Disclosure of Invention
The invention solves the problems of poor flexibility because different programs are required to be set for data desensitization of different types in the prior art, and provides a dynamic desensitization method of a relational database, which can desensitize any type of sensitive data in real time and has strong flexibility.
In order to achieve the above purpose, the invention is realized by the following technical scheme:
a method of dynamic desensitization of a relational database, the method comprising:
step S01, the database receives a login request of the client and verifies the login request, if the login request is verified correctly, the step S02 is executed, otherwise, the step S01 is repeated;
step S02, after receiving a request for applying for reference by a client, a database acquires the viewing permission of the client, acquires data required by the client according to data types, sequentially identifies sensitive data of the data required by the client outside the viewing permission according to the data types, sends the data required by the client to the client if the sensitive data are not identified, and executes step S03 if the sensitive data are not identified;
s03, sequentially rewriting SQL statements of data required by each type of client containing sensitive data by the database through desensitization rules, and hiding the sensitive data;
and S04, the database sends the data needed by the client with the hidden sensitive data to the client.
When the database data is acquired, the database can be accessed only after the login request is verified to be correct, and the security of the database is ensured. Different clients have different viewing permissions, so that the different clients can be guaranteed to avoid sensitive data leakage under the condition of acquiring required data, and privacy safety is guaranteed. The SQL sentences containing the required data of the clients of each type of the sensitive data are rewritten in sequence through desensitization rules, the operation is flexible, the sensitive data do not need to be subjected to classified desensitization, and the classified desensitization can be subjected to real-time desensitization to different viewing authorities quickly and well in sequence.
Preferably, the step S01 of receiving, by the database, the login of the client specifically includes:
step S11, the database performs login verification on the client account and the client password in the login request;
and S12, comparing the client account and the client password in the login request with the client account and the client password in the database by the database, accumulating and counting the number of comparison in comparison, if the client account and the client password in the login request are the client account and the client password in the database and the accumulated number is less than or equal to the preset number, successfully logging in, and otherwise, not performing login verification within the preset time.
The setting enhances the safety of the client during login and avoids the information leakage of the database.
Preferably, the step S04 further includes: and the database stores the data required by the client hiding the sensitive data in the database and marks the account number of the client.
Preferably, when the database compares the client account and the client password in the login request with the client account and the client password in the database, if the database has data marking the client account, the database compares the data marking the client account with the data required by the client after acquiring the data required by the client and the viewing permission of the client; if the data required by the client is less than the data marked with the client account, removing redundant data in the data marked with the client account and then sending the data to the client; if the data required by the client is the same as the data for marking the client account, sending the data for marking the client account to the client; if the data needed by the client is more than the data for marking the client account, acquiring additional data outside the data for marking the client account, sequentially identifying sensitive data of the additional data outside the viewing permission according to the data types, sending the additional data and the data for marking the client account to the client when the sensitive data are not identified, executing the step S03 when the sensitive data are available, and then sending the additional data with the hidden sensitive data and the data for marking the client account to the client.
By the arrangement, the quantity of the required query and desensitization is reduced when the same client logs in repeatedly, the information acquisition speed is increased, and repeated processing is avoided.
Preferably, the step S02 of obtaining the data required by the client according to the type specifically includes: the database calls data required by the client according to a request which is applied and consulted by the client, and then forms a data table by the called data according to data types, wherein each column is a data type.
Forming a data table facilitates desensitization and client viewing.
Preferably, the step S02 of sequentially identifying, according to the data type, the sensitive data of the data required by the client outside the viewing right specifically includes: and the database compares the data of each column with the data outside the viewing authority in the database according to the data of each column in the data table, if the data of one column is outside the viewing authority, the column is marked, and otherwise, the data of each column is marked after the sensitive data outside the viewing authority.
This arrangement facilitates rapid location of sensitive data during desensitization.
Preferably, the step S03 specifically includes: and the database rewrites the sensitive data marked in the SQL statement and notes the position in the data table through a desensitization rule to hide the sensitive data.
This arrangement increases the desensitization speed and reduces the time for the database to process data.
Preferably, the desensitization rule includes replacing sensitive data in the SQL statement with a specific character and overwriting a specific schema of the corresponding sensitive data with a specific schema.
Preferably, the step S03 further includes: and sequentially identifying the data required by the client after rewriting the SQL statements again according to the data types, executing the step S04 after identifying that the sensitive data is not checked, and rewriting the SQL statements of the data required by the client containing the sensitive data by the database through desensitization rules otherwise.
Therefore, omission is prevented when the SQL statement is rewritten, confirmation is carried out, and sensitive data omission is effectively avoided.
Preferably, the SQL statement sent in step S04 and hiding the data required by the client of the sensitive data is encrypted.
Therefore, the SQL statement is irreversibly rewritten, and sensitive data leakage is prevented.
The invention has the advantages that:
(1) When the database data is acquired, the database data is required to be logged in first, and the database can be accessed only after the login request is verified to be correct, the verification times are limited, and the confidentiality of the database is ensured.
(2) The database stores the data needed by the client with hidden sensitive data in the database, marks the account number of the client, and directly obtains the data according to the data needed by the client when the client logs in next time, so as to remove the data or add the data. Therefore, when the same client logs in repeatedly, the quantity of the information to be inquired and desensitized is reduced, the information acquisition speed is increased, and repeated processing is avoided.
(3) Different clients have different viewing authorities, so that the leakage of sensitive data can be avoided under the condition of acquiring required data by the different clients, and privacy safety is ensured.
(4) The SQL statements of the data required by the client side of each type containing the sensitive data are rewritten in sequence through desensitization rules, the operation is flexible, classification desensitization on the sensitive data is not needed, and real-time desensitization can be performed on different viewing authorities quickly and well through classification sequential desensitization.
Detailed Description
The following are specific embodiments of the present invention and are further described with reference to the drawings, but the present invention is not limited to these embodiments.
As shown in fig. 1, to achieve the above object, the present invention is implemented by the following technical solutions:
a method of dynamic desensitization of a relational database, the method comprising:
and step S01, the database receives the login request of the client and verifies the login request, if the login request is verified correctly, the step S02 is executed, and if not, the step S01 is repeated.
The step S01 of the database receiving the login of the client specifically includes:
and step S11, the database performs login verification on the client account and the client password in the login request.
And S12, comparing the client account and the client password in the login request with the client account and the client password in the database by the database, accumulating and counting the number of comparison in comparison, if the client account and the client password in the login request are the client account and the client password in the database and the accumulated number is less than or equal to the preset number, successfully logging in, and otherwise, not performing login verification within the preset time.
The preset times are three times, and the preset time is 12 hours. The setting enhances the safety of the client during login and avoids the information leakage of the database. And when the account number and the password are input, once the time difference between the first character and the last character is input is larger than the preset time difference, the user cannot log in the database. The setting enhances the safety of the client during logging in and avoids the information leakage of the database.
And step S02, after receiving a request for applying for reference by the client, the database acquires the viewing permission of the client, acquires data required by the client according to the data type, sequentially identifies sensitive data of the data required by the client outside the viewing permission according to the data type, sends the data required by the client to the client if no sensitive data is identified, and executes step S03 if no sensitive data is identified.
The obtaining of the data required by the client according to the type specifically includes: the database calls data required by the client according to a request which is applied and consulted by the client, and then forms a data table by the called data according to data types, wherein each column is a data type.
Identifying sensitive data of the data required by the client outside the viewing permission in sequence according to the data types specifically comprises the following steps: and the database compares the data of each column with the data outside the viewing authority in the database according to the data of each column in the data table, if the data of one column is outside the viewing authority, the column is marked, and otherwise, the data of each column is marked after the sensitive data outside the viewing authority. This arrangement facilitates rapid location of sensitive data during desensitization.
And S03, the database sequentially rewrites SQL sentences of the data required by the clients of each type containing the sensitive data through desensitization rules, and the sensitive data are hidden. Specifically, the database overwrites the sensitive data marked in the SQL statement and notes the position in the data table by the desensitization rule, hiding the sensitive data. This arrangement increases the desensitization speed and reduces the time for the database to process data.
The desensitization rule includes replacing sensitive data in the SQL statement with a specific character and overwriting a specific schema of the corresponding sensitive data with the specific schema. Specifically, the SQL statement: select id, name from student. Desensitization rules: table: student, column: name, desensitization algorithm: mask. Sentence parsing structure: columns, id, name; tables is student; matching the name with the student, name through an algorithm, rewriting the name into a mask (name) as name, and finally outputting a statement: select id, mask (name) as name from student.
Preferably, the step S03 further includes: and sequentially identifying the data required by the client after rewriting the SQL statements again according to the data types, executing the step S04 after identifying that the sensitive data is not checked, and rewriting the SQL statements of the data required by the client containing the sensitive data by the database through desensitization rules otherwise. Therefore, omission is prevented when the SQL statement is rewritten, confirmation is carried out, and sensitive data omission is effectively avoided.
And S04, the database sends the data needed by the client with the hidden sensitive data to the client. And the transmitted SQL statement of the data required by the client hiding the sensitive data is encrypted. Therefore, the SQL statement is irreversibly rewritten, and sensitive data leakage is prevented.
Step S04 further includes: and the database stores the data required by the client hiding the sensitive data in the database and marks the account number of the client. Preferably, when the database compares the client account and the client password in the login request with the client account and the client password in the database, if the data marked with the client account exists in the database, the data marked with the client account is compared with the data required by the client after acquiring the data required by the client and the viewing permission of the client. And if the data required by the client is less than the data marked with the client account, removing redundant data in the data marked with the client account and then sending the data to the client. And if the data required by the client is the same as the data marked with the client account, sending the data marked with the client account to the client. If the data required by the client is more than the data for marking the client account, acquiring additional data outside the data for marking the client account, sequentially identifying sensitive data of the additional data outside the viewing permission according to the data type, sending the additional data and the data for marking the client account to the client when the sensitive data are not identified, executing the step S03 when the sensitive data are available, and then sending the additional data in which the sensitive data are hidden and the data for marking the client account to the client.
By the arrangement, the quantity of the required query and desensitization is reduced when the same client logs in repeatedly, the information acquisition speed is increased, and repeated processing is avoided.
When the database data is acquired, the database can be accessed only after the login request is verified to be correct, and the security of the database is ensured. Different clients have different viewing permissions, so that the different clients can be guaranteed to avoid sensitive data leakage under the condition of acquiring required data, and privacy safety is guaranteed. The SQL statements of the data required by the client side of each type containing the sensitive data are rewritten in sequence through desensitization rules, the operation is flexible, classification desensitization on the sensitive data is not needed, and real-time desensitization can be performed on different viewing authorities quickly and well through classification sequential desensitization.
The specific embodiments described herein are merely illustrative of the spirit of the invention. Various modifications or additions may be made to the described embodiments or alternatives may be employed by those skilled in the art without departing from the spirit or ambit of the invention as defined in the appended claims.