CN108270735A - A kind of data leakage prevention method and equipment - Google Patents
A kind of data leakage prevention method and equipment Download PDFInfo
- Publication number
- CN108270735A CN108270735A CN201611262407.7A CN201611262407A CN108270735A CN 108270735 A CN108270735 A CN 108270735A CN 201611262407 A CN201611262407 A CN 201611262407A CN 108270735 A CN108270735 A CN 108270735A
- Authority
- CN
- China
- Prior art keywords
- data
- request message
- sensitive information
- sensitive
- legal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/105—Multiple levels of security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The embodiment of the invention discloses a kind of leakage-preventing method and apparatus of data, for improving the safety of the data stored in server.The leakage-preventing method of data therein includes:The request message that receiving terminal apparatus is sent, the request message, which is used to indicate user, to be needed to be operated for data;According to the request message, the data are obtained, and the data are identified from server, to determine whether the data include sensitive information;Wherein, the server is used to store data;The sensitive information is needs information to be protected;If the data include the sensitive information, it is determined that whether the request message is legal;If the request message is legal, the operation in response to the request message is carried out to the data.
Description
Technical field
The present invention relates to technical field of communication safety and comprising, more particularly to a kind of data leakage prevention method and equipment.
Background technology
At present, most of operation commercial city is by being mounted with that the server of data base management system provides data for application system
Storage with inquiry etc. services, the server be, for example, full-text search server (Search On Lucene Replication,
Solr).Usual user can access the server, and in the server by terminal device, such as personal computer (PC)
Data operated.
In order to ensure the data safety between terminal device and server, at present, operator is put down by unified security management
Platform, that is, collection certification (Authentication), account (Account), permission (Authorization), audit (Audit) in
The platform of one, realizes the control to user access server.Unified security management platform is also referred to as 4A) platform, 4A platforms pair
The control process of user access server is only based on network authenticating protocol and terminal device and server is caused to carry out mutual identity
The process of certification.For example, phase is carried out by the mode terminal device and server of authentication secret based on network authenticating protocol
Mutual authentication.However, this mode may lead to safety problem, for example, the private data of user is stored in server,
These private datas, which may include identification card number of user etc., needs information to be protected.4A platforms are by authentication secret come to user
Carry out authentication, then as long as these numbers that can be by terminal device to being stored in server by the user of certification
According to the various operations of progress, such as download, be deleted or modified.However, present network platform safety is not very high, for into
The key of row certification is likely to be stolen by illegal user, then illegal user can also be by terminal device to being stored in server
These data carry out various operations, it is clear that the safety of data is relatively low.
Invention content
The embodiment of the present invention provides a kind of leakage-preventing method and apparatus of data, for improving the data stored in server
Safety.
In a first aspect, one embodiment of the invention provides a kind of leakage-preventing method of data, the leakage-preventing method packet of data
It includes:
The request message that receiving terminal apparatus is sent, the request message, which is used to indicate user, to be needed to be grasped for data
Make;
According to the request message, the data are obtained, and the data are identified from server, it is described to determine
Whether data include sensitive information;Wherein, the server is used to store data;The sensitive information is needs letter to be protected
Breath;
If the data include the sensitive information, it is determined that whether the request message is legal;
If the request message is legal, the operation in response to the request message is carried out to the data.
Optionally, determine whether the request message is legal, including:
Determine whether the user for sending the request message is legal;Wherein, if the user is and the sensitive information pair
One at least one validated user answered, it is determined that the request message is legal.
Optionally, the request message is operated for request for the sensitive information;Determine the request message
It is whether legal, including:
Determine the operation whether be in the corresponding at least one valid operation of the sensitive information any one is legal
Operation;Wherein, if the operation is any one valid operation at least one valid operation, it is determined that the request
Message is legal.
Optionally, the method further includes:
Determine the sensitive grade of the sensitive information, the sensitivity grade is used to indicate the sensitive information should be shielded
Importance;
According to the sensitive grade and the correspondence of sensitive grade and valid operation, determine corresponding with the data
At least one valid operation.
Optionally, the data are identified, to determine whether the data include sensitive information, including:
Determine the classification of the user belonging to the data;
Corresponding sensitive information recognition rule is obtained according to the classification;
The data are identified according to the sensitive information recognition rule of acquisition, to determine whether the data wrap
Include sensitive information.
Optionally, the data are identified, to determine whether the data include sensitive information, including:
Determine whether the data include sensitive identification;
If the data include the sensitive identification, it is determined that the data include sensitive information.
Second aspect, another embodiment of the present invention provide a kind of leakage-preventing equipment of data, the leakage-preventing equipment of data
Including:
Receiving module, for the request message that receiving terminal apparatus is sent, the request message is used to indicate user's needs
It is operated for data;
Identification module, for according to the request message, the data to be obtained, and know to the data from server
Not, whether include sensitive information with the determining data;Wherein, the server is used to store data;The sensitive information is
Need information to be protected;
Determining module, if including the sensitive information for the data, it is determined that whether the request message is legal;
Respond module if legal for the request message, is carried out in response to the request message data
Operation.
Optionally, the determining module is used to determine whether the request message is legal, including:
Determine whether the user for sending the request message is legal;Wherein, if the user is and the sensitive information pair
One at least one validated user answered, it is determined that the request message is legal.
Optionally, the request message is operated for request for the sensitive information;The determining module is used for
Determine whether the request message is legal, including:
Determine the operation whether be in the corresponding at least one valid operation of the sensitive information any one is legal
Operation;Wherein, if the operation is any one valid operation at least one valid operation, it is determined that the request
Message is legal.
Optionally, the determining module is additionally operable to:
Determine the sensitive grade of the sensitive information, the sensitivity grade is used to indicate the sensitive information should be shielded
Importance;
According to the sensitive grade and the correspondence of sensitive grade and valid operation, determine corresponding with the data
At least one valid operation.
Optionally, the identification module is for being identified the data, to determine whether the data include sensitivity
Information, including:
Determine the classification of the user belonging to the data;
Corresponding sensitive information recognition rule is obtained according to the classification;
The data are identified according to the sensitive information recognition rule of acquisition, to determine whether the data wrap
Include sensitive information.
Optionally, the identification module is for being identified the data, to determine whether the data include sensitivity
Information, including:
Determine whether the data include sensitive identification;
If the data include the sensitive identification, it is determined that the data include sensitive information.
It is first after the request message operated for data sent in receiving terminal apparatus in the embodiment of the present invention
First judge whether the data that the request message is directed to include sensitive information, if including sensitive information, also to judge that the request disappears
Whether breath is legal, if the request message is legal, just can data be carried out with the operation in response to request message.If that is, data packet
Containing sensitive information, then illegal operation is filtered as possible, it is ensured that the operation for the data is valid operation, to ensure that server is deposited
The safety of the data of storage reduces security risk.
Description of the drawings
In order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, to embodiment or will show below
There is attached drawing needed in technology description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
Inventive embodiments, for those of ordinary skill in the art, without creative efforts, can also be according to carrying
The attached drawing of confession obtains other attached drawings.
Fig. 1 is the schematic diagram of data interaction system provided in an embodiment of the present invention;
Fig. 2 is the flow chart of data leakage prevention method provided in an embodiment of the present invention;
Fig. 3 is a kind of structure diagram of anti-data-leakage equipment provided in an embodiment of the present invention.
Specific embodiment
To make the objectives, technical solutions, and advantages of the present invention clearer, below in conjunction in the embodiment of the present invention
Attached drawing, the technical solution in the embodiment of the present invention is clearly and completely described, it is clear that described embodiment is only
It is part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, ordinary skill people
Member's all other embodiments obtained without making creative work, shall fall within the protection scope of the present invention.
In the case of not conflicting, the feature in embodiment and embodiment in the present invention mutually can be combined arbitrarily.Although it also, is flowing
Logical order is shown in journey figure, but in some cases, can be performed with the sequence being different from herein shown or described by
The step of.
In addition, the terms "and/or", only a kind of incidence relation for describing affiliated partner, represents there may be
Three kinds of relationships, for example, A and/or B, can represent:Individualism A exists simultaneously A and B, these three situations of individualism B.Separately
Outside, character "/" herein, in the case where not illustrating, it is a kind of relationship of "or" to typically represent forward-backward correlation object.
In the embodiment of the present invention, server can be the equipment for being mounted with data base management system, such as be mounted with 4A platforms
Equipment, server can store data.In daily management mission, user can be by terminal device related to user
In data storage to server, and the data stored to server are operated accordingly, as that can check in server
The data of storage, the data that can also be stored in download server, to realize the management to data.User can be natural person,
Can also be enterprise or administrative department etc..Terminal device can pass through smart mobile phone, personal computer (PC) or tablet electricity
The equipment such as brain (PAD) are realized.
In existing data interaction system, in order to ensure to operate the data stored in server by validated user as possible,
Third Party Authentication service trusty, such as kerberos server can be set between terminal device and server.Wherein,
Tripartite's certificate server is also referred to as gateway server.Terminal device and server carry out mutual identity by gateway server to be recognized
Card, only by gateway server certification by user could operate the data stored in server.Wherein, terminal device and
Server can set multiple, and a gateway server can be set between multiple terminal devices and multiple servers,
Multiple gateway servers can be set, if setting multiple gateway servers, then a gateway server can correspond to an end
End equipment and a server can correspond to multiple terminal devices and multiple servers, and each terminal device can lead to
It crosses one of gateway server and accesses multiple servers.
Fig. 1 is referred to, introduces a kind of application scenarios of the embodiment of the present invention.Fig. 1 show a kind of data interaction system,
Include terminal device 101, gateway server 102 and server 103, Fig. 1 includes a terminal device with data interaction system
101st, for a gateway server 102 and a server 103.Terminal device 101 and server 103 can be taken by gateway
Business device 102 carries out mutual identity authentication, if certification passes through, and terminal device 101 and server 103 can communicate.
In certification by rear, if user needs to write data into server 103, user's operation terminal device 101, by number
According to gateway server 102 is first written, gateway server 102 by the data write service device 103 received, takes again per secondary gateway
Business device 102 is write data into after server 103, can delete the data stored in gateway server 102.
In certification by rear, if user needs operation of modifying to the data of server 103, can also first be taken by gateway
Device 102 be engaged in from the reading data of server 103, user sends operation instruction by terminal device 101 to gateway server 102 again,
The operation instruction is used to indicate how gateway server 102 changes the data.Gateway server 102 receives the operation instruction
Afterwards, the data are changed, and modification result is informed into terminal device 101 according to the operation instruction.Gateway server 102 carries out every time
After modification operation, the data after the modification stored in gateway server 102 can be deleted.
In certification by rear, if user needs to carry out delete operation to the data of server 103, can also first be taken by gateway
Device 102 be engaged in from the reading data of server 103, user sends operation instruction by terminal device 101 to gateway server 102 again,
The operation instruction is used to indicate gateway server 102 and deletes the data.After gateway server 102 receives the operation instruction, according to
The operation instruction deletes the data stored in gateway server 102, and informs terminal device 101 by result is deleted.Gateway takes
It is engaged in after each progress delete operation of device 102, server 103 can be accessed, determine whether still store this in server 103
Data, if still storing the data in server 103, gateway server 102 indicates that server 103 is deleted for data addition
Except label, deleted with recording the data by user.However the data practical not really deletion in server 103, so as to it
After can reuse.
Technical solution provided in an embodiment of the present invention is introduced below in conjunction with the accompanying drawings, in the following description with shown in FIG. 1
For application scenarios.
Refer to Fig. 2, the embodiment of the present invention provides a kind of data leakage prevention method, this method by gateway server 102
It performs.The flow of this method is described as follows.
S201:The request message for being used to be operated for data that receiving terminal apparatus 101 is sent;
S202:According to request message, data are obtained, and data are identified from server 103, whether to determine data
Including sensitive information;Wherein, server 103 is for storing data, and sensitive information is needs information to be protected;
S203:If data include sensitive information, it is determined that whether request message is legal;
S204:If request message is legal, the operation in response to request message is carried out to data.
When user needs to operate the data in server 103, by terminal device 101 to gateway server
102 send request message, which is the message operated for data.The request message can carry the mark of data
Know, which can indicate the requested data of the request message, so that gateway server 102 is able to know that terminal device 101
Which data need to operate is, to obtain corresponding data from server 103.
In the embodiment of the present invention, since the data to be operated of terminal device 101 may not include sensitive information, it is also possible to
Including sensitive information.If data do not include sensitive information, gateway server 102 obviously can directly respond the data
In the operation of request message.And if data include sensitive information, if gateway server 102 directly responds data
The operation of request message may result in serious error, such as change sensitive information.Therefore, after gateway server 102 obtains data,
It is identified firstly the need of to data, to determine whether acquired data include sensitive information, however, it is determined that the data include quick
Feel information, then further determine that whether request message is legal, to be carried out again to the data in the case where request message is legal
In response to the operation of request message.User can thus be reached to carry out the data on server 103 by terminal device 101
The purpose of valid operation ensures the data safety that server 103 is stored as possible.
Sensitive information is needs information to be protected, and for different users, the data that server 103 is stored may differ
Sample, the sensitive information that the data stored include may be also different.For example, if user is personal, then 103 institute of server
The data of storage may include the relevant data of identity of user, such as the personal information of user, such as ID card No., it is also possible to
Service content data including user, such as the network identity password of user.In these data, ID card No. may be sensitive
Information.Alternatively, if user is enterprise, then the data that server 103 is stored may include management of enterprise operation data, such as look forward to
Industry internal management data, such as financial data, it is also possible to including service operation service data, such as customer data etc., these numbers
In, customer data may be sensitive information.In order to which relatively accurately data are identified, the embodiment of the present invention can be to clothes
The data that business device 103 is stored can classify to data according to the classification of the user belonging to data.The classification of user can be with
Including personal classification and enterprise sort, personal data and business data can be splitted data into according to the classification of user in this way
Deng since the sensitive information included by different classes of data is also different, then gateway server 102 is directed to different classes of number
According to being identified, based on recognition rule may also be different, in the embodiment of the present invention, knowledge based on gateway server 102
Rule is not known as sensitive information recognition rule.
Gateway server 102 can first determine the classification of the data, with according to the category before data are identified
Corresponding sensitive information recognition rule is obtained, so as to which the data are identified in the sensitive information recognition rule further according to acquisition,
To determine whether the data include sensitive information.
Sensitive information recognition rule can be understood as the recognition rule established in advance according to the classification of data, be situated between below
It continues.
Refer to table 1, a kind of correspondence example of the table 1 for data category and sensitive information.As can be seen from Table 1 not
Sensitive information corresponding to generic data is also different.In the embodiment of the present invention, the class of the user according to belonging to data
Can not split data into four major class, i.e., user identity related data, user service content-data, user service derivative data and
Management of enterprise operation data, as shown in table 1.Each classification can also include multiple subclass, and each subclass corresponds to phase
The sensitive information answered, and corresponding corresponding sensitive information recognition rule.The correspondence of data category and sensitive information in table 1
It is exactly sensitive information recognition rule.
The correspondence of table 1, data category and sensitive information
In table 1, the data of each classification include the data of at least one subclass, and the data of each subclass are right
A line sensitive information is answered, often row sensitive information includes at least one field.If server 103 stores data according to the form of table 1
The correspondence of classification and sensitive information, then if data belong to some classification, identify whether the data include under the category
Corresponding certain field, if including certain field, then it is assumed that the data include sensitive information.It therefore, can be by a line every in table 1
Data category regards corresponding sensitive information recognition rule as with per the correspondence of a line sensitive information.Certain server 103
Field under sensitive information in table 1 can be added or be deleted, to change sensitive information recognition rule.
In possible embodiment, gateway server 102 obtains corresponding sensitive information recognition rule according to table 1, can be with
Identify the field included by data, data include the field specified, such as name, driving license if identifying, then it is assumed that the data
Including sensitive information.Certainly, it in order to more accurately determine whether data to be identified include sensitive information, determines to be identified
After the classification of data, if identifying, field that data include not in the range of specified field, can also further determine to treat
The subclass of the data of identification determines sensitive information recognition rule corresponding with subclass, so as to according to determining sensitive information
Data are identified in recognition rule.If identifying, data include the field specified, such as vocal print, fingerprint, then can be true
The fixed data include sensitive information.Certain table 1 is only illustrated, it is also possible to be identified the other feature included by data, not only be limited
In field.
In the embodiment of the present invention, data that server 103 is stored directly store or pass through gateway
Server 102 is stored again later by the identification of sensitive information recognition rule.If the data that server 103 is stored are to pass through net
Server 102 is closed by being stored again after the identification of sensitive information recognition rule that is, user is write data by terminal device 101
Before server 103, the classification that gateway server 102 determines data is first passed through, corresponding sensitivity is obtained according to the classification of data
Information recognition rule identifies data, by the data write service device after identification according still further to the sensitive information recognition rule of acquisition
103.Wherein, can be that the data add sensitive identification if data include sensitive information after gateway server 102 identifies data,
The sensitive identification can be used to indicate that data include sensitive information.After gateway server 102 obtains data from server in this way,
It can directly determine whether acquired data include sensitive identification, if including, then it is assured that acquired data packet
Sensitive information is included, without data are identified by sensitive information recognition rule again, it is possible to reduce 101 He of terminal device
Interaction time between gateway server 102.
It may include the data of identified mistake in the data that server 103 is stored, it is also possible to including no by knowing
Other data.In the embodiment of the present invention, the data identified not over gateway server 102 that server 103 is stored are claimed
For historical data.Server 103 in the embodiment of the present invention can be in the more idle time, such as -4 point of 2:00 AM, to history number
It is identified according to by corresponding sensitive information recognition rule, and preserves the data after identification.Ensure server 103 as possible in this way
On the data that are stored all identified, so as to which gateway server 102 does not need to again identify that the data of acquisition, to reduce
The interaction time of gateway server 102 and terminal device 101 so that better user experience.Wherein, it is empty for server 103
Can be the accessed number of the server 103 less time between idle.
Gateway server 102 is after determining that acquired data include sensitive information, it may be determined that whether request message closes
Method, so that in the case where request message is legal, the operation in response to request message is carried out to the data.Gateway clothes are described below
How business device 102 determines whether request message is legal.
In the embodiment of the present invention, even if data include sensitive information, user may by the operation that terminal device 101 carries out
It is for sensitive information, it is also possible to not be for sensitive information, if not for sensitive information, gateway server 102 can be with
The operation that directly data are carried out in response to request message.And if user by the operation that terminal device 101 carries out is needle
To the operation that sensitive information is carried out, if then gateway server 102 directly can to the operation of data progress response request message
It can lead to serious error, such as change sensitive information.It therefore, first can be with after gateway server 102 receives request message
Request message is determined whether for asking to be operated for sensitive information, if the request message is directed to sensitive letter for request
Breath is operated, then can continue to determine whether request message is legal.
Request message described in the embodiment of the present invention is legal, refer to send request message user it is legal and/or with please
It asks the corresponding operation of message legal, introduces separately below.
1st, determine whether the user for sending request message is legal.Wherein, if the user for sending request message is legal, it is determined that
Request message is legal, otherwise determines that request message is illegal.
The embodiment of the present invention can identify different users by user account, as user steps on terminal device 101
Some platform is recorded, such as server or the platform of operator's offer, sends request message, then user needs to register on the platform
Account be exactly user account.That is, the user described in the embodiment of the present invention, it can be understood as user account.For same
ID card No., if user's first can check the ID card No., and user's second cannot check the ID card No., then
It is considered that if send request message is user's first, request message is legal, please if send request message is user's second
Ask message illegal.
A kind of validated user corresponding to sensitive information may only there are one, it is also possible to more than one is with sensitive information
For Bank Account Number, it is generally recognized that any bank clerk can operate Bank Account Number, and non-banking work people
Member cannot operate Bank Account Number, i.e., in this case, the corresponding validated user of sensitive information is with regard to more than one
(arbitrary bank clerk).Gateway server 102 can set corresponding validated user, such as silver for these sensitive informations in advance
Row staff.When gateway server 102 determines that request operation is for Bank Account Number, then gateway server 101 can be first
First determine at least one validated user corresponding with sensitive information, if it is determined that the corresponding user of request message is at least one conjunction
A validated user in method user, then can determine that the request message is legal, if it is not, so it is considered that request message
It is illegal.Certainly, gateway server 102 can determine corresponding user by user account.
2nd, determine whether the requested operation of request message is legal.Wherein, if the requested operation of request message is legal,
It determines that request message is legal, otherwise determines that request message is illegal.
Similarly, there are one a kind of possible of the valid operations corresponding to sensitive information, it is also possible to more than one.For example,
Sensitive information is ID card No., and usual ID card No. is unique characterization personal identification, it is believed that may only check body
Part card number, it is not possible to change ID card No., i.e., in this case, there are one the corresponding valid operations of sensitive information.
For another example sensitive information is personal work unit, and usual individual can change jobs, and work unit changes also with possible, it is believed that
Work unit can check incessantly, can also change, i.e., in this case, the corresponding valid operation of sensitive information is with regard to more than one
It is a.Therefore, gateway server 102 can determine at least one valid operation corresponding with sensitive information first, if it is determined that please
It is a valid operation at least one valid operation to ask the corresponding operation of message, then can determine that the request message closes
Method.
In the embodiment of the present invention, the correspondence of sensitive information and valid operation, such gateway service can be established in advance
Device 102 can according to the correspondence, determine at least one valid operation corresponding with sensitive information, may thereby determine that and
Whether the corresponding operation of request message is one at least one valid operation.The embodiment of the present invention should be by according to sensitive information
The significance level of protection establishes the correspondence of sensitive information and valid operation.Different sensitive informations is answered shielded important
Degree may it is identical may also be different, the embodiment of the present invention can for each sensitive information according to answer shielded significance level come
Establish corresponding sensitive grade, sensitive grade can be according to answering shielded significance level to divide from low to high, for example be divided into
1-4 grades, 1 grade then represents that corresponding sensitive information answers shielded significance level relatively low, and 4 grades then represent that corresponding sensitive information should
Shielded significance level is higher, and such sensitive information and the correspondence of sensitive grade can be set up.Due to sensitivity
Grade and data category all have correspondence with sensitive information, then the embodiment of the present invention can also be believed in data category with sensitive
Sensitive information and the correspondence of sensitive grade are established on the basis of the correspondence of breath, that is, establishes data category, sensitive information
And the correspondence between sensitive grade three, it is specific as shown in table 2.Table 2 is by taking sensitive grade includes 4 grades as an example, this sample hair
Server 103 can only store the correspondence such as table 2 in bright embodiment, without storing sensitive information and sensitivity etc. respectively
The correspondence of grade and the correspondence of data category and sensitive information reduce the data volume of storage.
Table 2, data category, sensitive information and sensitive grade correspondence
In table 2, the data of each classification include the data of at least one subclass, and the data of each subclass are right
At least one sensitive information is answered, each sensitive information therein includes at least one field, wherein each field correspondence one is quick
Feel grade.If server 103 stores the correspondence of data category, sensitive information and sensitive grade according to the form of table, that
If the data of certain classification include certain field, which belongs at least one field that sensitive information includes, then can recognize
It is exactly the corresponding sensitive grade of the data for the corresponding sensitive grade of the field.So as to which gateway server 102 can be true according to table 2
Fixed sensitive grade corresponding with data.Gateway server 102 in this way after sensitive grade corresponding with sensitive information is determined,
Corresponding with data at least one can be determined according to the correspondence between sensitive grade and sensitive grade and valid operation
A valid operation.
In the embodiment of the present invention, above two mode can also be used in combination to determine request message in gateway server 102
It is whether legal.That is, determine whether the user for sending request message is legal and determines whether operation corresponding with request message closes
Method, if send request message user it is legal and it is corresponding with request message operation it is legal, it is determined that request message is legal,
Otherwise, it determines request message is illegal.For certain sensitive informations, different users may have different operating rights, determine
After user is legal, it is also necessary to the corresponding operation of request message is determined whether in the permission of user, if corresponding with request message
Operation in the permission of user, then request message is legal.In this case, it is necessary to above two mode is combined, with
More accurately determine whether request message is legal.
In the embodiment of the present invention, the valid operation for sensitive information sets corresponding control authority can include but is not limited to
It is several below:Operating time, operation address, operating frequency etc., operating time can be understood as operating time of the user to data
Section, operation address can be understood as terminal device 101 used by user Internet protocol (Internet Protocol,
IP) address, operating frequency can be understood as number of operations of the user to data.
For example, by taking sensitive information includes Bank Account Number as an example, validated user is bank clerk, and bank clerk exists
Some period by terminal device 101 to the Bank Account Number of server 103 carry out operation may be considered it is unreasonable.If
Bank clerk sends request message for checking bank account in -4 point of 2:00 AM by terminal device, and the work of bank
Make personnel's general work hours at night before 9 points, then it is considered that the operation in -4 this period of point of 2:00 AM can
Can be unreasonable, then can think in this period bank clerk without the control for check operation
Limit, then the embodiment of the present invention can be to set operating time range, such as the morning 8 to check that operation is further:00- evenings 9:
00, if operating time corresponding to request message not to check in the range of the operating time of operation setting, gateway server 102
It is assured that the request message is illegal.
Such as progress is just only had permission by section terminating equipment 101 for the possible user of some sensitive informations
Modification.By taking sensitive information includes financial data as an example, user is only just had permission by fixed terminal device 101 to be repaiied
Change.If so user operates in revocable terminal device 101, just do not have the permission for operation of modifying.It is so of the invention
Embodiment can further set operation address permission, such as 192.168.1.101 to be operated for modification.The embodiment of the present invention can be with
Being set in advance for server 103 allows the address range of operation, if there is user by terminal device 101 in server 103
Data are operated, then gateway server 102 obtain terminal device 101 IP address, with determine the IP address whether for
Server 103 is set in the address range for allowing operation, if not existing, it may be considered that the user does not have operating right, gateway
Server 102 is assured that the request message is illegal.
Such as if continually operated for some sensitive informations user, the possible operation is unreasonable.Believed with sensitivity
For breath includes Bank Account Number, if the number that the Bank Account Number was merchandised in one day is more than 20 times, it is believed that may be other people
Illegal transaction, i.e. number of operations are higher than threshold value, it is possible to which it is unreasonable to think the operation.So embodiment of the present invention
For the valid operation corresponding to this sensitive information of Bank Account Number, operating frequency permission is further set.The embodiment of the present invention can be with
Fixing each user in duration for some corresponding operation settings of some data on server 103 in advance allows time of operation
Number, fixed duration can be pre-set durations, such as 1 day or other possible values, if same user is in fixation
Set number is more than to the number of operations that the same data in server 103 carry out by terminal device 101 in duration, that
Gateway server 102 can think that the user does not have operating right at this time, and gateway server 102 is assured that this please
Ask message illegal, then gateway server 102 to the data without the operation in response to request message.
It, can be with after gateway server 102 carries out in response to the operation of request message data in the embodiment of the present invention
Whether the data operated on detection service device 103 further include sensitive information, if the data operated further include sensitive information,
This partial data can be handled accordingly, be described below.
For example, user carries out certain operation, such as delete operation by terminal device 101 to the data on server 103, use
Family sends the request message that data are carried out with delete operation, gateway server by terminal device 101 to gateway server 102
After 102 verification delete operations are valid operation, so that it is determined that request message is legal, then gateway server 102 is to data
The delete operation in response to request message is carried out, i.e. gateway server 102 deletes the data stored in gateway server 102.
And after gateway server 102 carries out delete operation every time, server 103 can be accessed, determine in server 103 whether according to
The data are so stored, if still storing the data in server 103, gateway server 102 indicates that server 103 should
The state of data is set as deletion state, and label is deleted in for example, data addition, is deleted with recording the data by user.However
The data are practical in server 103 not to delete really, to reuse later.
In the embodiment of the present invention, gateway server 102 can block what data were carried out if it is determined that request message is illegal
Operation, can also export prompting message, which can be used for user gateway server 102 is prompted to block to data progress
The reason of operation.Alternatively, gateway server 102 can also send alert message to administrator, to inform that administrator has illegal behaviour
Make.
In the embodiment of the present invention, gateway server 102 is directed to what data were operated what receiving terminal apparatus 101 was sent
After request message, both it can determine whether request message is legal by determining whether the user for sending request message is legal,
It again can be by determining that operate corresponding with request message whether legal determines whether request message is legal, can be combined with two
Person determines whether request message is legal, to filter illegal operation as possible, it is ensured that the operation for the data is valid operation, is subtracted
Few security risk.The equipment that the embodiment of the present invention is provided is introduced below in conjunction with the accompanying drawings.
Fig. 3 is referred to, based on same inventive concept, one embodiment of the invention provides a kind of anti-data-leakage equipment, the number
Include receiving module 301, identification module 302, determining module 303 and respond module 304 according to anti-leak equipment.
Wherein, receiving module 301 can be used for the request message of receiving terminal apparatus transmission, which is used to indicate
User needs to be operated for data.
Identification module 302 can be used for according to request message, and data are obtained, and data are identified from server, with
Determine whether data include sensitive information;Wherein, server is for storing data, and sensitive information is needs information to be protected.
If determining module 303 can be used for data and include sensitive information, it is determined that whether request message is legal.
If respond module 304 can be used for, request message is legal, and the operation in response to request message is carried out to data.
Optionally, determining module 303 is used to determine whether request message is legal, including:
Determine whether the user for sending request message is legal;Wherein, if user is corresponding with sensitive information at least one
One in validated user, it is determined that request message is legal.
Optionally, request message is operated for request for sensitive information;Determining module 303 disappears for determining request
Whether breath is legal, including:
Whether determining operation is any one valid operation in the corresponding at least one valid operation of sensitive information;Its
In, if operation is any one valid operation at least one valid operation, it is determined that request message is legal.
Optionally, determining module 303 is additionally operable to:
Determine the sensitive grade of sensitive information, sensitive grade is used to indicate sensitive information and answers shielded importance;
According to sensitive grade and the correspondence of sensitive grade and valid operation, corresponding with data at least one is determined
A valid operation.
Optionally, identification module 302 is for being identified data, to determine whether data include sensitive information, including:
Determine the classification of the user belonging to data;
Corresponding sensitive information recognition rule is obtained according to classification;
Data are identified according to the sensitive information recognition rule of acquisition, to determine whether data include sensitive information.
Optionally, identification module 302 is for being identified data, to determine whether data include sensitive information, including:
Determine whether data include sensitive identification;
If data include the sensitive identification, it is determined that data include sensitive information.
The anti-data-leakage equipment can be used for performing the method that embodiment shown in Fig. 2 is provided, for example, aforementioned
Gateway server 102.Therefore the function that can be realized about each function module in the anti-data-leakage equipment, can refer to Fig. 2
Corresponding description in shown embodiment, seldom repeats.
In the embodiment of the present invention, after the request message operated for data sent in receiving terminal apparatus 101,
It first determines whether the data that the request message is directed to include sensitive information, if including sensitive information, also to judge the request
Whether message is legal, if the request message is legal, just can data be carried out with the operation in response to request message.If that is, data
Comprising sensitive information, then illegal operation is filtered as possible, it is ensured that the operation for the data is valid operation, to ensure server
The safety of 103 data stored reduces security risk.
It is apparent to those skilled in the art that for convenience and simplicity of description, only with above-mentioned each function
The division progress of module, can be as needed and by above-mentioned function distribution by different function moulds for example, in practical application
Block is completed, i.e., the internal structure of device is divided into different function modules, to complete all or part of work(described above
Energy.The specific work process of the system, apparatus, and unit of foregoing description can refer to corresponding in preceding method embodiment
Journey, details are not described herein.
In several embodiments provided by the present invention, it should be understood that disclosed device and method can pass through it
Its mode is realized.For example, the apparatus embodiments described above are merely exemplary, for example, the module or unit
It divides, only a kind of division of logic function can have other dividing mode, such as multiple units or component in actual implementation
It may be combined or can be integrated into another system or some features can be ignored or does not perform.Another point, it is shown or
The mutual coupling, direct-coupling or communication connection discussed can be the indirect coupling by some interfaces, device or unit
It closes or communicates to connect, can be electrical, machinery or other forms.
The unit illustrated as separating component may or may not be physically separate, be shown as unit
The component shown may or may not be physical unit, you can be located at a place or can also be distributed to multiple
In network element.Some or all of unit therein can be selected according to the actual needs to realize the mesh of this embodiment scheme
's.
In addition, each functional unit in each embodiment of the application can be integrated in a processing unit, it can also
That each unit is individually physically present, can also two or more units integrate in a unit.Above-mentioned integrated list
The form that hardware had both may be used in member is realized, can also be realized in the form of SFU software functional unit.
If the integrated unit is realized in the form of SFU software functional unit and is independent product sale or uses
When, it can be stored in a computer read/write memory medium.Based on such understanding, the technical solution of the application is substantially
The part to contribute in other words to the prior art or all or part of the technical solution can be in the form of software products
It embodies, which is stored in a storage medium, is used including some instructions so that a computer
It is each that equipment (can be personal computer, server or the network equipment etc.) or processor (processor) perform the application
The all or part of step of embodiment the method.And aforementioned storage medium includes:General serial bus USB
(Universal Serial Bus flash disk), mobile hard disk, read-only memory (Read-Only Memory, ROM),
Random access memory (Random Access Memory, RAM), magnetic disc or CD etc. are various can to store program code
Medium.
Obviously, various changes and modifications can be made to the invention without departing from essence of the invention by those skilled in the art
God and range.In this way, if these modifications and changes of the present invention belongs to the range of the claims in the present invention and its equivalent technologies
Within, then the present invention is also intended to include these modifications and variations.
Claims (12)
- A kind of 1. leakage-preventing method of data, which is characterized in that including:The request message that receiving terminal apparatus is sent, the request message, which is used to indicate user, to be needed to be operated for data;According to the request message, the data are obtained, and the data are identified from server, to determine the data Whether sensitive information is included;Wherein, the server is used to store data;The sensitive information is needs information to be protected;If the data include the sensitive information, it is determined that whether the request message is legal;If the request message is legal, the operation in response to the request message is carried out to the data.
- 2. the method as described in claim 1, which is characterized in that determine whether the request message is legal, including:Determine whether the user for sending the request message is legal;Wherein, if the user is corresponding with the sensitive information One at least one validated user, it is determined that the request message is legal.
- 3. the method as described in claim 1, which is characterized in that the request message for ask for the sensitive information into Row operation;Determine whether the request message is legal, including:Determine whether the operation is any one valid operation in the corresponding at least one valid operation of the sensitive information; Wherein, if the operation is any one valid operation at least one valid operation, it is determined that the request message It is legal.
- 4. method as claimed in claim 3, which is characterized in that the method further includes:Determine the sensitive grade of the sensitive information, the sensitivity grade be used to indicate the sensitive information answer it is shielded important Property;According to the sensitive grade and the correspondence of sensitive grade and valid operation, institute corresponding with the data is determined State at least one valid operation.
- 5. the method as described in claim 1-4 is any, which is characterized in that the data are identified, to determine the number According to whether include sensitive information, including:Determine the classification of the user belonging to the data;Corresponding sensitive information recognition rule is obtained according to the classification;The data are identified according to the sensitive information recognition rule of acquisition, to determine it is quick whether the data include Feel information.
- 6. the method as described in claim 1-4 is any, which is characterized in that the data are identified, to determine the number According to whether include sensitive information, including:Determine whether the data include sensitive identification;If the data include the sensitive identification, it is determined that the data include sensitive information.
- 7. a kind of leakage-preventing equipment of data, which is characterized in that including:Receiving module, for the request message that receiving terminal apparatus is sent, the request message, which is used to indicate user, to be needed to be directed to Data are operated;Identification module, for according to the request message, the data to be obtained, and the data are identified from server, To determine whether the data include sensitive information;Wherein, the server is used to store data;The sensitive information is needs The information of protection;Determining module, if including the sensitive information for the data, it is determined that whether the request message is legal;If legal for the request message, the operation in response to the request message is carried out to the data for respond module.
- 8. equipment as claimed in claim 7, which is characterized in that the determining module is used to determine whether the request message closes Method, including:Determine whether the user for sending the request message is legal;Wherein, if the user is corresponding with the sensitive information One at least one validated user, it is determined that the request message is legal.
- 9. equipment as claimed in claim 7, which is characterized in that the request message for ask for the sensitive information into Row operation;The determining module is used to determine whether the request message is legal, including:Determine whether the operation is any one valid operation in the corresponding at least one valid operation of the sensitive information; Wherein, if the operation is any one valid operation at least one valid operation, it is determined that the request message It is legal.
- 10. equipment as claimed in claim 8, which is characterized in that the determining module is additionally operable to:Determine the sensitive grade of the sensitive information, the sensitivity grade be used to indicate the sensitive information answer it is shielded important Property;According to the sensitive grade and the correspondence of sensitive grade and valid operation, institute corresponding with the data is determined State at least one valid operation.
- 11. the equipment as described in claim 7-10 is any, which is characterized in that the identification module is used to carry out the data Identification, to determine whether the data include sensitive information, including:Determine the classification of the user belonging to the data;Corresponding sensitive information recognition rule is obtained according to the classification;The data are identified according to the sensitive information recognition rule of acquisition, to determine it is quick whether the data include Feel information.
- 12. the equipment as described in claim 7-10 is any, which is characterized in that the identification module is used to carry out the data Identification, to determine whether the data include sensitive information, including:Determine whether the data include sensitive identification;If the data include the sensitive identification, it is determined that the data include sensitive information.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611262407.7A CN108270735A (en) | 2016-12-31 | 2016-12-31 | A kind of data leakage prevention method and equipment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611262407.7A CN108270735A (en) | 2016-12-31 | 2016-12-31 | A kind of data leakage prevention method and equipment |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108270735A true CN108270735A (en) | 2018-07-10 |
Family
ID=62755249
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201611262407.7A Pending CN108270735A (en) | 2016-12-31 | 2016-12-31 | A kind of data leakage prevention method and equipment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108270735A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109672657A (en) * | 2018-09-18 | 2019-04-23 | 平安科技(深圳)有限公司 | Data managing method, device, equipment and storage medium |
CN116049321A (en) * | 2023-03-31 | 2023-05-02 | 北京比格大数据有限公司 | Data calling method and device, electronic equipment and storage medium |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102841902A (en) * | 2011-06-23 | 2012-12-26 | 捷达世软件(深圳)有限公司 | Database data management method and system |
CN104506545A (en) * | 2014-12-30 | 2015-04-08 | 北京奇虎科技有限公司 | Data leakage prevention method and data leakage prevention device |
CN104809405A (en) * | 2015-04-24 | 2015-07-29 | 广东电网有限责任公司信息中心 | Structural data asset leakage prevention method based on hierarchical classification |
WO2016034068A1 (en) * | 2014-09-03 | 2016-03-10 | 阿里巴巴集团控股有限公司 | Sensitive information processing method, device, server and security determination system |
CN105681276A (en) * | 2015-12-25 | 2016-06-15 | 亿阳安全技术有限公司 | Sensitive information leakage active monitoring and responsibility confirmation method and device |
-
2016
- 2016-12-31 CN CN201611262407.7A patent/CN108270735A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102841902A (en) * | 2011-06-23 | 2012-12-26 | 捷达世软件(深圳)有限公司 | Database data management method and system |
WO2016034068A1 (en) * | 2014-09-03 | 2016-03-10 | 阿里巴巴集团控股有限公司 | Sensitive information processing method, device, server and security determination system |
CN104506545A (en) * | 2014-12-30 | 2015-04-08 | 北京奇虎科技有限公司 | Data leakage prevention method and data leakage prevention device |
CN104809405A (en) * | 2015-04-24 | 2015-07-29 | 广东电网有限责任公司信息中心 | Structural data asset leakage prevention method based on hierarchical classification |
CN105681276A (en) * | 2015-12-25 | 2016-06-15 | 亿阳安全技术有限公司 | Sensitive information leakage active monitoring and responsibility confirmation method and device |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109672657A (en) * | 2018-09-18 | 2019-04-23 | 平安科技(深圳)有限公司 | Data managing method, device, equipment and storage medium |
CN116049321A (en) * | 2023-03-31 | 2023-05-02 | 北京比格大数据有限公司 | Data calling method and device, electronic equipment and storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP3786871B1 (en) | Vehicle-related information processing based on blockchain | |
AU2017350176A1 (en) | Systems and methods for providing a universal decentralized solution for verification of users with cross-verification features | |
CN110766405B (en) | Information processing method in digital asset certificate inheritance transfer and related device | |
CN105868970B (en) | authentication method and electronic equipment | |
JP6153669B2 (en) | System and method for communicating credentials | |
CN106850693A (en) | The method and real-name authentication system of a kind of real-name authentication | |
CN105830079B (en) | Authentication information managing system, authentication information managing equipment, program, recording medium and authentication information managing method | |
CN107918911A (en) | System and method for performing safe web bank transaction | |
US10313371B2 (en) | System and method for controlling and monitoring access to data processing applications | |
CN109493212A (en) | Reference management method, device, electronic equipment and computer readable storage medium | |
CN108270735A (en) | A kind of data leakage prevention method and equipment | |
JP5278256B2 (en) | Card management system | |
CN109753574A (en) | Determine electronics license checking method, system and storage medium that fulfilling needs | |
CN102393983A (en) | Method for supporting alarm PIN (personal identification number), banking terminal, IC (integrated circuit) card and server | |
CN108234125A (en) | For the system and method for authentication | |
CN108074186B (en) | Health card account opening processing method and device | |
CN105007267A (en) | Privacy protection method and device | |
CN114444048A (en) | Feature management method, feature management device, computer equipment and storage medium | |
CN108491712B (en) | Method and device for safely reading and writing hospital confidential documents | |
CN113297564A (en) | Data security management method and device supporting hierarchical control | |
JP2004280245A (en) | Information record carrier, password input system, and authentication system | |
WO2021098797A1 (en) | Method of managing documents, user equipment, and non-transitory | |
TWI539323B (en) | Personal data inventory system and method | |
KR101613664B1 (en) | Security system reinforcing identification function on the electronic business using certificate | |
CN115206034B (en) | Bank card data processing method and device, terminal equipment and storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180710 |