CN115935389A - Personal sensitive information protection method and device, electronic equipment and storage medium - Google Patents

Personal sensitive information protection method and device, electronic equipment and storage medium Download PDF

Info

Publication number
CN115935389A
CN115935389A CN202211569522.4A CN202211569522A CN115935389A CN 115935389 A CN115935389 A CN 115935389A CN 202211569522 A CN202211569522 A CN 202211569522A CN 115935389 A CN115935389 A CN 115935389A
Authority
CN
China
Prior art keywords
sensitive information
personal sensitive
current user
personal
protection system
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211569522.4A
Other languages
Chinese (zh)
Inventor
陈静
刘洪军
徐上钧
何丽娟
潘鑫
梁劲前
莫东科
陈裕杰
陈邦杰
骆海林
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Digital Guangdong Network Construction Co Ltd
Original Assignee
Digital Guangdong Network Construction Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Digital Guangdong Network Construction Co Ltd filed Critical Digital Guangdong Network Construction Co Ltd
Priority to CN202211569522.4A priority Critical patent/CN115935389A/en
Publication of CN115935389A publication Critical patent/CN115935389A/en
Pending legal-status Critical Current

Links

Images

Abstract

The application discloses a personal sensitive information protection method, a personal sensitive information protection device, electronic equipment and a storage medium; the method comprises the following steps: receiving a user registration request sent by a current user through an application program through a personal sensitive information protection system; if the personal sensitive information of the current user does not exist in the personal sensitive information protection system, the personal sensitive information of the current user is encrypted, and the encrypted personal sensitive information of the current user is stored in the personal sensitive information protection system and is stored in the backup device. According to the embodiment of the application, the personal sensitive information can be stored in the special hardware equipment, and the encryption protection is carried out on the personal sensitive information in the hardware equipment by adopting an encryption algorithm with a high security standard, so that the confidentiality and the integrity of data are ensured; meanwhile, only limited services such as addition, verification, modification and the like are provided externally, and the personal sensitive information is ensured not to be accessed and modified by unauthorized, so that the risk of leakage of the personal sensitive information is avoided.

Description

Personal sensitive information protection method and device, electronic equipment and storage medium
Technical Field
The embodiment of the application relates to the technical field of internet, in particular to a method and a device for protecting personal sensitive information, electronic equipment and a storage medium.
Background
With the wider and wider application of the internet, the data security requirements of people on computers are also continuously improved, and the security of personal information is more and more emphasized by relevant administrative units. More and more personal sensitive information such as identity card numbers, electronic mailboxes, mobile phone numbers, passwords and the like are stored on internet websites. However, the ways and categories for the personal sensitive information of the user to be leaked are increasing, and the behavior of a malicious hacker for stealing the personal sensitive information of the user is endless, so that the personal sensitive information of the user cannot be effectively protected.
Personal sensitive information and account data of the existing government affair cloud service system are stored in a standard database, once a website of the government affair information system exposed in the internet environment is controlled by a hacker to be broken, private data of the whole account of the website can be downloaded to the local easily, and particularly, personal sensitive information is not encrypted by some service systems and is directly stored in the database in a plaintext mode; some algorithms that use encryption are too simple to allow the user's personal sensitive information to be revealed. As can be seen from the many serious Internet account information leakage events in recent years, the existing technology cannot avoid the problem that personal sensitive information is leaked due to the fact that a website is invaded.
Disclosure of Invention
The application provides a personal sensitive information protection method, a personal sensitive information protection device, an electronic device and a storage medium, wherein the personal sensitive information is stored in a special hardware device, and the personal sensitive information is encrypted and protected by adopting an encryption algorithm with a high security standard in the hardware device, so that the confidentiality and the integrity of data are ensured; meanwhile, limited services such as addition, verification, modification and the like are externally provided, and the personal sensitive information is prevented from being accessed and modified by unauthorized, so that the risk of personal sensitive information leakage is avoided.
In a first aspect, an embodiment of the present application provides a method for protecting personal sensitive information, where the method includes:
receiving a user registration request sent by a current user through an application program through a personal sensitive information protection system; the user registration request carries personal sensitive information of the current user;
judging whether the personal sensitive information of the current user exists in the personal sensitive information protection system;
if the personal sensitive information of the current user does not exist in the personal sensitive information protection system, the personal sensitive information of the current user is stored in the personal sensitive information protection system, and the personal sensitive information of the current user is synchronized to a backup device.
In a second aspect, an embodiment of the present application further provides a personal sensitive information protection device, where the device includes: the device comprises a receiving module, a judging module and a storage module; wherein the content of the first and second substances,
the receiving module is used for receiving a user registration request sent by a current user through an application program through the personal sensitive information protection system; the user registration request carries personal sensitive information of the current user;
the judging module is used for judging whether the personal sensitive information of the current user exists in the personal sensitive information protection system;
the storage module is configured to, if the personal sensitive information of the current user does not exist in the personal sensitive information protection system, store the personal sensitive information of the current user in the personal sensitive information protection system, and synchronize the personal sensitive information of the current user to a backup device.
In a third aspect, an embodiment of the present application provides an electronic device, including:
one or more processors;
a memory for storing one or more programs,
when the one or more programs are executed by the one or more processors, the one or more processors are enabled to implement the personal sensitive information protection method according to any embodiment of the present application.
In a fourth aspect, the present application provides a storage medium, on which a computer program is stored, where the computer program is executed by a processor to implement the personal sensitive information protection method according to any embodiment of the present application.
The embodiment of the application provides a personal sensitive information protection method, a personal sensitive information protection device, electronic equipment and a storage medium, wherein a user registration request sent by a current user through an application program is received through a personal sensitive information protection system; then judging whether the personal sensitive information of the current user exists in the personal sensitive information protection system; if the personal sensitive information of the current user does not exist in the personal sensitive information protection system, the personal sensitive information of the current user is encrypted, the encrypted personal sensitive information of the current user is stored in the personal sensitive information protection system, and the encrypted personal sensitive information of the current user is stored in the backup device. That is to say, in the technical solution of the present application, the personal sensitive information of the user may be stored in a dedicated hardware device, and the encryption protection is performed on the personal sensitive information inside the hardware device by using an encryption algorithm with a high security standard. Personal sensitive information and account data of the existing government affair cloud service system are stored in a standard database, once a website of the government affair information system exposed in the internet environment is controlled by a hacker to be broken, private data of the whole account of the website can be downloaded to the local easily, and particularly, personal sensitive information is not encrypted by some service systems and is directly stored in the database in a plaintext mode; some algorithms that use encryption are too simple to allow the user's personal sensitive information to be revealed. Therefore, compared with the prior art, the method, the device, the electronic device and the storage medium for protecting the personal sensitive information, which are provided by the embodiment of the application, can store the personal sensitive information into the special hardware device, and carry out encryption protection on the personal sensitive information in the hardware device by adopting an encryption algorithm with a high security standard, so that the confidentiality and the integrity of data are ensured; meanwhile, only limited services such as addition, verification, modification and the like are provided externally, and the personal sensitive information is ensured not to be accessed and modified by unauthorized, so that the risk of personal sensitive information leakage is avoided; moreover, the technical scheme of the embodiment of the application is simple and convenient to implement, convenient to popularize and wide in application range.
Drawings
Fig. 1 is a first flowchart of a method for protecting personal sensitive information according to an embodiment of the present disclosure;
fig. 2 is a second flowchart of a method for protecting personal sensitive information according to an embodiment of the present application;
fig. 3 is a schematic structural diagram of a hardware system of a personal sensitive information protection system according to an embodiment of the present application;
FIG. 4 is a schematic diagram of a software system of a personal sensitive information protection system provided by an embodiment of the present application;
fig. 5 is a third flowchart of a method for protecting personal sensitive information according to an embodiment of the present application;
fig. 6 is a schematic structural diagram of a personal sensitive information protection apparatus according to an embodiment of the present application;
fig. 7 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
The present application will be described in further detail with reference to the following drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the application and are not limiting of the application. It should be further noted that, for the convenience of description, only some of the structures related to the present application are shown in the drawings, not all of the structures.
Example one
Fig. 1 is a first flowchart of a method for protecting personal sensitive information according to an embodiment of the present application, where the method may be executed by a personal sensitive information protection apparatus or an electronic device, where the apparatus or the electronic device may be implemented by software and/or hardware, and the apparatus or the electronic device may be integrated in any intelligent device with a network communication function. As shown in fig. 1, the method for protecting personal sensitive information may include the steps of:
s101, receiving a user registration request sent by a current user through an application program through a personal sensitive information protection system; wherein, the user registration request carries the personal sensitive information of the current user.
In this step, the electronic device may receive, through the personal sensitive information protection system, a user registration request sent by the current user through the application program; wherein, the user registration request carries the personal sensitive information of the current user. Personally sensitive information in embodiments of the present application includes, but is not limited to: name, telephone number, identity card number, home address, etc. The personal sensitive information protection system in the embodiment of the application stores important sensitive data of the registered user of the internet website in the hardware equipment of the system, and the hardware equipment only provides limited services and shields all other irrelevant services. For example, only the new and authentication service is provided as an open service as a registration and login function call, while the modification and reading service is strictly limited, and only a legitimate user who passes the authentication can modify and read own data, ensuring that its internal data cannot be read without permission. By matching with the technical means and the built-in monitoring strategy configuration, the system can ensure that personal sensitive information is not dragged to the library, violence is broken and the like under the condition that the internet is broken, and avoids huge losses of users and websites caused by dragging the account data to the library of the internet frequently in recent years.
It should be noted that the personal sensitive information protection system in the embodiment of the present application only provides limited types of services for the user, such as newly added services, verification services, modification services, and the like, and does not provide services for batch copying and batch downloading for the user, and only a valid user passing verification can modify and read data in the personal sensitive information protection system, so that situations such as brute force cracking and illegal access of personal sensitive information can be effectively avoided.
S102, judging whether the personal sensitive information of the current user exists in the personal sensitive information protection system; if the personal sensitive information of the current user does not exist in the personal sensitive information protection system, S103 is executed; if the personal sensitive information of the current user exists in the personal sensitive information protection system, S104 is executed.
In this step, the electronic device may determine whether the personal sensitive information of the current user exists in the personal sensitive information protection system. Specifically, the electronic device may extract the identification information of the current user from the personal sensitive information of the current user; then, searching identification information of the current user in the personal sensitive information protection system; if the identification information of the current user is found, the electronic equipment can judge that the personal sensitive information of the current user exists in the personal sensitive information protection system; if the identification information of the current user is not found, the electronic device can determine that the personal sensitive information of the current user does not exist in the personal sensitive information protection system. The identification information in this embodiment refers to information that can uniquely identify each user, and for example, the identification information may be an identification number of the user.
S103, encrypting the personal sensitive information of the current user, storing the encrypted personal sensitive information of the current user into a personal sensitive information protection system, and storing the encrypted personal sensitive information of the current user into a backup device.
In this step, if the personal sensitive information of the current user does not exist in the personal sensitive information protection system, the electronic device may encrypt the personal sensitive information of the current user, store the encrypted personal sensitive information of the current user in the personal sensitive information protection system, and store the encrypted personal sensitive information of the current user in the backup device. Specifically, the embodiments of the present application may employ an encryption algorithm with a high security standard for encryption, for example, SM2, SM3, SM4, and the like. The backup device in the embodiment of the present application is also a special hardware device, and is the same as the hardware device where the personal sensitive information protection system is located.
S104, returning prompt information to the current user; the prompt message is used for prompting that the personal sensitive information protection system of the current user already has the personal sensitive information of the current user.
In this step, if the personal sensitive information of the current user exists in the personal sensitive information protection system, the electronic device may return a prompt message to the current user; the prompt message is used for prompting that the personal sensitive information protection system of the current user already has the personal sensitive information of the current user. Specifically, the electronic device may send the prompt message to an application program of the current user, so that the current user receives the prompt message in the application program.
The personal sensitive information protection method provided by the embodiment of the application comprises the steps that a user registration request sent by a current user through an application program is received through a personal sensitive information protection system; then judging whether the personal sensitive information of the current user exists in the personal sensitive information protection system; if the personal sensitive information of the current user does not exist in the personal sensitive information protection system, the personal sensitive information of the current user is encrypted, the encrypted personal sensitive information of the current user is stored in the personal sensitive information protection system, and the encrypted personal sensitive information of the current user is stored in the backup device. That is to say, in the technical solution of the present application, the personal sensitive information of the user may be stored in a dedicated hardware device, and the encryption protection is performed on the personal sensitive information inside the hardware device by using an encryption algorithm with a high security standard. The personal sensitive information and the account data of the existing government affair cloud service system are stored in a standard database, once a website of the government affair information system exposed in the internet environment is controlled by a hacker to be broken, the private data of the whole account of the website can be downloaded to the local easily, and particularly, the personal sensitive information is not encrypted by some service systems and is directly stored in the database in a clear text manner; some algorithms that use encryption are too simple to allow the user's personal sensitive information to be revealed. Therefore, compared with the prior art, the personal sensitive information protection method provided by the embodiment of the application can store the personal sensitive information into the special hardware equipment, and the personal sensitive information is encrypted and protected by adopting an encryption algorithm with a high security standard in the hardware equipment, so that the confidentiality and the integrity of data are ensured; meanwhile, limited services such as addition, verification, modification and the like are externally provided, and the personal sensitive information is ensured not to be accessed and modified by unauthorized, so that the risk of personal sensitive information leakage is avoided; moreover, the technical scheme of the embodiment of the application is simple and convenient to implement, convenient to popularize and wide in application range.
Example two
Fig. 2 is a second flowchart of a method for protecting personal sensitive information according to an embodiment of the present application. Further optimization and expansion are performed based on the technical scheme, and the method can be combined with various optional embodiments. As shown in fig. 2, the personal sensitive information protection method may include the steps of:
s201, receiving a user registration request sent by a current user through an application program through a personal sensitive information protection system; the user registration request carries personal sensitive information of the current user.
Fig. 3 is a schematic structural diagram of a hardware system of a personal sensitive information protection system according to an embodiment of the present application. As shown in fig. 3, the hardware system includes: the device comprises a network port, a power supply interface, a USB interface and a power supply button; wherein, the network interface can include: a configuration port, a synchronization port, a detection port and an application port; the power interface includes: a first power interface and a second power interface; the USB interface includes: the USB interface comprises a first USB interface and a second USB interface.
The configuration port in the embodiment of the application can only confirm that the USB port is connected with the identity authentication device and works simultaneously in an intranet mode, and then the configuration management operation is carried out on the system; the synchronous port is used for realizing the synchronous data transmission between the two devices; the detection port performs heartbeat detection on the two devices, and data is synchronized through the synchronization port only when the other device is determined to be in a survival state; the application port is used for direct access of the application system, and service support such as user registration and user login is realized.
The hardware of the personal sensitive information protection system IN the embodiment of the application adopts the ALL-IN-ONE technology, the hardware can be a network server mainboard, component interfaces required by external devices such as a network card, a USB port and a VGA port are integrated on the mainboard, and the interfaces are exposed outside the mainframe box. The mainboard is used for supporting more than 1 path of CPU slots, providing a dual-channel SO DDR3 memory slot, supporting a 1333/1066MHz memory and supporting 16GB at most. More than two SATA interfaces are supported, wherein more than 128M flash memories (installing operating systems) are supported, and more than 500G industrial hard disks are hooked.
The hardware device in the embodiment of the present application may include the following aspects: 1) Hardware appearance customization: the industrial personal computer case with similar firewall level is adopted, and the external interface has at least 4 network ports (external service, configuration management port, data synchronization port and heartbeat detection port), double power supplies, power supply buttons and double USB ports. 2) Kernel customization: the hardware is internally provided with a Mini version Linux operating system, the main technology of supporting large concurrency and the like is cut, and all other network services are shielded aiming at an external service network port. 3) Configuration management: only one of the 4 network ports is provided with limited 443 management service for daily maintenance and upgrading, the port cannot be directly accessed through the internet, and when the port service is used, the port service can be used only after being authenticated by a USB token certificate of the USB port, namely, the management security is ensured through double elements. 4) Application service: the method is characterized in that a set of application service system called by an external application system is developed to complete user registration, user login verification, user data modification and user data reading functions, large concurrency is required to be supported, meanwhile, it is ensured in safety that the user data modification and the user data reading can be carried out after verification and authorization, only a user can access own data, the data is stored in an encryption mode, and it is ensured that system managers cannot read or modify the privacy information of the user through a configuration management port. The file downloading service is shielded, and the user data cannot be read to ensure that the database cannot be dragged, and the internal monitoring strategy is matched to ensure that the user privacy data cannot be cracked violently. 5) Data synchronization: the data synchronization ports of the 4 network ports are communicated with the other same device, and the data is synchronized to the other device in a timing (configurable) manner by means of the heartbeat detection port when the other device is in a survival state, so that the integrity and consistency of the data are ensured.
Fig. 4 is a schematic structural diagram of a software system of a personal sensitive information protection system provided in an embodiment of the present application. As shown in fig. 4, the software system includes: an application layer, a service layer, a data layer and an operating system; the application layer is used for providing an interface function and a management configuration function of directly providing external application system services; the service layer is used for providing support service for the interface function and the management configuration function of the application layer; the data layer adopts a MySQL database and is used for providing a management function of stored data; the operating system is a Linux operating system. Specifically, the application layer in the embodiment of the present application may include: a function module for adding and verifying, a function module for reading and modifying, and a management and monitoring interface module; the service layer may include: the system comprises an application service authorization control module, a system layer support module, a soft algorithm module, a monitoring module, an authorization control module and a management service module; the data layer may include: a first data storage module and a second data storage module; the first data storage module is used for storing application database tables, design configuration, operation configuration and pipeline audit data; the second data storage module is used for storing the monitoring data.
Specifically, the application layer: and providing an interface function and a management configuration function of directly applying system services to the outside. And (3) a service layer: support services are provided for upper layer interface functions and management configuration, for example, application service authorization control, namely, only the user is allowed to access the data of the user, a monitoring strategy provides a judgment rule for suspicious access, and large concurrency/data synchronization/load balancing provides support of a system layer. Authorization control provides the functions of user right division and role definition of configuration management. The soft algorithm module mainly provides corresponding encryption and decryption services, and the management service is used for providing a support service for configuring management operation functions. And (3) a data layer: currently, MYSQL database is used, which provides functions such as management of corresponding stored data. Operating the system: namely a bottom cut version Linux operating system.
S202, extracting identification information of the current user from the personal sensitive information of the current user.
In this step, the electronic device may extract the identification information of the current user from the personal sensitive information of the current user. The identification information in this embodiment refers to information that can uniquely identify each user, and for example, the identification information may be an identification number of the user.
S203, searching the identification information of the current user in the personal sensitive information protection system.
S204, if the identification information of the current user is not found, it is judged that the personal sensitive information of the current user does not exist in the personal sensitive information protection system, the personal sensitive information of the current user is encrypted, the encrypted personal sensitive information of the current user is stored in the personal sensitive information protection system, and the encrypted personal sensitive information of the current user is stored in the backup device.
S205, if the identification information of the current user is found, judging that the personal sensitive information of the current user exists in the personal sensitive information protection system, and returning prompt information to the current user; the prompt message is used for prompting the personal sensitive information protection system of the current user that the personal sensitive information of the current user exists.
The personal sensitive information protection method provided by the embodiment of the application comprises the steps that a user registration request sent by a current user through an application program is received through a personal sensitive information protection system; then judging whether the personal sensitive information of the current user exists in the personal sensitive information protection system; if the personal sensitive information of the current user does not exist in the personal sensitive information protection system, the personal sensitive information of the current user is encrypted, the encrypted personal sensitive information of the current user is stored in the personal sensitive information protection system, and the encrypted personal sensitive information of the current user is stored in the backup device. That is to say, in the technical solution of the present application, the personal sensitive information of the user may be stored in a dedicated hardware device, and the encryption protection is performed on the personal sensitive information inside the hardware device by using an encryption algorithm with a high security standard. The personal sensitive information and the account data of the existing government affair cloud service system are stored in a standard database, once a website of the government affair information system exposed in the internet environment is controlled by a hacker to be broken, the private data of the whole account of the website can be downloaded to the local easily, and particularly, the personal sensitive information is not encrypted by some service systems and is directly stored in the database in a clear text manner; some algorithms that use encryption are too simple to allow the user's personal sensitive information to be revealed. Therefore, compared with the prior art, the personal sensitive information protection method provided by the embodiment of the application can store the personal sensitive information into the special hardware equipment, and carry out encryption protection on the personal sensitive information in the hardware equipment by adopting an encryption algorithm with a high security standard, so that the confidentiality and the integrity of data are ensured; meanwhile, limited services such as addition, verification, modification and the like are externally provided, and the personal sensitive information is ensured not to be accessed and modified by unauthorized, so that the risk of personal sensitive information leakage is avoided; moreover, the technical scheme of the embodiment of the application is simple and convenient to implement, convenient to popularize and wide in application range.
EXAMPLE III
Fig. 5 is a schematic flow chart of a third pass of the personal sensitive information protection method according to the embodiment of the present application. Further optimization and expansion are performed based on the technical scheme, and the method can be combined with the various optional embodiments. As shown in fig. 5, the personal sensitive information protection method may include the steps of:
s501, receiving an identity authentication request of a current user through a personal sensitive information protection system.
In this step, the electronic device may receive an authentication request of a current user through the personal sensitive information protection system; the identity authentication request may carry identification information of the current user, such as a user name and a password.
S502, responding to the identity authentication request to authenticate the identity of the current user; and if the current user passes the verification, receiving a user registration request sent by the current user through the application program through the personal sensitive information protection system.
In this step, the electronic device may perform authentication on the current user in response to the authentication request; if the current user passes the verification, receiving a user registration request sent by the current user through an application program through a personal sensitive information protection system; and if the current user is not authenticated, not executing the operation of receiving the user registration request sent by the current user through the application program through the personal sensitive information protection system.
In a specific embodiment of the present application, when a current user modifies or reads data in the personal sensitive information protection system, the identity of the current user may be verified first, and only if the current user passes the verification, the current user is allowed to modify or read data in the personal sensitive information protection system.
S503, judging whether the personal sensitive information of the current user exists in the personal sensitive information protection system; if the personal sensitive information of the current user does not exist in the personal sensitive information protection system, executing S504; if the personal sensitive information of the current user exists in the personal sensitive information protection system, S505 is executed.
S504, encrypting the personal sensitive information of the current user, storing the encrypted personal sensitive information of the current user into a personal sensitive information protection system, and storing the encrypted personal sensitive information of the current user into a backup device.
S505, returning prompt information to the current user; the prompt message is used for prompting that the personal sensitive information protection system of the current user already has the personal sensitive information of the current user.
The personal sensitive information protection method provided by the embodiment of the application comprises the steps that a user registration request sent by a current user through an application program is received through a personal sensitive information protection system; then judging whether the personal sensitive information of the current user exists in the personal sensitive information protection system; if the personal sensitive information of the current user does not exist in the personal sensitive information protection system, the personal sensitive information of the current user is encrypted, the encrypted personal sensitive information of the current user is stored in the personal sensitive information protection system, and the encrypted personal sensitive information of the current user is stored in the backup device. That is to say, in the technical solution of the present application, the personal sensitive information of the user may be stored in a dedicated hardware device, and the encryption protection is performed on the personal sensitive information inside the hardware device by using an encryption algorithm with a high security standard. The personal sensitive information and the account data of the existing government affair cloud service system are stored in a standard database, once a website of the government affair information system exposed in the internet environment is controlled by a hacker to be broken, the private data of the whole account of the website can be downloaded to the local easily, and particularly, the personal sensitive information is not encrypted by some service systems and is directly stored in the database in a clear text manner; some algorithms that use encryption are too simple to allow the user's personal sensitive information to be revealed. Therefore, compared with the prior art, the personal sensitive information protection method provided by the embodiment of the application can store the personal sensitive information into the special hardware equipment, and carry out encryption protection on the personal sensitive information in the hardware equipment by adopting an encryption algorithm with a high security standard, so that the confidentiality and the integrity of data are ensured; meanwhile, limited services such as addition, verification, modification and the like are externally provided, and the personal sensitive information is ensured not to be accessed and modified by unauthorized, so that the risk of personal sensitive information leakage is avoided; moreover, the technical scheme of the embodiment of the application is simple and convenient to implement, convenient to popularize and wide in application range.
Example four
Fig. 6 is a schematic structural diagram of a personal sensitive information protection apparatus according to an embodiment of the present application. As shown in fig. 6, the personal sensitive information protecting apparatus includes: a receiving module 601, a judging module 602 and a storing module 603; wherein, the first and the second end of the pipe are connected with each other,
the receiving module 601 is configured to receive, through the personal sensitive information protection system, a user registration request sent by a current user through an application program; the user registration request carries personal sensitive information of the current user;
the determining module 602 is configured to determine whether the personal sensitive information of the current user exists in the personal sensitive information protection system;
the storage module 603 is configured to, if the personal sensitive information of the current user does not exist in the personal sensitive information protection system, store the personal sensitive information of the current user in the personal sensitive information protection system, and synchronize the personal sensitive information of the current user to a backup device.
The personal sensitive information protection device can execute the method provided by any embodiment of the application, and has corresponding functional modules and beneficial effects of the execution method. For technical details that are not described in detail in this embodiment, reference may be made to the method for protecting personal sensitive information provided in any embodiment of the present application.
EXAMPLE five
Fig. 7 is a schematic structural diagram of an electronic device according to an embodiment of the present application. FIG. 7 illustrates a block diagram of an exemplary electronic device suitable for use in implementing embodiments of the present application. The electronic device 12 shown in fig. 7 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present application.
As shown in FIG. 7, electronic device 12 is embodied in the form of a general purpose computing device. The components of electronic device 12 may include, but are not limited to: one or more processors or processing units 16, a system memory 28, and a bus 18 that couples various system components including the system memory 28 and the processing unit 16.
Bus 18 represents one or more of any of several types of bus structures, including a memory bus or memory controller, a peripheral bus, an accelerated graphics port, a processor, or a local bus using any of a variety of bus architectures. By way of example, such architectures include, but are not limited to, industry Standard Architecture (ISA) bus, micro-channel architecture (MAC) bus, enhanced ISA bus, video Electronics Standards Association (VESA) local bus, and Peripheral Component Interconnect (PCI) bus.
Electronic device 12 typically includes a variety of computer system readable media. Such media may be any available media that is accessible by electronic device 12 and includes both volatile and nonvolatile media, removable and non-removable media.
The system memory 28 may include computer system readable media in the form of volatile memory, such as Random Access Memory (RAM) 30 and/or cache memory 32. The electronic device 12 may further include other removable/non-removable, volatile/nonvolatile computer system storage media. By way of example only, storage system 34 may be used to read from and write to non-removable, nonvolatile magnetic media (not shown in FIG. 7 and commonly referred to as a "hard drive"). Although not shown in FIG. 7, a magnetic disk drive for reading from and writing to a removable, nonvolatile magnetic disk (e.g., a "floppy disk") and an optical disk drive for reading from or writing to a removable, nonvolatile optical disk (e.g., a CD-ROM, DVD-ROM, or other optical media) may be provided. In these cases, each drive may be connected to bus 18 by one or more data media interfaces. Memory 28 may include at least one program product having a set (e.g., at least one) of program modules that are configured to carry out the functions of embodiments of the application.
A program/utility 40 having a set (at least one) of program modules 42 may be stored, for example, in memory 28, such program modules 42 including, but not limited to, an operating system, one or more application programs, other program modules, and program data, each of which examples or some combination thereof may comprise an implementation of a network environment. Program modules 42 generally perform the functions and/or methodologies of the embodiments described herein.
Electronic device 12 may also communicate with one or more external devices 14 (e.g., keyboard, pointing device, display 24, etc.), with one or more devices that enable a user to interact with electronic device 12, and/or with any devices (e.g., network card, modem, etc.) that enable electronic device 12 to communicate with one or more other computing devices. Such communication may be through an input/output (I/O) interface 22. Also, the electronic device 12 may communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network, such as the Internet) via the network adapter 20. As shown, the network adapter 20 communicates with other modules of the electronic device 12 via the bus 18. It should be understood that although not shown in FIG. 7, other hardware and/or software modules may be used in conjunction with electronic device 12, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, and data backup storage systems, among others.
The processing unit 16 executes various functional applications and data processing by executing programs stored in the system memory 28, for example, to implement the personal sensitive information protection method provided by the embodiment of the present application.
Example six
The embodiment of the application provides a computer storage medium.
The computer-readable storage media of the embodiments of the present application may take any combination of one or more computer-readable media. The computer readable medium may be a computer readable signal medium or a computer readable storage medium. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the computer readable storage medium would include the following: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the context of this document, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
A computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Computer program code for carrying out operations for aspects of the present application may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, smalltalk, C + +, and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).
It is to be noted that the foregoing is only illustrative of the presently preferred embodiments and application of the principles of the present invention. It will be understood by those skilled in the art that the present application is not limited to the particular embodiments described herein, but is capable of various obvious changes, rearrangements and substitutions as will now become apparent to those skilled in the art without departing from the scope of the application. Therefore, although the present application has been described in more detail with reference to the above embodiments, the present application is not limited to the above embodiments, and may include other equivalent embodiments without departing from the spirit of the present application, and the scope of the present application is determined by the scope of the appended claims.

Claims (10)

1. A method for protecting personal sensitive information, the method comprising:
receiving a user registration request sent by a current user through an application program through a personal sensitive information protection system; the user registration request carries personal sensitive information of the current user;
judging whether the personal sensitive information of the current user exists in the personal sensitive information protection system;
if the personal sensitive information of the current user does not exist in the personal sensitive information protection system, encrypting the personal sensitive information of the current user, storing the encrypted personal sensitive information of the current user into the personal sensitive information protection system, and storing the encrypted personal sensitive information of the current user into the backup device.
2. The method of claim 1, wherein prior to receiving, by the personal sensitive information protection system, a user registration request sent by a current user via the application, the method further comprises:
receiving an identity authentication request of a current user through the personal sensitive information protection system;
authenticating the current user in response to the authentication request; and if the current user passes the verification, executing the operation of receiving the user registration request sent by the current user through the application program through the personal sensitive information protection system.
3. The method of claim 1, further comprising:
if the personal sensitive information of the current user exists in the personal sensitive information protection system, returning prompt information to the current user; the prompt information is used for prompting the current user that the personal sensitive information protection system already has the personal sensitive information of the current user.
4. The method of claim 1, wherein determining whether the personal sensitive information of the current user is present in the personal sensitive information protection system comprises:
extracting identification information of the current user from the personal sensitive information of the current user;
searching the identification information of the current user in the personal sensitive information protection system; if the identification information of the current user is found, judging that the personal sensitive information of the current user exists in the personal sensitive information protection system; if the identification information of the current user is not found, judging that the personal sensitive information of the current user does not exist in the personal sensitive information protection system.
5. The method of claim 1, wherein the personal sensitive information protection system comprises: hardware systems and software systems; wherein the hardware system comprises: the device comprises a network port, a power interface, a USB interface and a power button; wherein, the network interface includes: a configuration port, a synchronous port, a detection port and an application port; the power interface includes: a first power interface and a second power interface; the USB interface includes: a first USB interface and a second USB interface; the software system includes: an application layer, a service layer, a data layer, and an operating system.
6. The method of claim 5, wherein the application layer is configured to provide interface functions and management configuration functions for direct outbound application system services; the service layer is used for providing support service for the interface function and the management configuration function of the application layer; the data layer adopts a MySQL database and is used for providing a management function of stored data; the operating system is a Linux operating system.
7. The method of claim 6, wherein the application layer comprises: a function module for adding and verifying, a function module for reading and modifying, and a management and monitoring interface module; the service layer comprises: the system comprises an application service authorization control module, a system layer support module, a soft algorithm module, a monitoring module, an authorization control module and a management service module; the data layer includes: a first data storage module and a second data storage module; the first data storage module is used for storing an application database table, design configuration, operation configuration and running audit data; the second data storage module is used for storing monitoring data.
8. An apparatus for protecting personal sensitive information, the apparatus comprising: the device comprises a receiving module, a judging module and a storage module; wherein the content of the first and second substances,
the receiving module is used for receiving a user registration request sent by a current user through an application program through the personal sensitive information protection system; the user registration request carries personal sensitive information of the current user;
the judging module is used for judging whether the personal sensitive information of the current user exists in the personal sensitive information protection system;
the storage module is configured to, if the personal sensitive information of the current user does not exist in the personal sensitive information protection system, store the personal sensitive information of the current user in the personal sensitive information protection system, and synchronize the personal sensitive information of the current user to a backup device.
9. An electronic device, comprising:
one or more processors;
a memory for storing one or more programs,
the one or more programs, when executed by the one or more processors, cause the one or more processors to implement the personal sensitive information protection method of any of claims 1-7.
10. A storage medium on which a computer program is stored, which program, when being executed by a processor, carries out a method for personal sensitive information protection according to any one of claims 1 to 7.
CN202211569522.4A 2022-12-08 2022-12-08 Personal sensitive information protection method and device, electronic equipment and storage medium Pending CN115935389A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211569522.4A CN115935389A (en) 2022-12-08 2022-12-08 Personal sensitive information protection method and device, electronic equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211569522.4A CN115935389A (en) 2022-12-08 2022-12-08 Personal sensitive information protection method and device, electronic equipment and storage medium

Publications (1)

Publication Number Publication Date
CN115935389A true CN115935389A (en) 2023-04-07

Family

ID=86700291

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211569522.4A Pending CN115935389A (en) 2022-12-08 2022-12-08 Personal sensitive information protection method and device, electronic equipment and storage medium

Country Status (1)

Country Link
CN (1) CN115935389A (en)

Similar Documents

Publication Publication Date Title
US11062037B2 (en) Automated management of confidential data in cloud environments
US8813218B2 (en) Security-enhanced computer systems and methods
EP3970040B1 (en) Mitigation of ransomware in integrated, isolated applications
US20150220356A1 (en) Secure migration of virtual machines
US20120102564A1 (en) Creating distinct user spaces through mountable file systems
JP7102621B2 (en) API and encryption key secret management system and method
KR101403626B1 (en) Method of integrated smart terminal security management in cloud computing environment
US11379564B2 (en) Network and device security system, method, and apparatus
EP3449607B1 (en) Systems and methods for managing encryption keys for single-sign-on applications
US10262131B2 (en) Systems and methods for obtaining information about security threats on endpoint devices
US10033732B1 (en) Systems and methods for detecting cloning of security tokens
US10192056B1 (en) Systems and methods for authenticating whole disk encryption systems
US11496511B1 (en) Systems and methods for identifying and mitigating phishing attacks
US11003746B1 (en) Systems and methods for preventing electronic form data from being electronically transmitted to untrusted domains
CN105187459B (en) Account private data security system and its data guard method
US9560028B1 (en) Systems and methods for filtering interprocess communications
Song et al. App’s auto-login function security testing via android os-level virtualization
CN115935389A (en) Personal sensitive information protection method and device, electronic equipment and storage medium
US11438378B1 (en) Systems and methods for protecting against password attacks by concealing the use of honeywords in password files
US11216565B1 (en) Systems and methods for selectively encrypting controlled information for viewing by an augmented reality device
US10257202B1 (en) Systems and methods for logging users out of online accounts
US11671422B1 (en) Systems and methods for securing authentication procedures
US11947692B1 (en) Systems and methods for dynamic formjacking protection
CN113961970B (en) Cross-network-segment network disk login identity authentication method and device, network disk and storage medium
Lei et al. TrustControl: Trusted Private Data Usage Control Based on Security Enhanced TrustZone.

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination