CN106295388B - A kind of data desensitization method and device - Google Patents

A kind of data desensitization method and device Download PDF

Info

Publication number
CN106295388B
CN106295388B CN201510303954.4A CN201510303954A CN106295388B CN 106295388 B CN106295388 B CN 106295388B CN 201510303954 A CN201510303954 A CN 201510303954A CN 106295388 B CN106295388 B CN 106295388B
Authority
CN
China
Prior art keywords
sensitive data
data
user
sql
access
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201510303954.4A
Other languages
Chinese (zh)
Other versions
CN106295388A (en
Inventor
田力
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Mobile Group Shandong Co Ltd
Original Assignee
China Mobile Group Shandong Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Mobile Group Shandong Co Ltd filed Critical China Mobile Group Shandong Co Ltd
Priority to CN201510303954.4A priority Critical patent/CN106295388B/en
Publication of CN106295388A publication Critical patent/CN106295388A/en
Application granted granted Critical
Publication of CN106295388B publication Critical patent/CN106295388B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • G06F21/6254Protecting personal data, e.g. for financial or medical purposes by anonymising data, e.g. decorrelating personal data from the owner's identification

Landscapes

  • Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Databases & Information Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Medical Informatics (AREA)
  • Storage Device Security (AREA)

Abstract

本发明公开了一种数据脱敏方法和装置,用以解决现有技术中存在的数据脱敏的效率较低,而且管控不灵活的问题。该方法包括:接收用户发送的结构化查询语言SQL指令;当判断出所述SQL指令所要访问的数据中包含敏感数据,且所述用户不被允许访问所述敏感数据时,根据预先设置的脱敏转换规则对所述SQL指令进行转换,使转换后的SQL指令访问到的敏感数据为脱敏数据。

The invention discloses a data desensitization method and device, which are used to solve the problems of low data desensitization efficiency and inflexible management and control existing in the prior art. The method includes: receiving a structured query language SQL instruction sent by a user; when it is judged that the data to be accessed by the SQL instruction contains sensitive data, and the user is not allowed to access the sensitive data, according to a preset The sensitive conversion rule converts the SQL command, so that the sensitive data accessed by the converted SQL command is desensitized data.

Description

一种数据脱敏方法和装置A data desensitization method and device

技术领域technical field

本发明涉及信息安全技术领域,尤其涉及一种数据脱敏方法和装置。The invention relates to the technical field of information security, in particular to a data desensitization method and device.

背景技术Background technique

随着市场壮大和业务发展,企业数据库中存储的客户资料越来越多,一旦发生泄露,将会对企业带来巨大的信任危机及经济损失。为此各企业均对数据安全给予了高度重视,通过内外网隔离、防火墙建设及安全审计等诸多管理或技术手段阻止数据泄漏事件的发生并能追踪事件源头。其中对于敏感数据的脱敏(或称模糊化)处理是预防数据泄漏的积极、有效手段。With the growth of the market and business development, more and more customer information is stored in the enterprise database. Once leaked, it will bring huge trust crisis and economic loss to the enterprise. For this reason, all enterprises have attached great importance to data security, and have prevented the occurrence of data leakage incidents and traced the source of the incident through many management or technical means such as internal and external network isolation, firewall construction, and security audit. Among them, desensitization (or obfuscation) of sensitive data is an active and effective means to prevent data leakage.

所谓数据脱敏,是指对敏感数据通过脱敏规则进行数据的变形,实现对敏感数据的可靠保护,以便在开发、测试和其它非生产环境以及外包环境中安全地使用脱敏后的真实数据集(或称脱敏数据)而不至信息泄漏。The so-called data desensitization refers to the transformation of sensitive data through desensitization rules to achieve reliable protection of sensitive data, so that the desensitized real data can be safely used in development, testing and other non-production environments and outsourcing environments Collect (or desensitized data) without information leakage.

目前对数据脱敏主要通过以下几种技术:At present, data desensitization mainly adopts the following technologies:

1、通过数据库中自带的用于更新表中原有数据的Update语句对敏感数据进行转换。该方法是在数据库同步完成后登入数据库,使用Update语句,根据指定的脱敏规则对敏感数据进行转换,操作完成后提交生效。1. Use the Update statement in the database to update the original data in the table to convert the sensitive data. This method is to log in to the database after the database synchronization is completed, use the Update statement to convert the sensitive data according to the specified desensitization rules, and submit it to take effect after the operation is completed.

2、基于技术工具在数据迁移过程中对敏感数据进行脱敏操作。此方式可单独对导出的敏感数据表进行加密操作,使敏感数据以脱敏数据的形式展示,当在得到加密口令后可以将脱敏数据恢复为原始数据。2. Desensitize sensitive data during data migration based on technical tools. This method can separately encrypt the exported sensitive data table, so that the sensitive data can be displayed in the form of desensitized data. After obtaining the encrypted password, the desensitized data can be restored to the original data.

上述两种脱敏技术中,第一种脱敏技术使用Update语句进行的脱敏操作具备不可逆性,当需要对敏感数据进行访问时,需重新同步数据库,灵活性较差,不能满足业务需要。由于在脱敏过程中需要对数据量较大的敏感数据进行修改,因此脱敏过程效率较低,不适合对数据及时性要求较高的场景。而第二种脱敏技术虽然在得到加密口令后可以讲脱敏数据恢复为原始数据,即具备可逆性,但是由于在导出导入的过程中也实施了对敏感数据的修改,因此也存在脱敏过程效率较低的问题,不适合对数据及时性要求较高的场景。另外,加密密码固定,不能灵活变更,一旦使用户获取加密密码,便无法回收该用户对敏感数据的访问权限,不便于管理控制。Among the above two desensitization technologies, the desensitization operation of the first desensitization technology using the Update statement is irreversible. When sensitive data needs to be accessed, the database needs to be re-synchronized, which is less flexible and cannot meet business needs. Since sensitive data with a large amount of data needs to be modified during the desensitization process, the desensitization process is inefficient and not suitable for scenarios that require high data timeliness. Although the second desensitization technology can restore the desensitized data to the original data after obtaining the encrypted password, that is, it is reversible, but since the sensitive data is also modified during the export and import process, there is also desensitization The problem of low process efficiency is not suitable for scenarios that require high data timeliness. In addition, the encryption password is fixed and cannot be changed flexibly. Once the user obtains the encryption password, the user's access right to sensitive data cannot be revoked, which is inconvenient for management and control.

在实际生产环境中,因安全及系统资源限制需向内部统计员或稽核人员提供独立于生产的统计与稽核用数据环境。该场景下对数据的及时性要求较高,所以必须周期性的在规定的时间窗口内完成数据同步与脱敏操作。同时因客户资料实名制等工作的推进,需支持稽核人员在安全许可范围内不定期访问原始数据的需求。此种情况下,上述技术均无法满足要求。In the actual production environment, due to security and system resource constraints, it is necessary to provide internal statisticians or auditors with a statistical and auditing data environment independent of production. In this scenario, the timeliness of data is highly required, so the data synchronization and desensitization operations must be completed periodically within the specified time window. At the same time, due to the advancement of the real-name system for customer data, it is necessary to support the needs of auditors to access raw data from time to time within the scope of security permits. In this case, none of the above techniques can meet the requirements.

发明内容Contents of the invention

本发明实施例提供一种数据脱敏方法和装置,用以解决现有技术中存在的数据脱敏的效率较低,而且管控不灵活的问题。Embodiments of the present invention provide a data desensitization method and device to solve the problems of low data desensitization efficiency and inflexible management and control existing in the prior art.

本发明实施例采用以下技术方案:Embodiments of the present invention adopt the following technical solutions:

第一方面提供了一种数据脱敏方法,包括:The first aspect provides a data desensitization method, including:

接收用户发送的结构化查询语言SQL指令;Receive the structured query language SQL command sent by the user;

当判断出所述SQL指令所要访问的数据中包含敏感数据,且所述用户不被允许访问所述敏感数据时,根据预先设置的脱敏转换规则对所述SQL指令进行转换,使转换后的SQL指令访问到的敏感数据为脱敏数据。When it is judged that the data to be accessed by the SQL instruction contains sensitive data, and the user is not allowed to access the sensitive data, the SQL instruction is converted according to the preset desensitization conversion rule, so that the converted Sensitive data accessed by SQL commands is desensitized data.

可选的,当判断出所述SQL指令所要访问的数据中包含敏感数据,且所述用户不被允许访问所述敏感数据时,根据预先设置的脱敏转换规则对所述SQL指令进行转换,使转换后的SQL指令访问到的敏感数据为脱敏数据,具体包括:Optionally, when it is determined that the data to be accessed by the SQL instruction contains sensitive data, and the user is not allowed to access the sensitive data, the SQL instruction is converted according to a preset desensitization conversion rule, Make the sensitive data accessed by the converted SQL command desensitized data, including:

判断所述SQL指令所要访问的数据中是否包含敏感数据;Judging whether the data to be accessed by the SQL command contains sensitive data;

当判断出所述SQL指令所要访问的数据中包含敏感数据时,继续判断所述用户是否被允许访问所述敏感数据;When it is determined that the data to be accessed by the SQL instruction contains sensitive data, continue to determine whether the user is allowed to access the sensitive data;

当判断出所述用户不被允许访问所述敏感数据时,根据预先设置的脱敏转换规则对所述SQL指令进行转换,使转换后的SQL指令访问到的敏感数据为脱敏数据。When it is determined that the user is not allowed to access the sensitive data, the SQL command is converted according to a preset desensitization conversion rule, so that the sensitive data accessed by the converted SQL command is desensitized data.

可选的,接收用户发送的SQL指令,具体包括:Optionally, receive the SQL command sent by the user, specifically including:

接收用户在第一时间发送的SQL指令;则Receive the SQL command sent by the user at the first time; then

判断所述用户是否被允许访问所述敏感数据,具体包括:Determine whether the user is allowed to access the sensitive data, specifically including:

根据预先存储的授权用户列表,判断所述用户是否为授权用户;judging whether the user is an authorized user according to a pre-stored authorized user list;

当判断出所述用户为授权用户时,继续判断所述第一时间是否处于所述授权用户对应的访问时间范围内,以及判断所述SQL指令所要访问的敏感数据是否为所述授权用户对应的授权访问对象;When it is determined that the user is an authorized user, continue to determine whether the first time is within the access time range corresponding to the authorized user, and determine whether the sensitive data to be accessed by the SQL command is the one corresponding to the authorized user. authorized access object;

当判断出所述用户不是授权用户,或者判断出所述第一时间未处于所述访问时间范围内,或者判断出所述SQL指令所要访问的敏感数据不是所述授权访问对象时,确定所述用户不被允许访问所述敏感数据;When it is determined that the user is not an authorized user, or that the first time is not within the access time range, or that the sensitive data to be accessed by the SQL instruction is not the authorized access object, determine the The user is not permitted to access said sensitive data;

当判断出所述用户为授权用户,所述第一时间处于所述访问时间范围内,并且所述SQL指令所要访问的敏感数据为所述授权访问对象时,确定所述用户被允许访问所述敏感数据。When it is determined that the user is an authorized user, the first time is within the access time range, and the sensitive data to be accessed by the SQL instruction is the authorized access object, it is determined that the user is allowed to access the sensitive data.

可选的,判断所述SQL指令所要访问的数据中是否包含敏感数据,具体包括:Optionally, determine whether the data to be accessed by the SQL instruction contains sensitive data, specifically including:

对所述SQL指令进行扫描,当分析出所述SQL指令中包含查询select语句,且所述select语句中所要查询的数据表中包含预先设置的敏感数据表,且包含的敏感数据表所要查询的数据列中又包含预先设置的敏感数据列时,确定所述SQL指令所要访问的数据中包含敏感数据;否则确定所述SQL指令所要访问的数据中不包含敏感数据。Scanning the SQL instruction, when it is analyzed that the SQL instruction contains a query select statement, and the data table to be queried in the select statement contains a preset sensitive data table, and the included sensitive data table is to be queried When the data column contains a preset sensitive data column, it is determined that the data to be accessed by the SQL instruction contains sensitive data; otherwise, it is determined that the data to be accessed by the SQL instruction does not contain sensitive data.

可选的,所述脱敏转换规则包括:Optionally, the desensitization conversion rules include:

将所述SQL指令中用于访问敏感数据的语句替换为预设转换函数,所述预设转换函数用于将所述敏感数据中指定位置的字符转换为预先设置的特殊字符;其中,所述敏感数据至少包括:身份证号码、电话号码、姓名和住址中的任意一项数据。The statement used to access the sensitive data in the SQL instruction is replaced with a preset conversion function, and the preset conversion function is used to convert the character at a specified position in the sensitive data into a preset special character; wherein, the Sensitive data includes at least: any one of ID number, phone number, name and address.

第二方面提供了一种数据脱敏装置,包括:The second aspect provides a data desensitization device, including:

SQL指令接收模块,用于接收用户发送的结构化查询语言SQL指令;The SQL instruction receiving module is used to receive the structured query language SQL instruction sent by the user;

SQL指令转换模块,用于当判断出所述SQL指令接收模块接收的SQL指令所要访问的数据中包含敏感数据,且所述用户不被允许访问所述敏感数据时,根据预先设置的脱敏转换规则对所述SQL指令进行转换,使转换后的SQL指令访问到的敏感数据为脱敏数据。The SQL instruction conversion module is used to convert according to the preset desensitization when it is judged that the data to be accessed by the SQL instruction received by the SQL instruction receiving module contains sensitive data, and the user is not allowed to access the sensitive data The rule converts the SQL command, so that the sensitive data accessed by the converted SQL command is desensitized data.

可选的,所述SQL指令转换模块,具体包括:Optionally, the SQL instruction conversion module specifically includes:

第一判断单元,用于判断所述SQL指令所要访问的数据中是否包含敏感数据;a first judging unit, configured to judge whether sensitive data is included in the data to be accessed by the SQL instruction;

第二判断单元,用于当所述第一判断单元判断出所述SQL指令所要访问的数据中包含敏感数据时,继续判断所述用户是否被允许访问所述敏感数据;The second judging unit is configured to continue judging whether the user is allowed to access the sensitive data when the first judging unit judges that the data to be accessed by the SQL instruction contains sensitive data;

转换单元,用于当所述第二判断单元判断出所述用户不被允许访问所述敏感数据时,根据预先设置的脱敏转换规则对所述SQL指令进行转换,使转换后的SQL指令访问到的敏感数据为脱敏数据。A conversion unit, configured to convert the SQL instruction according to a preset desensitization conversion rule when the second judging unit judges that the user is not allowed to access the sensitive data, so that the converted SQL instruction can access The received sensitive data is desensitized data.

可选的,所述SQL指令接收模块,具体包括:Optionally, the SQL instruction receiving module specifically includes:

接收用户在第一时间发送的SQL指令;则Receive the SQL command sent by the user at the first time; then

所述第二判断单元,具体用于:The second judging unit is specifically used for:

根据预先存储的授权用户列表,判断所述用户是否为授权用户;当判断出所述用户为授权用户时,继续判断所述第一时间是否处于所述授权用户对应的访问时间范围内,以及判断所述SQL指令所要访问的敏感数据是否为所述授权用户对应的授权访问对象;当判断出所述用户不是授权用户,或者判断出所述第一时间未处于所述访问时间范围内,或者判断出所述SQL指令所要访问的敏感数据不是所述授权访问对象时,确定所述用户不被允许访问所述敏感数据;当判断出所述用户为授权用户,所述第一时间处于所述访问时间范围内,并且所述SQL指令所要访问的敏感数据为所述授权访问对象时,确定所述用户被允许访问所述敏感数据。According to the pre-stored authorized user list, determine whether the user is an authorized user; when it is determined that the user is an authorized user, continue to determine whether the first time is within the access time range corresponding to the authorized user, and determine Whether the sensitive data to be accessed by the SQL command is the authorized access object corresponding to the authorized user; when it is determined that the user is not an authorized user, or it is determined that the first time is not within the access time range, or it is determined that When it is determined that the sensitive data to be accessed by the SQL command is not the authorized access object, it is determined that the user is not allowed to access the sensitive data; when it is determined that the user is an authorized user, the first time is in the access When the time range is within the time range and the sensitive data to be accessed by the SQL instruction is the authorized access object, it is determined that the user is allowed to access the sensitive data.

可选的,所述第一判断单元,具体用于:Optionally, the first judging unit is specifically used for:

对所述SQL指令进行扫描,当分析出所述SQL指令中包含查询select语句,且所述select语句中所要查询的数据表中包含预先设置的敏感数据表,且包含的敏感数据表所要查询的数据列中又包含预先设置的敏感数据列时,确定所述SQL指令所要访问的数据中包含敏感数据;否则确定所述SQL指令所要访问的数据中不包含敏感数据Scanning the SQL instruction, when it is analyzed that the SQL instruction contains a query select statement, and the data table to be queried in the select statement contains a preset sensitive data table, and the included sensitive data table is to be queried When the data column contains a preset sensitive data column, it is determined that the data to be accessed by the SQL command contains sensitive data; otherwise, it is determined that the data to be accessed by the SQL command does not contain sensitive data

可选的,所述脱敏转换规则包括:Optionally, the desensitization conversion rules include:

将所述SQL指令中用于访问敏感数据的语句替换为预设转换函数,所述预设转换函数用于将所述敏感数据中指定位置的字符转换为预先设置的特殊字符;其中,所述敏感数据至少包括:身份证号码、电话号码、姓名和住址中的任意一项数据。The statement used to access the sensitive data in the SQL instruction is replaced with a preset conversion function, and the preset conversion function is used to convert the character at a specified position in the sensitive data into a preset special character; wherein, the Sensitive data includes at least: any one of ID number, phone number, name and address.

本发明实施例的有益效果如下:The beneficial effects of the embodiments of the present invention are as follows:

本发明实施例中,接收用户发送的SQL指令,在判断出SQL指令所要访问的数据中包含敏感数据,且该用户不被允许访问敏感数据时,根据预先设置的脱敏转换规则对SQL指令进行转换,使转换后的SQL指令访问到的敏感数据为脱敏数据。与现有技术相比,在数据脱敏过程中未对敏感数据进行更改,而是采取对用户发送的SQL指令进行转换的方式确定数据展示方式,从而达到数据脱敏的效果,极大了提高了数据脱敏的效率。另外,数据展示方式不再由加密密码来控制,而是通过对用户是否被允许访问敏感数据的判断结果来决定,从而实现灵活管控。In the embodiment of the present invention, when the SQL command sent by the user is received, and it is judged that the data to be accessed by the SQL command contains sensitive data, and the user is not allowed to access the sensitive data, the SQL command is processed according to the pre-set desensitization conversion rule. Conversion, so that the sensitive data accessed by the converted SQL command is desensitized data. Compared with the existing technology, the sensitive data is not changed during the data desensitization process, but the SQL command sent by the user is converted to determine the data display mode, so as to achieve the effect of data desensitization and greatly improve the Improve the efficiency of data desensitization. In addition, the data display method is no longer controlled by encrypted passwords, but by the judgment result of whether users are allowed to access sensitive data, so as to achieve flexible control.

本发明的其它特征和优点将在随后的说明书中阐述,并且,部分地从说明书中变得显而易见,或者通过实施本发明而了解。本发明的目的和其他优点可通过在所写的说明书、权利要求书、以及附图中所特别指出的结构来实现和获得。Additional features and advantages of the invention will be set forth in the description which follows, and in part will be apparent from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention may be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.

附图说明Description of drawings

此处所说明的附图用来提供对本发明的进一步理解,构成本发明的一部分,本发明的示意性实施例及其说明用于解释本发明,并不构成对本发明的不当限定。在附图中:The accompanying drawings described here are used to provide a further understanding of the present invention, and constitute a part of the present invention. The schematic embodiments of the present invention and their descriptions are used to explain the present invention, and do not constitute improper limitations to the present invention. In the attached picture:

图1为本发明实施例提供的一种数据脱敏方法的实现流程图;Fig. 1 is the implementation flowchart of a data desensitization method provided by the embodiment of the present invention;

图2为本发明实施例提供的数据脱敏方法在具体应用时的应用场景示意图;Fig. 2 is a schematic diagram of the application scenario of the data desensitization method provided by the embodiment of the present invention in a specific application;

图3为在该应用场景下的数据脱敏方法的具体流程图;FIG. 3 is a specific flow chart of the data desensitization method in this application scenario;

图4为判断SQL指令中是否有提取敏感数据的内容的具体实现流程图;Fig. 4 is the specific implementation flowchart of judging whether there is the content of extracting sensitive data in the SQL instruction;

图5为本发明实施例提供的一种数据脱敏装置的结构示意图。FIG. 5 is a schematic structural diagram of a data desensitization device provided by an embodiment of the present invention.

具体实施方式Detailed ways

为了解决现有技术中存在的数据脱敏的效率较低,而且管控不灵活的问题,本发明实施例提供了一种数据脱敏方案。该技术方案中,接收用户发送的SQL指令,在判断出SQL指令所要访问的数据中包含敏感数据,且该用户不被允许访问敏感数据时,根据预先设置的脱敏转换规则对SQL指令进行转换,使转换后的SQL指令访问到的敏感数据为脱敏数据。与现有技术相比,在数据脱敏过程中未对敏感数据进行更改,而是采取对用户发送的SQL指令进行转换的方式确定数据展示方式,从而达到数据脱敏的效果,极大了提高了数据脱敏的效率。另外,数据展示方式不再由加密密码来控制,而是通过对用户是否被允许访问敏感数据的判断结果来决定,从而实现灵活管控。In order to solve the problems of low data desensitization efficiency and inflexible management and control existing in the prior art, an embodiment of the present invention provides a data desensitization solution. In this technical solution, the SQL command sent by the user is received, and when it is judged that the data to be accessed by the SQL command contains sensitive data, and the user is not allowed to access the sensitive data, the SQL command is converted according to the pre-set desensitization conversion rule , so that the sensitive data accessed by the converted SQL command is desensitized data. Compared with the existing technology, the sensitive data is not changed during the data desensitization process, but the SQL command sent by the user is converted to determine the data display mode, so as to achieve the effect of data desensitization and greatly improve the Improve the efficiency of data desensitization. In addition, the data display method is no longer controlled by encrypted passwords, but by the judgment result of whether users are allowed to access sensitive data, so as to achieve flexible control.

以下结合说明书附图对本发明的实施例进行说明,应当理解,此处所描述的实施例仅用于说明和解释本发明,并不用于限制本发明。并且在不冲突的情况下,本发明中的实施例及实施例的特征可以互相结合。The embodiments of the present invention will be described below in conjunction with the accompanying drawings. It should be understood that the embodiments described here are only used to illustrate and explain the present invention, and are not intended to limit the present invention. And in the case of no conflict, the embodiments and the features of the embodiments in the present invention can be combined with each other.

本发明实施例提供了一种数据脱敏方法,如图1所示,为该方法的实现流程图,具体包括下述步骤:The embodiment of the present invention provides a data desensitization method, as shown in FIG. 1 , which is a flow chart for the realization of the method, and specifically includes the following steps:

步骤11,接收用户发送的SQL指令;Step 11, receiving the SQL command sent by the user;

步骤12,当判断出该SQL指令所要访问的数据中包含敏感数据,且该用户不被允许访问敏感数据时,根据预先设置的脱敏转换规则对该SQL指令进行转换,使转换后的SQL指令访问到的敏感数据为脱敏数据。Step 12, when it is judged that the data to be accessed by the SQL command contains sensitive data, and the user is not allowed to access the sensitive data, the SQL command is converted according to the pre-set desensitization conversion rules, so that the converted SQL command The accessed sensitive data is desensitized data.

其中,该步骤12可以但不限于按照如下过程实现:Wherein, this step 12 can be but not limited to realize according to the following process:

首先判断该SQL指令所要访问的数据中是否包含敏感数据;First determine whether the data to be accessed by the SQL command contains sensitive data;

具体的,对该SQL指令进行扫描,当分析出SQL指令中包含查询select语句,且select语句中所要查询的数据表中包含预先设置的敏感数据表,且包含的敏感数据表所要查询的数据列中又包含预先设置的敏感数据列时,确定该SQL指令所要访问的数据中包含敏感数据;否则确定该SQL指令所要访问的数据中不包含敏感数据。Specifically, scan the SQL command, when it is analyzed that the SQL command contains a query select statement, and the data table to be queried in the select statement contains a preset sensitive data table, and the data column to be queried in the sensitive data table When contains the preset sensitive data columns, it is determined that the data to be accessed by the SQL instruction contains sensitive data; otherwise, it is determined that the data to be accessed by the SQL instruction does not contain sensitive data.

当判断出该SQL指令所要访问的数据中包含敏感数据时,继续判断该用户是否被允许访问敏感数据;When it is determined that the data to be accessed by the SQL command contains sensitive data, continue to determine whether the user is allowed to access sensitive data;

在步骤11中的SQL指令是用户在第一时间发送的情况下,本发明实施例中可以但不限于按照如下方式判断该用户是否被允许访问敏感数据:In the case that the SQL command in step 11 is sent by the user at the first time, in the embodiment of the present invention, it may be determined, but not limited to, whether the user is allowed to access sensitive data in the following manner:

根据预先存储的授权用户列表,判断该用户是否为授权用户;Determine whether the user is an authorized user according to the pre-stored authorized user list;

当判断出该用户为授权用户时,继续判断该第一时间是否处于授权用户对应的访问时间范围内,以及判断SQL指令所要访问的敏感数据是否为授权用户对应的授权访问对象;When it is judged that the user is an authorized user, continue to judge whether the first time is within the access time range corresponding to the authorized user, and judge whether the sensitive data to be accessed by the SQL command is an authorized access object corresponding to the authorized user;

当判断出用户为授权用户,第一时间处于访问时间范围内,并且SQL指令所要访问的敏感数据为授权访问对象时,确定用户被允许访问敏感数据;When it is determined that the user is an authorized user, the first time is within the access time range, and the sensitive data to be accessed by the SQL command is an authorized access object, it is determined that the user is allowed to access the sensitive data;

当判断出用户不是授权用户,或者判断出第一时间未处于访问时间范围内,或者判断出SQL指令所要访问的敏感数据不是授权访问对象时,确定用户不被允许访问敏感数据。When it is determined that the user is not an authorized user, or it is determined that the first time is not within the access time range, or it is determined that the sensitive data to be accessed by the SQL command is not an authorized access object, it is determined that the user is not allowed to access the sensitive data.

当判断出该用户不被允许访问敏感数据时,根据预先设置的脱敏转换规则对该SQL指令进行转换,使转换后的SQL指令访问到的敏感数据为脱敏数据。When it is determined that the user is not allowed to access sensitive data, the SQL instruction is converted according to the pre-set desensitization conversion rule, so that the sensitive data accessed by the converted SQL command is desensitized data.

其中,该脱敏转换规则可以但不限于为:Among them, the desensitization conversion rule can be but not limited to:

将SQL指令中用于访问敏感数据的语句替换为预设转换函数;其中预设转换函数用于将敏感数据中指定位置的字符转换为预先设置的特殊字符;其中,敏感数据至少包括:身份证号码、电话号码、姓名和住址中的任意一项数据。Replace the statement used to access sensitive data in the SQL command with a preset conversion function; where the preset conversion function is used to convert characters at specified positions in the sensitive data into preset special characters; where the sensitive data includes at least: ID card Any one of data such as numbers, phone numbers, names, and addresses.

本发明实施例与现有技术相比,在数据脱敏过程中未对敏感数据进行更改,而是采取对用户发送的SQL指令进行转换的方式确定数据展示方式,从而达到数据脱敏的效果,极大了提高了数据脱敏的效率。另外,数据展示方式不再由加密密码来控制,而是通过对用户是否被允许访问敏感数据的判断结果来决定,从而实现灵活管控。Compared with the prior art, the embodiment of the present invention does not change the sensitive data in the data desensitization process, but adopts the method of converting the SQL command sent by the user to determine the data display mode, so as to achieve the effect of data desensitization. Greatly improved the efficiency of data desensitization. In addition, the data display method is no longer controlled by encrypted passwords, but by the judgment result of whether users are allowed to access sensitive data, so as to achieve flexible control.

为了更好的理解本发明实施例,以下结合具体的实施对本发明实施例的具体实施过程进行说明。In order to better understand the embodiments of the present invention, the specific implementation process of the embodiments of the present invention will be described below in combination with specific implementations.

本发明实施例提供的上述数据脱敏方法在具体应用时可以通过增加数据脱敏服务器和权限审批服务器来实现。如图2所示,为本发明实施例提供的上述数据脱敏方法在具体应用时的应用场景示意图。The above-mentioned data desensitization method provided by the embodiment of the present invention can be implemented by adding a data desensitization server and an authorization approval server during specific application. As shown in FIG. 2 , it is a schematic diagram of an application scenario of the above-mentioned data desensitization method provided by an embodiment of the present invention in a specific application.

权限审批服务器负责对用户鉴权,并向数据脱敏服务器提供接口(用户白名单、授权时间窗口、授权访问对象等)。The permission approval server is responsible for user authentication and provides interfaces (user whitelist, authorization time window, authorized access objects, etc.) to the data desensitization server.

其中,用户白名单:即授权用户列表,该授权用户列表中的用户被允许访问敏感数据;Among them, user white list: the authorized user list, users in the authorized user list are allowed to access sensitive data;

授权时间窗口:即授权用户列表中的用户被允许访问敏感数据的访问时间范围。Authorization time window: the access time range within which users in the authorized user list are allowed to access sensitive data.

授权访问对象:即授权用户列表中的用户被允许访问的数据库对象(如:表、视图或同名等)。Authorized access object: the database object (such as: table, view or the same name, etc.) that users in the authorized user list are allowed to access.

当用户在有访问敏感数据的需求时,向该权限审批服务器发起申请,申请中包含申请人信息、访问对象、访问时间、访问原因等信息。该申请通过权限审批服务器提交到上级领导处进行人工审核,当被确认为合法访问后,将该申请中的申请人信息加入到用户白名单中,访问时间则转换为授权时间窗口,访问对象则转换为授权访问对象。When a user needs to access sensitive data, he or she initiates an application to the authority approval server, and the application includes applicant information, access object, access time, access reason and other information. The application is submitted to the superior leader through the authority approval server for manual review. When it is confirmed as a legitimate access, the applicant information in the application is added to the user white list, and the access time is converted into the authorization time window. Converted to an authorized access object.

数据脱敏服务器负责记录对敏感数据的脱敏转换规则,以及对用户发送的SQL指令进行判断,如果发现用户发送的SQL指令所要访问的内容涉及敏感数据(如:身份证号、联系电话、姓名、住址等)时,继续根据权限审批服务器提供的接口判断该用户是否为非法授权用户(即不被允许访问敏感数据)时,如果发现该用户为非法授权用户时,则立即应用脱敏转换规则对用户提交的SQL指令进行转换,使呈现在用户面前的数据为脱敏数据;如果发现用户发送的SQL指令所要访问的内容不涉及敏感数据,或者发现用户发送的SQL指令所要访问的内容涉及敏感数据,同时该用户为合法授权用户时,则对该用户提交的SQL指令不做处理,直接分发至后台数据库执行。The data desensitization server is responsible for recording the desensitization conversion rules for sensitive data, and judging the SQL commands sent by users. If it is found that the content to be accessed by the SQL commands sent by users involves , address, etc.), continue to judge whether the user is an illegally authorized user (that is, not allowed to access sensitive data) according to the interface provided by the authority approval server, and if the user is found to be an illegally authorized user, immediately apply the desensitization conversion rule Convert the SQL command submitted by the user so that the data presented to the user is desensitized data; if it is found that the content to be accessed by the SQL command sent by the user does not involve sensitive data, or it is found that the content to be accessed by the SQL command sent by the user involves sensitive data At the same time, if the user is a legally authorized user, the SQL command submitted by the user will not be processed, and will be directly distributed to the background database for execution.

在数据脱敏服务器中记录对敏感数据的脱敏转换规则时,还需要记录下述信息:When recording the desensitization conversion rules for sensitive data in the data desensitization server, the following information also needs to be recorded:

所有与数据脱敏服务器连接的数据库实例的配置信息,包括需执行敏感数据脱敏的数据库实例名称、IP地址、监听端口等;Configuration information of all database instances connected to the data desensitization server, including database instance name, IP address, listening port, etc. for which sensitive data desensitization needs to be performed;

数据库用户模式:记录具体数据库实例下包括敏感数据表的账号信息。Database user mode: record account information including sensitive data tables under specific database instances.

敏感数据表:存放敏感数据的数据表、视图或同名。Sensitive data table: A data table, view or the same name that stores sensitive data.

敏感数据列:存放敏感信息的数据对像(表、视图或同名)的列名。Sensitive data column: the column name of the data object (table, view or the same name) that stores sensitive information.

数据脱敏服务器中记录的脱敏转换规则,即对敏感数据列进行脱敏转换时使用的规则,一般使用数据库内置函数编写,这些函数用于将敏感数据中指定位置的字符转换为预先设置的特殊字符。The desensitization conversion rules recorded in the data desensitization server, that is, the rules used when performing desensitization conversion on sensitive data columns, are generally written using built-in functions in the database. These functions are used to convert characters at specified positions in sensitive data to preset Special characters.

以敏感数据包括身份证号码、电话号码、姓名和住址为例:Take sensitive data including ID number, phone number, name and address as an example:

对身份证号码的脱敏:对身份证(假设为CERITID)的指定位置的字符或根据需要直接对整个身份证号码的所有字符用特殊字符(如:‘*’)进行替代。如对后三位进行脱敏,则指定函数为SUBSTR(CERITID,1,LENGTH(CERITID)-3)||’***’。Desensitization of the ID card number: Replace the characters in the specified position of the ID card (assumed to be CERITID) or directly replace all characters of the entire ID card number with special characters (such as '*') as required. If the last three digits are desensitized, the specified function is SUBSTR(CERITID, 1, LENGTH(CERITID)-3)||'***'.

对于电话号码的脱敏:通过号码模式分析,判断前3-5位是否为区号或特别号码(如:021、12580、17951等),截取出有效号码,进而根据需要对相应位置的数字进行模糊化处理,或根据需要直接对整个电话号码的所有字符用特殊字符(如:‘*’)进行替代。如对固话需模糊后4位,则指定函数为:SUBSTR(phone,1,LENGTH(phone)-4)||’****’。Desensitization of phone numbers: Through number pattern analysis, judge whether the first 3-5 digits are area codes or special numbers (such as: 021, 12580, 17951, etc.), intercept valid numbers, and then blur the numbers in corresponding positions as needed or directly replace all characters of the entire phone number with special characters (such as '*') as required. If the last 4 digits need to be fuzzy for fixed-line phones, the specified function is: SUBSTR(phone, 1, LENGTH(phone)-4)||'****'.

对姓名的脱敏:判断是否含有用户姓氏,姓氏之后字符选取任意位置的字符用特殊字符(如:‘*’)进行替换,或根据需要直接对整个姓名的所有字符用特殊字符进行替代。Desensitization of the name: Determine whether the user’s surname is included, select any character after the surname and replace it with a special character (such as ‘*’), or directly replace all characters of the entire name with special characters as needed.

对住址的脱敏:判断是否含有“市”、“区”、“镇”、“乡”、“村”、“街”、“号”、“楼”等关键字,对除这些特殊字符之外的字符随机进行替换,或根据需要直接对整个住址的所有字符用特殊字符(如:‘*’)进行替换。Desensitization of residential addresses: Judging whether keywords such as "city", "district", "town", "township", "village", "street", "number" and "building" are contained, and the Randomly replace characters outside the address, or directly replace all characters in the entire address with special characters (eg '*') as needed.

当增加一条脱敏转换规则后,数据脱敏服务器将根据上述提供的信息自动扫描数据库字典,找出引用敏感数据的所有数据对象名称及列名,迭代更新至上述规则集中。After adding a desensitization conversion rule, the data desensitization server will automatically scan the database dictionary based on the information provided above, find out all data object names and column names that refer to sensitive data, and iteratively update them to the above rule set.

如图3所示,为在该应用场景下的数据脱敏方法的具体流程图。具体包括如下步骤:As shown in FIG. 3 , it is a specific flow chart of the data desensitization method in this application scenario. Specifically include the following steps:

步骤31,用户通过任意工具连接至指定的数据库实例,并提交SQL指令。Step 31, the user connects to the specified database instance through any tool, and submits an SQL command.

步骤32,数据脱敏服务器根据用户选择的数据库实例及提交的SQL指令,判断是否有提取敏感数据的内容。如没有则执行步骤37,如有则继续执行步骤33。Step 32, the data desensitization server determines whether there is content to extract sensitive data according to the database instance selected by the user and the SQL command submitted. If not, execute step 37, and if yes, continue to execute step 33.

步骤33,根据权限审批服务器提供的用户白名单,检查该用户是否为授权用户。如不在用户白名单中则执行步骤36,如在用户白名单内则继续执行步骤34。Step 33, check whether the user is an authorized user according to the user white list provided by the authority approval server. If not in the user whitelist, execute step 36, and if in the user whitelist, continue to execute step 34.

步骤34,根据权限审批服务器提供的授权时间窗口及当前时间,判断当前时间是否处于授权时间窗口内,如不是则执行步骤36,如是则继续执行步骤35。Step 34, according to the authorization time window and the current time provided by the authority approval server, judge whether the current time is within the authorization time window, if not, execute step 36, if so, continue to execute step 35.

步骤35,根据权限审批服务器提供的授权访问对象及SQL指令所要提取的敏感数据,判断SQL指令所要提取的敏感数据是否为授权访问对象,如不是则执行步骤36,如是则执行步骤37。Step 35, according to the authorized access object provided by the authority approval server and the sensitive data to be extracted by the SQL command, judge whether the sensitive data to be extracted by the SQL command is an authorized access object, if not, perform step 36, and if so, perform step 37.

步骤36,对提交的SQL指令按照脱敏转换规则处理,使转换后的SQL指令访问到的敏感数据为脱敏数据。Step 36, process the submitted SQL command according to the desensitization conversion rule, so that the sensitive data accessed by the converted SQL command is desensitized data.

步骤37,转发至后台数据库中执行并反馈结果。Step 37, forwarding to the background database for execution and feeding back the result.

如图4所示,为判断SQL指令中是否有提取敏感数据的内容的具体实现流程图。具体包括如下步骤:As shown in Figure 4, it is a specific implementation flowchart for judging whether there is content to extract sensitive data in the SQL command. Specifically include the following steps:

步骤41,对用户提交的SQL指令进行扫描,判断SQL指令中是否包含SELECT语句(包括含有SELECT的查询的增加、删除和修改语句。如没有则确定SQL指令中没有提取敏感数据的内容,如有,则继续执行步骤42。Step 41 scans the SQL command submitted by the user to determine whether the SQL command includes the SELECT statement (comprising the addition, deletion and modification of the query containing the SELECT. If not, then determine that the SQL command does not extract the content of sensitive data, if any , proceed to step 42.

步骤42,截取SELECT语句中用到的表名,并检测是否含有敏感数据表,如果不含则确定SQL指令中没有提取敏感数据的内容,如有,则继续执行步骤43。Step 42, intercept the table name used in the SELECT statement, and check whether it contains a sensitive data table, if not, determine that there is no sensitive data extracted in the SQL command, and if so, continue to step 43.

步骤43,检查SQL语句中针对敏感数据表查询时用到的列名,判断是否用到敏感数据列,如果没有用到,则确定SQL指令中没有提取敏感数据的内容,如有,则确定SQL指令中有提取敏感数据的内容。Step 43, check the column name used in querying the sensitive data table in the SQL statement, and determine whether the sensitive data column is used. If not, determine that the content of the sensitive data is not extracted in the SQL command, and if so, determine the SQL statement The instruction contains the content of extracting sensitive data.

进而在上述步骤36中对SQL指令进行转换。Furthermore, in the above step 36, the SQL instruction is converted.

需要说明的是,如果SELECT语句中用到‘*’字样,则直接替换为敏感数据表的所有列名,并将敏感数据列根据转换规则进行转换。It should be noted that if the word '*' is used in the SELECT statement, it is directly replaced with all column names of the sensitive data table, and the sensitive data columns are converted according to the conversion rules.

本发明实施例与现有技术相比,在数据脱敏过程中未对敏感数据进行更改,而是采取对用户发送的SQL指令进行转换的方式确定数据展示方式,从而达到数据脱敏的效果,极大了提高了数据脱敏的效率。另外,数据展示方式不再由加密密码来控制,而是通过对用户是否被允许访问敏感数据的判断结果来决定,从而实现灵活管控。Compared with the prior art, the embodiment of the present invention does not change the sensitive data in the data desensitization process, but adopts the method of converting the SQL command sent by the user to determine the data display mode, so as to achieve the effect of data desensitization. Greatly improved the efficiency of data desensitization. In addition, the data display method is no longer controlled by encrypted passwords, but by the judgment result of whether users are allowed to access sensitive data, so as to achieve flexible control.

基于同一发明构思,本发明实施例中还提供了一种数据脱敏装置,由于上述装置解决问题的原理与数据脱敏方法相似,因此上述装置的实施可以参见方法的实施,重复之处不再赘述。Based on the same inventive concept, a data desensitization device is also provided in the embodiment of the present invention. Since the problem-solving principle of the above-mentioned device is similar to the data desensitization method, the implementation of the above-mentioned device can refer to the implementation of the method, and the repetition is no longer repeat.

如图5所示,为本发明实施例提供的数据脱敏装置的结构示意图,包括:As shown in Figure 5, it is a schematic structural diagram of the data desensitization device provided by the embodiment of the present invention, including:

SQL指令接收模块51,用于接收用户发送的结构化查询语言SQL指令;SQL instruction receiving module 51, is used for receiving the structured query language SQL instruction that user sends;

SQL指令转换模块52,用于当判断出所述SQL指令接收模块接收的SQL指令所要访问的数据中包含敏感数据,且所述用户不被允许访问所述敏感数据时,根据预先设置的脱敏转换规则对所述SQL指令进行转换,使转换后的SQL指令访问到的敏感数据为脱敏数据。The SQL instruction conversion module 52 is used for desensitization according to preset when it is judged that the data to be accessed by the SQL instruction received by the SQL instruction receiving module contains sensitive data, and the user is not allowed to access the sensitive data The conversion rule converts the SQL command, so that the sensitive data accessed by the converted SQL command is desensitized data.

可选的,所述SQL指令转换模块52,具体包括:Optionally, the SQL instruction conversion module 52 specifically includes:

第一判断单元521,用于判断所述SQL指令所要访问的数据中是否包含敏感数据;A first judging unit 521, configured to judge whether sensitive data is included in the data to be accessed by the SQL instruction;

第二判断单元522,用于当所述第一判断单元521判断出所述SQL指令所要访问的数据中包含敏感数据时,继续判断所述用户是否被允许访问所述敏感数据;The second judging unit 522 is configured to continue judging whether the user is allowed to access the sensitive data when the first judging unit 521 judges that the data to be accessed by the SQL instruction contains sensitive data;

转换单元523,用于当所述第二判断单元522判断出所述用户不被允许访问所述敏感数据时,根据预先设置的脱敏转换规则对所述SQL指令进行转换,使转换后的SQL指令访问到的敏感数据为脱敏数据。The conversion unit 523 is configured to convert the SQL instruction according to a preset desensitization conversion rule when the second determination unit 522 determines that the user is not allowed to access the sensitive data, so that the converted SQL The sensitive data accessed by the command is desensitized data.

可选的,所述SQL指令接收模块51,具体包括:Optionally, the SQL instruction receiving module 51 specifically includes:

接收用户在第一时间发送的SQL指令;则Receive the SQL command sent by the user at the first time; then

所述第二判断单元522,具体用于:The second judging unit 522 is specifically used for:

根据预先存储的授权用户列表,判断所述用户是否为授权用户;当判断出所述用户为授权用户时,继续判断所述第一时间是否处于所述授权用户对应的访问时间范围内,以及判断所述SQL指令所要访问的敏感数据是否为所述授权用户对应的授权访问对象;当判断出所述用户不是授权用户,或者判断出所述第一时间未处于所述访问时间范围内,或者判断出所述SQL指令所要访问的敏感数据不是所述授权访问对象时,确定所述用户不被允许访问所述敏感数据;当判断出所述用户为授权用户,所述第一时间处于所述访问时间范围内,并且所述SQL指令所要访问的敏感数据为所述授权访问对象时,确定所述用户被允许访问所述敏感数据。According to the pre-stored authorized user list, determine whether the user is an authorized user; when it is determined that the user is an authorized user, continue to determine whether the first time is within the access time range corresponding to the authorized user, and determine Whether the sensitive data to be accessed by the SQL command is the authorized access object corresponding to the authorized user; when it is determined that the user is not an authorized user, or it is determined that the first time is not within the access time range, or it is determined that When it is determined that the sensitive data to be accessed by the SQL command is not the authorized access object, it is determined that the user is not allowed to access the sensitive data; when it is determined that the user is an authorized user, the first time is in the access When the time range is within the time range and the sensitive data to be accessed by the SQL instruction is the authorized access object, it is determined that the user is allowed to access the sensitive data.

可选的,所述第一判断单元521,具体用于:Optionally, the first judging unit 521 is specifically configured to:

对所述SQL指令进行扫描,当分析出所述SQL指令中包含查询select语句,且所述select语句中所要查询的数据表中包含预先设置的敏感数据表,且包含的敏感数据表所要查询的数据列中又包含预先设置的敏感数据列时,确定所述SQL指令所要访问的数据中包含敏感数据;否则确定所述SQL指令所要访问的数据中不包含敏感数据Scanning the SQL instruction, when it is analyzed that the SQL instruction contains a query select statement, and the data table to be queried in the select statement contains a preset sensitive data table, and the included sensitive data table is to be queried When the data column contains a preset sensitive data column, it is determined that the data to be accessed by the SQL command contains sensitive data; otherwise, it is determined that the data to be accessed by the SQL command does not contain sensitive data

可选的,所述脱敏转换规则包括:Optionally, the desensitization conversion rules include:

将所述SQL指令中用于访问敏感数据的语句替换为预设转换函数,所述预设转换函数用于将所述敏感数据中指定位置的字符转换为预先设置的特殊字符;其中,所述敏感数据至少包括:身份证号码、电话号码、姓名和住址中的任意一项数据。The statement used to access the sensitive data in the SQL instruction is replaced with a preset conversion function, and the preset conversion function is used to convert the character at a specified position in the sensitive data into a preset special character; wherein, the Sensitive data includes at least: any one of ID number, phone number, name and address.

为了描述的方便,以上各部分按照功能划分为各模块(或单元)分别描述。当然,在实施本发明时可以把各模块(或单元)的功能在同一个或多个软件或硬件中实现。For the convenience of description, the above parts are divided into modules (or units) according to their functions and described separately. Certainly, when implementing the present invention, the functions of each module (or unit) can be implemented in one or more pieces of software or hardware.

本领域内的技术人员应明白,本发明的实施例可提供为方法、系统、或计算机程序产品。因此,本发明可采用完全硬件实施例、完全软件实施例、或结合软件和硬件方面的实施例的形式。而且,本发明可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器、CD-ROM、光学存储器等)上实施的计算机程序产品的形式。Those skilled in the art should understand that the embodiments of the present invention may be provided as methods, systems, or computer program products. Accordingly, the present invention can take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.

本发明是参照根据本发明实施例的方法、设备(系统)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It should be understood that each procedure and/or block in the flowchart and/or block diagram, and a combination of procedures and/or blocks in the flowchart and/or block diagram can be realized by computer program instructions. These computer program instructions may be provided to a general purpose computer, special purpose computer, embedded processor, or processor of other programmable data processing equipment to produce a machine such that the instructions executed by the processor of the computer or other programmable data processing equipment produce a An apparatus for realizing the functions specified in one or more procedures of the flowchart and/or one or more blocks of the block diagram.

这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的计算机可读存储器中,使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品,该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。These computer program instructions may also be stored in a computer-readable memory capable of directing a computer or other programmable data processing apparatus to operate in a specific manner, such that the instructions stored in the computer-readable memory produce an article of manufacture comprising instruction means, the instructions The device realizes the function specified in one or more procedures of the flowchart and/or one or more blocks of the block diagram.

这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。These computer program instructions can also be loaded onto a computer or other programmable data processing device, causing a series of operational steps to be performed on the computer or other programmable device to produce a computer-implemented process, thereby The instructions provide steps for implementing the functions specified in the flow chart or blocks of the flowchart and/or the block or blocks of the block diagrams.

尽管已描述了本发明的优选实施例,但本领域内的技术人员一旦得知了基本创造性概念,则可对这些实施例作出另外的变更和修改。所以,所附权利要求意欲解释为包括优选实施例以及落入本发明范围的所有变更和修改。While preferred embodiments of the invention have been described, additional changes and modifications to these embodiments can be made by those skilled in the art once the basic inventive concept is appreciated. Therefore, it is intended that the appended claims be construed to cover the preferred embodiment as well as all changes and modifications which fall within the scope of the invention.

显然,本领域的技术人员可以对本发明进行各种改动和变型而不脱离本发明的精神和范围。这样,倘若本发明的这些修改和变型属于本发明权利要求及其等同技术的范围之内,则本发明也意图包含这些改动和变型在内。Obviously, those skilled in the art can make various changes and modifications to the present invention without departing from the spirit and scope of the present invention. Thus, if these modifications and variations of the present invention fall within the scope of the claims of the present invention and their equivalent technologies, the present invention also intends to include these modifications and variations.

Claims (8)

1.一种数据脱敏方法,其特征在于,包括:1. A data desensitization method, comprising: 接收用户发送的结构化查询语言SQL指令;Receive the structured query language SQL command sent by the user; 当判断出所述SQL指令所要访问的数据中包含敏感数据,且所述用户不被允许访问所述敏感数据时,根据预先设置的脱敏转换规则对所述SQL指令进行转换,使转换后的SQL指令访问到的敏感数据为脱敏数据;When it is judged that the data to be accessed by the SQL instruction contains sensitive data, and the user is not allowed to access the sensitive data, the SQL instruction is converted according to the preset desensitization conversion rule, so that the converted Sensitive data accessed by SQL commands is desensitized data; 所述脱敏转换规则包括:将所述SQL指令中用于访问敏感数据的语句替换为预设转换函数,所述预设转换函数用于将所述敏感数据中指定位置的字符转换为预先设置的特殊字符;其中,所述敏感数据至少包括:身份证号码、电话号码、姓名和住址中的任意一项数据。The desensitization conversion rule includes: replacing the statement used to access sensitive data in the SQL instruction with a preset conversion function, and the preset conversion function is used to convert the character at a specified position in the sensitive data into a preset special characters; wherein, the sensitive data includes at least any one of ID number, phone number, name and address. 2.如权利要求1所述的方法,其特征在于,当判断出所述SQL指令所要访问的数据中包含敏感数据,且所述用户不被允许访问所述敏感数据时,根据预先设置的脱敏转换规则对所述SQL指令进行转换,使转换后的SQL指令访问到的敏感数据为脱敏数据,具体包括:2. The method according to claim 1, wherein when it is judged that the data to be accessed by the SQL command contains sensitive data, and the user is not allowed to access the sensitive data, according to the preset The sensitive conversion rule converts the SQL command, so that the sensitive data accessed by the converted SQL command is desensitized data, specifically including: 判断所述SQL指令所要访问的数据中是否包含敏感数据;Judging whether the data to be accessed by the SQL command contains sensitive data; 当判断出所述SQL指令所要访问的数据中包含敏感数据时,继续判断所述用户是否被允许访问所述敏感数据;When it is determined that the data to be accessed by the SQL instruction contains sensitive data, continue to determine whether the user is allowed to access the sensitive data; 当判断出所述用户不被允许访问所述敏感数据时,根据预先设置的脱敏转换规则对所述SQL指令进行转换,使转换后的SQL指令访问到的敏感数据为脱敏数据。When it is determined that the user is not allowed to access the sensitive data, the SQL command is converted according to a preset desensitization conversion rule, so that the sensitive data accessed by the converted SQL command is desensitized data. 3.如权利要求2所述的方法,其特征在于,接收用户发送的SQL指令,具体包括:3. The method according to claim 2, wherein receiving the SQL command sent by the user specifically comprises: 接收用户在第一时间发送的SQL指令;则Receive the SQL command sent by the user at the first time; then 判断所述用户是否被允许访问所述敏感数据,具体包括:Determine whether the user is allowed to access the sensitive data, specifically including: 根据预先存储的授权用户列表,判断所述用户是否为授权用户;judging whether the user is an authorized user according to a pre-stored authorized user list; 当判断出所述用户为授权用户时,继续判断所述第一时间是否处于所述授权用户对应的访问时间范围内,以及判断所述SQL指令所要访问的敏感数据是否为所述授权用户对应的授权访问对象;When it is determined that the user is an authorized user, continue to determine whether the first time is within the access time range corresponding to the authorized user, and determine whether the sensitive data to be accessed by the SQL command is the one corresponding to the authorized user. authorized access object; 当判断出所述用户不是授权用户,或者判断出所述第一时间未处于所述访问时间范围内,或者判断出所述SQL指令所要访问的敏感数据不是所述授权访问对象时,确定所述用户不被允许访问所述敏感数据;When it is determined that the user is not an authorized user, or that the first time is not within the access time range, or that the sensitive data to be accessed by the SQL instruction is not the authorized access object, determine the The user is not permitted to access said sensitive data; 当判断出所述用户为授权用户,所述第一时间处于所述访问时间范围内,并且所述SQL指令所要访问的敏感数据为所述授权访问对象时,确定所述用户被允许访问所述敏感数据。When it is determined that the user is an authorized user, the first time is within the access time range, and the sensitive data to be accessed by the SQL instruction is the authorized access object, it is determined that the user is allowed to access the sensitive data. 4.如权利要求2所述的方法,其特征在于,判断所述SQL指令所要访问的数据中是否包含敏感数据,具体包括:4. The method according to claim 2, wherein judging whether sensitive data is included in the data to be accessed by the SQL instruction, specifically comprises: 对所述SQL指令进行扫描,当分析出所述SQL指令中包含查询select语句,且所述select语句中所要查询的数据表中包含预先设置的敏感数据表,且包含的敏感数据表所要查询的数据列中又包含预先设置的敏感数据列时,确定所述SQL指令所要访问的数据中包含敏感数据;否则确定所述SQL指令所要访问的数据中不包含敏感数据。Scanning the SQL command, when it is analyzed that the SQL command contains a query select statement, and the data table to be queried in the select statement contains a preset sensitive data table, and the sensitive data table to be queried contains When the data column contains a preset sensitive data column, it is determined that the data to be accessed by the SQL instruction contains sensitive data; otherwise, it is determined that the data to be accessed by the SQL instruction does not contain sensitive data. 5.一种数据脱敏装置,其特征在于,包括:5. A data desensitization device, comprising: SQL指令接收模块,用于接收用户发送的结构化查询语言SQL指令;The SQL instruction receiving module is used to receive the structured query language SQL instruction sent by the user; SQL指令转换模块,用于当判断出所述SQL指令接收模块接收的SQL指令所要访问的数据中包含敏感数据,且所述用户不被允许访问所述敏感数据时,根据预先设置的脱敏转换规则对所述SQL指令进行转换,使转换后的SQL指令访问到的敏感数据为脱敏数据;The SQL instruction conversion module is used to convert according to the preset desensitization when it is judged that the data to be accessed by the SQL instruction received by the SQL instruction receiving module contains sensitive data, and the user is not allowed to access the sensitive data The rule converts the SQL command, so that the sensitive data accessed by the converted SQL command is desensitized data; 所述脱敏转换规则包括:将所述SQL指令中用于访问敏感数据的语句替换为预设转换函数,所述预设转换函数用于将所述敏感数据中指定位置的字符转换为预先设置的特殊字符;其中,所述敏感数据至少包括:身份证号码、电话号码、姓名和住址中的任意一项数据。The desensitization conversion rule includes: replacing the statement used to access sensitive data in the SQL instruction with a preset conversion function, and the preset conversion function is used to convert the character at a specified position in the sensitive data into a preset special characters; wherein, the sensitive data includes at least any one of ID number, phone number, name and address. 6.如权利要求5所述的装置,其特征在于,所述SQL指令转换模块,具体包括:6. The device according to claim 5, wherein the SQL instruction conversion module specifically comprises: 第一判断单元,用于判断所述SQL指令所要访问的数据中是否包含敏感数据;a first judging unit, configured to judge whether sensitive data is included in the data to be accessed by the SQL instruction; 第二判断单元,用于当所述第一判断单元判断出所述SQL指令所要访问的数据中包含敏感数据时,继续判断所述用户是否被允许访问所述敏感数据;The second judging unit is configured to continue judging whether the user is allowed to access the sensitive data when the first judging unit judges that the data to be accessed by the SQL instruction contains sensitive data; 转换单元,用于当所述第二判断单元判断出所述用户不被允许访问所述敏感数据时,根据预先设置的脱敏转换规则对所述SQL指令进行转换,使转换后的SQL指令访问到的敏感数据为脱敏数据。A conversion unit, configured to convert the SQL instruction according to a preset desensitization conversion rule when the second judging unit judges that the user is not allowed to access the sensitive data, so that the converted SQL instruction can access The received sensitive data is desensitized data. 7.如权利要求6所述的装置,其特征在于,所述SQL指令接收模块,具体包括:7. The device according to claim 6, wherein the SQL instruction receiving module specifically comprises: 接收用户在第一时间发送的SQL指令;则Receive the SQL command sent by the user at the first time; then 所述第二判断单元,具体用于:The second judging unit is specifically used for: 根据预先存储的授权用户列表,判断所述用户是否为授权用户;当判断出所述用户为授权用户时,继续判断所述第一时间是否处于所述授权用户对应的访问时间范围内,以及判断所述SQL指令所要访问的敏感数据是否为所述授权用户对应的授权访问对象;当判断出所述用户不是授权用户,或者判断出所述第一时间未处于所述访问时间范围内,或者判断出所述SQL指令所要访问的敏感数据不是所述授权访问对象时,确定所述用户不被允许访问所述敏感数据;当判断出所述用户为授权用户,所述第一时间处于所述访问时间范围内,并且所述SQL指令所要访问的敏感数据为所述授权访问对象时,确定所述用户被允许访问所述敏感数据。According to the pre-stored authorized user list, determine whether the user is an authorized user; when it is determined that the user is an authorized user, continue to determine whether the first time is within the access time range corresponding to the authorized user, and determine Whether the sensitive data to be accessed by the SQL command is the authorized access object corresponding to the authorized user; when it is determined that the user is not an authorized user, or it is determined that the first time is not within the access time range, or it is determined that When it is determined that the sensitive data to be accessed by the SQL instruction is not the authorized access object, it is determined that the user is not allowed to access the sensitive data; when it is determined that the user is an authorized user, the first time is in the access When the time range is within the time range and the sensitive data to be accessed by the SQL instruction is the authorized access object, it is determined that the user is allowed to access the sensitive data. 8.如权利要求6所述的装置,其特征在于,所述第一判断单元,具体用于:8. The device according to claim 6, wherein the first judging unit is specifically configured to: 对所述SQL指令进行扫描,当分析出所述SQL指令中包含查询select语句,且所述select语句中所要查询的数据表中包含预先设置的敏感数据表,且包含的敏感数据表所要查询的数据列中又包含预先设置的敏感数据列时,确定所述SQL指令所要访问的数据中包含敏感数据;否则确定所述SQL指令所要访问的数据中不包含敏感数据。Scanning the SQL instruction, when it is analyzed that the SQL instruction contains a query select statement, and the data table to be queried in the select statement contains a preset sensitive data table, and the included sensitive data table is to be queried When the data column contains a preset sensitive data column, it is determined that the data to be accessed by the SQL instruction contains sensitive data; otherwise, it is determined that the data to be accessed by the SQL instruction does not contain sensitive data.
CN201510303954.4A 2015-06-04 2015-06-04 A kind of data desensitization method and device Active CN106295388B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510303954.4A CN106295388B (en) 2015-06-04 2015-06-04 A kind of data desensitization method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510303954.4A CN106295388B (en) 2015-06-04 2015-06-04 A kind of data desensitization method and device

Publications (2)

Publication Number Publication Date
CN106295388A CN106295388A (en) 2017-01-04
CN106295388B true CN106295388B (en) 2019-09-10

Family

ID=57659048

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510303954.4A Active CN106295388B (en) 2015-06-04 2015-06-04 A kind of data desensitization method and device

Country Status (1)

Country Link
CN (1) CN106295388B (en)

Families Citing this family (30)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108512807B (en) * 2017-02-24 2020-08-04 中国移动通信集团公司 A data desensitization method in data transmission and a data desensitization server
CN106991337B (en) * 2017-04-06 2019-10-22 北京数聚世界信息技术有限公司 A kind of desensitization method and device of date of birth data
CN107194270A (en) * 2017-04-07 2017-09-22 广东精点数据科技股份有限公司 A kind of system and method for realizing data desensitization
CN107122678A (en) * 2017-04-28 2017-09-01 上海与德科技有限公司 Protect the method and device of product parameters
CN107194276A (en) * 2017-05-03 2017-09-22 上海上讯信息技术股份有限公司 Database Dynamic desensitization method and equipment
CN107273763B (en) * 2017-06-23 2020-12-04 上海艺赛旗软件股份有限公司 Fuzzy replacement method and system for SQL (structured query language) driver layer sensitive data
CN107392051A (en) * 2017-07-28 2017-11-24 北京明朝万达科技股份有限公司 A kind of big data processing method and system
CN107403108A (en) * 2017-08-07 2017-11-28 上海上讯信息技术股份有限公司 A kind of method and system of data processing
CN110019377B (en) * 2017-12-14 2021-10-26 中国移动通信集团山西有限公司 Dynamic desensitization method, device, equipment and medium
CN108288492A (en) * 2017-12-29 2018-07-17 安徽方正医疗信息技术有限公司 The method for freely converting approval process according to the querying condition of login user establishment
CN108304704B (en) * 2018-02-07 2021-02-09 平安普惠企业管理有限公司 Authority control method and device, computer equipment and storage medium
CN109271807A (en) * 2018-08-20 2019-01-25 深圳萨摩耶互联网金融服务有限公司 The data safety processing method and system of database
CN109299616A (en) * 2018-09-07 2019-02-01 北明软件有限公司 A kind of data safety managing and control system and method based on connection pool
CN109409121B (en) * 2018-09-07 2022-10-11 创新先进技术有限公司 Desensitization processing method and device and server
CN109871708A (en) * 2018-12-15 2019-06-11 平安科技(深圳)有限公司 Data transmission method, device, electronic equipment and storage medium
CN109711189B (en) * 2018-12-19 2021-09-03 上海晶赞融宣科技有限公司 Data desensitization method and device, storage medium and terminal
CN110210703A (en) * 2019-04-25 2019-09-06 深圳壹账通智能科技有限公司 A kind of method, apparatus, storage medium and computer equipment that financing is recommended
CN110245505B (en) * 2019-05-20 2024-11-05 中国平安人寿保险股份有限公司 Data table access method, device, computer equipment and storage medium
CN112016116B (en) * 2019-05-30 2025-08-19 阿里巴巴集团控股有限公司 Data management and access method, device, electronic equipment and readable storage medium
CN110781515B (en) * 2019-10-25 2023-09-26 上海凯馨信息科技有限公司 Static data desensitizing method and device
CN111083292A (en) * 2019-11-18 2020-04-28 集奥聚合(北京)人工智能科技有限公司 Corpus processing method and system for intelligent voice outbound system
CN111191276B (en) * 2019-12-05 2023-09-19 平安银行股份有限公司 Data desensitization method, device, storage medium and computer equipment
CN111159754A (en) * 2019-12-12 2020-05-15 浙江华云信息科技有限公司 Data desensitization method and device for reverse analysis
CN111429640A (en) * 2020-03-16 2020-07-17 北京安迅伟业科技有限公司 Method and system for controlling gateway under cloud platform management
CN111767300B (en) * 2020-05-11 2022-06-07 全球能源互联网研究院有限公司 Dynamic desensitization method and device for penetration of internal and external networks of electric power data
CN112765658A (en) * 2021-01-15 2021-05-07 杭州数梦工场科技有限公司 Data desensitization method and device, electronic equipment and storage medium
CN115080987B (en) * 2021-03-11 2025-03-04 中国移动通信集团山东有限公司 Password management method, device, system, storage medium and computer equipment
CN112800474B (en) * 2021-03-19 2021-08-10 北京安华金和科技有限公司 Data desensitization method and device, storage medium and electronic device
CN114817990A (en) * 2022-05-05 2022-07-29 江苏保旺达软件技术有限公司 Management method, device, electronic device and storage medium for sensitive data
CN116028977A (en) * 2023-02-10 2023-04-28 平安科技(深圳)有限公司 Data desensitization method, device, equipment and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102844756A (en) * 2010-03-15 2012-12-26 迪纳米科普斯公司 Computer relational database method and system having role based access control
CN103778380A (en) * 2013-12-31 2014-05-07 网秦(北京)科技有限公司 Data desensitization method and device and data anti-desensitization method and device
CN103870480A (en) * 2012-12-12 2014-06-18 财团法人资讯工业策进会 Dynamic data masking method and database system
CN104239823A (en) * 2013-06-07 2014-12-24 腾讯科技(深圳)有限公司 Interface content display control method and device

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI616762B (en) * 2012-12-12 2018-03-01 財團法人資訊工業策進會 Dynamic data masking method and data library system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102844756A (en) * 2010-03-15 2012-12-26 迪纳米科普斯公司 Computer relational database method and system having role based access control
CN103870480A (en) * 2012-12-12 2014-06-18 财团法人资讯工业策进会 Dynamic data masking method and database system
CN104239823A (en) * 2013-06-07 2014-12-24 腾讯科技(深圳)有限公司 Interface content display control method and device
CN103778380A (en) * 2013-12-31 2014-05-07 网秦(北京)科技有限公司 Data desensitization method and device and data anti-desensitization method and device

Also Published As

Publication number Publication date
CN106295388A (en) 2017-01-04

Similar Documents

Publication Publication Date Title
CN106295388B (en) A kind of data desensitization method and device
CN110889130B (en) Database-based fine-grained data encryption method, system and device
US9652512B2 (en) Secure matching supporting fuzzy data
US20210004373A1 (en) Facilitating queries of encrypted sensitive data via encrypted variant data objects
JP2020030866A (en) Confidential information processing method, apparatus, server, and security determination system
US10956602B2 (en) Searching for encrypted data within a cloud based platform
US11379601B2 (en) Detection of sensitive database information
US8590026B2 (en) Method and system for generating a touch CAPTCHA
KR20190029509A (en) System and method for securely storing user information in a user profile
CN113468576B (en) Role-based data security access method and device
CN105516059B (en) A kind of resource access control method and device
WO2019062049A1 (en) Financial app permission configuration method, device and equipment, and storage medium
Fowler SQL server forenisc analysis
CN107358122A (en) The access management method and system of a kind of data storage
CN109271807A (en) The data safety processing method and system of database
US20230056885A1 (en) Real-time dynamic blockchain securitization platform
CN115481442A (en) Encryption method for data in database table, machine-readable storage medium and computer equipment
CN105069366A (en) Account registration and management method and device
Singh Security analysis of mongodb
US11263328B2 (en) Encrypted log aggregation
US10116701B2 (en) Device-type based content management
US20190130099A1 (en) Data generation for data protection
US20240143829A1 (en) Permission based data masking
CN118153098A (en) Data desensitization method, management platform, computer equipment and storage medium
CN117668823A (en) Data processing method and device based on trusted execution environment

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant