virtualizing the single files, the single key, the single email address and the single IP address into single digital assets, and respectively naming the single digital assets by corresponding identifications carried by the scanning result;
summarizing the equipment types and equipment identifications of all nodes, and virtualizing all nodes into single digital assets respectively according to the equipment types and the equipment identifications;
monitoring data packets transmitted by each node in real time, acquiring a data encryption mode by analyzing the data packets, combining the data packets related to each other into a service data packet, virtualizing the service data packet and the encryption mode into a single digital asset respectively, forming a digital asset group by the digital asset of the single service data packet and the single encryption mode digital asset, and attaching a service identifier and an encryption mode identifier;
positioning an appointed network through a base station, acquiring a mobile terminal identifier near the enterprise positioning, and sending a confirmation request to the mobile terminal near the positioning, so that a user can confirm whether the mobile terminal is used by related enterprise personnel on a mobile terminal client, and virtualizing the confirmed mobile terminal into a single digital asset;
the judging unit is used for displaying all the digital assets in a centralized manner, establishing an incidence relation among the digital assets according to business association, user association and positioning association, monitoring the flow of the digital assets, judging whether the flow direction of the appointed digital assets meets the incidence relation or not, and if the flow direction does not meet the incidence relation, determining that the digital assets are abnormal in use and marking the digital assets as abnormal points;
the method comprises the steps that a use range, a use right and a use time period are marked for each digital asset, wherein the use range comprises a position, a flow direction, whether the digital asset can be transmitted to a mobile terminal or not and services which can be supported, the use right comprises the use of only specified personnel and confidentiality, and the use time period comprises the use time and the spare time release of the specified mobile terminal;
monitoring the cooperative use of each digital asset, judging whether the cooperative use of the designated digital asset meets the use range of the related digital asset, if not, identifying that the digital asset is abnormal in use and marking as an abnormal point;
the architecture unit is used for counting the type proportion of the digital assets in real time, adaptively and dynamically adjusting the management architecture according to the type proportion, when the data class proportion of the digital assets is greater than that of the equipment class, a centralized management architecture is adopted, and the central server monitors the use range of all the digital assets; when the equipment class example in the digital assets is larger than the file data class, a distributed management architecture is adopted, and each node monitors the use range of all the digital assets respectively;
the analysis unit is used for forming an abnormal track according to the abnormal point and the front-back incidence relation of the abnormal point, inputting the abnormal point and the front-back incidence relation of the abnormal point into a scene mining model, calling a corresponding rule according to a specified service or a specified user, finding out corresponding scene information by using a specified data mining algorithm, and making a corresponding protection strategy according to the scene information.
With reference to the second aspect, in a first possible implementation manner of the second aspect, the single digital asset further includes digital asset type information, and the type information is divided into a file data class and a device class.
With reference to the second aspect, in a second possible implementation manner of the second aspect, the associating includes: whether the services have relevance or not or whether the services are the same or not is analyzed, whether the related nodes are on the potential propagation path or not is analyzed, and whether the users are the same or whether a relation chain exists between the users is analyzed.
With reference to the second aspect, in a third possible implementation manner of the second aspect, the designated enterprise personnel can manually register the digital asset according to the management authority.
The invention provides a method and a system for self-adaptive digital asset management, which solve the problem that the existing method for managing digital virtual assets is lacked, can virtualize files, keys, addresses, equipment and transmitted service data in an enterprise network into digital assets for management, and provide a targeted protection strategy, wherein scene mining is introduced, so that enterprise users can manage better.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the embodiments will be briefly described below, and it is obvious for those skilled in the art that other drawings can be obtained according to these drawings without creative efforts.
FIG. 1 is a general flow diagram of the adaptive digital asset management method of the present invention;
fig. 2 is an architecture diagram of the adaptive digital asset management system of the present invention.
Detailed Description
The preferred embodiments of the present invention will be described in detail below with reference to the accompanying drawings so that the advantages and features of the present invention can be more easily understood by those skilled in the art, and the scope of the present invention will be more clearly and clearly defined.
FIG. 1 is a general flow diagram of an adaptive digital asset management method provided herein, the method comprising:
sending an instruction to each node of the designated network, instructing each node to scan a locally stored file, a key stored in a database, an email of a local area network and an IP address of each node, and informing each node of uploading a scanning result in a service transmission gap; the scanning result carries one or a plurality of combinations of node identifiers, file identifiers, database identifiers, network identifiers, email addresses and IP addresses;
analyzing the scanning result, decomposing a plurality of single files, a single key, a single email address and a single IP address contained in the scanning result, respectively virtualizing the single files, the single key, the single email address and the single IP address into single digital assets, and respectively naming the single digital assets by corresponding identifications carried by the scanning result;
summarizing the equipment types and equipment identifications of all nodes, and virtualizing all nodes into single digital assets respectively according to the equipment types and the equipment identifications;
monitoring data packets transmitted by each node in real time, acquiring a data encryption mode by analyzing the data packets, combining the data packets related to each other into a service data packet, virtualizing the service data packet and the encryption mode into a single digital asset respectively, forming a digital asset group by the digital asset of the single service data packet and the single encryption mode digital asset, and attaching a service identifier and an encryption mode identifier;
positioning an appointed network through a base station, acquiring a mobile terminal identifier near the positioning, and sending a confirmation request to the mobile terminal near the positioning, so that a user can confirm whether the mobile terminal is used by related enterprise personnel on a mobile terminal client, and virtualizing the confirmed mobile terminal into a single digital asset;
intensively displaying all digital assets, establishing an incidence relation among the digital assets according to business incidence, user incidence and positioning incidence, monitoring the flow of the digital assets, judging whether the flow direction of the appointed digital assets meets the incidence relation or not, if the flow direction does not meet the incidence relation, determining that the digital assets are abnormal in use, and marking as an abnormal point;
the method comprises the steps that a use range, a use right and a use time period are marked for each digital asset, wherein the use range comprises a position, a flow direction, whether the digital asset can be transmitted to a mobile terminal or not and services which can be supported, the use right comprises the use of only specified personnel and confidentiality, and the use time period comprises the use time and the spare time release of the specified mobile terminal;
monitoring the cooperative use of each digital asset, judging whether the cooperative use of the designated digital asset meets the use range of the related digital asset, if not, identifying that the digital asset is abnormal in use and marking as an abnormal point;
the method comprises the steps of counting type proportion of digital assets in real time, adaptively and dynamically adjusting a management framework according to the type proportion, adopting a centralized management framework when the proportion of the file data class in the digital assets is larger than that of equipment classes, and monitoring the use range of all the digital assets by a central server; when the equipment class example in the digital assets is larger than the file data class, a distributed management architecture is adopted, and each node monitors the use range of all the digital assets respectively;
according to the abnormal points and the pre-and-post association relationship of the abnormal points, forming abnormal tracks, inputting the abnormal points and the pre-and-post association relationship of the abnormal points into a scene mining model, calling corresponding rules according to specified services or specified users, finding out corresponding scene information by using a specified data mining algorithm, and formulating a corresponding protection strategy according to the scene information.
In some preferred embodiments, the single digital asset further comprises digital asset type information, the type information being classified into a file data class and a device class.
In some preferred embodiments, the associating comprises: whether the services have relevance or not or whether the services are the same or not is analyzed, whether the related nodes are on the potential propagation path or not is analyzed, and whether the users are the same or whether a relation chain exists between the users is analyzed.
In some preferred embodiments, designated business personnel are able to manually register the digital assets in accordance with administrative rights.
In some preferred embodiments, after forming the abnormal trajectory, the method further includes: and obtaining risk assessment and defense strategies aiming at different services or different users, and guiding an administrator to carry out targeted risk elimination aiming at the services or the users.
In some preferred embodiments, after forming the abnormal trajectory, the method may further include: the method comprises the following steps of (1) combing out the occurrence context and the attack path of an attack event, specifically:
performing depth correlation analysis and data mining on the collected log information from multiple dimensions of time and space, and establishing a rule base;
comparing the tracing information of the suspected attack with the information in the rule base, constructing a tracing graph by transmitting query and tracing query, and acquiring the occurrence venation and the attack path of the attack event according to the tracing graph.
Fig. 2 is an architecture diagram of an adaptive digital asset management system provided herein, the system comprising: the device comprises a registration unit, a judgment unit, an architecture unit and an analysis unit;
the registration unit is used for issuing an instruction to each node of the designated network, instructing each node to scan a locally stored file, a key stored in a database, an electronic mailbox of a local area network and an IP address of each node, and informing each node of uploading a scanning result in a service transmission interval; the scanning result carries one or a plurality of combinations of node identifiers, file identifiers, database identifiers, network identifiers, email addresses and IP addresses;
analyzing the scanning result, decomposing a plurality of single files, a single key, a single email address and a single IP address contained in the scanning result, respectively virtualizing the single files, the single key, the single email address and the single IP address into single digital assets, and respectively naming the single digital assets by corresponding identifications carried by the scanning result;
summarizing the equipment types and equipment identifications of all nodes, and virtualizing all nodes into single digital assets respectively according to the equipment types and the equipment identifications;
monitoring data packets transmitted by each node in real time, acquiring a data encryption mode by analyzing the data packets, combining the data packets related to each other into a service data packet, virtualizing the service data packet and the encryption mode into a single digital asset respectively, forming a digital asset group by the digital asset of the single service data packet and the single encryption mode digital asset, and attaching a service identifier and an encryption mode identifier;
positioning an appointed network through a base station, acquiring a mobile terminal identifier near the positioning, and sending a confirmation request to the mobile terminal near the positioning, so that a user can confirm whether the mobile terminal is used by related enterprise personnel on a mobile terminal client, and virtualizing the confirmed mobile terminal into a single digital asset;
the judging unit is used for displaying all the digital assets in a centralized manner, establishing an incidence relation among the digital assets according to business association, user association and positioning association, monitoring the flow of the digital assets, judging whether the flow direction of the appointed digital assets meets the incidence relation or not, and if the flow direction does not meet the incidence relation, determining that the digital assets are abnormal in use and marking the digital assets as abnormal points;
the method comprises the steps that a use range, a use right and a use time period are marked for each digital asset, wherein the use range comprises a position, a flow direction, whether the digital asset can be transmitted to a mobile terminal or not and services which can be supported, the use right comprises the use of only specified personnel and confidentiality, and the use time period comprises the use time and the spare time release of the specified mobile terminal;
monitoring the cooperative use of each digital asset, judging whether the cooperative use of the designated digital asset meets the use range of the related digital asset, if not, identifying that the digital asset is abnormal in use and marking as an abnormal point;
the architecture unit is used for counting the type proportion of the digital assets in real time, adaptively and dynamically adjusting the management architecture according to the type proportion, when the data class proportion of the digital assets is greater than that of the equipment class, a centralized management architecture is adopted, and the central server monitors the use range of all the digital assets; when the equipment class example in the digital assets is larger than the file data class, a distributed management architecture is adopted, and each node monitors the use range of all the digital assets respectively;
the analysis unit is used for forming an abnormal track according to the abnormal point and the front-back incidence relation of the abnormal point, inputting the abnormal point and the front-back incidence relation of the abnormal point into a scene mining model, calling a corresponding rule according to a specified service or a specified user, finding out corresponding scene information by using a specified data mining algorithm, and making a corresponding protection strategy according to the scene information.
In some preferred embodiments, the single digital asset further comprises digital asset type information, the type information being classified into a file data class and a device class.
In some preferred embodiments, the associating comprises: whether the services have relevance or not or whether the services are the same or not is analyzed, whether the related nodes are on the potential propagation path or not is analyzed, and whether the users are the same or whether a relation chain exists between the users is analyzed.
In some preferred embodiments, designated business personnel are able to manually register the digital assets in accordance with administrative rights.
In some preferred embodiments, after forming the abnormal trajectory, the method further includes: and obtaining risk assessment and defense strategies aiming at different services or different users, and guiding an administrator to carry out targeted risk elimination aiming at the services or the users.
In some preferred embodiments, after forming the abnormal trajectory, the method may further include: the method comprises the following steps of (1) combing out the occurrence context and the attack path of an attack event, specifically:
performing depth correlation analysis and data mining on the collected log information from multiple dimensions of time and space, and establishing a rule base;
comparing the tracing information of the suspected attack with the information in the rule base, constructing a tracing graph by transmitting query and tracing query, and acquiring the occurrence venation and the attack path of the attack event according to the tracing graph.
In specific implementation, the present invention further provides a computer storage medium, where the computer storage medium may store a program, and the program may include some or all of the steps in the embodiments of the present invention when executed. The storage medium may be a magnetic disk, an optical disk, a read-only memory (ROM) or a Random Access Memory (RAM).
Those skilled in the art will readily appreciate that the techniques of the embodiments of the present invention may be implemented as software plus a required general purpose hardware platform. Based on such understanding, the technical solutions in the embodiments of the present invention may be embodied in the form of a software product, which may be stored in a storage medium, such as a ROM/RAM, a magnetic disk, an optical disk, etc., and includes several instructions for enabling a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the method according to the embodiments or some parts of the embodiments.
The same and similar parts in the various embodiments of the present specification may be referred to each other. In particular, for the embodiments, since they are substantially similar to the method embodiments, the description is simple, and the relevant points can be referred to the description in the method embodiments.
The above-described embodiments of the present invention should not be construed as limiting the scope of the present invention.
Claims (8)
1. An adaptive digital asset management method, the method comprising:
sending an instruction to each node of the designated network, instructing each node to scan a locally stored file, a key stored in a database, an email of a local area network and an IP address of each node, and informing each node of uploading a scanning result in a service transmission gap; the scanning result carries one or a plurality of combinations of node identifiers, file identifiers, database identifiers, network identifiers, email addresses and IP addresses;
analyzing the scanning result, decomposing a plurality of single files, a single key, a single email address and a single IP address contained in the scanning result, respectively virtualizing the single files, the single key, the single email address and the single IP address into single digital assets, and respectively naming the single digital assets by corresponding identifications carried by the scanning result;
summarizing the equipment types and equipment identifications of all nodes, and virtualizing all nodes into single digital assets respectively according to the equipment types and the equipment identifications;
monitoring data packets transmitted by each node in real time, acquiring a data encryption mode by analyzing the data packets, combining the data packets related to each other into a service data packet, virtualizing the service data packet and the encryption mode into a single digital asset respectively, forming a digital asset group by the digital asset of the single service data packet and the single encryption mode digital asset, and attaching a service identifier and an encryption mode identifier;
positioning an appointed network through a base station, acquiring a mobile terminal identifier near the enterprise positioning, and sending a confirmation request to the mobile terminal near the positioning, so that a user can confirm whether the mobile terminal is used by related enterprise personnel on a mobile terminal client, and virtualizing the confirmed mobile terminal into a single digital asset;
intensively displaying all digital assets, establishing an incidence relation among the digital assets according to business incidence, user incidence and positioning incidence, monitoring the flow of the digital assets, judging whether the flow direction of the appointed digital assets meets the incidence relation or not, if the flow direction does not meet the incidence relation, determining that the digital assets are abnormal in use, and marking as an abnormal point;
the method comprises the steps that a use range, a use right and a use time period are marked for each digital asset, wherein the use range comprises a position, a flow direction, whether the digital asset can be transmitted to a mobile terminal or not and services which can be supported, the use right comprises the use of only specified personnel and confidentiality, and the use time period comprises the use time and the spare time release of the specified mobile terminal;
monitoring the cooperative use of each digital asset, judging whether the cooperative use of the designated digital asset meets the use range of the related digital asset, if not, identifying that the digital asset is abnormal in use and marking as an abnormal point;
the method comprises the steps of counting type proportion of digital assets in real time, adaptively and dynamically adjusting a management framework according to the type proportion, adopting a centralized management framework when the proportion of the file data class in the digital assets is larger than that of equipment classes, and monitoring the use range of all the digital assets by a central server; when the equipment class example in the digital assets is larger than the file data class, a distributed management architecture is adopted, and each node monitors the use range of all the digital assets respectively;
according to the abnormal points and the pre-and-post association relationship of the abnormal points, forming abnormal tracks, inputting the abnormal points and the pre-and-post association relationship of the abnormal points into a scene mining model, calling corresponding rules according to specified services or specified users, finding out corresponding scene information by using a specified data mining algorithm, and formulating a corresponding protection strategy according to the scene information.
2. The method of claim 1, wherein: the single digital asset also comprises digital asset type information, and the type information is divided into a file data class and a device class.
3. The method according to any one of claims 1-2, wherein: the associating includes: whether the services have relevance or not or whether the services are the same or not is analyzed, whether the related nodes are on the potential propagation path or not is analyzed, and whether the users are the same or whether a relation chain exists between the users is analyzed.
4. A method according to any one of claims 1-3, characterized in that: designated business personnel can manually register the digital assets in accordance with administrative privileges.
5. An adaptive digital asset management system, characterized in that said system comprises: the device comprises a registration unit, a judgment unit, an architecture unit and an analysis unit;
the registration unit is used for issuing an instruction to each node of the designated network, instructing each node to scan a locally stored file, a key stored in a database, an electronic mailbox of a local area network and an IP address of each node, and informing each node of uploading a scanning result in a service transmission interval; the scanning result carries one or a plurality of combinations of node identifiers, file identifiers, database identifiers, network identifiers, email addresses and IP addresses;
analyzing the scanning result, decomposing a plurality of single files, a single key, a single email address and a single IP address contained in the scanning result, respectively virtualizing the single files, the single key, the single email address and the single IP address into single digital assets, and respectively naming the single digital assets by corresponding identifications carried by the scanning result;
summarizing the equipment types and equipment identifications of all nodes, and virtualizing all nodes into single digital assets respectively according to the equipment types and the equipment identifications;
monitoring data packets transmitted by each node in real time, acquiring a data encryption mode by analyzing the data packets, combining the data packets related to each other into a service data packet, virtualizing the service data packet and the encryption mode into a single digital asset respectively, forming a digital asset group by the digital asset of the single service data packet and the single encryption mode digital asset, and attaching a service identifier and an encryption mode identifier;
positioning an appointed network through a base station, acquiring a mobile terminal identifier near the enterprise positioning, and sending a confirmation request to the mobile terminal near the positioning, so that a user can confirm whether the mobile terminal is used by related enterprise personnel on a mobile terminal client, and virtualizing the confirmed mobile terminal into a single digital asset;
the judging unit is used for displaying all the digital assets in a centralized manner, establishing an incidence relation among the digital assets according to business association, user association and positioning association, monitoring the flow of the digital assets, judging whether the flow direction of the appointed digital assets meets the incidence relation or not, and if the flow direction does not meet the incidence relation, determining that the digital assets are abnormal in use and marking the digital assets as abnormal points;
the method comprises the steps that a use range, a use right and a use time period are marked for each digital asset, wherein the use range comprises a position, a flow direction, whether the digital asset can be transmitted to a mobile terminal or not and services which can be supported, the use right comprises the use of only specified personnel and confidentiality, and the use time period comprises the use time and the spare time release of the specified mobile terminal;
monitoring the cooperative use of each digital asset, judging whether the cooperative use of the designated digital asset meets the use range of the related digital asset, if not, identifying that the digital asset is abnormal in use and marking as an abnormal point;
the architecture unit is used for counting the type proportion of the digital assets in real time, adaptively and dynamically adjusting the management architecture according to the type proportion, when the data class proportion of the digital assets is greater than that of the equipment class, a centralized management architecture is adopted, and the central server monitors the use range of all the digital assets; when the equipment class example in the digital assets is larger than the file data class, a distributed management architecture is adopted, and each node monitors the use range of all the digital assets respectively;
the analysis unit is used for forming an abnormal track according to the abnormal point and the front-back incidence relation of the abnormal point, inputting the abnormal point and the front-back incidence relation of the abnormal point into a scene mining model, calling a corresponding rule according to a specified service or a specified user, finding out corresponding scene information by using a specified data mining algorithm, and making a corresponding protection strategy according to the scene information.
6. The apparatus of claim 5, wherein the single digital asset further comprises digital asset type information, and the type information is divided into a file data class and a device class.
7. The apparatus according to any of claims 5-6, wherein the associating comprises: whether the services have relevance or not or whether the services are the same or not is analyzed, whether the related nodes are on the potential propagation path or not is analyzed, and whether the users are the same or whether a relation chain exists between the users is analyzed.
8. An apparatus as claimed in any one of claims 5 to 7, wherein a designated business person can manually enroll the digital asset in accordance with administrative rights.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010658962.1A CN111885023B (en) | 2020-07-09 | 2020-07-09 | Method and system for self-adaptive digital asset management |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010658962.1A CN111885023B (en) | 2020-07-09 | 2020-07-09 | Method and system for self-adaptive digital asset management |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111885023A true CN111885023A (en) | 2020-11-03 |
| CN111885023B CN111885023B (en) | 2022-11-01 |
Family
ID=73150942
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010658962.1A Active CN111885023B (en) | 2020-07-09 | 2020-07-09 | Method and system for self-adaptive digital asset management |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111885023B (en) |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070266032A1 (en) * | 2004-11-17 | 2007-11-15 | Steven Blumenau | Systems and Methods for Risk Based Information Management |
| US20080256354A1 (en) * | 2005-11-17 | 2008-10-16 | Steven Blumenau | Systems and methods for exception handling |
| US20140040262A1 (en) * | 2012-08-03 | 2014-02-06 | Adobe Systems Incorporated | Techniques for cloud-based similarity searches |
| CN108494797A (en) * | 2018-04-16 | 2018-09-04 | 深信服科技股份有限公司 | Data monitoring and managing method, system, equipment and storage medium based on virtualization technology |
| CN108702360A (en) * | 2016-02-15 | 2018-10-23 | 思科技术公司 | Use the digital asset Preservation tactics of dynamic network attribute |
| CN108932617A (en) * | 2018-07-18 | 2018-12-04 | 深圳汽航院科技有限公司 | A kind of charging pile charge system based on block chain |
| CN109829821A (en) * | 2019-01-16 | 2019-05-31 | 海南新软软件有限公司 | A kind of abnormal processing method of digital asset address transfer, apparatus and system |
| CN110427767A (en) * | 2019-08-08 | 2019-11-08 | 北京阿尔山区块链联盟科技有限公司 | Assets recurrence authorization method and device |
| CN110490514A (en) * | 2019-08-01 | 2019-11-22 | 深圳市珍久库科技有限公司 | A kind of assets digitlization of the intelligent repository based on block chain management and device |
| CN111177275A (en) * | 2020-01-02 | 2020-05-19 | 肖光昱 | Block chain-based management method, terminal, device and storage medium |
-
2020
- 2020-07-09 CN CN202010658962.1A patent/CN111885023B/en active Active
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070266032A1 (en) * | 2004-11-17 | 2007-11-15 | Steven Blumenau | Systems and Methods for Risk Based Information Management |
| US20080256354A1 (en) * | 2005-11-17 | 2008-10-16 | Steven Blumenau | Systems and methods for exception handling |
| US20140040262A1 (en) * | 2012-08-03 | 2014-02-06 | Adobe Systems Incorporated | Techniques for cloud-based similarity searches |
| CN108702360A (en) * | 2016-02-15 | 2018-10-23 | 思科技术公司 | Use the digital asset Preservation tactics of dynamic network attribute |
| CN108494797A (en) * | 2018-04-16 | 2018-09-04 | 深信服科技股份有限公司 | Data monitoring and managing method, system, equipment and storage medium based on virtualization technology |
| CN108932617A (en) * | 2018-07-18 | 2018-12-04 | 深圳汽航院科技有限公司 | A kind of charging pile charge system based on block chain |
| CN109829821A (en) * | 2019-01-16 | 2019-05-31 | 海南新软软件有限公司 | A kind of abnormal processing method of digital asset address transfer, apparatus and system |
| CN110490514A (en) * | 2019-08-01 | 2019-11-22 | 深圳市珍久库科技有限公司 | A kind of assets digitlization of the intelligent repository based on block chain management and device |
| CN110427767A (en) * | 2019-08-08 | 2019-11-08 | 北京阿尔山区块链联盟科技有限公司 | Assets recurrence authorization method and device |
| CN111177275A (en) * | 2020-01-02 | 2020-05-19 | 肖光昱 | Block chain-based management method, terminal, device and storage medium |
Non-Patent Citations (1)
| Title |
|---|
| 李吴松: "试谈数字资产管理技术", 《电脑编程技巧与维护》 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111885023B (en) | 2022-11-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP6736657B2 (en) | A computerized system that securely delivers and exchanges cyber threat information in a standardized format | |
| US11477235B2 (en) | Approaches to creating, managing, and applying a federated database to establish risk posed by third parties | |
| Frincke et al. | A framework for cooperative intrusion detection | |
| US7150044B2 (en) | Secure self-organizing and self-provisioning anomalous event detection systems | |
| Grance et al. | Computer Security Incident Handling Guide:. | |
| US20080263626A1 (en) | Method and system for logging a network communication event | |
| US10348754B2 (en) | Data security incident correlation and dissemination system and method | |
| Savola et al. | Security-measurability-enhancing mechanisms for a distributed adaptive security monitoring system | |
| US20240031396A1 (en) | Predicting cyber risk for assets with limited scan information using machine learning | |
| Rizov | Information sharing for cyber threats | |
| Hossain et al. | Mining accurate message formats for service APIs | |
| KR20200083210A (en) | System and method for vocational aptitude evaluation and employee recuitment based on blockchain | |
| Khan et al. | Towards augmented proactive cyberthreat intelligence | |
| Skopik et al. | Design principles for national cyber security sensor networks: Lessons learned from small-scale demonstrators | |
| CN111885023B (en) | Method and system for self-adaptive digital asset management | |
| Torres | Incident response: How to fight back | |
| Huck et al. | Wake up digital forensics’ community and help combat ransomware | |
| Cheng et al. | Integrated situational awareness for cyber attack detection, analysis, and mitigation | |
| CN111724261B (en) | Multi-user asset virtualization management method and system | |
| Kanstrén et al. | Towards an abstraction layer for security assurance measurements | |
| Kahraman | Evaluating IT security performance with quantifiable metrics | |
| Flynn et al. | Cloud service provider methods for managing insider threats: Analysis phase ii, expanded analysis and recommendations | |
| Husák et al. | Lessons Learned from Automated Sharing of Intrusion Detection Alerts: The Case of the SABU Platform | |
| Derrick et al. | Investigating new approaches to data collection, management and analysis for network intrusion detection | |
| Syed et al. | Fast attack detection using correlation and summarizing of security alerts in grid computing networks |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information |
Address after: 100053 Room 303, 3 / F, 315 guanganmennei street, Xicheng District, Beijing Applicant after: Safety capability ecological aggregation (Beijing) Operation Technology Co.,Ltd. Address before: 100053 Room 303, 3 / F, 315 guanganmennei street, Xicheng District, Beijing Applicant before: Beijing fuyun'an Operation Technology Co.,Ltd. |
|
| CB02 | Change of applicant information | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |