CN108229154A - Sensitive data operation log recording method, device, storage medium and equipment - Google Patents
Sensitive data operation log recording method, device, storage medium and equipment Download PDFInfo
- Publication number
- CN108229154A CN108229154A CN201711321008.8A CN201711321008A CN108229154A CN 108229154 A CN108229154 A CN 108229154A CN 201711321008 A CN201711321008 A CN 201711321008A CN 108229154 A CN108229154 A CN 108229154A
- Authority
- CN
- China
- Prior art keywords
- sensitive data
- coding
- operation log
- log
- sensitive
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/30—Monitoring
- G06F11/3065—Monitoring arrangements determined by the means or processing involved in reporting the monitored data
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Quality & Reliability (AREA)
- Debugging And Monitoring (AREA)
Abstract
Sensitive data operation log recording method, device, storage medium and equipment, the method includes in response to the operation to sensitive data, being encoded according to the generation of the coding rule of pre-configuration corresponding to the first of the sensitive data;Sensitive data operation log is generated according to the described first coding.Described device, storage medium and equipment are used to implement the method.It can specify the sensitive specific field of operation system, and note abnormalities operation, and provides timely, accurate early warning.
Description
Technical field
The present invention relates to database journal management domain more particularly to sensitive data operation log recording method, device, deposit
Storage media and equipment.
Background technology
System log is the information of hardware, software and system problem in record system, while can be to be sent out in monitoring system
Raw event.The trace that attacker leaves when user can be checked wrong the reason of occurring by it or find under attack
Mark.For specification operation system log recording, the security log of application system need to be recorded to provide clearly require, so as to and day
Will centralized management platform is docked;However it can only be obtained according to current log recording method and log in daily record, user management day
The General Requirements such as will, role/rights management daily record, system configuration operation, can not obtain business sensitive information operation log
It is grasped using data, and is often high-risk operation to the operation (add drop/change) of business sensitive information, it is impossible in time in log management
It gives warning in advance in platform.
Invention content
In order to solve the above-mentioned technical problem, the present invention proposes a kind of sensitive data operation log recording method, device, storage
Medium and equipment, it can specify the sensitive specific field of operation system, and note abnormalities operation, and provides timely, accurate early warning.
To achieve these goals, the technical scheme is that:
A kind of sensitive data operation log recording method, which is characterized in that including:
In response to the operation to sensitive data, according to the generation of the coding rule of pre-configuration corresponding to the of the sensitive data
One coding;
Sensitive data operation log is generated according to the described first coding.
The operation in response to sensitive data corresponds to the sensitive data according to the generation of the coding rule of pre-configuration
First coding further include:
According to coding rule generation corresponding to the second coding of the operation;
It is described to be included according to the described first coding generation sensitive data operation log:
Sensitive data operation log is generated according to the described first coding and the described second coding.
The coding daily record is stored in local disk or strange land is stored in big data Log Administration System.
The sensitive data includes operation system sensitive data, reporting system or management platform sensitive data.
The sensitive data operation log includes at least one of following:Log Types, daily record version number, field value set with
And end mark.
Invisible break is equipped between the Log Types, daily record version number, field value set and end mark;Institute
It states and invisible break is equipped between each field value in field value set.
The field value includes:Operation information and sensitive field information;The sensitivity field information includes:Non- routing iinformation
The Air Way Bill No. being related to.
Sensitive data operation log recording device, including:
Coding unit is configured in response to the operation to sensitive data, is generated and corresponded to according to the coding rule of pre-configuration
In the first coding of the sensitive data;
Generation unit is configured to generate sensitive data operation log according to the described first coding.
A kind of equipment, the equipment include:
One or more processors;
Memory, for storing one or more programs,
When one or more of programs are performed by one or more of processors so that one or more of places
It manages device and performs the method.
A kind of computer readable storage medium for being stored with computer program, when which is executed by processor described in realization
Method.
The beneficial effects of the invention are as follows:The sensitive specific field of operation system is specified, and sensitivity is believed with digitized coding
Breath carries out burying a mark;Business sensitive information, which is provided, for big data log management platform operates basic information, and by sensitive information
Carried out with digital coding corresponding, note abnormalities operation, and provides timely, accurate early warning.
Description of the drawings
Fig. 1 shows flow chart according to an embodiment of the present application.
Specific embodiment
In order to be better understood by technical scheme of the present invention, 1 the invention will be further described below in conjunction with the accompanying drawings.
As shown in Figure 1, a kind of sensitive data operation log recording method, which is characterized in that including:
In response to the operation to sensitive data, according to the generation of the coding rule of pre-configuration corresponding to the of the sensitive data
One coding;
Sensitive data operation log is generated according to the described first coding.
The sensitive data operation log includes at least one of following:Log Types, daily record version number, field value set with
And end mark.
Log Types are numbered and version number's explanation is as shown in table 1.
Table 1
The sensitive data includes operation system sensitive data, reporting system or management platform sensitive data.
Operation system sensitive data daily record:
Log Types value in output format is 6, version number 2
Application system is related to sensitive information operation (including to sensitive information increasing, delete, change, inquire), need to be to every
A operation is recorded, each operation one daily record of record every time.
There are one corresponding codings for each sensitivity field, are specifically shown in Table 2 code field.
Table 2
Business sensitive data operation log recording includes following two situations:User passes through between browser and application system
Sensitive data operates, and the sensitive data between different application systems synchronizes.
To reduce batch data with the influence to performance during production daily record, the content of sensitive field only records non-routing iinformation
" Air Way Bill No. " being related to, the Air Way Bill No. in routing iinformation do not have to record.
Report management system or platform daily record.
There may be business decision-making support management platform or systems for intra-company, and by taking company as an example, incorporated business's decision is put down
There is also a large amount of sensitive data information in related statements in platform, high-risk behaviour is also belonged to for the regular job daily record of report
Make, need to pay close attention to, we are by report query, report is subscribed to, report sends associated oplog and carried out specification.
Report query
Record report class data are operated activity of (inquiry/deletion etc.) etc.;
Log Types value in output format is 7, version number 1;
" report query " needs record field clearly such as table 3:
Table 3
Report is subscribed to
It is required that:Activity for recording report subscription operation etc. is recorded;
Log Types value in output format is 8, version number 1;
" report subscription " record field is clearly such as table 4:
Table 4
Explanation:This field can not such as be obtained by being labeled as the field expression of *, then does not require to record.
Report is sent
It is required that:The file of report class to being sent to user is operated the activity of (transmission/download) etc. and is recorded;
Log Types value in output format is 9, version number 1
" report transmission " record field is clearly such as table 5:
Table 5
Invisible break is equipped between the Log Types, daily record version number, field value set and end mark;Institute
It states and invisible break is equipped between each field value in field value set.
Example:(by taking one logs in daily record as an example)
1\u00001\u00002007-08-2800:52:10\u0000157556\u0000CAS\u0000BSP\
u000010.0.22.33\u000010.0.13.38\u0000hq-it-230000.sf.com\u000000:15:C5:79:7E:
F7\u0000013\u0000Success\u0000\u0000\r
It illustrates:
A. each field by invisible break u0000 be separated;
B. log recording with u0000 r terminate;
C. if the value of certain field is empty or void value, invisible break u0000 can not omit, it is as usual defeated
Go out;
D. different types of daily record has respective Log Types and version number, is specifically shown in the explanation of each daily record chapters and sections;
(note:Version number is the version number of record log)
E. the field output sequence of different types of daily record requires, and is specifically shown in each daily record chapters and sections record field table
In order of the field.
The operation in response to sensitive data corresponds to the sensitive data according to the generation of the coding rule of pre-configuration
First coding further include:
According to coding rule generation corresponding to the second coding of the operation;
It is described to be included according to the described first coding generation sensitive data operation log:
Sensitive data operation log is generated according to the described first coding and the described second coding.
Operation coding such as table 6.
Table 6
《Sensitive field inventory》(some examples) such as table 7.
Table 7
The field value includes:Operation information and sensitive field information;The sensitivity field information includes:Non- routing iinformation
The Air Way Bill No. being related to.
The coding daily record is stored in local disk or strange land is stored in big data Log Administration System.User can delete
The daily record stored in local disk, but the data in big data log management platform cannot be deleted.Big data log management is put down
Platform is equipped on server.
For present specification, should be noted:
All application systems should be recorded according to record general class daily record in the application;
All application systems should be in record system the record operation class daily record of all kinds of sensitive informations;
It needs, according to (field name and table name in the application are for reference) is required, to carry out security log unified form
Design and output;
The field expression of * is labeled as in this patent can not such as obtain this field, then does not require to record.
About the scheme of daily record storage, local disk (being locally stored) and database are stored in the form of text file
(strange land storage), is again stored in KAFKA queues.
The conversation strategy of daily record is defaulted as 3+1 days, the storage of roller.
Sensitive data operation log recording device, including:
Coding unit is configured in response to the operation to sensitive data, is generated and corresponded to according to the coding rule of pre-configuration
In the first coding of the sensitive data;
Generation unit is configured to generate sensitive data operation log according to the described first coding.
A kind of equipment, the equipment include:
One or more processors;
Memory, for storing one or more programs,
When one or more of programs are performed by one or more of processors so that one or more of places
It manages device and performs the method.
A kind of computer readable storage medium for being stored with computer program, when which is executed by processor described in realization
Method.
The preferred embodiment and the explanation to institute's application technology principle that above description is only the application.People in the art
Member should be appreciated that invention scope involved in the application, however it is not limited to the technology that the specific combination of above-mentioned technical characteristic forms
Scheme, while should also cover in the case where not departing from the inventive concept, it is carried out by above-mentioned technical characteristic or its equivalent feature
The other technical solutions for arbitrarily combining and being formed.Such as features described above has similar work(with (but not limited to) disclosed herein
The technical solution that the technical characteristic of energy is replaced mutually and formed.
Claims (10)
1. a kind of sensitive data operation log recording method, which is characterized in that including:
In response to the operation to sensitive data, compiled according to the generation of the coding rule of pre-configuration corresponding to the first of the sensitive data
Code;
Sensitive data operation log is generated according to the described first coding.
2. according to the method described in claim 1, it is characterized in that, the operation in response to sensitive data, according to prewired
The coding rule generation put is further included corresponding to the first coding of the sensitive data:
According to coding rule generation corresponding to the second coding of the operation;
It is described to be included according to the described first coding generation sensitive data operation log:
Sensitive data operation log is generated according to the described first coding and the described second coding.
3. sensitive data operation log recording method according to claim 1, which is characterized in that the coding daily record storage
Big data Log Administration System is stored in local disk or strange land.
4. sensitive data operation log recording method according to claim 1, which is characterized in that the sensitive data includes
Operation system sensitive data, reporting system or management platform sensitive data.
5. according to the method described in claim 2, it is characterized in that, the sensitive data operation log includes following at least one
:Log Types, daily record version number, field value set and end mark.
6. according to the method described in claim 5, it is characterized in that, the Log Types, daily record version number, field value set with
And invisible break is equipped between end mark;Invisible separation is equipped between each field value in the field value set
Symbol.
7. according to the method described in claim 5, it is characterized in that, the field value includes:Operation information is believed with sensitive field
Breath;The sensitivity field information includes:The Air Way Bill No. that non-routing iinformation is related to.
8. sensitive data operation log recording device, which is characterized in that including:
Coding unit is configured in response to the operation to sensitive data, corresponds to institute according to the generation of the coding rule of pre-configuration
State the first coding of sensitive data;
Generation unit is configured to generate sensitive data operation log according to the described first coding.
9. a kind of equipment, which is characterized in that the equipment includes:
One or more processors;
Memory, for storing one or more programs,
When one or more of programs are performed by one or more of processors so that one or more of processors
Perform the method as described in any one of claim 1-7.
10. a kind of computer readable storage medium for being stored with computer program, which is characterized in that the program is executed by processor
Methods of the Shi Shixian as described in any one of claim 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711321008.8A CN108229154A (en) | 2017-12-12 | 2017-12-12 | Sensitive data operation log recording method, device, storage medium and equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711321008.8A CN108229154A (en) | 2017-12-12 | 2017-12-12 | Sensitive data operation log recording method, device, storage medium and equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN108229154A true CN108229154A (en) | 2018-06-29 |
Family
ID=62649398
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201711321008.8A Pending CN108229154A (en) | 2017-12-12 | 2017-12-12 | Sensitive data operation log recording method, device, storage medium and equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108229154A (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109858205A (en) * | 2018-12-29 | 2019-06-07 | 深圳市雁联移动科技有限公司 | A kind of safe Enhancement Method and device suitable for enterprise mobile working portal |
| CN110175161A (en) * | 2019-04-25 | 2019-08-27 | 平安科技(深圳)有限公司 | Method, apparatus, computer equipment and the storage medium of record log |
| CN110377479A (en) * | 2019-05-24 | 2019-10-25 | 平安普惠企业管理有限公司 | Sensitive field monitoring method, device and the computer equipment of journal file |
| CN111310224A (en) * | 2020-01-16 | 2020-06-19 | 平安医疗健康管理股份有限公司 | Log desensitization method, apparatus, computer device and computer readable storage medium |
| CN111931203A (en) * | 2020-07-15 | 2020-11-13 | 深信服科技股份有限公司 | Sensitive data analysis method, device, equipment and storage medium |
| CN114461614A (en) * | 2022-04-12 | 2022-05-10 | 北京安华金和科技有限公司 | Sensitive data identification processing method and system |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103270499A (en) * | 2011-12-21 | 2013-08-28 | 华为技术有限公司 | Log storage method and system |
| CN105068765A (en) * | 2015-08-13 | 2015-11-18 | 浪潮(北京)电子信息产业有限公司 | Log processing method and system based on key value database |
| CN105824837A (en) * | 2015-01-06 | 2016-08-03 | 中国移动通信集团广东有限公司 | Log treatment method and device |
| CN106250397A (en) * | 2016-07-19 | 2016-12-21 | 中国科学院计算机网络信息中心 | A kind of analysis method and device of user behavior feature |
| US20170308712A1 (en) * | 2016-04-22 | 2017-10-26 | International Business Machines Corporation | Automatic Audit Logging of Events in Software Applications Performing Regulatory Workloads |
| CN107306416A (en) * | 2016-04-25 | 2017-10-31 | 中国移动通信集团云南有限公司 | The recording method of business diary and device |
-
2017
- 2017-12-12 CN CN201711321008.8A patent/CN108229154A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103270499A (en) * | 2011-12-21 | 2013-08-28 | 华为技术有限公司 | Log storage method and system |
| CN105824837A (en) * | 2015-01-06 | 2016-08-03 | 中国移动通信集团广东有限公司 | Log treatment method and device |
| CN105068765A (en) * | 2015-08-13 | 2015-11-18 | 浪潮(北京)电子信息产业有限公司 | Log processing method and system based on key value database |
| US20170308712A1 (en) * | 2016-04-22 | 2017-10-26 | International Business Machines Corporation | Automatic Audit Logging of Events in Software Applications Performing Regulatory Workloads |
| CN107306416A (en) * | 2016-04-25 | 2017-10-31 | 中国移动通信集团云南有限公司 | The recording method of business diary and device |
| CN106250397A (en) * | 2016-07-19 | 2016-12-21 | 中国科学院计算机网络信息中心 | A kind of analysis method and device of user behavior feature |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109858205A (en) * | 2018-12-29 | 2019-06-07 | 深圳市雁联移动科技有限公司 | A kind of safe Enhancement Method and device suitable for enterprise mobile working portal |
| CN110175161A (en) * | 2019-04-25 | 2019-08-27 | 平安科技(深圳)有限公司 | Method, apparatus, computer equipment and the storage medium of record log |
| CN110175161B (en) * | 2019-04-25 | 2023-11-14 | 平安科技(深圳)有限公司 | Method, device, computer equipment and storage medium for recording log |
| CN110377479A (en) * | 2019-05-24 | 2019-10-25 | 平安普惠企业管理有限公司 | Sensitive field monitoring method, device and the computer equipment of journal file |
| CN111310224A (en) * | 2020-01-16 | 2020-06-19 | 平安医疗健康管理股份有限公司 | Log desensitization method, apparatus, computer device and computer readable storage medium |
| CN111931203A (en) * | 2020-07-15 | 2020-11-13 | 深信服科技股份有限公司 | Sensitive data analysis method, device, equipment and storage medium |
| CN114461614A (en) * | 2022-04-12 | 2022-05-10 | 北京安华金和科技有限公司 | Sensitive data identification processing method and system |
| CN114461614B (en) * | 2022-04-12 | 2022-06-28 | 北京安华金和科技有限公司 | Sensitive data identification processing method and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108229154A (en) | Sensitive data operation log recording method, device, storage medium and equipment | |
| US11258814B2 (en) | Methods and systems for using embedding from Natural Language Processing (NLP) for enhanced network analytics | |
| US8813172B2 (en) | Protection of data in a mixed use device | |
| CN102959558B (en) | The system and method implemented for document policies | |
| US7617190B2 (en) | Data feeds for management systems | |
| US11423041B2 (en) | Maintaining data lineage to detect data events | |
| US20080276179A1 (en) | Monitoring and Aggregating User Activities in Heterogeneous Systems | |
| EP3341881A1 (en) | Predictive human behavioral analysis of psychometric features on a computer network | |
| US20030037116A1 (en) | System and method for the analysis of email traffic | |
| US8074230B2 (en) | Method and system for dynamic context based contact service | |
| WO2007005437A2 (en) | Out-of-band change detection | |
| WO2006004680A3 (en) | Ecosystem method of aggregation and search and related techniques | |
| US20130085811A1 (en) | Work product transparency | |
| CN107025411A (en) | A kind of system and method for fine-grained data permission dynamic control | |
| CN115329381A (en) | Sensitive data-based analysis and early warning method and device, computer equipment and medium | |
| US9952917B2 (en) | Identifying defunct nodes in data processing systems | |
| US20220335154A1 (en) | Predictive response-generation systems to facilitate timely compliance with information-disclosure laws | |
| US8538907B2 (en) | Autonomous intelligent content items | |
| CN106815120A (en) | Embedded Log Administration System and method | |
| CN112115497A (en) | Public opinion evidence storage information erasable disposal method based on block chain | |
| Teymourlouei et al. | Dark data: managing cybersecurity challenges and generating benefits | |
| CN205281505U (en) | Data centralized management system | |
| CN104992115A (en) | Project management device with intrusion protection alarm function | |
| US20160019225A1 (en) | Methods for Normalizing Encoding Formats of Digital Assets | |
| JP6575327B2 (en) | Man-hour estimation program, man-hour estimation method, and man-hour estimation device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180629 |