CN112749376A - Dynamic desensitization method for relational database - Google Patents

Dynamic desensitization method for relational database Download PDF

Info

Publication number
CN112749376A
CN112749376A CN202110246191.XA CN202110246191A CN112749376A CN 112749376 A CN112749376 A CN 112749376A CN 202110246191 A CN202110246191 A CN 202110246191A CN 112749376 A CN112749376 A CN 112749376A
Authority
CN
China
Prior art keywords
data
client
database
sensitive
sensitive data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110246191.XA
Other languages
Chinese (zh)
Other versions
CN112749376B (en
Inventor
张黎
李蓓蓓
陈广辉
刘维炜
杨大志
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Flash It Co ltd
Original Assignee
Flash It Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Flash It Co ltd filed Critical Flash It Co ltd
Priority to CN202110246191.XA priority Critical patent/CN112749376B/en
Publication of CN112749376A publication Critical patent/CN112749376A/en
Application granted granted Critical
Publication of CN112749376B publication Critical patent/CN112749376B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/28Databases characterised by their database models, e.g. relational or object models
    • G06F16/284Relational databases
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Data Mining & Analysis (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Storage Device Security (AREA)

Abstract

A dynamic desensitization method of a relational database belongs to the technical field of data processing, and comprises the following steps: and step S01, the database receives the login request of the client and verifies the login request, if the verification is correct, the step S02 is executed, and if not, the step S01 is repeated. Step S02, after the database receives the request of the client for applying for consulting, the database obtains the consulting authority of the client, obtains the data needed by the client according to the data type, sequentially identifies the sensitive data of the data needed by the client outside the consulting authority according to the data type, sends the data needed by the client to the client if no sensitive data is identified, and executes the step S03 if the sensitive data is not identified. In step S03, the database rewrites SQL statements of the data required by each type of client containing sensitive data in turn by desensitization rules. In step S04, the database sends the data required by the client in which the sensitive data is hidden to the client. The invention can desensitize any type of sensitive data in real time, and has strong flexibility and high security of the sensitive data.

Description

Dynamic desensitization method for relational database
Technical Field
The invention belongs to the technical field of data processing, and particularly relates to a dynamic desensitization method of a relational database.
Background
Nowadays, the internet has increasingly tight living relations with people, and the requirement on privacy protection is higher and higher. When data is acquired, personal privacy information and some sensitive data such as names, addresses, certificate numbers, addresses, contact information and the like are involved, and desensitization processing is carried out to ensure the safety protection of privacy.
For example, inventive patent application publication No. CN111931240A, published 2020, 11/13, entitled database desensitization method for protecting sensitive privacy data discloses a database desensitization method for protecting sensitive privacy data, comprising the steps of: the method comprises the following steps: a user logs in a data extraction system and carries out identity authentication on the user; step two: the user performs data extraction after the system is logged in through verification to obtain required data; step three: performing data discovery processing on the extracted data, identifying the type of sensitive data in the data, and recording the storage position of the sensitive data; step four: when the data is found to be sensitive data, carrying out desensitization treatment on the data; step five: carrying out data comparison on the desensitized data and the original data to judge whether the data meet the expected requirements after desensitization; step six: and generating the desensitized data which is judged to be expected to the display terminal of the user for displaying. The invention can better desensitize the sensitive private data and meet different use requirements of users, but different programs are required to be set for different types of data, and the flexibility is poor.
Disclosure of Invention
The invention solves the problems of poor flexibility because different programs are required to be set for data desensitization of different types in the prior art, and provides a dynamic desensitization method of a relational database, which can desensitize any type of sensitive data in real time and has strong flexibility.
In order to achieve the above purpose, the invention is realized by the following technical scheme:
a method of dynamic desensitization of a relational database, the method comprising:
step S01, the database receives the login request of the client and verifies the login request, if the verification is correct, the step S02 is executed, otherwise, the step S01 is repeated;
step S02, after receiving a request for applying for reference by a client, a database acquires the viewing authority of the client, acquires data required by the client according to data types, sequentially identifies sensitive data of the data required by the client outside the viewing authority according to the data types, sends the data required by the client to the client if no sensitive data is identified, and executes step S03 if no sensitive data is identified;
step S03, the database rewrites SQL sentences of the data needed by each type of client containing sensitive data in turn through desensitization rules, and the sensitive data are hidden;
in step S04, the database sends the data required by the client in which the sensitive data is hidden to the client.
When the database data is acquired, the database can be accessed only after the login request is verified to be correct, and the security of the database is ensured. Different clients have different viewing permissions, so that the different clients can be guaranteed to avoid sensitive data leakage under the condition of acquiring required data, and privacy safety is guaranteed. The SQL statements of the data required by the client side of each type containing the sensitive data are rewritten in sequence through desensitization rules, the operation is flexible, classification desensitization on the sensitive data is not needed, and real-time desensitization can be performed on different viewing authorities quickly and well through classification sequential desensitization.
Preferably, the step S01 of receiving, by the database, the login of the client specifically includes:
step S11, the database carries out login verification on the client account and the client password in the login request;
and step S12, comparing the client account and the client password in the login request with the client account and the client password in the database by the database, accumulating and counting the number of comparison in comparison, if the client account and the client password in the login request are the client account and the client password in the database and the accumulated number is less than or equal to the preset number, the login is successful, otherwise, the login verification cannot be performed within the preset time.
The setting enhances the safety of the client during login and avoids the information leakage of the database.
Preferably, the step S04 further includes: and the database stores the data required by the client hiding the sensitive data in the database and marks the account number of the client.
Preferably, when the database compares the client account and the client password in the login request with the client account and the client password in the database, if the database has data marking the client account, the database compares the data marking the client account with the data required by the client after acquiring the data required by the client and the viewing permission of the client; if the data required by the client is less than the data marked with the client account, removing redundant data in the data marked with the client account and then sending the data to the client; if the data required by the client is the same as the data marked with the client account, sending the data marked with the client account to the client; if the data required by the client is more than the data for marking the client account, acquiring additional data outside the data for marking the client account, sequentially identifying sensitive data of the additional data outside the viewing permission according to the data type, sending the additional data and the data for marking the client account to the client when the sensitive data are not identified, executing the step S03 when the sensitive data are available, and then sending the additional data hiding the sensitive data and the data for marking the client account to the client.
By the arrangement, the quantity of the required query and desensitization is reduced when the same client logs in repeatedly, the information acquisition speed is increased, and repeated processing is avoided.
Preferably, the step S02 of obtaining the data required by the client according to the type specifically includes: the database calls data required by the client according to a request which is applied and consulted by the client, and then forms a data table by the called data according to data types, wherein each column is a data type.
Forming a data table facilitates desensitization and client viewing.
Preferably, the step S02 sequentially identifying, according to the data type, the sensitive data of the data required by the client outside the viewing right specifically includes: and the database compares the data of each column with the data outside the viewing authority in the database according to the data of each column in the data table, if the data of one column is outside the viewing authority, the column is marked, and otherwise, the data of each column is marked after the sensitive data outside the viewing authority.
This arrangement facilitates rapid location of sensitive data during desensitization.
Preferably, the step S03 specifically includes: and the database rewrites the sensitive data marked in the SQL statement and notes the position in the data table through a desensitization rule to hide the sensitive data.
This arrangement increases the desensitization speed and reduces the time for the database to process data.
Preferably, the desensitization rule includes replacing sensitive data in the SQL statement with a specific character and overwriting a specific schema of the corresponding sensitive data with a specific schema.
Preferably, the step S03 further includes: and sequentially identifying the data required by the client after rewriting the SQL statements again according to the data types, executing the step S04 after identifying that the sensitive data is not beyond the viewing authority, and rewriting the SQL statements of the data required by the client containing the sensitive data by the database through desensitization rules otherwise.
Therefore, omission is prevented when the SQL statement is rewritten, confirmation is carried out, and sensitive data omission is effectively avoided.
Preferably, the SQL statement sent in step S04 and hiding the data required by the client of the sensitive data is encrypted.
Therefore, the SQL statement is irreversibly rewritten, and sensitive data leakage is prevented.
The invention has the advantages that:
(1) when the database data is acquired, the database data is required to be logged in first, and the database can be accessed only after the login request is verified to be correct, the verification times are limited, and the confidentiality of the database is ensured.
(2) The database stores the data needed by the client with hidden sensitive data in the database, marks the account number of the client, and directly obtains the data according to the data needed by the client when the client logs in next time, so as to remove the data or add the data. Therefore, when the same client logs in repeatedly, the quantity of the information to be inquired and desensitized is reduced, the information acquisition speed is increased, and repeated processing is avoided.
(3) Different clients have different viewing permissions, so that the different clients can be guaranteed to avoid sensitive data leakage under the condition of acquiring required data, and privacy safety is guaranteed.
(4) The SQL statements of the data required by the client side of each type containing the sensitive data are rewritten in sequence through desensitization rules, the operation is flexible, classification desensitization on the sensitive data is not needed, and real-time desensitization can be performed on different viewing authorities quickly and well through classification sequential desensitization.
Drawings
FIG. 1 is a flow chart of a method for dynamic desensitization of a relational database according to the present invention.
Detailed Description
The following are specific embodiments of the present invention and are further described with reference to the drawings, but the present invention is not limited to these embodiments.
As shown in fig. 1, to achieve the above object, the present invention is implemented by the following technical solutions:
a method of dynamic desensitization of a relational database, the method comprising:
and step S01, the database receives the login request of the client and verifies the login request, if the verification is correct, the step S02 is executed, and if not, the step S01 is repeated.
The step S01 of the database receiving the login of the client specifically includes:
in step S11, the database performs login verification on the client account and the client password in the login request.
And step S12, comparing the client account and the client password in the login request with the client account and the client password in the database by the database, accumulating and counting the number of comparison in comparison, if the client account and the client password in the login request are the client account and the client password in the database and the accumulated number is less than or equal to the preset number, the login is successful, otherwise, the login verification cannot be performed within the preset time.
The preset times are three times, and the preset time is 12 hours. The setting enhances the safety of the client during login and avoids the information leakage of the database. And when the account number and the password are input, once the time difference between the first character and the last character is input is larger than the preset time difference, the user cannot log in the database. The setting enhances the safety of the client during login and avoids the information leakage of the database.
Step S02, after the database receives the request of the client for applying for consulting, the database obtains the consulting authority of the client, obtains the data needed by the client according to the data type, sequentially identifies the sensitive data of the data needed by the client outside the consulting authority according to the data type, sends the data needed by the client to the client if no sensitive data is identified, and executes the step S03 if the sensitive data is not identified.
The obtaining of the data required by the client according to the type specifically includes: the database calls data required by the client according to a request which is applied and consulted by the client, and then forms a data table by the called data according to data types, wherein each column is a data type.
Identifying sensitive data of the data required by the client outside the viewing permission in sequence according to the data types specifically comprises the following steps: and the database compares the data of each column with the data outside the viewing authority in the database according to the data of each column in the data table, if the data of one column is outside the viewing authority, the column is marked, and otherwise, the data of each column is marked after the sensitive data outside the viewing authority. This arrangement facilitates rapid location of sensitive data during desensitization.
And step S03, the database rewrites SQL statements of the data required by each type of client containing the sensitive data in sequence through desensitization rules, and the sensitive data are hidden. Specifically, the database overwrites the sensitive data marked in the SQL statement and notes the position in the data table by the desensitization rule, hiding the sensitive data. This arrangement increases the desensitization speed and reduces the time for the database to process data.
The desensitization rule includes replacing sensitive data in the SQL statement with a specific character and overwriting a specific schema of the corresponding sensitive data with the specific schema. Specifically, the SQL statement: select id, name from student. Desensitization rules: table: student, column: name, desensitization algorithm: mask. Sentence parsing structure: columns, id, name; tables is student; matching the name with the name of the student through an algorithm, rewriting the name into a mask (name) as name, and finally outputting a statement: select id, mask (name) as name from student.
Preferably, the step S03 further includes: and sequentially identifying the data required by the client after rewriting the SQL statements again according to the data types, executing the step S04 after identifying that the sensitive data is not beyond the viewing authority, and rewriting the SQL statements of the data required by the client containing the sensitive data by the database through desensitization rules otherwise. Therefore, omission is prevented when the SQL statement is rewritten, confirmation is carried out, and sensitive data omission is effectively avoided.
In step S04, the database sends the data required by the client in which the sensitive data is hidden to the client. And the transmitted SQL statement of the data required by the client hiding the sensitive data is encrypted. Therefore, the SQL statement is irreversibly rewritten, and sensitive data leakage is prevented.
Step S04 further includes: and the database stores the data required by the client hiding the sensitive data in the database and marks the account number of the client. Preferably, when the database compares the client account and the client password in the login request with the client account and the client password in the database, if the data marked with the client account exists in the database, the data marked with the client account is compared with the data required by the client after acquiring the data required by the client and the viewing permission of the client. And if the data required by the client is less than the data marked with the client account, removing redundant data in the data marked with the client account and then sending the data to the client. And if the data required by the client is the same as the data marked with the client account, sending the data marked with the client account to the client. If the data required by the client is more than the data for marking the client account, acquiring additional data outside the data for marking the client account, sequentially identifying sensitive data of the additional data outside the viewing permission according to the data type, sending the additional data and the data for marking the client account to the client when the sensitive data are not identified, executing the step S03 when the sensitive data are available, and then sending the additional data hiding the sensitive data and the data for marking the client account to the client.
By the arrangement, the quantity of the required query and desensitization is reduced when the same client logs in repeatedly, the information acquisition speed is increased, and repeated processing is avoided.
When the database data is acquired, the database can be accessed only after the login request is verified to be correct, and the security of the database is ensured. Different clients have different viewing permissions, so that the different clients can be guaranteed to avoid sensitive data leakage under the condition of acquiring required data, and privacy safety is guaranteed. The SQL statements of the data required by the client side of each type containing the sensitive data are rewritten in sequence through desensitization rules, the operation is flexible, classification desensitization on the sensitive data is not needed, and real-time desensitization can be performed on different viewing authorities quickly and well through classification sequential desensitization.
The specific embodiments described herein are merely illustrative of the spirit of the invention. Various modifications or additions may be made to the described embodiments or alternatives may be employed by those skilled in the art without departing from the spirit or ambit of the invention as defined in the appended claims.

Claims (10)

1. A method for dynamic desensitization of a relational database, the method comprising:
step S01, the database receives the login request of the client and verifies the login request, if the verification is correct, the step S02 is executed, otherwise, the step S01 is repeated;
step S02, after receiving a request for applying for reference by a client, a database acquires the viewing authority of the client, acquires data required by the client according to data types, sequentially identifies sensitive data of the data required by the client outside the viewing authority according to the data types, sends the data required by the client to the client if no sensitive data is identified, and executes step S03 if no sensitive data is identified;
step S03, the database rewrites SQL sentences of the data needed by each type of client containing sensitive data in turn through desensitization rules, and the sensitive data are hidden;
in step S04, the database sends the data required by the client in which the sensitive data is hidden to the client.
2. The method for dynamic desensitization of relational databases according to claim 1, wherein the step S01 of accepting the login of the client specifically comprises:
step S11, the database carries out login verification on the client account and the client password in the login request;
and step S12, comparing the client account and the client password in the login request with the client account and the client password in the database by the database, accumulating and counting the number of comparison in comparison, if the client account and the client password in the login request are the client account and the client password in the database and the accumulated number is less than or equal to the preset number, the login is successful, otherwise, the login verification cannot be performed within the preset time.
3. The method for dynamic desensitization of relational databases according to claim 2, wherein said step S04 further comprises: and the database stores the data required by the client hiding the sensitive data in the database and marks the account number of the client.
4. The dynamic desensitization method of a relational database according to claim 3, wherein when the database compares the client account and the client password in the login request with the client account and the client password in the database, if there is data marking the client account in the database, after acquiring data required by the client and the viewing right of the client, the data marking the client account is compared with the data required by the client; if the data required by the client is less than the data marked with the client account, removing redundant data in the data marked with the client account and then sending the data to the client; if the data required by the client is the same as the data marked with the client account, sending the data marked with the client account to the client; if the data required by the client is more than the data for marking the client account, acquiring additional data outside the data for marking the client account, sequentially identifying sensitive data of the additional data outside the viewing permission according to the data type, sending the additional data and the data for marking the client account to the client when the sensitive data are not identified, executing the step S03 when the sensitive data are available, and then sending the additional data hiding the sensitive data and the data for marking the client account to the client.
5. The dynamic desensitization method according to claim 1, wherein said step S02 of obtaining client-required data by type specifically includes: the database calls data required by the client according to a request which is applied and consulted by the client, and then forms a data table by the called data according to data types, wherein each column is a data type.
6. The dynamic desensitization method according to claim 5, wherein said step S02 of sequentially identifying, according to data type, the sensitive data of the data required by the client outside the viewing right specifically includes: and the database compares the data of each column with the data outside the viewing authority in the database according to the data of each column in the data table, if the data of one column is outside the viewing authority, the column is marked, and otherwise, the data of each column is marked after the sensitive data outside the viewing authority.
7. The method for dynamic desensitization of relational databases according to claim 6, wherein said step S03 comprises: the database overwrites the marked columns in the SQL statement or the sensitive data through desensitization rules and notes the position in the data table, and the sensitive data is hidden.
8. The method of claim 7, wherein the desensitization rule includes replacing sensitive data in the SQL statement with a specific character and overwriting a specific schema of the corresponding sensitive data with a specific schema.
9. The method for dynamic desensitization of relational databases according to claim 1, wherein said step S03 further comprises: and sequentially identifying the data required by the client after rewriting the SQL statements again according to the data types, executing the step S04 after identifying that the sensitive data is not beyond the viewing authority, and rewriting the SQL statements of the data required by the client containing the sensitive data by the database through desensitization rules otherwise.
10. The method for dynamic desensitization of relational databases according to claim 1, wherein the SQL statements sent in step S04 that hide the data required by the clients of sensitive data are encrypted.
CN202110246191.XA 2021-03-05 2021-03-05 Dynamic desensitization method for relational database Active CN112749376B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110246191.XA CN112749376B (en) 2021-03-05 2021-03-05 Dynamic desensitization method for relational database

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110246191.XA CN112749376B (en) 2021-03-05 2021-03-05 Dynamic desensitization method for relational database

Publications (2)

Publication Number Publication Date
CN112749376A true CN112749376A (en) 2021-05-04
CN112749376B CN112749376B (en) 2023-03-24

Family

ID=75651670

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110246191.XA Active CN112749376B (en) 2021-03-05 2021-03-05 Dynamic desensitization method for relational database

Country Status (1)

Country Link
CN (1) CN112749376B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113591150A (en) * 2021-08-03 2021-11-02 浙江图盛输变电工程有限公司温州科技分公司 Desensitization processing method for sensitive data

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070294539A1 (en) * 2006-01-27 2007-12-20 Imperva, Inc. Method and system for transparently encrypting sensitive information
WO2017088683A1 (en) * 2015-11-24 2017-06-01 阿里巴巴集团控股有限公司 Data desensitization method and system
CN111400762A (en) * 2020-03-18 2020-07-10 上海凯馨信息科技有限公司 Dynamic desensitization method for oracle database
CN111931240A (en) * 2020-09-22 2020-11-13 安徽长泰信息安全服务有限公司 Database desensitization method for protecting sensitive private data
CN112069536A (en) * 2020-08-31 2020-12-11 上海上讯信息技术股份有限公司 Method and equipment for realizing desensitization access of database data

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070294539A1 (en) * 2006-01-27 2007-12-20 Imperva, Inc. Method and system for transparently encrypting sensitive information
WO2017088683A1 (en) * 2015-11-24 2017-06-01 阿里巴巴集团控股有限公司 Data desensitization method and system
CN111400762A (en) * 2020-03-18 2020-07-10 上海凯馨信息科技有限公司 Dynamic desensitization method for oracle database
CN112069536A (en) * 2020-08-31 2020-12-11 上海上讯信息技术股份有限公司 Method and equipment for realizing desensitization access of database data
CN111931240A (en) * 2020-09-22 2020-11-13 安徽长泰信息安全服务有限公司 Database desensitization method for protecting sensitive private data

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113591150A (en) * 2021-08-03 2021-11-02 浙江图盛输变电工程有限公司温州科技分公司 Desensitization processing method for sensitive data
CN113591150B (en) * 2021-08-03 2024-04-26 浙江图盛输变电工程有限公司温州科技分公司 Desensitization processing method for sensitive data

Also Published As

Publication number Publication date
CN112749376B (en) 2023-03-24

Similar Documents

Publication Publication Date Title
US20200074109A1 (en) Generating and processing obfuscated sensitive information
CN106295388B (en) A kind of data desensitization method and device
CN107423632B (en) Customizable sensitive data desensitization method and system
US8397077B2 (en) Client side authentication redirection
US9298902B2 (en) System, method and program product for recording creation of a cancelable biometric reference template in a biometric event journal record
CN112417476A (en) Desensitization method and data desensitization system for sensitive data
CN112417511B (en) Method for analyzing data authority control based on Handle identification
CA3171228C (en) Block chain proof for identification
CN112749376B (en) Dynamic desensitization method for relational database
CN110298328B (en) Test data forming method, test data forming apparatus, electronic device, and medium
CN112818361A (en) Platform authority resource and project authority resource independent double-authority method and device
WO2020251701A1 (en) Resolving decentralized identifiers using multiple resolvers
US10929556B1 (en) Discrete data masking security system
CN111090616B (en) File management method, corresponding device, equipment and storage medium
CN108629162B (en) Source code protection method and device
JP4641121B2 (en) How to create and register a login password
JP2009146198A (en) Information management system
CN110971511B (en) Instant messaging processing method, device, equipment and computer readable storage medium
CN110955858B (en) Information management method of network license platform
CN114722417B (en) Method and system for protecting privacy of quotation file
KR102503471B1 (en) Service server capable of performing internet access management services according to grades and the operating method thereof
CN115884180B (en) 5G network security management system
CN111355710B (en) Data request method and device of network service
CN111209589A (en) Method and system for dynamic data desensitization based on regional chain
CN117640152A (en) Dynamic desensitization method and device based on API gateway

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CP02 Change in the address of a patent holder

Address after: 311121 Room 101, Building 9, No. 998, Wenyi West Road, Wuchang Subdistrict, Yuhang District, Hangzhou City, Zhejiang Province

Patentee after: Flash it Co.,Ltd.

Address before: Room 608, No. 998 Wenyi West Road, Wuchang Street, Yuhang District, Hangzhou City, Zhejiang Province

Patentee before: Flash it Co.,Ltd.

CP02 Change in the address of a patent holder
PE01 Entry into force of the registration of the contract for pledge of patent right

Denomination of invention: A Dynamic Desensitization Method for Relational Database

Granted publication date: 20230324

Pledgee: Guotou Taikang Trust Co.,Ltd.

Pledgor: Flash it Co.,Ltd.

Registration number: Y2024980004915

PE01 Entry into force of the registration of the contract for pledge of patent right