CN111917707A - Grading method, client and system in network security level protection - Google Patents
Grading method, client and system in network security level protection Download PDFInfo
- Publication number
- CN111917707A CN111917707A CN202010481301.6A CN202010481301A CN111917707A CN 111917707 A CN111917707 A CN 111917707A CN 202010481301 A CN202010481301 A CN 202010481301A CN 111917707 A CN111917707 A CN 111917707A
- Authority
- CN
- China
- Prior art keywords
- network
- contact
- information
- security level
- level
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/105—Multiple levels of security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L51/00—User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
- H04L51/04—Real-time or near real-time messaging, e.g. instant messaging [IM]
- H04L51/046—Interoperability with other network applications or services
Abstract
The invention discloses a grading method, a client and a system in network security level protection, and relates to the technical field of network information security. A grading method in network security level protection comprises the following steps: acquiring network equipment information in a network information system associated with a contact; and determining a model based on a preset security level, judging the network security level corresponding to the network information system, setting the level of the contact in the contact list according to the network security level, and adjusting the position of the contact in the contact display interface of the instant messaging tool according to the level of the contact. The invention can combine the contact function of the instant communication tool and display the contact in a grading way according to the network security level, thereby not only facilitating the management and tracking service of the user to the client, but also obviously improving the communication efficiency between the user and the client.
Description
Technical Field
The invention relates to the technical field of network information security, in particular to a grading method, a client and a system in network security level protection.
Background
In the network security and application security industry, security evaluation methods are diversified, and commonly used methods include level protection, penetration testing, vulnerability scanning, baseline checking, risk evaluation and the like, and each method has respective characteristics. The information security level protection is to implement security protection on the national important information, the proprietary information of legal persons and other organizations and citizens, the public information, and the information systems (network devices) for storing, transmitting and processing the information in a grading way, implement management on the information security products used in the information system in a grading way, and implement grading response and treatment on the information security events generated in the information system. For this reason, the state sets up the corresponding management standards and technical standards such as "information system safety level protection evaluation requirements". The assessment of the information system security level protection is to make an assessment of the network devices used by the information system with reference to technical data in the information system security level protection assessment requirement.
The traditional evaluation work of the corresponding network equipment is usually based on manual operation: firstly, manually judging the type of the network equipment, and then correspondingly evaluating the network equipment according to each evaluation index under the corresponding grade required by the grade protection technical standard; and then, manually calculating the data obtained by evaluation, and compiling an equal-protection evaluation report. However, due to the diversity of the models and brands of the procurement network devices of enterprises in different industries and the difference of the quality and professional level of the assessment technicians, the assessment process has great limitations, and the following defects mainly exist: 1) the inspection means is too simple, and the normative of the operation is difficult to ensure, so that the evaluation result is not comprehensive; 2) the time consumption is long, and the evaluation efficiency is low; 3) human assessment errors are prone to risk.
In order to solve the above technical problems, various automatic evaluation methods suitable for equal-security evaluation are proposed in the prior art. Taking the chinese invention application CN201811184819.2 as an example, it discloses an automatic assessment method and system for equal insurance assessment, which can obtain the assessment instruction information sent by the user (the party to be assessed), where the assessment instruction information includes the type of the network device to be assessed and the login information of the network device to be assessed; then, selecting a corresponding evaluation script from a preset evaluation script library according to the type of the network equipment to be tested, logging in the network equipment to be tested to execute the evaluation script, and obtaining evaluation data returned after the evaluation script is executed; and then, analyzing the evaluation data to obtain an evaluation result value, comparing the evaluation result value with a preset evaluation value in a preset evaluation index library to obtain an evaluation result, obtaining a difference value between the evaluation result value and the preset evaluation value, judging whether the difference value meets the requirement, if so, judging that the evaluation is qualified, otherwise, judging that the evaluation is unqualified.
However, the above solution has the following drawbacks: 1) the communication efficiency between a service party providing automatic evaluation service and an evaluation party client is low; 2) the safety protection level of the computer information system is divided into five levels, generally, related items are protected by the second level and the third level, the third level system requires one evaluation check (annual check) every year, and the second level system requires one evaluation check every two years. If the server wants to perform subsequent service on the client of the assessment party, the client of the assessment party needs to be managed and service-tracked, the contact person display mode in a common communication tool is difficult to embody the characteristics of the client of the assessment party, and the service efficiency and the management difficulty of the client of the server are improved.
Disclosure of Invention
The invention aims to provide a grading method, a client and a system in network security level protection, and the invention has the advantages that: the contact person function of the instant messaging tool is combined, contact person grading display is carried out according to the network security level, the user can conveniently manage and track the service for the user, and the communication efficiency between the user and the user is obviously improved.
In order to achieve the above object, the present invention provides the following technical solutions:
a grading method in network security level protection comprises the following steps:
acquiring network equipment information in a network information system associated with a contact;
determining a model based on a preset security level, judging a network security level corresponding to a network information system, and setting the level of a contact in a contact list according to the network security level;
and according to the level of the contact person, adjusting the position of the contact person in the contact person display interface of the instant messaging tool.
Further, according to the network security level, acquiring the required information of a higher network security level in the security level determination model;
and outputting the requirement information as a grade promotion scheme of the network information system.
Further, when the level promotion scheme is output, the required information of higher network security level in the security level determination model is acquired and then compared with the network equipment in the network information system, and the distinguishing information of the network equipment and the network equipment is acquired and output, wherein the distinguishing information comprises the network equipment lacking in the user and/or the network equipment not meeting the requirement.
Further, in the contact list of the user, at least one other contact with a higher network security level is obtained as a promotion object of the contact, and a communication contact relation between the contact and the promotion object is established.
Further, position arrangement is carried out on the contact ITEM on the contact display interface according to the level of the contact, and the contacts with different levels are displayed in different areas of the contact display interface.
And further, acquiring the trigger operation of the user aiming at the contact person, and outputting a communication interaction interface corresponding to the contact person, wherein the network equipment information in the network information system associated with the contact person is displayed in the communication interaction interface.
Further, acquiring communication interactive content of the user and the contact, identifying information of network equipment related to the communication interactive content, identifying the related network equipment on the communication interactive interface, and/or acquiring image, name and model data of the related network equipment for output and display.
The invention also provides a hierarchical client in network security level protection, which comprises the following structure:
the system comprises an initialization module, a security level determination module and a network equipment information processing module, wherein the initialization module is used for setting a security level determination model which is provided with a mapping relation between a network security level and network equipment information;
the information acquisition module is used for acquiring the network equipment information in the network information system related to the contact;
the information processing module is connected with the information acquisition module and the initialization module, determines a model based on a preset security level, judges a network security level corresponding to the network information system, and sets the level of the contact in the contact list according to the network security level;
and the interface display module is used for adjusting the position of the contact person in the contact person display interface of the instant messaging tool according to the level of the contact person.
Further, the information processing module is configured to,
acquiring the required information of higher network security level according to the network security level; and outputting the requirement information as a grade promotion scheme of the network information system.
And when the level promotion scheme is output, acquiring the required information of higher network security level in the security level determination model, comparing the required information with the network equipment in the network information system, acquiring the distinguishing information of the network equipment and the network equipment, and outputting the distinguishing information, wherein the distinguishing information comprises the network equipment which is lacked by the user and/or the network equipment which does not meet the requirement.
The invention also provides a grading system in the network security grade protection, which comprises a user client and a system server,
the user client serves as a user interface and is used for a user to set a security level determination model, and the security level determination model is provided with a mapping relation between a network security level and network equipment information;
the system server is used for collecting network equipment information in a network information system related to a contact of a user, judging a network security level corresponding to the network information system according to the security level determining model, then setting the level of the contact in a contact list according to the network security level, and arranging the position of the contact in a contact display interface of the instant messaging tool according to the level corresponding to the contact.
Due to the adoption of the technical scheme, compared with the prior art, the invention has the following advantages and positive effects as examples: the contact person function of the instant messaging tool is combined, contact person grading display is carried out according to the network security level, the user can conveniently manage and track the service for the user, and the communication efficiency between the user and the user is obviously improved.
Drawings
Fig. 1 is a flowchart of a classification method in network security level protection according to an embodiment of the present invention.
Fig. 2 to fig. 3 are diagrams illustrating an operation example of adjusting a location of a contact according to an embodiment of the present invention.
Fig. 4 is an exemplary diagram of an interface of an output level boost scheme according to an embodiment of the present invention.
Fig. 5 is an exemplary diagram of an interface for establishing a contact group according to an embodiment of the present invention.
Fig. 6 is an exemplary diagram of a communication interaction interface displaying network device information according to an embodiment of the present invention.
Fig. 7 is a schematic structural diagram of a client according to an embodiment of the present invention.
Fig. 8 is a schematic structural diagram of a system according to an embodiment of the present invention.
Description of reference numerals:
the system comprises a user terminal 100, a user avatar 110, a contact list 120, contacts 130, an association identifier 140, a contact display sub-interface 150, a promotion trigger control 160, a group list 170 and contact groups 171;
a promotion scenario display interface 200, a title bar 210;
a communication interactive interface 300, a conversation contact person display area 310, an interactive information input column 320, an interactive information display column 330, an interactive tool column 340 and a network equipment information display column 350;
the client 500, the initialization module 510, the information acquisition module 520, the information processing module 530 and the interface display module 540;
system 600, user client 610, system server 620.
Detailed Description
The hierarchical method, client and system in the network security level protection disclosed by the present invention are further described in detail with reference to the accompanying drawings and specific embodiments. It should be noted that technical features or combinations of technical features described in the following embodiments should not be considered as being isolated, and they may be combined with each other to achieve better technical effects. In the drawings of the embodiments described below, the same reference numerals appearing in the respective drawings denote the same features or components, and may be applied to different embodiments. Thus, once an item is defined in one drawing, it need not be further discussed in subsequent drawings.
It should be noted that the structures, proportions, sizes, and other dimensions shown in the drawings and described in the specification are only for the purpose of understanding and reading the present disclosure, and are not intended to limit the scope of the invention, which is defined by the claims, and any modifications of the structures, changes in the proportions and adjustments of the sizes and other dimensions, should be construed as falling within the scope of the invention unless the function and objectives of the invention are affected. The scope of the preferred embodiments of the present invention includes additional implementations in which functions may be executed out of order from that described or discussed, including substantially concurrently or in reverse order, depending on the functionality involved, as would be understood by those reasonably skilled in the art of the embodiments of the present invention.
Techniques, methods, and apparatus known to those of ordinary skill in the relevant art may not be discussed in detail but are intended to be part of the specification where appropriate. In all examples shown and discussed herein, any particular value should be construed as merely illustrative, and not limiting. Thus, other examples of the exemplary embodiments may have different values.
Examples
Referring to fig. 1, a hierarchical method in network security level protection according to an embodiment of the present invention is shown. The method comprises the following steps:
s100, network equipment information in a network information system associated with the contact is obtained.
And acquiring the network equipment information in the network information system associated with the contact in the contact list.
Referring to fig. 2, a user logs in an instant messenger through a user terminal 100 to establish a connection between an instant messenger client and an instant messenger server. The instant messaging tool outputs a user main interface to the user through the display screen of the user terminal 100, and the user main interface displays the user avatar 110.
The user's home interface may display the contact list 120 and group list information pushed by the instant messaging server (by triggering the group control). By way of example and not limitation, the contact list 120 records the buddy information such as the avatar, nickname, signature, presence, session message, and ranking of the buddy (i.e., contact 130); the group list records group member information such as head images, nicknames, signatures, online states, session messages, and rankings of the groups.
There are a plurality of contacts 130 in the contact list 120, and the contacts 130 include regular contacts and contacts associated with a network information system. For example, but not by way of limitation, the communication object corresponding to the contact is a network manager of an enterprise client of the user, and the user communicates with the network manager to service the enterprise client. The contact corresponding to the network manager may be associated with the network information system of the enterprise to which the contact belongs, and specifically, the contact may be associated with all network devices or part of network devices in the network information system. Preferably, the contact associates network device information managed by the contact, and the network device information includes self attribute information of the network device and login information of the network device. The self attribute information comprises basic information such as equipment name information, equipment image information, equipment model information, equipment service life information, maintenance history information and the like. The login information is identity verification information of the login network equipment and can comprise a login user name and a login password.
The association relationship (or called corresponding relationship) between the contact and the network device in the network information system to which the contact belongs can be set by a user, for example, the user makes a mapping information table of the network management and each network device in the network information system to which the contact belongs and stores the mapping information table in a system server; or by reading a mapping information table of each network device in a network information system and a preset network manager in the associated monitoring system; the contact person can also set a mapping information table of the network management of the contact person and the network equipment of the network information system and upload the mapping information table to the system server so that the user in the system can obtain and use the mapping information table.
For example, but not by way of limitation, the information technology limited company suzhou, an enterprise customer of the user, sets network manager lee four, which is an instant messaging contact "lee four-suzhou information" of the user, and in response to the contact, the user creates a mapping information table of lee four and the network device (the network device managed by lee four) of the network information system to which the user belongs. The information mapping table may further store self attribute information and login information of the network device.
Preferably, for contacts associated with a network device, the contact is distinguished from regular contacts not associated with a network device by setting an association identifier 140 on a contact avatar or ITEM.
S200, determining a model based on a preset security level, judging a network security level corresponding to the network information system, and setting the level of the contact in the contact list according to the network security level.
After the instant messaging server acquires the network equipment information in the network information system associated with the contact, the instant messaging server can determine the network security level corresponding to the network information system to which the contact belongs based on the preset security level determination model, and set the level of the contact in the contact list according to the network security level.
In this embodiment, the network security level may be divided into five levels, which are a first level (user-independent protection level), a second level (system audit protection level), a third level (security label protection level), a fourth level (structured protection level), and a fifth level (access verification protection level). Different levels correspond to different evaluation indexes and evaluation index values. For example, without limitation, the second-level correspondence has 10 evaluation indexes, each evaluation index has a second-level standard value, and when the second-level standard value is reached, the second-level condition is determined to be met; and 5 evaluation indexes are added in the third stage relative to the second stage, including 15 evaluation indexes, wherein the 12 th evaluation index is provided with a third-stage standard value, and the third-stage condition is determined to be met when the third-stage standard value is reached.
And the security level determination model is provided with a mapping relation between the network security level and the network equipment information. The corresponding network equipment information can be obtained according to the network security level, and the corresponding network security level can be obtained according to the existing network equipment information.
Specifically, the safety level determination model is provided with an evaluation script database, an evaluation index database, a test data analysis unit and a level calculation unit.
The evaluation script database is provided with a plurality of evaluation scripts, the evaluation scripts are arranged corresponding to the types of the network equipment, and different types of the network equipment correspond to different evaluation scripts. By way of example and not limitation, the types of network devices may be divided into a broad class: the network devices such as routers, switches, firewalls, computers and the like of different models can be further subdivided into large classes, for example, the small classes can be divided according to the models and the use systems of the network devices. According to the network device type information (including the major class and/or minor class information) in the provided network device information, a matched test script can be obtained in the security level determination model, and then the test script is run on the network device to obtain test data.
The evaluation index database is provided with a plurality of evaluation indexes and standard values of the evaluation indexes, and the network security levels of different levels correspond to different test indexes and test index standard values.
The test data analysis unit can analyze the test data and obtain the evaluation value corresponding to the evaluation data according to a preset evaluation rule. Specifically, the test data analysis unit can judge the conformity between the relevant information and the test indexes after acquiring the information relevant to each evaluation index from the test data based on the preset evaluation index, and score the test data according to the conformity. By way of example and not limitation, for example, the conformity is divided into full conformity, most conformity, substantial conformity, less conformity and full nonconformity, with corresponding scores of 5, 4, 3, 2 and 0, respectively. And the test data relates to the related information of 15 test indexes, wherein 10 test indexes are judged to be basically met, the 10 indexes are divided into 3 points, 2 indexes are judged to be completely met and divided into 5 points, most of the 3 indexes are divided into 4 points, and the evaluation value of the evaluation data is 30+10+12 to 52 points.
The grade calculation unit can compare the evaluation value and the related evaluation index with standard values in the evaluation index database, and judge the corresponding network security grade. For example, but not by way of limitation, if the evaluation value is 52 points, which relate to 15 test indexes, and the evaluation value and the evaluation index meet the third-level network security level standard, the network security level corresponding to the network information system to which the contact belongs is determined to be the third level.
The level of the contacts in the contact list is then set according to the level of the aforementioned network security level, such as to a third level.
And S300, adjusting the position of the contact person in the contact person display interface of the instant messaging tool according to the level of the contact person.
In the contact list of the user, as long as the contact is associated with the network equipment of the network information system, the network security level corresponding to the network information system to which the contact belongs can be judged, and the level of the contact in the contact list is set according to the network security level. Then, according to the level of the contact person, the position of the contact person in the contact person display interface is adjusted. A typical position adjustment manner is, for example, to adjacently set contacts at the same level, and sort all the contacts from large to small according to the level, where the level of a common contact that does not correspond to a network device may be defaulted to level 0.
In a contact list in a current instant messaging main panel, each contact icon of a user corresponds to a rectangular trigger area, and identification information of a corresponding contact object, such as the icons, nicknames, personalized signature files and other information, is presented in the trigger area. The trigger area corresponding to the contact object and all the information in the trigger area are collectively referred to as ITEM of the contact.
Preferably, referring to fig. 3, in the contact display interface of the instant messaging tool, the contact ITEMs are arranged according to the levels of the contacts, and the contacts at different levels are displayed in different areas of the contact display interface. Specifically, for example, 1 or more contact display sub-interfaces 150 may be set in the contact display interface according to the level type of the contact to display the contacts in different levels. In fig. 3, 2 contact display sub-interfaces 150 are provided, the 1 st contact display sub-interface 150 is a contact display area of the third level of rating protection, and the 2 nd contact display sub-interface 150 is a contact display area of the second level of rating protection.
And triggering an ITEM corresponding to the contact by the user, popping up an instant messaging interactive interface on the display screen, and displaying an interactive information display field, an interactive information input field, an information editing toolbar between the interactive information display field and the interactive information input field, and the like in the interface.
In this embodiment, the required information of a higher network security level may also be obtained in the security level determination model according to the network security level; and outputting the requirement information as a grade promotion scheme of the network information system.
Preferably, a lifting trigger control 160 is arranged corresponding to the foregoing level lifting scheme, the lifting trigger control 160 is arranged corresponding to an ITEM of a contact, and when a user triggers the lifting trigger control 160, the corresponding level lifting scheme may be output, as shown in fig. 4.
For example, but not by way of limitation, if the network security level to which the contact belongs is the second level, and the higher capability level thereof is the third level, the requirement information of the third level network security level may be obtained in the security level determination model and output to the second level contact.
Preferably, when the level promotion scheme is output, the required information of higher network security level in the security level determination model is acquired, and then compared with the network device in the network information system, and the difference information between the acquired information and the network device is acquired and output. The distinguishing information includes network devices missing by the user and/or network devices that are not satisfactory. In this way, the user can intuitively know the network equipment needing to be modified and revised conveniently.
Furthermore, the method can also provide a lifting object to the object according to the level of the object, and the lifting object is used for helping the object to carry out level lifting. Specifically, in a contact list of a user, at least one contact with a higher network security level is acquired as an upgrade object of the contact, and a communication contact relationship between the contact and the upgrade object is established. The cued object may be displayed in a contact's level up scheme.
For example, but not by way of limitation, if the contact is the second level, the contact information of the contact list of the user belonging to the third level may be obtained, one or more contacts may be selected from the contact information as the promotion object of the contact, and the contact relationship between the contact and the promotion object is established, so as to help the contact to perform level promotion. In particular, based on the aforementioned contact level elevation, the elevated object at a higher level may be reselected to assist the contact.
In a typical embodiment, the communication contact relationship of the contact and the promoted object is established by establishing a contact group (chat group) comprising the user, the contact and the promoted object. Specifically, referring to fig. 5, a contact group 171 is added to the group list 170 of the user, and the contact group 171 is a level protection rectification group, which includes contacts and promotion objects selected for the contacts. Further, when the promotion object is selected, the promotion object is selected according to the industry type, the product or service type and the like of the unit to which the contact belongs, and the industry and the product or service type to which the promotion object belongs are the same as or similar to those of the contact. Meanwhile, geographical position information can be considered, and units with shorter distances are better than units with longer distances.
Further, based on the established contact group, a corresponding group communication interaction interface can be output so that the user can perform information interaction. The group communication interactive interface is an interactive group at least having an instant communication interactive function. And the corresponding group communication interaction interface can display the information of the network equipment of the information system related to the contact and the promotion object. When the network equipment information is displayed, the corresponding network equipment information can be displayed aiming at different contact person partitions. Other functions of the group application of the group communication interactive interface can refer to communication group functions in the prior art, and are not described herein again.
In another implementation manner of this embodiment, a trigger operation of a user for the contact may also be collected, and a communication interaction interface corresponding to the contact is output, where network device information in a network information system associated with the contact is displayed in the communication interaction interface.
The communication interactive interface is used for displaying historical interactive information, current interactive information and the like. Taking the instant messaging tool QQ as an example, when the user triggers the avatar of the contact Mary associated with the network device in the contact list, the display screen pops up the communication interaction interface 300 corresponding to the contact, as shown in fig. 6, in which a conversation contact display area 310, an interaction information input field 320, an interaction information display field 330 and an interaction toolbar 340 are displayed.
In this embodiment, the communication interface 300 further includes a network device information display bar 350. The network device information display bar 350 displays a plurality of pieces of network device information of the contact. Specifically, a part of the network devices such as a contact person responsible for management may include a three-layer switch, and 3 two-layer switches, a personal computer, a notebook, a printer, a camera, and the like corresponding to the office area, the finance area, and the server area.
Preferably, in the network device information display section 350, in order to facilitate a user to intuitively know the location layout of the network devices and the management device of the contact, the connection relationships of the plurality of network devices are displayed in a tree structure, and the name, model, connection relationship, and the like of each network device are briefly described.
In another implementation manner of this embodiment, the communication interactive content may also be identified, and the identifier of the network device involved in the chat information between the user and the contact in the communication interactive interface is obtained, so that the user and the contact can view the information of the network device in question intuitively. Specifically, the communication interactive content of the user and the contact is acquired, the information of the network equipment involved in the communication interactive content is identified, the involved network equipment is identified on the communication interactive interface, and/or the image, name and model data of the involved network equipment are acquired and output for display.
The invention further provides a hierarchical client in the network security level protection.
The client 500 includes an initialization module 510, an information collection module 520, an information processing module 530, and an interface display module 540.
The initialization module 510 is configured to set a security level determination model, where the security level determination model is provided with a mapping relationship between a network security level and network device information.
The information collecting module 520 is configured to obtain network device information in the network information system associated with the contact.
The information processing module 530 is connected with the information acquisition module and the initialization module, determines a network security level corresponding to the network information system based on a preset security level determination model, and sets the level of the contact in the contact list according to the network security level.
The interface display module 540 is configured to adjust the position of the contact in the contact display interface of the instant messaging tool according to the level of the contact.
In this embodiment, the information processing module 530 is further configured to: acquiring the required information of higher network security level according to the network security level; outputting the requirement information as a grade promotion scheme of the network information system; and when the level promotion scheme is output, acquiring the required information of higher network security level in the security level determination model, comparing the required information with the network equipment in the network information system, acquiring the distinguishing information of the network equipment and the network equipment, and outputting the distinguishing information, wherein the distinguishing information comprises the network equipment which is lacked by the user and/or the network equipment which does not meet the requirement.
Further, the information processing module 530 is further configured to: in a contact list of a user, at least one contact with a higher network security level is acquired as a promotion object of the contact, and a communication contact relation between the contact and the promotion object is established.
Other technical features are referred to in the previous embodiments and are not described herein.
Referring to fig. 8, a hierarchical system in network security level protection is further provided as another embodiment of the present invention.
The system 600 includes a user client 610 and a system server 620.
The user client 610 serves as a user interface for a user to set a security level determination model, and the security level determination model is provided with a mapping relationship between a network security level and network device information.
The system server 620 is configured to collect network device information in a network information system associated with a contact of a user, determine a network security level corresponding to the network information system according to the security level determination model, set a level of the contact in a contact list according to the network security level, and adjust a position of the contact in a contact display interface of the instant messaging tool according to the level corresponding to the contact.
In this embodiment, the system server 620 is further configured to: acquiring the required information of higher network security level according to the network security level; outputting the requirement information as a grade promotion scheme of the network information system; and when the level promotion scheme is output, acquiring the required information of higher network security level in the security level determination model, comparing the required information with the network equipment in the network information system, acquiring the distinguishing information of the network equipment and the network equipment, and outputting the distinguishing information, wherein the distinguishing information comprises the network equipment which is lacked by the user and/or the network equipment which does not meet the requirement.
Further, the system server 620 is further configured to: in a contact list of a user, at least one contact with a higher network security level is acquired as a promotion object of the contact, and a communication contact relation between the contact and the promotion object is established.
Other technical features are referred to in the previous embodiments and are not described herein.
In the foregoing description, the disclosure of the present invention is not intended to limit itself to these aspects. Rather, the various components may be selectively and operatively combined in any number within the intended scope of the present disclosure. In addition, terms like "comprising," "including," and "having" should be interpreted as inclusive or open-ended, rather than exclusive or closed-ended, by default, unless explicitly defined to the contrary. All technical, scientific, or other terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs unless defined otherwise. Common terms found in dictionaries should not be interpreted too ideally or too realistically in the context of related art documents unless the present disclosure expressly limits them to that. Any changes and modifications of the present invention based on the above disclosure will be within the scope of the appended claims.
Claims (10)
1. A grading method in network security level protection is characterized by comprising the following steps: acquiring network equipment information in a network information system associated with a contact;
determining a model based on a preset security level, judging a network security level corresponding to a network information system, and setting the level of a contact in a contact list according to the network security level;
and according to the level of the contact person, adjusting the position of the contact person in the contact person display interface of the instant messaging tool.
2. The classification method according to claim 1, characterized in that: according to the network security level, acquiring the required information of a higher network security level in a security level determination model;
and outputting the requirement information as a grade promotion scheme of the network information system.
3. The classification method according to claim 2, characterized in that: and when the level promotion scheme is output, acquiring the requirement information of higher network security level in the security level determination model, comparing the requirement information with the network equipment in the network information system, acquiring the difference information of the requirement information and the network equipment and outputting the difference information, wherein the difference information comprises the network equipment which is lacked by the user and/or the network equipment which does not meet the requirement.
4. The classification method according to claim 2, characterized in that: in a contact list of a user, at least one contact with a higher network security level is acquired as a promotion object of the contact, and a communication contact relation between the contact and the promotion object is established.
5. The classification method according to claim 1, characterized in that: and in the contact person display interface, carrying out position arrangement on the contact person ITEM according to the level of the contact person, wherein the contact persons with different levels are displayed in different areas of the contact person display interface.
6. The classification method according to claim 1, characterized in that: and acquiring the trigger operation of a user aiming at the contact person, and outputting a communication interaction interface corresponding to the contact person, wherein the network equipment information in the network information system associated with the contact person is displayed in the communication interaction interface.
7. The classification method according to claim 6, characterized in that: acquiring the communication interactive content of the user and the contact, identifying the information of the network equipment related in the communication interactive content, identifying the related network equipment on the communication interactive interface, and/or acquiring the image, name and model data of the related network equipment for output and display.
8. A hierarchical client in network security level protection, comprising:
the system comprises an initialization module, a security level determination module and a network equipment information processing module, wherein the initialization module is used for setting a security level determination model which is provided with a mapping relation between a network security level and network equipment information;
the information acquisition module is used for acquiring the network equipment information in the network information system related to the contact;
the information processing module is connected with the information acquisition module and the initialization module, determines a model based on a preset security level, judges a network security level corresponding to the network information system, and sets the level of the contact in the contact list according to the network security level;
and the interface display module is used for adjusting the position of the contact person in the contact person display interface of the instant messaging tool according to the level of the contact person.
9. The hierarchical client of claim 8, wherein: the information processing module is configured to,
acquiring the required information of higher network security level according to the network security level; outputting the requirement information as a grade promotion scheme of the network information system;
and when the level promotion scheme is output, acquiring the required information of higher network security level in the security level determination model, comparing the required information with the network equipment in the network information system, acquiring the distinguishing information of the network equipment and the network equipment, and outputting the distinguishing information, wherein the distinguishing information comprises the network equipment lacking in the user and/or the network equipment not meeting the requirement.
10. A hierarchical system in network security level protection, characterized by: comprises a user client and a system server,
the user client serves as a user interface and is used for a user to set a security level determination model, and the security level determination model is provided with a mapping relation between a network security level and network equipment information;
the system server is used for collecting network equipment information in a network information system related to a contact of a user, judging a network security level corresponding to the network information system according to the security level determining model, then setting the level of the contact in a contact list according to the network security level, and adjusting the position of the contact in a contact display interface of the instant messaging tool according to the level corresponding to the contact.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010481301.6A CN111917707B (en) | 2020-05-31 | 2020-05-31 | Grading method, client and system in network security level protection |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010481301.6A CN111917707B (en) | 2020-05-31 | 2020-05-31 | Grading method, client and system in network security level protection |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111917707A true CN111917707A (en) | 2020-11-10 |
| CN111917707B CN111917707B (en) | 2023-04-28 |
Family
ID=73237629
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010481301.6A Active CN111917707B (en) | 2020-05-31 | 2020-05-31 | Grading method, client and system in network security level protection |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111917707B (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112866088A (en) * | 2021-01-19 | 2021-05-28 | 北京秒针人工智能科技有限公司 | User portrait method and system in instant communication application |
| CN113645122A (en) * | 2021-08-02 | 2021-11-12 | 深圳派富知识产权投资咨询有限公司 | Innovative data monitoring method, client and system |
| CN113656122A (en) * | 2021-07-28 | 2021-11-16 | 上海纽盾科技股份有限公司 | Information screening method, device and system for equal protection evaluation |
| CN113724072A (en) * | 2021-09-08 | 2021-11-30 | 中国农业银行股份有限公司 | Interface risk prevention and control method and device |
| CN114301822A (en) * | 2021-12-28 | 2022-04-08 | 杭州安恒信息技术股份有限公司 | Evaluation method, device, equipment and medium for network equipment |
| CN115766138A (en) * | 2022-11-03 | 2023-03-07 | 国家工业信息安全发展研究中心 | Industrial internet enterprise network security grading evaluation method and system |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070082705A1 (en) * | 2005-07-25 | 2007-04-12 | Mediatek Inc. | Mobile communication apparatus having anti-theft and auto-notification functions |
| CN103188299A (en) * | 2011-12-29 | 2013-07-03 | 宇龙计算机通信科技(深圳)有限公司 | Memorandum method of information of contact person in communication terminal and server |
| CN106210233A (en) * | 2016-07-25 | 2016-12-07 | 上海创功通讯技术有限公司 | A kind of terminal called book management method and device |
| CN106412217A (en) * | 2015-07-31 | 2017-02-15 | 宇龙计算机通信科技(深圳)有限公司 | Contact information management method and apparatus, and terminal |
| CN107528933A (en) * | 2017-09-18 | 2017-12-29 | 上海量明科技发展有限公司 | Display methods, device and the JICQ of communication contact person |
| CN108989306A (en) * | 2018-07-12 | 2018-12-11 | 王振达 | A kind of mobile terminal safety managing and control system and implementation method |
| CN111131338A (en) * | 2020-04-01 | 2020-05-08 | 深圳市云盾科技有限公司 | Method and system for detecting safety of Internet of things at perception situation and storage medium |
-
2020
- 2020-05-31 CN CN202010481301.6A patent/CN111917707B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070082705A1 (en) * | 2005-07-25 | 2007-04-12 | Mediatek Inc. | Mobile communication apparatus having anti-theft and auto-notification functions |
| CN103188299A (en) * | 2011-12-29 | 2013-07-03 | 宇龙计算机通信科技(深圳)有限公司 | Memorandum method of information of contact person in communication terminal and server |
| CN106412217A (en) * | 2015-07-31 | 2017-02-15 | 宇龙计算机通信科技(深圳)有限公司 | Contact information management method and apparatus, and terminal |
| CN106210233A (en) * | 2016-07-25 | 2016-12-07 | 上海创功通讯技术有限公司 | A kind of terminal called book management method and device |
| CN107528933A (en) * | 2017-09-18 | 2017-12-29 | 上海量明科技发展有限公司 | Display methods, device and the JICQ of communication contact person |
| CN108989306A (en) * | 2018-07-12 | 2018-12-11 | 王振达 | A kind of mobile terminal safety managing and control system and implementation method |
| CN111131338A (en) * | 2020-04-01 | 2020-05-08 | 深圳市云盾科技有限公司 | Method and system for detecting safety of Internet of things at perception situation and storage medium |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112866088A (en) * | 2021-01-19 | 2021-05-28 | 北京秒针人工智能科技有限公司 | User portrait method and system in instant communication application |
| CN113656122A (en) * | 2021-07-28 | 2021-11-16 | 上海纽盾科技股份有限公司 | Information screening method, device and system for equal protection evaluation |
| CN113656122B (en) * | 2021-07-28 | 2023-05-16 | 上海纽盾科技股份有限公司 | Information screening method, device and system for equal-protection assessment |
| CN113645122A (en) * | 2021-08-02 | 2021-11-12 | 深圳派富知识产权投资咨询有限公司 | Innovative data monitoring method, client and system |
| CN113724072A (en) * | 2021-09-08 | 2021-11-30 | 中国农业银行股份有限公司 | Interface risk prevention and control method and device |
| CN114301822A (en) * | 2021-12-28 | 2022-04-08 | 杭州安恒信息技术股份有限公司 | Evaluation method, device, equipment and medium for network equipment |
| CN115766138A (en) * | 2022-11-03 | 2023-03-07 | 国家工业信息安全发展研究中心 | Industrial internet enterprise network security grading evaluation method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111917707B (en) | 2023-04-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111917707A (en) | Grading method, client and system in network security level protection | |
| CN112152871B (en) | Artificial intelligence test method, device and system for network security equipment | |
| CN112152838B (en) | Intelligent supervision method, device and system of network security equipment | |
| CN111835585B (en) | Inspection method and device for Internet of things equipment, computer equipment and storage medium | |
| CN112134785B (en) | Information processing method, client and system in network security level protection | |
| CN112134786B (en) | Contact person establishing method, client and system in network security level protection | |
| CN112134787A (en) | Communication method, client and system in network security level protection | |
| CN102323873B (en) | In order to trigger the method and system that icon is replied in instant messaging | |
| CN111934976A (en) | Network security monitoring method, client and system based on instant messaging | |
| CN112152837A (en) | Method, device and system for realizing intelligent supervision of network security equipment | |
| CN113656123B (en) | Information evaluation method, device and system for equal-protection evaluation | |
| CN112131057A (en) | AI test method, client and system of network security equipment | |
| CN113055390A (en) | Intelligent processing method and device for information in network security level protection | |
| CN110570097A (en) | business personnel risk identification method and device based on big data and storage medium | |
| CN113656122B (en) | Information screening method, device and system for equal-protection assessment | |
| US20160188676A1 (en) | Collaboration system for network management | |
| CN107908525A (en) | Alert processing method, equipment and readable storage medium storing program for executing | |
| CN114866434B (en) | Network asset security assessment method and application | |
| CN113645122A (en) | Innovative data monitoring method, client and system | |
| CN114564405A (en) | Test case checking method and system based on log monitoring | |
| CN114896629A (en) | Network information safety online monitoring and early warning management system based on big data analysis | |
| CN107765123A (en) | Detected rule update method and Electrical Safety monitoring system | |
| CN113411199A (en) | Safety test method and system for intelligent equal-protection evaluation | |
| CN114866269B (en) | Network security monitoring method, system and application | |
| CN114860121B (en) | Information matching method and application in network security level protection |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information |
Address after: 200441 11th floor, No.2, Lane 99, Changjiang South Road, Baoshan District, Shanghai Applicant after: SHANGHAI NIUDUN TECHNOLOGY Co.,Ltd. Address before: Floor 11, building A5, Lane 1688, Guoquan North Road, Yangpu District, Shanghai, 200433 Applicant before: SHANGHAI NIUDUN TECHNOLOGY Co.,Ltd. |
|
| CB02 | Change of applicant information | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |