CN116455609A

CN116455609A - Method for protecting computer system safety

Info

Publication number: CN116455609A
Application number: CN202310275751.3A
Authority: CN
Inventors: 徐鹏; 彭战松; 翟志华; 周洪军
Original assignee: Yellow River Conservancy Technical Institute
Current assignee: Yellow River Conservancy Technical Institute
Priority date: 2023-03-20
Filing date: 2023-03-20
Publication date: 2023-07-18

Abstract

The invention discloses a method for protecting the safety of a computer system, which relates to the technical field of computers and comprises the following steps: in an email server, presetting a client security level and dividing the email security level, and configuring operation authorities corresponding to the client security levels; the mail sending client sends the E-mail to the E-mail server, and determines and identifies the mail security level of the E-mail; the mail receiving client sends an operation request for the electronic mail to the electronic mail server, and when the security level of the client of the mail receiving client is not lower than that of the electronic mail, the electronic mail server sends the electronic mail to the mail receiving client and controls the operation of the mail receiving client according to the operation authority corresponding to the security level of the client of the mail receiving client. The invention can improve the security defense capability of the email system, ensure the security of data transmission and facilitate the use of users.

Description

Method for protecting computer system safety

Technical Field

The invention relates to the technical field of computers, in particular to a method for protecting the safety of a computer system.

Background

The Internet has become an important tool for people communication in all countries of the world, and in the 21 st century, the E-mail has been developed from simply transmitting text information to a communication tool capable of transmitting various multimedia information, and the E-mail is quickly received by the masses with the characteristics of convenient use, rapidness, easy storage and management and the like, and becomes an effective tool for transmitting documents, exchanging information and communicating emotion.

However, mail gradually becomes a major target of important points of lawless attention and network intrusion and steal, and a mail system is taken as a major tool of business connection, so that a user lacks safety consciousness, stores a large amount of sensitive information, and once the user is attacked, the damage is serious; the enterprise-level mail system built or purchased by the user has certain basic security protection functions such as anti-rubbish, virus prevention, content filtering and the like, but attacks the e-mail system by means of vulnerability of the mail system, mail box theft, violent cracking, phishing mail and the like, so that network intrusion, secret stealing and control still affect network security, business security and even economic security.

Aiming at the mail security problem, a person skilled in the art has made many efforts, such as the invention patent with publication number CN101160876B, namely a network security control method and system, the method and system for preventing spam described by the invention uses the configuration information of spam uploaded by the client to the associated server to formulate a rule for filtering spam, and the received mail is filtered by using the rule for filtering, so that the propagation of spam can be prevented more comprehensively and accurately. However, due to the inherent shortage of email related protocols, many email security holes are created, and the data leakage event caused by email can cause serious loss to enterprises by people in the system.

Therefore, how to improve the security defensive capability of the email system, realize the security confidentiality of the email system, and ensure the security of data transmission is a technical problem that needs to be solved by those skilled in the art.

Disclosure of Invention

In view of the above, the present invention provides a method for protecting the security of a computer system, which can improve the security defense capability of an email system, facilitate the use of users, have more reliable security, and ensure the security of data transmission.

In order to achieve the above object, the present invention provides the following technical solutions:

a method of securing a computer system, comprising the steps of:

in an email server, presetting a client security level and dividing the email security level, and configuring operation authorities corresponding to the client security levels;

the mail sending client sends the E-mail to the E-mail server, and the E-mail server determines and marks the mail security level of the E-mail after receiving the E-mail;

the mail receiving client sends an operation request for the electronic mail to the electronic mail server, and the electronic mail server compares the client security level of the mail receiving client with the mail security level of the electronic mail;

when the security level of the client of the mail receiving client is not lower than that of the email, the email server sends the email to the mail receiving client and controls the operation of the mail receiving client according to the operation authority corresponding to the security level of the client of the mail receiving client.

The technical effect that above-mentioned technical scheme reaches is: the client security level and the mail security level are set, corresponding operation authorities are given to different levels, the security of mail transmission data can be improved, and the operation is simple.

Optionally, the client security level and the mail security level include a common level, a secret level and an absolute secret level.

Optionally, after the email sending client sends the email to the email server, the method further includes:

and the email server automatically displays the email receiving client conforming to the security matching in the address list according to the security level of the client of the email sending client and the email security level of the email.

The technical effect that above-mentioned technical scheme reaches is: the mail receiving client matched with the security level is automatically displayed, whether the mail receiving client sending the request meets the requirement can be conveniently judged, and the operation is simpler.

Optionally, before the email server sends the email to the email receiving client, the method further comprises:

the email server performs authorization confirmation to the email sending client and transmits the email after confirmation, otherwise, the transmission is blocked.

The technical effect that above-mentioned technical scheme reaches is: further confirmation may be made before sending the email to the mail receiving client, avoiding mail recipient selection errors that may occur during initial sending.

Optionally, the mail receiving client sends an operation request for the email to the email server, which is specifically divided into the following cases:

the common-level e-mail has no password protection, and allows the mail receiving client to request the e-mail server to freely process the common-level e-mail and modify the mail security level;

the e-mail with the privacy level has password protection, and allows the e-mail receiving client to input a correct password and then request the e-mail server to freely process the e-mail with the privacy level and modify the mail security level;

the electronic mail with the secret level has password protection, and the electronic mail receiving client is allowed to input a correct password and then request an electronic mail server to process the electronic mail with the secret level on line and modify the mail security level;

the email with the absolute security level has password protection, allows the email receiving client to input a correct password and then requests the email server to process the email with the absolute security level online, and cannot request to modify the email security level.

The technical effect that above-mentioned technical scheme reaches is: the security level of the client corresponds to the security level of the E-mail, and a person with low security level cannot check the E-mail with high security level, so that the safety and the controllability of mail information can be ensured; the mail receiving client can change the security level of the electronic mail based on the operation authority, the operation is simple, the security of the electronic mail can be further enhanced, and the security of data transmission is ensured.

Optionally, the mail sending client and the mail receiving client are both connected with the email server through public cloud or private cloud.

Optionally, the method further comprises:

after the email receiving client opens the email, when related network resource access is required through the email, integrity detection and/or virus detection are performed on the connection website and/or connection data in the email.

The technical effect that above-mentioned technical scheme reaches is: by accessing the network resources after corresponding detection, the access of the e-mail to the malicious website or the malicious resources can be prevented, and the intrusion path of the malicious codes is effectively eliminated.

Optionally, the method further comprises:

the record in the email server includes the email sending time, the email sending client, the email receiving client, the IP address, the MAC address, the operating system, the email topic, the email body and the attachment.

reading the E-mail as text content, identifying delimiters in the text content, identifying and reading attachments according to the delimiters, storing the attachments and deleting the attachments in the E-mail;

converting the format of the stripped accessory according to a preset rule, storing the accessory after format conversion and generating an accessory link;

and adding the attachment link to the E-mail with the deleted attachment, and forwarding the E-mail to the mail receiving client.

The technical effect that above-mentioned technical scheme reaches is: the attachments in the E-mail are stripped and converted, viruses implanted due to vulnerabilities on the document format or protocol can be removed, the converted document loses aggressiveness, and the safety of the E-mail is ensured.

Optionally, after the email server receives the email, the method further includes:

constructing detection rules based on the keywords, the position fields and the relation fields, and performing anti-disclosure detection on the text of the E-mail and the content of the attachment according to a rule base based on the detection rules;

automatically blocking and recording the compromised e-mail and the suspected compromised e-mail, manually auditing the blocked suspected compromised e-mail, and sending an alarm signal by the e-mail server after the e-mail is confirmed to be compromised.

The technical effect that above-mentioned technical scheme reaches is: whether the e-mail is divulged or not can be detected, information data security defense capability is provided, and data leakage caused by the e-mail is avoided.

Compared with the prior art, the invention discloses a method for protecting the safety of a computer system, wherein the safety grade of a client and the safety grade of a mail are set, the security grade of the client corresponds to the security grade of the e-mail, and personnel with low security grade cannot check the e-mail with high security grade, so that the safety and controllability of mail information can be ensured; the mail receiving client can change the security level of the electronic mail based on the operation authority, the operation is simple, the security of the electronic mail can be further enhanced, and the security of data transmission is ensured. In addition, the network resources are accessed after the corresponding integrity/virus detection, so that the access of the e-mail to malicious websites or malicious resources can be prevented, and the intrusion path of malicious codes is effectively eliminated; the attachments in the E-mail are stripped and converted, viruses implanted due to vulnerabilities on the document format or protocol can be removed, the converted document loses aggressiveness, and the safety of the E-mail is ensured.

Drawings

In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings that are required to be used in the embodiments or the description of the prior art will be briefly described below, and it is obvious that the drawings in the following description are only embodiments of the present invention, and that other drawings can be obtained according to the provided drawings without inventive effort for a person skilled in the art.

FIG. 1 is a flow chart of a method for protecting computer system security according to the present invention.

Detailed Description

The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.

Aiming at the problems existing in the current e-mail transmission, the embodiment of the invention discloses a method for protecting the safety of a computer system, as shown in figure 1, comprising the following steps:

Further, the client security level and the mail security level comprise a common level, a secret level and an absolute secret level.

Further, after the email sending client sends the email to the email server, the method further comprises:

and the email server automatically displays the email receiving client conforming to the security matching in the address list according to the security level of the client of the email sending client and the email security level of the email. The security level of the client of the mail sending client is lower than or equal to that of the client of the mail receiving client, the user security level is matched, otherwise, the user security level is not matched; and when the mail security level of the e-mail is lower than the client security level of the mail sending client or the mail receiving client, matching the mail security level, otherwise, not matching the mail security level. And when the user security level and the mail security level are matched at the same time, the security level is matched.

Further, before the email server sends the email to the email receiving client, the method further comprises:

the email server performs authorization confirmation to the email sending client and transmits the email after confirmation, otherwise, the transmission is blocked. The scheme can further confirm before sending the E-mail to the mail receiving client, and avoid the possible error of mail receiver selection during initial sending.

Further, the mail receiving client sends an operation request for the email to the email server, which is specifically divided into the following cases:

Setting various mail security levels according to factors such as important conditions of the e-mail, and endowing different operation authorities to different clients, wherein both a receiver and a sender of the e-mail can set the mail security levels, so that the security of the e-mail can be improved; in addition, the mail receiving client can change the security level of the mail based on the corresponding authority, the operation is simple, and the security of the transmission data of the electronic mail can be further enhanced. Specifically, the free processing includes forwarding, deleting, downloading, online browsing and local reading; online processing includes forwarding, deleting, and online browsing.

Further, the mail sending client and the mail receiving client are both connected with the email server through public cloud or private cloud.

Further, the method further comprises:

Based on the technical scheme, the network resource is accessed after corresponding detection, so that the access of the e-mail to the malicious website or the malicious resource can be prevented, and the intrusion path of the malicious code is effectively eliminated.

Further, the method further comprises:

Based on the technical scheme, the attachment of the E-mail sent by the mail sending client is stripped and format converted, so that viruses possibly implanted due to the vulnerability on the document format or protocol are cleared, the converted document loses aggressiveness, the safety of the E-mail is ensured, and the safety of a computer system is further ensured.

Further, after the email server receives the email, the method further comprises:

Specifically, the location field includes four parts, namely session information, a mail header, a mail body and an attachment, and the session information refers to a command field of an SMTP protocol required in a mail session; the mail header refers to information positioned at the mail header, and is composed of a plurality of fields for explaining the basic information of the mail; the attachment comprises three parts of an attachment name, an attachment type and attachment content; the relation field refers to the relation between the keyword and the mail, and is divided into two relations, namely containing and equal. Based on the scheme, whether the e-mail is divulged or not can be detected, corresponding processing can be carried out, the security defending capability of the e-mail system is improved, and the security of the computer system is ensured.

The invention discloses a method for protecting the safety of a computer system, which is characterized in that the safety grade of a client and the safety grade of a mail are set, the security grade of the client corresponds to the security grade of an E-mail, and a person with low security grade cannot check the E-mail with high security grade, so that the safety and the controllability of mail information can be ensured; the mail receiving client can change the security level of the electronic mail based on the operation authority, the operation is simple, the security of the electronic mail can be further enhanced, and the security of data transmission is ensured.

In the present specification, each embodiment is described in a progressive manner, and each embodiment is mainly described in a different point from other embodiments, and identical and similar parts between the embodiments are all enough to refer to each other. The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims

1. A method of securing a computer system, comprising the steps of:

2. A method of securing a computer system as claimed in claim 1, wherein the client security level and the mail security level each include a normal level, a secret level, and a absolute secret level.

3. The method of claim 1, wherein after the email sending client sends the email to the email server, the method further comprises:

4. The method of securing a computer system according to claim 1, wherein before the email server sends the email to the email receiving client, the method further comprises:

5. A method for protecting a computer system according to claim 2, wherein the mail receiving client sends an operation request for an email to the email server, specifically comprising the following situations:

6. The method of claim 1, wherein the mail sending client and the mail receiving client are connected to the email server by public cloud or private cloud.

7. A method of securing a computer system as claimed in claim 1, further comprising:

8. A method of securing a computer system as claimed in claim 1, further comprising:

9. The method of securing a computer system according to claim 1, wherein before the email server sends the email to the email receiving client, the method further comprises:

10. The method of claim 1, wherein after the email server receives the email, the method further comprises: