CN105550597A - Information scanning based terminal management method and apparatus - Google Patents
Information scanning based terminal management method and apparatus Download PDFInfo
- Publication number
- CN105550597A CN105550597A CN201510993369.1A CN201510993369A CN105550597A CN 105550597 A CN105550597 A CN 105550597A CN 201510993369 A CN201510993369 A CN 201510993369A CN 105550597 A CN105550597 A CN 105550597A
- Authority
- CN
- China
- Prior art keywords
- terminal
- information object
- terminal management
- information
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Storage Device Security (AREA)
Abstract
Embodiments of the invention provide an information scanning based terminal management method and apparatus. The method comprises the steps of identifying a characteristic information object from a plurality of information objects of a terminal according to a preset identification rule and uploading an identification result to a server; receiving a terminal management policy configured for the terminal by the server according to the identification result, wherein the terminal management policy indicates a setting state of at least one security setting item associated with the characteristic information object in the terminal; and executing the terminal management policy to realize the security management of the terminal. Compared with a conventional manual setting based terminal management policy, the terminal management policy configured according to the scheme provided by the invention can protect the security of the terminal more comprehensively and effectively.
Description
Technical field
The present invention relates to Internet technical field, particularly relate to a kind of terminal management method based on information scanning and a kind of terminal management apparatus based on information scanning.
Background technology
Along with extensively popularizing of internet, a lot of mechanism all establishes network information system.Most network information system comprises at least one server and multiple terminal.
When terminal storage has secret file or vital document, need to carry out safety management to described terminal, prevent the secret file of terminal storage or vital document from revealing, ensure secret file or the vital document safety of terminal storage.
Such as, for certain department, some relates to the file of company's secret, or certain terminal preserves private account information, bank card account number password etc., based on the consideration to safety such as secret file, private account information and bank's card number passwords, therefore need to configure different Security Strategies respectively to the terminal of different terminals or different department.But in practical operation, Security Strategies is arranged by staff usually, complex steps and consuming time; Further, because arranging of terminal authorization is of a great variety, most people do not know how to arrange, and cannot realize the effect of security protection.
Summary of the invention
In view of the above problems, the present invention is proposed to provide a kind of overcoming the problems referred to above or the terminal management method based on information scanning that solves the problem at least in part and accordingly based on the terminal management apparatus of information scanning.
According to one aspect of the present invention, provide a kind of terminal management method based on information scanning, comprising:
According to preset recognition rule, identifying signature object from terminal multiple information object, and recognition result is uploaded onto the server;
Receive described server according to the terminal management strategy of described recognition result to described terminal configuration, in described terminal management strategy indicating terminal with at least one security setting item of described characteristic information object association state is set;
Perform described terminal management strategy, to realize the safety management to described terminal.
Alternatively, described according to preset recognition rule, from terminal multiple information object before identifying signature object, described method also comprises:
Described recognition rule is downloaded from server, or, the recognition rule that reception server issues.
Alternatively, described according to preset recognition rule, from terminal multiple information object before identifying signature object, described method also comprises:
Obtain the historical operation record of described terminal to described information object, from described historical operation record, extract each information object of historical operation.
Alternatively, the historical operation record of described acquisition terminal to information object comprises:
The target registered table of accessing operation system, reads the history access record to information object and historical search record from described target registered table;
And/or, from the relative position of shared file supervisory routine, read the share and access record to multiple operation systems share information object.
Alternatively, the key word that described recognition rule indicates the attribute information of described characteristic information object to comprise, described according to preset recognition rule, identifying signature object from terminal multiple information object, and recognition result is uploaded onto the server comprise:
If the attribute information of described information object hits at least one key word of described recognition rule instruction, then determine that described information object is characteristic information object, described attribute information comprises at least one in the name of the information of described information object, information type and the information content;
The characteristic information object of identification and/or the number of characteristic information object are uploaded to described server.
Alternatively, described recognition rule indicates the information path identified according to the order of sequence;
Described according to preset recognition rule, from terminal multiple information object, identifying signature object is:
According to the preferential information path identified and/or the information path ignoring identification, successively each information object is identified.
Alternatively, described recognition rule instruction identifies at least one in the execution duration of the identifying operation of multiple information object, information object size to be identified and number.
Alternatively, the described server of described reception comprises according to the terminal management strategy of described recognition result object to described terminal configuration:
Receive the number of described server according to the characteristic information object identified to the terminal management strategy of described terminal configuration.
Alternatively, the described terminal management strategy of described execution, to realize comprising the management of described terminal:
What indicate according to described terminal management strategy arranges state, arranges at least one security setting item of described terminal.
Alternatively, described recognition rule also indicates the information object said features classification comprising each key word, described according to preset recognition rule, identifying signature object from terminal multiple information object, and is uploaded onto the server by recognition result and comprise:
According to the key word that described characteristic information object hits, determine that described characteristic information object said features is classified;
The described server of described reception according to the terminal management strategy of described recognition result to described terminal configuration is, receives the characteristic type of described server according to the characteristic information object identified, to the terminal management strategy of described terminal configuration.
Present invention also offers a kind of terminal management apparatus based on information scanning, comprising:
Characteristic information Object identifying module, for according to preset recognition rule, identifying signature object from terminal multiple information object, and recognition result is uploaded onto the server;
Terminal management Policy receipt module, for receiving described server according to the terminal management strategy of described recognition result to described terminal configuration, in described terminal management strategy indicating terminal with at least one security setting item of described characteristic information object association state is set;
Terminal management policy enforcement module, for performing described terminal management strategy, to realize the safety management to described terminal.
Alternatively, described device also comprises:
Recognition rule receiver module, for described according to preset recognition rule, from terminal multiple information object before identifying signature object, download described recognition rule from server, or, the recognition rule that reception server issues.
Alternatively, described device also comprises:
Information object extraction module, for described according to preset recognition rule, from terminal multiple information object before identifying signature object, obtain the historical operation record of described terminal to described information object, from described historical operation record, extract each information object of historical operation.
Alternatively, described information object extraction module comprises:
Historical record reading submodule, for the target registered table of accessing operation system, reads the history access record to information object and historical search record from described target registered table;
And/or share and access record reading submodule, for the relative position from shared file supervisory routine, reads the share and access record to multiple operation systems share information object.
Alternatively, the key word that described recognition rule indicates the attribute information of described characteristic information object to comprise, described characteristic information Object identifying module comprises:
Characteristic information object determination submodule, if the attribute information for described information object hits at least one key word of described recognition rule instruction, then determine that described information object is characteristic information object, described attribute information comprises at least one in the name of the information of described information object, information type and the information content;
Recognition result sends submodule, for the characteristic information object of identification and/or the number of characteristic information object are uploaded to described server.
Alternatively, described recognition rule indicates the information path identified according to the order of sequence;
Described characteristic information Object identifying module, specifically for according to the preferential information path identified and/or the information path ignoring identification, identifies each information object successively.
Alternatively, described recognition rule instruction identifies at least one in the execution duration of the identifying operation of multiple information object, information object size to be identified and number.
Alternatively, described terminal management Policy receipt module, specifically for receiving the number of described server according to the characteristic information object identified to the terminal management strategy of described terminal configuration.
Alternatively, described terminal management policy enforcement module, arranges state specifically for what indicate according to described terminal management strategy, arranges at least one security setting item of described terminal.
Alternatively, described recognition rule also indicates the information object said features classification comprising each key word, described characteristic information Object identifying module, specifically for the key word hit according to described characteristic information object, determines that described characteristic information object said features is classified;
Described terminal management Policy receipt module, specifically for receiving the characteristic type of described server according to the characteristic information object identified, to the terminal management strategy of described terminal configuration.
Pass through the embodiment of the present invention, according to preset recognition rule, the multiple information object of automatic sense terminals, identifying signature object from terminal multiple information object, and recognition result is uploaded onto the server, server is according to the recognition result configurating terminal operating strategy uploaded, and the terminal management strategy that terminal configures according to server arranges state from least one security setting item of Row sum-equal matrix and described characteristic information object association.Relative to traditional terminal management strategy arranged manually, the terminal management strategy according to the solution of the present invention configuration can protect the safety of terminal more all sidedly, effectively.
Above-mentioned explanation is only the general introduction of technical solution of the present invention, in order to technological means of the present invention can be better understood, and can be implemented according to the content of instructions, and can become apparent, below especially exemplified by the specific embodiment of the present invention to allow above and other objects of the present invention, feature and advantage.
Accompanying drawing explanation
By reading hereafter detailed description of the preferred embodiment, various other advantage and benefit will become cheer and bright for those of ordinary skill in the art.Accompanying drawing only for illustrating the object of preferred implementation, and does not think limitation of the present invention.And in whole accompanying drawing, represent identical parts by identical reference symbol.In the accompanying drawings:
Fig. 1 shows the flow chart of steps of a kind of terminal management method based on information scanning according to the embodiment of the present invention 1;
Fig. 2 shows the flow chart of steps of a kind of terminal management method based on information scanning according to the embodiment of the present invention 2;
Fig. 3 shows the structured flowchart of a kind of terminal management apparatus based on information scanning according to the embodiment of the present invention 1;
Fig. 4 shows the structured flowchart of a kind of terminal management apparatus based on information scanning according to the embodiment of the present invention 2.
Embodiment
Below with reference to accompanying drawings exemplary embodiment of the present disclosure is described in more detail.Although show exemplary embodiment of the present disclosure in accompanying drawing, however should be appreciated that can realize the disclosure in a variety of manners and not should limit by the embodiment set forth here.On the contrary, provide these embodiments to be in order to more thoroughly the disclosure can be understood, and complete for the scope of the present disclosure can be conveyed to those skilled in the art.
With reference to Fig. 1, show the flow chart of steps of a kind of terminal management method based on information scanning according to the embodiment of the present invention 1, specifically can comprise the steps:
Step 101, according to preset recognition rule, identifying signature object from terminal multiple information object, and recognition result is uploaded onto the server.
In the embodiment of the present invention, described information object can for the external equipment of the website being stored in the file of described terminal, described terminal is browsed, described terminal or other can at least one in detected object, file can be shared file etc. between various types of document, multiple operating system.
Characteristic information object can for possessing the information object of specific properties, such as danger is higher, or relate to secure content, or other needs cause situation of terminal being carried out to security protection etc., based on the characteristic information object that terminal exists, need the Safeguard tactics that configuration is corresponding, with maintenance terminal or the safety of information object.
Recognition rule may be used for identifying signature object from terminal multiple information object.Such as, recognition rule can the file name of indicative character information object or the key word that comprises, can be comprise file name or key word regular expression etc., described recognition result can be the number of the characteristic information object identified and/or the characteristic information object identified.
When terminal management, the recognition rule that reception server sends, according to the recognition rule received, from terminal multiple information object after identifying signature object, the characteristic information object identified can be added up further, such as the number of statistical nature information object and statistical nature information object number can account for the ratio of information object sum, the ratio of information object sum and the relation of terminal value grade can be accounted for based on the characteristic information object number divided in advance, determine the value grade of terminal, other information can also be added up, the present invention does not limit at this.So that testing result and statistics are illustrated in terminal page, check for user.According to preset recognition rule, the identification to the multiple information object of all terminals of the whole network can be realized, make the scope of Terminal Security Management more comprehensive.
In specific implementation, client corresponding to the present invention can provide, the edit page being used for recognition rule is set in client, the setting of recognition rule is provided or adds entrance.
When information object is document, characteristic information object can be black file or the file having specific information, can formulate recognition rule according to the actual requirements, such as, can according to filename, concrete by searching in terminal the file with described filename, can determine characteristic information object; Can according to file content, concrete can by searching in terminal the file with described file content, and determine characteristic information object, described file content can comprise multiple, as other guides such as key word, author, statements; Can according to file path, concrete by searching the file under specified file path, can determine characteristic information object.
When information object is website, characteristic information object is the website possible bringing security threat to the Web browsing application in terminal or terminal, can preset various keyword or blacklist identify.Such as, can preset web site name or website or other information, from history access record, search the website with described web site name or website.
When information object is the external equipment of terminal, such as USB flash disk, keyboard etc.Characteristic information object can for having the external equipment of security threat to terminal or needing the external equipment of special protection; can identify according to the various access informations of external equipment; such as can identify according to device name; attribute (such as title, capacity etc.) according to external equipment identifies etc.
Step 102, receives described server according to the terminal management strategy of described recognition result to described terminal configuration, in described terminal management strategy indicating terminal with at least one security setting item of described characteristic information object association state is set.
In the embodiment of the present invention, terminal management strategy can for carrying out the Security Strategies of safety management to terminal characteristic information object.Server can according to the recognition result configuration Security Strategies received.
Described security setting item can comprise following at least one: the security setting item realizing identity verify, the security setting item realizing security audit, realize access control security setting item, realize the security setting item of resources control and realize the security setting item of intrusion defense.
Further, the security setting item realizing identity verify can comprise realize logging in the security setting item unsuccessfully limited, the security setting item realizing local identity theft, realize in security setting item that password maintenance requires and other security setting items one or more.Wherein, the security setting item such as time that the security setting item unsuccessfully limited can comprise account lock threshold, account locking time and reset account lock count device is realized logging in; The security setting item realizing local identity theft can comprise to need password (connection battery) when waking computing machine up, need the security setting items such as password (switching on power), startup screen defence program and cryptoguard screen protection program when waking computing machine up; The security setting item realizing password maintenance requirement can comprise Password Length, password most short life, maximum password age limit and force the security setting items such as password history.For at least one setting option realizing comprising in the security setting item of identity verify, can arrange in account locking number of times, account locking time, the minimum number of characters of password, days, pressure password history number, cloud disc-type, capacity levels (such as GB, TB etc.), processing mode and other parameters one or more, what generate described security setting item arranges state.Such as can arrange that Password Length is 8 characters, the most short life of password is 1 day, maximum password age is limited to 90 days, force password history to be 10 and processing mode is automatic processing mode.
The security setting item realizing security audit can comprise realize account management examination & verification, realize logging in nullify examination & verification, realize in other operating rights and other setting options one or more.Further, the security setting item realizing account management examination & verification can comprise examination & verification computing machine account management, the management of examination & verification user account, the locking of examination & verification account and audit the security setting items such as other account management events; Realize logging in that the security setting item nullifying examination & verification can comprise examination & verification login event, the checking of examination & verification authority, audits other account login event, examination & verification is nullified, audit other and log in/Logout Events and audit the special security setting item such as to log in; The security setting item realizing other operating rights can comprise the setting option such as examination & verification authentication service and examination & verification Secure group management.
Correspondingly, for at least one setting option realizing comprising in the security setting item of security audit, can arrange in auditing result (such as success, failure, success and failure), examination & verification form (such as having examination & verification, examination & verification), cloud disc-type, capacity levels (such as GB, TB etc.), processing mode and other parameters one or more, what generate described security setting item arranges state.
The security setting item realizing access control can comprise realize Secure Network Assecc and control security setting item, realize security setting item that account access controls and realize the security setting item etc. of account control of authority.Wherein, realize the security setting item that Secure Network Assecc controls can comprise and do not allow SAM (SecurityAccountManager, Security Accounts Manager) anonymity of account enumerates, do not allow SAM account and shared anonymity to enumerate, can anonymous access named pipes, can the sharing of anonymous access, restriction, the mapping program client validation of RPC emphasis for not verified RPC (RemoteProcedureCallProtocol, remote procedure call protocol) client and forbid the security setting items such as remote desktop; Realize security setting item that account access controls and the security setting item such as can comprise guest's account status and use the local account of null password only to allow to carry out that control desk logs in; The security setting item realizing account control of authority can comprise refusal network and accesses this computing machine and allow by security setting items such as remote desktop service login.
Correspondingly, for at least one setting option realizing comprising in the security setting item of access control, can arrange in the using state (such as start, forbid) of operating right of security setting item instruction, account rights parameters (such as only allow client, only allow keeper), cloud disc-type, capacity levels (such as GB, TB etc.), processing mode and other parameters one or more, what generate described security setting item arranges state.
The security setting item realizing resources control can comprise realize Service Source control security setting item, practical function assembly control security setting item and realize device resource control security setting item etc.Further, the security setting item realizing Service Source control can comprise the security setting items such as BluetoothSupportService (bluetooth Service supportive), TerminalServices (remote desktop service) and FTPPublishingService (file transfer protocol (FTP) issuing service); The security setting item that practical function assembly controls can comprise the security setting items such as InternetInformationService (Internet Information Service) Telnet (Telnet) server; The security setting item realizing device resource control can comprise security setting items such as allowing remote access plug and play interface setting option.
Correspondingly, for at least one setting option realizing comprising in the security setting item of resources control, can arrange in the using state (such as start, forbid) of operating right of security setting item instruction, the installment state (such as allowing to install, do not allow installation) of functional module, cloud disc-type, capacity levels (such as GB, TB etc.), processing mode and other parameters one or more, what generate described security setting item arranges state.
The security setting item realizing intrusion defense can comprise the security setting item realizing network configuration intrusion defense and the security setting item etc. realizing application safety configuration intrusion defense.Further, the security setting item realizing network configuration intrusion defense can comprise closes item such as security setting such as hand-written individuation data shared grade; The security setting item realizing application safety configuration intrusion defense can comprise closedown shell protocol protected mode, closes the DEP of explorer and close the security setting items such as broadcasting automatically.
Correspondingly, for at least one setting option realizing comprising in the security setting item of intrusion defense, can arrange in the using state (such as start, forbid) of operating right of security setting item instruction, cloud disc-type, capacity levels (such as GB, TB etc.), processing mode and other parameters one or more, what generate described security setting item arranges state.
In specific implementation, can arrange at server client and formulate terminal management strategy edit page, by in edit page select or insert with at least one security setting item of described characteristic information object association state is set, generate corresponding terminal management strategy.
Step 103, performs described terminal management strategy, to realize the management to described terminal.
The operating right of described terminal management strategy instruction and described characteristic information object association.
In the embodiment of the present invention, after the terminal management strategy of reception server configuration, performing corresponding terminal management strategy, realize the management to described terminal, when performing, for some unmatched setting option in terminal, it can be repaired.
In specific implementation, after terminal management terminates, can add up management result, such as, the statistic mixed-state unmatched security setting item, the number of unmatched security setting item of statistics and the unmatched security setting item number of statistics that go out can account for the ratio of terminal security setting option total number, the ratio of terminal security setting option total number and the corresponding relation of terminal protection grade can be accounted for based on the unmatched security setting item number divided in advance, determine the degree of protection that terminal is current, and can be illustrated in terminal page for checking.
According to the embodiment of the present invention, according to preset recognition rule, the multiple information object of automatic sense terminals, identifying signature object from terminal multiple information object, and recognition result is uploaded onto the server, server is according to the recognition result configurating terminal operating strategy uploaded, and the terminal management strategy that terminal configures according to server arranges state from least one security setting item of Row sum-equal matrix and described characteristic information object association.Relative to traditional terminal management strategy arranged manually, the terminal management strategy according to the solution of the present invention configuration can protect the safety of terminal more all sidedly, effectively.
With reference to Fig. 2, show the flow chart of steps of a kind of terminal management method based on information scanning according to the embodiment of the present invention 2, specifically can comprise the steps:
Step 201, downloads described recognition rule from server, or, the recognition rule that reception server issues.
In the embodiment of the present invention, at server, one client can be installed, at server configuration recognition rule; Also pre-configured recognition rule can be stored to server.
When performing Terminal Security Management strategy, can send the instruction of downloading recognition rule to server, recognition rule is fed back to terminal after receiving instruction by server; Or, can pre-set at server the time issuing recognition rule, issue recognition rule to realize server by setting-up time.
Step 202, according to preset recognition rule, identifying signature object from terminal multiple information object, and recognition result is uploaded onto the server.
In specific implementation, the key word that recognition rule can indicate the attribute information of described characteristic information object to comprise, can indicate identify according to the order of sequence information path, at least one in the execution duration of the identifying operation identifying multiple information object, information object size to be identified and number can be indicated, can indicate comprise each key word information object said features classification and other information.
When the key word that recognition rule indicates the attribute information of described characteristic information object to comprise, if the attribute information of described information object hits at least one key word of described recognition rule instruction, then determine that described information object is characteristic information object.
Particularly, the key word of described recognition rule instruction can be single character word or digital or symbol, also can be the combination of multiple words or numeral or symbol, when keyword search being carried out to terminal document according to recognition rule, first open file, file content is read tag memory, utilize canonical matched rule, whether key word is there is when retrieving in this file, the number of the tag file of the tag file of hit or statistics can be reported to server, described server can be privately owned Cloud Server, publicly-owned Cloud Server or another terminal.
The attribute information of information object comprises at least one in the name of the information of described information object, information type and the information content, can also be other any suitable types, such as information size, and the present invention is to this and limit.
When attribute packets of information draws together the name of the information of information object, the key word of recognition rule instruction can be the name of the information of information object, can according to the name of the information of the information object of recognition rule instruction, the file meeting described name of the information in terminal is defined as tag file, and the tag file determined is uploaded onto the server.Such as, recognition rule instruction filename blacklist, comprise " filename 1:readme.txt " and " filename 2:md5.exe " two filenames, and instruction comprises above-mentioned any filename or comprises the file of two filenames simultaneously, can confirm as tag file.
When attribute packets of information draws together the information type of information object, the key word of recognition rule instruction can be the information type of information object, can according to the file type of recognition rule instruction, the file meeting described file type in terminal is defined as tag file, and the tag file determined is uploaded onto the server.File type can be OfficeWord, OfficeExcel, WPS text, WPS form, txt document, rtf document, CSV document, PDF document or other form.
When attribute packets of information draws together the information content of information object, the key word of recognition rule instruction can be the MD5 value (Message-DigestAlgorithm5 of the information content, 5th cover message digest algorithm), the file that the MD5 value of the information content can be met described MD5 rule is defined as tag file.The information object of hit MD5 value is characteristic information object, can be dangerous file or the file possessing certain specific properties.
Preferably, when recognition rule can also indicate the information path identified according to the order of sequence, according to the preferential information path identified and/or the information path ignoring identification, successively each information object can be identified.
Particularly, can the information path of preferential identification as indicated, search the tag file under this path; The information path ignoring identification of instruction can be ignored, search the tag file under other paths.Such as, the preferential path identified of recognition rule instruction is: " C: testdate ", then according to recognition rule, the file searched under this path " C: testdate " identifies, after tag file being detected, the tag file of detection and path, tag file place can being shown on the table in the lump, by clicking " confirmation " button, value document can be uploaded onto the server.
Preferably, when recognition rule can also indicate at least one in the execution duration of the identifying operation identifying multiple information object, information object size to be identified and number, can identify each information object successively according to recognition rule, the number of the characteristic information object or characteristic information object that meet recognition rule is sent to server.Such as, recognition rule indicates information object size to be identified to be less than 200M, then only identify the file being less than 200M in terminal.
Preferably, when recognition rule can also indicate the information object said features of each key word to classify, the key word that can hit according to described characteristic information object, determines that described characteristic information object said features is classified.
Particularly, after going out characteristic information object according to described keyword recognition, the relation can classified according to the key word of recognition rule instruction and information object said features, determine that described characteristic information object said features is classified, the number of the tag file of the tag file of hit or statistics can be reported to server.Such as, the key word of recognition rule instruction is identification card number, and preset the tag file comprising described identification card number and belong to classified papers, after identify the file with described identification card number content in terminal, determine that the tag file identified belongs to classified papers, and this tagsort of classified papers is uploaded onto the server.
Step 203, receives described server according to the terminal management strategy of described recognition result to described terminal configuration, the operating right of described terminal management strategy instruction and described characteristic information object association.
In specific implementation, can the corresponding relation of pre-recorded recognition result and terminal management strategy in server, the corresponding relation of the corresponding relation of such as characteristic information object and terminal management strategy, the number of characteristic information object and terminal management strategy or characteristic information object said features are classified and the corresponding relation of terminal management strategy.
Server according to the corresponding relation of record, can determine the terminal management strategy that described recognition result is corresponding after receiving the recognition result that terminal sends, and by the terminal management policy feedback determined to terminal.
Particularly, terminal can receive described server according to the characteristic information object identified to the terminal management strategy of described terminal configuration; The number of described server according to the characteristic information object identified can be received to the terminal management strategy of described terminal configuration; The characteristic type of described server according to the characteristic information object identified can be received, to the terminal management strategy of described terminal configuration.
Step 204, what indicate according to described terminal management strategy arranges state, arranges at least one security setting item of described terminal.
In the embodiment of the present invention, described terminal management strategy can in indicating terminal with at least one security setting item of described characteristic information object association state is set, can according to terminal management strategy instruction security setting item state is set, at least one security setting item of described terminal is arranged, to realize the management to described terminal.
In specific implementation, according in the terminal of described terminal management strategy instruction with the security setting item of described characteristic information object association state is set, can comprise the step that at least one security setting item of described terminal is arranged:
Step S1, that detect described terminal current setting arranges state with at least one security setting item that is described characteristic information object association.
Particularly, when performing described terminal management strategy, detect current setting in described terminal, with at least one security setting item of described characteristic information object association state is set.
Step S2, if the state that arranges of at least one security setting item of current setting and described terminal management strategy inconsistent, then repair according to described terminal management strategy.
Particularly, for the characteristic information object checked out in terminal, if the state that arranges of at least one security setting item of current setting and described terminal management strategy inconsistent, then can repair it, what be modified to the instruction of terminal management strategy arranges state, to meet the requirement of terminal management strategy.
Such as, that detect described terminal current setting with the state that arranges that the is most short life of the password of described characteristic information object association, the most short life of the password detected is 5 days, because the most short life of password of terminal management strategy instruction is 1 day, what terminal was current arrange state and terminal management strategy is inconsistent, so repair the password term of life of terminal, most for the password of terminal short life is changed to 1 day, to meet the requirement of terminal management strategy.In concrete operations, can in terminal page the information of the most short life of display update password, and receive the most short life of the amended password that inputted by the page 1 day.
Further, can add up management result, such as, can add the state that arranges meeting terminal management strategy and detect by mark, after can completing wait the state that the arranges reparation not meeting terminal management strategy, it be added and repairs complete mark; The number not mating security setting item can be added up and do not mate with statistics the ratio that setting option number accounts for terminal security setting option total number, and account for the ratio of terminal setting option total number and the corresponding relation of terminal protection grade based on the setting option number that do not mate divided in advance, determining the degree of protection of terminal, terminal page can being illustrated in for checking.
In the embodiment of the present invention, preferably, described according to preset recognition rule, from terminal multiple information object before identifying signature object, described method can also comprise:
Obtain the historical operation record of described terminal to described information object, from described historical operation record, extract each information object of historical operation.
In specific implementation, browse webpage or website, share data, use USB flash disk, check account, open file or other operations time, terminal can carry out record to the operation of described information object, generation historical viewings record, data sharing record, USB flash disk use record, file access is opened the historical operation records such as record, and stored for checking.
Further, the historical operation record of described acquisition terminal to information object can comprise:
The target registered table of accessing operation system, reads the history access record to information object and historical search record from described target registered table;
And/or, from the relative position of shared file supervisory routine, read the share and access record to multiple operation systems share information object.
The target registered table of operating system can storage terminal to the history access record of information object and historical search record.Particularly, when pre-acquiring is to the history access record of information object or historical search record, desired data can be read from the target registered table of operating system.
The share and access record of multiple operation systems share information object is stored to relative position by shared file supervisory routine, such as linked database, file etc.Particularly, during the share and access record of pre-read to multiple operation systems share information object, desired data can be read from the linked database of shared file supervisory routine or file.
According to the embodiment of the present invention, according to preset recognition rule, the multiple information object of automatic sense terminals, identifying signature object from terminal multiple information object, and recognition result is uploaded onto the server, server is according to the recognition result configurating terminal operating strategy uploaded, and the terminal management strategy that terminal configures according to server arranges state from least one security setting item of Row sum-equal matrix and described characteristic information object association.Relative to traditional terminal management strategy arranged manually, the terminal management strategy according to the solution of the present invention configuration can protect the safety of terminal more all sidedly, effectively.
With reference to Fig. 3, show the structured flowchart of a kind of terminal management apparatus based on information scanning according to the embodiment of the present invention 1, specifically can comprise as lower module:
Characteristic information Object identifying module 301, for according to preset recognition rule, identifying signature object from terminal multiple information object, and recognition result is uploaded onto the server.
Terminal management Policy receipt module 302, for receiving described server according to the terminal management strategy of described recognition result to described terminal configuration, in described terminal management strategy indicating terminal with at least one security setting item of described characteristic information object association state is set.
Terminal management policy enforcement module 303, for performing described terminal management strategy, to realize the safety management to described terminal.
According to the embodiment of the present invention, according to preset recognition rule, the multiple information object of automatic sense terminals, identifying signature object from terminal multiple information object, and recognition result is uploaded onto the server, server is according to the recognition result configurating terminal operating strategy uploaded, and the terminal management strategy that terminal configures according to server arranges state from least one security setting item of Row sum-equal matrix and described characteristic information object association.Relative to traditional terminal management strategy arranged manually, the terminal management strategy according to the solution of the present invention configuration can protect the safety of terminal more all sidedly, effectively.
With reference to Fig. 4, show the structured flowchart of a kind of terminal management apparatus based on information scanning according to the embodiment of the present invention 2, specifically can comprise as lower module:
Recognition rule receiver module 401, for downloading described recognition rule from server, or, the recognition rule that reception server issues.
Characteristic information Object identifying module 402, for according to preset recognition rule, identifying signature object from terminal multiple information object, and recognition result is uploaded onto the server.
Terminal management Policy receipt module 403, for receiving described server according to the terminal management strategy of described recognition result to described terminal configuration, in described terminal management strategy indicating terminal with at least one security setting item of described characteristic information object association state is set.
Terminal management policy enforcement module 404, arranges state for what indicate according to described terminal management strategy, arranges at least one security setting item of described terminal.
In the embodiment of the present invention, preferably, described device can also comprise:
Information object extraction module, for described according to preset recognition rule, from terminal multiple information object before identifying signature object, obtain the historical operation record of described terminal to described information object, from described historical operation record, extract each information object of historical operation.
Further, described information object extraction module can comprise:
Historical record reading submodule, for the target registered table of accessing operation system, reads the history access record to information object and historical search record from described target registered table;
And/or share and access record reading submodule, for the relative position from shared file supervisory routine, reads the share and access record to multiple operation systems share information object.
In the embodiment of the present invention, preferably, the key word that described recognition rule indicates the attribute information of described characteristic information object to comprise, described characteristic information Object identifying module 402 can comprise:
Characteristic information object determination submodule, if the attribute information for described information object hits at least one key word of described recognition rule instruction, then determine that described information object is characteristic information object, described attribute information comprises at least one in the name of the information of described information object, information type and the information content;
Recognition result sends submodule, for the characteristic information object of identification and/or the number of characteristic information object are uploaded to described server.
In the embodiment of the present invention, preferably, described recognition rule can indicate the information path identified according to the order of sequence;
Described characteristic information Object identifying module 402, specifically may be used for, according to the preferential information path identified and/or the information path ignoring identification, identifying successively to each information object.
In the embodiment of the present invention, preferably, described recognition rule can indicate at least one in the execution duration of the identifying operation identifying multiple information object, information object size to be identified and number.
In the embodiment of the present invention, preferably, described terminal management Policy receipt module 403, specifically may be used for receiving the number of described server according to the characteristic information object identified to the terminal management strategy of described terminal configuration.
In the embodiment of the present invention, preferably, described recognition rule also indicates the information object said features classification comprising each key word, described characteristic information Object identifying module 402, specifically may be used for the key word hit according to described characteristic information object, determine that described characteristic information object said features is classified;
Described terminal management Policy receipt module 403, specifically may be used for receiving the characteristic type of described server according to the characteristic information object identified, to the terminal management strategy of described terminal configuration.
According to the embodiment of the present invention, according to preset recognition rule, the multiple information object of automatic sense terminals, identifying signature object from terminal multiple information object, and recognition result is uploaded onto the server, server according to the recognition result configurating terminal operating strategy uploaded, the terminal management strategy that terminal configures according to server in Row sum-equal matrix terminal with at least one security setting item of described characteristic information object association state is set.Relative to traditional terminal management strategy arranged manually, the terminal management strategy according to the solution of the present invention configuration can protect the safety of terminal more all sidedly, effectively.
For device embodiment, due to itself and embodiment of the method basic simlarity, so description is fairly simple, relevant part illustrates see the part of embodiment of the method.
Intrinsic not relevant to any certain computer, virtual system or miscellaneous equipment with display at this algorithm provided.Various general-purpose system also can with use based on together with this teaching.According to description above, the structure constructed required by this type systematic is apparent.In addition, the present invention is not also for any certain programmed language.It should be understood that and various programming language can be utilized to realize content of the present invention described here, and the description done language-specific is above to disclose preferred forms of the present invention.
In instructions provided herein, describe a large amount of detail.But can understand, embodiments of the invention can be put into practice when not having these details.In some instances, be not shown specifically known method, structure and technology, so that not fuzzy understanding of this description.
Similarly, be to be understood that, in order to simplify the disclosure and to help to understand in each inventive aspect one or more, in the description above to exemplary embodiment of the present invention, each feature of the present invention is grouped together in single embodiment, figure or the description to it sometimes.But, the method for the disclosure should be construed to the following intention of reflection: namely the present invention for required protection requires feature more more than the feature clearly recorded in each claim.Or rather, as claims below reflect, all features of disclosed single embodiment before inventive aspect is to be less than.Therefore, the claims following embodiment are incorporated to this embodiment thus clearly, and wherein each claim itself is as independent embodiment of the present invention.
Those skilled in the art are appreciated that and adaptively can change the module in the equipment in embodiment and they are arranged in one or more equipment different from this embodiment.Module in embodiment or unit or assembly can be combined into a module or unit or assembly, and multiple submodule or subelement or sub-component can be put them in addition.Except at least some in such feature and/or process or unit be mutually repel except, any combination can be adopted to combine all processes of all features disclosed in this instructions (comprising adjoint claim, summary and accompanying drawing) and so disclosed any method or equipment or unit.Unless expressly stated otherwise, each feature disclosed in this instructions (comprising adjoint claim, summary and accompanying drawing) can by providing identical, alternative features that is equivalent or similar object replaces.
In addition, those skilled in the art can understand, although embodiments more described herein to comprise in other embodiment some included feature instead of further feature, the combination of the feature of different embodiment means and to be within scope of the present invention and to form different embodiments.Such as, in the following claims, the one of any of embodiment required for protection can use with arbitrary array mode.
All parts embodiment of the present invention with hardware implementing, or can realize with the software module run on one or more processor, or realizes with their combination.It will be understood by those of skill in the art that the some or all functions based on the some or all parts in the terminal management apparatus of information scanning that microprocessor or digital signal processor (DSP) can be used in practice to realize according to the embodiment of the present invention.The present invention can also be embodied as part or all equipment for performing method as described herein or device program (such as, computer program and computer program).Realizing program of the present invention and can store on a computer-readable medium like this, or the form of one or more signal can be had.Such signal can be downloaded from internet website and obtain, or provides on carrier signal, or provides with any other form.
The present invention will be described instead of limit the invention to it should be noted above-described embodiment, and those skilled in the art can design alternative embodiment when not departing from the scope of claims.In the claims, any reference symbol between bracket should be configured to limitations on claims.Word " comprises " not to be got rid of existence and does not arrange element in the claims or step.Word "a" or "an" before being positioned at element is not got rid of and be there is multiple such element.The present invention can by means of including the hardware of some different elements and realizing by means of the computing machine of suitably programming.In the unit claim listing some devices, several in these devices can be carry out imbody by same hardware branch.Word first, second and third-class use do not represent any order.Can be title by these word explanations.
The invention discloses A1, a kind of terminal management method based on information scanning, wherein, comprising:
According to preset recognition rule, identifying signature object from terminal multiple information object, and recognition result is uploaded onto the server;
Receive described server according to the terminal management strategy of described recognition result to described terminal configuration, in described terminal management strategy indicating terminal with at least one security setting item of described characteristic information object association state is set;
Perform described terminal management strategy, to realize the safety management to described terminal.
A2, method according to A1, wherein, described according to preset recognition rule, from terminal multiple information object before identifying signature object, described method also comprises:
Described recognition rule is downloaded from server, or, the recognition rule that reception server issues.
A3, method according to A1, wherein, described according to preset recognition rule, from terminal multiple information object before identifying signature object, described method also comprises:
Obtain the historical operation record of described terminal to described information object, from described historical operation record, extract each information object of historical operation.
A4, method according to A3, wherein, the historical operation record of described acquisition terminal to information object comprises:
The target registered table of accessing operation system, reads the history access record to information object and historical search record from described target registered table;
And/or, from the relative position of shared file supervisory routine, read the share and access record to multiple operation systems share information object.
A5, method according to A1, wherein, the key word that described recognition rule indicates the attribute information of described characteristic information object to comprise, described according to preset recognition rule, identifying signature object from terminal multiple information object, and recognition result is uploaded onto the server comprise:
If the attribute information of described information object hits at least one key word of described recognition rule instruction, then determine that described information object is characteristic information object, described attribute information comprises at least one in the name of the information of described information object, information type and the information content;
The characteristic information object of identification and/or the number of characteristic information object are uploaded to described server.
A6, method according to A1, wherein, described recognition rule indicates the information path identified according to the order of sequence;
Described according to preset recognition rule, from terminal multiple information object, identifying signature object is:
According to the preferential information path identified and/or the information path ignoring identification, successively each information object is identified.
A7, method according to A1, wherein, described recognition rule instruction identifies at least one in the execution duration of the identifying operation of multiple information object, information object size to be identified and number.
A8, method according to A1, wherein, the described server of described reception comprises according to the terminal management strategy of described recognition result object to described terminal configuration:
Receive the number of described server according to the characteristic information object identified to the terminal management strategy of described terminal configuration.
A9, method according to A1, wherein, the described terminal management strategy of described execution, to realize comprising the management of described terminal:
What indicate according to described terminal management strategy arranges state, arranges at least one security setting item of described terminal.
A10, method according to A1, wherein, described recognition rule also indicates the information object said features classification comprising each key word, described according to preset recognition rule, identifying signature object from terminal multiple information object, and recognition result is uploaded onto the server comprise:
According to the key word that described characteristic information object hits, determine that described characteristic information object said features is classified;
The described server of described reception according to the terminal management strategy of described recognition result to described terminal configuration is, receives the characteristic type of described server according to the characteristic information object identified, to the terminal management strategy of described terminal configuration.
The invention also discloses B11, a kind of terminal management apparatus based on information scanning, wherein, comprising:
Characteristic information Object identifying module, for according to preset recognition rule, identifying signature object from terminal multiple information object, and recognition result is uploaded onto the server;
Terminal management Policy receipt module, for receiving described server according to the terminal management strategy of described recognition result to described terminal configuration, in described terminal management strategy indicating terminal with at least one security setting item of described characteristic information object association state is set;
Terminal management policy enforcement module, for performing described terminal management strategy, to realize the safety management to described terminal.
B12, device according to B11, wherein, described device also comprises:
Recognition rule receiver module, for described according to preset recognition rule, from terminal multiple information object before identifying signature object, download described recognition rule from server, or, the recognition rule that reception server issues.
B13, device according to B11, wherein, described device also comprises:
Information object extraction module, for described according to preset recognition rule, from terminal multiple information object before identifying signature object, obtain the historical operation record of described terminal to described information object, from described historical operation record, extract each information object of historical operation.
B14, device according to B13, wherein, described information object extraction module comprises:
Historical record reading submodule, for the target registered table of accessing operation system, reads the history access record to information object and historical search record from described target registered table;
And/or share and access record reading submodule, for the relative position from shared file supervisory routine, reads the share and access record to multiple operation systems share information object.
B15, device according to B11, wherein, the key word that described recognition rule indicates the attribute information of described characteristic information object to comprise, described characteristic information Object identifying module comprises:
Characteristic information object determination submodule, if the attribute information for described information object hits at least one key word of described recognition rule instruction, then determine that described information object is characteristic information object, described attribute information comprises at least one in the name of the information of described information object, information type and the information content;
Recognition result sends submodule, for the characteristic information object of identification and/or the number of characteristic information object are uploaded to described server.
B16, device according to B11, wherein, described recognition rule indicates the information path identified according to the order of sequence;
Described characteristic information Object identifying module, specifically for according to the preferential information path identified and/or the information path ignoring identification, identifies each information object successively.
B17, device according to B11, wherein, described recognition rule instruction identifies at least one in the execution duration of the identifying operation of multiple information object, information object size to be identified and number.
B18, device according to B11, wherein:
Described terminal management Policy receipt module, specifically for receiving the number of described server according to the characteristic information object identified to the terminal management strategy of described terminal configuration.
B19, device according to B11, wherein:
Described terminal management policy enforcement module, arranges state specifically for what indicate according to described terminal management strategy, arranges at least one security setting item of described terminal.
B20, device according to B11, wherein, described recognition rule also indicates the information object said features classification comprising each key word, described characteristic information Object identifying module, specifically for the key word hit according to described characteristic information object, determine that described characteristic information object said features is classified;
Described terminal management Policy receipt module, specifically for receiving the characteristic type of described server according to the characteristic information object identified, to the terminal management strategy of described terminal configuration.
Claims (10)
1. based on a terminal management method for information scanning, wherein, comprising:
According to preset recognition rule, identifying signature object from terminal multiple information object, and recognition result is uploaded onto the server;
Receive described server according to the terminal management strategy of described recognition result to described terminal configuration, in described terminal management strategy indicating terminal with at least one security setting item of described characteristic information object association state is set;
Perform described terminal management strategy, to realize the safety management to described terminal.
2. method according to claim 1, wherein, described according to preset recognition rule, from terminal multiple information object before identifying signature object, described method also comprises:
Described recognition rule is downloaded from server, or, the recognition rule that reception server issues.
3. method according to claim 1, wherein, described according to preset recognition rule, from terminal multiple information object before identifying signature object, described method also comprises:
Obtain the historical operation record of described terminal to described information object, from described historical operation record, extract each information object of historical operation.
4. method according to claim 3, wherein, the historical operation record of described acquisition terminal to information object comprises:
The target registered table of accessing operation system, reads the history access record to information object and historical search record from described target registered table;
And/or, from the relative position of shared file supervisory routine, read the share and access record to multiple operation systems share information object.
5. method according to claim 1, wherein, the key word that described recognition rule indicates the attribute information of described characteristic information object to comprise, described according to preset recognition rule, identifying signature object from terminal multiple information object, and recognition result is uploaded onto the server comprise:
If the attribute information of described information object hits at least one key word of described recognition rule instruction, then determine that described information object is characteristic information object, described attribute information comprises at least one in the name of the information of described information object, information type and the information content;
The characteristic information object of identification and/or the number of characteristic information object are uploaded to described server.
6. method according to claim 1, wherein, described recognition rule indicates the information path identified according to the order of sequence;
Described according to preset recognition rule, from terminal multiple information object, identifying signature object is:
According to the preferential information path identified and/or the information path ignoring identification, successively each information object is identified.
7. method according to claim 1, wherein, described recognition rule instruction identifies at least one in the execution duration of the identifying operation of multiple information object, information object size to be identified and number.
8. method according to claim 1, wherein, the described server of described reception comprises according to the terminal management strategy of described recognition result object to described terminal configuration:
Receive the number of described server according to the characteristic information object identified to the terminal management strategy of described terminal configuration.
9. method according to claim 1, wherein, the described terminal management strategy of described execution, to realize comprising the management of described terminal:
What indicate according to described terminal management strategy arranges state, arranges at least one security setting item of described terminal.
10. based on a terminal management apparatus for information scanning, wherein, comprising:
Characteristic information Object identifying module, for according to preset recognition rule, identifying signature object from terminal multiple information object, and recognition result is uploaded onto the server;
Terminal management Policy receipt module, for receiving described server according to the terminal management strategy of described recognition result to described terminal configuration, in described terminal management strategy indicating terminal with at least one security setting item of described characteristic information object association state is set;
Terminal management policy enforcement module, for performing described terminal management strategy, to realize the safety management to described terminal.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510993369.1A CN105550597A (en) | 2015-12-24 | 2015-12-24 | Information scanning based terminal management method and apparatus |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510993369.1A CN105550597A (en) | 2015-12-24 | 2015-12-24 | Information scanning based terminal management method and apparatus |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105550597A true CN105550597A (en) | 2016-05-04 |
Family
ID=55829784
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510993369.1A Pending CN105550597A (en) | 2015-12-24 | 2015-12-24 | Information scanning based terminal management method and apparatus |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105550597A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113268765A (en) * | 2021-04-30 | 2021-08-17 | 杭州安恒信息技术股份有限公司 | Credential detection method, system, electronic device and storage medium |
| WO2022016434A1 (en) * | 2020-07-22 | 2022-01-27 | Oppo广东移动通信有限公司 | Device deregistration method, device registration method, communication device and cloud platform |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090249482A1 (en) * | 2008-03-31 | 2009-10-01 | Gurusamy Sarathy | Method and system for detecting restricted content associated with retrieved content |
| US20100269175A1 (en) * | 2008-12-02 | 2010-10-21 | Stolfo Salvatore J | Methods, systems, and media for masquerade attack detection by monitoring computer user behavior |
| CN102622551A (en) * | 2012-04-11 | 2012-08-01 | 无锡华御信息技术有限公司 | File safety protection method |
| CN103049699A (en) * | 2013-01-23 | 2013-04-17 | 济南伟利迅半导体有限公司 | Method and system for deferring malicious software or virus to transmit on portable storage device |
| CN103902913A (en) * | 2012-12-28 | 2014-07-02 | 百度在线网络技术(北京)有限公司 | Method and device for carrying out safety processing on web application |
| CN104281814A (en) * | 2013-07-03 | 2015-01-14 | 钟丹东 | File anti-disclosure system for files and working method thereof |
-
2015
- 2015-12-24 CN CN201510993369.1A patent/CN105550597A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090249482A1 (en) * | 2008-03-31 | 2009-10-01 | Gurusamy Sarathy | Method and system for detecting restricted content associated with retrieved content |
| US20100269175A1 (en) * | 2008-12-02 | 2010-10-21 | Stolfo Salvatore J | Methods, systems, and media for masquerade attack detection by monitoring computer user behavior |
| CN102622551A (en) * | 2012-04-11 | 2012-08-01 | 无锡华御信息技术有限公司 | File safety protection method |
| CN103902913A (en) * | 2012-12-28 | 2014-07-02 | 百度在线网络技术(北京)有限公司 | Method and device for carrying out safety processing on web application |
| CN103049699A (en) * | 2013-01-23 | 2013-04-17 | 济南伟利迅半导体有限公司 | Method and system for deferring malicious software or virus to transmit on portable storage device |
| CN104281814A (en) * | 2013-07-03 | 2015-01-14 | 钟丹东 | File anti-disclosure system for files and working method thereof |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2022016434A1 (en) * | 2020-07-22 | 2022-01-27 | Oppo广东移动通信有限公司 | Device deregistration method, device registration method, communication device and cloud platform |
| CN113268765A (en) * | 2021-04-30 | 2021-08-17 | 杭州安恒信息技术股份有限公司 | Credential detection method, system, electronic device and storage medium |
| CN113268765B (en) * | 2021-04-30 | 2022-06-17 | 杭州安恒信息技术股份有限公司 | Credential detection method, system, electronic device and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101569129B (en) | Network security systems and methods | |
| CN107239702A (en) | The method and device of a kind of security breaches detection | |
| CN106411578A (en) | Website monitoring system and method applicable to power industry | |
| CN103473501B (en) | A kind of Malware method for tracing based on cloud security | |
| US11403389B2 (en) | System and method of detecting unauthorized access to computing resources for cryptomining | |
| CN104021339A (en) | Safety payment method and device for mobile terminal | |
| CN103677935A (en) | Installation and control method, system and device for application programs | |
| US11856015B2 (en) | Anomalous action security assessor | |
| CN104537310B (en) | The management method of movable storage device and client | |
| CN110417718B (en) | Method, device, equipment and storage medium for processing risk data in website | |
| Fisk | Cyber security, building automation, and the intelligent building | |
| US20240184863A1 (en) | Verification of Access Permissions | |
| US10637864B2 (en) | Creation of fictitious identities to obfuscate hacking of internal networks | |
| Dalai et al. | Neutralizing SQL injection attack using server side code modification in web applications | |
| CN103646198A (en) | Method, system and device for locking working region of mobile terminal | |
| CN105391591A (en) | Security setting and management method and apparatus for terminal | |
| CN105550597A (en) | Information scanning based terminal management method and apparatus | |
| CN110958236A (en) | Dynamic authorization method of operation and maintenance auditing system based on risk factor insight | |
| CN103051608B (en) | A kind of method and apparatus of movable equipment access monitoring | |
| US10084749B2 (en) | Automatic blocking of bad actors across a network | |
| Aldea et al. | Software vulnerabilities integrated management system | |
| Krylov et al. | Integration of distributed ledger technology into software electronic signature exchange service | |
| Egerton et al. | Applying zero trust security principles to defence mechanisms against data exfiltration attacks | |
| Fedotov et al. | Vulnerability Classification of Information Security in Corporate Systems | |
| CN103971065A (en) | Method and device used for preventing data tampering |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20160504 |