CN103281304A - Information safety processing method and system - Google Patents

Information safety processing method and system Download PDF

Info

Publication number
CN103281304A
CN103281304A CN2013101562054A CN201310156205A CN103281304A CN 103281304 A CN103281304 A CN 103281304A CN 2013101562054 A CN2013101562054 A CN 2013101562054A CN 201310156205 A CN201310156205 A CN 201310156205A CN 103281304 A CN103281304 A CN 103281304A
Authority
CN
China
Prior art keywords
user
information
access
target user
source
Prior art date
Application number
CN2013101562054A
Other languages
Chinese (zh)
Inventor
谢静宇
Original Assignee
苏州亿倍信息技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 苏州亿倍信息技术有限公司 filed Critical 苏州亿倍信息技术有限公司
Priority to CN2013101562054A priority Critical patent/CN103281304A/en
Publication of CN103281304A publication Critical patent/CN103281304A/en

Links

Abstract

The invention provides an information safety processing method and system. The method comprises the following steps that a source user establishes accessing limiting information and sends an encryption request to an algorithm controller; the algorithm controller receives the encryption request and a strategy is selected according to a pre-set algorithm according to an encryption algorithm comparison table; an encryption algorithm of the accessing limiting information is determined and the encryption algorithm is sent to the source user; the source user encrypts the accessing limiting information according to the encryption algorithm and sends a calling request to a management central server; after the management central server obtains a target user access authority, the source user binds the target user access authority and the accessing limiting information, and sends a distribution strategy request to the controller; the controller feeds back a distribution strategy response to the source user; the source user sends the bound target user access authority and accessing limiting information to a target user according to a distribution strategy; and after the target user is approved by the management central server, the target user processes the information according to a received decryption rule.

Description

一种信息安全的处理方法及系统 An information processing method and system security

技术领域 FIELD

[0001] 本发明属于网络通信领域,尤其涉及一种信息安全的处理方法及系统。 [0001] The present invention belongs to the field of network communication, particularly to a processing method and information security system.

背景技术 Background technique

[0002] 在网络通信领域,电子文档的信息安全保护是非常重要的一个方面。 [0002] In the field of communication networks, information security of electronic documents is a very important aspect. 当前,对于电子文档的信息安全保护亟需高效实用的方案。 Currently, information security for electronic documents need efficient and practical solutions.

发明内容 SUMMARY

[0003] 本发明提供一种信息安全的处理方法及系统,以解决上述问题。 [0003] The present invention provides a security system and an information processing method, in order to solve the above problems.

[0004] 本发明提供一种信息安全的处理方法。 [0004] The present invention provides a method of secure processing information. 上述方法包括以下步骤:源用户创建访问受限信息,并向算法控制器发送加密请求,其中,加密请求携带访问受限信息密级;算法控制器接收加密请求,并根据加密算法对照表,按照预设算法选取策略,确定访问受限信息的加密算法,并将加密算法发送至源用户;源用户根据加密算法加密访问受限信息,并向管理中心服务器发送调用请求,其中,调用请求中携带访问受限信息密级及目标用户所属实体类型信息;管理中心服务器获取目标用户访问权限后,源用户绑定目标用户访问权限及访问受限信息并向控制器发送分发策略请求,其中,分发策略请求中携带源用户、目标用户所属实体类型信息;控制器向源用户反馈分发策略响应,其中,分发策略响应中携带分发策略;源用户根据分发策略,将绑定的目标用户访问权限及访问受限信息发送至目标用户; Said method comprising the steps of: creating a source user to access restricted information, and transmits the encryption algorithm controller request, wherein the request carries the access restricted encrypted security classification information; encryption algorithm controller receives the request, according to the encryption algorithm and table, in accordance with pre- provided algorithm selection strategy, determining access restricted information encryption algorithm, the encryption algorithm and sent to the source user; source user according to the encryption algorithm to encrypt the restricted access information to the management center server invocation request, which carries call request access to restricted information security classification and the target entity type your user information; the management center server obtains the target user access rights, source user binding target user access rights and access to restricted information to the controller sends distribution policy request, which distribute the policy request users can carry the source, target user belongs entity type information; feedback controller to distribute the source user policy response, which distribute the policy response carries distribution strategy; target user access and user access according to the source distribution policy, the binding of the limited information sent to the target user; 目标用户通过管理中心服务器认证后,管理中心服务器通知算法控制器将访问受限信息的加密算法对应的解密规则发送至目标用户;目标用户根据接收的解密规则,处理所述信息。 After the management center by the target user authentication server, the management server notifies the central controller algorithm to decrypt the restricted access rules corresponding to the encryption algorithm information sent to the target user; target user rules according to the received decrypted, the information processing. 其中,控制器周期性统计源用户对外发送信息导致的事故发生率,并根据事故发生率及有效期调整策略调整管理中心服务器中对外授权策略表中的访问受限信息的有效期。 Wherein the controller sends out periodic statistical source user information leading to the accident rate, and adjust the policies to adjust Manager server for licensing restricted access policy table information is valid according to the accident rate and the expiration date. 时间片分配器监控管理中心服务器的CPU利用率,若管理中心服务器的CPU利用率达到预设值,时间片分配器根据源用户级别分配管理中心服务器的时间片进行轮询。 Time slice allocator monitoring center management server CPU utilization, CPU utilization management center if the server reaches a preset value, time slice according to a time slice allocator polling source user level distribution management center server.

[0005] 本发明还提供一种信息安全的处理系统,包括源用户、目标用户、管理中心服务器、通讯服务器、控制器、算法控制器及时间片分配器。 [0005] The present invention also provides a security information processing system including a source user, the target user, the management center server, communication server, the controller, the controller algorithm and time slice allocator. 管理中心服务器分别连接源用户、目标用户、时间片分配器、控制器及算法控制器,通讯服务器连接源用户及目标用户,控制器连接源用户及管理中心服务器,算法控制器连接源用户及目标用户。 CMS respectively connected to the source user, the target user, the time slice allocator, controller, and the controller algorithm, the user communication server connected to the source and destination user, the source user and the controller connection management center server, connected to the source user and the controller algorithm targets user. 源用户创建访问受限信息,并向算法控制器发送加密算法请求,其中,加密请求携带访问受限信息密级。 Source users to create access restricted information, and sends a request to the encryption algorithm controller algorithm, which carries an encrypted request access to restricted information security classification. 算法控制器接收加密请求,并根据加密算法对照表,按照预设算法选取策略,确定访问受限信息的加密算法,并将加密算法发送至源用户。 Encryption algorithm controller receives the request, according to the encryption algorithm and table, according to a preset algorithm selection policy, determine restricted access encryption algorithm, the encryption algorithm and sent to the source user. 源用户根据加密算法加密访问受限信息,并向管理中心服务器发送调用请求,其中,调用请求中携带访问受限信息密级及目标用户所属实体类型信息。 According to the source user restricted access to the encryption algorithm to encrypt information and to manage call center server sends a request, which call request restricted information security classification and the target entity type your user access information to carry. 管理中心服务器获取目标用户访问权限后,源用户绑定目标用户访问权限及访问受限信息并向控制器发送分发策略请求,其中,分发策略请求中携带源用户、目标用户所属实体类型信息。 After acquiring a target user management center server access, the source user binding target user access rights and access to restricted information to the controller sends distribution policy request, which carries the distribution policy request source user, the target user belongs entity type information. 控制器向源用户反馈分发策略响应,其中,分发策略响应中携带分发策略。 A feedback controller distribution policy in response to the source user, wherein the response carries distribution policy distribution policy. 源用户根据分发策略,将绑定的目标用户访问权限及访问受限信息发送至目标用户。 Target user access rights and user access according to the source distribution policy, bind the limited information sent to the destination user. 目标用户通过管理中心服务器认证后,管理中心服务器通知算法控制器将访问受限信息的加密算法对应的解密规则发送至目标用户,目标用户根据接收的解密规则,处理所述信息。 After the management center by the target user authentication server, the management server notifies the central controller algorithm to decrypt the restricted access rules corresponding to the encryption algorithm information sent to the target user, the target user rules according to the received decrypted, the information processing. 控制器周期性统计源用户对外发送信息导致的事故发生率,并根据事故发生率及有效期调整策略调整管理中心服务器中的对外授权策略表中的访问受限信息的有效期。 User statistics source controller periodically sends out information leading to the accident rate, and adjust the Access Policy Manager server to adjust the foreign policy table restricted authorization is valid information in accordance with the accident rate and the expiration date. 时间片分配器监控管理中心服务器的CPU利用率,若管理中心服务器的CPU利用率达到预设值,时间片分配器根据源用户级别分配管理中心服务器的时间片进行轮询。 Time slice allocator monitoring center management server CPU utilization, CPU utilization management center if the server reaches a preset value, time slice according to a time slice allocator polling source user level distribution management center server.

[0006] 相较于先前技术,根据本发明提供的信息安全的处理方法及系统,源用户根据从算法控制器获得的加密算法加密访问受限信息,从而确保信息安全。 [0006] Compared to the prior art, the information security processing method and system of the present invention provides, a source user to access restricted information encrypted according to an encryption algorithm obtained from the controller algorithm to ensure information security. 而且,管理中心服务器获取目标用户访问权限后,源用户根据目标用户所属实体类型,从控制器获取分发策略,按照分发策略,将绑定目标用户访问权限及访问受限信息发送至目标用户。 Moreover, after the management center server obtains the target user access rights, source user, access to distribution policy from the controller based on the target user belongs entity type, in accordance with the distribution policy, the binding target user access rights and access to restricted information to the target user. 如此,实现了信息的安全认证,从而保证了信息安全。 So, to achieve the security authentication information, so as to ensure information security. 另外,控制器周期性统计源用户对外发送信息导致的事故发生率,并根据事故发生率及有效期调整策略调整管理中心服务器中对外授权策略表中的访问受限信息的有效期。 In addition, the controller sends out periodic statistical source user information leading to the accident rate, and adjust the policies to adjust Manager server for licensing restricted access policy table information is valid according to the accident rate and the expiration date. 如此,可根据实际情况,实时调整保护措施。 Thus, according to the actual situation, the real-time adjustment of protective measures. 此外,时间片分配器监控管理中心服务器的CPU利用率,若管理中心服务器的CPU利用率达到预设值,时间片分配器根据源用户级别分配管理中心服务器的时间片进行轮询。 Further, the time slice allocator monitoring and management center server CPU utilization, CPU utilization management center if the server reaches a preset value, time slice according to a time slice allocator polling source user level distribution management center server. 如此,避免CPU负荷过大,从而保证了通信安全。 So, to avoid the CPU load is too large, so as to ensure communication security.

附图说明 BRIEF DESCRIPTION

[0007] 此处所说明的附图用来提供对本发明的进一步理解,构成本申请的一部分,本发明的示意性实施例及其说明用于解释本发明,并不构成对本发明的不当限定。 [0007] The drawings described herein are provided for further understanding of the present invention, constitute a part of this application, exemplary embodiments of the present invention are used to explain the present invention without unduly limiting the present invention. 在附图中: In the drawings:

[0008] 图1所示为根据本发明的较佳实施例提供的信息安全的处理方法的流程图; It is a flowchart [0008] As shown in FIG. 1 in accordance with the preferred embodiment of the present invention, the information processing method according to the security provided;

[0009] 图2所示为根据本发明的较佳实施例提供的信息安全的处理系统的示意图。 It is a schematic diagram of the security information processing system provided in accordance with the preferred embodiment of the present invention embodiment [0009] shown in FIG. 2.

具体实施方式 Detailed ways

[0010] 下文中将参考附图并结合实施例来详细说明本发明。 [0010] Hereinafter with reference to the accompanying drawings and embodiments of the present invention will be described in detail. 需要说明的是,在不冲突的情况下,本申请中的实施例及实施例中的特征可以相互组合。 Incidentally, in the case of no conflict, embodiments and features of the embodiments of the present application can be combined with each other.

[0011] 图1所示为根据本发明的较佳实施例提供的信息安全的处理方法的流程图。 Flowchart information security processing method according to the preferred embodiment of the present invention provides [0011] 1 as shown in FIG. 如图1所示,本发明的较佳实施例提供的信息安全的处理方法包括步骤101〜108。 1, the information security processing method provided by the preferred embodiment of the present invention comprises the steps 101~108.

[0012] 于步骤101,源用户创建访问受限信息,并向算法控制器发送加密请求,其中,所述加密请求携带访问受限信息密级。 [0012] In step 101, the user creates a source access restricted information, and sends a request to the encryption algorithm controller, wherein the request carries the access restricted information encrypted secrets. 其中,访问受限信息例如包括绝密信息、机密信息及秘密信息。 Among them, for example, access to restricted information, including confidential information, confidential and secret information. 然而,本发明对此并不限定。 However, the present invention is not limited to this. 于实际应用中,可根据需要对访问受限信息进行具体设置。 In practical applications, access may be limited by the specific information provided as required.

[0013] 于步骤102,所述算法控制器接收所述加密请求,并根据加密算法对照表,按照预设算法选取策略,确定所述访问受限信息的加密算法,并将所述加密算法发送至所述源用户。 [0013] In step 102, the encryption algorithm controller receives the request, according to the encryption algorithm and table, according to a preset algorithm selection policy, determines the access-restricted encryption algorithm information, and sends the encryption algorithm to the source user. 具体而言,算法控制器存储加密算法对照表。 Specifically, the controller stores the algorithm encryption algorithm table. 加密算法对照表包括访问受限信息密级、加密算法及预设算法选取策略的对应关系,于此,加密算法对照表例如表I所示。 Encryption table comprises accessing restricted security classification information, and the encryption algorithm preset algorithm selection policy correspondence relationship, this encryption algorithm table example shown in Table I.

[0014] [0014]

Figure CN103281304AD00061

[0015]表 I [0015] TABLE I

[0016] 其中,加密算法I〜3的复杂程度大于加密算法4〜5,加密算法4〜5的复杂程度大于加密算法6〜7。 [0016] wherein, the complexity of the encryption algorithm I~3 4 to 5 is greater than the encryption algorithm, encryption algorithm, the complexity of the encryption algorithm is greater than 4 to 5 6~7. 此外,预设算法选取策略例如包括随机选取、顺序选取、折半选取。 In addition, for example, comprises a preset algorithm selection strategy randomly selected, sequentially selected, binary selection. 于此,表I中的设置仅为举例,本发明对此并不限定。 Thereto is provided in Table I of example only, the present invention is not limited to this. 如表I所示,绝密信息对应的预设算法选取策略为折半选取,具体而言,若访问受限信息密级为绝密信息,则选择加密算法的顺序为:加密算法2、加密算法1、加密算法3,或者顺序为:加密算法2、加密算法3、加密算法1,即,首先选择序号处于中间的加密算法,再依次按照序号递增或递减的顺序选择加密算法。 As shown in Table I, confidential information corresponding to a predetermined selection algorithm to select the binary strategy, specifically, when the restricted access to confidential information security classification information, the encryption algorithm selection order is: 2 encryption algorithm, the encryption algorithm 1, encryption algorithm 3, or the order: the encryption algorithm 2, 3 encryption algorithm, an encryption algorithm, i.e., the first selected number in the middle of the encryption algorithm, and then select an encryption algorithm according to the ascending or descending order number. 随机选取即表示随机选择相应的加密算法。 I.e., randomly generates a random selection respective encryption algorithm. 顺序选择即表示按照加密算法序号递增或递减的顺序依次选取。 Sequential selection means that sequentially selected in the order of the encryption algorithm incremented or decremented. 本发明对此并不限定。 The present invention is not limited to this.

[0017] 此外,于本实施例中,算法控制器还存储所有加密算法对应的解密规则。 [0017] Further, in the present embodiment, the controller also stores a decryption algorithm corresponding to the encryption algorithm for all rules. 另外,于算法控制器将访问受限信息的加密算法发送至源用户时,算法控制器存储源用户信息、访问受限信息及加密算法的对应关系,以供后续使用。 Further, the controller algorithm to the encryption algorithm to access restricted information is transmitted to the source user, source user information stored in the controller algorithm, accessing restricted correspondence information and the encryption algorithm, for subsequent use.

[0018] 于步骤103,所述源用户根据所述加密算法加密所述访问受限信息,并向管理中心服务器发送调用请求,其中,调用请求中携带访问受限信息密级及目标用户所属实体类型信息。 [0018] In step 103, the source user is limited to the encryption algorithm information according to the access to the management center server invocation request, wherein the call request information is limited and the secret level relevant to the target entity type carries user access information. 于本实施例中,源用户从算法控制器接收确定的加密算法后,根据所述加密算法加密访问受限信息。 In the present embodiment, the source user from the received encryption algorithm determined by the controller, according to the encryption algorithm encrypted access restricted information. 此外,目标用户所属实体例如包括本公司董事会、本公司财务部、本公司法律部、本公司技术部、本公司的合作单位、与本公司无合作关系且非竞争对手的单位、本公司的良性竞争对手及本公司的恶性竞争对手。 In addition, the target entity such as a user belongs including the Board of Directors, the Company's Finance Department, the Legal Department, our technical department, the company's cooperative units, and the company has no partnership units and non-competitors, the company's benign competitors and vicious competitor of the company. 然而,本发明对此并不限定。 However, the present invention is not limited to this. 于实际应用中,可根据需要对目标用户所属实体进行具体设置。 In practical applications, can be provided to target specific user belongs entity needed.

[0019] 于步骤104,所述管理中心服务器获取所述目标用户访问权限后,所述源用户绑定所述目标用户访问权限及访问受限信息并向控制器发送分发策略请求,其中,所述分发策略请求中携带源用户、目标用户所属实体类型信息。 After [0019] The server management center obtains the target user's access to the step 104, the source UE to bind the target user access and limited access policy information to the controller transmits the distribution request, wherein the said distribution policy request carries the source user, the target user belongs entity type information.

[0020] 于本实施例中,管理中心服务器存储目标用户访问权限对照表,且目标用户访问权限对照表包括目标用户所属实体类型、访问受限信息及访问权限的对应关系。 [0020] In the present embodiment, the management center server stores the user access to the target table, and the target user access rights table comprises a certain user belongs to entity types, and access to a corresponding relationship between access to restricted information. 于此,目标用户访问权限对照表例如表2所示。 Here, user access to the target table, for example, as shown in Table 2. 然而,本发明并不限定于此。 However, the present invention is not limited thereto.

[0021]用户所属实体^访问受限信息及访问权限 [0021] user belongs entity ^ access restricted information and access

绝密信息 机密信息 秘密信息 Confidential information confidential information secret information

本公司董事会査看、转发查看、转发、修改查看、修改、转发^ The Board of Directors view, forward view, forward, modify, view, modify, forward ^

财务部 查看 查看、转发 查看、转发、修改 Finance Department view to view, forward view, forward, edit

[0022]表 2 [0022] TABLE 2

[0023] 于此,目标用户访问权限对照表可进行预设。 [0023] here, the target user's access control list can be preset. 管理中心服务器根据表2获取目标用户访问权限,并将获取的目标用户访问权限返回给源用户。 Manager server back to the source table for the target users based on user access rights and obtain access to the target user 2. 然而,本发明对此并不限定。 However, the present invention is not limited to this. 于其他实施例中,管理中心服务器例如仅获取目标用户访问权限的模板,并将所述模板返回给源用户,源用户可根据所述模板设定所需的目标用户访问权限,从而获得最终的目标用户访问权限。 In other embodiments, the central management server, such as the template acquires only the target user's access rights, and the template is returned to the source user, source user can set the target user based on the desired access rights template to obtain a final target user access.

[0024] 于本实施例中,源用户获得目标用户访问权限后,绑定目标用户访问权限及访问受限信息并向控制器发送分发策略请求。 After [0024] In the present embodiment, the source user to obtain access to the target user, user access to the binding target and the controller transmits information to the access restricted distribution policy request. 其中,分发策略请求中携带源用户、目标用户所属实体类型信息。 Among them, the source distribution policy request carries the user, the user entity type belongs target information.

[0025] 于步骤105,所述控制器向所述源用户反馈分发策略响应,其中,所述分发策略响应中携带分发策略。 [0025] In step 105, the controller in response to the feedback policy distribution source user, wherein the response carries distribution policy distribution policy.

[0026] 于步骤106,所述源用户根据所述分发策略,将绑定的所述目标用户访问权限及访问受限信息发送至所述目标用户。 And the target user access privileges to access [0026] In step 106, the user according to the source distribution policy, to bind the limited information to the target user. 其中,源用户根据分发策略,将绑定的目标用户访问权限及加密后的访问受限信息,通过通讯服务器发送至目标用户。 Among them, according to the source user distribution policy, access to bind target after encryption and user access restricted information, is sent to the target user via the communication server.

[0027] 于本实施例中,控制器存储用户所属实体的安全等级或优先等级;分发策略。 [0027] In the present embodiment, the memory controller relevant to the user entity security level or priority level; distribution policy. 具体而言,若源用户及目标用户属于同一公司,`且目标用户所属实体的优先等级或安全等级较高,分发策略为:源用户将目标用户访问权限及访问受限信息发送至所有目标用户;若目标用户所属实体的优先等级或安全等级较低,分发策略为:源用户将所述目标用户访问权限及访问受限信息发送至目标用户所属实体的管理员,由管理员发送至所有目标用户。 Specifically, if the source user and the target user belongs to the same company, and `higher priority level or security level of the target user belongs entity, distribution strategy: source user to a target user access rights and limited access to information to all target users ; If the target user belongs to a lower priority level or security level entities distribution strategy: source user to access the target user and administrator access to restricted information to the target user belongs entity, sent by administrators to all target user. 此外,若源用户及目标用户属于不同公司,且目标用户所属实体的安全等级较高,分发策略为:源用户将目标用户访问权限及访问受限信息发送至目标用户所属实体的管理员,由管理员发送至所有目标用户;若目标用户所属实体的安全等级较低,分发策略为:源用户将目标用户访问权限及访问受限信息发送至所有目标用户。 In addition, if the source user and the target user belongs to a different company, and a higher level of security target user belongs entity, distribution strategy: source user to a target user access rights and administrator access to restricted information to the target user belongs entity by the administrator sent to all target user; a lower security level if the target user belongs entity, distribution strategy: source user to a target user access rights and limited access to information to all target users.

[0028] 举例而言,若源用户与目标用户属于同一公司,且目标用户所属实体包括本公司董事会、本公司财务部、本公司法律部及本公司技术部,且目标用户所属实体的优先等级从高至低的顺序为:本公司董事会、本公司法律部、本公司财务部、本公司技术部。 [0028] For example, if the priority source user and the target user belongs to the same company, and the target user belongs entity, including the Company's Board of Directors, the Company's Finance Department, Legal Department of the Company and the Company's technical department, and the target user belongs entity from high to low order: the Board of Directors, the company's legal Department, the Finance Department, the company's technical department. 此时,若目标用户所属实体为本公司董事会,则根据分发策略,源用户会将目标用户访问权限及访问受限信息直接发送至本公司董事会成员(即,目标用户)。 In this case, if the target user is a member entity of the Company Board of Directors, in accordance with the distribution policy, the user will target the source user access rights and access to restricted information sent directly to members of the Board of Directors of the Company (ie, the target user). 此外,若源用户与目标用户属于不同公司,目标用户所属实体包括本公司的合作单位、与本公司无合作关系且非竞争对手的单位、本公司的良性竞争对手及本公司的恶性竞争对手,且目标用户所属实体的安全等级从高至低的顺序为:本公司的合作单位、与本公司无合作关系且非竞争对手的单位、本公司的良性竞争对手、本公司的恶性竞争对手。 In addition, if the source user and the target user belongs to a different company, the target user belongs entity, including the Company's cooperation with, no partnership with the Company and non-competing unit, the company's competitors benign and malignant competitors of the Company, and the security level of the target user belongs entity from high to low order: the company's cooperative units, and the company has no competitors and non-partnership units, the company's healthy competition, the company's vicious competitors. 此时,若目标用户所属实体为本公司的合作单位,则根据分发策略,源用户会将目标用户访问权限及访问受限信息发送至本公司的合作单位的管理员,由管理员发送至本公司合作单位的目标用户。 In this case, if the target user is a member entity of the Company in cooperation, according to the distribution policy, the user will target the source user access rights and access to restricted information to the administrator of the company's cooperation unit, is sent by the administrator to this the company's cooperation with the target user.

[0029] 于步骤107,所述目标用户通过所述管理中心服务器认证后,所述管理中心服务器通知所述算法控制器将所述访问受限信息的加密算法对应的解密规则发送至所述目标用户。 After [0029] In step 107, the target user by the authentication server management center, said management center server notifies the controller algorithm to the decryption algorithm corresponding to the encryption rule access restricted information transmitted to the target user. 具体而言,目标用户接收源用户发送的目标用户访问权限及访问受限信息后,会向管理中心服务器发送认证请求。 Specifically, the target user receives access to the source and target user to access restricted information after the user sends, sends an authentication request to the management server. 其中,认证请求例如包括目标用户的信息。 Wherein the authentication request comprises information e.g. target user. 管理中心服务器接收所述认证请求,且通过目标用户的信息认证后,发送通知信息给算法控制器。 After the management center server receives the authentication request and the authentication information by the target user, the controller transmits the notification information to the algorithm. 其中,通知信息携带源用户信息、访问受限信息及目标用户信息。 Wherein the notification message carries the source of user information, access to restricted information and target user information. 算法控制器接收管理中心服务器的通知信息后,从其存储的源用户信息、访问受限信息及加密算法的对应关系中获得访问受限信息的加密算法及对应的解密规则,并将对应的解密规则发送至目标用户。 Algorithm controller receives notification information server management center, the encryption algorithm and decryption routines to obtain the corresponding access restricted information stored in the user information from its source, and access restricted information corresponding relationship between the encryption algorithm, and the corresponding decryption rule sent to the destination user.

[0030] 于步骤108,所述目标用户根据接收的所述解密规则,处理所述信息。 [0030] In step 108, the target user rules according to the received decrypted, the information processing. 具体而言,目标用户从算法控制器接收解密规则后,根据解密规则解密访问受限信息,同时根据获得的相应权限操作解密后的访问受限信息(例如,查看访问受限信息)。 Specifically, after the user receives the decryption target rules from controller algorithm, according to the rules of the decryption information to decrypt the restricted access, and accessing the decrypted restricted message (e.g., see access restricted information) obtained according to the corresponding operation authority.

[0031] 此外,于本实施例中,若目标用户与所述源用户不属于同一公司,则管理中心服务器根据对外授权策略表确定源用户对外发送信息的授权策略。 [0031] Further, in the present embodiment, if the target user and the user does not belong to the same company source, then the management center server authorization policy determines the source user sends out information according to the external authorization policy table. 其中,对外授权策略表包括源用户级别、目标用户所属实体类型、授权策略、访问受限信息密级、访问权限及访问受限信息的有效期的对应关系。 Among them, the authorization of foreign policy table includes the source user level, the target user belongs entity type, authorization policy, access to restricted information security classification, access privileges and access restricted correspondence between the expiration date information. 于此,对外授权策略表例如表3所示,然而,本发明对此并不限定。 Thereto for licensing policy table as shown in Table 3, however, the present invention is not limited to this.

[0032] [0032]

Figure CN103281304AD00091
Figure CN103281304AD00101
Figure CN103281304AD00111

[0035]表 3 [0035] TABLE 3

[0036] 于实际应用中,表3的内容可根据公司实际需要进行设置。 [0036] In practical applications, the contents of Table 3 may be set according to the actual needs of the company. 于此,源用户级别包括董事长、总经理及董事、部长级别、科长级别及科员级别。 Here, the source user level including the chairman, general manager and director of the ministerial level, the level of section chief and clerk level. 根据源用户级别的不同,源用户对外发送信息的权限不同,且针对不同的对外单位访问受限信息密级、访问权限及有限期均不同。 According to different sources the user level, different rights in the source user sends out information, and for different security classification of foreign units to access restricted information, access and there are different deadlines. 如此,确保对外信息发送的安全性。 So, to ensure the safety of foreign information sent.

[0037] 此外,于本实施例中,控制器周期性统计源用户对外发送信息导致的事故发生率,并根据事故发生率及有效期调整策略调整管理中心服务器中的对外授权策略表中的访问受限信息的有效期。 [0037] Further, in the present embodiment, the controller periodically sends out user statistics source of information due to an accident, and in accordance with the accident rate and by adjusting valid strategy adjustment Manager server external access authorization policy table limit valid information. 于此,对外授权策略表例如表4所示,然而,本发明对此并不限定。 Thereto for licensing policy table as shown in Table 4, however, the present invention is not limited to this.

[0038] [0038]

Figure CN103281304AD00112

[0039]表 4 [0039] TABLE 4

[0040] 举例而言,若由于源用户对外发送信息导致发生事故,且在一个统计周期内的事故发生率例如为7% (其中,事故发生率等于一个统计周期内的对外发送信息导致的事故发生次数与源用户对外发送信息总次数的比值),则根据表3可知,控制器会调整管理中心服务器存储的表3中所有访问受限信息的有限期(S卩,降低10%)。 [0040] For example, if the user sends out information source since cause accidents and accidents within a statistical period, for example (where the accident rate is equal to the period of a statistical information transmitting external cause accidents 7% occurrences of the source user sends out a ratio of the total number of information), it is apparent from table 3, the controller adjusts the center server stores the management table 3 in all access information has a limited period (S Jie, reduced by 10%). 如此,可根据实际情况,实时调整保护措施。 Thus, according to the actual situation, the real-time adjustment of protective measures.

[0041] 具体执行过程为:控制器向管理中心服务器发送有效期调整请求,其中,所述有效期调整请求中携带访问受限信息的有效期调整策略信息;管理中心服务器收到有效期调整请求后,执行访问受限信息的有效期调整策略。 [0041] The specific process is performed: The controller sends valid adjustment request to the management center server, wherein the request carries a validity period adjustment information to adjust the limited access policy information; period after the management center server receives the adjustment request, performs access limited information is valid adjustment strategy. 若一个统计周期内的事故发生率在O〜5%,则有效期调整请求不会触发,有效期仍按照原来的预设值。 If the accident rate in the survey cycle in O~5%, the adjustment request period will not trigger still valid according to the original preset value.

[0042] 此外,于本实施例中,时间片分配器实时监控管理中心服务器的CPU利用率,若管理中心服务器的CPU利用率达到预设值,时间片分配器根据源用户级别分配管理中心服务器的时间片进行轮询。 [0042] Further, in the present embodiment, CPU utilization, real time monitoring and management center sheet dispenser server, if the server's CPU utilization management center reaches a preset value, time sheet dispenser according to the source user level distribution management center server polling time slice. 于此,时间片分配器设置时间片轮询策略对照表,例如表5所示,然而,本发明对此并不限定。 This time slice time slice dispenser disposed polling policy table, as shown in Table 5, however, the present invention is not limited to this.

Figure CN103281304AD00121

[0044]表 5 [0044] TABLE 5

[0045] 具体而言,时间片分配器周期性地检测管理中心服务器的CPU利用率,若管理中心服务器的CPU利用率达到相应阈值时,时间片分配器会将管理中心服务器的工作时间片,通过轮询的方式、进行分配。 [0045] Specifically, the time slice allocator periodically detects CPU utilization central management server, if the server's CPU utilization management center reaches the respective threshold values, the time slice allocator Manager Server will work time slice, by way of polling, allocation. 例如,当管理中心服务器的CPU利用率达到80%时,时间片分配器向管理中心服务器发送时间片分配请求,其中,所述时间片分配请求中携带时间片轮询策略信息。 For example, when the CPU utilization of a server management center 80%, the time slice allocator transmission time slot assignment request to the management center server, wherein the time slot assignment request polling policy information carried in the time slice. 所述管理中心服务器收到所述时间片分配请求后,执行时间片轮询策略;此时,管理中心服务器控制其工作时间片,通过轮询的方式,分配给董事长、总经理及董事、部长级别及科长级别的请求工作,而暂停科员级别的工作。 After the central management server receives the time slice allocation request, a polling time slice execution policy; At this time, the central management server control its operation time slice, by way of polling, assigned to the chairman, Managing Director and, Chief Minister level and working-level request, the suspension of Clerks-level work. 同理,若管理中心服务器的CPU利用率越高,则相应的工作时间片,通过轮询的方式,留给级别越高的源用户。 Similarly, if the CPU utilization of the higher management central server, the corresponding working time slice, by way of polling, the higher the level of the source user left. 如此,根据管理中心服务器的CPU利用率情况由时间片分配器负责分配管理中心服务器的工作时间片,保证了高级别用户的请求,提升了高级别用户的体验,同时,避免了CPU负荷过大,保证了通信安全。 Thus, according to the case management center server CPU utilization is the responsibility of the time slice allocator Manager server working time slice, ensuring a high level of user requests to enhance the high-level user experience while avoiding the CPU load is too large to ensure communication security.

[0046] 图2所示为根据本发明的较佳实施例提供的信息安全的处理系统的示意图。 It is a schematic diagram of the security information processing system provided in accordance with the preferred embodiment of the present invention embodiment [0046] shown in FIG. 2. 如图2所示,本发明的较佳实施例提供的信息安全的处理系统包括源用户10、目标用户13、管理中心服务器12、通讯服务器11、控制器15、算法控制器14及时间片分配器16。 2, 10 of the preferred invention, the target user 13, the management center server 12, the communication server 11, the controller 15, the controller 14 and algorithm source user time slot assignment information security processing system embodiments include 16. 管理中心服务器12分别连接源用户10、目标用户13、时间片分配器16、算法控制器14及控制器15,通讯服务器11连接源用户10及目标用户13,控制器15连接源用户10及管理中心服务器12,算法控制器14连接源用户10及目标用户13。 The central management server 12 are connected to the source user 10, the target user 13, the time slice allocator 16, the algorithm controller 14 and a controller 15, a user communication server 11 is connected to the source 10 and the target user 13, the controller 15 is connected to the source 10 and the user management the center server 12, the controller 14 is connected to the source user algorithm 10 and the target user 13.

[0047] 于本实施例中,源用户10创建访问受限信息,并向算法控制器14发送加密算法请求,其中,加密请求携带访问受限信息密级。 [0047] In the present embodiment, the source 10 creates a user access to restricted information, the controller 14 transmits to the algorithm encryption algorithm request, wherein the request carries the access restricted information encrypted secrets. 算法控制器14接收加密请求,并根据加密算法对照表,按照预设算法选取策略,确定访问受限信息的加密算法,并将加密算法发送至源用户10。 Encryption algorithm controller 14 receives the request, according to the encryption algorithm and table, according to a preset algorithm selection policy, determine restricted access encryption algorithm, the encryption algorithm and sent to the source user 10. 源用户10根据加密算法加密访问受限信息,并向管理中心服务器12发送调用请求,其中,调用请求中携带访问受限信息密级及目标用户所属实体类型信息。 10 encrypted access source user information according to the encryption algorithm is limited to the management center server 12 sends the invocation request, wherein the call request information is limited and the secret level of information relevant to the type of the target user entity to carry access. 管理中心服务器12获取目标用户访问权限后,源用户10绑定目标用户访问权限及访问受限信息并向控制器15发送分发策略请求,其中,分发策略请求中携带源用户、目标用户所属实体类型信息。 After the management center server to obtain access to the target user 12, source 10 binding target user user access rights and access to restricted information to the controller 15 sends distribution policy request, which carries the distribution policy request source user, the target user belongs entity type information. 控制器15向源用户10反馈分发策略响应,其中,分发策略响应中携带分发策略。 The controller feedback 15 to the source distribution policy in response to user 10, wherein the response carries distribution policy distribution policy. 源用户10根据分发策略,将绑定的目标用户访问权限及访问受限信息发送至目标用户13。 10 According to the source user distribution policy, the goal will be bound to user access rights and access to restricted information to the target user 13. 目标用户13通过管理中心服务器12认证后,管理中心服务器12通知算法控制器14将访问受限信息的加密算法对应的解密规则发送至目标用户13。 After the management center 13 by the target user authentication server 12, the management server 12 notifies the central controller 14 to access restricted algorithm decryption algorithm corresponding to the encryption rules information 13 sent to the target user. 目标用户13根据接收的解密规则,处理所述信息。 The target user 13 to decrypt the received rule, the information is processed. 控制器15周期性统计源用户10对外发送信息导致的事故发生率,并根据事故发生率及有效期调整策略调整管理中心服务器12中的对外授权策略表中的访问受限信息的有效期。 The controller 15 periodic statistical source user 10 sends out information leading to the accident rate, and adjust the policies to adjust Manager server based on the accident rate and duration of visit 12 foreign authorization policy table limited validity period information. 时间片分配器16监控管理中心服务器12的CPU利用率,若管理中心服务器12的CPU利用率达到预设值,时间片分配器16根据源用户级别分配管理中心服务器12的时间片进行轮询。 Time slice allocator 16 CPU utilization monitoring and management center server 12, if the CPU utilization management center server 12 reaches a preset value, time slice allocator 16 performs polling according to the source user level distribution management center server 12 is a time slice. 关于上述系统的具体操作过程同上述方法所述,故于此不再赘述。 The specific process of the above operation of the system with the above-described method, therefore omitted herein.

[0048] 综上所述,根据本发明较佳实施例提供的信息安全的处理方法及系统,源用户根据从算法控制器获得的加密算法加密访问受限信息,从而确保信息安全。 [0048] As described above, the information processing method and a security system according to the preferred embodiment of the present invention, according to the source user to access the encrypted encryption algorithm from the algorithm controller obtained information is limited to ensure information security. 而且,管理中心服务器获取目标用户访问权限后,源用户根据目标用户所属实体类型,从控制器获取分发策略,按照分发策略,将绑定目标用户访问权限及访问受限信息发送至目标用户。 Moreover, after the management center server obtains the target user access rights, source user, access to distribution policy from the controller based on the target user belongs entity type, in accordance with the distribution policy, the binding target user access rights and access to restricted information to the target user. 如此,实现了信息的安全认证,从而保证了信息安全。 So, to achieve the security authentication information, so as to ensure information security. 另外,控制器周期性统计源用户对外发送信息导致的事故发生率,并根据事故发生率及有效期调整策略调整管理中心服务器中对外授权策略表中的访问受限信息的有效期。 In addition, the controller sends out periodic statistical source user information leading to the accident rate, and adjust the policies to adjust Manager server for licensing restricted access policy table information is valid according to the accident rate and the expiration date. 如此,可根据实际情况,实时调整保护措施。 Thus, according to the actual situation, the real-time adjustment of protective measures. 此外,时间片分配器监控管理中心服务器的CPU利用率,若管理中心服务器的CPU利用率达到预设值,时间片分配器根据源用户级别分配管理中心服务器的时间片进行轮询。 Further, the time slice allocator monitoring and management center server CPU utilization, CPU utilization management center if the server reaches a preset value, time slice according to a time slice allocator polling source user level distribution management center server. 如此,避免CPU负荷过大,从而保证了通信安全。 So, to avoid the CPU load is too large, so as to ensure communication security.

[0049] 以上所述仅为本发明的优选实施例而已,并不用于限制本发明,对于本领域的技术人员来说,本发明可以有各种更改和变化。 [0049] The above description is only preferred embodiments of the present invention, it is not intended to limit the invention to those skilled in the art, the present invention may have various changes and variations. 凡在本发明的精神和原则之内,所作的任何修改、等同替换、改进等,均应包含在本发明的保护范围之内。 Any modification within the spirit and principle of the present invention, made, equivalent substitutions, improvements, etc., should be included within the scope of the present invention.

Claims (10)

1.一种信息安全的处理方法,其特征在于,包括以下步骤: 源用户创建访问受限信息,并向算法控制器发送加密请求,其中,所述加密请求携带访问受限信息密级; 所述算法控制器接收所述加密请求,并根据加密算法对照表,按照预设算法选取策略,确定所述访问受限信息的加密算法,并将所述加密算法发送至所述源用户; 所述源用户根据所述加密算法加密所述访问受限信息,并向管理中心服务器发送调用请求,其中,调用请求中携带访问受限信息密级及目标用户所属实体类型信息; 所述管理中心服务器获取所述目标用户访问权限后,所述源用户绑定所述目标用户访问权限及访问受限信息并向控制器发送分发策略请求,其中,所述分发策略请求中携带源用户、目标用户所属实体类型信息; 所述控制器向所述源用户反馈分发策略响应,其中,所述 1. An information security processing method characterized by comprising the steps of: creating a source user to access restricted information, and transmits the encryption algorithm controller request, wherein the request carries the access restricted information encrypted security classification; the the encryption algorithm controller receives the request, according to the encryption algorithm and table, according to a preset algorithm selection strategy, determining the access information of the restricted encryption algorithm, the encryption algorithm and is sent to the source user; the source the user is limited to the encryption algorithm to the access information, and sends the call request to the central management server, wherein the call request information is limited and the target user belongs secret level entity types carried access; the management center acquires the server after the target user access rights, the source user to bind to the target user access rights and access to restricted information to the controller sends distribution policy request, wherein the distribution policy request carries user source, target user belongs entity type information ; the distribution policy feedback controller in response to the source user, wherein the 发策略响应中携带分发策略; 所述源用户根据所述分发策略,将绑定的所述目标用户访问权限及访问受限信息发送至所述目标用户; 所述目标用户通过所述管理中心服务器认证后,所述管理中心服务器通知所述算法控制器将所述访问受限信息的加密算法对应的解密规则发送至所述目标用户; 所述目标用户根据接收的所述解密规则,处理所述信息, 其中,所述控制器周期性统计所述源用户对外发送信息导致的事故发生率,并根据事故发生率及有效期调整策略调整所述管理中心服务器中对外授权策略表中的访问受限信息的有效期, 时间片分配器监控所述管理中心服务器的CPU利用率,若所述管理中心服务器的CPU利用率达到预设值,所述时间片分配器根据源用户级别分配所述管理中心服务器的时间片进行轮询。 Hair response carries policy distribution policy; the target user access permissions, and access to the user according to the source distribution policy, the limited binding information to the target user; the target user by the central management server after the authentication, the management server notifies the central controller algorithm to the decryption algorithm corresponding to the encryption rule access restricted information is sent to the target user; the target user based on the received decryption rule, the process information, wherein the controller periodically sends out statistics of the source user information leading to the accident rate and the accident rate and adjusted according to the validity of access policy Manager server to adjust the policy table for licensing restricted information valid, the CPU utilization of the time slice allocator monitoring server management center, said management center if the CPU utilization of the server reaches a preset value, the dispenser according to the time slice allocated to the source user level management center server polling time slice.
2.根据权利要求1所述的方法,其特征在于,所述管理中心服务器存储目标用户访问权限对照表,所述目标用户访问权限对照表包括目标用户所属实体类型、访问受限信息及访问权限的对应关系。 2. The method according to claim 1, wherein said management center server stores the target user access rights table, the target user access rights table comprises a certain user belongs entity type, and access to the restricted access information correspondence.
3.根据权利要求1或2所述的方法,其特征在于,所述访问受限信息包括绝密信息、机密信息及秘密信息。 3. The method of claim 1 or claim 2, wherein the access restricted information including confidential information, confidential and secret information.
4.根据权利要求1所述的方法,其特征在于,若源用户及目标用户属于同一公司,且目标用户所属实体的优先等级或安全等级较高,所述分发策略为:所述源用户将所述目标用户访问权限及访问受限信息发送至所有目标用户; 若目标用户所属实体的优先等级或安全等级较低,所述分发策略为:所述源用户将所述目标用户访问权限及访问受限信息发送至目标用户所属实体的管理员,由所述管理员发送至所有目标用户。 4. The method according to claim 1, wherein, if the source user and the destination user belongs to the same company, and a high priority or security level of the target user belongs entity, the distribution strategy: the source user the target user access rights and limited access to information to all target user; a lower priority level or security level if the target user is a member entity of the distribution strategy: the source user to the target user access rights and access limited information is sent to the administrator of the target user belongs entity, is sent by the administrator to all target users.
5.根据权利要求1所述的方法,其特征在于,若源用户及目标用户属于不同公司,且目标用户所属实体的安全等级较高,所述分发策略为:所述源用户将所述目标用户访问权限及访问受限信息发送至目标用户所属实体的管理员,由所述管理员发送至所有目标用户; 若目标用户所属实体的安全等级较低,所述分发策略为:所述源用户将所述目标用户访问权限及访问受限信息发送至所有目标用户。 5. The method according to claim 1, characterized in that, the higher the security level owning entity if the source and target users belong to different user companies, and the target user, the distribution policy: the target user of the source user access and administrator access to restricted information to the target user belongs entity, sent by the administrator to all target user; a lower security level if the target user is a member entity of the distribution strategy: the source user the target user access rights and limited access to information to all target users.
6.根据权利要求1所述的方法,其特征在于,若目标用户与所述源用户不属于同一公司,则所述管理中心服务器根据所述对外授权策略表确定所述源用户对外发送信息的授权策略。 6. The method according to claim 1, wherein, if the target user and the user does not belong to the same company source, then the source user to the server management center sends out the information table is determined according to the external authorization policy authorization policy.
7.根据权利要求6所述的方法,其特征在于,所述对外授权策略表包括源用户级别、目标用户所属实体类型、授权策略、访问受限信息密级、访问权限及访问受限信息的有效期的对应关系。 7. The method according to claim 6, wherein said table includes a source of external user authorization policy level, the user belongs to certain type of entity, an authorization policy, access to the restricted security classification information, and access to the restricted access information is valid correspondence.
8.根据权利要求1所述的方法,其特征在于,所述算法控制器存储所述加密算法对照表,其中,所述加密算法对照表包括访问受限信息密级、加密算法及预设算法选取策略的对应关系。 8. The method according to claim 1, wherein said controller stores the algorithm encryption algorithm table, wherein the encryption algorithm comprises a table access restricted security classification information, select an encryption algorithm and a preset algorithm correspondence between the policy.
9.根据权利要求1或8所述的方法,其特征在于,所述预设算法选取策略包括:顺序选取、随机选取、折半选取。 9. The method of claim 1 or claim 8, wherein said predefined algorithm selection strategy comprising: sequentially selecting, randomly selected, binary selection.
10.一种信息安全的处理系统,其特征在于,包括源用户、目标用户、管理中心服务器、通讯服务器、控制器、算法控制器及时间片分配器,所述管理中心服务器分别连接所述源用户、所述目标用户、所述时间片分配器、所述控制器及所述算法控制器,所述通讯服务器连接所述源用户及所述目标用户,所述控制器连接所述源用户及所述管理中心服务器,所述算法控制器连接所述源用户及所述目标用户, 其中,所述源用户创建访问受限信息,并向所述算法控制器发送加密算法请求,其中,所述加密请求携带访问受限信息密级, 所述算法控制器接收所述加密请求,并根据加密算法对照表,按照预设算法选取策略,确定所述访问受限信息的加密算法,并将所述加密算法发送至所述源用户, 所述源用户根据所述加密算法加密所述访问受限信息,并向所述管 10. An information security processing system comprising a source user, the target user, the management center server, communication server, a controller, and the controller algorithm dispenser time slice, the central management server is connected to the source user, the target user, the time slice dispenser, the controller and the controller algorithm, the communications server is connected to the source user and the target user, the controller is connected to the source user and the server management center, said algorithm controller is connected to the source user and the target user, wherein the source user to create an access restricted information, the algorithm and the encryption algorithm controller transmits a request, wherein said restricted access request carries information encrypted security classification, the encryption algorithm controller receives the request, according to the encryption algorithm and table, according to a preset algorithm selection policy, the encryption algorithm is determined to access the restricted information, and the encrypted algorithm sends to the source user, the source user information is limited according to the encryption algorithm to the access, and the tube 中心服务器发送调用请求,其中,调用请求中携带访问受限信息密级及目标用户所属实体类型信息, 所述管理中心服务器获取所述目标用户访问权限后,所述源用户绑定所述目标用户访问权限及访问受限信息并向所述控制器发送分发策略请求,其中,所述分发策略请求中携带源用户、目标用户所属实体类型信息, 所述控制器向所述源用户反馈分发策略响应,其中,所述分发策略响应中携带分发策略, 所述源用户根据所述分发策略,将绑定的所述目标用户访问权限及访问受限信息发送至所述目标用户, 所述目标用户通过所述管理中心服务器认证后,所述管理中心服务器通知所述算法控制器将所述访问受限信息的加密算法对应的解密规则发送至所述目标用户, 所述目标用户根据接收的所述解密规则,处理所述信息, 所述控制器周期性统计所述源 After the center server invocation request, which carries call request access to restricted information secret level and a target user belongs entity type information, the central management server acquires the target user access rights, the user of the source user to access the target binding and permission to access the restricted information distribution policy request sent by the controller, wherein the source distribution policy request carries the user, the target user belongs entity type information, the feedback controller in response to the policy distribution source user, the target user access privileges to access and wherein the response carries distribution policy distribution policy, the user according to the source distribution policy, the limited binding information to the target user, the target user by the later authentication server management center, said management center server notifies the access controller the algorithm decryption algorithm corresponding to the encryption rules restricted information transmitted to the target user, the target user according to the received decryption routines processing the information, the controller periodically said source statistics 户对外发送信息导致的事故发生率,并根据事故发生率及有效期调整策略调整所述管理中心服务器中的对外授权策略表中的访问受限信息的有效期, 所述时间片分配器监控所述管理中心服务器的CPU利用率,若所述管理中心服务器的CPU利用率达到预设值,所述时间片分配器根据源用户级别分配所述管理中心服务器的时间片进行轮询。 User sends out information leading to the accident rate, and limited information is valid according to the accident rate and duration of the adjustment strategy to adjust the management center server external access authorization policy table, the time sheet dispenser monitor the management CPU utilization central server, if the CPU utilization management center server reaches a preset value, the time slice according to a time slice allocator polling source user level assigned to the central management server.
CN2013101562054A 2013-04-28 2013-04-28 Information safety processing method and system CN103281304A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2013101562054A CN103281304A (en) 2013-04-28 2013-04-28 Information safety processing method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2013101562054A CN103281304A (en) 2013-04-28 2013-04-28 Information safety processing method and system

Publications (1)

Publication Number Publication Date
CN103281304A true CN103281304A (en) 2013-09-04

Family

ID=49063751

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2013101562054A CN103281304A (en) 2013-04-28 2013-04-28 Information safety processing method and system

Country Status (1)

Country Link
CN (1) CN103281304A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014176899A1 (en) * 2013-04-28 2014-11-06 苏州亿倍信息技术有限公司 Information security management method and system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060190995A1 (en) * 1999-09-29 2006-08-24 Fuji Xerox Co., Ltd. Access privilege transferring method
CN101320414A (en) * 2007-06-05 2008-12-10 精品科技股份有限公司 Electronic document information security control system and method
CN102065430A (en) * 2010-12-28 2011-05-18 上海华御信息技术有限公司 Method for realizing safe access of terminal of internet of thing
CN102087690A (en) * 2009-12-02 2011-06-08 富士施乐株式会社 Document management system and document management method

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060190995A1 (en) * 1999-09-29 2006-08-24 Fuji Xerox Co., Ltd. Access privilege transferring method
CN101320414A (en) * 2007-06-05 2008-12-10 精品科技股份有限公司 Electronic document information security control system and method
CN102087690A (en) * 2009-12-02 2011-06-08 富士施乐株式会社 Document management system and document management method
CN102065430A (en) * 2010-12-28 2011-05-18 上海华御信息技术有限公司 Method for realizing safe access of terminal of internet of thing

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014176899A1 (en) * 2013-04-28 2014-11-06 苏州亿倍信息技术有限公司 Information security management method and system

Similar Documents

Publication Publication Date Title
US6289450B1 (en) Information security architecture for encrypting documents for remote access while maintaining access control
US8059818B2 (en) Accessing protected data on network storage from multiple devices
Humphrey et al. Security for grids
Ongtang et al. Porscha: Policy oriented secure content handling in Android
KR101313480B1 (en) Apparatus and methods for providing authorized device access
US7565683B1 (en) Method and system for implementing changes to security policies in a distributed security system
CA2509206C (en) System for digital rights management using distributed provisioning and authentication
US20040117623A1 (en) Methods and apparatus for secure data communication links
US20030110397A1 (en) Guaranteed delivery of changes to security policies in a distributed system
US8424072B2 (en) Behavior-based security system
CN101529412B (en) Data File Access Control
US9384339B2 (en) Authenticating cloud computing enabling secure services
US8595494B2 (en) Method for managing access to protected resources in a computer network, physical entities and computer programs therefor
CN101821747B (en) Multi-factor content protection method and system
US20180352005A1 (en) Data sensitivity based authentication and authorization
JP5791633B2 (en) Communication system, cloud server, mobile communication device, communication system control method, and program
JP2009526322A (en) Secure digital content management using change identifiers
US20120317624A1 (en) Method for managing access to protected resources and delegating authority in a computer network
JP2004180280A (en) Method and system for adaptive authorization
US8943575B2 (en) Method and system for policy simulation
US20130086662A1 (en) Parameter based key derivation
US8225390B2 (en) Licensing protected content to application sets
US20150281193A1 (en) Methods and Apparatus for Data Access Control
US9886574B2 (en) Mobile credential revocation
US8799981B2 (en) Privacy protection system

Legal Events

Date Code Title Description
C06 Publication
C10 Entry into substantive examination
C02 Deemed withdrawal of patent application after publication (patent law 2001)