CN106372515A - Managed monitoring method for sensitive code and server - Google Patents
Managed monitoring method for sensitive code and server Download PDFInfo
- Publication number
- CN106372515A CN106372515A CN201610704762.9A CN201610704762A CN106372515A CN 106372515 A CN106372515 A CN 106372515A CN 201610704762 A CN201610704762 A CN 201610704762A CN 106372515 A CN106372515 A CN 106372515A
- Authority
- CN
- China
- Prior art keywords
- code
- sensitive
- trustship
- server
- sensitive code
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
Abstract
The invention discloses a managed monitoring method for sensitive code. The method comprises the following steps that a monitoring server searches out the sensitive code from a public code managed server in real time or at the regular time according to a pre-determined search rule; and after the sensitive code is searched, the monitoring server sends reminding information to a pre-determined terminal so as to remind that the sensitive code is leaked into the public code managed server. The invention also discloses the monitoring server for monitoring the managed monitoring sensitive code. The monitoring server can perform real-time or regular-time monitoring on the condition that whether the sensitive code exists in the public code managed server or not; and the condition that the sensitive code is leaked into the public code managed server can be reminded to the pre-determined terminal at the first time when the condition that the sensitive code exists in the public code managed server is monitored, so that the accurate and timely monitoring and management on the uploading management of the sensitive code can be realized.
Description
Technical field
The present invention relates to field of computer technology, the trustship monitoring method of more particularly, to a kind of sensitive code and server.
Background technology
At present, the PHP of a lot of companies can be by the software source code trustship of exploitation to common code trustship net
Stand on (for example, github, oschina etc.), during entering line code trustship, often occur the important code of affiliated company
Or sensitive information is submitted on common code trustship website, company sensitive information is caused to reveal.At present, in order to prevent sensitive letter
Breath is revealed, and the way of a lot of companies is to carry out management and control in enterprises to data outgoing.However, this way is difficult to code is done
To accurate diversity management and control (i.e. sensitive code forbids outgoing, and non-sensitive code allows outgoing), meanwhile, PHP's
Development process is simultaneously not entirely under the Data Transmission Controlling of intranet, and described development process includes work in many cases
Make development process of the development process of time, the development process of quitting time and/or time of going on business etc., this way cannot counterweight
Code or the upload trustship of sensitive information is wanted to accomplish completely management and control.
Content of the invention
Present invention is primarily targeted at providing a kind of trustship monitoring method of sensitive code and server it is intended to sensitivity
The trustship of code carries out management and control effectively.
For achieving the above object, the present invention provide a kind of sensitive code trustship monitoring method, methods described include with
Lower step:
A, monitoring server are in real time or timing is according to predetermined search rule, from common code Entrust Server
Search out sensitive code;
B, after searching sensitive code, described monitoring server to predetermined terminal send prompting message, to carry
Waking up has sensitive code to leak in common code Entrust Server.
Preferably, described predetermined search rule includes:
According to predetermined sensitive keys word, search out containing described at least one from common code Entrust Server
The functional module program code segments of sensitive keys word, and using the functional module searching out program code segments as sensitive code.
Preferably, described predetermined search rule includes:
According to predetermined sensitive document name, search out from common code Entrust Server filename and at least one
The code file of described sensitive document name coupling, and using the code in the code file searching out as sensitive code.
Preferably, described step b includes:
After searching sensitive code, described monitoring server distributes memory space and is used for the sensitivity generation that storage searches
Code;
Described monitoring server sends the reading chained address with the sensitive code searching to predetermined terminal
Prompting message, have sensitive code to leak in common code Entrust Server to remind, and pass through described to carry for supervision user
The sensitive code searching is checked in chained address in awake information.
Preferably, described step b includes:
After searching sensitive code, described monitoring server obtains the trustship user profile of described sensitive code, and point
Join memory space for store the sensitive code that searches;
Described monitoring server sends with the trustship user profile obtaining and described sensitivity generation to predetermined terminal
The prompting message of the reading chained address of code, has sensitive code to leak in common code Entrust Server to remind, for supervision
The trustship user of user's sensitive code according to the trustship user profile in described prompting message positions trustship, and for supervision
The sensitive code searching is checked at family by the chained address in described prompting message.
Additionally, for achieving the above object, the present invention also provides a kind of monitoring service of the sensitive code for monitoring trustship
Device, described monitoring server includes:
Search module, in real time or regularly according to predetermined search rule, from common code Entrust Server
In search out sensitive code;
Sending module, for, after searching sensitive code, sending prompting message to predetermined terminal, is had with reminding
Sensitive code leaks in common code Entrust Server.
Preferably, described predetermined search rule includes:
According to predetermined sensitive keys word, search out containing described at least one from common code Entrust Server
The functional module program code segments of sensitive keys word, and using the functional module searching out program code segments as sensitive code.
Preferably, described predetermined search rule includes:
According to predetermined sensitive document name, search out from common code Entrust Server filename and at least one
The code file of described sensitive document name coupling, and using the code in the code file searching out as sensitive code.
Preferably, described sending module is additionally operable to:
After searching sensitive code, distribution memory space is used for the sensitive code that storage searches;To predetermined
Terminal sends the prompting message of the reading chained address with the sensitive code searching, and has sensitive code to leak to public affairs to remind
Altogether in code Entrust Server, and checked the sensitivity generation searching by the chained address in described prompting message for supervision user
Code.
Preferably, described sending module is additionally operable to:
After searching sensitive code, obtain the trustship user profile of described sensitive code, and distribute memory space and be used for
Store the sensitive code searching;Send with the trustship user profile obtaining and described sensitive code to predetermined terminal
Reading chained address prompting message, with remind have sensitive code to leak in common code Entrust Server, for supervision
The trustship user of family sensitive code according to the trustship user profile in described prompting message positions trustship, and for supervision user
Check the sensitive code searching by the chained address in described prompting message.
A kind of trustship monitoring method of sensitive code proposed by the present invention and server, monitoring server is to common code support
Sensitive code in pipe server carries out real-time or timing search, if searching sensitive code, described monitoring server
Send prompting message to predetermined terminal.Because monitoring server can be quick to whether there is in common code Entrust Server
Sense code carries out real-time or timing monitoring, and there is sensitive code in monitoring described common code Entrust Server
When, the very first time remind predetermined terminal have sensitive code to leak in common code Entrust Server, thus realize right
The upload trustship of sensitive code is accurately and timely supervised.
Brief description
Fig. 1 is the schematic flow sheet of trustship monitoring method one embodiment of sensitive code of the present invention;
The functional module that Fig. 2 is used for monitoring monitoring server one embodiment of the sensitive code of trustship for the present invention is illustrated
Figure.
The realization of the object of the invention, functional characteristics and advantage will be described further in conjunction with the embodiments referring to the drawings.
Specific embodiment
It should be appreciated that specific embodiment described herein, only in order to explain the present invention, is not intended to limit the present invention.
The present invention provides a kind of trustship monitoring method of sensitive code.
With reference to Fig. 1, Fig. 1 is the schematic flow sheet of trustship monitoring method one embodiment of sensitive code of the present invention.
In one embodiment, the trustship monitoring method of this sensitive code includes:
Step s10, monitoring server is in real time or timing is according to predetermined search rule, from common code trustship clothes
Sensitive code is searched out in business device;
The often a lot of PHP of trustship on common code trustship website (for example, github, oschina etc.)
The software source code of exploitation, and during entering line code trustship, due to the particularity of software development, PHP's
Development process is general and Data Transmission Controlling that be not entirely in intranet under, if only rely on enterprises opening to software
The software source code upload trustship sending out engineer carries out management and control, easily causes the enterprise-essential code such as software source code or sensitivity
The leakage of information.Therefore, in the present embodiment, by monitoring server, the sensitive code in common code Entrust Server is entered
Row in real time or timing search, solving enterprises cannot uploading trustship and carry out asking of monitoring completely to software source code
Topic, accurately and timely can be monitored to uploading the sensitive code to described common code Entrust Server for the trustship.
Described monitoring server according to predetermined search rule, in real time or periodically from described common code trustship
Sensitive code is searched out, such as in one embodiment, described predetermined search rule can be complete in server
Join search, for example, can preset corresponding sensitive keys word, sensitive keys word, sensitive document according to different sensitive code information
Name, sensitive document type etc..In real time or periodically to the code file uploading trustship in described common code Entrust Server
Scan for, mate, if searching out from described common code Entrust Server and sensitive keys word set in advance, sensitive pass
The code file of keyword, sensitive document name and/or sensitive document type coupling completely, then identify in the code file searching out
Code be sensitive code.
In another embodiment, described predetermined search rule can be half coupling search, for example can basis
Different sensitive code information preset corresponding sensitive keys word, sensitive keys word etc..In real time or periodically to described public affairs
The code file uploading trustship altogether in code Entrust Server scans for, mates, if from described common code Entrust Server
In search out the code file mated completely with the partial content of sensitive keys word set in advance and/or sensitive keys word, then
Identify that the code in the code file searching out is sensitive code.
In another embodiment, described predetermined search rule can also be based on artificial neural network from
Study coupling search, for example can be according to different sensitive code information such as sensitive keys word, sensitive keys word, sensitive document name, quick
Sense file type etc. pre-builds corresponding neural network model, real-time or periodically right using the neural network model set up
The code file uploading trustship in described common code Entrust Server scans for, mates, by neural network model from
Study, association function search out related, similar to sensitive keys word, sensitive keys word, sensitive document name, sensitive document type etc.
Or equivalent code file, and identify that the code in the code file searching out is sensitive code.
Certainly, other matching ways may also be employed or search rule that multiple matching way combines came from described public generation
Sensitive code is searched out, here does not limit in code Entrust Server.
Step s20, after searching sensitive code, described monitoring server sends to predetermined terminal and reminds letter
Breath, has sensitive code to leak in common code Entrust Server to remind.
Identifying from described common code Entrust Server, searching out sensitive code according to predetermined search rule
Afterwards, illustrate that sensitive code is intentionally or inadvertently leaked in described common code Entrust Server by PHP,
Then described monitoring server sends prompting message to predetermined terminal, has sensitive code to leak to described public generation to remind
In code Entrust Server.Wherein, this prompting message can be voice messaging, short message, multimedia message, wechat message, qq message etc.,
This does not limit.Described predetermined terminal can be to be chosen whether to leaking to common code trusteeship service for user
Sensitive code in device makes mobile terminal of respective handling etc., receives this prompting by user by described predetermined terminal
Information, and respond, this sensitive code as traceable in user, and in time this sensitive code is taken from described common code trustship
Delete in business device.
In the present embodiment, monitoring server carries out real-time or timing to the sensitive code in common code Entrust Server
Search, if searching sensitive code, described monitoring server to predetermined terminal send prompting message.Due to monitoring
Server can carry out real-time or timing monitoring in common code Entrust Server with the presence or absence of sensitive code, and in monitoring
When there is sensitive code in described common code Entrust Server, the very first time reminds predetermined terminal to have sensitive code
Leak in common code Entrust Server, thus realizing the upload trustship of sensitive code is accurately and timely supervised.
Further, in other embodiments, above-mentioned predetermined search rule includes:
According to predetermined sensitive keys word, search out containing described at least one from common code Entrust Server
The functional module program code segments of sensitive keys word, and using the functional module searching out program code segments as sensitive code.
In the present embodiment, described predetermined search rule mays include: for example quick according to predetermined sensitive keys word
Sense code line, code segment, sensitive self-defining function title, sensitive analytic function etc., from described common code trusteeship service
The functional module program code segments containing sensitive keys word at least one described are searched out in device, wherein, described functional module journey
Sequence code segment refers to all of code of One function module, including initial code row (with beginning flag) and epig code row
(with end mark), and using the functional module searching out program code segments as sensitive code.
Further, in other embodiments, above-mentioned predetermined search rule includes:
According to predetermined sensitive document name, search out from common code Entrust Server filename and at least one
The code file of described sensitive document name coupling, and using the code in the code file searching out as sensitive code.
In the present embodiment, described predetermined search rule may also include that according to predetermined sensitive document name such as
The complete file name " safety science and technology * * * * * system source code " of sensitive document, partial document name " * * * * * system source code " etc.,
Search out, from described common code Entrust Server, the code file that filename is mated with sensitive document name at least one described.
For example, if having code file filename consistent with a sensitive document name, or, comprise a sensitive document name, then represent
The filename of this code file is mated with this sensitive document name, and using the code in the code file searching out as sensitive generation
Code.
Further, in other embodiments, above-mentioned steps s20 may include that
After searching sensitive code, described monitoring server distributes memory space and is used for the sensitivity generation that storage searches
Code;
Described monitoring server sends the reading chained address with the sensitive code searching to predetermined terminal
Prompting message, have sensitive code to leak in common code Entrust Server to remind, and pass through described to carry for supervision user
The sensitive code searching is checked in chained address in awake information.
In the present embodiment, identifying from described common code Entrust Server, searching according to predetermined search rule
After rope goes out sensitive code, described monitoring server distributes special memory space to store the sensitive code searching, and to
Predetermined terminal sends the prompting message of the reading chained address with the sensitive code searching.So, predefine
Terminal such as mobile terminal etc. can when there being sensitive code to leak in common code Entrust Server the very first time receive this
Prompting message, makes the supervision user of mobile terminal can know currently have sensitive code to leak to common code Entrust Server in time
In.Further, the supervision user of mobile terminal also can jump to described by clicking on the chained address in this prompting message
The dedicated memory space of sensitive code that storage searches is used on monitoring server, so that supervision user checks search quick
Sense code.Supervision user can decide whether according to the importance of the sensitive code checked to follow the trail of this sensitive code, and
In time this sensitive code is deleted from described common code Entrust Server.
The present embodiment can make supervision user view the sensitivity generation leaking in described common code Entrust Server in time
Digital content, so that supervision user is processed, more in time accordingly.
Further, in other embodiments, above-mentioned steps s20 may include that
After searching sensitive code, described monitoring server obtains the trustship user profile of described sensitive code, and point
Join memory space for store the sensitive code that searches;
Described monitoring server sends with the trustship user profile obtaining and described sensitivity generation to predetermined terminal
The prompting message of the reading chained address of code, has sensitive code to leak in common code Entrust Server to remind, for supervision
The trustship user of user's sensitive code according to the trustship user profile in described prompting message positions trustship, and for supervision
The sensitive code searching is checked at family by the chained address in described prompting message.
In the present embodiment, identifying from described common code Entrust Server, searching according to predetermined search rule
After rope goes out sensitive code, described monitoring server obtains the trustship user profile of described sensitive code, and distributes special depositing
Storage space, to store the sensitive code searching, also sends with the trustship user letter obtaining to predetermined terminal meanwhile
The prompting message of the reading chained address of breath and described sensitive code.So, predetermined terminal such as mobile terminal etc. can be
When having sensitive code to leak in common code Entrust Server, the very first time receives this prompting message, makes the prison of mobile terminal
Effective family can be known in time currently has sensitive code to leak in common code Entrust Server.Further, mobile terminal
Supervision user also can by the trustship user of sensitive code described in the positioning trustship of trustship user profile in described prompting message,
And by clicking on the chained address in this prompting message, jump to and the sensitivity generation that storage searches is used on described monitoring server
The dedicated memory space of code, checks the sensitive code searching.Supervision user can be extremely described public according to uploading sensitive code
The importance of the trustship user profile of code Entrust Server and sensitive code comprehensively to decide whether to follow the trail of this sensitivity
Code, and in time this sensitive code is deleted from described common code Entrust Server.
The present embodiment can make supervision user know the support uploading sensitive code to described common code Entrust Server in time
Pipe user profile and view the sensitive code content leaking in described common code Entrust Server, so that supervision user
The sensitive code of comprehensive trustship user profile and its upload judging whether to need sensitive code is processed accordingly, more
Flexibly.
The present invention further provides a kind of monitoring server of the sensitive code for monitoring trustship.
With reference to Fig. 2, Fig. 2 is used for for the present invention monitoring the function mould of monitoring server one embodiment of the sensitive code of trustship
Block schematic diagram.
In one embodiment, the monitoring server that this is used for monitoring the sensitive code of trustship includes:
Search module 01, in real time or regularly according to predetermined search rule, from common code trusteeship service
Sensitive code is searched out in device;
The often a lot of PHP of trustship on common code trustship website (for example, github, oschina etc.)
The software source code of exploitation, and during entering line code trustship, due to the particularity of software development, PHP's
Development process is general and Data Transmission Controlling that be not entirely in intranet under, if only rely on enterprises opening to software
The software source code upload trustship sending out engineer carries out management and control, easily causes the enterprise-essential code such as software source code or sensitivity
The leakage of information.Therefore, in the present embodiment, by monitoring server, the sensitive code in common code Entrust Server is entered
Row in real time or timing search, solving enterprises cannot uploading trustship and carry out asking of monitoring completely to software source code
Topic, accurately and timely can be monitored to uploading the sensitive code to described common code Entrust Server for the trustship.
Described monitoring server according to predetermined search rule, in real time or periodically from described common code trustship
Sensitive code is searched out, such as in one embodiment, described predetermined search rule can be complete in server
Join search, for example, can preset corresponding sensitive keys word, sensitive keys word, sensitive document according to different sensitive code information
Name, sensitive document type etc..In real time or periodically to the code file uploading trustship in described common code Entrust Server
Scan for, mate, if searching out from described common code Entrust Server and sensitive keys word set in advance, sensitive pass
The code file of keyword, sensitive document name and/or sensitive document type coupling completely, then identify in the code file searching out
Code be sensitive code.
In another embodiment, described predetermined search rule can be half coupling search, for example can basis
Different sensitive code information preset corresponding sensitive keys word, sensitive keys word etc..In real time or periodically to described public affairs
The code file uploading trustship altogether in code Entrust Server scans for, mates, if from described common code Entrust Server
In search out the code file mated completely with the partial content of sensitive keys word set in advance and/or sensitive keys word, then
Identify that the code in the code file searching out is sensitive code.
In another embodiment, described predetermined search rule can also be based on artificial neural network from
Study coupling search, for example can be according to different sensitive code information such as sensitive keys word, sensitive keys word, sensitive document name, quick
Sense file type etc. pre-builds corresponding neural network model, real-time or periodically right using the neural network model set up
The code file uploading trustship in described common code Entrust Server scans for, mates, by neural network model from
Study, association function search out related, similar to sensitive keys word, sensitive keys word, sensitive document name, sensitive document type etc.
Or equivalent code file, and identify that the code in the code file searching out is sensitive code.
Certainly, other matching ways may also be employed or search rule that multiple matching way combines came from described public generation
Sensitive code is searched out, here does not limit in code Entrust Server.
Sending module 02, for, after searching sensitive code, sending prompting message to predetermined terminal, to remind
Sensitive code is had to leak in common code Entrust Server.
Identifying from described common code Entrust Server, searching out sensitive code according to predetermined search rule
Afterwards, illustrate that sensitive code is intentionally or inadvertently leaked in described common code Entrust Server by PHP,
Then described monitoring server sends prompting message to predetermined terminal, has sensitive code to leak to described public generation to remind
In code Entrust Server.Wherein, this prompting message can be voice messaging, short message, multimedia message, wechat message, qq message etc.,
This does not limit.Described predetermined terminal can be to be chosen whether to leaking to common code trusteeship service for user
Sensitive code in device makes mobile terminal of respective handling etc., receives this prompting by user by described predetermined terminal
Information, and respond, this sensitive code as traceable in user, and in time this sensitive code is taken from described common code trustship
Delete in business device.
In the present embodiment, monitoring server carries out real-time or timing to the sensitive code in common code Entrust Server
Search, if searching sensitive code, described monitoring server to predetermined terminal send prompting message.Due to monitoring
Server can carry out real-time or timing monitoring in common code Entrust Server with the presence or absence of sensitive code, and in monitoring
When there is sensitive code in described common code Entrust Server, the very first time reminds predetermined terminal to have sensitive code
Leak in common code Entrust Server, thus realizing the upload trustship of sensitive code is accurately and timely supervised.
Further, in other embodiments, above-mentioned predetermined search rule includes:
According to predetermined sensitive keys word, search out containing described at least one from common code Entrust Server
The functional module program code segments of sensitive keys word, and using the functional module searching out program code segments as sensitive code.
In the present embodiment, described predetermined search rule mays include: for example quick according to predetermined sensitive keys word
Sense code line, code segment, sensitive self-defining function title, sensitive analytic function etc., from described common code trusteeship service
The functional module program code segments containing sensitive keys word at least one described are searched out in device, wherein, described functional module journey
Sequence code segment refers to all of code of One function module, including initial code row (with beginning flag) and epig code row
(with end mark), and using the functional module searching out program code segments as sensitive code.
Further, in other embodiments, above-mentioned predetermined search rule includes:
According to predetermined sensitive document name, search out from common code Entrust Server filename and at least one
The code file of described sensitive document name coupling, and using the code in the code file searching out as sensitive code.
In the present embodiment, described predetermined search rule may also include that according to predetermined sensitive document name such as
The complete file name " safety science and technology * * * * * system source code " of sensitive document, partial document name " * * * * * system source code " etc.,
Search out, from described common code Entrust Server, the code file that filename is mated with sensitive document name at least one described.
For example, if having code file filename consistent with a sensitive document name, or, comprise a sensitive document name, then represent
The filename of this code file is mated with this sensitive document name, and using the code in the code file searching out as sensitive generation
Code.
Further, in other embodiments, above-mentioned sending module 02 is additionally operable to:
After searching sensitive code, distribution memory space is used for the sensitive code that storage searches;To predetermined
Terminal sends the prompting message of the reading chained address with the sensitive code searching, and has sensitive code to leak to public affairs to remind
Altogether in code Entrust Server, and checked the sensitivity generation searching by the chained address in described prompting message for supervision user
Code.
In the present embodiment, identifying from described common code Entrust Server, searching according to predetermined search rule
After rope goes out sensitive code, described monitoring server distributes special memory space to store the sensitive code searching, and to
Predetermined terminal sends the prompting message of the reading chained address with the sensitive code searching.So, predefine
Terminal such as mobile terminal etc. can when there being sensitive code to leak in common code Entrust Server the very first time receive this
Prompting message, makes the supervision user of mobile terminal can know currently have sensitive code to leak to common code Entrust Server in time
In.Further, the supervision user of mobile terminal also can jump to described by clicking on the chained address in this prompting message
The dedicated memory space of sensitive code that storage searches is used on monitoring server, so that supervision user checks search quick
Sense code.Supervision user can decide whether according to the importance of the sensitive code checked to follow the trail of this sensitive code, and
In time this sensitive code is deleted from described common code Entrust Server.
The present embodiment can make supervision user view the sensitivity generation leaking in described common code Entrust Server in time
Digital content, so that supervision user is processed, more in time accordingly.
Further, in other embodiments, above-mentioned sending module 02 is additionally operable to:
After searching sensitive code, obtain the trustship user profile of described sensitive code, and distribute memory space and be used for
Store the sensitive code searching;Send with the trustship user profile obtaining and described sensitive code to predetermined terminal
Reading chained address prompting message, with remind have sensitive code to leak in common code Entrust Server, for supervision
The trustship user of family sensitive code according to the trustship user profile in described prompting message positions trustship, and for supervision user
Check the sensitive code searching by the chained address in described prompting message.
In the present embodiment, identifying from described common code Entrust Server, searching according to predetermined search rule
After rope goes out sensitive code, described monitoring server obtains the trustship user profile of described sensitive code, and distributes special depositing
Storage space, to store the sensitive code searching, also sends with the trustship user letter obtaining to predetermined terminal meanwhile
The prompting message of the reading chained address of breath and described sensitive code.So, predetermined terminal such as mobile terminal etc. can be
When having sensitive code to leak in common code Entrust Server, the very first time receives this prompting message, makes the prison of mobile terminal
Effective family can be known in time currently has sensitive code to leak in common code Entrust Server.Further, mobile terminal
Supervision user also can by the trustship user of sensitive code described in the positioning trustship of trustship user profile in described prompting message,
And by clicking on the chained address in this prompting message, jump to and the sensitivity generation that storage searches is used on described monitoring server
The dedicated memory space of code, checks the sensitive code searching.Supervision user can be extremely described public according to uploading sensitive code
The importance of the trustship user profile of code Entrust Server and sensitive code comprehensively to decide whether to follow the trail of this sensitivity
Code, and in time this sensitive code is deleted from described common code Entrust Server.
The present embodiment can make supervision user know the support uploading sensitive code to described common code Entrust Server in time
Pipe user profile and view the sensitive code content leaking in described common code Entrust Server, so that supervision user
The sensitive code of comprehensive trustship user profile and its upload judging whether to need sensitive code is processed accordingly, more
Flexibly.
The embodiments of the present invention are for illustration only, do not represent the quality of embodiment.By above embodiment party
The description of formula, those skilled in the art can be understood that above-described embodiment method can be by software plus necessary general
The mode of hardware platform is realizing naturally it is also possible to pass through hardware, but the former is more preferably embodiment in many cases.It is based on
Such understanding, what technical scheme substantially contributed to prior art in other words partly can be with software product
Form embody, this computer software product is stored in a storage medium (as rom/ram, magnetic disc, CD), including
Some instructions are with so that a station terminal equipment (can be mobile phone, computer, server, or network equipment etc.) executes this
Method described in each embodiment bright.
These are only the preferred embodiments of the present invention, not thereby limit the present invention the scope of the claims, every using this
Equivalent structure or equivalent flow conversion that bright description and accompanying drawing content are made, or directly or indirectly it is used in other related skills
Art field, is included within the scope of the present invention.
Claims (10)
1. a kind of trustship monitoring method of sensitive code is it is characterised in that the method comprising the steps of:
A, monitoring server are in real time or timing is according to predetermined search rule, search for from common code Entrust Server
Go out sensitive code;
B, after searching sensitive code, described monitoring server to predetermined terminal send prompting message, with remind have
Sensitive code leaks in common code Entrust Server.
2. the trustship monitoring method of sensitive code as claimed in claim 1 is it is characterised in that described predetermined search is advised
Then include:
According to predetermined sensitive keys word, search out containing sensitivity at least one described from common code Entrust Server
The functional module program code segments of key word, and using the functional module searching out program code segments as sensitive code.
3. the trustship monitoring method of sensitive code as claimed in claim 1 is it is characterised in that described predetermined search is advised
Then include:
According to predetermined sensitive document name, search out from common code Entrust Server filename with least one described in
The code file of sensitive document name coupling, and using the code in the code file searching out as sensitive code.
4. the trustship monitoring method of the sensitive code as described in any one in claims 1 to 3 is it is characterised in that described step
Rapid b includes:
After searching sensitive code, described monitoring server distributes memory space and is used for the sensitive code that storage searches;
Described monitoring server sends carrying of the reading chained address with the sensitive code searching to predetermined terminal
Awake information, has sensitive code to leak in common code Entrust Server to remind, and passes through described prompting letter for supervision user
The sensitive code searching is checked in chained address in breath.
5. the trustship monitoring method of the sensitive code as described in any one in claims 1 to 3 is it is characterised in that described step
Rapid b includes:
After searching sensitive code, described monitoring server obtains the trustship user profile of described sensitive code, and distributes and deposit
Storage space is used for the sensitive code that storage searches;
Described monitoring server sends with the trustship user profile obtaining and described sensitive code to predetermined terminal
Read the prompting message of chained address, have sensitive code to leak in common code Entrust Server to remind, for supervising user
The trustship user of sensitive code according to the trustship user profile in described prompting message positions trustship, and lead to for supervision user
Cross the chained address in described prompting message and check the sensitive code searching.
6. a kind of monitoring server of the sensitive code for monitoring trustship is it is characterised in that described monitoring server includes:
Search module, in real time or regularly according to predetermined search rule, searching from common code Entrust Server
Rope goes out sensitive code;
Sending module, for, after searching sensitive code, sending prompting message to predetermined terminal, has sensitivity to remind
Code leaks in common code Entrust Server.
7. the as claimed in claim 6 monitoring server being used for monitoring the sensitive code of trustship it is characterised in that described in advance
The search rule determining includes:
According to predetermined sensitive keys word, search out containing sensitivity at least one described from common code Entrust Server
The functional module program code segments of key word, and using the functional module searching out program code segments as sensitive code.
8. the as claimed in claim 6 monitoring server being used for monitoring the sensitive code of trustship it is characterised in that described in advance
The search rule determining includes:
According to predetermined sensitive document name, search out from common code Entrust Server filename with least one described in
The code file of sensitive document name coupling, and using the code in the code file searching out as sensitive code.
9. the monitoring server of the sensitive code for monitoring trustship as described in any one in claim 6 to 8, its feature
It is, described sending module is additionally operable to:
After searching sensitive code, distribution memory space is used for the sensitive code that storage searches;To predetermined terminal
Send the prompting message of the reading chained address with the sensitive code searching, have sensitive code to leak to public generation to remind
In code Entrust Server, and check, for supervision user, the sensitive code searching by the chained address in described prompting message.
10. the monitoring server of the sensitive code for monitoring trustship as described in any one in claim 6 to 8, it is special
Levy and be, described sending module is additionally operable to:
After searching sensitive code, obtain the trustship user profile of described sensitive code, and distribute memory space and be used for storing
The sensitive code searching;Send the reading with the trustship user profile obtaining and described sensitive code to predetermined terminal
Take the prompting message of chained address, have sensitive code to leak in common code Entrust Server to remind, for supervising user's root
Position the trustship user of sensitive code described in trustship according to the trustship user profile in described prompting message, and pass through for supervision user
The sensitive code searching is checked in chained address in described prompting message.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610704762.9A CN106372515A (en) | 2016-08-22 | 2016-08-22 | Managed monitoring method for sensitive code and server |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610704762.9A CN106372515A (en) | 2016-08-22 | 2016-08-22 | Managed monitoring method for sensitive code and server |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106372515A true CN106372515A (en) | 2017-02-01 |
Family
ID=57879470
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610704762.9A Pending CN106372515A (en) | 2016-08-22 | 2016-08-22 | Managed monitoring method for sensitive code and server |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106372515A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108694324A (en) * | 2017-04-06 | 2018-10-23 | 腾讯科技(深圳)有限公司 | A kind of information leakage monitoring method and device |
| CN109361713A (en) * | 2018-12-17 | 2019-02-19 | 深信服科技股份有限公司 | Internet risk monitoring and control method, apparatus, equipment and storage medium |
| CN109657462A (en) * | 2018-12-06 | 2019-04-19 | 江苏满运软件科技有限公司 | Data detection method, system, electronic equipment and storage medium |
| CN109922062A (en) * | 2019-03-04 | 2019-06-21 | 腾讯科技(深圳)有限公司 | Source code reveals monitoring method and relevant device |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102918527A (en) * | 2011-06-03 | 2013-02-06 | 华为技术有限公司 | Investigation method and system for web application hosting |
| CN103294950A (en) * | 2012-11-29 | 2013-09-11 | 北京安天电子设备有限公司 | High-power secret information stealing malicious code detection method and system based on backward tracing |
| CN103309937A (en) * | 2013-04-19 | 2013-09-18 | 无锡成电科大科技发展有限公司 | Method of supervising content of cloud platform |
| CN104252479A (en) * | 2013-06-27 | 2014-12-31 | 华为技术有限公司 | Method, device and system for processing information |
-
2016
- 2016-08-22 CN CN201610704762.9A patent/CN106372515A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102918527A (en) * | 2011-06-03 | 2013-02-06 | 华为技术有限公司 | Investigation method and system for web application hosting |
| CN103294950A (en) * | 2012-11-29 | 2013-09-11 | 北京安天电子设备有限公司 | High-power secret information stealing malicious code detection method and system based on backward tracing |
| CN103309937A (en) * | 2013-04-19 | 2013-09-18 | 无锡成电科大科技发展有限公司 | Method of supervising content of cloud platform |
| CN104252479A (en) * | 2013-06-27 | 2014-12-31 | 华为技术有限公司 | Method, device and system for processing information |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108694324A (en) * | 2017-04-06 | 2018-10-23 | 腾讯科技(深圳)有限公司 | A kind of information leakage monitoring method and device |
| CN109657462A (en) * | 2018-12-06 | 2019-04-19 | 江苏满运软件科技有限公司 | Data detection method, system, electronic equipment and storage medium |
| CN109657462B (en) * | 2018-12-06 | 2021-05-11 | 贵阳货车帮科技有限公司 | Data detection method, system, electronic device and storage medium |
| CN109361713A (en) * | 2018-12-17 | 2019-02-19 | 深信服科技股份有限公司 | Internet risk monitoring and control method, apparatus, equipment and storage medium |
| CN109922062A (en) * | 2019-03-04 | 2019-06-21 | 腾讯科技(深圳)有限公司 | Source code reveals monitoring method and relevant device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106372515A (en) | Managed monitoring method for sensitive code and server | |
| US20170185971A1 (en) | Maintenance method for facility | |
| CN111159769A (en) | Building engineering cost supervision system and method based on block chain | |
| CN106407075B (en) | A kind of management method and system for big data platform | |
| US11790427B2 (en) | Distributed database structures for anonymous information exchange | |
| CN114840853B (en) | Digital business analysis method based on big data and cloud server | |
| CN110088744B (en) | Database maintenance method and system | |
| US11869014B2 (en) | Physical proximity graphing | |
| CN111639291A (en) | Content distribution method, content distribution device, electronic equipment and storage medium | |
| CN109471922A (en) | Case type recognition methods, device, equipment and medium based on deep learning model | |
| CN111931189B (en) | API interface reuse risk detection method, device and API service system | |
| CN110913397B (en) | Short message verification method, device, storage medium and computer equipment | |
| US20230195759A1 (en) | Data processing systems and methods for automatically detecting and documenting privacy-related aspects of computer software | |
| US20140280659A1 (en) | Adaptor based communications systems, apparatus, and methods | |
| CN106330661A (en) | Data centralized processing method | |
| CN108269059A (en) | A kind of data management system | |
| CN115038083A (en) | Telecom fraud early warning identification method and system applied to AI operator industry | |
| Tichý et al. | Probabilistic key for identifying vegetation types in the field: A new method and Android application | |
| CN111126729A (en) | Intelligent safety event closed-loop disposal system and method thereof | |
| CN109886039A (en) | Faculty of Finance integration rule detection method and relevant device based on block chain | |
| CN108965613A (en) | Method, storage medium and application server based on the monitoring of collection system quality | |
| CN111125066B (en) | Method and device for detecting functions of database auditing equipment | |
| CN107292175A (en) | Server apparatus method for managing security and device | |
| CN108921389A (en) | A kind of testing laboratory's information management system based on wiki technology | |
| CN112488325A (en) | Operation and maintenance work order processing method and device, computer equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| CB02 | Change of applicant information | ||
| CB02 | Change of applicant information |
Address after: 200030 Xuhui District, Shanghai Kai Bin Road 166, 9, 10 level. Applicant after: ONECONNECT FINANCIAL TECHNOLOGY Co.,Ltd. (SHANGHAI) Address before: 200135 Pudong New Area, Shanghai, China (Shanghai) free trade trial area 2 Pudong road 2250 2 story room 1 Applicant before: Shanghai one track Internet Technology Co.,Ltd. Address after: 200135 Pudong New Area, Shanghai, China (Shanghai) free trade trial area 2 Pudong road 2250 2 story room 1 Applicant after: Shanghai one track Internet Technology Co.,Ltd. Address before: 200135 Pudong New Area, Shanghai, China (Shanghai) free trade trial area 2 Pudong road 2250 2 story room 1 Applicant before: SHANGHAI YIZHANGTONG INTERNET TECHNOLOGY CO.,LTD. |
|
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20180530 Address after: 518000 Room 201, building A, No. 1, Qian Wan Road, Qianhai Shenzhen Hong Kong cooperation zone, Shenzhen, Guangdong (Shenzhen Qianhai business secretary Co., Ltd.) Applicant after: ONECONNECT FINANCIAL TECHNOLOGY Co.,Ltd. (SHANGHAI) Address before: 200030 Xuhui District, Shanghai Kai Bin Road 166, 9, 10 level. Applicant before: ONECONNECT FINANCIAL TECHNOLOGY Co.,Ltd. (SHANGHAI) |
|
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170201 |