Content of the invention
Present invention is primarily targeted at providing a kind of trustship monitoring method of sensitive code and server it is intended to sensitivity
The trustship of code carries out management and control effectively.
For achieving the above object, the present invention provide a kind of sensitive code trustship monitoring method, methods described include with
Lower step:
A, monitoring server are in real time or timing is according to predetermined search rule, from common code Entrust Server
Search out sensitive code;
B, after searching sensitive code, described monitoring server to predetermined terminal send prompting message, to carry
Waking up has sensitive code to leak in common code Entrust Server.
Preferably, described predetermined search rule includes:
According to predetermined sensitive keys word, search out containing described at least one from common code Entrust Server
The functional module program code segments of sensitive keys word, and using the functional module searching out program code segments as sensitive code.
Preferably, described predetermined search rule includes:
According to predetermined sensitive document name, search out from common code Entrust Server filename and at least one
The code file of described sensitive document name coupling, and using the code in the code file searching out as sensitive code.
Preferably, described step b includes:
After searching sensitive code, described monitoring server distributes memory space and is used for the sensitivity generation that storage searches
Code;
Described monitoring server sends the reading chained address with the sensitive code searching to predetermined terminal
Prompting message, have sensitive code to leak in common code Entrust Server to remind, and pass through described to carry for supervision user
The sensitive code searching is checked in chained address in awake information.
Preferably, described step b includes:
After searching sensitive code, described monitoring server obtains the trustship user profile of described sensitive code, and point
Join memory space for store the sensitive code that searches;
Described monitoring server sends with the trustship user profile obtaining and described sensitivity generation to predetermined terminal
The prompting message of the reading chained address of code, has sensitive code to leak in common code Entrust Server to remind, for supervision
The trustship user of user's sensitive code according to the trustship user profile in described prompting message positions trustship, and for supervision
The sensitive code searching is checked at family by the chained address in described prompting message.
Additionally, for achieving the above object, the present invention also provides a kind of monitoring service of the sensitive code for monitoring trustship
Device, described monitoring server includes:
Search module, in real time or regularly according to predetermined search rule, from common code Entrust Server
In search out sensitive code;
Sending module, for, after searching sensitive code, sending prompting message to predetermined terminal, is had with reminding
Sensitive code leaks in common code Entrust Server.
Preferably, described predetermined search rule includes:
According to predetermined sensitive keys word, search out containing described at least one from common code Entrust Server
The functional module program code segments of sensitive keys word, and using the functional module searching out program code segments as sensitive code.
Preferably, described predetermined search rule includes:
According to predetermined sensitive document name, search out from common code Entrust Server filename and at least one
The code file of described sensitive document name coupling, and using the code in the code file searching out as sensitive code.
Preferably, described sending module is additionally operable to:
After searching sensitive code, distribution memory space is used for the sensitive code that storage searches;To predetermined
Terminal sends the prompting message of the reading chained address with the sensitive code searching, and has sensitive code to leak to public affairs to remind
Altogether in code Entrust Server, and checked the sensitivity generation searching by the chained address in described prompting message for supervision user
Code.
Preferably, described sending module is additionally operable to:
After searching sensitive code, obtain the trustship user profile of described sensitive code, and distribute memory space and be used for
Store the sensitive code searching;Send with the trustship user profile obtaining and described sensitive code to predetermined terminal
Reading chained address prompting message, with remind have sensitive code to leak in common code Entrust Server, for supervision
The trustship user of family sensitive code according to the trustship user profile in described prompting message positions trustship, and for supervision user
Check the sensitive code searching by the chained address in described prompting message.
A kind of trustship monitoring method of sensitive code proposed by the present invention and server, monitoring server is to common code support
Sensitive code in pipe server carries out real-time or timing search, if searching sensitive code, described monitoring server
Send prompting message to predetermined terminal.Because monitoring server can be quick to whether there is in common code Entrust Server
Sense code carries out real-time or timing monitoring, and there is sensitive code in monitoring described common code Entrust Server
When, the very first time remind predetermined terminal have sensitive code to leak in common code Entrust Server, thus realize right
The upload trustship of sensitive code is accurately and timely supervised.
Specific embodiment
It should be appreciated that specific embodiment described herein, only in order to explain the present invention, is not intended to limit the present invention.
The present invention provides a kind of trustship monitoring method of sensitive code.
With reference to Fig. 1, Fig. 1 is the schematic flow sheet of trustship monitoring method one embodiment of sensitive code of the present invention.
In one embodiment, the trustship monitoring method of this sensitive code includes:
Step s10, monitoring server is in real time or timing is according to predetermined search rule, from common code trustship clothes
Sensitive code is searched out in business device;
The often a lot of PHP of trustship on common code trustship website (for example, github, oschina etc.)
The software source code of exploitation, and during entering line code trustship, due to the particularity of software development, PHP's
Development process is general and Data Transmission Controlling that be not entirely in intranet under, if only rely on enterprises opening to software
The software source code upload trustship sending out engineer carries out management and control, easily causes the enterprise-essential code such as software source code or sensitivity
The leakage of information.Therefore, in the present embodiment, by monitoring server, the sensitive code in common code Entrust Server is entered
Row in real time or timing search, solving enterprises cannot uploading trustship and carry out asking of monitoring completely to software source code
Topic, accurately and timely can be monitored to uploading the sensitive code to described common code Entrust Server for the trustship.
Described monitoring server according to predetermined search rule, in real time or periodically from described common code trustship
Sensitive code is searched out, such as in one embodiment, described predetermined search rule can be complete in server
Join search, for example, can preset corresponding sensitive keys word, sensitive keys word, sensitive document according to different sensitive code information
Name, sensitive document type etc..In real time or periodically to the code file uploading trustship in described common code Entrust Server
Scan for, mate, if searching out from described common code Entrust Server and sensitive keys word set in advance, sensitive pass
The code file of keyword, sensitive document name and/or sensitive document type coupling completely, then identify in the code file searching out
Code be sensitive code.
In another embodiment, described predetermined search rule can be half coupling search, for example can basis
Different sensitive code information preset corresponding sensitive keys word, sensitive keys word etc..In real time or periodically to described public affairs
The code file uploading trustship altogether in code Entrust Server scans for, mates, if from described common code Entrust Server
In search out the code file mated completely with the partial content of sensitive keys word set in advance and/or sensitive keys word, then
Identify that the code in the code file searching out is sensitive code.
In another embodiment, described predetermined search rule can also be based on artificial neural network from
Study coupling search, for example can be according to different sensitive code information such as sensitive keys word, sensitive keys word, sensitive document name, quick
Sense file type etc. pre-builds corresponding neural network model, real-time or periodically right using the neural network model set up
The code file uploading trustship in described common code Entrust Server scans for, mates, by neural network model from
Study, association function search out related, similar to sensitive keys word, sensitive keys word, sensitive document name, sensitive document type etc.
Or equivalent code file, and identify that the code in the code file searching out is sensitive code.
Certainly, other matching ways may also be employed or search rule that multiple matching way combines came from described public generation
Sensitive code is searched out, here does not limit in code Entrust Server.
Step s20, after searching sensitive code, described monitoring server sends to predetermined terminal and reminds letter
Breath, has sensitive code to leak in common code Entrust Server to remind.
Identifying from described common code Entrust Server, searching out sensitive code according to predetermined search rule
Afterwards, illustrate that sensitive code is intentionally or inadvertently leaked in described common code Entrust Server by PHP,
Then described monitoring server sends prompting message to predetermined terminal, has sensitive code to leak to described public generation to remind
In code Entrust Server.Wherein, this prompting message can be voice messaging, short message, multimedia message, wechat message, qq message etc.,
This does not limit.Described predetermined terminal can be to be chosen whether to leaking to common code trusteeship service for user
Sensitive code in device makes mobile terminal of respective handling etc., receives this prompting by user by described predetermined terminal
Information, and respond, this sensitive code as traceable in user, and in time this sensitive code is taken from described common code trustship
Delete in business device.
In the present embodiment, monitoring server carries out real-time or timing to the sensitive code in common code Entrust Server
Search, if searching sensitive code, described monitoring server to predetermined terminal send prompting message.Due to monitoring
Server can carry out real-time or timing monitoring in common code Entrust Server with the presence or absence of sensitive code, and in monitoring
When there is sensitive code in described common code Entrust Server, the very first time reminds predetermined terminal to have sensitive code
Leak in common code Entrust Server, thus realizing the upload trustship of sensitive code is accurately and timely supervised.
Further, in other embodiments, above-mentioned predetermined search rule includes:
According to predetermined sensitive keys word, search out containing described at least one from common code Entrust Server
The functional module program code segments of sensitive keys word, and using the functional module searching out program code segments as sensitive code.
In the present embodiment, described predetermined search rule mays include: for example quick according to predetermined sensitive keys word
Sense code line, code segment, sensitive self-defining function title, sensitive analytic function etc., from described common code trusteeship service
The functional module program code segments containing sensitive keys word at least one described are searched out in device, wherein, described functional module journey
Sequence code segment refers to all of code of One function module, including initial code row (with beginning flag) and epig code row
(with end mark), and using the functional module searching out program code segments as sensitive code.
Further, in other embodiments, above-mentioned predetermined search rule includes:
According to predetermined sensitive document name, search out from common code Entrust Server filename and at least one
The code file of described sensitive document name coupling, and using the code in the code file searching out as sensitive code.
In the present embodiment, described predetermined search rule may also include that according to predetermined sensitive document name such as
The complete file name " safety science and technology * * * * * system source code " of sensitive document, partial document name " * * * * * system source code " etc.,
Search out, from described common code Entrust Server, the code file that filename is mated with sensitive document name at least one described.
For example, if having code file filename consistent with a sensitive document name, or, comprise a sensitive document name, then represent
The filename of this code file is mated with this sensitive document name, and using the code in the code file searching out as sensitive generation
Code.
Further, in other embodiments, above-mentioned steps s20 may include that
After searching sensitive code, described monitoring server distributes memory space and is used for the sensitivity generation that storage searches
Code;
Described monitoring server sends the reading chained address with the sensitive code searching to predetermined terminal
Prompting message, have sensitive code to leak in common code Entrust Server to remind, and pass through described to carry for supervision user
The sensitive code searching is checked in chained address in awake information.
In the present embodiment, identifying from described common code Entrust Server, searching according to predetermined search rule
After rope goes out sensitive code, described monitoring server distributes special memory space to store the sensitive code searching, and to
Predetermined terminal sends the prompting message of the reading chained address with the sensitive code searching.So, predefine
Terminal such as mobile terminal etc. can when there being sensitive code to leak in common code Entrust Server the very first time receive this
Prompting message, makes the supervision user of mobile terminal can know currently have sensitive code to leak to common code Entrust Server in time
In.Further, the supervision user of mobile terminal also can jump to described by clicking on the chained address in this prompting message
The dedicated memory space of sensitive code that storage searches is used on monitoring server, so that supervision user checks search quick
Sense code.Supervision user can decide whether according to the importance of the sensitive code checked to follow the trail of this sensitive code, and
In time this sensitive code is deleted from described common code Entrust Server.
The present embodiment can make supervision user view the sensitivity generation leaking in described common code Entrust Server in time
Digital content, so that supervision user is processed, more in time accordingly.
Further, in other embodiments, above-mentioned steps s20 may include that
After searching sensitive code, described monitoring server obtains the trustship user profile of described sensitive code, and point
Join memory space for store the sensitive code that searches;
Described monitoring server sends with the trustship user profile obtaining and described sensitivity generation to predetermined terminal
The prompting message of the reading chained address of code, has sensitive code to leak in common code Entrust Server to remind, for supervision
The trustship user of user's sensitive code according to the trustship user profile in described prompting message positions trustship, and for supervision
The sensitive code searching is checked at family by the chained address in described prompting message.
In the present embodiment, identifying from described common code Entrust Server, searching according to predetermined search rule
After rope goes out sensitive code, described monitoring server obtains the trustship user profile of described sensitive code, and distributes special depositing
Storage space, to store the sensitive code searching, also sends with the trustship user letter obtaining to predetermined terminal meanwhile
The prompting message of the reading chained address of breath and described sensitive code.So, predetermined terminal such as mobile terminal etc. can be
When having sensitive code to leak in common code Entrust Server, the very first time receives this prompting message, makes the prison of mobile terminal
Effective family can be known in time currently has sensitive code to leak in common code Entrust Server.Further, mobile terminal
Supervision user also can by the trustship user of sensitive code described in the positioning trustship of trustship user profile in described prompting message,
And by clicking on the chained address in this prompting message, jump to and the sensitivity generation that storage searches is used on described monitoring server
The dedicated memory space of code, checks the sensitive code searching.Supervision user can be extremely described public according to uploading sensitive code
The importance of the trustship user profile of code Entrust Server and sensitive code comprehensively to decide whether to follow the trail of this sensitivity
Code, and in time this sensitive code is deleted from described common code Entrust Server.
The present embodiment can make supervision user know the support uploading sensitive code to described common code Entrust Server in time
Pipe user profile and view the sensitive code content leaking in described common code Entrust Server, so that supervision user
The sensitive code of comprehensive trustship user profile and its upload judging whether to need sensitive code is processed accordingly, more
Flexibly.
The present invention further provides a kind of monitoring server of the sensitive code for monitoring trustship.
With reference to Fig. 2, Fig. 2 is used for for the present invention monitoring the function mould of monitoring server one embodiment of the sensitive code of trustship
Block schematic diagram.
In one embodiment, the monitoring server that this is used for monitoring the sensitive code of trustship includes:
Search module 01, in real time or regularly according to predetermined search rule, from common code trusteeship service
Sensitive code is searched out in device;
The often a lot of PHP of trustship on common code trustship website (for example, github, oschina etc.)
The software source code of exploitation, and during entering line code trustship, due to the particularity of software development, PHP's
Development process is general and Data Transmission Controlling that be not entirely in intranet under, if only rely on enterprises opening to software
The software source code upload trustship sending out engineer carries out management and control, easily causes the enterprise-essential code such as software source code or sensitivity
The leakage of information.Therefore, in the present embodiment, by monitoring server, the sensitive code in common code Entrust Server is entered
Row in real time or timing search, solving enterprises cannot uploading trustship and carry out asking of monitoring completely to software source code
Topic, accurately and timely can be monitored to uploading the sensitive code to described common code Entrust Server for the trustship.
Described monitoring server according to predetermined search rule, in real time or periodically from described common code trustship
Sensitive code is searched out, such as in one embodiment, described predetermined search rule can be complete in server
Join search, for example, can preset corresponding sensitive keys word, sensitive keys word, sensitive document according to different sensitive code information
Name, sensitive document type etc..In real time or periodically to the code file uploading trustship in described common code Entrust Server
Scan for, mate, if searching out from described common code Entrust Server and sensitive keys word set in advance, sensitive pass
The code file of keyword, sensitive document name and/or sensitive document type coupling completely, then identify in the code file searching out
Code be sensitive code.
In another embodiment, described predetermined search rule can be half coupling search, for example can basis
Different sensitive code information preset corresponding sensitive keys word, sensitive keys word etc..In real time or periodically to described public affairs
The code file uploading trustship altogether in code Entrust Server scans for, mates, if from described common code Entrust Server
In search out the code file mated completely with the partial content of sensitive keys word set in advance and/or sensitive keys word, then
Identify that the code in the code file searching out is sensitive code.
In another embodiment, described predetermined search rule can also be based on artificial neural network from
Study coupling search, for example can be according to different sensitive code information such as sensitive keys word, sensitive keys word, sensitive document name, quick
Sense file type etc. pre-builds corresponding neural network model, real-time or periodically right using the neural network model set up
The code file uploading trustship in described common code Entrust Server scans for, mates, by neural network model from
Study, association function search out related, similar to sensitive keys word, sensitive keys word, sensitive document name, sensitive document type etc.
Or equivalent code file, and identify that the code in the code file searching out is sensitive code.
Certainly, other matching ways may also be employed or search rule that multiple matching way combines came from described public generation
Sensitive code is searched out, here does not limit in code Entrust Server.
Sending module 02, for, after searching sensitive code, sending prompting message to predetermined terminal, to remind
Sensitive code is had to leak in common code Entrust Server.
Identifying from described common code Entrust Server, searching out sensitive code according to predetermined search rule
Afterwards, illustrate that sensitive code is intentionally or inadvertently leaked in described common code Entrust Server by PHP,
Then described monitoring server sends prompting message to predetermined terminal, has sensitive code to leak to described public generation to remind
In code Entrust Server.Wherein, this prompting message can be voice messaging, short message, multimedia message, wechat message, qq message etc.,
This does not limit.Described predetermined terminal can be to be chosen whether to leaking to common code trusteeship service for user
Sensitive code in device makes mobile terminal of respective handling etc., receives this prompting by user by described predetermined terminal
Information, and respond, this sensitive code as traceable in user, and in time this sensitive code is taken from described common code trustship
Delete in business device.
In the present embodiment, monitoring server carries out real-time or timing to the sensitive code in common code Entrust Server
Search, if searching sensitive code, described monitoring server to predetermined terminal send prompting message.Due to monitoring
Server can carry out real-time or timing monitoring in common code Entrust Server with the presence or absence of sensitive code, and in monitoring
When there is sensitive code in described common code Entrust Server, the very first time reminds predetermined terminal to have sensitive code
Leak in common code Entrust Server, thus realizing the upload trustship of sensitive code is accurately and timely supervised.
Further, in other embodiments, above-mentioned predetermined search rule includes:
According to predetermined sensitive keys word, search out containing described at least one from common code Entrust Server
The functional module program code segments of sensitive keys word, and using the functional module searching out program code segments as sensitive code.
In the present embodiment, described predetermined search rule mays include: for example quick according to predetermined sensitive keys word
Sense code line, code segment, sensitive self-defining function title, sensitive analytic function etc., from described common code trusteeship service
The functional module program code segments containing sensitive keys word at least one described are searched out in device, wherein, described functional module journey
Sequence code segment refers to all of code of One function module, including initial code row (with beginning flag) and epig code row
(with end mark), and using the functional module searching out program code segments as sensitive code.
Further, in other embodiments, above-mentioned predetermined search rule includes:
According to predetermined sensitive document name, search out from common code Entrust Server filename and at least one
The code file of described sensitive document name coupling, and using the code in the code file searching out as sensitive code.
In the present embodiment, described predetermined search rule may also include that according to predetermined sensitive document name such as
The complete file name " safety science and technology * * * * * system source code " of sensitive document, partial document name " * * * * * system source code " etc.,
Search out, from described common code Entrust Server, the code file that filename is mated with sensitive document name at least one described.
For example, if having code file filename consistent with a sensitive document name, or, comprise a sensitive document name, then represent
The filename of this code file is mated with this sensitive document name, and using the code in the code file searching out as sensitive generation
Code.
Further, in other embodiments, above-mentioned sending module 02 is additionally operable to:
After searching sensitive code, distribution memory space is used for the sensitive code that storage searches;To predetermined
Terminal sends the prompting message of the reading chained address with the sensitive code searching, and has sensitive code to leak to public affairs to remind
Altogether in code Entrust Server, and checked the sensitivity generation searching by the chained address in described prompting message for supervision user
Code.
In the present embodiment, identifying from described common code Entrust Server, searching according to predetermined search rule
After rope goes out sensitive code, described monitoring server distributes special memory space to store the sensitive code searching, and to
Predetermined terminal sends the prompting message of the reading chained address with the sensitive code searching.So, predefine
Terminal such as mobile terminal etc. can when there being sensitive code to leak in common code Entrust Server the very first time receive this
Prompting message, makes the supervision user of mobile terminal can know currently have sensitive code to leak to common code Entrust Server in time
In.Further, the supervision user of mobile terminal also can jump to described by clicking on the chained address in this prompting message
The dedicated memory space of sensitive code that storage searches is used on monitoring server, so that supervision user checks search quick
Sense code.Supervision user can decide whether according to the importance of the sensitive code checked to follow the trail of this sensitive code, and
In time this sensitive code is deleted from described common code Entrust Server.
The present embodiment can make supervision user view the sensitivity generation leaking in described common code Entrust Server in time
Digital content, so that supervision user is processed, more in time accordingly.
Further, in other embodiments, above-mentioned sending module 02 is additionally operable to:
After searching sensitive code, obtain the trustship user profile of described sensitive code, and distribute memory space and be used for
Store the sensitive code searching;Send with the trustship user profile obtaining and described sensitive code to predetermined terminal
Reading chained address prompting message, with remind have sensitive code to leak in common code Entrust Server, for supervision
The trustship user of family sensitive code according to the trustship user profile in described prompting message positions trustship, and for supervision user
Check the sensitive code searching by the chained address in described prompting message.
In the present embodiment, identifying from described common code Entrust Server, searching according to predetermined search rule
After rope goes out sensitive code, described monitoring server obtains the trustship user profile of described sensitive code, and distributes special depositing
Storage space, to store the sensitive code searching, also sends with the trustship user letter obtaining to predetermined terminal meanwhile
The prompting message of the reading chained address of breath and described sensitive code.So, predetermined terminal such as mobile terminal etc. can be
When having sensitive code to leak in common code Entrust Server, the very first time receives this prompting message, makes the prison of mobile terminal
Effective family can be known in time currently has sensitive code to leak in common code Entrust Server.Further, mobile terminal
Supervision user also can by the trustship user of sensitive code described in the positioning trustship of trustship user profile in described prompting message,
And by clicking on the chained address in this prompting message, jump to and the sensitivity generation that storage searches is used on described monitoring server
The dedicated memory space of code, checks the sensitive code searching.Supervision user can be extremely described public according to uploading sensitive code
The importance of the trustship user profile of code Entrust Server and sensitive code comprehensively to decide whether to follow the trail of this sensitivity
Code, and in time this sensitive code is deleted from described common code Entrust Server.
The present embodiment can make supervision user know the support uploading sensitive code to described common code Entrust Server in time
Pipe user profile and view the sensitive code content leaking in described common code Entrust Server, so that supervision user
The sensitive code of comprehensive trustship user profile and its upload judging whether to need sensitive code is processed accordingly, more
Flexibly.
The embodiments of the present invention are for illustration only, do not represent the quality of embodiment.By above embodiment party
The description of formula, those skilled in the art can be understood that above-described embodiment method can be by software plus necessary general
The mode of hardware platform is realizing naturally it is also possible to pass through hardware, but the former is more preferably embodiment in many cases.It is based on
Such understanding, what technical scheme substantially contributed to prior art in other words partly can be with software product
Form embody, this computer software product is stored in a storage medium (as rom/ram, magnetic disc, CD), including
Some instructions are with so that a station terminal equipment (can be mobile phone, computer, server, or network equipment etc.) executes this
Method described in each embodiment bright.
These are only the preferred embodiments of the present invention, not thereby limit the present invention the scope of the claims, every using this
Equivalent structure or equivalent flow conversion that bright description and accompanying drawing content are made, or directly or indirectly it is used in other related skills
Art field, is included within the scope of the present invention.