CN107194273A - Can continuous-query data desensitization method and system - Google Patents
Can continuous-query data desensitization method and system Download PDFInfo
- Publication number
- CN107194273A CN107194273A CN201710262534.5A CN201710262534A CN107194273A CN 107194273 A CN107194273 A CN 107194273A CN 201710262534 A CN201710262534 A CN 201710262534A CN 107194273 A CN107194273 A CN 107194273A
- Authority
- CN
- China
- Prior art keywords
- data
- desensitization
- session
- query
- record
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6227—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention belongs to information security field there is provided it is a kind of can continuous-query data desensitization method and system, wherein system includes:Client manager, the session id for submitting user monitors the destruction of session;Desensitize rule setting unit, sets the desensitization that data need to be protected to obey rule for system manager, and delete session data according to session id;Sensitive information processing unit, for storing desensitization function;Query statement modified module, for verifying desensitization regular record integrality, changes query statement;Result set modified module, for carrying out desensitization process to query resultses;Simultaneously the invention discloses a kind of method, the sensitive data that record modification inquiry request sentence and Query Result in desensitization rule and desensitization data record of the desensitization system in session id, desensitization regular record are concentrated.The present invention realizes the protection to the real-time query result set of database, while meeting user according to the demand for having obtained data progress continuous-query.
Description
Technical field
The invention belongs to information security field, it is related to dynamic desensitization technology during a kind of sensitive data continuous-query, specifically
Ground say be it is a kind of can continuous-query data desensitization method and system.
Background technology
With the development of computer technology, all trades and professions all start to be managed using computer and corresponding information technology
And operation, this causes the ability of enterprise's generation, collection, storage and processing data to greatly improve, and data volume increases severely with day, how to protect
The high availability of the security and data of demonstrate,proving private data is increasingly becoming the principal concern of enterprise.
In order to prevent that privacy information is revealed in data publication and data sharing process, many has been proposed so far
The method that the data recorded in database are encrypted.According to incompletely statistics, invention document at present on database protection
Have following:
1. Database Encrypt System, methods and procedures:This invention is added according to the Database Encrypt System of proposition to database
Privacy protection;
2. a kind of database encryption method of layer transparent:This invents the proxy resolution SQL languages for being related to a kind of database-driven
Sentence, while the table name and alias for needing to encrypt are recorded, and the table name and the record of alias according to encryption are carried out to the data of request
Decryption;
3. a kind of Field-level database encryption device:This invention is related to a kind of data base encryption device, can make user according to difference
The different symmetric encipherment algorithms for selecting Database Systems to support the need for Cipher Strength;
4. a kind of embedded database encrypts storage mode:This invention allows the encryption memory module of user's specified database,
It is divided into not encryption mode, Custom Encryption pattern and default encryption pattern.
Invent above, user proposes inquiry request to database, database root returns to inquiry according to the inquiry request of user and tied
Really, wherein the method for employing encryption is handled data, it is necessary to special storage be carried out to key, while in non-decrypting feelings
Under condition, data can not be used normally, secondly, although data are encrypted protection when stored, but be after decrypting when in use
Sensitive data, it is impossible to meet the requirement used after desensitization to other people.There is key from stealing using the mode of encryption simultaneously
Threaten.
The content of the invention
The technical assignment of the present invention is to be directed to above-mentioned the deficiencies in the prior art, is provided to realize to client after desensitization
Query Result data set, can there is provided one kind while alloing user to carry out continuous-query according to data after the desensitization obtained
The data desensitization method and system of continuous-query.
In order to realize above-mentioned target, the present invention is adopted the following technical scheme that:
1st, can continuous-query data desensitization system, it is characterised in that:Include client manager(1), desensitize rule setting list
Member(2), query statement modified module(3), result set modified module(4), sensitive information processing unit(5).
Client manager(1):For receiving client query request, Query Result is returned into client, meeting is monitored
The destruction of words;Simultaneously query statement modified module is submitted to for session id when client query is asked(3)And result set
Modified module(4).
Desensitize rule setting unit(2):Set for system manager needs to protect data in tables of data(Data are long
Degree, data content, data start, desensitize function name), wherein(Data length, data content, data start, desensitization
Function name)Referred to as one desensitization rule, and desensitization rule is stored in desensitization regular record, while for being deleted according to session id
Except the session data in desensitization data record.
Query statement modified module(3):For verifying desensitization regular record integrality, and according to session id, desensitization rule
The data in desensitization rule and desensitization data record in record are looked for all in inquiry request sentence in desensitization data record
Predicate value to matching value replaces with corresponding True Data.
Result set modified module(4):For the desensitization rule in session id, desensitization regular record and desensitization data note
Data in record carry out desensitization process to result set data;
Sensitive information processing unit(5):For storing desensitization function;
2nd, the client manager is used for the destruction for monitoring session, and client manager is periodically to client(Note:Client is
Application server)The current state of each session of poll, if client returns to certain session and destroyed, notifies desensitization rule
Setting unit, desensitization rule setting unit deletes the corresponding data of this session id in desensitization data record.
3rd, the desensitization rule setting unit preserves the desensitization rule of setting after system manager sets desensitization rule
In desensitization regular record, while content array will turn to after character string to enter according to the hashing algorithm of setting in desensitization regular record
Row calculating obtains hashed value, and the data table name and hashed value are stored in the hashed value table in database.
4th, desensitization rule and desensitization data note of the query statement modified module in session id, desensitization regular record
Data modification query statement in record, desensitization regular record therein and desensitization data record or desensitization rule list and
Desensitize tables of data.
5th, desensitization rule and desensitization data note of the query statement modified module in session id, desensitization regular record
Data modification query statement in record, wherein desensitization regular record form is(Data length, data content, data start,
Desensitize function name), wherein desensitization function is predefined, it is stored in sensitive information processing unit.
6th, desensitization rule and desensitization data note of the query statement modified module in session id, desensitization regular record
Data modification query statement in record, wherein the form of desensitization data record is(Data after session id, True Data, desensitization).
7th, the query statement modified module and result set modified module judge whether have desensitization to advise in desensitization regular record
Then with data match, desensitization rule is in the present invention(Data length, data content, data start, desensitize function name),
Data and desensitize rule match definition be:If data are t, from " data start " in t length=data length, and t
Include " data content ".Other requirements to data can also be increased in desensitization rule.
8th, can continuous-query data desensitization system, including client manager(1), desensitization rule setting unit(2), look into
Ask sentence modified module(3), result set modified module(4), sensitive information processing unit(5);(1)With(2)It is connected,(1)With(3)
It is connected,(1)With(4)It is connected,(2)With(5)It is connected,(3)With(5)It is connected,(4)With(5)It is connected,(1)Can with client communication,
(2)、(3)、(4)Can be with database communication.
9th, can continuous-query data desensitization method, it is characterised in that method include three phases:
(1)The Initialize installation stage:
The first step:System manager is set in database by the rule setting unit that desensitizes needs the data of protection in each tables of data
's(Data length, data content, data start, desensitize function name), wherein(Data length, data content, data starting
Position, desensitize function name)Referred to as one desensitization rule;
Second step:This desensitization rule is stored in desensitization regular record by desensitization rule setting unit;
3rd step:Desensitization rule setting unit turns to the content array in this desensitization regular record after character string, by character string
Hash calculating is carried out by setting hashing algorithm and obtains hashed value, and the data table name and hashed value are stored in dissipating in database
In train value table;
(2)Query statement processing stage
The first step:Client-side program to can the data desensitization system of continuous-query initiate inquiry request, and submit session id.
Second step:Client manager receives the inquiry request of client, and obtains current sessions ID, and by this session id
Query statement modified module and result set modified module are submitted to, while inquiry request sentence is handed into query statement modification mould
Block.Query statement modified module makes following operation:
Step 2-1:Query statement modified module obtains the data table name in inquiry request sentence, and is searched according to the data table name
And corresponding desensitization regular record is read, and the content array in this desensitization regular record is turned into character string, character string is pressed
Set hashing algorithm and carry out hash calculating, result of calculation is A;
Step 2-2:The corresponding content of data table name in query statement modified module reading database hashed value table, is set to B, will
A and B are compared, and are verified integrality, are verified and do not pass through if the two is differed, and point out mistake;Tested if the two is identical
Card passes through.
Step 2-3:Query statement modified module parses inquiry request sentence, obtains all meanings in inquiry request sentence
Word;
Step 2-4:Untreated predicate is judged whether, if it does, being set to W and going to step 2-5 to continue executing with;It is no
Then, the inquiry request sentence after processing is submitted into database;
Step 2-5:Judge that predicate W whether there is untreated predicate value, if there is untreated predicate value, if the value is
X, and go to step 2-6 and continue executing with;Otherwise step 2-4 is gone to continue executing with;
Step 2-6:Check in desensitization data record, predicate value is whether there is in data row after the desensitization in this session id correspondence row
X, if there is x, then show the predicate value x in this query statement be before inquiry request desensitization after data, i.e., this inquire about
For continuous-query, the corresponding True Data values of this predicate value x are obtained, y are set to, and inquiry request sentence is replaced using data value y
In predicate value x, go to step 2-5 and continue executing with;Continued executing with if it does not, going to step 2-7;
Step 2-7:Query statement modified module is matched this predicate value x with the desensitization rule in desensitization regular record, such as
Fruit matches in the presence of the first three columns of desensitization rule with this predicate value x, if desensitization rule is r, goes to step 2-8 and continues executing with;
Otherwise step 2-5 is gone to continue executing with;
Step 2-8:The corresponding desensitization function names of desensitization rule r are obtained, F is set to.Predicate value x is transported using desensitization function F
Calculate, data y, i.e. y=F after being desensitized(x), will(Session id, x, y)It is stored in desensitization data record, and goes to step 2-5
Continue executing with.
(3)Result set data processing stage
The first step:Result set modified module reads desensitization regular record.Result set modified module makes following behaviour to Query Result
Make:
Step 3-1:If query resultses are data [] [], while initializing the record that i=0, j=0, len is query resultses
Number;
Step 3-2:Judge i<Len, if i is less than len, goes to step 3-3 and continues executing with;Otherwise, by amended result
Collection returns to client;
Step 3-3:Judge whether j is less than data [i] Field Count, if it is judged that for false, then i++ and go to step
3-2 is continued executing with;Otherwise, data data [i] [j] is obtained, m is set to, the desensitization stored in data m and desensitization regular record is advised
Then match, that is, checking for desensitization rule makes data m match with the first three columns in desensitization rule, if it does, setting
Desensitization rule is dr, goes to step 3-4 and continues executing with;Otherwise, j++ and go to step 3-3 and continue executing with;
Step 3-4:The corresponding desensitization function names of desensitization rule dr are obtained, F is set to2;
Step 3-5:Result set modified module is checked in the True Data row in desensitization data record in this session id correspondence row
It is no to have data m, if it is present obtaining data in corresponding desensitization data row, n is defined as, and result set is replaced using data n
In data m, j++ and go to step 3-3 and continue executing with;If there is no data m, then using desensitization function F2Data m is entered
Row computing, data n, i.e. n=F after being desensitized2(m), will(Session id, m, n)In deposit desensitization data record, and use data n
The data m in result set is replaced, j++ goes to step 3-3 and continued executing with.
(4) session status is monitored:
Client manager is periodically to the current state of each session of clients poll, if client feedback session has been sold
Ruin, client manager notifies the data of this session id of desensitization rule setting element deletion, desensitization rule setting unit will desensitize
The corresponding data of the session id of this in data record are deleted.
The present invention be it is a kind of can continuous-query data desensitization method and system.Have compared with prior art following prominent
Advantage:
1. the safe transmission of result set is realized, while when ensure that query resultses are shared into third party carries out data analysis
Do not reveal private data;
2. user inquires about data, if the returning result of inquiry includes sensitive data, Mobile state desensitization is entered to sensitive data.
Then it is original desensitization data convert according to session simultaneously when user continues to inquire about other field informations according to the data after desensitization
Inquired about after beginning data according to initial data.
3. dialogue-based mechanism, feeds back certain session to client manager when client and destroyed, then desensitization is notified
Rule setting unit deletes the corresponding data of the session stored in the data record that desensitizes, not only saves space, carries simultaneously
High search efficiency.
4. for user and developer, during to service data manipulating, it is not necessary to consider the processing to sensitive data, own
Sensitive data processing operation be transparent to application layer developer and user.
Brief description of the drawings
Fig. 1 be the present invention can continuous-query data desensitization method and the structure chart of system;
Fig. 2 is the flow chart that query statement modified module of the present invention receives data base querying request;
Fig. 3 is the flow chart that result set modified module of the present invention receives query resultses;
Fig. 4 is the exemplary plot of desensitization regular record in the present invention;
Fig. 5 is the exemplary plot of desensitization data record in the present invention.
Claims (9)
1. can continuous-query data desensitization system, it is characterised in that:Include client manager(1), desensitize rule setting list
Member(2), query statement modified module(3), result set modified module(4), sensitive information processing unit(5);
Client manager(1):For receiving client query request, Query Result is returned into client, session is monitored
Destroy;Simultaneously query statement modified module is submitted to for session id when client query is asked(3)With result set modification
Module(4);
Desensitize rule setting unit(2):Set for system manager needs to protect data in tables of data(Data length, number
According to content, data start, desensitize function name), wherein(Data length, data content, data start, desensitize function
Name)Referred to as one desensitization rule, and desensitization rule is stored in desensitization regular record, while for deleting de- according to session id
Session data in quick data record;
Query statement modified module(3):For verifying desensitization regular record integrality, and according to session id, desensitization regular record
In desensitization rule and desensitization data record in data found all in inquiry request sentence in desensitization data record
Predicate value with value replaces with corresponding True Data;
Result set modified module(4):For in the desensitization rule and desensitization data record in session id, desensitization regular record
Data to result set data carry out desensitization process;
Sensitive information processing unit(5):For storing desensitization function.
2. as claimed in claim 1 can continuous-query data desensitization system, it is characterised in that:
The client manager is used for the destruction for monitoring session, and client manager is periodically to client(Note:Client is should
Use server)The current state of each session of poll, if client returns to certain session and destroyed, notifies desensitization rule to set
Unit is put, desensitization rule setting unit deletes the corresponding data of this session id in desensitization data record.
3. as claimed in claim 1 can continuous-query data desensitization system, it is characterised in that:
The desensitization rule of setting is stored in desensitization by the desensitization rule setting unit after system manager sets desensitization rule
In regular record, while content array will turn to after character string and be calculated according to the hashing algorithm of setting in desensitization regular record
Hashed value is obtained, and the data table name and hashed value are stored in the hashed value table in database.
4. as claimed in claim 1 can continuous-query data desensitization system, it is characterised in that:
In desensitization rule and desensitization data record of the query statement modified module in session id, desensitization regular record
Data modification query statement, desensitization regular record therein and desensitization data record or desensitization rule list and desensitization number
According to table.
5. as claimed in claim 1 can continuous-query data desensitization system, it is characterised in that:
In desensitization rule and desensitization data record of the query statement modified module in session id, desensitization regular record
Data modification query statement, wherein desensitization regular record form is(Data length, data content, data start, desensitize letter
It is several), wherein desensitization function is predefined, it is stored in sensitive information processing unit.
6. as claimed in claim 1 can continuous-query data desensitization system, it is characterised in that:
In desensitization rule and desensitization data record of the query statement modified module in session id, desensitization regular record
Data modification query statement, wherein the form of desensitization data record is(Data after session id, True Data, desensitization).
7. as claimed in claim 1 can continuous-query data desensitization system, it is characterised in that:
The query statement modified module and result set modified module judge whether there is desensitization rule and number in desensitization regular record
According to matching, desensitization rule is in the present invention(Data length, data content, data start, desensitize function name), data with
Desensitization rule match definition be:If data are t, include in t length=data length, and t from " data start "
" data content ", can also increase other requirements to data in desensitization rule.
8. as claimed in claim 1 can continuous-query data desensitization system, it is characterised in that:
Can continuous-query data desensitization system, including client manager(1), desensitization rule setting unit(2), query statement
Modified module(3), result set modified module(4), sensitive information processing unit(5);(1)With(2)It is connected,(1)With(3)It is connected,
(1)With(4)It is connected,(2)With(5)It is connected,(3)With(5)It is connected,(4)With(5)It is connected,(1)Can with client communication,(2)、
(3)、(4)Can be with database communication.
9. can continuous-query data desensitization method, it is characterised in that method include three phases:
(1)The Initialize installation stage:
The first step:System manager is set in database by the rule setting unit that desensitizes needs the data of protection in each tables of data
's(Data length, data content, data start, desensitize function name), wherein(Data length, data content, data starting
Position, desensitize function name)Referred to as one desensitization rule;
Second step:This desensitization rule is stored in desensitization regular record by desensitization rule setting unit;
3rd step:Desensitization rule setting unit turns to the content array in this desensitization regular record after character string, by character string
Hash calculating is carried out by setting hashing algorithm and obtains hashed value, and the data table name and hashed value are stored in dissipating in database
In train value table;
(2)Query statement processing stage
The first step:Client-side program to can the data desensitization system of continuous-query initiate inquiry request, and submit session id;
Second step:Client manager receives the inquiry request of client, and obtains current sessions ID, and this session id is submitted
To query statement modified module and result set modified module, while inquiry request sentence is handed into query statement modified module;
Query statement modified module makes following operation:
Step 2-1:Query statement modified module obtains the data table name in inquiry request sentence, and is searched according to the data table name
And corresponding desensitization regular record is read, and the content array in this desensitization regular record is turned into character string, character string is pressed
Set hashing algorithm and carry out hash calculating, result of calculation is A;
Step 2-2:The corresponding content of data table name in query statement modified module reading database hashed value table, is set to B, will
A and B are compared, and are verified integrality, are verified and do not pass through if the two is differed, and point out mistake;Tested if the two is identical
Card passes through;
Step 2-3:Query statement modified module parses inquiry request sentence, obtains all predicates in inquiry request sentence;
Step 2-4:Untreated predicate is judged whether, if it does, being set to W and going to step 2-5 to continue executing with;It is no
Then, the inquiry request sentence after processing is submitted into database;
Step 2-5:Judge that predicate W whether there is untreated predicate value, if there is untreated predicate value, if the value is
X, and go to step 2-6 and continue executing with;Otherwise step 2-4 is gone to continue executing with;
Step 2-6:Check in desensitization data record, predicate value is whether there is in data row after the desensitization in this session id correspondence row
X, if there is x, then show the predicate value x in this query statement be before inquiry request desensitization after data, i.e., this inquire about
For continuous-query, the corresponding True Data values of this predicate value x are obtained, y are set to, and inquiry request sentence is replaced using data value y
In predicate value x, go to step 2-5 and continue executing with;Continued executing with if it does not, going to step 2-7;
Step 2-7:Query statement modified module is matched this predicate value x with the desensitization rule in desensitization regular record, such as
Fruit matches in the presence of the first three columns of desensitization rule with this predicate value x, if desensitization rule is r, goes to step 2-8 and continues executing with;
Otherwise step 2-5 is gone to continue executing with;
Step 2-8:The corresponding desensitization function names of desensitization rule r are obtained, F is set to;
Computing, data y, i.e. y=F after being desensitized are carried out to predicate value x using desensitization function F(x), will(Session id, x, y)Protect
In the presence of in desensitization data record, and go to step 2-5 and continue executing with;
(3)Result set data processing stage
The first step:Result set modified module reads desensitization regular record;
Result set modified module makes following operation to Query Result:
Step 3-1:If query resultses are data [] [], while initializing the record that i=0, j=0, len is query resultses
Number;
Step 3-2:Judge i<Len, if i is less than len, goes to step 3-3 and continues executing with;Otherwise, by amended result
Collection returns to client;
Step 3-3:Judge whether j is less than data [i] Field Count, if it is judged that for false, then i++ and go to step
3-2 is continued executing with;Otherwise, data data [i] [j] is obtained, m is set to, the desensitization stored in data m and desensitization regular record is advised
Then match, that is, checking for desensitization rule makes data m match with the first three columns in desensitization rule, if it does, setting
Desensitization rule is dr, goes to step 3-4 and continues executing with;Otherwise, j++ and go to step 3-3 and continue executing with;
Step 3-4:The corresponding desensitization function names of desensitization rule dr are obtained, F is set to2;
Step 3-5:Result set modified module is checked in the True Data row in desensitization data record in this session id correspondence row
It is no to have data m, if it is present obtaining data in corresponding desensitization data row, n is defined as, and result set is replaced using data n
In data m, j++ and go to step 3-3 and continue executing with;If there is no data m, then using desensitization function F2Data m is entered
Row computing, data n, i.e. n=F after being desensitized2(m), will(Session id, m, n)In deposit desensitization data record, and use data n
The data m in result set is replaced, j++ goes to step 3-3 and continued executing with;
(4) session status is monitored:
Client manager is periodically to the current state of each session of clients poll, if client feedback session has been sold
Ruin, client manager notifies the data of this session id of desensitization rule setting element deletion, desensitization rule setting unit will desensitize
The corresponding data of the session id of this in data record are deleted.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710262534.5A CN107194273B (en) | 2017-04-20 | 2017-04-20 | Data desensitization method and system capable of being queried continuously |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710262534.5A CN107194273B (en) | 2017-04-20 | 2017-04-20 | Data desensitization method and system capable of being queried continuously |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107194273A true CN107194273A (en) | 2017-09-22 |
| CN107194273B CN107194273B (en) | 2020-07-03 |
Family
ID=59871750
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710262534.5A Active CN107194273B (en) | 2017-04-20 | 2017-04-20 | Data desensitization method and system capable of being queried continuously |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107194273B (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107798250A (en) * | 2017-10-13 | 2018-03-13 | 平安科技(深圳)有限公司 | Delivery method, application server and the computer-readable recording medium of sensitive information shielding rules |
| CN110347657A (en) * | 2019-05-27 | 2019-10-18 | 平安银行股份有限公司 | Data creation method, device, electronic equipment and storage medium |
| CN110443059A (en) * | 2018-05-02 | 2019-11-12 | 中兴通讯股份有限公司 | Data guard method and device |
| CN110516466A (en) * | 2019-07-12 | 2019-11-29 | 苏州浪潮智能科技有限公司 | A kind of data desensitization method and device |
| CN111274610A (en) * | 2020-01-21 | 2020-06-12 | 京东数字科技控股有限公司 | Data desensitization method and device and desensitization service platform |
| CN111858546A (en) * | 2020-06-22 | 2020-10-30 | 网联清算有限公司 | Data processing method, device and system |
| CN112948877A (en) * | 2021-03-03 | 2021-06-11 | 北京中安星云软件技术有限公司 | Dynamic database desensitization method and system based on TCP (Transmission control protocol) proxy |
| CN117993006A (en) * | 2024-01-19 | 2024-05-07 | 北京原点数安科技有限公司 | Data desensitizing method, device, electronic equipment and storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20130229333A1 (en) * | 2012-03-05 | 2013-09-05 | Edward L. Schwartz | Automatic ending of interactive whiteboard sessions |
| CN106228084A (en) * | 2016-07-19 | 2016-12-14 | 北京同余科技有限公司 | Data guard method that the sensitive field of based role dynamically adjusts and system |
| CN106534223A (en) * | 2017-01-22 | 2017-03-22 | 上海新炬网络信息技术有限公司 | Key algorithm and log auditing based Openstack access control method |
-
2017
- 2017-04-20 CN CN201710262534.5A patent/CN107194273B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20130229333A1 (en) * | 2012-03-05 | 2013-09-05 | Edward L. Schwartz | Automatic ending of interactive whiteboard sessions |
| CN106228084A (en) * | 2016-07-19 | 2016-12-14 | 北京同余科技有限公司 | Data guard method that the sensitive field of based role dynamically adjusts and system |
| CN106534223A (en) * | 2017-01-22 | 2017-03-22 | 上海新炬网络信息技术有限公司 | Key algorithm and log auditing based Openstack access control method |
Non-Patent Citations (2)
| Title |
|---|
| SUM KENG CHUNG ET AL.: "SQL Injections Attack and Session Hijacking on E-Learning Systems", 《2014 INTERNATIONAL CONFERENCE ON COMPUTER, COMMUNICATIONS, AND CONTROL TECHNOLOGY (I4CT)》 * |
| 王艳等: "网络用户行为的隐私保护数据挖掘方法", 《计算机工程与应用》 * |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107798250A (en) * | 2017-10-13 | 2018-03-13 | 平安科技(深圳)有限公司 | Delivery method, application server and the computer-readable recording medium of sensitive information shielding rules |
| CN107798250B (en) * | 2017-10-13 | 2021-08-24 | 平安科技(深圳)有限公司 | Sensitive information shielding rule issuing method, application server and computer readable storage medium |
| CN110443059A (en) * | 2018-05-02 | 2019-11-12 | 中兴通讯股份有限公司 | Data guard method and device |
| CN110347657A (en) * | 2019-05-27 | 2019-10-18 | 平安银行股份有限公司 | Data creation method, device, electronic equipment and storage medium |
| CN110347657B (en) * | 2019-05-27 | 2023-08-22 | 平安银行股份有限公司 | Data generation method, device, electronic equipment and storage medium |
| CN110516466A (en) * | 2019-07-12 | 2019-11-29 | 苏州浪潮智能科技有限公司 | A kind of data desensitization method and device |
| CN111274610A (en) * | 2020-01-21 | 2020-06-12 | 京东数字科技控股有限公司 | Data desensitization method and device and desensitization service platform |
| CN111858546A (en) * | 2020-06-22 | 2020-10-30 | 网联清算有限公司 | Data processing method, device and system |
| CN112948877A (en) * | 2021-03-03 | 2021-06-11 | 北京中安星云软件技术有限公司 | Dynamic database desensitization method and system based on TCP (Transmission control protocol) proxy |
| CN117993006A (en) * | 2024-01-19 | 2024-05-07 | 北京原点数安科技有限公司 | Data desensitizing method, device, electronic equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN107194273B (en) | 2020-07-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107194273A (en) | Can continuous-query data desensitization method and system | |
| AU2018367363B2 (en) | Processing data queries in a logically sharded data store | |
| US10873450B2 (en) | Cryptographic key generation for logically sharded data stores | |
| Li et al. | A hybrid cloud approach for secure authorized deduplication | |
| Kumar et al. | Data integrity proofs in cloud storage | |
| EP2731041B1 (en) | Computer system for storing and retrieval of encrypted data items, client computer, computer program product and computer-implemented method | |
| CA2916954C (en) | Virtual service provider zones | |
| US20090296926A1 (en) | Key management using derived keys | |
| EP2103032B1 (en) | Privacy enhanced comparison of data sets | |
| CN106936771A (en) | A kind of secure cloud storage method and system based on graded encryption | |
| CN103107889A (en) | System and method for cloud computing environment data encryption storage and capable of searching | |
| CN106776904A (en) | The fuzzy query encryption method of dynamic authentication is supported in a kind of insincere cloud computing environment | |
| Ma et al. | CP‐ABE‐Based Secure and Verifiable Data Deletion in Cloud | |
| CA3065767C (en) | Cryptographic key generation for logically sharded data stores | |
| KR20220092811A (en) | Method and device for storing encrypted data | |
| US11216575B2 (en) | Enhanced securing and secured processing of data at rest | |
| Salmani | An efficient, verifiable, and dynamic searchable symmetric encryption with forward privacy | |
| Suthar et al. | EncryScation: A novel framework for cloud iaas, daas security using encryption and obfuscation techniques | |
| Tayade et al. | Survey paper on a secure and authorized de-duplication scheme using hybrid cloud approach for multimedia data | |
| TWI709079B (en) | Document fragmentation publishing and confidential control system and technology thereof | |
| Venkatesan et al. | Data De-Duplication Process and Authentication Using ERCE with Poisson Filter in Cloud Data Storage. | |
| Rattan et al. | Survey on Secure Encrypted Data with Authorized De-duplication | |
| Latha et al. | BLOCK CHAIN BASED SECURED DATA SHARING SYSTEM FOR CLOUD ENVIRONMENT | |
| CN114048454A (en) | Digital certificate transmission method and device, computer equipment and storage medium | |
| Bramhe et al. | Multi-Cloud Secure Data storage using Cryptographic Techniques |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20200610 Address after: 518000 Guangdong city of Shenzhen province Qianhai Shenzhen Hong Kong cooperation zone before Bay Road No. 1 building 201 room A (located in Shenzhen Qianhai business secretary Co. Ltd.) Applicant after: Lianyirong Digital Technology Group Co., Ltd Address before: 100044 Beijing City, Haidian District Xizhimen North Street No. 41 days trillion homes 3-B-1902 Applicant before: BEIJING SECSMARTS TECHNOLOGY Co.,Ltd. |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |