CN106650432A - Secret-related information analysis method and apparatus - Google Patents

Secret-related information analysis method and apparatus Download PDF

Info

Publication number
CN106650432A
CN106650432A CN201610877674.9A CN201610877674A CN106650432A CN 106650432 A CN106650432 A CN 106650432A CN 201610877674 A CN201610877674 A CN 201610877674A CN 106650432 A CN106650432 A CN 106650432A
Authority
CN
China
Prior art keywords
information
secret
cycle
classified
leakage
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201610877674.9A
Other languages
Chinese (zh)
Other versions
CN106650432B (en
Inventor
张巨世
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Qihoo Technology Co Ltd
Beijing Qianxin Technology Co Ltd
Original Assignee
Beijing Qihoo Technology Co Ltd
Beijing Qianxin Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Qihoo Technology Co Ltd, Beijing Qianxin Technology Co Ltd filed Critical Beijing Qihoo Technology Co Ltd
Priority to CN201610877674.9A priority Critical patent/CN106650432B/en
Publication of CN106650432A publication Critical patent/CN106650432A/en
Application granted granted Critical
Publication of CN106650432B publication Critical patent/CN106650432B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Abstract

The invention discloses a secret-related information analysis method and apparatus, which relates to the technical field of information and can improve efficiency of querying a secret leakage reason. The method comprises the steps of obtaining secret-related cycle information corresponding to secret-related information; analyzing the secret-related information according to the secret-related cycle information; when an unauthorized access event occurs for the secret-related information in a secret-related cycle, determining that a secret leakage event occurs; and outputting an analysis result of the secret leakage reason of the secret leakage event according to access information corresponding to the unauthorized access event. The method and the apparatus are suitable for secret-related information analysis.

Description

The analysis method and device of classified information
Technical field
The present invention relates to a kind of areas of information technology, the analysis method and device of more particularly to a kind of classified information.
Background technology
With the continuous development of information technology, the security of classified information increasingly obtains the attention of people.So-called concerning security matters Information refers to the information for maintaining secrecy, for example, enterprise investment restructuring plan, crucial finance class index information, enterprise product The resolutions or message etc. such as the information such as practical plans, specification, technical scheme, research staff's composition, financial instrument investment.Usual concerning security matters Can there is the concerning security matters cycle in information, when classified information was in its corresponding concerning security matters cycle the secrecy stage is belonged to, and work as classified information Belong to the open stage when being in outside its corresponding concerning security matters cycle.
At present, user learn with regard to classified information occur the leakage of a state or party secret after, user can inquiry by way of trace The account of the history of the classified information is accessed in initial data, so that it is determined that reason of divulging a secret, however, this mode needs user actively Inquiry, initial data is gone to be typically the business based on account pattern and embody, therefore, the data of magnanimity need to be discriminated by user Not, and then can cause to inquire about the less efficient of reason of divulging a secret.
The content of the invention
In view of this, the invention provides the analysis method and device of a kind of classified information, main purpose is to solve mesh It is front to need actively to go to inquire about the reason of divulging a secret that classified information occurs the leakage of a state or party secret by manual type, the data of magnanimity need by with Family is screened, and then can cause to inquire about the less efficient problem of reason of divulging a secret.
To reach above-mentioned purpose, according to one aspect of the invention, there is provided a kind of analysis method of classified information, the method Including:
Obtain the corresponding concerning security matters cycle information of classified information;
According to the concerning security matters cycle information, the classified information is analyzed;
When unauthorized access event occurs within the concerning security matters cycle in the classified information, it is determined that there is the leakage of a state or party secret;
According to access information corresponding with the unauthorized access event, export the leakage of a state or party secret reason of divulging a secret point Analysis result.
According to another aspect of the invention, there is provided a kind of analytical equipment of classified information, the device includes:
Acquiring unit, for obtaining the corresponding concerning security matters cycle information of classified information;
Analytic unit, for the concerning security matters cycle information obtained according to the acquiring unit, is carried out point to the classified information Analysis;
Determining unit, for when unauthorized access event occurs within the concerning security matters cycle in the classified information, it is determined that occurring The leakage of a state or party secret;
Output unit, for basis access information corresponding with the unauthorized access event, exports the leakage of a state or party secret Reason of divulging a secret analysis result.
By above-mentioned technical proposal, technical scheme provided in an embodiment of the present invention at least has following advantages:
A kind of analysis method and device of classified information that the present invention is provided, obtains first classified information corresponding concerning security matters week Phase information;Then according to the concerning security matters cycle information, the classified information is analyzed;When the classified information is in concerning security matters week When occurring unauthorized access event in the phase, it is determined that there is the leakage of a state or party secret;According to access corresponding with the unauthorized access event Information, exports the analysis result of the reason of divulging a secret of the leakage of a state or party secret.Actively go to inquire about concerning security matters letter by manual type with current The reason of divulging a secret that breath occurs the leakage of a state or party secret is compared, and in the concerning security matters cycle that the present invention is located according to classified information, classified information is carried out Analysis, in the result obtained from analysis, obtains the reason for leakage of a state or party secret occurs and can automatically be presented to user, it is possible to achieve let out The data of magnanimity are screened one by one by automatically analyzing for close reason without the need for user, can improve the efficiency for inquiring about reason of divulging a secret, And when unauthorized access event occurs within the concerning security matters cycle in classified information, it is determined that there is the leakage of a state or party secret, it is possible to achieve in time Notify that user's classified information has occurred that the leakage of a state or party secret, and then can effectively be intercepted in time.
Described above is only the general introduction of technical solution of the present invention, in order to better understand the technological means of the present invention, And can be practiced according to the content of specification, and in order to allow the above and other objects of the present invention, feature and advantage can Become apparent, below especially exemplified by the specific embodiment of the present invention.
Description of the drawings
By the detailed description for reading hereafter preferred embodiment, various other advantages and benefit is common for this area Technical staff will be clear from understanding.Accompanying drawing is only used for illustrating the purpose of preferred embodiment, and is not considered as to the present invention Restriction.And in whole accompanying drawing, it is denoted by the same reference numerals identical part.In the accompanying drawings:
Fig. 1 shows a kind of analysis method schematic flow sheet of classified information provided in an embodiment of the present invention;
Fig. 2 shows the analysis method schematic flow sheet of another kind of classified information provided in an embodiment of the present invention;
Fig. 3 shows a kind of analysis schematic diagram of information access time of divulging a secret provided in an embodiment of the present invention;
Fig. 4 shows that a kind of compromised content concerning security matters cycle access provided in an embodiment of the present invention analyzes schematic diagram;
Fig. 5 shows a kind of access originator classified information access analysis schematic diagram provided in an embodiment of the present invention;
Fig. 6 shows that a kind of classified information visit capacity provided in an embodiment of the present invention analyzes schematic diagram;
Fig. 7 shows a kind of analytical equipment structural representation of classified information provided in an embodiment of the present invention;
Fig. 8 shows the analytical equipment structural representation of another kind of classified information provided in an embodiment of the present invention.
Specific embodiment
The exemplary embodiment of the disclosure is more fully described below with reference to accompanying drawings.Although showing the disclosure in accompanying drawing Exemplary embodiment, it being understood, however, that may be realized in various forms the disclosure and should not be by embodiments set forth here Limited.On the contrary, there is provided these embodiments are able to be best understood from the disclosure, and can be by the scope of the present disclosure Complete conveys to those skilled in the art.
A kind of analysis method of classified information is embodiments provided, as shown in figure 1, methods described includes:
101st, the corresponding concerning security matters cycle information of classified information is obtained.
Wherein, classified information can be included in the concerning security matters cycle information from concerning security matters state to the time model of open state Enclose.Specifically, according to the difference of level of confidentiality, specifically can be comprising top-secret cycle information, and/or secret in the concerning security matters cycle information Cycle information, and/or general close cycle information etc..For example, the classified information A corresponding concerning security matters cycles be from October 1st, 2015 to This period on March 1st, 2016, is the top-secret phase from October 1st, 2015 to 2 months 1 this periods in 2016 specifically, from This period in 2 months 2016 on March 1st, 2 days 1 is the secret phase.
It should be noted that for the embodiment of the present invention, classified information is produced first in tissue, used, according to close Level needs to be authorized within the concerning security matters cycle, and classified information is referred in tissue, is used by modification, is needed according to level of confidentiality Protected in the concerning security matters cycle, new classified information can be formed by association between classified information, wherein it is possible to be believed according to concerning security matters The restriction and the restriction in concerning security matters cycle of breath access rights, forms the corresponding level of confidentiality of classified information.
102nd, according to concerning security matters cycle information, classified information is analyzed.
Specifically, according to concerning security matters cycle information, can be with reference to the corresponding user behaviors log information of classified information, to classified information Be analyzed, wherein, can record in the behavior log information classified information be cited situation, be authorized to situation, non- Authorize access situation, be passed situation, mean cited times, visitation frequency, transmission frequency etc..
The information such as practical plans, specification, technical scheme, research staff's composition for example, for product, have before issue Security requirements, after distribution data level of confidentiality reduce or into the DecryptDecryption phase, the concerning security matters cycle sets up the project to issue for product, in order to analyze Whether there is leakage event in these information, the concerning security matters cycle that can be located with reference to these information is analyzed to these information, Specifically, whether can be authorized to be judged within the concerning security matters cycle with reference to these information.
It should be noted that for the embodiment of the present invention, according to concerning security matters cycle information, the mistake being analyzed to classified information Journey, specifically can be analyzed, it is also possible to not public in classified information outside the concerning security matters cycle after classified information is disclosed to it When opening, i.e., it is analyzed within the concerning security matters cycle, and then the purpose whether monitor in real time occurs the leakage of a state or party secret can be reached, from And can realize that classified information can be supervised within the concerning security matters cycle, can analyze outside the concerning security matters cycle.
103rd, when unauthorized access event occurs within the concerning security matters cycle in classified information, it is determined that there is the leakage of a state or party secret.
In embodiments of the present invention, authorized user, i.e. these authorized users can be preset to access within the concerning security matters cycle The information of divulging a secret is legal, and it is illegal that other users access the information of divulging a secret within the concerning security matters cycle.
For example, when classified information is accessed within the concerning security matters cycle, and when accessed by undelegated user, system is illustrated Assault is can suffer from, hacker has stolen the classified information, and then can determine and there occurs the leakage of a state or party secret.
104th, according to access information corresponding with unauthorized access event, the analysis knot of the reason of divulging a secret of the leakage of a state or party secret is exported Really.
Wherein, the access information can include the information such as visitor's identity, access path, access time, access originator.
In embodiments of the present invention, the form that represents of analysis result can be that word plus chart represent form, so as to Family more intuitively understands the leakage of a state or party secret.
For example, when classified information is accessed within the concerning security matters cycle, and when accessed by undelegated user, it is determined that occurring The leakage of a state or party secret, by analyzing the identity information for obtaining the user, which means having access to classified information using, access classified information Time, the information such as path, the access originator of classified information when accessing, and corresponding analysis result is exported, so as to the thing that will divulge a secret Part and its analysis result are presented to user automatically.
A kind of analysis method of classified information provided in an embodiment of the present invention, obtains first classified information corresponding concerning security matters week Phase information;Then according to the concerning security matters cycle information, the classified information is analyzed;When the classified information is in concerning security matters week When occurring unauthorized access event in the phase, it is determined that there is the leakage of a state or party secret;According to access corresponding with the unauthorized access event Information, exports the analysis result of the reason of divulging a secret of the leakage of a state or party secret.Actively go to inquire about concerning security matters letter by manual type with current The reason of divulging a secret that breath occurs the leakage of a state or party secret is compared, and in the concerning security matters cycle that the present invention is located according to classified information, classified information is carried out Analysis, in the result obtained from analysis, obtains the reason for leakage of a state or party secret occurs and can automatically be presented to user, it is possible to achieve let out The data of magnanimity are screened one by one by automatically analyzing for close reason without the need for user, can improve the efficiency for inquiring about reason of divulging a secret, And when unauthorized access event occurs within the concerning security matters cycle in classified information, it is determined that there is the leakage of a state or party secret, it is possible to achieve in time Notify that user's classified information has occurred that the leakage of a state or party secret, and then can effectively be intercepted in time.
Specifically, the analysis method of another kind of classified information is embodiments provided, as shown in Fig. 2 methods described Including:
201st, the characterization rules in preset industry rule base, match to industry data.
Wherein, the classified information that different industries are preserved in the preset industry rule base distinguishes corresponding characterization rules. The industry data can be data, the data of building trade, the data of bank's industry, the data of electric business industry of medical industry Deng the embodiment of the present invention is not specifically limited.For the embodiment of the present invention, the characterization rules in the preset industry rule base are Conclude what is obtained according to the feature of classified information involved in every profession and trade, what is stored in preset industry rule base is industry concerning security matters The corresponding characterization rules of information, rather than the classified information of every profession and trade.Characterization rules in preset industry rule base are more perfect, according to The classified information that characterization rules matching industry data determines is more accurate.In embodiments of the present invention, by setting up preset industry Rule base, can accomplish intellectual monitoring in audit strategy to industry data, accurately judge and preset industry rule base Whether the industry data matched somebody with somebody is classified information.
202nd, classified information will be defined as with the characterization rules industry data that the match is successful.
In embodiments of the present invention, when the match is successful for the characterization rules in industry data with preset industry rule base, say Classified information is included in bright industry data, therefore the sector data can be defined as classified information.
It should be noted that the characterization rules in preset industry rule base, match to industry data, and will be with The characterization rules industry data that the match is successful is defined as classified information, it is possible to achieve these classified informations are automatically analyzed, And then can inquire which classified information occurs in that the leakage of a state or party secret, and such that it is able to realize integrated big data analysis platform, analysis As a result more effectively, data acquisition is complete, and analysis result is more accurate.
203rd, the corresponding concerning security matters cycle information of classified information for determining is obtained.
Wherein, one or more level of confidentiality cycle information is included in the concerning security matters cycle information.For example, in concerning security matters cycle information Specifically can be comprising top-secret cycle information, and/or secret cycle information, and/or general close cycle information etc..
For example, user's purchase bidding documents terminates to bid, the bid taken commercial affairs and technical clause, and concerning security matters are in before opening of bid In the cycle, level of confidentiality is reduced to disclosure after opening of bid.And before opening of bid, user is also more concerned about in addition to comparing care and taking bidding strategy Whether clause is revealed.
204th, according to concerning security matters cycle information, classified information is analyzed.
Specifically, according to concerning security matters cycle information, can be with reference to the corresponding user behaviors log information of classified information, to classified information It is analyzed.
For example, after the secrecy such as smart mobile phone product design, design, material is paid to product, any one specification is revealed, all It is out and out commercial affairs loss, in order to whether there is leakage event in the information for analyzing correlation, can be with reference to these information Whether the concerning security matters cycle at place is analyzed to these information, specifically, can be awarded within the concerning security matters cycle with reference to these information Power access is judged.
Further, after step 204, can also include:When exception occurs within the concerning security matters cycle in the classified information During storage event, it is determined that there is the leakage of a state or party secret;According to when storage location information corresponding with the exception storage event and storage Between information, export the analysis result of the reason of divulging a secret of the leakage of a state or party secret.
For example, classified information is stored in the central server of enterprise or is stored in the middle of the computer of certain fixation, When the storage location for detecting the classified information within the concerning security matters cycle is migrated, classified information is replicated or clips to mobile hard During the External memory equipments such as disk, CD, USB flash disk, it may be determined that there occurs the leakage of a state or party secret, it is possible to reference to the mark of External memory equipment Know, export the analysis result of the reason of divulging a secret of the leakage of a state or party secret.
Further, after step 204, can also include:When exception occurs within the concerning security matters cycle in the classified information During transmission event, it is determined that there is the leakage of a state or party secret;According to bang path information corresponding with the exception transmission event, transfer mode Information and passing time information, export the analysis result of the reason of divulging a secret of the leakage of a state or party secret.
For example, classified information is stored in computer A, and user is signed in in computer A by LAN, and by classified information In being delivered to the computer B of oneself, afterwards the classified information has been delivered in computer C by computer B by LAN again, wherein, Computer A, B, C are intra-company's computer, are finally passed the classified information using E-mail mode by internet in computer C Pass and gone out, because the classified information cannot leak, therefore, now can determine and there occurs the leakage of a state or party secret, can be with reference to " electricity Brain A->Computer B->The bang path of computer C ", and the transfer mode of LAN transmission and email delivery, output is divulged a secret The analysis result of the reason of divulging a secret of event.
205th, when unauthorized access event occurs within the concerning security matters cycle in classified information, it is determined that there is the leakage of a state or party secret.
Further, it is described to determine occur after the leakage of a state or party secret, the warning information that the leakage of a state or party secret occurs be exported, with Just user is pointed out to have occurred that the leakage of a state or party secret in time.Wherein, the warning information can be with text alert information, picture alarm letter Breath, audible alarm information, visual alarm information etc..
For example, when classified information is accessed within the concerning security matters cycle, and when accessed by undelegated user, system is illustrated Can suffer from attacking, invader stolen the classified information, and then can determine and there occurs the leakage of a state or party secret.
206th, according to access information corresponding with unauthorized access event, export the leakage of a state or party secret reason of divulging a secret point Analysis result.
Wherein, comprising visitor information, access time information, access path information and access originator letter in the access information Breath.For the embodiment of the present invention, analysis chart, the analysis of concerning security matters content concerning security matters cycle access of information access time of divulging a secret can be exported Figure, access originator classified information access analysis figure etc..
For example, as shown in figure 3, for a kind of analysis schematic diagram of information access time of divulging a secret, in the figure, abscissa is represented The every day in concerning security matters cycle, such as March 1, March 2, ordinate represent one day in the concrete moment, such as 1:00、2:00 etc., In figure can be accessed in the classified information one day in record access source when time period, specifically can be represented with vertical moulding, vertical line The length correspondence of bar accesses duration, when the original position and final position of vertical moulding correspond to respectively the initial time for accessing with terminating Between.When there is unauthorized access event, can be by way of linear difference or color distortion, there is shown the vertical line of existing difference Bar, it is possible to further count access time feature for being susceptible to the leakage of a state or party secret etc..
As shown in figure 4, analyzing schematic diagram for a kind of compromised content concerning security matters cycle access, in the figure, abscissa can be with table Show the time in concerning security matters cycle, ordinate represents the visit capacity in classified information every day, specifically can be represented with vertical moulding, erects The length correspondence visit capacity of lines number, and ordinate positive axis can represent the visit capacity for having authorized, and negative semiaxis can be with table Show undelegated visit capacity, and can be to divide different interval according to the different security level cycle, such as top-secret phase interval, secret phase area Between, general close phase interval etc., wherein, each vertical moulding can also be particularly shown the acess control on the same day, such as visit capacity, visitor IP The information such as (Internet Protocol, the agreement interconnected between network) address.For the visit capacity that the negative semiaxis of ordinate occurs Vertical moulding can be marked with special token, there is shown existing unauthorized access event, to point out exception.
As shown in figure 5, being a kind of access originator classified information access analysis schematic diagram, in the figure, abscissa can be represented The time in concerning security matters cycle, ordinate can represent that the different classified informations locally preserved in access originator distinguish corresponding visit capacity, Specifically can be represented with vertical moulding, the length of vertical moulding correspondence visit capacity number, and ordinate positive axis can represent The visit capacity for having authorized, negative semiaxis can represent undelegated visit capacity, and can also mark the corresponding level of confidentiality of classified information Cycle, such as top-secret phase, secret phase, general close phase.For the visit capacity vertical moulding that the negative semiaxis of ordinate occurs can use special note Labelled notation, there is shown existing unauthorized access event, to point out exception.
Specifically, the step 206 specifically can include:According to the access time information, the leakage of a state or party secret is determined Corresponding level of confidentiality cycle information;According to level of confidentiality cycle information corresponding with the leakage of a state or party secret, the leakage of a state or party secret correspondence is determined Impact class information, for example, when according to the corresponding access time of unauthorized access event, it is determined that when being now in the top-secret phase, There is the leakage of a state or party secret in this period, its consequence is very serious, affect rank higher, and when according to the corresponding visit of unauthorized access event The time is asked, it is determined that when being now in the general close phase, this period occurs the leakage of a state or party secret, its consequence is not serious, affect rank relatively low.
Then according to the impact class information, the visitor information, the access time information, access path letter Breath and the access source information, export the analysis result of the reason of divulging a secret of the leakage of a state or party secret.For example, accessed by analysis The identity information of user, had access to using which means classified information, access classified information time, access when path, relate to The information such as the access originator of confidential information, and corresponding analysis result is exported, so that the leakage of a state or party secret and its analysis result are represented automatically To user.
Further, methods described can also include:Obtain the classified information to correspond to respectively within the different security level cycle Visit capacity;According to the visit capacity, the value analysis result of the classified information is exported, to realize classified information value The demand of analysis.
In embodiments of the present invention, the visit capacity of unauthorized access can be obtained and the visit capacity for accessing is authorized, may be used also To obtain the accessed amount after classified information is disclosed, according to these accessed amounts, the value of classified information, for example, concerning security matters are determined Visit capacity of the information within the secret phase is more than certain threshold value, wherein, the classified information belongs to pay-for-access within the secret phase In the stage, a large number of users pay-for-access classified information is illustrated, and then can determine that the value of the classified information is very high, and exported Related value analysis result.
Further, in embodiments of the present invention, different classified informations can also be counted and distinguishes corresponding visit capacity, and it is defeated Go out classified information visit capacity analysis chart, specifically shown in the form of bubble diagram, each bubble one classified information of correspondence Visit capacity, wherein the information such as the accounting for authorizing access and unauthorized access can also be shown, to be accessed according to the classified information Amount watch circle, analysis obtains different classified informations and distinguishes corresponding value.
For example, as shown in fig. 6, analyzing schematic diagram for a kind of classified information visit capacity, in the figure, relevant " T main buildings are designed The classified information of scheme ", its visit capacity is 2675398, wherein, unauthorized access amount accounts for 13.15%.
Further, methods described can also include:The different classified informations difference that statistics occurs the leakage of a state or party secret is corresponding File format information, wherein, the file format information can include word document form, excel file formats, pdf files Form;According to the corresponding classified information quantity of the file format information, output is different, and file format information is corresponding respectively lets out The analysis result of close easness, so that user answers the precautionary measures according to the analysis result strengthening phase.For example, according to statistics, Occur the large percentage of the leakage of a state or party secret in the file of dwg forms, illustrate that the classified information file of the form is easily compromised.
The analysis method of another kind of classified information provided in an embodiment of the present invention, obtains first the corresponding concerning security matters of classified information Cycle information;Then according to the concerning security matters cycle information, the classified information is analyzed;When the classified information is in concerning security matters When occurring unauthorized access event in the cycle, it is determined that there is the leakage of a state or party secret;According to visit corresponding with the unauthorized access event Information is asked, the analysis result of the reason of divulging a secret of the leakage of a state or party secret is exported.Actively go to inquire about concerning security matters by manual type with current The reason of divulging a secret that information occurs the leakage of a state or party secret is compared, and in the concerning security matters cycle that the present invention is located according to classified information, classified information is entered Row analysis, in the result obtained from analysis, obtains the reason for leakage of a state or party secret occurs and can automatically be presented to user, it is possible to achieve The data of magnanimity are screened one by one by automatically analyzing for reason of divulging a secret without the need for user, can improve the effect for inquiring about reason of divulging a secret Rate, and when unauthorized access event occurs within the concerning security matters cycle in classified information, it is determined that there is the leakage of a state or party secret, it is possible to achieve and Shi Tongzhi user's classified information has occurred that the leakage of a state or party secret, and then can effectively be intercepted in time.
Further, implementing as Fig. 1 methods describeds, embodiments provides a kind of dividing for classified information Analysis apparatus, as shown in fig. 7, described device includes:Acquiring unit 71, analytic unit 72, determining unit 73, output unit 74.
The acquiring unit 71, can be used for obtaining the corresponding concerning security matters cycle information of classified information.
The analytic unit 72, can be used for the concerning security matters cycle information obtained according to the acquiring unit 71, relate to described Confidential information is analyzed.
The determining unit 73, can be used for when unauthorized access event occurs within the concerning security matters cycle in the classified information When, it is determined that there is the leakage of a state or party secret.
The output unit 74, can be used for, according to access information corresponding with the unauthorized access event, exporting institute State the analysis result of the reason of divulging a secret of the leakage of a state or party secret.
It should be noted that each functional unit involved by a kind of analytical equipment of classified information provided in an embodiment of the present invention Other corresponding descriptions, may be referred in Fig. 1 correspondence description, will not be described here.
A kind of analytical equipment of classified information provided in an embodiment of the present invention, obtains first classified information corresponding concerning security matters week Phase information;Then according to the concerning security matters cycle information, the classified information is analyzed;When the classified information is in concerning security matters week When occurring unauthorized access event in the phase, it is determined that there is the leakage of a state or party secret;According to access corresponding with the unauthorized access event Information, exports the analysis result of the reason of divulging a secret of the leakage of a state or party secret.Actively go to inquire about concerning security matters letter by manual type with current The reason of divulging a secret that breath occurs the leakage of a state or party secret is compared, and in the concerning security matters cycle that the present invention is located according to classified information, classified information is carried out Analysis, in the result obtained from analysis, obtains the reason for leakage of a state or party secret occurs and can automatically be presented to user, it is possible to achieve let out The data of magnanimity are screened one by one by automatically analyzing for close reason without the need for user, can improve the efficiency for inquiring about reason of divulging a secret, And when unauthorized access event occurs within the concerning security matters cycle in classified information, it is determined that there is the leakage of a state or party secret, it is possible to achieve in time Notify that user's classified information has occurred that the leakage of a state or party secret, and then can effectively be intercepted in time.
Further, implementing as Fig. 2 methods describeds, embodiments provides another kind of classified information Analytical equipment, as shown in figure 8, described device includes:Acquiring unit 81, analytic unit 82, determining unit 83, output unit 84.
The acquiring unit 81, can be used for obtaining the corresponding concerning security matters cycle information of classified information.
The analytic unit 82, can be used for the concerning security matters cycle information obtained according to the acquiring unit 81, relate to described Confidential information is analyzed.
The determining unit 83, can be used for when unauthorized access event occurs within the concerning security matters cycle in the classified information When, it is determined that there is the leakage of a state or party secret.
The output unit 84, can be used for, according to access information corresponding with the unauthorized access event, exporting institute State the analysis result of the reason of divulging a secret of the leakage of a state or party secret.
Alternatively, comprising visitor information, access time information, access path information and access originator letter in the access information Breath.
Alternatively, one or more level of confidentiality cycle information is included in the concerning security matters cycle information.
Specifically, the output unit 84 includes:Determining module 841, output module 842.
The determining module 841, can be used for, according to the access time information, determining that the leakage of a state or party secret is corresponding close Level cycle information.
The determining module 841, can be also used for, according to level of confidentiality cycle information corresponding with the leakage of a state or party secret, determining institute State the corresponding impact class information of the leakage of a state or party secret.
The output module 842, can be used for according to when the impact class information, the visitor information, the access Between information, the access path information and the access source information, export the analysis result of the reason of divulging a secret of the leakage of a state or party secret.
The acquiring unit 81, can be also used for obtaining the classified information corresponding visit respectively within the different security level cycle The amount of asking.
The output unit 84, can be also used for the visit capacity obtained according to the acquiring unit 81, export the concerning security matters The value analysis result of information.
Further, described device also includes:Matching unit 85.
The matching unit 85, the characterization rules that can be used in preset industry rule base, is carried out to industry data Matching, the classified information that different industries are preserved in the preset industry rule base distinguishes corresponding characterization rules.
The determining unit 83, can be also used for that concerning security matters will be defined as with the characterization rules industry data that the match is successful Information.
The acquiring unit 81, specifically can be used for obtaining the corresponding concerning security matters cycle information of the classified information for determining.
Further, described device also includes:Statistic unit 86.
The statistic unit 86, can be used for counting the corresponding tray of different classified informations difference that the leakage of a state or party secret occurs Formula information.
The output unit 84, can be also used for corresponding being related to according to the file format information of the statistics of the statistic unit 86 Confidential information quantity, the analysis result of the different file format informations of output corresponding easness of divulging a secret respectively.
The determining unit 83, can be also used for when abnormal storage event occurs within the concerning security matters cycle in the classified information When, it is determined that there is the leakage of a state or party secret.
The output unit 84, can be also used for according to storage location information corresponding with the abnormal storage event and deposits Storage temporal information, exports the analysis result of the reason of divulging a secret of the leakage of a state or party secret.
The determining unit 83, can be also used for when abnormal transmission event occurs within the concerning security matters cycle in the classified information When, it is determined that there is the leakage of a state or party secret.
The output unit 84, can be also used for according to bang path information corresponding with the abnormal transmission event, passes Mode information and passing time information are passed, the analysis result of the reason of divulging a secret of the leakage of a state or party secret is exported.
The output unit 84, can be also used for exporting the warning information that the leakage of a state or party secret occurs.
It should be noted that each function list involved by the analytical equipment of another kind of classified information provided in an embodiment of the present invention Other corresponding descriptions of unit, may be referred to the correspondence description in Fig. 2, will not be described here.
The analytical equipment of another kind of classified information provided in an embodiment of the present invention, obtains first the corresponding concerning security matters of classified information Cycle information;Then according to the concerning security matters cycle information, the classified information is analyzed;When the classified information is in concerning security matters When occurring unauthorized access event in the cycle, it is determined that there is the leakage of a state or party secret;According to visit corresponding with the unauthorized access event Information is asked, the analysis result of the reason of divulging a secret of the leakage of a state or party secret is exported.Actively go to inquire about concerning security matters by manual type with current The reason of divulging a secret that information occurs the leakage of a state or party secret is compared, and in the concerning security matters cycle that the present invention is located according to classified information, classified information is entered Row analysis, in the result obtained from analysis, obtains the reason for leakage of a state or party secret occurs and can automatically be presented to user, it is possible to achieve The data of magnanimity are screened one by one by automatically analyzing for reason of divulging a secret without the need for user, can improve the effect for inquiring about reason of divulging a secret Rate, and when unauthorized access event occurs within the concerning security matters cycle in classified information, it is determined that there is the leakage of a state or party secret, it is possible to achieve and Shi Tongzhi user's classified information has occurred that the leakage of a state or party secret, and then can effectively be intercepted in time.
The embodiment of the invention discloses:
A1, a kind of analysis method of classified information, including:
Obtain the corresponding concerning security matters cycle information of classified information;
According to the concerning security matters cycle information, the classified information is analyzed;
When unauthorized access event occurs within the concerning security matters cycle in the classified information, it is determined that there is the leakage of a state or party secret;
According to access information corresponding with the unauthorized access event, export the leakage of a state or party secret reason of divulging a secret point Analysis result.
The analysis method of A 2, classified information as described in A 1, includes visitor information, access time in the access information Information, access path information and access source information.
The analysis method of A 3, classified information as described in A 2, it is close comprising one or more in the concerning security matters cycle information Level cycle information, basis access information corresponding with the unauthorized access event exports divulging a secret for the leakage of a state or party secret The analysis result of reason includes:
According to the access time information, the corresponding level of confidentiality cycle information of the leakage of a state or party secret is determined;
According to level of confidentiality cycle information corresponding with the leakage of a state or party secret, determining that the leakage of a state or party secret is corresponding affects rank letter Breath;
According to it is described impact class information, the visitor information, the access time information, the access path information and The access source information, exports the analysis result of the reason of divulging a secret of the leakage of a state or party secret.
The analysis method of A 4, classified information as described in A 3, methods described also includes:
Obtain the classified information and corresponding visit capacity is distinguished within the different security level cycle;
According to the visit capacity, the value analysis result of the classified information is exported.
The analysis method of A 5, classified information as described in A 1, the corresponding concerning security matters cycle information of the acquisition classified information Before, methods described also includes:
According to the characterization rules in preset industry rule base, industry data is matched, the preset industry rule base In preserve the classified information of different industries and distinguish corresponding characterization rules;
Classified information will be defined as with the characterization rules industry data that the match is successful;
The corresponding concerning security matters cycle information of classified information that obtains includes:
Obtain the corresponding concerning security matters cycle information of the classified information for determining.
The analysis method of A 6, classified information as described in A 1, methods described also includes:
The different classified informations that statistics occurs the leakage of a state or party secret distinguish corresponding file format information;
According to the corresponding classified information quantity of the file format information, the different file format information difference of output are corresponding Divulge a secret the analysis result of easness.
The analysis method of A 7, classified information as described in A 1, it is described according to the concerning security matters cycle information, to the concerning security matters After information is analyzed, methods described also includes:
When abnormal storage event occurs within the concerning security matters cycle in the classified information, it is determined that there is the leakage of a state or party secret;
According to storage location information corresponding with the exception storage event and storage time information, thing of divulging a secret described in output The analysis result of the reason of divulging a secret of part.
The analysis method of A 8, classified information as described in A 1, it is described according to the concerning security matters cycle information, to the concerning security matters After information is analyzed, methods described also includes:
When abnormal transmission event occurs within the concerning security matters cycle in the classified information, it is determined that there is the leakage of a state or party secret;
According to bang path information corresponding with the exception transmission event, transfer mode information and passing time information, Export the analysis result of the reason of divulging a secret of the leakage of a state or party secret.
The analysis method of A 9, classified information as described in A 1, the determination occurs after the leakage of a state or party secret, and methods described is also Including:
There is the warning information of the leakage of a state or party secret in output.
B10, a kind of analytical equipment of classified information, including:
Acquiring unit, for obtaining the corresponding concerning security matters cycle information of classified information;
Analytic unit, for the concerning security matters cycle information obtained according to the acquiring unit, is carried out point to the classified information Analysis;
Determining unit, for when unauthorized access event occurs within the concerning security matters cycle in the classified information, it is determined that occurring The leakage of a state or party secret;
Output unit, for basis access information corresponding with the unauthorized access event, exports the leakage of a state or party secret Reason of divulging a secret analysis result.
The analytical equipment of B 11, classified information as described in B 10, in the access information comprising visitor information, access when Between information, access path information and access source information.
The analytical equipment of B 12, classified information as described in B 11, includes one or more in the concerning security matters cycle information Level of confidentiality cycle information, the output unit includes:
Determining module, for according to the access time information, determining the corresponding level of confidentiality cycle information of the leakage of a state or party secret;
The determining module, is additionally operable to according to level of confidentiality cycle information corresponding with the leakage of a state or party secret, it is determined that described divulge a secret The corresponding impact class information of event;
Output module, for according to the impact class information, visitor information, the access time information, described Access path information and the access source information, export the analysis result of the reason of divulging a secret of the leakage of a state or party secret.
The analytical equipment of B 13, classified information as described in B 12,
The acquiring unit, is additionally operable to obtain the classified information and corresponding visit capacity is distinguished within the different security level cycle;
The output unit, is additionally operable to the visit capacity obtained according to the acquiring unit, exports the valency of the classified information Value analysis result.
The analytical equipment of B 14, classified information as described in B 10, described device also includes:Matching unit;
The matching unit, for the characterization rules in preset industry rule base, matches, institute to industry data State the corresponding characterization rules of classified information difference that different industries are preserved in preset industry rule base;
The determining unit, is additionally operable to that classified information will be defined as with the characterization rules industry data that the match is successful;
The acquiring unit, specifically for obtaining the corresponding concerning security matters cycle information of the classified information for determining.
The analytical equipment of B 15, classified information as described in B 10, described device also includes:Statistic unit;
The statistic unit, the different classified informations that the leakage of a state or party secret occurs for statistics distinguish corresponding file format letter Breath;
The output unit, is additionally operable to the corresponding classified information number of file format information according to statistic unit statistics Amount, the analysis result of the different file format informations of output corresponding easness of divulging a secret respectively.
The analytical equipment of B 16, classified information as described in B 10,
The determining unit, is additionally operable to when abnormal storage event occurs within the concerning security matters cycle in the classified information, it is determined that The generation leakage of a state or party secret;
The output unit, is additionally operable to according to storage location information corresponding with the abnormal storage event and storage time Information, exports the analysis result of the reason of divulging a secret of the leakage of a state or party secret.
The analytical equipment of B 17, classified information as described in B 10,
The determining unit, is additionally operable to when abnormal transmission event occurs within the concerning security matters cycle in the classified information, it is determined that The generation leakage of a state or party secret;
The output unit, is additionally operable to according to bang path information corresponding with the abnormal transmission event, transfer mode Information and passing time information, export the analysis result of the reason of divulging a secret of the leakage of a state or party secret.
The analytical equipment of B 18, classified information as described in B 10,
The output unit, is additionally operable to export the warning information that the leakage of a state or party secret occurs.
In the above-described embodiments, the description to each embodiment all emphasizes particularly on different fields, without the portion described in detail in certain embodiment Point, may refer to the associated description of other embodiment.
It is understood that said method and the correlated characteristic in device can be referred to mutually.In addition, in above-described embodiment " first ", " second " etc. be, for distinguishing each embodiment, and not represent the quality of each embodiment.
Those skilled in the art can be understood that, for convenience and simplicity of description, the system of foregoing description, The specific work process of device and unit, may be referred to the corresponding process in preceding method embodiment, will not be described here.
Provided herein algorithm and display be not inherently related to any certain computer, virtual system or miscellaneous equipment. Various general-purpose systems can also be used together based on teaching in this.As described above, construct required by this kind of system Structure be obvious.Additionally, the present invention is also not for any certain programmed language.It is understood that, it is possible to use it is various Programming language realizes the content of invention described herein, and the description done to language-specific above is to disclose this Bright preferred forms.
In specification mentioned herein, a large amount of details are illustrated.It is to be appreciated, however, that the enforcement of the present invention Example can be put into practice in the case of without these details.In some instances, known method, structure is not been shown in detail And technology, so as not to obscure the understanding of this description.
Similarly, it will be appreciated that in order to simplify the disclosure and help understand one or more in each inventive aspect, exist Above in the description of the exemplary embodiment of the present invention, each feature of the present invention is grouped together into single enforcement sometimes In example, figure or descriptions thereof.However, the method for the disclosure should be construed to reflect following intention:I.e. required guarantor The more features of feature that the application claims ratio of shield is expressly recited in each claim.More precisely, such as following Claims reflect as, inventive aspect is all features less than single embodiment disclosed above.Therefore, Thus the claims for following specific embodiment are expressly incorporated in the specific embodiment, wherein each claim itself All as the separate embodiments of the present invention.
Those skilled in the art are appreciated that can be carried out adaptively to the module in the equipment in embodiment Change and they are arranged in one or more equipment different from the embodiment.Can be the module or list in embodiment Unit or component are combined into a module or unit or component, and can be divided in addition multiple submodule or subelement or Sub-component.In addition at least some in such feature and/or process or unit is excluded each other, can adopt any Combine to all features disclosed in this specification (including adjoint claim, summary and accompanying drawing) and so disclosed Where all processes or unit of method or equipment are combined.Unless expressly stated otherwise, this specification is (including adjoint power Profit is required, summary and accompanying drawing) disclosed in each feature can it is identical by offers, be equal to or the alternative features of similar purpose carry out generation Replace.
Although additionally, it will be appreciated by those of skill in the art that some embodiments described herein include other embodiments In included some features rather than further feature, but the combination of the feature of different embodiments means in of the invention Within the scope of and form different embodiments.For example, in the following claims, embodiment required for protection appoint One of meaning can in any combination mode using.
The present invention all parts embodiment can be realized with hardware, or with one or more processor operation Software module realize, or with combinations thereof realization.It will be understood by those of skill in the art that can use in practice Microprocessor or digital signal processor (DSP) are realizing a kind of analysis method of classified information according to embodiments of the present invention And some or all functions of some or all parts in device.The present invention is also implemented as performing institute here (for example, computer program and computer program are produced for some or all equipment of the method for description or program of device Product).Such program for realizing the present invention can be stored on a computer-readable medium, or can have one or more The form of signal.Such signal can be downloaded from internet website and obtained, or be provided on carrier signal, or to appoint What other forms is provided.
It should be noted that above-described embodiment the present invention will be described rather than limits the invention, and ability Field technique personnel can design without departing from the scope of the appended claims alternative embodiment.In the claims, Any reference symbol between bracket should not be configured to limitations on claims.Word "comprising" is not excluded the presence of not Element listed in the claims or step.Word "a" or "an" before element does not exclude the presence of multiple such Element.The present invention can come real by means of the hardware for including some different elements and by means of properly programmed computer It is existing.If in the unit claim for listing equipment for drying, several in these devices can be by same hardware branch To embody.The use of word first, second, and third does not indicate that any order.These words can be explained and be run after fame Claim.

Claims (10)

1. a kind of analysis method of classified information, it is characterised in that include:
Obtain the corresponding concerning security matters cycle information of classified information;
According to the concerning security matters cycle information, the classified information is analyzed;
When unauthorized access event occurs within the concerning security matters cycle in the classified information, it is determined that there is the leakage of a state or party secret;
According to access information corresponding with the unauthorized access event, the analysis knot of the reason of divulging a secret of the leakage of a state or party secret is exported Really.
2. the analysis method of classified information according to claim 1, it is characterised in that visitor is included in the access information Information, access time information, access path information and access source information.
3. the analysis method of classified information according to claim 2, it is characterised in that include in the concerning security matters cycle information One or more level of confidentiality cycle information, basis access information corresponding with the unauthorized access event, output described in let out The analysis result of the reason of divulging a secret of penetralia part includes:
According to the access time information, the corresponding level of confidentiality cycle information of the leakage of a state or party secret is determined;
According to level of confidentiality cycle information corresponding with the leakage of a state or party secret, the corresponding impact class information of the leakage of a state or party secret is determined;
According to the impact class information, the visitor information, the access time information, the access path information and described Source information is accessed, the analysis result of the reason of divulging a secret of the leakage of a state or party secret is exported.
4. the analysis method of classified information according to claim 3, it is characterised in that methods described also includes:
Obtain the classified information and corresponding visit capacity is distinguished within the different security level cycle;
According to the visit capacity, the value analysis result of the classified information is exported.
5. the analysis method of classified information according to claim 1, it is characterised in that the acquisition classified information is corresponding Before concerning security matters cycle information, methods described also includes:
According to the characterization rules in preset industry rule base, industry data is matched, protected in the preset industry rule base The classified information for having different industries distinguishes corresponding characterization rules;
Classified information will be defined as with the characterization rules industry data that the match is successful;
The corresponding concerning security matters cycle information of classified information that obtains includes:
Obtain the corresponding concerning security matters cycle information of the classified information for determining.
6. the analysis method of classified information according to claim 1, it is characterised in that methods described also includes:
The different classified informations that statistics occurs the leakage of a state or party secret distinguish corresponding file format information;
According to the corresponding classified information quantity of the file format information, output is different, and file format information is corresponding respectively divulges a secret The analysis result of easness.
7. the analysis method of classified information according to claim 1, it is characterised in that described to be believed according to the concerning security matters cycle Breath, after being analyzed to the classified information, methods described also includes:
When abnormal storage event occurs within the concerning security matters cycle in the classified information, it is determined that there is the leakage of a state or party secret;
According to storage location information corresponding with the exception storage event and storage time information, the leakage of a state or party secret is exported The analysis result of reason of divulging a secret.
8. the analysis method of classified information according to claim 1, it is characterised in that described to be believed according to the concerning security matters cycle Breath, after being analyzed to the classified information, methods described also includes:
When abnormal transmission event occurs within the concerning security matters cycle in the classified information, it is determined that there is the leakage of a state or party secret;
According to bang path information corresponding with the exception transmission event, transfer mode information and passing time information, output The analysis result of the reason of divulging a secret of the leakage of a state or party secret.
9. the analysis method of classified information according to claim 1, it is characterised in that the determination occur the leakage of a state or party secret it Afterwards, methods described also includes:
There is the warning information of the leakage of a state or party secret in output.
10. a kind of analytical equipment of classified information, it is characterised in that include:
Acquiring unit, for obtaining the corresponding concerning security matters cycle information of classified information;
Analytic unit, for the concerning security matters cycle information obtained according to the acquiring unit, is analyzed to the classified information;
Determining unit, for when unauthorized access event occurs within the concerning security matters cycle in the classified information, it is determined that divulging a secret Event;
Output unit, for basis access information corresponding with the unauthorized access event, exports letting out for the leakage of a state or party secret The analysis result of close reason.
CN201610877674.9A 2016-09-30 2016-09-30 Method and device for analyzing confidential information Active CN106650432B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610877674.9A CN106650432B (en) 2016-09-30 2016-09-30 Method and device for analyzing confidential information

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610877674.9A CN106650432B (en) 2016-09-30 2016-09-30 Method and device for analyzing confidential information

Publications (2)

Publication Number Publication Date
CN106650432A true CN106650432A (en) 2017-05-10
CN106650432B CN106650432B (en) 2020-11-10

Family

ID=58854729

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610877674.9A Active CN106650432B (en) 2016-09-30 2016-09-30 Method and device for analyzing confidential information

Country Status (1)

Country Link
CN (1) CN106650432B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111353174A (en) * 2020-03-16 2020-06-30 刘琴 Private customer information management system and method for medical institution

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110138223A1 (en) * 2009-12-04 2011-06-09 Altera Corporation Preventing information leakage between components on a programmable chip in the presence of faults
CN102185867A (en) * 2011-05-19 2011-09-14 苏州九州安华信息安全技术有限公司 Method for realizing network security and star network
CN102436599A (en) * 2011-10-28 2012-05-02 中国舰船研究设计中心 Secret determination information accounting method based on cascade secret determination information synchronous processing system
CN102819604A (en) * 2012-08-20 2012-12-12 徐亮 Method for retrieving confidential information of file and judging and marking security classification based on content correlation
US20120321077A1 (en) * 2011-06-20 2012-12-20 Renesas Electronics Corporation Cryptographic communication system and cryptographic communication method
CN103164515A (en) * 2013-03-01 2013-06-19 傅如毅 Computer system confidential file knowledge base searching method
US20130339756A1 (en) * 2012-06-14 2013-12-19 Kabushiki Kaisha Toshiba Manufacturing method of a memory device to be authenticated
US20130339730A1 (en) * 2012-06-14 2013-12-19 Kabushiki Kaisha Toshiba Device authentication using restriced memory
CN103902917A (en) * 2012-12-27 2014-07-02 北京中船信息科技有限公司 Full-view monitoring method for access range and motion trails of cross-domain files
US20140281581A1 (en) * 2013-03-18 2014-09-18 Genusion, Inc. Storage Device

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110138223A1 (en) * 2009-12-04 2011-06-09 Altera Corporation Preventing information leakage between components on a programmable chip in the presence of faults
CN102185867A (en) * 2011-05-19 2011-09-14 苏州九州安华信息安全技术有限公司 Method for realizing network security and star network
US20120321077A1 (en) * 2011-06-20 2012-12-20 Renesas Electronics Corporation Cryptographic communication system and cryptographic communication method
CN102436599A (en) * 2011-10-28 2012-05-02 中国舰船研究设计中心 Secret determination information accounting method based on cascade secret determination information synchronous processing system
US20130339756A1 (en) * 2012-06-14 2013-12-19 Kabushiki Kaisha Toshiba Manufacturing method of a memory device to be authenticated
US20130339730A1 (en) * 2012-06-14 2013-12-19 Kabushiki Kaisha Toshiba Device authentication using restriced memory
CN102819604A (en) * 2012-08-20 2012-12-12 徐亮 Method for retrieving confidential information of file and judging and marking security classification based on content correlation
CN103902917A (en) * 2012-12-27 2014-07-02 北京中船信息科技有限公司 Full-view monitoring method for access range and motion trails of cross-domain files
CN103164515A (en) * 2013-03-01 2013-06-19 傅如毅 Computer system confidential file knowledge base searching method
US20140281581A1 (en) * 2013-03-18 2014-09-18 Genusion, Inc. Storage Device

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
张文 等: "基于文档全生命周期的防泄密解决方案", 《计算机应用研究》 *
王飞: "电子文档的安全审计与保密技术研究", 《学术研究》 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111353174A (en) * 2020-03-16 2020-06-30 刘琴 Private customer information management system and method for medical institution
CN111353174B (en) * 2020-03-16 2021-06-11 杭州康晟健康管理咨询有限公司 Private customer information management system and method for medical institution

Also Published As

Publication number Publication date
CN106650432B (en) 2020-11-10

Similar Documents

Publication Publication Date Title
Ahmed et al. False data injection attack (FDIA): an overview and new metrics for fair evaluation of its countermeasure
EP2945091B1 (en) Assessment type-variable enterprise security impact analysis
US20070124255A1 (en) Pluggable heterogeneous reconciliation
CN106548342B (en) Trusted device determining method and device
Jeyaraj et al. Institutional isomorphism in organizational cybersecurity: A text analytics approach
Ophoff et al. A descriptive literature review and classification of insider threat research
CN109040110B (en) Outgoing behavior detection method and device
Gschwandtner et al. Integrating threat intelligence to enhance an organization's information security management
CN106485144A (en) The analysis method of classified information and device
US9648039B1 (en) System and method for securing a network
CN106355089A (en) Secret-associated information analysis method and device
CN106650432A (en) Secret-related information analysis method and apparatus
CN116720194A (en) Method and system for evaluating data security risk
CN110955908A (en) Early warning evaluation method and system for confidential files and intelligent terminal
Kianpour Socio-Technical Root Cause Analysis of Cyber-enabled Theft of the US Intellectual Property--The Case of APT41
Schumacher et al. Data mining in vulnerability databases
Madhavi et al. Security risk assessment in electronic health record system
Zakaria et al. Review of cybersecurity audit management and execution approaches
Schweighofer et al. Privacy by design data exchange between CSIRTs
Machim et al. Guidelines for the protection of computer crime threats in the industrial business
Bruschi Information privacy: Not just gdpr
Cram Data security and quality
Rocchi Cybersecurity and Privacy Law Handbook: A beginner's guide to dealing with privacy and security while keeping hackers at bay
US20210224745A1 (en) Methods and systems of an unbiased middle entity to legally verify and manage consumer consent or acceptance
Luigi Sbriz et al. Security Adjustments to Strengthen the Bond Between Risk Registers and Information

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant