CN113010901A - Automatic safety inspection method and terminal based on asset model - Google Patents

Automatic safety inspection method and terminal based on asset model Download PDF

Info

Publication number
CN113010901A
CN113010901A CN202110450013.9A CN202110450013A CN113010901A CN 113010901 A CN113010901 A CN 113010901A CN 202110450013 A CN202110450013 A CN 202110450013A CN 113010901 A CN113010901 A CN 113010901A
Authority
CN
China
Prior art keywords
asset
data
inspected
oval
acquiring
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110450013.9A
Other languages
Chinese (zh)
Other versions
CN113010901B (en
Inventor
李杏萍
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Weiyuan Pilot Technology Co ltd
Original Assignee
Shenzhen Weiyuan Pilot Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Weiyuan Pilot Technology Co ltd filed Critical Shenzhen Weiyuan Pilot Technology Co ltd
Priority to CN202110450013.9A priority Critical patent/CN113010901B/en
Publication of CN113010901A publication Critical patent/CN113010901A/en
Application granted granted Critical
Publication of CN113010901B publication Critical patent/CN113010901B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F40/00Handling natural language data
    • G06F40/10Text processing
    • G06F40/166Editing, e.g. inserting or deleting
    • G06F40/186Templates

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Artificial Intelligence (AREA)
  • Audiology, Speech & Language Pathology (AREA)
  • Computational Linguistics (AREA)
  • General Health & Medical Sciences (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention discloses an automatic safety inspection method and a terminal based on an asset model, which establish a virtualization definition in an OVAL following the grammar of the OVAL by additionally arranging an asset information model in the SCAP; when automatic security inspection is carried out, if an OVAL engine cannot acquire data to be inspected required by the automatic security inspection through a standard data acquisition path, acquiring the data to be inspected from a corresponding asset information model through a virtualized data acquisition path based on the virtualization definition; because the established virtualization definition follows OVAL grammar, the established virtualization definition can still be used as a normal semantic in OVAL, and a data source of the virtualization definition is interpreted as an asset information model, so that the asset description content is enriched, the data to be checked can be flexibly acquired through the virtualization definition, the universality of the SCAP is improved, and the SCAP is suitable for various complex security check scenes.

Description

Automatic safety inspection method and terminal based on asset model
Technical Field
The invention relates to the field of asset management, in particular to an automatic safety inspection method and terminal based on an asset model.
Background
Describing assets by using a CPE (Common Platform Enumeration) in a SCAP (secure content automation protocol); an inspection list used by the automatic inspection is described by using XCCDF (Extensible Configuration Checklist Description Format), and the method has the functions of cutting inspection items and displaying reports; the technical details of Vulnerability, patch, asset or configuration inspection are described by using OVAL (Open Vulnerability and Assessment Language), a specific inspection method is defined, the CPE is dependent on the OVAL, and XCCDF is established on the CPE and the OVAL.
However, the SCAP has the following disadvantages: firstly, the CPE only contains name and version information, and the coverage of the contained software asset information is seriously insufficient, so that the description of the SCAP to the asset has greater limitation; secondly, XCCDF and CPE both rely on the asset identification capability of the OVAL finally, however, the OVAL has some specific identification methods for operating system software, but has great limitation for the identification of other software, so that the inspection rule of the OVAL cannot meet the requirements of flexibility and complexity of asset identification, and further limits the capability of the whole SCAP.
Disclosure of Invention
The technical problem to be solved by the invention is as follows: the automatic safety inspection method and the terminal based on the asset model are provided, and can be suitable for various complex safety inspection scenes and ensure the automatic safety inspection.
In order to solve the technical problems, the invention adopts the technical scheme that:
an automated safety inspection method based on an asset model comprises the following steps:
adding an asset information model in the SCAP, and establishing a virtualization definition in the OVAL;
acquiring an automatic safety inspection request, and judging whether an OVAL engine can acquire data to be inspected required by the automatic safety inspection request through a standard data acquisition path or not, if so, directly acquiring the data to be inspected, and if not, acquiring the data to be inspected from a corresponding asset information model through a virtualized data acquisition path based on the virtualization definition;
and carrying out automatic safety inspection according to the standard inspection method of the OVAL engine based on the data to be inspected.
In order to solve the technical problem, the invention adopts another technical scheme as follows:
an asset model-based automated security inspection terminal comprising a memory, a processor, and a computer program stored on the memory and executable on the processor, the processor when executing the computer program implementing the steps of:
adding an asset information model in the SCAP, and establishing a virtualization definition in the OVAL;
acquiring an automatic safety inspection request, and judging whether an OVAL engine can acquire data to be inspected required by the automatic safety inspection request through a standard data acquisition path or not, if so, directly acquiring the data to be inspected, and if not, acquiring the data to be inspected from a corresponding asset information model through a virtualized data acquisition path based on the virtualization definition;
and carrying out automatic safety inspection according to the standard inspection method of the OVAL engine based on the data to be inspected.
The invention has the beneficial effects that: an asset information model is added in the SCAP, and a virtualization definition is established in the OVAL according to the grammar of the OVAL; when automatic security inspection is carried out, if an OVAL engine cannot acquire data to be inspected required by the automatic security inspection through a standard data acquisition path, acquiring the data to be inspected from a corresponding asset information model through a virtualized data acquisition path based on the virtualization definition; because the established virtualization definition follows OVAL grammar, the ability of explaining the virtualization definition is introduced into an OVAL engine, the OVAL still can be used as a normal semantic, a data source of the virtualization definition is explained into an asset information model, data of the asset information model is used in the OVAL definition through the virtualization OVAL definition, the semantic of the OVAL is expanded, the content of asset description is enriched, and the problem that the description of the asset by SCAP in the prior art is less is solved; based on the data to be checked, automatic safety check is carried out according to the standard check method of the OVAL engine, so the invention enriches the content of asset description by using an asset information model, and based on the virtualization of the OVAL, the data to be checked can be flexibly obtained from the asset information model through virtualization definition, thereby greatly improving the universality of SCAP and being suitable for various complex safety check scenes.
Drawings
FIG. 1 is a flow diagram of an automated asset model-based security inspection method according to an embodiment of the present invention;
FIG. 2 is a schematic diagram of an asset model-based automated security inspection terminal according to an embodiment of the present invention;
FIG. 3 is a diagram of the relationship between an asset identification engine and an asset information model of an asset model-based automated security inspection method according to an embodiment of the present invention;
FIG. 4 is a block diagram of an asset information model of an automated security inspection method based on an asset model according to an embodiment of the present invention;
FIG. 5 is an improved view of an asset and knowledge base representation of an asset model-based automated security inspection method according to an embodiment of the invention;
FIG. 6 is an improved SCAP dependency hierarchy of an asset model-based automated security inspection method according to an embodiment of the present invention;
FIG. 7 is a diagram of an OVAL architecture for an asset model-based automated security inspection method in accordance with an embodiment of the present invention;
FIG. 8 is a timing diagram illustrating detection data obtained by an automated asset model-based security inspection method according to an embodiment of the present invention;
FIG. 9 is a diagram of an OVAL architecture for acquiring data using environmental objects of an asset model-based automated security inspection method according to an embodiment of the present invention;
FIG. 10 is a diagram of an OVAL architecture for acquiring data using external variables in an asset model-based automated security inspection method according to an embodiment of the present invention;
FIG. 11 is a timing diagram illustrating the determination of the inspection template, inspection item and CPE expression in an asset model based automated security inspection method according to an embodiment of the present invention;
FIG. 12 is a CPE dependency graph of an asset model based automated security check method according to an embodiment of the present invention;
fig. 13 is a diagram of CPE interface improvement of an asset model-based automated security inspection method according to an embodiment of the present invention.
Detailed Description
In order to explain technical contents, achieved objects, and effects of the present invention in detail, the following description is made with reference to the accompanying drawings in combination with the embodiments.
Referring to fig. 1, an embodiment of the present invention provides an automated security inspection method based on an asset model, including the steps of:
adding an asset information model in the SCAP, and establishing a virtualization definition in the OVAL;
acquiring an automatic safety inspection request, and judging whether an OVAL engine can acquire data to be inspected required by the automatic safety inspection request through a standard data acquisition path or not, if so, directly acquiring the data to be inspected, and if not, acquiring the data to be inspected from a corresponding asset information model through a virtualized data acquisition path based on the virtualization definition;
and carrying out automatic safety inspection according to the standard inspection method of the OVAL engine based on the data to be inspected.
From the above description, the beneficial effects of the present invention are: an asset information model is added in the SCAP, and a virtualization definition is established in the OVAL according to the grammar of the OVAL; when automatic security inspection is carried out, if an OVAL engine cannot acquire data to be inspected required by the automatic security inspection through a standard data acquisition path, acquiring the data to be inspected from a corresponding asset information model through a virtualized data acquisition path based on the virtualization definition; because the established virtualization definition follows the OVAL grammar, the ability of explaining the virtualization definition is introduced into the OVAL, the OVAL can still be used as a normal semantic, the data source of the virtualization definition is explained into an asset information model, the data of the asset information model is used in the definition of the OVAL through the virtualization OVAL definition, the semantic of the OVAL is expanded, the content of asset description is enriched, and the problem that the description of the asset by SCAP in the prior art is less is solved; based on the data to be checked, automatic safety check is carried out according to the standard check method of the OVAL engine, so the invention enriches the content of asset description by using an asset information model, and based on the virtualization of the OVAL, the data to be checked can be flexibly obtained from the asset information model through virtualization definition, thereby greatly improving the universality of SCAP and being suitable for various complex safety check scenes.
Further, still include:
an asset identification engine is additionally arranged in the SCAP;
the acquiring the data to be inspected from the corresponding asset information model through the virtualized data acquisition path based on the virtualization definition comprises:
generating an asset instance corresponding to the data to be inspected through the asset information model based on the virtualization definition;
and identifying the asset instance through the asset identification engine, and acquiring the data to be checked from the asset instance.
According to the description, the asset identification engine is used for identifying the asset examples and acquiring the data to be inspected from the asset examples, so that the semantics of the OVAL can be expanded, and the inspection method of the OVAL engine is enriched, so that the complex automatic inspection environment can be conveniently dealt with.
Further, the determining whether the OVAL engine can acquire the data to be inspected required by the automated security inspection request through a standard data acquisition path, if so, directly acquiring the data to be inspected, and if not, acquiring the data to be inspected from a corresponding asset information model through a virtualized data acquisition path based on the virtualization definition includes:
judging whether the data to be inspected required by the automatic safety inspection request can be acquired through an environment object in the OVAL engine, if so, directly acquiring the data to be inspected through the environment object;
if not, generating an asset instance corresponding to the data to be inspected through the asset information model based on the virtualized environment object, and naming the virtualized environment object according to the automatic safety inspection request;
identifying the asset instance through the asset identification engine, and acquiring the data to be checked from the asset instance according to the name of the virtualization environment object;
or judging whether to-be-inspected data required by the automatic safety inspection request can be acquired through an external variable in the OVAL engine, if so, directly acquiring the inspection data through the external variable;
if not, generating an asset instance corresponding to the data to be checked through the asset information model based on the virtualized external variable, and setting the ID of the virtualized external variable according to the automatic safety check request;
and identifying the asset instance through the asset identification engine, and acquiring the data to be checked from the asset instance according to the ID of the virtualized external variable.
It can be known from the above description that, when the standard data acquisition method in the OVAL engine cannot acquire the data to be checked, the data to be checked is searched from the asset instance by a method of establishing a virtualized environment object or establishing a virtualized external variable, and the basic information of the virtualized environment variable or the virtualized external variable is adaptively set, so that the data can be used as a normal semantic in the OVAL, the data of the asset instance is used in the OVAL while following the syntax of the OVAL, the inspection method of the OVAL engine is enriched, and the universality of the inspection method is improved.
Further, the obtaining the request for the automated security check comprises:
generating a corresponding checking method according to all checking data required by the automatic safety checking request;
generating an asset instance corresponding to the automatic safety inspection request through the asset information model, identifying the asset type of the asset instance, and determining a corresponding inspection template through the asset type and the inspection method;
acquiring a corresponding CPE expression according to the inspection template, judging whether the asset instance can be detected or not based on the CPE expression, if so, judging whether an OVAL engine can acquire the data to be detected required by the automatic safety inspection request through a standard data acquisition path, and if not, not detecting the asset instance;
the acquiring the data to be inspected from the corresponding asset information model comprises:
interpreting, by an asset identification engine, the CPE expression;
matching a corresponding asset instance based on the interpretation result and a matching specification generated after the CPE engine is matched with the asset information model;
and acquiring the inspection data corresponding to the asset instance through an interface of an asset identification engine.
According to the above description, the inspection template and the corresponding CPE expression are determined according to the asset type, whether the asset instance is suitable for the inspection method in the inspection template can be judged according to the calculation result of the asset instance on the CPE expression, and if the asset instance is suitable for the inspection method in the inspection template, whether the OVAL engine can obtain the to-be-inspected data required by the automatic security inspection request through a standard data acquisition path is judged; therefore, the CPE expression is determined through the inspection template, the applicability can be judged before inspection, and the phenomenon that the inspection template is not applicable and an error inspection result is generated is avoided; the CPE and the asset identification engine are used for acquiring the inspection data of the asset instance, the CPE is adapted to the asset information model to generate a corresponding representation specification and a matching specification, so that the expression capability of the CPE can be improved, the explanation and matching of the CPE expression specification depend on the asset identification engine, the follow-up management of the asset identification engine is facilitated, and the universality of asset inspection is improved; it can be seen that the XCCDF engine and CPE engine are able to obtain data directly through the asset identification engine, rather than relying solely on the OVAL engine to obtain data.
Further, the establishment of the virtualization definition in the OVAL is replaced by adding an asset attribute element in the OVAL;
whether the OVAL engine can acquire the data to be inspected required by the automatic safety inspection request through a standard data acquisition path or not is judged, if yes, the data to be inspected are directly acquired, and if not, the data to be inspected are acquired from a corresponding asset information model through a virtualized data acquisition path based on the virtualization definition and are replaced by:
determining the data to be inspected required by the automatic safety inspection request, determining the corresponding asset attribute elements according to the data to be inspected, judging whether the asset attribute elements are the added asset attribute elements, and if so, acquiring the data to be inspected from the corresponding asset information model based on the added asset attribute elements.
It can be known from the above description that by introducing a new semantic meaning into the OVAL, adding asset attribute elements having a corresponding syntax, i.e., a corresponding acquisition path, thereby expanding the semantic meaning and syntax of the OVAL, so that the added asset attribute elements can be used as standard semantic meanings, without establishing a virtual definition in the OVAL by a virtualization method, and acquiring the data to be inspected from a corresponding asset information model based on the added asset attribute elements, i.e., expanding the syntax of the OVAL, enriching the expression capability of the OVAL and reducing the complexity of automated security inspection.
Referring to fig. 2, another embodiment of the present invention provides an asset model-based automated security inspection terminal, including a memory, a processor, and a computer program stored in the memory and executable on the processor, where the processor executes the computer program to implement the following steps:
adding an asset information model in the SCAP, and establishing a virtualization definition in the OVAL;
acquiring an automatic safety inspection request, and judging whether an OVAL engine can acquire data to be inspected required by the automatic safety inspection request through a standard data acquisition path or not, if so, directly acquiring the data to be inspected, and if not, acquiring the data to be inspected from a corresponding asset information model through a virtualized data acquisition path based on the virtualization definition;
and carrying out automatic safety inspection according to the standard inspection method of the OVAL engine based on the data to be inspected.
As can be seen from the above description, the asset information model is added in the SCAP, and the virtualization definition is established in the OVAL according to the syntax of the OVAL; when automatic security inspection is carried out, if an OVAL engine cannot acquire data to be inspected required by the automatic security inspection through a standard data acquisition path, acquiring the data to be inspected from a corresponding asset information model through a virtualized data acquisition path based on the virtualization definition; because the established virtualization definition follows OVAL grammar, the ability of explaining the virtualization definition is introduced into an OVAL engine, the OVAL still can be used as a normal semantic, a data source of the virtualization definition is explained into an asset information model, data of the asset information model is used in the OVAL definition through the virtualization OVAL definition, the semantic of the OVAL is expanded, the content of asset description is enriched, and the problem that the description of the asset by SCAP in the prior art is less is solved; based on the data to be checked, automatic safety check is carried out according to the standard check method of the OVAL engine, so the invention enriches the content of asset description by using an asset information model, and based on the virtualization of the OVAL, the data to be checked can be flexibly obtained from the asset information model through virtualization definition, thereby greatly improving the universality of SCAP and being suitable for various complex safety check scenes.
Further, still include:
an asset identification engine is additionally arranged in the SCAP;
the acquiring the data to be inspected from the corresponding asset information model through the virtualized data acquisition path based on the virtualization definition comprises:
generating an asset instance corresponding to the data to be inspected through the asset information model based on the virtualization definition;
and identifying the asset instance through the asset identification engine, and acquiring the data to be checked from the asset instance.
According to the description, the asset identification engine is used for identifying the asset examples and acquiring the data to be inspected from the asset examples, so that the semantics of the OVAL can be expanded, and the inspection method of the OVAL engine is enriched, so that the complex automatic inspection environment can be conveniently dealt with.
Further, the determining whether the OVAL engine can acquire the data to be inspected required by the automated security inspection request through a standard data acquisition path, if so, directly acquiring the data to be inspected, and if not, acquiring the data to be inspected from a corresponding asset information model through a virtualized data acquisition path based on the virtualization definition includes:
judging whether the data to be inspected required by the automatic safety inspection request can be acquired through an environment object in the OVAL engine, if so, directly acquiring the data to be inspected through the environment object;
if not, generating an asset instance corresponding to the data to be inspected through the asset information model based on the virtualized environment object, and naming the virtualized environment object according to the automatic safety inspection request;
identifying the asset instance through the asset identification engine, and acquiring the data to be checked from the asset instance according to the name of the virtualization environment object;
or judging whether to-be-inspected data required by the automatic safety inspection request can be acquired through an external variable in the OVAL engine, if so, directly acquiring the inspection data through the external variable;
if not, generating an asset instance corresponding to the data to be checked through the asset information model based on the virtualized external variable, and setting the ID of the virtualized external variable according to the automatic safety check request;
and identifying the asset instance through the asset identification engine, and acquiring the data to be checked from the asset instance according to the ID of the virtualized external variable.
It can be known from the above description that, when the standard data acquisition method in the OVAL engine cannot acquire the data to be checked, the data to be checked is searched from the asset instance by a method of establishing a virtualized environment object or establishing a virtualized external variable, and the basic information of the virtualized environment variable or the virtualized external variable is adaptively set, so that the data can be used as a normal semantic in the OVAL, the data of the asset instance is used in the OVAL while following the syntax of the OVAL, the inspection method of the OVAL engine is enriched, and the universality of the inspection method is improved.
Further, the obtaining the request for the automated security check comprises:
generating a corresponding checking method according to all checking data required by the automatic safety checking request;
generating an asset instance corresponding to the automatic safety inspection request through the asset information model, identifying the asset type of the asset instance, and determining a corresponding inspection template through the asset type and the inspection method;
acquiring a corresponding CPE expression according to the inspection template, judging whether the asset instance can be detected or not based on the CPE expression, if so, judging whether an OVAL engine can acquire the data to be detected required by the automatic safety inspection request through a standard data acquisition path, and if not, not detecting the asset instance;
the acquiring the data to be inspected from the corresponding asset information model comprises:
interpreting, by an asset identification engine, the CPE expression;
matching a corresponding asset instance based on the interpretation result and a matching specification generated after the CPE engine is matched with the asset information model;
and acquiring the inspection data corresponding to the asset instance through an interface of an asset identification engine.
According to the above description, the inspection template and the corresponding CPE expression are determined according to the asset type, whether the asset instance is suitable for the inspection method in the inspection template can be judged according to the calculation result of the asset instance on the CPE expression, and if the asset instance is suitable for the inspection method in the inspection template, whether the OVAL engine can obtain the to-be-inspected data required by the automatic security inspection request through a standard data acquisition path is judged; therefore, the CPE expression is determined through the inspection template, the applicability can be judged before inspection, and the phenomenon that the inspection template is not applicable and an error inspection result is generated is avoided; the CPE and the asset identification engine are used for acquiring the inspection data of the asset instance, the CPE is adapted to the asset information model to generate a corresponding representation specification and a matching specification, so that the expression capability of the CPE can be improved, the explanation and matching of the CPE expression specification depend on the asset identification engine, the follow-up management of the asset identification engine is facilitated, and the universality of asset inspection is improved; it can be seen that the XCCDF engine and CPE engine are able to obtain data directly through the asset identification engine, rather than relying solely on the OVAL engine to obtain data.
Further, the establishment of the virtualization definition in the OVAL is replaced by adding an asset attribute element in the OVAL;
whether the OVAL engine can acquire the data to be inspected required by the automatic safety inspection request through a standard data acquisition path or not is judged, if yes, the data to be inspected are directly acquired, and if not, the data to be inspected are acquired from a corresponding asset information model through a virtualized data acquisition path based on the virtualization definition and are replaced by:
determining the data to be inspected required by the automatic safety inspection request, determining the corresponding asset attribute elements according to the data to be inspected, judging whether the asset attribute elements are the added asset attribute elements, and if so, acquiring the data to be inspected from the corresponding asset information model based on the added asset attribute elements.
It can be known from the above description that by introducing a new semantic meaning into the OVAL, adding asset attribute elements having a corresponding syntax, i.e., a corresponding acquisition path, thereby expanding the semantic meaning and syntax of the OVAL, so that the added asset attribute elements can be used as standard semantic meanings, without establishing a virtual definition in the OVAL by a virtualization method, and acquiring the data to be inspected from a corresponding asset information model based on the added asset attribute elements, i.e., expanding the syntax of the OVAL, enriching the expression capability of the OVAL and reducing the complexity of automated security inspection.
The automatic safety inspection method and the terminal based on the asset model can independently describe assets based on the SCAP, thereby improving the description and management capability of the SCAP assets, being suitable for various complex automatic safety inspection scenes, and being explained by the following specific implementation modes:
example one
Referring to fig. 1, an automated safety inspection method based on an asset model includes the steps of:
s1, adding an asset information model in the SCAP, and establishing a virtualization definition in the OVAL;
wherein, still include: an asset identification engine is additionally arranged in the SCAP;
referring to fig. 3 and 4, the asset identification engine can output an asset information model and provide an asset interface, the asset information model includes an asset general model, an asset extension model and an asset knowledge base, and the asset knowledge base includes knowledge base information with different dimensions;
the asset general model comprises type information, installation information, configuration information, updating information and operation information, wherein the type information comprises but is not limited to the name and version information of an asset instance and can be used as an identifier of an asset type; the installation information is the installation position of the asset instance; the configuration information includes configuration file information and log file information of the asset instance; the update information includes patch information for the asset instance; the operation information comprises operation state information of the asset instance;
specifically, referring to fig. 5, in the conventional SCAP, an OVAL engine is used to define an inspection method, a CPE engine is used to perform asset identification, and an XCCDF engine is used to define an inspection item; in this embodiment, an asset information model is added on the basis of the SCAP, and the OVAL, CPE, and XCCDF engines are adapted to the asset information model, so that asset information is independent from the SCAP, and the OVAL, CPE, and XCCDF engines acquire information of the asset information model through an adaptation layer, thereby improving the capability of the SCAP in terms of asset description and management;
specifically, referring to fig. 6, in the embodiment, an asset identification engine is added on the basis of the SCAP, and the asset identification engine can generate a standard asset information model and provide the asset information model to the OVAL, CPE, and XCCDF engines through an asset interface;
s2, acquiring an automatic safety inspection request, and judging whether an OVAL engine can acquire the data to be inspected required by the automatic safety inspection request through a standard data acquisition path, if so, directly acquiring the data to be inspected, and if not, acquiring the data to be inspected from a corresponding asset information model through a virtualized data acquisition path based on the virtualization definition;
wherein the acquiring the data to be inspected from the corresponding asset information model through the virtualized data acquisition path based on the virtualization definition comprises:
generating an asset instance corresponding to the data to be inspected through the asset information model based on the virtualization definition; identifying the asset instance through the asset identification engine, and acquiring the data to be checked from the asset instance;
judging whether a standard data acquisition method of an OVAL engine can acquire data to be inspected of the automatic safety inspection request, if so, directly acquiring the data to be inspected through the data acquisition method, if not, defining a virtualization data acquisition method needing asset instance explanation in the OVAL, and acquiring the data to be inspected of the asset instance by using the virtualization data acquisition method;
specifically, referring to fig. 7, an asset type defines a corresponding inspection method set, the inspection method set includes a plurality of inspection method elements (definitions), and each inspection method element includes: one or several test definition elements (test); a test definition element, which contains one object definition element (object), no more than one object state definition element (state), and several variable definition elements (variable), so in this embodiment, the created virtualization definition includes virtual test, virtual test object state, and virtual variable;
the virtualized data acquisition method established based on the OVAL can acquire data to be checked in an asset instance based on the virtualized definition, the virtualized data acquisition method is used as normal semantics in the OVAL, the source of the virtualized check data is an asset information model, the data of the asset information model can be used in the OVAL definition, the semantics of the OVAL is expanded while the OVAL syntax is followed, and the check method is more flexibly generated to be suitable for various automatic security check scenes;
s3, carrying out automatic safety inspection according to the standard inspection method of the OVAL engine based on the data to be inspected;
specifically, an XCCDF inspection template corresponding to the standard inspection method of the OVAL engine is obtained, and the data to be inspected are subjected to automatic security inspection one by one according to inspection items in the inspection template.
Example two
The present embodiment is different from the first embodiment in that how to obtain the data to be checked of the automatic security check request is further defined:
in an optional implementation manner, whether to-be-inspected data required by the automatic security inspection request can be acquired through an environment object in an OVAL engine is judged, and if yes, the to-be-inspected data is directly acquired through the environment object;
if not, generating an asset instance corresponding to the data to be inspected through the asset information model based on the virtualized environment object, and naming the virtualized environment object according to the automatic safety inspection request;
identifying the asset instance through the asset identification engine, and acquiring the data to be checked from the asset instance according to the name of the virtualization environment object;
specifically, referring to fig. 8 and 9, if the data to be inspected of the automated security inspection request can be acquired through a standard environment object in the OVAL, the definition of the environment object is interpreted, and the data to be inspected is acquired in the process or in the definition of the environment object of the system according to the name of the environment object by using the CollectData interface; if the standard environment object used in the OVAL can not collect the data to be checked, firstly generating an asset instance corresponding to the data to be checked through an asset information model based on the virtualized environment object, and naming the virtualized environment object according to the automatic safety check request; for example, if the installation PATH (PATH) of (INSTALL) in the installation information of the TOMCAT asset is checked, the virtual environment object is named TOMCAT _ INSTALL _ PATH; identifying an asset instance through the asset identification engine, and acquiring data to be checked in the asset instance according to the name of the virtualized environment object by using a CollectData interface;
in another optional embodiment, it is determined whether to-be-inspected data required by the automated security inspection request can be acquired through an external variable in the OVAL engine, and if so, the inspection data is directly acquired through the external variable;
if not, generating an asset instance corresponding to the data to be checked through the asset information model based on the virtualized external variable, and setting the ID of the virtualized external variable according to the automatic safety check request;
identifying the asset instance through the asset identification engine, and acquiring the data to be checked from the asset instance according to the ID of the virtualized external variable;
specifically, referring to fig. 8 and 10, if data to be inspected of the automated security inspection request can be acquired through a standard external variable in the OVAL, acquiring inspection data corresponding to the external variable, including an ID and a data type of the external variable; if the OVAL does not have an external variable capable of acquiring the data to be inspected, generating an asset instance corresponding to the data to be inspected through an asset information model based on the virtualized external variable, and setting an ID of the virtualized external variable according to the automatic safety inspection request, wherein in the embodiment, the ID format of the external variable is "ova: domain.com: var: xxx", and the data to be inspected can be acquired in the asset instance according to the ID of the virtualized external variable;
the method of virtualization definition is not limited to virtualization environment objects or virtualization external variables, and can establish corresponding virtual tests, virtual inspection objects, virtual inspection object states or virtual variables according to requirements;
by the aid of virtualization definition of the inspection objects and variables in the OVAL, corresponding inspection data can be searched from asset instance data through virtualization of the inspection objects or virtualization variables, data of an asset information model is applied to the OVAL while the syntax of the OVAL is followed, accordingly, adaptation of the OVAL and the asset information model is achieved, and the inspection method defined by the OVAL is expanded by adding description of assets on the basis of an original SCAP.
EXAMPLE III
The difference between the present embodiment and the first or second embodiment is that how to adapt the asset information model to the XDDCF is further defined:
specifically, the step of obtaining the automated security check request includes:
generating a corresponding checking method according to all checking data required by the automatic safety checking request;
generating an asset instance corresponding to the automatic safety inspection request through the asset information model, identifying the asset type of the asset instance, and determining a corresponding inspection template through the asset type and the inspection method;
acquiring a corresponding CPE expression according to the inspection template, judging whether the asset instance can be detected or not based on the CPE expression, if so, judging whether an OVAL engine can acquire the data to be detected required by the automatic safety inspection request through a standard data acquisition path, and if not, not detecting the asset instance;
specifically, the inspection template carries a tag of an asset type, and the asset type corresponding to the inspection template can be determined, so that the inspection template corresponds to different asset types, and a knowledge base corresponding to the asset type can be established through the inspection template;
specifically, referring to fig. 11, in the present embodiment, an XCCDF check template is used for checking, a corresponding CPE expression can be obtained according to the XCCDF check template, an asset instance identified by an asset identification engine is used to invoke a checkCPEExpress interface to evaluate the CPE expression, and if the evaluation result is FALSE, the check result is returned to indicate that the detection template is not applicable to the asset instance; if the evaluation result is TRUE, performing applicability check on each check item in the check template;
instead of using XCCDF check templates, other check templates may be used, such as: a custom security policy check template similar to XCCDF semantics or based on asset type and attributes;
besides, the judgment of the asset applicability is completed by depending on the CPE expression, the application range can be calculated by directly utilizing the data of the asset instance;
therefore, XCCDF and CPE are not only dependent on the OVAL engine, but can acquire required data through the asset identification engine before the OVAL check and judge the applicability; the judgment of the applicability is not limited to an XCCDF inspection template and a CPE expression, and the inspection configuration can be adaptively changed in various complex inspection environments, so that the configuration of the automatic inspection is more flexible.
Example four
The difference between this embodiment and any one of the first to third embodiments is that how to adapt the asset information model to the CPE is further defined:
specifically, the acquiring the data to be inspected from the asset instance includes:
interpreting, by an asset identification engine, the CPE expression;
matching a corresponding asset instance based on the interpretation result and a matching specification generated after the CPE engine is matched with the asset information model;
acquiring inspection data corresponding to the asset instance through an interface of an asset identification engine;
specifically, referring to fig. 12 and 13, the CPE engine is adapted to the asset information model to obtain an adapted CPE expression specification and a CPE matching specification, the CPE expression specification is added with an expression capability of a CPE expression, and logical operation capabilities of version greater than, version greater than or equal to, version less than or equal to, and the like are introduced; an interface for judging whether the two CPE expressions contain or are contained and a large interface for judging the two CPE expressions according to the version information are added, so that whether the assets exist or not can be judged, and the versions of the assets can be compared, thereby supporting the safety check of different types of asset instances;
in the embodiment, the matching specification, the CPE expression explanation and the CPE list query of the CPE are handed to an asset identification engine and a structure for processing, namely, the expression of asset operation by a knowledge base is matched out, so that the asset identification engine is independent, and the expression capability of the asset is improved.
EXAMPLE five
This embodiment is different from any one of the first to fourth embodiments in that the creating of the virtualization definition is replaced by adding asset model elements in the OVAL:
specifically, establishing a virtualization definition in the OVAL is replaced by adding an asset attribute element in the OVAL;
whether the OVAL engine can acquire the data to be inspected required by the automatic safety inspection request through a standard data acquisition path or not is judged, if yes, the data to be inspected are directly acquired, and if not, the data to be inspected are acquired from a corresponding asset information model through a virtualized data acquisition path based on the virtualization definition and are replaced by:
determining the data to be inspected required by the automatic safety inspection request, determining a corresponding asset attribute element according to the data to be inspected, judging whether the asset attribute element is the added asset attribute element, and if so, acquiring the data to be inspected from a corresponding asset information model based on the added asset attribute element;
specifically, in this embodiment, an asset attribute element is added to an element of the OVAL, and after the data to be inspected is determined, it is determined whether the asset attribute element corresponding to the data to be inspected is an added asset attribute element, if so, the data to be inspected is obtained from the corresponding asset information model based on the added asset attribute element, and if not, the data to be inspected is obtained directly based on an original data acquisition path before the asset attribute element is added to the OVAL;
that is, all original asset attribute elements in the OVAL have original standard data acquisition paths, that is, original inherent semantics and syntax, after the asset attribute elements are added to the OVAL, new semantics and syntax are added, that is, the asset attribute elements and the corresponding paths for acquiring the data to be inspected are added, when the data to be inspected are acquired, whether the asset attribute elements corresponding to the asset attribute elements are the added asset attribute elements is firstly judged, that is, the asset attribute elements belong to the newly added semantics and need to be acquired according to the added new syntax corresponding to the asset attribute elements, that is, the data to be inspected are acquired from the corresponding asset information model based on the added asset attribute elements, and if not, the data to be inspected can be acquired according to the original inherent semantics and syntax, that is, the data to be inspected are directly acquired according to the original standard data acquisition paths.
EXAMPLE six
Referring to fig. 2, an asset model-based automated security inspection terminal includes a memory, a processor, and a computer program stored in the memory and executable on the processor, where the processor executes the computer program to implement the steps of the asset model-based automated security inspection method according to any one of the first to fifth embodiments.
In summary, according to the automated security inspection method and the terminal based on the asset model provided by the invention, the asset information model is added in the SCAP, and the virtualization definition is established in the OVAL according to the syntax of the OVAL; when automatic safety inspection is carried out, according to data to be inspected, determining a corresponding XCCDF inspection template and a CPE expression through an asset identification engine, and judging whether an asset instance can be applicable to the current inspection template through the CPE expression, wherein the inspection template is not limited to the XCCDF inspection template and can also be inspected by using other inspection templates; the CPE is adapted to the asset information model to generate corresponding representation specifications and matching specifications, so that the expression capability of the CPE can be improved, the explanation and matching of the CPE expression specifications depend on an asset identification engine, the follow-up management of the asset identification engine is facilitated, and the universality of asset inspection is improved; if the OVAL engine can not acquire the data to be inspected required by the automatic safety inspection through a standard data acquisition path, acquiring the data to be inspected from a corresponding asset information model through a virtualized data acquisition path based on the virtualization definition, wherein the virtualization definition is preferably used for establishing a virtualization environment variable, and the corresponding data to be inspected can be acquired from an asset instance through establishing the virtualization environment variable; because the established virtualization definition follows the OVAL grammar, the ability of explaining the virtualization definition is introduced into the OVAL engine, the OVAL can still be used as a normal semantic, the data source of the virtualization definition is explained into an asset information model, and the data of the asset information model is used in the OVAL definition through the virtualized OVAL definition, so that the semantic of the OVAL is expanded, the content of asset description is enriched, and the problem that the description of the asset by SCAP in the prior art is less is solved; the virtualization definition can be replaced by standard asset attribute elements in the OVAL, namely the asset attribute elements are directly added in the OVAL, the virtualization definition is not used for adapting the OVAL, and the complexity of automatic safety inspection is reduced; the invention carries out automatic safety inspection according to the standard inspection method of the OVAL engine based on the data to be inspected, therefore, the invention enriches the content of asset description by using an asset information model, and can flexibly acquire the data to be inspected from the asset information model through virtualization definition based on the virtualization of the OVAL, and XCCDF and CPE not only depend on the OVAL, and can directly acquire the data based on the asset identification engine when carrying out applicability judgment, thereby greatly improving the universality of SCAP and being suitable for various complex safety inspection scenes.
The above description is only an embodiment of the present invention, and not intended to limit the scope of the present invention, and all equivalent changes made by using the contents of the present specification and the drawings, or applied directly or indirectly to the related technical fields, are included in the scope of the present invention.

Claims (10)

1. An automated safety inspection method based on an asset model is characterized by comprising the following steps:
adding an asset information model in the SCAP, and establishing a virtualization definition in the OVAL;
acquiring an automatic safety inspection request, and judging whether an OVAL engine can acquire data to be inspected required by the automatic safety inspection request through a standard data acquisition path or not, if so, directly acquiring the data to be inspected, and if not, acquiring the data to be inspected from a corresponding asset information model through a virtualized data acquisition path based on the virtualization definition;
and carrying out automatic safety inspection according to the standard inspection method of the OVAL engine based on the data to be inspected.
2. The method of claim 1, further comprising:
an asset identification engine is additionally arranged in the SCAP;
the acquiring the data to be inspected from the corresponding asset information model through the virtualized data acquisition path based on the virtualization definition comprises:
generating an asset instance corresponding to the data to be inspected through the asset information model based on the virtualization definition;
and identifying the asset instance through the asset identification engine, and acquiring the data to be checked from the asset instance.
3. The method as claimed in claim 2, wherein the determining whether the OVAL engine can obtain the data to be inspected required by the automated security inspection request through a standard data acquisition path, if yes, directly obtaining the data to be inspected, and if not, obtaining the data to be inspected from the corresponding asset information model through a virtualized data acquisition path based on the virtualization definition includes:
judging whether the data to be inspected required by the automatic safety inspection request can be acquired through an environment object in the OVAL engine, if so, directly acquiring the data to be inspected through the environment object;
if not, generating an asset instance corresponding to the data to be inspected through the asset information model based on the virtualized environment object, and naming the virtualized environment object according to the automatic safety inspection request;
identifying the asset instance through the asset identification engine, and acquiring the data to be checked from the asset instance according to the name of the virtualization environment object;
or judging whether to-be-inspected data required by the automatic safety inspection request can be acquired through an external variable in the OVAL engine, if so, directly acquiring the inspection data through the external variable;
if not, generating an asset instance corresponding to the data to be checked through the asset information model based on the virtualized external variable, and setting the ID of the virtualized external variable according to the automatic safety check request;
and identifying the asset instance through the asset identification engine, and acquiring the data to be checked from the asset instance according to the ID of the virtualized external variable.
4. The method of claim 2, wherein obtaining the automated security inspection request comprises:
generating a corresponding checking method according to all checking data required by the automatic safety checking request;
generating an asset instance corresponding to the automatic safety inspection request through the asset information model, identifying the asset type of the asset instance, and determining a corresponding inspection template through the asset type and the inspection method;
acquiring a corresponding CPE expression according to the inspection template, judging whether the asset instance can be detected or not based on the CPE expression, if so, judging whether an OVAL engine can acquire the data to be detected required by the automatic safety inspection request through a standard data acquisition path, and if not, not detecting the asset instance;
the acquiring the data to be inspected from the corresponding asset information model comprises:
interpreting, by an asset identification engine, the CPE expression;
matching a corresponding asset instance based on the interpretation result and a matching specification generated after the CPE engine is matched with the asset information model;
and acquiring the inspection data corresponding to the asset instance through an interface of an asset identification engine.
5. The method according to claim 1, wherein the creating of the virtualization definition in the OVAL is replaced by adding an asset attribute element in the OVAL;
whether the OVAL engine can acquire the data to be inspected required by the automatic safety inspection request through a standard data acquisition path or not is judged, if yes, the data to be inspected are directly acquired, and if not, the data to be inspected are acquired from a corresponding asset information model through a virtualized data acquisition path based on the virtualization definition and are replaced by:
determining the data to be inspected required by the automatic safety inspection request, determining the corresponding asset attribute elements according to the data to be inspected, judging whether the asset attribute elements are the added asset attribute elements, and if so, acquiring the data to be inspected from the corresponding asset information model based on the added asset attribute elements.
6. An asset model-based automated security inspection terminal comprising a memory, a processor, and a computer program stored on the memory and executable on the processor, wherein the processor when executing the computer program performs the steps of:
adding an asset information model in the SCAP, and establishing a virtualization definition in the OVAL;
acquiring an automatic safety inspection request, and judging whether an OVAL engine can acquire data to be inspected required by the automatic safety inspection request through a standard data acquisition path or not, if so, directly acquiring the data to be inspected, and if not, acquiring the data to be inspected from a corresponding asset information model through a virtualized data acquisition path based on the virtualization definition;
and carrying out automatic safety inspection according to the standard inspection method of the OVAL engine based on the data to be inspected.
7. The automated safety inspection terminal based on asset model of claim 6, characterized by further comprising:
an asset identification engine is additionally arranged in the SCAP;
the acquiring the data to be inspected from the corresponding asset information model through the virtualized data acquisition path based on the virtualization definition comprises:
generating an asset instance corresponding to the data to be inspected through the asset information model based on the virtualization definition;
and identifying the asset instance through the asset identification engine, and acquiring the data to be checked from the asset instance.
8. The asset model-based automated security inspection terminal according to claim 7, wherein the determining whether the OVAL engine can obtain the data to be inspected required by the automated security inspection request through a standard data acquisition path, if so, directly obtaining the data to be inspected, and if not, obtaining the data to be inspected from the corresponding asset information model through a virtualized data acquisition path based on the virtualization definition comprises:
judging whether the data to be inspected required by the automatic safety inspection request can be acquired through an environment object in the OVAL engine, if so, directly acquiring the data to be inspected through the environment object;
if not, generating an asset instance corresponding to the data to be inspected through the asset information model based on the virtualized environment object, and naming the virtualized environment object according to the automatic safety inspection request;
identifying the asset instance through the asset identification engine, and acquiring the data to be checked from the asset instance according to the name of the virtualization environment object;
or judging whether to-be-inspected data required by the automatic safety inspection request can be acquired through an external variable in the OVAL engine, if so, directly acquiring the inspection data through the external variable;
if not, generating an asset instance corresponding to the data to be checked through the asset information model based on the virtualized external variable, and setting the ID of the virtualized external variable according to the automatic safety check request;
and identifying the asset instance through the asset identification engine, and acquiring the data to be checked from the asset instance according to the ID of the virtualized external variable.
9. The asset model-based automated security inspection terminal of claim 7, wherein obtaining the automated security inspection request is followed by:
generating a corresponding checking method according to all checking data required by the automatic safety checking request;
generating an asset instance corresponding to the automatic safety inspection request through the asset information model, identifying the asset type of the asset instance, and determining a corresponding inspection template through the asset type and the inspection method;
acquiring a corresponding CPE expression according to the inspection template, judging whether the asset instance can be detected or not based on the CPE expression, if so, judging whether an OVAL engine can acquire the data to be detected required by the automatic safety inspection request through a standard data acquisition path, and if not, not detecting the asset instance;
the acquiring the data to be inspected from the corresponding asset information model comprises:
interpreting, by an asset identification engine, the CPE expression;
matching a corresponding asset instance based on the interpretation result and a matching specification generated after the CPE engine is matched with the asset information model;
and acquiring the inspection data corresponding to the asset instance through an interface of an asset identification engine.
10. The asset model-based automated security check terminal of claim 6, wherein establishing a virtualization definition in the OVAL is replaced with adding an asset attribute element in the OVAL;
whether the OVAL engine can acquire the data to be inspected required by the automatic safety inspection request through a standard data acquisition path or not is judged, if yes, the data to be inspected are directly acquired, and if not, the data to be inspected are acquired from a corresponding asset information model through a virtualized data acquisition path based on the virtualization definition and are replaced by:
determining the data to be inspected required by the automatic safety inspection request, determining the corresponding asset attribute elements according to the data to be inspected, judging whether the asset attribute elements are the added asset attribute elements, and if so, acquiring the data to be inspected from the corresponding asset information model based on the added asset attribute elements.
CN202110450013.9A 2021-04-25 2021-04-25 Automatic security inspection method and terminal based on asset model Active CN113010901B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110450013.9A CN113010901B (en) 2021-04-25 2021-04-25 Automatic security inspection method and terminal based on asset model

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110450013.9A CN113010901B (en) 2021-04-25 2021-04-25 Automatic security inspection method and terminal based on asset model

Publications (2)

Publication Number Publication Date
CN113010901A true CN113010901A (en) 2021-06-22
CN113010901B CN113010901B (en) 2024-03-01

Family

ID=76380361

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110450013.9A Active CN113010901B (en) 2021-04-25 2021-04-25 Automatic security inspection method and terminal based on asset model

Country Status (1)

Country Link
CN (1) CN113010901B (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103927491A (en) * 2014-04-30 2014-07-16 南方电网科学研究院有限责任公司 Security baseline assessment method based on SCAP
CN108900527A (en) * 2018-07-20 2018-11-27 南京方恒信息技术有限公司 A kind of security configuration check system
CN109063477A (en) * 2018-07-18 2018-12-21 成都链安科技有限公司 A kind of intelligent contract aacode defect detection system and method for automation
CN111104677A (en) * 2019-12-18 2020-05-05 哈尔滨安天科技集团股份有限公司 Vulnerability patch detection method and device based on CPE (customer premise Equipment) specification
CN111819544A (en) * 2018-03-06 2020-10-23 亚马逊科技公司 Pre-deployment security analyzer service for virtual computing resources

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103927491A (en) * 2014-04-30 2014-07-16 南方电网科学研究院有限责任公司 Security baseline assessment method based on SCAP
CN111819544A (en) * 2018-03-06 2020-10-23 亚马逊科技公司 Pre-deployment security analyzer service for virtual computing resources
CN109063477A (en) * 2018-07-18 2018-12-21 成都链安科技有限公司 A kind of intelligent contract aacode defect detection system and method for automation
CN108900527A (en) * 2018-07-20 2018-11-27 南京方恒信息技术有限公司 A kind of security configuration check system
CN111104677A (en) * 2019-12-18 2020-05-05 哈尔滨安天科技集团股份有限公司 Vulnerability patch detection method and device based on CPE (customer premise Equipment) specification

Also Published As

Publication number Publication date
CN113010901B (en) 2024-03-01

Similar Documents

Publication Publication Date Title
US8312440B2 (en) Method, computer program product, and hardware product for providing program individuality analysis for source code programs
US9152731B2 (en) Detecting a broken point in a web application automatic test case
US20120030516A1 (en) Method and system for information processing and test care generation
CN109977670B (en) Android application security monitoring method based on plug-in loading and storage medium
CN111240994A (en) Vulnerability processing method and device, electronic equipment and readable storage medium
US20060101435A1 (en) Detection of code patterns
CN115033894B (en) Software component supply chain safety detection method and device based on knowledge graph
CN112494940B (en) User interface manufacturing method and device, storage medium and computer equipment
CN106295346A (en) A kind of application leak detection method, device and the equipment of calculating
CN115576600A (en) Code change-based difference processing method and device, terminal and storage medium
US20080022263A1 (en) Identifying The Origin Of Application Resources
CN115022026A (en) Block chain intelligent contract threat detection device and method
CN116302930A (en) Application testing method and device
Du et al. Aexpy: Detecting api breaking changes in python packages
CN113760397A (en) Interface call processing method, device, equipment and storage medium
CN113010901B (en) Automatic security inspection method and terminal based on asset model
CN116401145A (en) Source code static analysis processing method and device
CN113052501A (en) Automatic safe operation and maintenance method and terminal based on assets
CN114527993A (en) Application deployment method, device, equipment and medium
CN113807077A (en) Natural language test script parsing processing method and device and electronic equipment
CN113821213A (en) Front-end code detection and restoration method, device and equipment based on artificial intelligence
CN113986767A (en) Automated testing method, system, device and computer readable storage medium
US20090319991A1 (en) Managed code type equivalence
CN111324757B (en) Map data problem processing method and device
CN111881128B (en) Big data regression verification method and big data regression verification device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant