CN106878264B - Data management method and server - Google Patents
Data management method and server Download PDFInfo
- Publication number
- CN106878264B CN106878264B CN201611190939.4A CN201611190939A CN106878264B CN 106878264 B CN106878264 B CN 106878264B CN 201611190939 A CN201611190939 A CN 201611190939A CN 106878264 B CN106878264 B CN 106878264B
- Authority
- CN
- China
- Prior art keywords
- data
- forensics
- user
- identity information
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6227—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Abstract
The embodiment of the invention discloses a data management method and a server, wherein the method comprises the following steps: the method comprises the steps that a server receives an acquisition request which is sent by a user through a client and related to first forensics data, wherein the acquisition request carries keywords; looking up at least one forensics data associated with the keyword in a forensics database; acquiring the authority level of the user, and determining first forensics data matched with the authority level in the at least one forensics data; and sending the first evidence obtaining data obtained by determination to the client. By adopting the invention, the server can send the evidence obtaining data to the client based on the authority level of the user so as to improve the security of the evidence obtaining data.
Description
Technical Field
The invention relates to the technical field of computers, in particular to a data management method and a server.
Background
With the development of computer technology, various forensic data (such as video data, text data or picture data) are stored in the server, and the requirement of a user for obtaining the forensic data can be met. However, the forensic data in the server is various, and meanwhile, the forensic data stored in the server belongs to sensitive data, so that if any user can acquire all the forensic data stored in the server, the forensic data is easily leaked, and the security of the forensic data is reduced.
Disclosure of Invention
The embodiment of the invention provides a data management method and a server. The server can send the forensic data to the client based on the user's permission level to improve the security of the forensic data.
In a first aspect, an embodiment of the present invention provides a data management method, where the method includes:
receiving an acquisition request which is sent by a user through a client and is about first forensics data, wherein the acquisition request carries keywords;
looking up at least one forensics data associated with the keyword in a forensics database;
acquiring the authority level of the user, and determining first forensics data matched with the authority level in the at least one forensics data;
and sending the first evidence obtaining data obtained by determination to the client.
Optionally, the method further includes:
receiving a storage request about second forensics data, wherein the storage request carries the second forensics data;
carrying out format processing on the second evidence data according to a preset data format;
configuring attribute information of the evidence data after format processing;
and storing the forensic data configured with the attribute information into the forensic database.
Optionally, receiving a retrieval rule selected by the user from a preset retrieval rule cluster, where the preset retrieval rule cluster includes at least one retrieval rule;
optionally, attribute information meeting the retrieval rule is searched for in the forensics database, and a forensics data set including forensics data corresponding to each attribute information is obtained;
optionally, at least one forensic data associated with the keyword is found in the forensic data set.
Optionally, the method further includes:
receiving a registration request sent by the user through the client, wherein the registration request carries identity information of the user;
comparing the identity information with at least one identity information in an identity information database;
and when the identity information is matched with the target identity information in the identity information database, registering the user based on the identity information.
Optionally, identity information of the user is acquired;
optionally, the permission level corresponding to the identity information of the user is obtained according to a pre-established correspondence between the identity information and the permission level.
In another aspect, an embodiment of the present invention provides a server, including:
the device comprises a receiving unit, a processing unit and a processing unit, wherein the receiving unit is used for receiving an acquisition request which is sent by a user through a client and is about first forensics data, and the acquisition request carries keywords;
a search unit configured to search a forensics database for at least one forensics data associated with the keyword received by the receiving unit;
the acquisition unit is used for acquiring the authority level of the user;
the determining unit is used for determining first forensics data matched with the authority level in the at least one forensics data searched by the searching unit;
and the sending unit is used for sending the first forensics data determined by the determining unit to the client.
Optionally, the receiving unit is further configured to receive a storage request for second forensics data, where the storage request carries the second forensics data.
Optionally, the server further includes:
and the processing unit is used for carrying out format processing on the second evidence data received by the receiving unit according to a preset data format.
And the configuration unit is used for configuring the attribute information of the forensic data processed by the processing unit in the format.
And the storage unit is used for storing the forensics data configured with the attribute information by the configuration unit into the forensics database.
Optionally, the search unit is specifically configured to:
receiving a retrieval rule selected by the user in a preset retrieval rule cluster, wherein the preset retrieval rule cluster comprises at least one retrieval rule;
and searching attribute information meeting the retrieval rule in the evidence obtaining database, and obtaining an evidence obtaining data set containing evidence obtaining data corresponding to each attribute information.
At least one forensic data associated with the keyword is found in the forensic data set.
Optionally, the receiving unit is further configured to receive a registration request sent by a user through a client before receiving an acquisition request sent by the user through the client about first forensics data, where the registration request carries identity information of the user.
Optionally, the server further includes:
a comparing unit for comparing the identity information received by the receiving unit with at least one identity information in an identity information database,
and the registration unit is used for registering the user based on the identity information when the identity information is matched with the target identity information in the identity information database.
Optionally, the obtaining unit is specifically configured to:
acquiring identity information of the user;
and acquiring the authority level corresponding to the identity information of the user according to the pre-established corresponding relationship between the identity information and the authority level.
It can be seen that, in the embodiment of the present invention, a server receives an acquisition request, which is sent by a user through a client and related to first forensics data, where the acquisition request carries a keyword, searches at least one forensics data associated with the keyword in a forensics database, acquires an authority level of the user, determines, from the at least one forensics data, the first forensics data matching the authority level, and sends the determined first forensics data to the client. The server can send the forensic data to the client based on the user's permission level to improve the security of the forensic data.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a flowchart illustrating a data management method according to an embodiment of the present invention;
FIG. 2 is a flow chart illustrating a data management method according to another embodiment of the present invention;
fig. 3 is a schematic structural diagram of a server according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of a server according to another embodiment of the present invention;
fig. 5 is a schematic structural diagram of a server according to still another embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It will be understood that the terms "comprises" and/or "comprising," when used in this specification and the appended claims, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
It is also to be understood that the terminology used in the description of the invention herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used in the specification of the present invention and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise.
It should be further understood that the term "and/or" as used in this specification and the appended claims refers to and includes any and all possible combinations of one or more of the associated listed items.
As used in this specification and the appended claims, the term "if" may be interpreted contextually as "when", "upon" or "in response to a determination" or "in response to a detection". Similarly, the phrase "if it is determined" or "if a described condition or event is detected" may be interpreted, depending on the context, to mean "upon determining" or "in response to determining" or "upon detecting a described condition or event" or "in response to detecting a described condition or event".
Referring to fig. 1, fig. 1 is a schematic flow chart of a data management method according to an embodiment of the present invention. The data management method described in this embodiment is applied to a server, and includes the following steps:
s101, a server receives an acquisition request which is sent by a user through a client and related to first forensics data, wherein the acquisition request carries keywords.
In specific implementation, the server may store at least one piece of forensic data, and when a user needs to acquire first forensic data, the server may send an acquisition request for the first forensic data to the server through the client, where the acquisition request carries a keyword, and the server receives the acquisition request for the first forensic data sent by the user through the client.
Optionally, the forensic data may include at least one of web page screen capture data, web page video data, web page information, server information, routing information, source code information, text information, or request response information.
Illustratively, when the client sends a data acquisition instruction to the server, the client may capture a current webpage to obtain webpage capture data. The client can also record videos of the screen displayed by the client in the process that the user accesses the webpage, and when the client generates a packaging instruction, the client can finish the video recording of the screen displayed by the client to obtain webpage video data. The client may also obtain web page information of the web page, where the web page information may include a Uniform Resource Locator (URL) target address and a web page TITLE (tlle). The client may send the web page screenshot, the URL destination address, and the web page title to the server. The client can send the page screenshot data, the webpage video data and the webpage information to the server.
For example, when the server receives the data collection instruction, the server may obtain the web page information, the source code information, and the text information of the web page accessed by the client. The server may also send the URL destination address to a Domain Name Server (DNS), where the DNS resolves the URL destination address to obtain an Internet Protocol (IP) address of the interconnection between networks, and returns the IP address to the server. Optionally, the server may further send a routing information obtaining request to the terminal device corresponding to the IP address, so as to obtain routing information of each node device between the forensics server and the terminal device corresponding to the IP address. Optionally, the server may further obtain web page underlying data based on the IP address, where the web page underlying data may include request response information.
For example, when the server receives the data acquisition instruction, the server may further obtain server information of a web server providing the web page, where the server information may include an IP address or a domain name. The server may also obtain a standard time for starting to collect the forensic data, where the standard time is a forensic start time obtained from the clairvoyance center. The server may also obtain user information of the user logging in the client, for example, the user information may include a login account, a password, and the like.
Optionally, after the server obtains the evidence obtaining data, the collected evidence obtaining data may be stored in a file manner to form an evidence package, and the evidence package is encrypted and compressed according to a file format of the evidence package to generate a compressed package. The compact package cannot be opened with other tools, and can only be opened using the viewer provided by the evidence package. Illustratively, the format of the evidence package includes: the method comprises the steps of web page screenshot format jpg or png, screen recording video format wmv, web page title and link information format pages, evidence obtaining information, a server, a routing information format sever, a web page source code format index.
Further, after the server generates the compressed packet, the server may encrypt the obtained compressed packet according to a first message digest algorithm to obtain a hash value, the server may also encrypt the hash value according to a second message digest algorithm to obtain a first digital fingerprint of the forensic data, and the server may send the first digital fingerprint and a data identifier of the forensic data to a third-party server. The first Message Digest Algorithm may include a Secure Hash Algorithm (SHA) or a fifth version of the Message Digest Algorithm (MD 5), and the SHA may include any one of Secure Hash algorithms SHA-1, SHA-256, or SHA-512. The second message digest algorithm may comprise SHA or MD5, and SHA may comprise any one of SHA-1, SHA-256, or SHA-512.
In the embodiment of the invention, the server and the client establish communication connection in a WLAN or FTP mode and the like, the client can send an acquisition request about first forensics data to the server, and the acquisition request carries keywords, wherein the characters of the keywords can be as long as or short as at least one character; the language of the keyword can be Chinese, or a few name family languages or foreign language (such as English); the keywords can be fields in the subject of the forensic data, or fields in the body of the forensic data, or numbers of the forensic data, etc.; the keyword may be one or more. The client may be an application installed on the terminal or a web page client, and the embodiment of the present invention is not limited thereto.
In the embodiment of the invention, when a server receives a first forensics data acquisition request sent by a user through a client, if the acquisition request carries the identity information of the user, the server can obtain the identity information of the user from the acquisition request; if the acquisition request does not carry the identity information of the user, the server can send the identity information acquisition request to the client and receive the identity information sent by the client. After the server obtains the identity information, the server may perform identity authentication on the user, for example, the server may compare the identity information with the identity information in the identity information database, and when the identity information matches the target identity information in the identity information database, the server may determine that the identity authentication is successful, and then allow the access of the client, and if the authentication is failed, the server may deny the access of the client. The identity information may be the basic information such as the name, unit, department or login account of the user, and may also be the IP address or MAC address of the terminal where the client is located.
In addition, if the identity information is login account number and password information, the client encrypts the password of the user to obtain encrypted data and sends the encrypted data and the login account number to the server, the server verifies the format of the encrypted data after receiving the encrypted data and the login account number, and if the verification fails, the server refuses the access of the client; if the verification is successful, the server decrypts the encrypted data and compares the decrypted data and the received login account with the login account and the password stored in the server, and if the login account is matched with the target login account stored in the server and the decrypted data is matched with the target password corresponding to the target login account, the server can allow the client to access; if the login account is not matched with the target login account stored in the server, or the decrypted data is not matched with the target password corresponding to the target login account, the server can refuse the access of the client.
S102, the server searches at least one piece of forensic data associated with the keyword in a forensic database.
In the embodiment of the invention, the server can search in the forensics database according to the obtained keywords, and obtain at least one forensics data associated with the keywords.
Optionally, after the server obtains the at least one forensic data associated with the keyword, a verification operation may be performed on the at least one forensic data by a third-party server to prove authenticity of the at least one forensic data.
For example, the verification process of the forensic data may be as follows: after the server acquires at least one piece of forensic data associated with the keyword, the server encrypts any piece of forensic data through a first message digest algorithm to obtain a hash value of the forensic data, encrypts the hash value through a second message digest algorithm to obtain a second digital fingerprint of the forensic data, and sends the second digital fingerprint and a data identifier of the forensic data to the verification server, and the verification server can acquire a first digital fingerprint corresponding to the data identifier in a fingerprint database of the verification server, compare the first digital fingerprint with the second digital fingerprint, and feed back a comparison result to the server. When the comparison result indicates that the first digital fingerprint and the second digital fingerprint are the same, the server may determine that the forensic data has not been tampered, and the server may perform step S103.
S103, the server obtains the authority level of the user, and determines first forensic data matched with the authority level in the at least one forensic data.
It should be noted that, when a user registers, the server may configure an authority level for the user according to information of the user position or department, specifically, may assign a system role to the user according to the identity information of the user, and assign different authority levels to different system roles, where the system role may include a security administrator, an administrator and a service administrator, the security administrator has the highest authority level, the service administrator has a medium authority level, the administrator has the lowest authority level, and different authority levels may have different authorities. For example, a security administrator may have the authority to assign system roles, authority management, security management, and check, download, delete, and verify all the forensic data, a business administrator may have the authority to check, verify, download, and delete all the forensic data, and a business administrator may have the authority to check, verify, and download the forensic data acquired by the business administrator.
In the embodiment of the invention, the server can establish the corresponding relation between the identity information and the authority level of the user, after the server acquires the identity information of the user, the corresponding authority level can be acquired according to the identity information, and the first evidence obtaining data matched with the authority level is determined in the at least one evidence obtaining data.
S104, the server sends the first evidence obtaining data obtained through determination to the client.
Optionally, if the server stores the collected forensic data in a file manner to form an evidence package, and performs encryption compression according to a file format of the evidence package to generate a compressed package, the server may search at least one compressed package associated with the keyword in the forensic database, determine a first compressed package matching the permission level of the user in the at least one compressed package, and send the first compressed package to the client. The client can decompress the first compressed packet to obtain an evidence packet, and output the evidence packet for the user to view.
It should be noted that the client may include a PC client or a Web front end, and different clients perform different decompression methods on the first compressed packet, for example, the PC client may store the first compressed packet in a Windows cache region, and decompress the first compressed packet in the Windows cache region to obtain the first forensics data. If the Web server receives the first compressed packet sent by the server, the first compressed packet may be stored in a first Web server cache region, the Web server decompresses the first compressed packet in the first Web server cache region to obtain first forensics data, and the Web server sends the first forensics data to the Web front end, where the Web server is different from the server in the embodiment of the present invention. If the server determines that the first compressed packet is obtained, the first compressed packet may be directly stored in the cache region of the second Web server, the first compressed packet is decompressed in the cache region of the second Web server to obtain first forensics data, and the server sends the first forensics data to the Web front end, where the Web server is the same as the server in the embodiment of the present invention.
In the embodiment of the invention, a server receives an acquisition request which is sent by a user through a client and relates to first forensics data, the acquisition request carries a keyword, at least one forensics data which is associated with the keyword is searched in a forensics database, the authority level of the user is acquired, the first forensics data which is matched with the authority level is determined in the at least one forensics data, and the determined first forensics data is sent to the client. By adopting the invention, the server can send the evidence obtaining data to the client based on the authority level of the user so as to improve the security of the evidence obtaining data.
Referring to fig. 2, fig. 2 is a schematic flow chart of a data management method according to another embodiment of the present invention. The data management method described in this embodiment is applied to a server, and includes the following steps:
s201, a server receives a registration request sent by a user through a client, wherein the registration request carries identity information of the user.
In the embodiment of the invention, the server can receive the registration request sent by the user through the client, the registration request can carry the identity information of the user, the identity information has uniqueness and particularity, and the identity information can be the identity number of the user or the MAC address of the terminal where the client is located, and can also be the work number of the user and the like.
S202, the server compares the identity information with at least one identity information in an identity information database.
In the embodiment of the invention, the server can store the identity information of the unregistered user with the access right in the identity information database, and when the user needs to register, the server can compare the identity information with the identity information in the identity information database, so that the registration of the user without the access right can be avoided.
S203, when the identity information is matched with the target identity information in the identity information database, the server registers the user based on the identity information.
In the embodiment of the present invention, the server may compare the identity information with the identity information in the identity information database, and if the target identity information in the identity information database is consistent with the identity information, that is, the identity information is matched with the target identity information in the identity information database, the user may be registered based on the identity information, and after registration, the server may mark the user as a registered user, so that the user may access the server through the identity information.
For example, if the identity information of the user is an identity card number, the identity card number of the user can be found in the identity information database, that is, the identity information is matched with the target identity information in the identity information database, and the server can register the user based on the identity information.
S204, the server receives an acquisition request which is sent by the user through the client and related to the first forensics data, and the acquisition request carries keywords.
The first forensic data may be data about an infringement webpage, and the server receives an article to be authenticated (e.g., a literary work, a paper, a patent, etc.), confirms a copyright right of the article to be authenticated according to information such as completion time, completion location, author, etc. of the article to be authenticated, and marks the article to be authenticated as an authenticated article. The server monitors the webpage, compares the content on the webpage with the authorized works in the server, and determines the target webpage as an infringing webpage if the similarity between the content on the sent target webpage and the authorized works is larger than a preset threshold, wherein the target webpage is an unauthorized webpage. After confirming the infringement webpage, the server may collect data of the target webpage, where the collected data may include: the method comprises the steps of obtaining web page video data, web page screen capture data, routing information, a server type corresponding to an infringing web page or an IP address of the infringing web page and the like, obtaining standard time, and carrying out encryption operation on the collected data and the standard time to generate first evidence obtaining data.
Optionally, after determining the target webpage as an infringing webpage, the server may send warning information to the website providing the target webpage to prompt the website to delete the target webpage. The embodiment of the invention can automatically prompt the website to delete the target webpage, avoid economic disputes and improve the data processing efficiency.
S205, the server searches at least one piece of forensic data associated with the keyword in a forensic database.
Optionally, the server receives a search rule selected by the user from a preset search rule cluster, where the preset search rule cluster includes at least one search rule.
In the embodiment of the present invention, the user may select a search rule in the preset search rule cluster, and the server may receive the search rule selected by the user, so that the server may quickly search the forensic data requested by the user according to the search rule, where the preset search rule cluster may include full-text search, synonym search, exclusion search, search with an expanded range, search with a reduced range, and the like, and the embodiment of the present invention is not limited.
Optionally, the server searches attribute information meeting the search rule in the forensics database, and obtains a forensics data set including forensics data corresponding to each attribute information.
In the embodiment of the invention, in order to quickly find the forensic data required by the user, the server may search attribute information meeting the search rule from the forensic database, and obtain a forensic data set including the forensic data corresponding to each attribute information, where the attribute information may be an industry attribute of the forensic data, an area attribute of the forensic data, or a source attribute of the forensic data.
Optionally, the server finds at least one forensic data associated with the keyword in the set of forensic data.
In the embodiment of the present invention, in order to further accurately find the forensic data required by the user, the server may find out at least one piece of forensic data associated with the keyword in the forensic data set.
S206, the server acquires the identity information of the user and acquires the authority level corresponding to the identity information of the user according to the corresponding relation between the pre-established identity information and the authority level.
In the embodiment of the invention, the server can configure the authority levels for the users according to the units, departments and positions of the users, particularly, the system roles can be distributed to the users according to the identity information of the users, different authority levels are distributed to different system roles, the system roles can comprise a security administrator, a service manager and a service manager, the security administrator has the highest authority level, the service manager has the middle authority level, the service manager has the lowest authority level, and different authority levels can have different authorities. For example, a security administrator may have the authority to assign system roles, authority management, security management, and check, download, delete, and verify all the forensic data, a business administrator may have the authority to check, verify, download, and delete all the forensic data, and a business administrator may have the authority to check, verify, and download the acquired data. Meanwhile, after the user registers, the server can establish the corresponding relation between the identity card number and the authority level or can establish the corresponding relation between the job number and the authority level.
Optionally, the obtaining, by the server, the identity information of the user, and obtaining, according to a correspondence between the pre-established identity information and the permission level, the permission level corresponding to the identity information of the user includes: if the server acquires that the identity information of the user is the identity card number, the corresponding authority level of the identity information of the user can be acquired by checking the corresponding relation between the pre-established identity card number and the authority level.
Optionally, the obtaining, by the server, the identity information of the user, and according to the pre-established correspondence between the identity information and the permission level, the permission level corresponding to the identity information of the user includes: if the server acquires that the identity information of the user is the work number, the authority level corresponding to the identity information of the user can be acquired by checking the corresponding relation between the pre-established work number and the authority level.
Optionally, the obtaining, by the server, the identity information of the user, and according to the pre-established correspondence between the identity information and the permission level, the permission level corresponding to the identity information of the user includes: if the server acquires that the identity information of the user is the unit, department and position of the user, the authority level corresponding to the identity information of the user can be acquired by checking the corresponding relation between the unit, department and position and the authority level which is established in advance.
S207, the server determines first forensic data matched with the authority level in the at least one forensic data.
And S208, the server sends the determined first forensics data to the client.
Optionally, the server receives a storage request for the second forensic data, where the storage request carries the second forensic data.
Optionally, the client may obtain second forensics data from a platform such as a web page or a social application, and may send a storage request about the second forensics data, and the server may receive the storage request, where the storage request carries the second forensics data, may process the second forensics data, and then stores the processed second forensics data.
Optionally, the server performs format processing on the second forensics data according to a preset data format.
In this embodiment of the present invention, the forensic data received by the server may come from a different platform (e.g., a social application or a web page), which results in a different format of the forensic data (e.g., DOC, PDF, TXT, etc.), and for the convenience of retrieving the forensic data, the server may perform format processing on the second forensic data according to a preset data format.
Optionally, the server configures attribute information of the forensic data after format processing.
In the embodiment of the invention, in order to quickly retrieve the forensic data, the server may configure attribute information for the forensic data after format processing, where the attribute information may include an industry attribute of the forensic data, a regional attribute of the forensic data, or a source attribute of the forensic data.
Optionally, the server stores the forensics data configured with the attribute information in the forensics database.
In the embodiment of the invention, the server can store the forensic data configured with the attribute information into the forensic database, so that an authorized user can retrieve the forensic data.
For example, the user B sends a registration request to the server through the client, where the request carries the job number 52354565 of the user, the server searches whether the job number 52354565 exists in the identity information database, if not, the server rejects the registration of the user, if so, the server registers the user according to 52354565, and after the registration, the user can set a password and can log in the server according to the job number and the password.
Further, the server may obtain that the authority level of the user B is the lowest level according to a pre-established corresponding relationship between the job number and the authority level, and if the server receives the download forensic data E and the download forensic data F sent by the user a through the client, the server determines that the user has the authority to download the forensic data E according to the authority level of the user B, but does not have the authority to download the forensic data F, and the server may find the forensic data E according to a keyword provided by the user, and send the forensic data E to the client.
In the embodiment of the invention, a server receives a registration request sent by a user through a client, the registration request carries identity information of the user, the server compares the identity information with at least one piece of identity information in an identity information database, and when the identity information is matched with target identity information in the identity information database, the server registers the user based on the identity information. The server can receive an acquisition request about first forensics data sent by a user through the client, can search the forensics data according to the keywords, and sends the first forensics data matched with the user permission level to the client. By adopting the invention, the server can send the evidence obtaining data to the client based on the authority level of the user so as to improve the security of the evidence obtaining data.
Referring to fig. 3, which is a schematic structural diagram of a server according to an embodiment of the present invention, the server described in this embodiment includes:
a receiving unit 301, configured to receive an acquisition request, which is sent by a user through a client and related to first forensics data, where the acquisition request carries a keyword;
a search unit 302 for searching for at least one forensic data associated with the keyword received by the receiving unit 301 in a forensic database;
an obtaining unit 303, configured to obtain an authority level of the user;
a determining unit 304, configured to determine, from the at least one forensic data found by the finding unit 302, first forensic data matching the authority level;
a sending unit 305, configured to send the first forensics data determined by the determining unit 304 to the client.
In the embodiment of the invention, a server receives an acquisition request which is sent by a user through a client and relates to first forensics data, the acquisition request carries a keyword, at least one forensics data which is associated with the keyword is searched in a forensics database, the authority level of the user is acquired, the first forensics data which is matched with the authority level is determined in the at least one forensics data, and the determined first forensics data is sent to the client. By adopting the invention, the server can send the evidence obtaining data to the client based on the authority level of the user so as to improve the security of the evidence obtaining data.
Referring to fig. 4 together, it is a schematic structural diagram of another embodiment of a server provided in an embodiment of the present invention, as shown in fig. 4, the server includes the receiving unit 301, the searching unit 302, the obtaining unit 303, the determining unit 304, and the sending unit 305 mentioned in fig. 3, in an embodiment of the present invention, the server further includes a processing unit 306, a configuring unit 307, and a storing unit 308, where:
optionally, the receiving unit 301 is further configured to receive a storage request for second forensics data, where the storage request carries the second forensics data.
A processing unit 306, configured to perform format processing on the second forensics data received by the receiving unit 301 according to a preset data format.
A configuration unit 307, configured to configure attribute information of the forensic data processed by the processing unit 306 in the format.
A storage unit 308, configured to store the forensics data configured with the attribute information by the configuration unit 307 into the forensics database.
Optionally, the receiving unit 301 is specifically configured to receive a retrieval rule selected by the user from a preset retrieval rule cluster, where the preset retrieval rule cluster includes at least one retrieval rule; searching attribute information meeting the retrieval rule in the forensics database, and acquiring forensics data sets containing forensics data corresponding to the attribute information; at least one forensic data associated with the keyword is located in the set of forensic data.
Optionally, the receiving unit 301 is further configured to receive a registration request sent by a user through a client before receiving an acquisition request, sent by the user through the client, about first forensics data, where the registration request carries identity information of the user.
A comparing unit 309, configured to compare the identity information received by the receiving unit 301 with at least one identity information in the identity information database.
A registering unit 310, configured to register the user based on the identity information when the comparing unit 309 does match the identity information with the target identity information in the identity information database.
Optionally, the obtaining unit 303 obtains the permission level of the user, and is specifically configured to:
acquiring identity information of the user;
and acquiring the authority level corresponding to the identity information of the user according to the pre-established corresponding relationship between the identity information and the authority level.
It can be seen that, in the embodiment of the present invention, a server receives an acquisition request, which is sent by a user through a client and related to first forensics data, where the acquisition request carries a keyword, searches at least one forensics data associated with the keyword in a forensics database, acquires an authority level of the user, determines, from the at least one forensics data, the first forensics data matching the authority level, and sends the determined first forensics data to the client. The forensic data may be sent to the client based on the user's permission level to improve the security of the forensic data.
Referring to fig. 5, which is a schematic structural diagram of another embodiment of a server according to an embodiment of the present invention, the server described in this embodiment may include: one or more processors 503, one or more input devices 501, one or more output devices 502, and memory 504. The processor 503, the input device 501, the output device 502, and the memory are connected by a bus 505. The memory 504 is used to store instructions and the processor 503 executes the instructions stored by the memory 504 in language. Wherein:
the input device 501 is configured to receive an acquisition request, which is sent by a user through a client and carries a keyword, about first forensics data.
The processor 503 is configured to search a forensics database for at least one forensics data associated with the keyword; and acquiring the authority level of the user, and determining first forensic data matched with the authority level in the at least one forensic data.
The output device 502 is configured to send the determined first forensics data to the client.
Optionally, the input device 501 is further configured to receive a storage request for second forensics data, where the storage request carries the second forensics data.
Optionally, the processor 503 is further configured to perform format processing on the second forensics data according to a preset data format; and configuring attribute information of the forensic data after format processing.
Optionally, the memory 504 is configured to store the forensic data configured with the attribute information in the forensic database.
The processor 503 searches the forensics database for at least one forensics data associated with the keyword, and is specifically configured to:
and receiving a retrieval rule selected by the user in a preset retrieval rule cluster, wherein the preset retrieval rule cluster comprises at least one retrieval rule.
Searching attribute information meeting the retrieval rule in the forensics database, and acquiring a forensics data set containing forensics data corresponding to each attribute information;
at least one forensic data associated with the keyword is found in the forensic data set.
Optionally, the input device 501 is further configured to receive a registration request sent by a user through a client before receiving an acquisition request sent by the user through the client about first forensics data, where the registration request carries identity information of the user.
Optionally, the processor 503 is further configured to compare the identity information with at least one identity information in an identity information database; and when the identity information is matched with the target identity information in the identity information database, registering the user based on the identity information.
Optionally, the processor 503 acquires the permission level of the user, and is specifically configured to:
acquiring identity information of the user;
and acquiring the authority level corresponding to the identity information of the user according to the pre-established corresponding relationship between the identity information and the authority level.
In the embodiment of the invention, a server receives an acquisition request which is sent by a user through a client and relates to first forensics data, the acquisition request carries a keyword, at least one forensics data which is associated with the keyword is searched in a forensics database, the authority level of the user is acquired, the first forensics data which is matched with the authority level is determined in the at least one forensics data, and the determined first forensics data is sent to the client. By adopting the invention, the server can send the evidence obtaining data to the client based on the authority level of the user so as to improve the security of the evidence obtaining data.
It should be understood that, in the embodiment of the present invention, the Processor 503 may be a Central Processing Unit (CPU), and the Processor may also be other general-purpose processors, Digital Signal Processors (DSPs), Application Specific Integrated Circuits (ASICs), Field Programmable Gate Arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components, and the like. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The input device 501 may include a touch pad, a fingerprint sensor (for collecting fingerprint information of a user and direction information of the fingerprint), a microphone, etc., and the output device 502 may include a display (LCD, etc.), a speaker, etc.
The memory 504 may include both read-only memory and random access memory and provides instructions and data to the processor 503. A portion of the memory 504 may also include non-volatile random access memory.
In a specific implementation, the processor 503, the input device 501, and the output device 502 described in this embodiment of the present invention may execute the implementation manners described in the first embodiment and the second embodiment of the proxy selection provided in this embodiment of the present invention, and may also execute the implementation manner of the server described in this embodiment of the present invention, which is not described herein again.
Each functional module in the embodiments of the present invention may be integrated into one processing module, or each module may exist alone physically, or two or more modules are integrated into one module. The integrated module can be realized in a hardware mode, and can also be realized in a software functional module mode.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, which can be stored in a computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. The storage medium may be a magnetic disk, an optical disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), or the like.
While the invention has been described with reference to a preferred embodiment, it will be understood by those skilled in the art that various changes in form and detail may be made therein without departing from the spirit and scope of the invention as defined by the appended claims.
While the invention has been described with reference to specific embodiments, the invention is not limited thereto, and various equivalent modifications and substitutions can be easily made by those skilled in the art within the technical scope of the invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.
Claims (10)
1. A method for managing data, comprising:
receiving the work to be authenticated, confirming the copyright ownership of the work to be authenticated according to the completion time, the completion place and the author information of the work to be authenticated, and marking the work to be authenticated as the work to be authenticated;
monitoring a webpage, comparing the content on the webpage with the authorization product, and determining the target webpage as an infringing webpage if the similarity between the content on the target webpage and the authorization product is greater than a preset threshold value, wherein the target webpage is an unauthorized webpage;
acquiring data of the target webpage, acquiring standard time for starting to acquire the data, and encrypting the acquired data and the standard time to generate first forensics data, wherein the standard time is the forensics starting time acquired from a Wei time center;
receiving an acquisition request which is sent by a user through a client and is about first forensics data, wherein the acquisition request carries keywords;
searching at least one forensics data associated with the keywords in a forensics database, wherein the forensics data comprises at least one of webpage video data, server information, routing information, source code information or request response information;
acquiring the authority level of the user, and determining first forensics data matched with the authority level in the at least one forensics data, wherein different authority levels have different authorities, and the authorities comprise any one or more of checking, downloading and deleting;
and sending the first evidence obtaining data obtained by determination to the client.
2. The method of claim 1, further comprising:
receiving a storage request about second forensics data, wherein the storage request carries the second forensics data;
carrying out format processing on the second evidence data according to a preset data format;
configuring attribute information of the evidence data after format processing;
and storing the forensic data configured with the attribute information into the forensic database.
3. The method of claim 2, wherein said looking up at least one forensics data associated with the keyword in a forensics database comprises:
receiving a retrieval rule selected by the user in a preset retrieval rule cluster, wherein the preset retrieval rule cluster comprises at least one retrieval rule;
searching attribute information meeting the retrieval rule in the forensics database, and acquiring a forensics data set containing forensics data corresponding to each attribute information;
at least one forensic data associated with the keyword is found in the forensic data set.
4. The method of claim 1, wherein the receiving a request sent by a user through a client for obtaining first forensics data further comprises:
receiving a registration request sent by the user through the client, wherein the registration request carries identity information of the user;
comparing the identity information with at least one identity information in an identity information database;
and when the identity information is matched with the target identity information in the identity information database, registering the user based on the identity information.
5. The method of claim 4, wherein the obtaining the user's privilege level comprises:
acquiring identity information of the user;
and acquiring the authority level corresponding to the identity information of the user according to the pre-established corresponding relationship between the identity information and the authority level.
6. A server, comprising:
the receiving unit is used for receiving the to-be-confirmed works, confirming the copyright ownership of the to-be-confirmed works according to the completion time, the completion place and the author information of the to-be-confirmed works, and marking the to-be-confirmed works as the to-be-confirmed works; monitoring a webpage, comparing the content on the webpage with the authorization product, and determining the target webpage as an infringing webpage if the similarity between the content on the target webpage and the authorization product is greater than a preset threshold value, wherein the target webpage is an unauthorized webpage; acquiring data of the target webpage, acquiring standard time for starting to acquire the data, and encrypting the acquired data and the standard time to generate first forensics data, wherein the standard time is the forensics starting time acquired from a Wei time center; receiving an acquisition request which is sent by a user through a client and is about first forensics data, wherein the acquisition request carries keywords;
the searching unit is used for searching at least one piece of forensic data associated with the keywords received by the receiving unit in a forensic database, wherein the forensic data comprises at least one of webpage video data, server information, routing information, source code information or request response information;
the acquisition unit is used for acquiring the authority level of the user;
the determining unit is used for determining first forensic data matched with the permission level in at least one forensic data searched by the searching unit, wherein different permission levels have different permissions, and the permissions comprise any one or more of checking, verifying, downloading and deleting;
and the sending unit is used for sending the first forensics data determined by the determining unit to the client.
7. The server according to claim 6,
the receiving unit is further configured to receive a storage request for second forensics data, where the storage request carries the second forensics data;
the server further comprises:
the processing unit is used for carrying out format processing on the second evidence data received by the receiving unit according to a preset data format;
the configuration unit is used for configuring attribute information of the evidence data processed by the processing unit in the format;
and the storage unit is used for storing the forensics data configured with the attribute information by the configuration unit into the forensics database.
8. The server according to claim 7, wherein the search unit is specifically configured to:
receiving a retrieval rule selected by the user in a preset retrieval rule cluster, wherein the preset retrieval rule cluster comprises at least one retrieval rule;
searching attribute information meeting the retrieval rule in the forensics database, and acquiring a forensics data set containing forensics data corresponding to each attribute information;
at least one forensic data associated with the keyword is found in the forensic data set.
9. The server according to claim 6,
the receiving unit is further configured to receive a registration request sent by a user through a client before receiving an acquisition request sent by the user through the client about first forensics data, where the registration request carries identity information of the user;
the server further comprises:
the comparing unit is used for comparing the identity information received by the receiving unit with at least one identity information in an identity information database;
and the registration unit is used for registering the user based on the identity information when the comparison unit determines that the identity information is matched with the target identity information in the identity information database.
10. The server according to claim 9, wherein the obtaining unit is specifically configured to:
acquiring identity information of the user;
and acquiring the authority level corresponding to the identity information of the user according to the pre-established corresponding relationship between the identity information and the authority level.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611190939.4A CN106878264B (en) | 2016-12-21 | 2016-12-21 | Data management method and server |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611190939.4A CN106878264B (en) | 2016-12-21 | 2016-12-21 | Data management method and server |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106878264A CN106878264A (en) | 2017-06-20 |
| CN106878264B true CN106878264B (en) | 2021-02-12 |
Family
ID=59164763
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201611190939.4A Active CN106878264B (en) | 2016-12-21 | 2016-12-21 | Data management method and server |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106878264B (en) |
Families Citing this family (18)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107172079A (en) * | 2017-06-27 | 2017-09-15 | 武汉蓝星软件技术有限公司 | A kind of data compression exchange method based on application service core frame platform |
| CN109788019A (en) * | 2017-11-13 | 2019-05-21 | 重庆华龙艾迪信息技术有限公司 | A kind of data processing method and proxy server |
| CN108540371B (en) * | 2018-03-09 | 2021-06-01 | 福州米鱼信息科技有限公司 | Method and system for uploading electronic evidence |
| CN108833328B (en) * | 2018-03-27 | 2021-03-02 | 博彦科技(上海)有限公司 | Cloud management method and device, storage medium and processor |
| CN108924101A (en) * | 2018-06-20 | 2018-11-30 | 北京车和家信息技术有限公司 | A kind of operating method and relevant device of database |
| CN109308302A (en) * | 2018-08-15 | 2019-02-05 | 深圳壹账通智能科技有限公司 | Data determination method, device, electronic equipment and computer readable storage medium |
| CN109815731A (en) * | 2018-12-29 | 2019-05-28 | 深圳云天励飞技术有限公司 | Permission processing method and relevant device |
| CN110442559A (en) * | 2019-07-05 | 2019-11-12 | 深圳中兴网信科技有限公司 | Log searching method, apparatus and server |
| CN110661777A (en) * | 2019-08-08 | 2020-01-07 | 西安万像电子科技有限公司 | Data transmission method and system |
| CN110866228A (en) * | 2019-10-17 | 2020-03-06 | 北京旷视科技有限公司 | Data information authority management method, device and system for data issue |
| CN111241058A (en) * | 2020-01-07 | 2020-06-05 | 中交一航局第二工程有限公司 | Method for constructing science and technology cloud intelligence library |
| CN111597521B (en) * | 2020-05-20 | 2023-12-01 | 贵州电网有限责任公司 | Method and system for safely processing data of mobile terminal of transformer substation |
| CN111597572B (en) * | 2020-05-20 | 2023-08-29 | 贵州电网有限责任公司 | Substation drawing file data management and reference method and system |
| CN112328995B (en) * | 2020-07-08 | 2023-04-14 | 德能森智能科技(成都)有限公司 | Social management system based on TOF image sensor verification |
| CN112395479A (en) * | 2020-09-27 | 2021-02-23 | 广州市奥威亚电子科技有限公司 | Method, client and quality certification system for acquiring case information |
| CN113177220B (en) * | 2021-05-27 | 2021-12-17 | 深圳市数存科技有限公司 | Service safety system capable of carrying out remote data protection |
| CN115115351B (en) * | 2022-08-24 | 2022-11-15 | 深圳市华云中盛科技股份有限公司 | Method and system for auditing environmental damage identification evaluation report |
| CN117354069B (en) * | 2023-12-06 | 2024-02-13 | 自然资源陕西省卫星应用技术中心 | Remote sensing data management system and method based on data lake |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101320373A (en) * | 2008-06-13 | 2008-12-10 | 华中科技大学 | Safety search engine system of website database |
| CN101458745A (en) * | 2007-12-12 | 2009-06-17 | 上海爱信诺航芯电子科技有限公司 | Tracing subsystem of digital copyright management proxy system and working method thereof |
| CN102325139A (en) * | 2011-09-14 | 2012-01-18 | 福建伊时代信息科技股份有限公司 | Electronic document processing method, processing system and verification system |
-
2016
- 2016-12-21 CN CN201611190939.4A patent/CN106878264B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101458745A (en) * | 2007-12-12 | 2009-06-17 | 上海爱信诺航芯电子科技有限公司 | Tracing subsystem of digital copyright management proxy system and working method thereof |
| CN101320373A (en) * | 2008-06-13 | 2008-12-10 | 华中科技大学 | Safety search engine system of website database |
| CN102325139A (en) * | 2011-09-14 | 2012-01-18 | 福建伊时代信息科技股份有限公司 | Electronic document processing method, processing system and verification system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106878264A (en) | 2017-06-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106878264B (en) | Data management method and server | |
| US9576005B2 (en) | Search system | |
| US20200019714A1 (en) | Distributed data storage by means of authorisation token | |
| WO2015101149A1 (en) | Application certificate-based method for detecting security of application installation package, terminal, and assisting server | |
| US7096493B1 (en) | Internet file safety information center | |
| US20200084045A1 (en) | Establishing provenance of digital assets using blockchain system | |
| US20110029555A1 (en) | Method, system and apparatus for content identification | |
| CN109376133B (en) | File access method and file access system | |
| US8234283B2 (en) | Search reporting apparatus, method and system | |
| US8397068B2 (en) | Generic file protection format | |
| KR20130120367A (en) | Claim based content reputation service | |
| WO2019205366A1 (en) | Picture management method and apparatus, computer device, and storage medium | |
| US11841930B1 (en) | Origin and ownership verification of a digital object in a digital object architecture | |
| CN110071937B (en) | Login method, system and storage medium based on block chain | |
| CN113297560A (en) | Identity authentication method, device and equipment based on block chain and readable storage medium | |
| CN110708335A (en) | Access authentication method and device and terminal equipment | |
| Fu et al. | Data correlation‐based analysis methods for automatic memory forensic | |
| CN101739522B (en) | DRM file integrity protection method and device | |
| CN112860933B (en) | Ciphertext image retrieval method, device, terminal equipment and storage medium | |
| WO2016173267A1 (en) | Completeness checking method and apparatus | |
| CN112084501A (en) | Malicious program detection method and device, electronic device and storage medium | |
| JP2012182737A (en) | Secret data leakage preventing system, determining apparatus, secret data leakage preventing method and program | |
| CN111935122B (en) | Data security processing method and device | |
| US11627117B2 (en) | Secure search service | |
| CN114756863A (en) | File tampering detection method and device, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |