CN113591112A - Operation method and device of property management system - Google Patents
Operation method and device of property management system Download PDFInfo
- Publication number
- CN113591112A CN113591112A CN202110851187.6A CN202110851187A CN113591112A CN 113591112 A CN113591112 A CN 113591112A CN 202110851187 A CN202110851187 A CN 202110851187A CN 113591112 A CN113591112 A CN 113591112A
- Authority
- CN
- China
- Prior art keywords
- property
- data
- execution device
- property execution
- stored
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Bioethics (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Databases & Information Systems (AREA)
- Computer And Data Communications (AREA)
Abstract
The application provides an operation method and device of a property management system, and relates to the technical field of property management. In the present application, a control method of a property management system includes: obtaining corresponding target operation state data based on the acquired operation state data respectively sent by each property execution device, wherein each property execution device is used for sending the formed operation state data to the property management device; determining whether each property execution device is in an abnormal state or not based on the target running state data, wherein the abnormal state is used for representing that the corresponding property execution device has network attack; and for each property execution device in the abnormal state, executing a pre-configured data protection action on the property execution device so as to protect the data stored by the property execution device. Therefore, the problem that large-range leakage of data is easy to occur in the existing property management can be solved.
Description
Technical Field
The application relates to the technical field of property management, in particular to an operation method and device of a property management system.
Background
In the traditional property management, the operation is generally realized completely based on patrol and other operations of property management personnel, so that the property management consumes great manpower, and the precision of the property management is difficult to meet the requirements of people in the modern society. Based on this, in the prior art, with the development of computer technology and internet technology, the intelligent property management can be realized, the precision of property management can be improved, and manpower can be released.
In the existing property management technology, a background server generally processes data obtained by collecting information from property execution devices (such as various information collection or monitoring sensors) at the front end, such as image collection, audio collection, and the like, and then implements corresponding property management according to the processing result, such as personnel safety monitoring, and the like.
However, the inventor researches and discovers that in the existing property management system, the property execution device is easy to be attacked by the network of other network devices, so that the data collected by the property execution device is easy to leak to a large extent due to the network attack.
Disclosure of Invention
In view of the above, an object of the present invention is to provide an operation method and an apparatus for a property management system, so as to solve the problem that large-scale leakage of data is likely to occur in the existing property management.
In order to achieve the above purpose, the embodiment of the present application adopts the following technical solutions:
an operation method of a property management system is applied to property management equipment, the property management equipment is in communication connection with a plurality of property execution equipment, and the control method of the property management system comprises the following steps:
obtaining corresponding target operation state data based on the acquired operation state data respectively sent by each property execution device, wherein each property execution device is used for sending the formed operation state data to the property management device;
determining whether each property execution device is in an abnormal state or not based on the target running state data, wherein the abnormal state is used for representing that the corresponding property execution device is attacked by a network;
and for each property execution device in the abnormal state, executing a pre-configured data protection action on the property execution device so as to protect the data stored by the property execution device.
In some preferred embodiments, in the operation method of the property management system, the step of determining whether each of the property execution devices is in an abnormal state based on the target operation state data includes:
for each property execution device, determining whether the data stored by the property execution device is subjected to network attack or not based on target running state data corresponding to the property execution device;
for each property execution device of which the stored data is subjected to network attack, determining that the property execution device is in an abnormal state;
and for each property execution device of which the stored data is not subjected to network attack, determining that the property execution device is not in an abnormal state.
In some preferred embodiments, in the operation method of the property management system, the step of determining, for each of the property execution devices, whether data stored in the property execution device is attacked by a network attack based on target operation state data corresponding to the property execution device includes:
for each property execution device, determining whether the data stored by the property execution device is accessed by other network devices based on the target running state data corresponding to the property execution device;
for each property execution device of which the stored data is accessed by other network devices, performing security verification processing on the other network devices accessing the data stored by the property execution device;
for each property execution device with stored data accessed by other network devices, if the other network devices accessing the data stored by the property execution device pass the security verification processing, determining that the data stored by the property execution device is not subjected to network attack;
for each property execution device with stored data accessed by other network devices, if the other network devices accessing the data stored by the property execution device do not pass the security verification processing, determining that the data stored by the property execution device is subjected to network attack.
In some preferred embodiments, in the operation method of the property management system, for each property execution device whose stored data is accessed by another network device, the step of performing security verification processing on the another network device that accesses the data stored by the property execution device includes:
for each property execution device whose stored data is accessed by other network devices, determining whether the other network devices accessing the data stored by each of the property execution devices are the same;
for each property execution device with stored data accessed by other network devices, if the other network devices accessing the data stored by each property execution device are different, determining that the other network devices accessing the data stored by each property execution device pass security verification processing;
for each property execution device with stored data accessed by other network devices, if at least two other network devices which are the same exist in the other network devices accessing the data stored in each property execution device, determining whether the at least two other network devices belong to a preset device information list, and when the at least two other network devices belong to the device information list, determining that the other network devices accessing the data stored in each property execution device pass security verification processing, and when the at least two other network devices do not belong to the device information list, determining that the other network devices accessing the data stored in each property execution device do not pass security verification processing.
In some preferred embodiments, in the operation method of the property management system, the step of determining, for each of the property execution devices, whether data stored in the property execution device is attacked by a network attack based on target operation state data corresponding to the property execution device further includes:
and for each property execution device of which the stored data is not accessed by other network devices, determining that the data stored by the property execution device is not subjected to network attack.
In some preferred embodiments, in the operation method of the property management system, the step of executing, by the property execution device, a pre-configured data protection action on the property execution device for each property execution device in an abnormal state to protect data stored in the property execution device includes:
for each property execution device in an abnormal state, generating data deletion control information, and sending the data deletion control information to the property execution device, wherein the property execution device is used for sending stored data to the property management device based on the data deletion control information and deleting the data stored by the property execution device;
and for each property execution device in an abnormal state, generating first data encryption control information, and sending the first data encryption control information to the property execution device, wherein the property execution device is used for encrypting data acquired and stored later based on the first data encryption control information, and storing the encrypted data.
In some preferred embodiments, in the operation method of the property management system, after the step of determining whether each of the property execution devices is in an abnormal state based on the target operation state data is performed, the operation method of the property management system further includes:
and for each property execution device which is not in an abnormal state, generating second data encryption control information, and sending the second data encryption control information to the property execution device, wherein the property execution device is used for encrypting currently stored data and data collected and stored later on based on the second data encryption control information, and storing the encrypted data.
The application still provides a property management system's running device, is applied to property management equipment, property management equipment communication connection has a plurality of properties to carry out equipment, property management system's controlling means includes:
the property management device comprises an operation state data acquisition module, a property management device and a property management device, wherein the operation state data acquisition module is used for acquiring corresponding target operation state data based on the acquired operation state data respectively sent by each property execution device;
the device abnormal state determining module is used for determining whether each property execution device is in an abnormal state or not based on the target running state data, wherein the abnormal state is used for representing that the corresponding property execution device suffers from network attack;
and the data protection action execution module is used for executing a pre-configured data protection action on each property execution device in an abnormal state so as to protect the data stored by the property execution device.
In some preferred embodiments, in the operation device of the property management system, the device abnormal state determination module includes:
the network attack determining unit is used for determining whether the data stored by the property executing equipment is attacked by a network attack or not according to the target running state data corresponding to the property executing equipment aiming at each property executing equipment;
a first state determination unit configured to determine that the property execution device is in an abnormal state for each of the property execution devices whose stored data has been subjected to a network attack;
and the second state determining unit is used for determining that the property executing equipment is not in an abnormal state for each property executing equipment of which the stored data is not subjected to network attack.
In some preferred embodiments, in the running device of the property management system, the data protection action execution module includes:
the first information processing unit is used for generating data deletion control information for each property execution device in an abnormal state and sending the data deletion control information to the property execution device, wherein the property execution device is used for sending stored data to the property management device based on the data deletion control information and deleting the data stored by the property execution device;
and the second information processing unit is used for generating first data encryption control information for each property execution device in an abnormal state, and sending the first data encryption control information to the property execution device, wherein the property execution device is used for encrypting data acquired and stored later based on the first data encryption control information, and storing the encrypted data.
According to the operation method and device of the property management system, after the corresponding target operation state data are obtained based on the operation state data respectively sent by each property execution device, whether each property execution device is in an abnormal state is determined based on the target operation state data, and the pre-configured data protection action is executed on each property execution device in the abnormal state, so that the data stored by the property execution device can be protected, the problem that the data stored by the property execution device is continuously illegally obtained to increase the data leakage range is avoided, and the problem that the data is easily leaked in a large range in the existing property management is further improved.
In order to make the aforementioned objects, features and advantages of the present application more comprehensible, preferred embodiments accompanied with figures are described in detail below.
Drawings
Fig. 1 is a schematic block diagram of an application of a property management device according to an embodiment of the present application.
Fig. 2 is a schematic flowchart illustrating steps included in an operation method of the property management system according to an embodiment of the present application.
Fig. 3 is a block diagram illustrating modules included in an operating apparatus of a property management system according to an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all the embodiments. The components of the embodiments of the present application, generally described and illustrated in the figures herein, can be arranged and designed in a wide variety of different configurations.
Thus, the following detailed description of the embodiments of the present application, presented in the accompanying drawings, is not intended to limit the scope of the claimed application, but is merely representative of selected embodiments of the application. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
As shown in fig. 1, an embodiment of the present application provides a property management device. Wherein the property management device may include a memory and a processor.
In detail, the memory and the processor are electrically connected directly or indirectly to realize data transmission or interaction. For example, they may be electrically connected to each other via one or more communication buses or signal lines. The memory can have stored therein at least one software function (computer program) which can be present in the form of software or firmware. The processor may be configured to execute the executable computer program stored in the memory, so as to implement the operation method of the property management system provided by the embodiment of the present application (described later).
It will be appreciated that in an alternative example, the property management device may be a server with data processing capabilities, such as for:
obtaining corresponding target operation state data based on the acquired operation state data respectively sent by each property execution device, wherein each property execution device is used for sending the formed operation state data to the property management device; determining whether each property execution device is in an abnormal state or not based on the target running state data, wherein the abnormal state is used for representing that the corresponding property execution device has network attack; and for each property execution device in the abnormal state, executing a pre-configured data protection action on the property execution device so as to protect the data stored by the property execution device.
With reference to fig. 2, an embodiment of the present application further provides an operation method of a property management system, which is applicable to the property management device. The method steps defined by the flow related to the operation method of the property management system can be realized by the property management device.
The specific process shown in FIG. 2 will be described in detail below.
Step S10, obtaining corresponding target operation state data based on the acquired operation state data respectively sent by each property execution device.
In this embodiment, the property management device may obtain corresponding target operation state data based on the acquired operation state data respectively sent by each of the property execution devices.
The property management device is in communication connection with a plurality of property execution devices, and each property execution device is used for sending formed running state data to the property management device.
Step S20, determining whether each property execution device is in an abnormal state based on the target operation state data.
In this embodiment, after obtaining the target operation state data, the property management device may determine, based on the target operation state data, whether each property execution device is in an abnormal state, where the abnormal state is used to represent that the corresponding property execution device is under a network attack (i.e., has been under a network attack in a historical period).
Step S30, for each property execution device in the abnormal state, executing a pre-configured data protection action on the property execution device.
In this embodiment, after determining that the property execution device is in an abnormal state, the property management device may execute a pre-configured data protection action on each property execution device in the abnormal state, so as to protect data stored in the property execution device.
Based on the method, after the corresponding target running state data is obtained based on the running state data of each property execution device, whether each property execution device is in an abnormal state is determined based on the target running state data, and a pre-configured data protection action is executed on each property execution device in the abnormal state, so that the data stored by the property execution device can be protected, the problem that the data leakage range is increased due to the fact that the data stored by the property execution device is continuously illegally obtained is solved, and the problem that the data is easily leaked in a large range in the existing property management is further improved.
For example, in an alternative example, step S10 may include sub-step S11, sub-step S12, and sub-step S13, as described below.
And a substep S11 of judging whether the operation data acquisition request information of the property equipment is acquired or not.
In this embodiment, the property management device may determine whether the property management device has acquired the property device operation data acquisition request information, and if the property management device has acquired the property device operation data acquisition request information, may perform subsequent steps.
And a substep S12 of generating property equipment operation data acquisition information, and sending the property equipment operation data acquisition information to each property execution device in communication connection with the property management device.
In this embodiment, after the property management device obtains the property management device operation data acquisition request information, the property management device may generate property management device operation data acquisition information, and then send the property management device operation data acquisition information to each property execution device in communication connection with the property management device. The property management device is in communication connection with a plurality of property execution devices (sensors for acquiring information), and each property execution device is used for sending formed running state data to the property management device based on the property management device running data acquisition information.
And a substep S13, obtaining the operation state data respectively sent by each property execution device, and obtaining corresponding target operation state data.
In this embodiment, after the property management device sends the property equipment operation data acquisition information to each of the property execution devices, the property management device may obtain operation state data sent by each of the property execution devices based on the property equipment operation data acquisition information, so as to obtain corresponding target operation state data.
Based on the method, after the property equipment operation data acquisition request information is acquired, each property execution equipment capable of requesting communication connection sends the formed operation state data to the property management equipment (for example, the property equipment operation data acquisition information is sent), so that the property management equipment can acquire the corresponding target operation state data, and can be utilized in subsequent applications, such as the fields of equipment safety, data safety and the like, so that the full utilization of data resources is realized, and the problem of resource waste of a property management system in the prior art is further solved.
For example, in an alternative example, sub-step S11 may include the following sub-steps:
substep 1, monitoring at least one pre-configured target information receiving port (a computer program port, such as API) to determine whether there is a property execution device exception report message sent by a user terminal device to the at least one target information receiving port (for example, if a user finds that the property execution device is running abnormally, the property execution device exception report message may be sent by a corresponding user terminal device), wherein the property management device is in communication connection with each of the plurality of user terminal devices through the at least one target information receiving port, respectively;
substep 2, if it is determined that at least one user terminal device sends property execution device exception report information to the target information receiving port, determining to obtain property device operation data acquisition request information (i.e. the property execution device exception report information is used as property device operation data acquisition request information or is used as a trigger instruction of the property device operation data acquisition request information);
and substep 3, if determining that at least one user terminal device does not send property execution device exception report information to the target information receiving port, determining that the property device operation data acquisition request information is not obtained.
It is understood that in the sub-step 3 included in the above sub-step S11, in order to further improve the accuracy of data acquisition, in an alternative example, the following sub-steps may be included:
firstly, if it is determined that at least one user terminal device does not send property execution device exception report information to the target information receiving port, determining the time for obtaining historical property device operation data acquisition request information last time to obtain corresponding first historical time;
secondly, determining whether a time difference value between the first historical time and the current time is greater than a predetermined first time difference value threshold value, wherein the first time difference value threshold value is generated based on the operation of the property management equipment responding to the corresponding property management user;
then, if the time difference between the first historical time and the current time is greater than or equal to the first time difference threshold, determining to acquire the operation data acquisition request information of the property equipment;
and finally, if the time difference between the first historical time and the current time is smaller than the first time difference threshold, determining that the operation data acquisition request information of the property equipment is not acquired.
For example, in an alternative example, sub-step S12 may include the following sub-steps:
substep 1, if the property equipment operation data acquisition request information is acquired, generating first property equipment operation data acquisition information, and sending the first property equipment operation data acquisition information to each property execution device in communication connection with the property management device, wherein each property execution device is used for sending first operation state data formed in a target time period to the property management device based on the first property equipment operation data acquisition information, the time length of the target time period is a first preset time (such as 1 hour), and the time ending point of the target time period is the time when the property equipment operation data acquisition request information is acquired;
substep 2, acquiring the first operation state data sent by each property execution device (based on the first property device operation data acquisition information);
a substep 3, determining first probability information corresponding to a plurality of property execution devices based on the first operation state data sent by each of the property execution devices (for example, for each of the property execution devices, determining whether the property execution device belongs to abnormal operation based on the corresponding first operation state data, and then obtaining the first probability information based on a proportion of the property execution device belonging to abnormal operation, for example, using the proportion as the first probability information), wherein the first probability information is used for representing the probability that the property execution devices belong to abnormal operation;
a substep 4 of determining a magnitude relationship between the first probability information and predetermined first probability threshold information generated based on an operation performed by the property management apparatus in response to a corresponding property management user;
and a substep 5, if the first probability information is less than or equal to the first probability threshold information, determining that the property execution devices do not operate abnormally, wherein when the step of obtaining the operation state data sent by each property execution device to obtain the corresponding target operation state data is executed, the first operation state data is used as the obtained operation state data.
For example, in an alternative example, the sub-step S12 may further include the sub-steps of:
substep 6, if said first probability information is greater than said first probability threshold information, determining that a plurality of said property execution devices belong to abnormal operation and determining at least one historical time segment (the same time segment of previous, second, third, etc. days) having an association with said target time segment;
substep 7, generating second business equipment operation data acquisition information based on the at least one historical time period, and sending the second business equipment operation data acquisition information to each property execution equipment in communication connection with the property management equipment, wherein each property execution equipment is used for sending second operation state data formed in each historical time period to the property management equipment based on the second business equipment operation data acquisition information;
and substep 8, acquiring the second operation state data sent by each property execution device, wherein when the step of acquiring the operation state data sent by each property execution device to obtain corresponding target operation state data is executed, the first operation state data and the second operation state data are used as the acquired operation state data.
For example, in an alternative example, sub-step S13 may include the following sub-steps:
substep 1, obtaining operation state data respectively sent by each property execution device, so as to obtain a plurality of corresponding operation state data;
and substep 2, performing screening processing on the acquired operation state data to obtain corresponding target operation state data (for example, screening at least one operation state data meeting the requirement from the obtained plurality of operation state data as the target operation state data).
It is understood that in the sub-step 2 included in the above sub-step S13, in order to guarantee the accuracy of data screening, in an alternative example, the following sub-steps may be included:
and aiming at each property execution device, executing target screening operation on the running state data corresponding to the property execution device to obtain target running state data corresponding to the running state data.
Wherein the target screening operation may include:
firstly, sequentially dividing the running state data corresponding to the property execution equipment into a plurality of pieces of running state subdata according to a time period, wherein each piece of running state subdata is used for representing the running state of the property execution equipment in the corresponding time period (for example, in a certain time period, the task execution amount of a processor, or in a certain time period, the data acquisition frequency, or in a certain time period, the data acquisition equipment angle, or in a certain time period, whether the data is accessed or not);
and secondly, screening the plurality of pieces of operation state subdata to obtain at least one screened operation state subdata, and determining the at least one screened operation state subdata as target operation state data corresponding to the operation state data.
It is understood that, in an alternative example, the plurality of pieces of operation state sub data may be subjected to the filtering process based on the following steps:
firstly, sequencing the plurality of pieces of operation state subdata according to the sequence relation (time sequence relation) of the corresponding time period to obtain a corresponding data set, wherein each piece of operation state subdata in the data set is sequenced according to a determined sequence (time sequence order);
secondly, performing sliding window on the data set based on a predetermined first data quantity (such as 10, 50, 100, and the like) to obtain a plurality of data subsets corresponding to the data set, wherein the quantity of the operation state sub-data included in each data subset is the first data quantity, and each operation state sub-data in the data subsets is sorted according to a determined sequence (time sequence);
then, for each data subset, respectively forming a subset pair by the data subset and each other data subset to obtain at least one subset pair corresponding to the data subset, and taking the data subset as a target subset in each subset pair;
then, for each target subset, taking each piece of operation state sub-data in the target subset as a first piece of operation state sub-data, and constructing a data comparison subset based on each piece of operation state sub-data after the first piece of operation state sub-data to obtain a plurality of data comparison subsets corresponding to the target subset, wherein the number of operation state sub-data included in each data comparison subset in the plurality of data comparison subsets is different, and is sequentially decreased, and is greater than or equal to a first preset number (such as 2, 3, 4, and the like);
then, for each of the target subsets, determining a set correlation based on each data comparison subset corresponding to the target subset and a set correlation between the subset and another data subset in the corresponding subset pair (since the subsets are ordered sets, the set correlation may be determined based on whether the operation state sub-data at the corresponding position is the same, where the larger the number of the operation state sub-data at the same corresponding position is, the higher the corresponding set correlation is), and determining a representative value of the set correlation corresponding to the target subset (for example, taking a maximum value, a mean value, a median value, a minimum value, or the like as the representative value);
then, for each of the data subsets, determining a target representative value of the data subset based on the data subset as a representative value of a set correlation degree of the target subset with another data subset in each corresponding subset pair (for example, taking a maximum value, a mean value, a median value, a minimum value, or the like of the representative values as the target representative value);
finally, the plurality of data subsets are sorted based on the magnitude relation among the target representative values, and at least one data subset is sorted based on the sorting result (for example, a certain number of data subsets with the smallest target representative values can be sorted, and the data included in the subsets can represent an abnormality to a certain extent), so that the operation state sub-data included in the sorted at least one data subset is determined as the target operation state data corresponding to the operation state data.
For example, in an alternative example, step S20 may include the steps of:
substep 1, aiming at each property execution device, determining whether the data stored by the property execution device is attacked by a network based on the target running state data corresponding to the property execution device;
substep 2, for each property execution device whose stored data is attacked by the network attack, determining that the property execution device is in an abnormal state;
and substep 3, for each property execution device of which the stored data is not subjected to network attack, determining that the property execution device is not in an abnormal state.
It is understood that in an alternative example, the sub-step 1 included in the step S20 may include the following sub-steps:
firstly, for each property execution device, determining whether data stored in the property execution device is accessed by other network devices based on target operation state data corresponding to the property execution device (the target operation state data may be log data, and records information whether the data is accessed or not);
secondly, for each property execution device of which the stored data is accessed by other network devices, performing security verification processing on other network devices accessing the data stored by the property execution device;
then, for each property execution device of which the stored data is accessed by other network devices, if the other network devices accessing the data stored by the property execution device pass the security verification processing, determining that the data stored by the property execution device is not attacked by the network;
and finally, for each property execution device of which the stored data is accessed by other network devices, if the other network devices accessing the data stored by the property execution device do not pass the security verification processing, determining that the data stored by the property execution device is attacked by the network.
And in an alternative example, for each property execution device whose stored data is not accessed by other network devices, determining that the data stored by the property execution device is not attacked by the network.
It is understood that in an alternative example, the security authentication process may be performed on each property execution device corresponding to the property execution device, where the stored data is accessed by other network devices, based on the following steps:
first, for each property execution device whose stored data is accessed by other network devices, determining whether other network devices accessing the data stored by each of the property execution devices are the same (i.e., determining whether the same other network device is accessing the data stored by each of the property execution devices);
secondly, for each property execution device of which the stored data is accessed by other network devices, if the other network devices accessing the data stored by each property execution device are different, determining that the other network devices accessing the data stored by each property execution device pass security verification processing;
then, for each property execution device whose stored data is accessed by other network devices, if there are at least two other network devices that are the same in the other network devices accessing the data stored in each property execution device, it is determined whether the at least two other network devices belong to a preset device information list (which may be understood as a white list), and when the at least two other network devices belong to the device information list, it is determined that all the other network devices accessing the data stored in each property execution device pass security verification processing, and when the at least two other network devices do not belong to the device information list, it is determined that all the other network devices accessing the data stored in each property execution device do not pass security verification processing.
For example, in an alternative example, step S30 may include the steps of:
substep 1, for each property execution device in an abnormal state, generating data deletion control information, and sending the data deletion control information to the property execution device, wherein the property execution device is used for sending stored data to the property management device based on the data deletion control information, and deleting the data stored by the property execution device;
and substep 2, for each property execution device in an abnormal state, generating first data encryption control information, and sending the first data encryption control information to the property execution device, wherein the property execution device is used for encrypting data collected and stored later based on the first data encryption control information, and storing the encrypted data.
It is to be understood that, on the basis of the above example, in order to further improve the security of the data, after the step S20 is executed, the method for operating the property management system may further include:
and for each property execution device which is not in an abnormal state, generating second data encryption control information, and sending the second data encryption control information to the property execution device, wherein the property execution device is used for encrypting currently stored data and data collected and stored later on based on the second data encryption control information, and storing the encrypted data.
It is understood that the encryption security corresponding to the second data encryption control information may be lower than the encryption security corresponding to the first data encryption control information.
With reference to fig. 3, an embodiment of the present application further provides an operating device of a property management system, which is applicable to the property management device. The operation device of the property management system may include an operation state data obtaining module, an equipment abnormal state determining module, and a data protection action executing module.
In detail, the operation state data obtaining module may be configured to obtain corresponding target operation state data based on the obtained operation state data respectively sent by each property execution device, where each property execution device is configured to send the formed operation state data to the property management device, as in step S10 described above. The device abnormal state determination module may be configured to determine whether each property execution device is in an abnormal state based on the target operation state data, where the abnormal state is used to characterize that the corresponding property execution device is under a network attack, as in the foregoing step S20. The data protection action execution module may be configured to, for each property execution device in the abnormal state, execute a preconfigured data protection action on the property execution device to protect data stored in the property execution device, as in step S30 described above.
For example, in an alternative example, the device abnormal state determination module includes a network attack determination unit, a first state determination unit, and a second state determination unit.
In detail, the network attack determination unit may be configured to determine, for each of the property execution devices, whether data stored by the property execution device is attacked by a network attack based on target operation state data corresponding to the property execution device. The first state determination unit may be configured to determine, for each property execution device whose stored data is subjected to a network attack, that the property execution device is in an abnormal state. The second state determination unit may be configured to determine, for each property execution device whose stored data has not been subjected to a network attack, that the property execution device is not in an abnormal state.
For example, in an alternative example, the data protection action execution module includes a first information processing unit and a second information processing unit.
In detail, the first information processing unit may be configured to generate data deletion control information for each property execution device in an abnormal state, and send the data deletion control information to the property execution device, where the property execution device is configured to send stored data to the property management device based on the data deletion control information, and delete the data stored by the property execution device. The second information processing unit may be configured to generate first data encryption control information for each property execution device in an abnormal state, and send the first data encryption control information to the property execution device, where the property execution device is configured to encrypt data acquired and stored later based on the first data encryption control information, and store the encrypted data.
In summary, according to the operation method and apparatus of the property management system provided by the present application, after obtaining corresponding target operation state data based on the operation state data respectively sent by each property execution device, it is determined whether each property execution device is in an abnormal state based on the target operation state data, so as to execute a pre-configured data protection action on each property execution device in the abnormal state, so that the data stored in the property execution device can be protected, thereby avoiding the problem that the data stored in the property execution device is continuously illegally obtained to increase the data leakage range, and further improving the problem that the data is easily leaked in a larger range in the existing property management.
The above description is only a preferred embodiment of the present application and is not intended to limit the present application, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, improvement and the like made within the spirit and principle of the present application shall be included in the protection scope of the present application.
Claims (10)
1. An operation method of a property management system is applied to property management equipment, the property management equipment is in communication connection with a plurality of property execution equipment, and the control method of the property management system comprises the following steps:
obtaining corresponding target operation state data based on the acquired operation state data respectively sent by each property execution device, wherein each property execution device is used for sending the formed operation state data to the property management device;
determining whether each property execution device is in an abnormal state or not based on the target running state data, wherein the abnormal state is used for representing that the corresponding property execution device is attacked by a network;
and for each property execution device in the abnormal state, executing a pre-configured data protection action on the property execution device so as to protect the data stored by the property execution device.
2. The method of claim 1, wherein the step of determining whether each of the property execution devices is in an abnormal state based on the target operational state data comprises:
for each property execution device, determining whether the data stored by the property execution device is subjected to network attack or not based on target running state data corresponding to the property execution device;
for each property execution device of which the stored data is subjected to network attack, determining that the property execution device is in an abnormal state;
and for each property execution device of which the stored data is not subjected to network attack, determining that the property execution device is not in an abnormal state.
3. The operation method of the property management system according to claim 2, wherein the step of determining, for each of the property execution devices, whether the data stored in the property execution device is attacked by a network attack based on the target operation state data corresponding to the property execution device includes:
for each property execution device, determining whether the data stored by the property execution device is accessed by other network devices based on the target running state data corresponding to the property execution device;
for each property execution device of which the stored data is accessed by other network devices, performing security verification processing on the other network devices accessing the data stored by the property execution device;
for each property execution device with stored data accessed by other network devices, if the other network devices accessing the data stored by the property execution device pass the security verification processing, determining that the data stored by the property execution device is not subjected to network attack;
for each property execution device with stored data accessed by other network devices, if the other network devices accessing the data stored by the property execution device do not pass the security verification processing, determining that the data stored by the property execution device is subjected to network attack.
4. The method of claim 3, wherein the step of performing, for each of the property execution devices whose stored data is accessed by other network devices, security verification processing on the other network devices that access the data stored by the property execution device comprises:
for each property execution device whose stored data is accessed by other network devices, determining whether the other network devices accessing the data stored by each of the property execution devices are the same;
for each property execution device with stored data accessed by other network devices, if the other network devices accessing the data stored by each property execution device are different, determining that the other network devices accessing the data stored by each property execution device pass security verification processing;
for each property execution device with stored data accessed by other network devices, if at least two other network devices which are the same exist in the other network devices accessing the data stored in each property execution device, determining whether the at least two other network devices belong to a preset device information list, and when the at least two other network devices belong to the device information list, determining that the other network devices accessing the data stored in each property execution device pass security verification processing, and when the at least two other network devices do not belong to the device information list, determining that the other network devices accessing the data stored in each property execution device do not pass security verification processing.
5. The operation method of the property management system according to claim 3, wherein the step of determining, for each of the property execution devices, whether the data stored in the property execution device is attacked by a network based on the target operation state data corresponding to the property execution device further comprises:
and for each property execution device of which the stored data is not accessed by other network devices, determining that the data stored by the property execution device is not subjected to network attack.
6. The method according to claim 1, wherein the step of executing, for each property execution device in the abnormal state, a pre-configured data protection action on the property execution device to protect data stored in the property execution device includes:
for each property execution device in an abnormal state, generating data deletion control information, and sending the data deletion control information to the property execution device, wherein the property execution device is used for sending stored data to the property management device based on the data deletion control information and deleting the data stored by the property execution device;
and for each property execution device in an abnormal state, generating first data encryption control information, and sending the first data encryption control information to the property execution device, wherein the property execution device is used for encrypting data acquired and stored later based on the first data encryption control information, and storing the encrypted data.
7. The method of operating a property management system according to any one of claims 1 to 6, wherein after the step of determining whether each of the property execution devices is in an abnormal state based on the target operation state data is performed, the method of operating a property management system further comprises:
and for each property execution device which is not in an abnormal state, generating second data encryption control information, and sending the second data encryption control information to the property execution device, wherein the property execution device is used for encrypting currently stored data and data collected and stored later on based on the second data encryption control information, and storing the encrypted data.
8. The utility model provides an operation device of property management system which characterized in that is applied to property management equipment, property management equipment communication connection has a plurality of property execution devices, property management system's controlling means includes:
the property management device comprises an operation state data acquisition module, a property management device and a property management device, wherein the operation state data acquisition module is used for acquiring corresponding target operation state data based on the acquired operation state data respectively sent by each property execution device;
the device abnormal state determining module is used for determining whether each property execution device is in an abnormal state or not based on the target running state data, wherein the abnormal state is used for representing that the corresponding property execution device suffers from network attack;
and the data protection action execution module is used for executing a pre-configured data protection action on each property execution device in an abnormal state so as to protect the data stored by the property execution device.
9. The apparatus for operating a property management system according to claim 8, wherein the device abnormal state determining module comprises:
the network attack determining unit is used for determining whether the data stored by the property executing equipment is attacked by a network attack or not according to the target running state data corresponding to the property executing equipment aiming at each property executing equipment;
a first state determination unit configured to determine that the property execution device is in an abnormal state for each of the property execution devices whose stored data has been subjected to a network attack;
and the second state determining unit is used for determining that the property executing equipment is not in an abnormal state for each property executing equipment of which the stored data is not subjected to network attack.
10. The apparatus for operating a property management system according to claim 8, wherein the data protection action execution module comprises:
the first information processing unit is used for generating data deletion control information for each property execution device in an abnormal state and sending the data deletion control information to the property execution device, wherein the property execution device is used for sending stored data to the property management device based on the data deletion control information and deleting the data stored by the property execution device;
and the second information processing unit is used for generating first data encryption control information for each property execution device in an abnormal state, and sending the first data encryption control information to the property execution device, wherein the property execution device is used for encrypting data acquired and stored later based on the first data encryption control information, and storing the encrypted data.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110851187.6A CN113591112A (en) | 2021-07-27 | 2021-07-27 | Operation method and device of property management system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110851187.6A CN113591112A (en) | 2021-07-27 | 2021-07-27 | Operation method and device of property management system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113591112A true CN113591112A (en) | 2021-11-02 |
Family
ID=78250420
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110851187.6A Withdrawn CN113591112A (en) | 2021-07-27 | 2021-07-27 | Operation method and device of property management system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113591112A (en) |
-
2021
- 2021-07-27 CN CN202110851187.6A patent/CN113591112A/en not_active Withdrawn
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11792229B2 (en) | AI-driven defensive cybersecurity strategy analysis and recommendation system | |
| CN111092852B (en) | Network security monitoring method, device, equipment and storage medium based on big data | |
| CN111274583A (en) | Big data computer network safety protection device and control method thereof | |
| CN108471429B (en) | Network attack warning method and system | |
| CN108881265B (en) | Network attack detection method and system based on artificial intelligence | |
| US20220201042A1 (en) | Ai-driven defensive penetration test analysis and recommendation system | |
| WO2014142791A1 (en) | Event correlation based on confidence factor | |
| CN112926048B (en) | Abnormal information detection method and device | |
| CN113111951B (en) | Data processing method and device | |
| WO2021216163A2 (en) | Ai-driven defensive cybersecurity strategy analysis and recommendation system | |
| CN111464513A (en) | Data detection method, device, server and storage medium | |
| CN112769851A (en) | Mimicry defense system based on Internet of vehicles | |
| CN114598512A (en) | Honeypot-based network security guarantee method and device and terminal equipment | |
| CN116305155A (en) | Program safety detection protection method, device, medium and electronic equipment | |
| CN114785567A (en) | Traffic identification method, device, equipment and medium | |
| CN113672912A (en) | Network security monitoring system based on computer hardware indication and behavior analysis | |
| Lee et al. | ATMSim: An anomaly teletraffic detection measurement analysis simulator | |
| CN113591112A (en) | Operation method and device of property management system | |
| CN114760083B (en) | Method, device and storage medium for issuing attack detection file | |
| CN113691498A (en) | Electric power internet of things terminal safety state evaluation method and device and storage medium | |
| CN112699369A (en) | Method and device for detecting abnormal login through stack backtracking | |
| CN114154160B (en) | Container cluster monitoring method and device, electronic equipment and storage medium | |
| CN117376030B (en) | Flow anomaly detection method, device, computer equipment and readable storage medium | |
| CN116070268B (en) | Privacy data identification monitoring method, device and equipment | |
| CN113592284A (en) | Operation data acquisition method and device of property management system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WW01 | Invention patent application withdrawn after publication |
Application publication date: 20211102 |
|
| WW01 | Invention patent application withdrawn after publication |