CN107563937A - Hierarchical protection based on big data closes safely rule inspection method and system - Google Patents
Hierarchical protection based on big data closes safely rule inspection method and system Download PDFInfo
- Publication number
- CN107563937A CN107563937A CN201710785914.7A CN201710785914A CN107563937A CN 107563937 A CN107563937 A CN 107563937A CN 201710785914 A CN201710785914 A CN 201710785914A CN 107563937 A CN107563937 A CN 107563937A
- Authority
- CN
- China
- Prior art keywords
- target
- information
- checked
- safety
- knowledge base
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
Closing rule inspection method and system, this method safely the invention provides a kind of hierarchical protection based on big data includes:The target checking tool for determining to match with attribute information according to the attribute information of information system to be checked;According to target checking tool to information system inspection to be checked, inspection result is obtained;Inspection result is checked that knowledge base matches with target, the first safety is obtained and closes rule audit report;Rule audit report supplement is closed to the first safety according to the artificial evaluating result of user, the second safety is obtained and closes rule audit report.In the method for the present invention, the target checking tool of matching is determined according to attribute information, when being checked using target checking tool, the inspection result for checking to obtain is more, precision is high, reduce artificial assessment work amount, improve inspection efficiency, alleviate in traditional inspection method, the checking tool of matching can not be provided according to user's request, so as to cause to check obtained result very little, low precision, the technical problem of artificial assessment work amount is added.
Description
Technical field
The present invention relates to the technical field of information security hierarchical protection, is protected more particularly, to a kind of grade based on big data
Shield safety closes rule inspection method and system.
Background technology
Information security grade protection be China in the evolution of national economy and social IT application, ensure and promote
Enter a primary institution of informatization sound development.
The arrival for protecting 2.0 with waiting, for information system progressively to developing on cloud, hierarchical protection basic demand also incorporates cloud meter
The clauses such as calculation, big data, mobile Internet, Internet of Things, wait protect 2.0 involved by face it is too wide, cloud computing is very complicated, is integrated with too
More technologies, hierarchical protection check oneself, test and assess and supervised that difficulty is increasing, and the professional knowledge and technical ability to inspection personnel also require
More and more higher.Traditional hierarchical protection checking tool case can not meet current demands on examination, because they rely on single machine
Guarantor is waited to check that knowledge base is too weak constructed by structure, hierarchical protection checking process can not be directed to the various of various different information systems
Situation is shown, and the hierarchical protection checking tool that individual security business men is developed comprehensively In Grade can not also be protected respectively
The requirement of individual aspect carries out comprehensive thorough examination.Hierarchical protection inspection may simply have a glance at, and only do few part
Content.
To sum up, in existing hierarchical protection closes safely rule inspection method, hierarchical protection checking tool has limitation, nothing
Method provides the hierarchical protection checking tool of matching according to the demand of user, and waiting for being checked automatically in hierarchical protection checking process is protected
Very little, the result for checking to obtain is not comprehensive enough, low precision for clause.
The content of the invention
In view of this, it is an object of the invention to provide a kind of hierarchical protection based on big data to close safely rule inspection method
And system, closed safely in rule inspection method with alleviating existing hierarchical protection, due to can not be provided therewith according to the demand of user
Check that the information that obtained safety is closed in rule audit report has certain limitation caused by the hierarchical protection checking tool to match
Property technical problem, simultaneously because inspection method of the prior art has certain limitation, so as to cause to check precision compared with
Difference, and add artificial assessment work amount.
In a first aspect, the embodiments of the invention provide a kind of hierarchical protection based on big data to close safely rule inspection method,
Methods described includes:
The target checking tool for determining to match with the attribute information according to the attribute information of information system to be checked, its
In, the target checking tool is for the instrument to the information system progress hierarchical protection inspection to be checked, the attribute
Information includes:Industry, title, demands on examination;
The information system to be checked is checked according to the target checking tool, to obtain inspection result;
The inspection result is checked that knowledge base is matched with target, rule audit report is closed to obtain the first safety, its
In, the target checks that knowledge base includes the clause information for waiting guarantor to close rule;
Rule audit report is closed to the described first safety to supplement, obtain the second safety according to the artificial evaluating result of user
Close rule audit report.
With reference in a first aspect, the embodiments of the invention provide the possible embodiment of the first of first aspect, wherein, institute
Stating method also includes:
Rule audit report is closed to the described second safety to analyze, and is carried out with the clause checked the target in knowledge base
Expand.
With reference in a first aspect, the embodiments of the invention provide the possible embodiment of second of first aspect, wherein, it is right
Second safety is closed rule audit report and analyzed, and carrying out expansion with the clause checked the target in knowledge base includes:
Shield second safety and close the sensitive information advised in audit report, obtain safety to be analyzed and close rule audit report,
Wherein, the sensitive information is the information associated with the privacy of the information system owned enterprise to be checked;
The safety to be analyzed is closed to the report content and the target at current time inspection knowledge in rule audit report
Storehouse is contrasted, and the target inspection knowledge base with the current time advised in audit report is closed to obtain the safety to be analyzed
Duplicate contents;
It is described it is to be analyzed safety close rule audit report in remove the duplicate contents, and will remove the duplicate contents it
The safety to be analyzed afterwards closes rule audit report as information to be encoded;
Knowledge base coding is carried out to the information to be encoded, obtains knowledge base clause;
The knowledge base clause is preserved to the target and checked in knowledge base, to check in knowledge base the target
Clause is expanded.
With reference in a first aspect, the embodiments of the invention provide the possible embodiment of the third of first aspect, wherein, institute
Stating method also includes:
If being not determined by the target checking tool matched with the attribute information, the attribute information is analyzed,
Determine the tool information of target checking tool leaved for development;
The tool information determined is sent to developer, so that the developer examines to the target leaved for development
The instrument of looking into is developed.
With reference in a first aspect, the embodiments of the invention provide the possible embodiment of the 4th of first aspect kind, wherein, root
The target checking tool for determining to match with the attribute information according to the attribute information of information system to be checked, including:
Target database is obtained, wherein, examined in the target database comprising the target checking tool and the target
The corresponding relation looked between the history inspection result of instrument;
The attribute information is matched with the target database, to determine the institute to match with the attribute information
State target checking tool.
With reference in a first aspect, the embodiments of the invention provide the possible embodiment of the 5th of first aspect kind, wherein, institute
Target checking tool is stated to comprise at least:Baseline verifies instrument, vulnerability scanners, penetration testing instrument and self-defined checking tool,
Wherein, the self-defined checking tool is the instrument that developer's independent development obtains.
Second aspect, the embodiment of the present invention, which additionally provides a kind of hierarchical protection based on big data and closes rule safely and check, is
System, the system include:
Determining module, for the mesh for determining to match with the attribute information according to the attribute information of information system to be checked
Checking tool is marked, wherein, the target checking tool is for carrying out hierarchical protection inspection to the information system to be checked
Instrument, the attribute information include:Industry, title, demands on examination;
Module is checked, for being checked according to the target checking tool the information system to be checked, to obtain
Inspection result;
Matching module, for the inspection result to be checked into knowledge base is matched with target, closed with obtaining the first safety
Audit report is advised, wherein, the target checks that knowledge base includes the clause information for waiting guarantor to close rule;
Complementary module, rule audit report is closed to the described first safety for the artificial evaluating result according to user and mended
Fill, obtain the second safety and close rule audit report.
With reference to second aspect, the embodiments of the invention provide the possible embodiment of the first of second aspect, wherein, institute
Stating system also includes:
First analysis module, analyzed for closing rule audit report to the described second safety, with to the target inspection
Clause in knowledge base is expanded.
With reference to second aspect, the embodiments of the invention provide the possible embodiment of second of second aspect, wherein, institute
Stating the first analysis module includes:
Screen unit, the sensitive information advised in audit report is closed for shielding second safety, obtains safety to be analyzed
Rule audit report is closed, wherein, the sensitive information is the letter associated with the privacy of the information system owned enterprise to be checked
Breath;
Comparison unit, for closing the safety to be analyzed described in report content and current time in rule audit report
Target checks that knowledge base is contrasted, and the mesh with the current time advised in audit report is closed to obtain the safety to be analyzed
Mark checks the duplicate contents of knowledge base;
Duplicate removal unit, for removing the duplicate contents in closing rule audit report in the safety to be analyzed, and it will remove
The safety to be analyzed after the duplicate contents closes rule audit report as information to be encoded;
Knowledge base coding unit, for carrying out knowledge base coding to the information to be encoded, obtain knowledge base clause;
Storage unit, checked for the knowledge base clause to be preserved to the target in knowledge base, with to the target
Check that the clause in knowledge base is expanded.
With reference to second aspect, the embodiments of the invention provide the possible embodiment of the third of second aspect, wherein, institute
Stating system also includes:
Second analysis module, if the target checking tool matched with the attribute information is not determined by, to the attribute
Information is analyzed, and determines the tool information of target checking tool leaved for development;
Sending module, for the tool information determined to be sent to developer, so that the developer is to described
Target checking tool leaved for development is developed.
The embodiment of the present invention brings following beneficial effect:The embodiments of the invention provide a kind of grade based on big data
Protection safety, which closes rule inspection method and system, this method, to be included:According to the determination of the attribute information of information system to be checked and attribute
The target checking tool of information match, wherein, target checking tool is for carrying out hierarchical protection to information system to be checked
The instrument of inspection, attribute information include:Industry, title, demands on examination;Information system to be checked is entered according to target checking tool
Row checks, to obtain inspection result;Inspection result is checked that knowledge base is matched with target, rule inspection is closed to obtain the first safety
Report is looked into, wherein, target checks that knowledge base includes the clause information for waiting guarantor to close rule;According to the artificial evaluating result of user to
One safety is closed rule audit report and supplemented, and obtains the second safety and closes rule audit report.
Traditional hierarchical protection is closed safely in rule inspection method, and the hierarchical protection of matching can not be provided according to the demand of user
Checking tool.Compared with traditional hierarchical protection checking tool method, the peace of the hierarchical protection based on big data in the present invention
It is complete to close in rule inspection method, it can be determined to examine with the target that attribute information matches according to the attribute information of information system to be checked
Instrument is looked into, and then, information system to be checked is checked according to target checking tool, obtains inspection result, then, will be checked
As a result check that knowledge base is matched with target, obtain the first safety and close rule audit report, finally, according to the artificial test and appraisal of user
As a result close rule audit report to the first safety to supplement, obtain the second safety and close rule audit report.The present invention's is counted based on big
According to hierarchical protection safely close rule inspection method in, matching can be automatically determined out according to the attribute information of information system to be checked
Target checking tool, when checking information system to be checked using target checking tool, check that to obtain more
Inspection result, precision is high, the first safety obtained from close it is involved in rule audit report to wait guarantor to close rule clause more,
Reduce the workload artificially tested and assessed, improve the efficiency of inspection, alleviate traditional hierarchical protection and close rule inspection method safely
In, hierarchical protection checking tool has limitation, and the hierarchical protection checking tool of matching can not be provided according to the demand of user, from
And cause to check obtained result very little, low precision, add the technical problem of artificial assessment work amount.
Other features and advantages of the present invention will illustrate in the following description, also, partly become from specification
Obtain it is clear that or being understood by implementing the present invention.The purpose of the present invention and other advantages are in specification, claims
And specifically noted structure is realized and obtained in accompanying drawing.
To enable the above objects, features and advantages of the present invention to become apparent, preferred embodiment cited below particularly, and coordinate
Appended accompanying drawing, is described in detail below.
Brief description of the drawings
, below will be to specific in order to illustrate more clearly of the specific embodiment of the invention or technical scheme of the prior art
The required accompanying drawing used is briefly described in embodiment or description of the prior art, it should be apparent that, in describing below
Accompanying drawing is some embodiments of the present invention, for those of ordinary skill in the art, before creative work is not paid
Put, other accompanying drawings can also be obtained according to these accompanying drawings.
Fig. 1 is the flow that a kind of hierarchical protection based on big data provided in an embodiment of the present invention closes safely rule inspection method
Figure;
Fig. 2 is analyzed the second safety conjunction rule audit report to be provided in an embodiment of the present invention, to know target inspection
Know the flow chart that the clause in storehouse is expanded;
Fig. 3 is in the case of the target checking tool provided in an embodiment of the present invention for being not determined by matching with attribute information
Flow chart;
Fig. 4 is the structure that a kind of hierarchical protection based on big data provided in an embodiment of the present invention closes safely rule inspection system
Schematic diagram.
Icon:
11- determining modules;12- checks module;13- matching modules;14- complementary modules.
Embodiment
To make the purpose, technical scheme and advantage of the embodiment of the present invention clearer, below in conjunction with accompanying drawing to the present invention
Technical scheme be clearly and completely described, it is clear that described embodiment is part of the embodiment of the present invention, rather than
Whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art are not making creative work premise
Lower obtained every other embodiment, belongs to the scope of protection of the invention.
For ease of understanding the present embodiment, first to a kind of disclosed in the embodiment of the present invention based on big data etc.
Level protection safety is closed rule inspection method and described in detail.
Embodiment one:
The embodiments of the invention provide a kind of hierarchical protection based on big data to close safely rule inspection method, should with reference to figure 1
Method includes:
S101, the target checking tool for determining to match with attribute information according to the attribute information of information system to be checked,
Wherein, target checking tool is the instrument for carrying out hierarchical protection inspection to information system to be checked, and attribute information includes:OK
Industry, title, demands on examination;
In embodiments of the present invention, it is specially hierarchical protection peace that the hierarchical protection based on big data, which closes safely rule inspection method,
The full method closed performed by rule inspection platform.User protects safety to close when rule check platform, it is necessary to input to be checked in service rating
The attribute information of information system is looked into, such as, the industry belonging to information system to be checked, the title and use of information system to be checked
The demands on examination at family etc..
After the completion of user inputs attribute information, platform is capable of determining that the target to match with attribute information checks work
Tool, that is, platform can recommend a suitable target checking tool to be checked for information system to be checked.
Wherein, information system to be checked includes web station system, server, the network equipment, database etc., and they are collectively referred to as
One system.
S103, according to target checking tool information system to be checked is checked, to obtain inspection result;
After target checking tool is obtained, it becomes possible to information system to be checked is checked according to target checking tool,
Obtain inspection result.
For example target checking tool, when checking some web station system, inspection has obtained web station system presence
Web leaks, here it is an inspection result.
S105, inspection result and target checked that knowledge base is matched, rule audit report is closed to obtain the first safety, its
In, target checks that knowledge base includes the clause information for waiting guarantor to close rule;
After inspection result is obtained, inspection result is checked that knowledge base is matched with target, it becomes possible to obtain the first peace
It is complete to close rule audit report.
Goal checks that the target after the completion of the actual expansion for last moment of knowledge base checks knowledge base, target inspection
The information and inspection result information of requirements of the national standard are contained in knowledge base;First safety, which closes rule audit report, to be included:In the presence of
Safety problem, improving suggestions, the inspection result, the overall inspection result of system etc. of certain unit in system.
S107, rule audit report is closed to the first safety according to the artificial evaluating result of user supplemented, obtain the second peace
It is complete to close rule audit report.
Target checking tool checks that the obtain first safety closes the bar for the hierarchical protection being related in rule audit report automatically
Money information is not comprehensive enough, and the information for having fraction needs artificial test and appraisal, and then is pacified according to the artificial evaluating result of user to first
Full rule audit report of closing is supplemented, and is obtained the second safety and is closed rule audit report.
Traditional hierarchical protection is closed safely in rule inspection method, and the hierarchical protection of matching can not be provided according to the demand of user
Checking tool.Compared with traditional hierarchical protection checking tool method, the peace of the hierarchical protection based on big data in the present invention
It is complete to close in rule inspection method, it can be determined to examine with the target that attribute information matches according to the attribute information of information system to be checked
Instrument is looked into, and then, information system to be checked is checked according to target checking tool, obtains inspection result, then, will be checked
As a result check that knowledge base is matched with target, obtain the first safety and close rule audit report, finally, according to the artificial test and appraisal of user
As a result close rule audit report to the first safety to supplement, obtain the second safety and close rule audit report.The present invention's is counted based on big
According to hierarchical protection safely close rule inspection method in, matching can be automatically determined out according to the attribute information of information system to be checked
Target checking tool, when checking information system to be checked using target checking tool, check that to obtain more
Inspection result, precision is high, the first safety obtained from close it is involved in rule audit report to wait guarantor to close rule clause more,
Reduce the workload artificially tested and assessed, improve the efficiency of inspection, alleviate traditional hierarchical protection and close rule inspection method safely
In, hierarchical protection checking tool has limitation, and the hierarchical protection checking tool of matching can not be provided according to the demand of user, from
And cause to check obtained result very little, low precision, add the technical problem of artificial assessment work amount.
After obtaining the second safety and closing rule audit report, this method also includes:
Rule audit report is closed to the second safety to analyze, to check target the clause in knowledge base expands.
Second safety is closed the mode analyzed of rule audit report have it is a variety of, in one alternatively embodiment, ginseng
Fig. 2 is examined, rule audit report is closed to the second safety and analyzed, with the process expanded the clause in target inspection knowledge base
It is described as follows:
S201, the safety of shielding second close the sensitive information in rule audit report, obtain safety to be analyzed and close rule audit report,
Wherein, sensitive information is the information associated with the privacy of information system owned enterprise to be checked;
After obtaining the second safety and closing rule audit report, platform meeting the second safety of automatic shield closes one in rule audit report
A little sensitive informations, obtain safety to be analyzed and close rule audit report.
S202, it is analysed to close safely report content in rule audit report and the target at current time checks that knowledge base is entered
Go and contrast, to obtain the duplicate contents that safety to be analyzed closes the target inspection knowledge base with current time in rule audit report;
After obtaining safety to be analyzed and closing rule audit report, be analysed to close safely report content in rule audit report with
The target at current time checks that knowledge base is contrasted, with obtain safety to be analyzed close in rule audit report with current time
Target checks the duplicate contents of knowledge base.
S203, duplicate contents are removed in safety to be analyzed closes rule audit report, and will be treated after removal duplicate contents
Analysis safety closes rule audit report as information to be encoded;
After duplicate contents are obtained, remove safety to be analyzed and close the repetition that knowledge base is checked with target advised in audit report
Content, obtain information to be encoded.
S204, coding information progress knowledge base coding is treated, obtain knowledge base clause;
After obtaining information to be encoded, treat coding information and carry out knowledge base coding, the knowledge base clause that can just arrive.
S205, by knowledge base clause preserve to target check knowledge base in, with to target check knowledge base in clause enter
Row expands.
Finally, target knowledge base clause preserved to current time is checked in knowledge base, with the target to current time
Check that the clause in knowledge base is expanded, the target after expansion is checked that knowledge base is used in the inspection of subsequent time.
Knowledge base, which expands, to be checked to target by the above method, knowledge base weakness is checked to alleviate the guarantor such as existing
Technical problem, the target after expansion check that knowledge base just can more annotate the clause of hierarchical protection comprehensively and effectively.
Said process describes to be defined according to the attribute information of information system to be checked to match with attribute information
Target checking tool, alternatively, should with reference to figure 3 if be not determined by the target checking tool to match with attribute information
Method also includes:
S301, attribute information is analyzed, determine the tool information of target checking tool leaved for development;
If the target checking tool to match with attribute information is not found, then platform can be automatically to attribute information
Analyzed, determine the tool information of target checking tool leaved for development.
S302, the tool information determined sent to developer, so that developer is to target checking tool leaved for development
Developed.
After the tool information of target checking tool leaved for development is determined, by the instrument of target checking tool leaved for development
Information is sent to developer, so that developer is developed.
Analyzed in addition, platform also can close rule audit report to the first safety, the safety of analysis first closes rule audit report
In be not involved except the clause of hierarchical protection being related to, the clause of which hierarchical protection, reason is analyzed, as developer sends
The result of analysis, so that developer develops according to analysis result to target checking tool.
Alternatively, target checking tool comprises at least:Baseline verify instrument, vulnerability scanners, penetration testing instrument and from
Checking tool is defined, wherein, self-defined checking tool is the instrument that developer's independent development obtains.
The target inspection to be matched in step S101 according to the determination of the attribute information of information system to be checked with attribute information
The mode of instrument have it is a variety of, in one alternatively embodiment, according to the attribute information of information system to be checked determine and belong to
The process description of the target checking tool of property information match is as follows:
Target database is obtained, wherein, the history comprising target checking tool with target checking tool in target database
Corresponding relation between inspection result;
In embodiments of the present invention, each target checking tool is after checking information system to be checked, platform
The inspection result of target checking tool will be automatically saved, meanwhile, target checks that knowledge base can also count each target inspection
What instrument check that waits guarantor to close the clause advised.
Attribute information is matched with target database, to determine the target checking tool to match with attribute information.
After target database is obtained, attribute information is matched with target database, platform just can determine that out target
Checking tool.
Because platform, target checks that knowledge base can store the relevant information checked each time, so, it is determined that target inspection
During instrument, it can recommend more suitably target checking tool (it is more that the grade guarantor that check that to obtain closes rule clause).
To sum up, the present invention compared with prior art, has advantages below:
(1) check that efficiency significantly improves;
(2) information system to be checked is complicated and changeable, and target checks that knowledge base is constantly updated to adapt to the to be checked of every profession and trade
Information system waits guarantor to check;
(3) cover it is most complete wait guarantor to close rule checking tool (i.e. target checking tool), wait guarantor to check more comprehensive careful;
(4) there is bottom intellectual analysis engine so that target checks the matching more refinement of knowledge base and target checking tool
Cause, realize that intelligent Matching associates;
(5) safety obtained is closed rule audit report and more had authoritative weight, and the construction to information system to be checked is with more ginseng
Examine value.
Embodiment two:
The embodiment of the present invention additionally provides a kind of hierarchical protection based on big data and closes rule inspection system safely, with reference to figure 4,
The system includes:
Determining module 11, for the target for determining to match with attribute information according to the attribute information of information system to be checked
Checking tool, wherein, target checking tool is the instrument for carrying out hierarchical protection inspection to information system to be checked, and attribute is believed
Breath includes:Industry, title, demands on examination;
Module 12 is checked, for being checked according to target checking tool information system to be checked, to obtain checking knot
Fruit;
Matching module 13, for inspection result to be checked into knowledge base is matched with target, rule are closed to obtain the first safety
Audit report, wherein, target checks that knowledge base includes the clause information for waiting guarantor to close rule;
Complementary module 14, rule audit report is closed to the first safety for the artificial evaluating result according to user and supplemented,
Obtain the second safety and close rule audit report.
The hierarchical protection based on big data in the present invention is closed safely in rule inspection system, can be according to information to be checked
The attribute information of system determines the target checking tool to match with attribute information, and then, according to target checking tool to be checked
Look into information system to be checked, obtain inspection result, then, inspection result is checked that knowledge base is matched with target, obtained
First safety closes rule audit report, finally, closes rule audit report to the first safety according to the artificial evaluating result of user and mends
Fill, obtain the second safety and close rule audit report.The hierarchical protection based on big data of the present invention is closed safely in rule check device, energy
Enough target checking tools that matching is automatically determined out according to the attribute information of information system to be checked, using target checking tool
When checking information system to be checked, it check that to obtain more inspection results, precision is high, the first peace obtained from
Close entirely waits guarantor's conjunction rule clause more involved by rule audit report, reduces the workload artificially tested and assessed, improves inspection
Efficiency, alleviate traditional hierarchical protection and close safely in rule inspection method, hierarchical protection checking tool has limitation, can not
The hierarchical protection checking tool of matching is provided according to the demand of user, so as to cause to check obtained result very little, low precision, increased
The technical problem of artificial assessment work amount is added.
Alternatively, the system also includes:
First analysis module, analyzed for closing rule audit report to the second safety, to check in knowledge base target
Clause expanded.
Alternatively, the first analysis module includes:
Screen unit, the sensitive information advised in audit report is closed for shielding the second safety, safety to be analyzed is obtained and closes rule
Audit report, wherein, sensitive information is the information associated with the privacy of information system owned enterprise to be checked;
Comparison unit, for being analysed to close the report content in rule audit report and the target inspection at current time safely
Knowledge base is contrasted, to obtain the weight that safety to be analyzed closes the target inspection knowledge base with current time in rule audit report
Multiple content;
Duplicate removal unit, for removing duplicate contents in closing rule audit report in safety to be analyzed, and duplicate contents will be removed
Safety to be analyzed afterwards closes rule audit report as information to be encoded;
Knowledge base coding unit, knowledge base coding is carried out for treating coding information, obtains knowledge base clause;
Storage unit, checked for knowledge base clause to be preserved to target in knowledge base, to check in knowledge base target
Clause expanded.
Alternatively, the system also includes:
Second analysis module, if being not determined by the target checking tool matched with attribute information, attribute information is carried out
Analysis, determine the tool information of target checking tool leaved for development;
Sending module, for the tool information determined to be sent to developer, so that developer is to target leaved for development
Checking tool is developed.
Optionally it is determined that module includes:
Acquiring unit, for obtaining target database, wherein, examined in target database comprising target checking tool and target
The corresponding relation looked between the history inspection result of instrument;
Matching unit, for attribute information to be matched with target database, to determine what is matched with attribute information
Target checking tool.
Alternatively, target checking tool comprises at least:Baseline verify instrument, vulnerability scanners, penetration testing instrument and from
Checking tool is defined, wherein, self-defined checking tool is the instrument that developer's independent development obtains.
Content in the embodiment two may be referred to the content in above-described embodiment one, no longer be repeated herein.
The hierarchical protection based on big data that the embodiment of the present invention is provided closes safely the calculating of rule inspection method and system
Machine program product, including the computer-readable recording medium of program code is stored, the instruction that described program code includes can use
In the method described in previous methods embodiment that performs, specific implementation can be found in embodiment of the method, will not be repeated here.
It is apparent to those skilled in the art that for convenience and simplicity of description, the system of foregoing description
With the specific work process of device, the corresponding process in preceding method embodiment is may be referred to, will not be repeated here.
In addition, in the description of the embodiment of the present invention, unless otherwise clearly defined and limited, term " installation ", " phase
Even ", " connection " should be interpreted broadly, for example, it may be being fixedly connected or being detachably connected, or be integrally connected;Can
To be mechanical connection or electrical connection;Can be joined directly together, can also be indirectly connected by intermediary, Ke Yishi
The connection of two element internals.For the ordinary skill in the art, with concrete condition above-mentioned term can be understood at this
Concrete meaning in invention.
If the function is realized in the form of SFU software functional unit and is used as independent production marketing or in use, can be with
It is stored in a computer read/write memory medium.Based on such understanding, technical scheme is substantially in other words
The part to be contributed to prior art or the part of the technical scheme can be embodied in the form of software product, the meter
Calculation machine software product is stored in a storage medium, including some instructions are causing a computer equipment (can be
People's computer, server, or network equipment etc.) perform all or part of step of each embodiment methods described of the present invention.
And foregoing storage medium includes:USB flash disk, mobile hard disk, read-only storage (ROM, Read-Only Memory), arbitrary access are deposited
Reservoir (RAM, Random Access Memory), magnetic disc or CD etc. are various can be with the medium of store program codes.
In the description of the invention, it is necessary to explanation, term " " center ", " on ", " under ", "left", "right", " vertical ",
The orientation or position relationship of the instruction such as " level ", " interior ", " outer " be based on orientation shown in the drawings or position relationship, merely to
Be easy to the description present invention and simplify description, rather than instruction or imply signified device or element must have specific orientation,
With specific azimuth configuration and operation, therefore it is not considered as limiting the invention.In addition, term " first ", " second ",
" the 3rd " is only used for describing purpose, and it is not intended that instruction or hint relative importance.
Finally it should be noted that:Embodiment described above, it is only the embodiment of the present invention, to illustrate the present invention
Technical scheme, rather than its limitations, protection scope of the present invention is not limited thereto, although with reference to the foregoing embodiments to this hair
It is bright to be described in detail, it will be understood by those within the art that:Any one skilled in the art
The invention discloses technical scope in, it can still modify to the technical scheme described in previous embodiment or can be light
Change is readily conceivable that, or equivalent substitution is carried out to which part technical characteristic;And these modifications, change or replacement, do not make
The essence of appropriate technical solution departs from the spirit and scope of technical scheme of the embodiment of the present invention, should all cover the protection in the present invention
Within the scope of.Therefore, protection scope of the present invention described should be defined by scope of the claims.
Claims (10)
1. a kind of hierarchical protection based on big data closes safely rule inspection method, it is characterised in that methods described includes:
The target checking tool for determining to match with the attribute information according to the attribute information of information system to be checked, wherein,
The target checking tool is for the instrument to the information system progress hierarchical protection inspection to be checked, the attribute information
Including:Industry, title, demands on examination;
The information system to be checked is checked according to the target checking tool, to obtain inspection result;
The inspection result is checked that knowledge base is matched with target, rule audit report is closed to obtain the first safety, wherein, institute
State target and check that knowledge base includes the clause information for waiting guarantor to close rule;
Rule audit report is closed to the described first safety to supplement, obtain the second safety and close rule according to the artificial evaluating result of user
Audit report.
2. according to the method for claim 1, it is characterised in that methods described also includes:
Rule audit report is closed to the described second safety to analyze, to check the target clause in knowledge base expands
Fill.
3. according to the method for claim 2, it is characterised in that rule audit report is closed to the described second safety and analyzed,
Carrying out expansion with the clause checked the target in knowledge base includes:
Shield second safety and close the sensitive information advised in audit report, obtain safety to be analyzed and close rule audit report, wherein,
The sensitive information is the information associated with the privacy of the information system owned enterprise to be checked;
Report content in the safety conjunction rule audit report to be analyzed and the target at current time are checked that knowledge base is entered
Go and contrast, to obtain the weight that the safety to be analyzed closes the target inspection knowledge base with the current time in rule audit report
Multiple content;
The duplicate contents are removed in the safety to be analyzed closes rule audit report, and after removing the duplicate contents
The safety to be analyzed closes rule audit report as information to be encoded;
Knowledge base coding is carried out to the information to be encoded, obtains knowledge base clause;
The knowledge base clause is preserved to the target and checked in knowledge base, to check the target clause in knowledge base
Expanded.
4. according to the method for claim 1, it is characterised in that methods described also includes:
If being not determined by the target checking tool matched with the attribute information, the attribute information is analyzed, it is determined that
The tool information of target checking tool leaved for development;
The tool information determined is sent to developer, so that the developer checks work to the target leaved for development
Tool is developed.
5. according to the method for claim 1, it is characterised in that according to the determination of the attribute information of information system to be checked and institute
The target checking tool that attribute information matches is stated, including:
Target database is obtained, wherein, check work comprising the target checking tool and the target in the target database
Corresponding relation between the history inspection result of tool;
The attribute information is matched with the target database, to determine the mesh to match with the attribute information
Mark checking tool.
6. according to the method for claim 4, it is characterised in that the target checking tool comprises at least:Baseline verifies work
Tool, vulnerability scanners, penetration testing instrument and self-defined checking tool, wherein, the self-defined checking tool is the exploitation
The instrument that person's independent development obtains.
7. a kind of hierarchical protection based on big data closes safely rule inspection system, it is characterised in that the system includes:
Determining module, for determining to examine with the target that the attribute information matches according to the attribute information of information system to be checked
Instrument is looked into, wherein, the target checking tool is the instrument for carrying out hierarchical protection inspection to the information system to be checked,
The attribute information includes:Industry, title, demands on examination;
Module is checked, for being checked according to the target checking tool the information system to be checked, to be checked
As a result;
Matching module, for the inspection result to be checked into knowledge base is matched with target, rule inspection is closed to obtain the first safety
Report is looked into, wherein, the target checks that knowledge base includes the clause information for waiting guarantor to close rule;
Complementary module, rule audit report is closed to the described first safety for the artificial evaluating result according to user and supplemented, is obtained
Rule audit report is closed to the second safety.
8. system according to claim 7, it is characterised in that the system also includes:
First analysis module, analyzed for closing rule audit report to the described second safety, to check knowledge to the target
Clause in storehouse is expanded.
9. system according to claim 8, it is characterised in that first analysis module includes:
Screen unit, the sensitive information advised in audit report is closed for shielding second safety, safety to be analyzed is obtained and closes rule
Audit report, wherein, the sensitive information is the information associated with the privacy of the information system owned enterprise to be checked;
Comparison unit, for the safety to be analyzed to be closed to report content and the target at current time in rule audit report
Check that knowledge base is contrasted, the target inspection with the current time advised in audit report is closed to obtain the safety to be analyzed
Look into the duplicate contents of knowledge base;
Duplicate removal unit, for removing the duplicate contents in closing rule audit report in the safety to be analyzed, and by described in removal
The safety to be analyzed after duplicate contents closes rule audit report as information to be encoded;
Knowledge base coding unit, for carrying out knowledge base coding to the information to be encoded, obtain knowledge base clause;
Storage unit, checked for the knowledge base clause to be preserved to the target in knowledge base, with to the target inspection
Clause in knowledge base is expanded.
10. system according to claim 7, it is characterised in that the system also includes:
Second analysis module, if the target checking tool matched with the attribute information is not determined by, to the attribute information
Analyzed, determine the tool information of target checking tool leaved for development;
Sending module, for the tool information determined to be sent to developer, so that the developer waits out to described
The target checking tool of hair is developed.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710785914.7A CN107563937A (en) | 2017-09-04 | 2017-09-04 | Hierarchical protection based on big data closes safely rule inspection method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710785914.7A CN107563937A (en) | 2017-09-04 | 2017-09-04 | Hierarchical protection based on big data closes safely rule inspection method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN107563937A true CN107563937A (en) | 2018-01-09 |
Family
ID=60978911
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710785914.7A Pending CN107563937A (en) | 2017-09-04 | 2017-09-04 | Hierarchical protection based on big data closes safely rule inspection method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107563937A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109102407A (en) * | 2018-08-10 | 2018-12-28 | 中募网络科技(北京)股份有限公司 | A kind of Si Mu company closes rule and checks and monitoring method and system |
| CN113626860A (en) * | 2021-07-29 | 2021-11-09 | 上海和数软件有限公司 | Electric power data privacy protection method based on block chain |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102546296A (en) * | 2011-12-31 | 2012-07-04 | 广东电网公司信息中心 | Automatic detecting method and device for electric power industry information system networking safety evaluation |
| WO2014065558A1 (en) * | 2012-10-23 | 2014-05-01 | Choi In Sang | Module for adjusting launch of lancet, lancet depth adjustment device, and lancing device comprising same |
| CN104298923A (en) * | 2014-09-28 | 2015-01-21 | 北京奇虎科技有限公司 | Loophole type recognition method and device |
| CN104504034A (en) * | 2014-12-15 | 2015-04-08 | 四川长虹电器股份有限公司 | Method for updating database and server |
| CN104766166A (en) * | 2015-03-27 | 2015-07-08 | 杭州安恒信息技术有限公司 | Grade-protection-oriented information system security compliance check method |
| CN105553970A (en) * | 2015-12-14 | 2016-05-04 | 北京锐安科技有限公司 | Information system safety inspection device and inspection result analysis method |
| CN105760763A (en) * | 2016-02-18 | 2016-07-13 | 公安部第研究所 | Grade protection check system based on check knowledge base technology and application method of grade protection check system |
-
2017
- 2017-09-04 CN CN201710785914.7A patent/CN107563937A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102546296A (en) * | 2011-12-31 | 2012-07-04 | 广东电网公司信息中心 | Automatic detecting method and device for electric power industry information system networking safety evaluation |
| WO2014065558A1 (en) * | 2012-10-23 | 2014-05-01 | Choi In Sang | Module for adjusting launch of lancet, lancet depth adjustment device, and lancing device comprising same |
| CN104298923A (en) * | 2014-09-28 | 2015-01-21 | 北京奇虎科技有限公司 | Loophole type recognition method and device |
| CN104504034A (en) * | 2014-12-15 | 2015-04-08 | 四川长虹电器股份有限公司 | Method for updating database and server |
| CN104766166A (en) * | 2015-03-27 | 2015-07-08 | 杭州安恒信息技术有限公司 | Grade-protection-oriented information system security compliance check method |
| CN105553970A (en) * | 2015-12-14 | 2016-05-04 | 北京锐安科技有限公司 | Information system safety inspection device and inspection result analysis method |
| CN105760763A (en) * | 2016-02-18 | 2016-07-13 | 公安部第研究所 | Grade protection check system based on check knowledge base technology and application method of grade protection check system |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109102407A (en) * | 2018-08-10 | 2018-12-28 | 中募网络科技(北京)股份有限公司 | A kind of Si Mu company closes rule and checks and monitoring method and system |
| CN113626860A (en) * | 2021-07-29 | 2021-11-09 | 上海和数软件有限公司 | Electric power data privacy protection method based on block chain |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105824748B (en) | For determining the method and system of test case efficiency | |
| CN110035049A (en) | Earlier cyber-defence | |
| CN104243445A (en) | Methods and systems for use in analyzing cyber-security threats in an aviation platform | |
| CN112114579A (en) | Industrial control system safety measurement method based on attack graph | |
| CN107545043A (en) | A kind of data application method and device based on data quality checking | |
| CN110266723A (en) | A kind of safety of cloud service methods of risk assessment | |
| Sulaman et al. | A review of research on risk analysis methods for IT systems | |
| CN111680801A (en) | Operation checking method, device, equipment and storage medium | |
| Kalashnikov et al. | “Safety management system” and Significant Plants of Critical Information Infrastructure | |
| CN111931047A (en) | Artificial intelligence-based black product account detection method and related device | |
| JP6419667B2 (en) | Test DB data generation method and apparatus | |
| CN108133148A (en) | Data safety inspection method and system | |
| Abbass et al. | Using EBIOS for risk management in critical information infrastructure | |
| CN110472866A (en) | A kind of work order quality inspection analysis method and device | |
| CN107563937A (en) | Hierarchical protection based on big data closes safely rule inspection method and system | |
| Sadvandi et al. | Safety and security interdependencies in complex systems and sos: Challenges and perspectives | |
| RU2536657C1 (en) | System for evaluating safety and efficiency of design solutions to ensure safety of hazardous production facility | |
| Repp | The system of technical diagnostics of the industrial safety information network | |
| CN115719167A (en) | Vehicle information safety monitoring method and device | |
| Yuan et al. | Argument-based approach to computer system safety engineering | |
| Jung et al. | Development of a new quantification method for a fire PSA | |
| CN115310091A (en) | Target security level identification method and device based on fusion model and electronic equipment | |
| CN111651652B (en) | Emotion tendency identification method, device, equipment and medium based on artificial intelligence | |
| CN114443493A (en) | Test case generation method and device, electronic equipment and storage medium | |
| Kang et al. | An approach to the construction of a one top fire event PSA model |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180109 |
|
| RJ01 | Rejection of invention patent application after publication |