CN108038373B - Data scanning method and system for cloud terminal - Google Patents
Data scanning method and system for cloud terminal Download PDFInfo
- Publication number
- CN108038373B CN108038373B CN201711386358.2A CN201711386358A CN108038373B CN 108038373 B CN108038373 B CN 108038373B CN 201711386358 A CN201711386358 A CN 201711386358A CN 108038373 B CN108038373 B CN 108038373B
- Authority
- CN
- China
- Prior art keywords
- scanning
- sensitive information
- cloud server
- information storage
- storage area
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Abstract
The invention discloses a data scanning method and a data scanning system for a cloud terminal, wherein the method comprises the following steps: establishing a sensitive information storage area on a cloud server; scanning all cloud terminal information in a terminal information storage area on a cloud server to determine sensitive information; classifying and storing the sensitive information in a sensitive information storage area of a cloud server; establishing a mapping relation between a terminal information storage area and a sensitive information storage area on a cloud server; and performing corresponding processing on the operation of the user according to the classified storage result on the cloud server. According to the technical scheme, resources are occupied on the cloud server to scan all hardware information, personal resources of staff are not occupied, when the staff operate the files, repeated scanning is not needed on the files before incremental scanning, and a scanning mechanism is reduced; the safety is guaranteed with the maximum efficiency, and meanwhile, the normal office work of the staff is not influenced.
Description
Technical Field
The invention relates to the field of data security, in particular to a data scanning method and system for a cloud terminal.
Background
With the entrepreneurization of cloud office in recent years, the cloud office desktop becomes an important way for enterprises and public institutions to reduce office cost and improve data maintainability, and is widely applied. In the cloud office environment, when sensitive files in a scanning host of a traditional host data leakage-proof terminal are scanned, sensitive information scanning is carried out on the space allocated to each terminal, the cloud environment is not optimized, scanning convenience brought by data concentration of the cloud environment is wasted, and meanwhile, the maintenance cost is high and the maintenance is difficult.
Disclosure of Invention
In order to solve the technical problem, the invention provides a data scanning method for a cloud terminal, which is characterized by comprising the following steps:
1) establishing a sensitive information storage area on a cloud server;
2) scanning all cloud terminal information in a terminal information storage area on a cloud server to determine sensitive information;
3) classifying and storing the sensitive information in a sensitive information storage area of a cloud server;
4) establishing a mapping relation between a terminal information storage area and a sensitive information storage area on a cloud server;
5) and performing corresponding processing on the operation of the user according to the classified storage result on the cloud server.
According to the method of the present invention, preferably, the scanning in step 2) includes: full scan, incremental scan, and timed scan.
According to the method of the present invention, preferably, in the step 2), the full-volume scanning is triggered at the initial start of the cloud server scanning or triggered manually.
According to the method of the present invention, preferably, the sensitive information in step 3) is migrated from the terminal information storage area and is classified and stored in the following sensitive information storage areas: and a mapping relation is established between the original storage position of the sensitive information in the terminal information storage area and the sensitive information storage area.
According to the method of the present invention, preferably, in the step 5), it is determined whether the operation occurs after the timing scanning, and if so, scanning is started for the file targeted by the operation;
otherwise, judging whether the file targeted by the operation is a sensitive file, if so, acquiring the user operation authority, operating the file according to the user operation authority, and if not, directly operating the file.
In order to solve the above technical problem, the present invention provides a data scanning system for a cloud terminal, which is characterized in that the system includes:
the sensitive information creating module is used for creating a sensitive information storage area on the cloud server;
the information mapping module is used for establishing a mapping relation between a terminal information storage area and a sensitive information storage area on the cloud server;
the sensitive information determining module is used for scanning all cloud terminal information in a terminal information storage area on the cloud server to determine sensitive information;
the classified storage module is used for classifying and storing the sensitive information in a sensitive information storage area of the cloud server;
and the operation processing module is used for carrying out corresponding processing on the operation of the user according to the classified storage result on the cloud server.
According to the system of the present invention, preferably, the scanning performed by the sensitive information determination module includes: full scan, incremental scan, and timed scan.
According to the system of the present invention, preferably, the sensitive information determination module triggers the full-volume scanning when the cloud server scanning is initially started or manually triggers the full-volume scanning.
According to the system of the present invention, preferably, the classification storage module migrates and classifies the sensitive information from the terminal information storage area into the following sensitive information storage areas: and a mapping relation is established between the original storage position of the sensitive information in the terminal information storage area and the sensitive information storage area.
According to the system of the present invention, preferably, the operation processing module determines whether the operation occurs after the timing scanning, and if so, starts scanning for the file targeted by the operation;
otherwise, judging whether the file targeted by the operation is a sensitive file, if so, acquiring the user operation authority, operating the file according to the user operation authority, and if not, directly operating the file.
Through the technical scheme of the invention, the following technical effects are achieved:
1. because the anti-disclosure software is independently installed on the cloud server, resources are occupied on the cloud server to scan all hardware information, personal resources of staff are not occupied, and the staff can hardly sense the resources;
2. incremental scanning and sensitive file dump operation are added, so that when an employee operates the file, the file is unnecessary to be repeatedly scanned before the incremental scanning, and a scanning mechanism is reduced;
3. the anti-disclosure scanning product is deployed at the cloud server end, so that the product is easy to maintain, the staff is less in perception and the like, the safety is guaranteed with the maximum efficiency, and meanwhile, the normal office work of the staff is not influenced.
Drawings
Fig. 1 is a data map of a cloud terminal and a cloud server.
FIG. 2 is a scanning software information scanning interaction diagram of the present invention.
FIG. 3 is a flow chart of the full scan of the present invention.
FIG. 4 is a flow chart of the timing scan of the present invention.
Fig. 5 is a sensitive information mapping diagram between a cloud terminal and a cloud server according to the present invention.
Fig. 6 is a flowchart of a cloud terminal file operation according to the present invention.
Detailed Description
The invention will be further described with reference to the following figures and specific examples, but the scope of the invention is not limited thereto.
< data scanning method >
The invention provides a sensitive file scanning method based on a host data anti-disclosure system and aiming at an enterprise cloud office environment (not related to a private cloud environment, because the current scanning relates to personal privacy and is not suitable for being used in the private cloud environment).
The scanning method comprises the following steps:
and S1, the cloud servers are deployed in a centralized mode, and the hardware information is deployed in a distributed mode, so that the information of each cloud desktop terminal can be directly accessed in the cloud servers, and sensitive information areas are separated.
The cloud server is deployed in a centralized manner, a sensitive information area is newly added based on the current deployment mode, the scanned sensitive information is mapped from a terminal storage area to the sensitive information area, all the stored information is guaranteed to be transparent to the scanning area, and a single cloud server cluster deployment diagram is shown in figure 1 and can be expanded to multi-cluster deployment;
and S2, deploying scanning software, deploying security scanning software in a centralized manner by the cloud server, and performing a scanning function on all information.
The method comprises the steps that scanning software is deployed, wherein the scanning software is about scanning performance, rules are based on the scanning software used by the current products of the company, and the scanning principle and other performance parameters of the scanning software are not analyzed; the cloud server is provided with a region reserved with scanning software, and the region is provided with an independent processor and a linux or winyws system environment to support the scanning software function; meanwhile, the region has the authority to access all regions of the cloud server and has the authority to add, delete and modify the files on the mobile cloud server; the scanning software is simply deployed as shown in the following figure.
S3, carrying out sensitive scanning by the cloud server, wherein the scanning by the cloud server supports full-volume scanning and incremental scanning functions.
Scanning sensitive information of a cloud server, currently supporting full-scale scanning and incremental scanning, and customizing a scanning function;
scanning the total quantity: integrally scanning the cloud terminal information of all the cloud servers, distinguishing sensitive information and preparing for subsequent processing; the full scan supports two operations of triggering one-time full scan and manually triggering the full scan when the cloud server scans and is started for the first time, and a specific execution flow is shown in a figure 3;
incremental scanning: scanning change information recorded in a period of time of a cloud terminal in a current cloud server cluster at regular time; the triggering time can be configured, manual configuration is supported by scanning change information for a long time, the current default setting time is an integral point timer, the change information 1 hour before the time scanning is performed in a timed mode, and the specific flow is shown in fig. 4;
customizing the scanning: the customized scanning is a supplement for the rigor of the scanning function and the inspection result, the directional scanning function of a part of cloud terminals in the cloud server is triggered manually, a function of supplementing a part of real-time scanning reports is mainly provided for enterprise security inspection personnel, and detailed analysis is not performed here.
And S4, storing the scanning results in a classified manner, enabling the scanning results to be operated after the scanning results are required to be approved according to insensitivity, prohibiting 3 types of external transmission operation, storing the 2 types of files in a sensitive information area in a classified manner, and creating an index in the original area of the cloud terminal.
For a cloud office environment, all information is stored on a cloud server, the scanned sensitive information can be uniformly stored in a sensitive information area on the cloud server, and mapping information is stored on a physical address of a cloud terminal. And the mapping information records the position of the sensitive information corresponding to the cloud terminal in the secret area of the cloud server.
The scanning result is classified and stored, and the sensitive information area is divided into an examination and approval area, an encryption area and an leakage rejection area; the cloud server needs to provide a physical storage area of a sensitive information area, and the area division is divided by anti-disclosure products; configuring the file sensitive basic configuration according to the configuration items of the user, and supporting the regional expansion; after the scanning engine scans the sensitive files, the sensitive files are classified according to the configuration of a user, the sensitive files are moved to the area corresponding to the sensitive information, and meanwhile, indexes are created in the original position and the sensitive information area.
When a user changes the sensitive processing mode and level, the sensitive information area and other areas need to be rescanned and classified; the concrete model is shown in figure 5. All the information of the cloud terminal is stored in the cloud server, so that the sensitive information processing mode and level are changed, and all the information on the cloud server needs to be scanned and classified again.
S5, cloud terminal protection, which mainly relates to protection when sensitive files leak through terminal operation.
The cloud server terminal protection, through cloud server anti-disclosure software, the operation of revealing of discerning terminal to secret-related file, print, record, mobile storage, a series of operations such as duplication, judge whether the file changes after regularly scanning, if yes, the cloud server starts the thread and scans this file, if not, when the file is sensitive file, call to sensitive information protection zone time, to cloud end user's authority and file exist in the region of sensitive information, judge that the file carries out the encryption, send a series of operations such as examining and approving, refuse to carry out, the specific flow is shown in figure 6, include:
s51, determining file operation performed on the cloud terminal;
s52, judging whether the file aimed at by the operation is confidential, if not, directly carrying out file operation locally at the cloud terminal, otherwise, carrying out the step S53;
s53, acquiring the authority level of the cloud terminal user; determining the sensitive information storage area of the file: encrypted storage area, approved storage area and denial of disclosure (denial of operation area); returning file information and a specific file to a user;
s54, judging whether the user has direct operation authority, if so, directly operating the file, otherwise, jumping to the step S55;
and S55, operating the acquired confidential files according to user operation.
S6, network protection, mainly relating to protection based on cloud for sensitive information accessing to intranet equipment, ftp, mails and other modes.
Network protection, which mainly relates to protection work based on cloud for sensitive information in modes of accessing intranet equipment, ftp, mails and the like; triggering conditions are as follows: when monitoring these operations, the anti-disclosure system performs corresponding control when the cloud server accesses the sensitive data area, and the specific control method is similar to step S5.
< data scanning System >
In order to solve the above technical problem, the present invention further provides a data scanning system for a cloud terminal, including:
the sensitive information creating module is used for creating a sensitive information storage area on the cloud server;
the information mapping module is used for establishing a mapping relation between a terminal information storage area and a sensitive information storage area on the cloud server;
the sensitive information determining module is used for scanning all cloud terminal information in a terminal information storage area on the cloud server to determine sensitive information;
the classified storage module is used for classifying and storing the sensitive information in a sensitive information storage area of the cloud server;
and the operation processing module is used for carrying out corresponding processing on the operation of the user according to the classified storage result on the cloud server.
The scanning by the sensitive information determination module comprises: full scan, incremental scan, and timed scan.
The sensitive information determining module triggers full-scale scanning when the cloud server scanning is started for the first time or triggers the full-scale scanning manually.
The classified storage module migrates and classifies the sensitive information from the terminal information storage area and stores the sensitive information in the following sensitive information storage areas: and a mapping relation is established between the original storage position of the sensitive information in the terminal information storage area and the sensitive information storage area.
The operation processing module judges whether the operation occurs after timing scanning, and if so, the operation processing module starts scanning on the file targeted by the operation;
otherwise, judging whether the file targeted by the operation is a sensitive file, if so, acquiring the user operation authority, operating the file according to the user operation authority, and if not, directly operating the file.
< example >
A certain small enterprise adopts a cloud terminal system to work, because company products relate to high-precision industries, information safety is crucial to companies, before the products are not installed, a data anti-disclosure terminal is installed on each computer of a client, and the following problems are frequently encountered:
1. the CPU and the memory of the cloud terminal are occupied during full-disk scanning, so that normal office work of staff is influenced, the staff are not willing to start full-disk scanning, and the default full-disk scanning function is almost useful;
2. due to the lack of the function of incremental scanning, the system occupies the resources of the staff and is not convenient to use; when complex objects such as pictures are involved, scanning is particularly slow, timeliness is lacked, and normal work efficiency of the staff is seriously influenced;
3. the product always has bug, the slight instability of the scanned product can cause various reflection of different employees, various replacement changes, and the maintenance is difficult for user managers and companies, and the maintenance cost is too high.
According to the embodiment of the invention, due to the anti-disclosure software independently installed on the cloud server, resources are occupied on the cloud server to scan all hardware information, personal resources of employees are not occupied, and the employees can hardly perceive the resources. The incremental scanning and sensitive file dump operation is added, so that when an employee operates the file, the file is unnecessary to be repeatedly scanned before the incremental scanning, and a scanning mechanism is reduced. The anti-disclosure scanning product is deployed at the cloud server end, so that the product is easy to maintain, the staff is less in perception and the like, the safety is guaranteed with the maximum efficiency, and meanwhile, the normal office work of the staff is not influenced.
The embodiments in the present specification are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, apparatus, or computer program product. Accordingly, embodiments of the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, embodiments of the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
Embodiments of the present invention are described with reference to flowchart illustrations and/or block diagrams of methods, terminal devices (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a transmitter of a general purpose computer, special purpose computer, embedded transmitter, or other programmable data transmission terminal device to produce a machine, such that the instructions, which execute via the transmitter of the computer or other programmable data transmission terminal device, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data transmission terminal to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data transmission terminal device to cause a series of operational steps to be performed on the computer or other programmable terminal device to produce a computer implemented transmission such that the instructions which execute on the computer or other programmable terminal device provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While preferred embodiments of the present invention have been described, additional variations and modifications of these embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including preferred embodiments and all such alterations and modifications as fall within the scope of the embodiments of the invention.
Finally, it should also be noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or terminal that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or terminal. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or terminal that comprises the element.
The data processing method and apparatus provided by the present invention are introduced in detail, and a specific example is applied in the text to explain the principle and the implementation of the present invention, and the description of the above embodiment is only used to help understanding the method and the core idea of the present invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present invention.
Claims (10)
1. A data scanning method for a cloud terminal is characterized by comprising the following steps:
1) establishing a sensitive information storage area and a reserved scanning software area on a cloud server, wherein the reserved scanning software area has an independent processor and a linux or windows system environment supporting scanning software function, has the authority of accessing all areas of the cloud server, and has the authority of adding, deleting and modifying files on the mobile cloud server;
2) scanning all cloud terminal information in a terminal information storage area on a cloud server to determine sensitive information, scanning by software in a reserved scanning software area, storing scanning results in a classified mode, and dividing the sensitive information storage area into an examination and approval area, an encryption area and an leakage rejection area;
3) classifying and storing the sensitive information in a sensitive information storage area of a cloud server;
4) establishing a mapping relation between a terminal information storage area and a sensitive information storage area on a cloud server;
5) and performing corresponding processing on the operation of the user according to the classified storage result on the cloud server.
2. The method of claim 1, the scanning in step 2) comprising: full scan, incremental scan, and timed scan.
3. The method according to claim 1, wherein in the step 2), the full-volume scanning is triggered at the initial start of the cloud server scanning or is triggered manually.
4. The method according to claim 1, wherein the sensitive information in step 3) is migrated from the terminal information storage area and classified and stored in the following sensitive information storage areas: and a mapping relation is established between the original storage position of the sensitive information in the terminal information storage area and the sensitive information storage area.
5. The method according to claim 1, wherein in the step 5), it is determined whether the operation occurs after the timing scanning, and if so, scanning is started for the file targeted by the operation;
otherwise, judging whether the file targeted by the operation is a sensitive file, if so, acquiring the user operation authority, operating the file according to the user operation authority, and if not, directly operating the file.
6. A data scanning system for a cloud terminal, the system comprising:
the system comprises a sensitive information creating module, a scanning software region and a file storing module, wherein the sensitive information creating module is used for creating a sensitive information storage region and a reserved scanning software region on the cloud server, the reserved scanning software region is provided with an independent processor and linux or windows system environment supporting scanning software functions, has the authority of accessing all regions of the cloud server and has the authority of adding, deleting and changing files on the mobile cloud server;
the information mapping module is used for establishing a mapping relation between a terminal information storage area and a sensitive information storage area on the cloud server;
the sensitive information determining module is used for scanning all cloud terminal information in a terminal information storage area on the cloud server to determine sensitive information, scanning the sensitive information by software in the reserved scanning software area, storing scanning results in a classified mode, and dividing the sensitive information storage area into an examination and approval area, an encryption area and an external leakage rejection area;
the classified storage module is used for classifying and storing the sensitive information in a sensitive information storage area of the cloud server;
and the operation processing module is used for carrying out corresponding processing on the operation of the user according to the classified storage result on the cloud server.
7. The system of claim 6, the scan by the sensitive information determination module comprising: full scan, incremental scan, and timed scan.
8. The system of claim 6, the sensitive information determination module to trigger a full scan at initial start-up of a cloud server scan or by manually triggering a full scan.
9. The system of claim 6, wherein the classification storage module is used for migrating and classifying the sensitive information from the terminal information storage area to the following sensitive information storage areas: and a mapping relation is established between the original storage position of the sensitive information in the terminal information storage area and the sensitive information storage area.
10. The system of claim 6, wherein the operation processing module determines whether the operation occurs after the timing scan, and if so, starts scanning the file targeted by the operation;
otherwise, judging whether the file targeted by the operation is a sensitive file, if so, acquiring the user operation authority, operating the file according to the user operation authority, and if not, directly operating the file.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711386358.2A CN108038373B (en) | 2017-12-20 | 2017-12-20 | Data scanning method and system for cloud terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711386358.2A CN108038373B (en) | 2017-12-20 | 2017-12-20 | Data scanning method and system for cloud terminal |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108038373A CN108038373A (en) | 2018-05-15 |
| CN108038373B true CN108038373B (en) | 2020-04-10 |
Family
ID=62100236
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201711386358.2A Active CN108038373B (en) | 2017-12-20 | 2017-12-20 | Data scanning method and system for cloud terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108038373B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111030982B (en) * | 2019-09-26 | 2023-06-02 | 北京安天网络安全技术有限公司 | Strong management and control method, system and storage medium for confidential files |
| CN111756732B (en) * | 2020-06-23 | 2022-07-12 | 北京明朝万达科技股份有限公司 | Data scanning and control method and device, electronic equipment and readable storage medium |
| CN113836088A (en) * | 2021-08-31 | 2021-12-24 | 北京明朝万达科技股份有限公司 | File processing method, system and device based on depth scanning and storage medium |
| CN116186748B (en) * | 2023-04-28 | 2023-09-22 | 云南佩松荔科技有限公司 | Anti-disclosure management system and method for digital printer |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2016128746A1 (en) * | 2015-02-11 | 2016-08-18 | Livedrive Internet Ltd | Methods and systems for virtual file storage and encryption |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102833346B (en) * | 2012-09-06 | 2015-12-02 | 上海海事大学 | Based on cloud sensitive data safety system and the method for storing metadata |
| US9959420B2 (en) * | 2012-10-02 | 2018-05-01 | Box, Inc. | System and method for enhanced security and management mechanisms for enterprise administrators in a cloud-based environment |
| CN106446707A (en) * | 2016-08-31 | 2017-02-22 | 北京明朝万达科技股份有限公司 | Dynamic data leakage prevention system and method |
| CN106789964B (en) * | 2016-12-02 | 2020-10-16 | 中国移动通信集团新疆有限公司 | Cloud resource pool data security detection method and system |
-
2017
- 2017-12-20 CN CN201711386358.2A patent/CN108038373B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2016128746A1 (en) * | 2015-02-11 | 2016-08-18 | Livedrive Internet Ltd | Methods and systems for virtual file storage and encryption |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108038373A (en) | 2018-05-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108038373B (en) | Data scanning method and system for cloud terminal | |
| US10454942B2 (en) | Managed clone applications | |
| US20170154188A1 (en) | Context-sensitive copy and paste block | |
| EP3133507A1 (en) | Context-based data classification | |
| US9424058B1 (en) | File deduplication and scan reduction in a virtualization environment | |
| CN109687991A (en) | User behavior recognition method, apparatus, equipment and storage medium | |
| US10650158B2 (en) | System and method for secure file access of derivative works | |
| KR20130018678A (en) | Information protection using zones | |
| US20130031602A1 (en) | Thin client system, and access control method and access control program for thin client system | |
| CN102306117A (en) | Automatic hardware test alarm method and device | |
| EP3196798A1 (en) | Context-sensitive copy and paste block | |
| US20230224307A1 (en) | Methods and systems to identify a compromised device through active testing | |
| CN106021566A (en) | Method, device and system for improving concurrent processing capacity of single database | |
| US20140053147A1 (en) | Rapid deployment of software system | |
| CN110968333B (en) | Configuration information replacement method and device, machine-readable storage medium and processor | |
| CN101777002B (en) | Software running method based on virtualization | |
| CN111131474A (en) | Method, device and medium for managing user protocol based on block chain | |
| CN112559118A (en) | Application data migration method and device, electronic equipment and storage medium | |
| US11782938B2 (en) | Data profiling and monitoring | |
| CN111722881B (en) | Resource expansion method, system and device of container cloud platform | |
| US9467452B2 (en) | Transferring services in a networked environment | |
| JP4430908B2 (en) | Multi-window display control device and computer system using the same | |
| CN111104690A (en) | Document monitoring method and device, server and storage medium | |
| US11645402B2 (en) | Methods and systems for identifying compromised devices from file tree structure | |
| US11954203B2 (en) | Methods and systems for identifying a compromised device through its unmanaged profile |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |