CN110096868A - Auditing method, device, equipment and the computer readable storage medium of operation code - Google Patents

Abstract

The invention discloses a kind of auditing method of operation code, device, equipment and computer readable storage mediums, the method comprising the steps of: when receiving after operation code, calculate the index score value to operation code in weight index, wherein, described at least to correspond to two weight indexs to operation code；The corresponding default weighted value of each weight index is obtained, the index product between each index score value and the corresponding default weighted value is calculated；If each index sum of products is not in pre-set level score range, it is determined that it is described not pass through audit to operation code, and forbid being sent to described in preset production environment to operation code.The present invention improves the safety of financial industry production environment, and improves the safety of funds transaction in the production environment of financial infrastructure (such as distribution, cloud computing, block chain).

Description

Auditing method, device, equipment and the computer readable storage medium of operation code

Technical field

The present invention relates to the technical field of financial technology (Fintech) safety detection more particularly to a kind of operation codes Auditing method, device, equipment and computer readable storage medium.

Background technique

With financial technology, the especially continuous development of internet techno-financial (Fintech), more and more technologies (such as distributed, block chain Blockchain, artificial intelligence) is applied in financial field, but financial circles also propose more technology High requirement.

In IT (Internet Technology, Internet technology) production environment of financial industry, financial institution and its Its commercial undertaking can operate with screen operator record and keyword warning technology to the behaviour of IT personnel for various IT personnel It is monitored and audits, but this method cannot be by way of prior involvement come the dangerous production exercise to some IT personnel Prevented, if the corresponding code of viruliferous new product is taken in publication, to cause a large amount of violation operation that cannot shift to an earlier date Containment.After the maloperation and/or intentional violation operation for IT personnel occur, it is also desirable to by the long period come to IT personnel Maloperation and/or intentional violation operation checked and audited, throwing into question cannot be solved for a long time, and in this way Mode is monitored the production operation of IT personnel, can only accomplish the problem of occurring in post-incident review operating process, and subsequent Reappear the problem of occurred, this not only needs to put into more manpower, and the time found the problem is longer, reduces operation code Production environment safety.

Summary of the invention

The main purpose of the present invention is to provide a kind of auditing method of operation code, device, equipment and computer-readable Storage medium, it is intended to solve the technical issues of how improving the safety of the production environment of operation code.

To achieve the above object, the present invention provides a kind of auditing method of operation code, the auditing party of the operation code Method comprising steps of

When receiving after operation code, the index score value to operation code in weight index is calculated, wherein institute It states and at least corresponds to two weight indexs to operation code；

The corresponding default weighted value of each weight index is obtained, each index score value and the corresponding default power are calculated Index product between weight values；

If each index sum of products is not in pre-set level score range, it is determined that it is described do not pass through to operation code it is careful Meter, and forbid being sent to described in preset production environment to operation code.

Preferably, described when receiving after operation code when the weight index is production O&M index, calculate institute The step of stating the index score value to operation code in weight index include:

When receiving after operation code, the corresponding production O&M audit regulation collection of production O&M index is obtained, and calculate The first regular quantity that the production O&M audit regulation is concentrated；

It calculates and is concentrated in the production O&M audit regulation, with described to the matched production O&M audit regulation of operation code Second Rule quantity；

Refer to operation code in production O&M according to the described first regular quantity and Second Rule quantity calculating are described Production O&M index score value in mark.

Preferably, described when receiving after operation code when the weight index is algorithm Walkthrough index, calculate institute The step of stating the index score value to operation code in weight index include:

When receiving after operation code, the corresponding each code security rule set of acquisition algorithm Walkthrough index；

It compares described to operation code and each code security rule set, is tied according to resulting comparison is compared Fruit determines the regular score to operation code in each code security rule set；

The corresponding regular weight of each code security rule set is obtained, and calculates each regular score and rule of correspondence weight Regular product, to obtain the algorithm Walkthrough index score value to operation code in the algorithm Walkthrough index.

Preferably, described when receiving after operation code when the weight index is that code compares index, calculate institute The step of stating the index score value to operation code in weight index include:

When receiving after operation code, acquisition is described to the corresponding history codes of operation code, and calculates described wait grasp Make the dispersion degree value between code and the history codes；

If the dispersion degree value is less than predeterminable level value, calculate the dispersion degree value and the predeterminable level value it Between degree difference；

The code comparison index to operation code in code comparison index is determined according to the degree difference Score value.

Preferably, described when receiving after operation code when the weight index is database manipulation index, it calculates The step of index score value to operation code in weight index includes:

When receiving after operation code, described in detection in the process of running to operation code, if there are illegal connections The operation of database；

If it is described to operation code in the process of running, not there is no the operation of illegal connection database, then obtain the number According to the private data collection of library operation index；

It determines that the private data is concentrated, with described to the matched target private data of operation code, and obtains the mesh Mark the corresponding private data score value of private data；

The operation index to operation code in database manipulation index point is calculated according to the private data score value Value.

Preferably, described when receiving after operation code when the weight index is that business operation closes rule index, it counts The step of calculating the index score value to operation code in weight index include:

When receiving after operation code, obtains business operation and close the corresponding business conjunction rule rule of rule index, and determine institute It states business to close in rule rule, closes rule rule to the matched target service of operation code with described；

It obtains each target service and closes the corresponding conjunction rule score value of rule rule, and obtain to close and advise default score value；

Default score value is advised into the conjunction and subtracts the corresponding conjunction rule score value of each target service conjunction rule rule, is obtained described wait grasp Make code and closes the conjunction rule index score value advised in index in the business operation.

Preferably, before described the step of obtaining each weight index corresponding default weighted value, further includes:

It determines the corresponding approval node of the weight index, it is default in each weight index to obtain each approval node Score value；

According to the corresponding default weighted value for calculating each weight index of the corresponding default score value of each weight index.

Preferably, described when receiving after operation code, calculate the index to operation code in weight index The step of score value includes:

When receiving after operation code, obtains default approval node and authorize the authorization to operation code operation permission As a result；

If determined according to the Authorization result authorize the approval node quantity to operation code operation permission be greater than or Person is equal to default number of nodes, then calculates the index score value to operation code in weight index.

Preferably, if each index sum of products is not in pre-set level score range, it is determined that described wait operate Code does not pass through audit, and forbidding will be after the step that be sent in preset production environment to operation code, further includes:

The security audit to operation code is generated to report；

Security audit report is sent to it is described in the corresponding terminal of operation code, so that the terminal is receiving To after security audit report, described reported to the corresponding technical staff of operation code according to the security audit is prompted to modify It is described to operation code.

Preferentially, described to obtain the corresponding default weighted value of each weight index, calculate each index score value and right After the step of answering the index product between the default weighted value, further includes:

If each index sum of products is in pre-set level score range, it is determined that it is described to pass through audit to operation code, And corresponding operating parameter is configured to operation code to be described, is obtained to the corresponding parameter to be configured of operation code according to described It is described to operation code after configuring operating parameter；

Will after configuration operating parameter described in be sent in preset production environment and run to operation code.

In addition, to achieve the above object, the present invention also provides a kind of audit device of operation code, the operation code Audit device includes:

Computing module, for calculating the finger to operation code in weight index when receiving after operation code Mark score value, wherein described at least to correspond to two weight indexs to operation code；

Module is obtained, for obtaining the corresponding default weighted value of each weight index；

The computing module is also used to calculate the index between each index score value and the corresponding default weighted value Product；

Determining module, if for each index sum of products not in pre-set level score range, it is determined that described wait grasp Make code and does not pass through audit；

Disabled module is sent to described in preset production environment to operation code for forbidding.

In addition, to achieve the above object, the present invention also provides a kind of audit device of operation code, the operation code Audit device includes memory, processor and is stored in the operation code that can be run on the memory and on the processor Auditing procedure, the auditing procedure of the operation code realized when being executed by the processor operation code as described above examine The step of meter method.

In addition, to achieve the above object, it is described computer-readable the present invention also provides a kind of computer readable storage medium It is stored with the auditing procedure of operation code on storage medium, is realized such as when the auditing procedure of the operation code is executed by processor The step of auditing method of the upper operation code.

The present invention passes through when receiving after operation code, calculates the index score value to operation code in weight index, The corresponding default weighted value of each weight index is obtained, the index between each index score value and corresponding default weighted value is calculated Product, if each index sum of products is in pre-set level score range, it is determined that pass through audit to operation code.It realizes It receives after operation code, will not be sent to production environment operation to operation code at once, but treat operation code progress Audit, if not passing through audit to operation code, forbids to be sent in production environment to operation code, to avoid peace will be present Being sent in production environment to operation code for full property problem, improves the safety of production environment, and improve production ring The safety of funds transaction in border.

Detailed description of the invention

Fig. 1 is the flow diagram of the auditing method first embodiment of operation of the present invention code；

Fig. 2 is the flow diagram of the auditing method 3rd embodiment of operation of the present invention code；

Fig. 3 is the flow diagram of the auditing method fourth embodiment of operation of the present invention code；

Fig. 4 is the functional schematic module map of the audit device preferred embodiment of operation of the present invention code；

Fig. 5 is the structural schematic diagram for the hardware running environment that the embodiment of the present invention is related to.

The embodiments will be further described with reference to the accompanying drawings for the realization, the function and the advantages of the object of the present invention.

Specific embodiment

It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, it is not intended to limit the present invention.

The present invention provides a kind of auditing method of operation code, and referring to Fig.1, Fig. 1 is the auditing party of operation of the present invention code The flow diagram of method first embodiment.

The embodiment of the invention provides the embodiments of the auditing method of operation code, it should be noted that although in process Logical order is shown in figure, but in some cases, it can be to be different from shown or described by sequence execution herein Step.

The auditing method of operation code is applied to the audit device of operation code.The audit device of operation code can be service Device or terminal, terminal may include such as mobile phone, tablet computer, laptop, palm PC, personal digital assistant Mobile terminals such as (Personal Digital Assistant, PDA), and number TV, desktop computer etc. are fixed eventually End.In each embodiment of the auditing method of operation code, for ease of description, omits executing subject and be illustrated each reality Apply example.The auditing method of operation code includes:

Step S10 calculates the index to operation code in weight index point when receiving after operation code Value, wherein described at least to correspond to two weight indexs to operation code.

It should be noted that technical staff is various in the terminal progress of the corresponding financial institution such as bank, security and fund In operating process, such as in publication new product, update existing procucts, acquisition data operating process, many needs can be encountered and examined Operation is advised in the conjunction of core.Specifically, technical staff is executed in financial institution's counterpart terminal in various operating process, is all to pass through hair Cloth it is some can operation code realize.Therefore, receive technical staff publication after operation code, calculate generation to be operated Index score value of the code in preset weight index.It in embodiments of the present invention, include two types to operation code, one is Script to be operated, one is to operation version.Script to be operated and language of writing to operation version can be identical, can also not Together, script such as to be operated can be write with Python, can be write with Java language to operation version, script to be operated Major function may be configured as extracting data and modify data, and the major function to operation version may be configured as updating financial institution's life At code release existing in environment.The weight index at least two to operation code is evaluated, in embodiments of the present invention, power Weight index include but is not limited to produce O&M index, algorithm Walkthrough index, database manipulation index, business operation close rule index and Code compares index.

Further, receiving after operation code, obtain with to the corresponding parameter to be configured of operation code.Wherein, Technical staff of the parameter to be configured by publication to operation code fills in the audit device of operation code according to specific needs , parameter to be configured includes but is not limited to the examination & approval authorized to the corresponding production environment of operation code, routing, database, needs Node, risk point, relating dot, modifying point and publication user information.Production environment is is run after operation code is by audit Environment；Routing is i.e. to the operation code required routing being arranged in production environment；Database is to produce to operation code The database to be connected in environment operational process；The approval node for needing to authorize is to treat operation code to carry out audit process In；Have permission the approval node authorized to operation code operation permission；Risk point is to which there are risk, Huo Zherong in operation code The code region of easy occurrence risk；Relating dot is to wait for the associated other codes of operation code with this, if some complete fund is handed over It is easily operating process are as follows: A → B → C, if current is to update the corresponding code of B to operation code, relating dot is that A is corresponding Code and the corresponding code of C；Modifying point is the place modified to operation code relative to history codes, which is wait grasp Make the code of the last update of code, such as exists respectively to the corresponding source code of operation code (code generated for the first time) On April 1st, 2019, on April 10th, 2019 and on April 18th, 2019 are updated primary, are April 20 in 2019 to operation code It number receives, then history codes are updated source code on April 18 in 2019, it is to be understood that are only being updated In the case where existing code, can just there be modifying point to operation code, if to operation code should be the generation for realizing a new function Code is then that there is no modifying points to operation code；The information of publication user is to issue the surname of the technical staff for waiting for operation code Name, position and place company etc..By first obtaining to the corresponding parameter to be configured of operation code, operation is carried out to operation code Preparation can be published to immediately in corresponding production environment and run, improve wait operate after operation code is by audit The operational efficiency of code.

Further, when the weight index is production O&M index, step S10 includes:

Step a obtains the corresponding production O&M audit regulation collection of production O&M index when receiving after operation code, And calculate the first regular quantity that the production O&M audit regulation is concentrated.

Specifically, it when weight index is production O&M index, is receiving after operation code, is obtaining production O&M and refer to Corresponding production O&M audit regulation collection is marked, and calculates the quantity of production O&M audit regulation centralized production O&M audit regulation, The quantity for producing O&M audit regulation centralized production O&M audit regulation is denoted as the first regular quantity.Such as in production O&M audit Production O&M audit regulation in rule set can are as follows: 1. forbids to occur " rm-rf* " instruction in operation code, which is batch Amount deletes instruction, in the case that " rm-rf* " instruction is in root, will lead to the system crash where operation code；② Forbid to occur in operation code ": {: |: & }；: " instruction, which, which passes through, defines ': ' function, and repetition is called itself, be will lead to It is collapsed to the system where operation code；3. forbidding to " mv.txt/.sh/.py/dev/null " occur in operation code Instruction, the instruction can all rename the file under destination path as sky, cause be to system where operation code The other mistake of irrespective of size；4. forbid to occur " dd if=/dev/random of=/dev/sda " order in operation code, this Random garbage files can be written to block device sda to clash data in order, allow and are easily trapped into system where operation code Chaotic and expendable state；5. forbidding to occur " ' > ' " instruction in operation code, which can produce redirection rule, If saving in production using ' > ' Lai Jinhang data, need to carry out source file very rigorous examination, otherwise once by ' > ' weight After oriented cover, the data that will lead to system level can not be restored.

Step b is calculated and is concentrated in the production O&M audit regulation, is examined with described to the matched production O&M of operation code Count the Second Rule quantity of rule.

It, will be to the production of operation code and production O&M audit regulation concentration after getting production O&M audit regulation collection O&M audit regulation compares, and to determine that production O&M audit regulation is concentrated, examines with to the matched production O&M of operation code Meter rule.If being instructed to there is " rm-rf* " in operation code, it is determined that operation code and production O&M audit regulation collection In first production O&M audit regulation matching.When determining production O&M audit regulation concentration, matched with to operation code Production O&M audit regulation after, calculate production O&M audit regulation and concentrate, and it is careful to the matched production O&M of operation code institute The quantity of rule is counted, and production O&M audit regulation is concentrated, and produces O&M audit regulation to operation code institute is matched Quantity is denoted as Second Rule quantity.

Step c is being produced according to described in the described first regular quantity and Second Rule quantity calculating to operation code Production O&M index score value in O&M index.

After determining the first regular quantity and Second Rule quantity, the corresponding rule of each item production O&M audit regulation is determined For ease of calculation, the preset rules total score for producing O&M audit regulation collection is all arranged in embodiments of the present invention for score value It is 100.Specifically, it is determined that the process that each item produces the corresponding regular score value of O&M audit regulation can are as follows: by preset rules total score Value obtains the corresponding rule point of each item production O&M audit regulation divided by the first regular quantity of production O&M audit regulation collection Value, if the first regular quantity of production O&M audit regulation collection is 20, then each item produces the regular score value of O&M audit regulation Are as follows: 100 ÷ 20=5.It should be noted that in other embodiments, can be preset and quite produce O&M audit regulation concentration respectively Item produces the corresponding regular score value of O&M audit regulation, at this point, the corresponding regular score value of production O&M audit regulation collection is set as At least two score values can wherein will then be examined 2 production O&Ms if the first regular quantity of production O&M audit regulation collection is 10 The regular score value of meter rule is respectively set to a, and in addition the regular score value of 3 production O&M audit regulations is respectively set to b, remaining The regular score value of 5 production O&M audit regulations is respectively c, makes 2 × a+3 × b+5 × c=100.

After determining the corresponding regular score value of each item production O&M audit regulation, Second Rule quantity and regular score value are calculated Product, obtain the first matching rule score value, preset rules total score then subtracted into the first matching rule score value, obtain to Production O&M index score value of the operation code in production O&M index.It is such as concentrated in production O&M audit regulation, each production The regular score value of O&M audit regulation is 5, and Second Rule quantity is 6, then is to the production O&M index score value of operation code 100-5 × 6=70.

It should be noted that if production O&M audit regulation concentrates the regular score value of each item production O&M audit regulation different Sample will be to the matched production O&M of operation code institute then after determining the corresponding regular score value of each item production O&M audit regulation The corresponding regular score value of audit regulation is added, and obtains the first matching rule score value.

Further, however, it is determined that production O&M index score value then can determine generation to be operated less than the first pre-set level score value Code does not pass through audit；If it is determined that production O&M index score value is more than or equal to the first pre-set level score value, then can determine wait grasp Pass through audit as code, wherein the first pre-set level score value is arranged according to specific needs, such as may be configured as 50 points, 58 points Or 60 points etc..

Further, when the weight index is algorithm Walkthrough index, step S10 further include:

Step d, when receiving after operation code, the corresponding each code security rule set of acquisition algorithm Walkthrough index.

When weight index is algorithm Walkthrough index, the corresponding each code security rule set of acquisition algorithm Walkthrough index, Each code security rule is concentrated at least one code security rule, and each code security rule set realizes different functions, For determining whether meet compliance to operation code.Specifically, in embodiments of the present invention, code security rule set include but It is not limited to code logic rule set, variable uses rule set, parameter setting rule set and security control rule set, code logic rule Then collect and whether meet set code logic mainly for detection of the logic to operation code, variable uses rule set is mainly used Whether meet set requirement to the variable uses in operation code in detection, parameter setting rule set mainly for detection of to Whether the setting of parameters is correct in operation code, and whether security control rule set meets mainly for detection of to operation code Set safety regulation.

Step e is compared described to operation code and each code security rule set, resulting according to comparing Comparing result determines the regular score to operation code in each code security rule set.

It will compare, be determined in each code security rule set to operation code and each code security rule set, with To the matched object code safety regulation of operation code, comparing result is obtained.It is understood that comparing result is exactly target generation Code safety regulation.Obtain the corresponding code security rule score value of each object code safety regulation, wherein in each code security The corresponding code security rule score value of each code security rule, each code security rule set have been pre-set in rule set Code security rule total score be 100 points.Concentrate each object code safety regulation corresponding identical code safety regulation Code security rule score value is added, and obtains the second matching rule score value, and code security rule total score is subtracted the second matching rule Then score value, correspondence obtain the regular score to operation code in each code security rule set.

Step f obtains the corresponding regular weight of each code security rule set, and calculates each regular score and corresponding rule The then regular product of weight, to obtain the algorithm Walkthrough index score value to operation code in the algorithm Walkthrough index.

Obtain the corresponding regular weight of each security code rule set, and by each regular score and rule of correspondence weight phase Multiply, obtain corresponding regular product, resulting each regular product addition is obtained to operation code in algorithm Walkthrough index Algorithm Walkthrough index score value.It should be noted that the corresponding regular weight of each security code rule set can be according to specific need It wants and is arranged, the sum of corresponding regular weight of each security code rule set is equal to 1.Such as the regular weight of code logic rule set For f, the regular weight of variable uses rule set is k, and the regular weight of parameter setting rule set is l, security control rule set Regular weight is u, then f+k+l+u=1.

If it is 80, f=0.3 that the regular score to operation code in code logic rule set, which is calculated, then correspond to Regular product are as follows: 80 × 0.3；It is if being 90, k=0.2 to regular score of the operation code in variable uses rule set, then right The regular product answered are as follows: 90 × 0.2；If being 100, l=0.1 to regular score of the operation code in parameter setting rule set, Then corresponding regular product are as follows: 100 × 0.1；If being 70, u=to regular score of the operation code in security control rule set 0.4, then corresponding regular product are as follows: 70 × 0.4；At this time to algorithm Walkthrough index score value=80 × 0.3+90 of operation code × 0.2+100 × 0.1+70 × 0.4=80.

Further, after algorithm Walkthrough index score value is calculated, judge whether algorithm Walkthrough index score value is less than pair The the second pre-set level score value answered, however, it is determined that algorithm Walkthrough index score value then can determine less than the second pre-set level score value wait grasp Make code and does not pass through audit；If it is determined that algorithm Walkthrough index score value is more than or equal to the second pre-set level score value, then can determine Pass through audit to operation code, wherein the second pre-set level score value can be equal with the first preset rules score value, can also be with first in advance If regular score value is unequal.

Further, when the weight index is that code compares index, step S10 further include:

Step g, when receiving after operation code, acquisition is described to the corresponding history codes of operation code, and calculates institute It states to the dispersion degree value between operation code and the history codes.

When weight index is that code compares index, is receiving after operation code, obtaining corresponding to operation code History codes.After getting history codes, calculated using Nonlinear Quasi hop algorithm between operation code and history codes Dispersion degree value can specifically be obtained to the modifying point in operation code, and be obtained corresponding with the modifying point in history codes History codes point, discrete figure is then depicted according to modifying point and history codes point, is somebody's turn to do by Nonlinear Quasi hop algorithm The corresponding degree of fitting of discrete figure, wherein the degree of fitting is to the dispersion degree value between operation code and history codes.

Further, it in order to improve the audit efficiency to operation code, is receiving after operation code, is first detecting wait grasp Make code with the presence or absence of corresponding history codes, if corresponding history codes are not present to operation code, do not need to calculate to The code of operation code compares index score value；If to operation code, there are corresponding history codes, obtain to operation code pair The history codes answered.Specifically, in operation code, modifying point if it does not exist, it may be determined that there is no correspond to operation code History codes.It is understood that can also be determined by the version number to operation code to operation code with the presence or absence of pair The history codes answered can determine that there is no history generations to operation code if the version number to operation code is first version number Code；If can determine that there are history generations to operation code after the version number of operation code is the subsequent version of first version number Code.

Step h calculates the dispersion degree value and the default journey if the dispersion degree value is less than predeterminable level value Degree difference between angle value.

Step i determines the code ratio to operation code in code comparison index according to the degree difference To index score value.

After dispersion degree value is calculated, judge whether dispersion degree value is less than predeterminable level value, wherein predeterminable level Value is arranged according to specific needs, is not particularly limited in the present embodiment to predeterminable level value.If it is determined that dispersion degree value Less than predeterminable level value, then the degree difference between dispersion degree value and predeterminable level value is calculated, and determine according to degree difference The code in index, which is compared, in institute's code to operation code compares index score value.Specifically, pre-set degree difference with Code compares the mapping relations between index score value, therefore, according to degree difference, can determine wait operate by the mapping relations Code compares the code in index in code and compares index score value.In mapping relations, may be configured as when degree difference (0, A] When, it is 100 points that corresponding code, which compares index score value,；(A, B] when, it is 90 points that corresponding code, which compares index score value,；(B, C] when, it is 80 points that corresponding code, which compares index score value,；(C, D] when, it is 70 points that corresponding code, which compares index score value,；? (D, E] when, it is 60 points that corresponding code, which compares index score value,；When being greater than E, it is zero that corresponding code, which compares index score value, That is the index score value of code comparison at this time shows to pass through audit to operation code, wherein 0 < A < B < C < D < E.

Further, if dispersion degree is more than or equal to predeterminable level value, it is determined that do not pass through audit to operation code.

Further, when the weight index is database manipulation index, step S10 further include:

Step j, when receiving after operation code, described in detection in the process of running to operation code, if there are non- The operation of method connection database.

Step k, if it is described to operation code in the process of running, not there is no the operation of illegal connection database, then obtain The private data collection of the database manipulation index.

It when weight index is database manipulation index, is receiving after operation code, detection is being transported to operation code During row, if there are the operations of illegal connection database.Specifically, if detecting to operation code in the process of running, In the presence of the operation for using clear-text passwords connection database, it is determined that there are illegal connection data in the process of running to operation code The operation in library；If detecting to operation code, in the process of running, there is no the operations for using clear-text passwords connection database, then Determine the operation that illegal connection database is not present in the process of running to operation code.If it is determined that being run to operation code , there is no the operation of illegal connection database in Cheng Zhong, then the corresponding private data collection of database manipulation index is obtained, in the present invention In embodiment, database manipulation index has one's own private data collection, concentrates in private data, is stored with private data, Private data can be the personal information such as name, phone and the age of financial institution employee and employee family members.

Further, however, it is determined that in the process of running to operation code, there are the operations of illegal connection database, it is determined that Audit is not passed through to operation code.

Step l determines that each private data is concentrated, with described to the matched target private data of operation code, and obtains The corresponding private data score value of the target private data.

After getting private data collection, determine that each private data is concentrated, and to the matched target privacy of operation code Data, and obtain the corresponding private data score value of each target private data.In the present embodiment, it can be concentrated for private data Corresponding privacy score value is arranged in each private data, i.e., each target private data is all provided with corresponding privacy score value, each The total score of private data collection is 100 points, at this point, the corresponding private data score value of target private data is each target privacy number According to the sum of corresponding privacy score value；Personal information to occur an employee and its employee family members in operation code can also be denoted as All there is corresponding violation score in violation operation, each violation operation, then according to violation operation number and it is corresponding disobey The corresponding private data score value of target private data is calculated in rule score, will such as carry out to operation code and private data collection pair Than determining to occur personal information relevant to 5 employees in operation code, therefore, to the corresponding violation behaviour of operation code Making number is 5 times, and the corresponding violation score of each violation operation is 5 points, then the corresponding private data score value of target private data Are as follows: 5 × 5=25.

Step m calculates the operation to operation code in database manipulation index according to the private data score value Index score value.

After getting the corresponding private data score value of target private data, according to the corresponding privacy number of target private data The operational order score value to operation code in database manipulation index is calculated according to score value.Specifically, if by operation index score value Full marks be set as 100 points, then operation index score value are as follows: 100- private data score value, i.e. operation index score value are operation index The full marks of score value subtract private data score value.

Further, after operation index score value is calculated, judge whether operation index score value is less than the default finger of third Mark score value, however, it is determined that operation index score value is less than third pre-set level score value, then can determine and do not pass through audit to operation code；If It determines that operation index score value is more than or equal to third pre-set level score value, then can determine and pass through audit to operation code, wherein Third pre-set level score value can be equal with the first preset rules score value, can also be unequal with the first preset rules score value.

Further, when the weight index is that business operation closes rule index, step S10 further include:

Step n obtains business operation and closes the corresponding business conjunction rule rule of rule index when receiving after operation code, and It determines that the business is closed in rule rule, closes rule rule to the matched target service of operation code with described.

When weight index is that business operation closes rule index, is receiving after operation code, obtaining business operation and close rule The corresponding business of index closes rule rule, and closes in rule rule in business, determines and closes rule rule to the matched target service of operation code Then.Wherein, at least there is a business conjunction rule rule in business operation conjunction rule index, and the regular particular content of business conjunction rule can basis Need and be arranged, as business close rule rule may be configured as: occur related service rule and promote marketing method violate silver protect prison Financial product business processing method；The business of user and account information Authorization class closes rule operation；The control of related service capital scale； Product and business processing people's correlation check power of examination and approval control etc..Specifically, if being advised to be closed in operation code there are some business Forbid Database field value or certain global variables for forbidding occurring occur in rule, it is determined that operation code and the industry Rule rule match is closed in business.

Step o obtains each target service and closes the corresponding conjunction rule score value of rule rule, and obtains to close and advise default score value.

It obtains each target service and closes the corresponding conjunction rule score value of rule rule, and obtain to close and advise default score value, in this implementation In example, closing rule, default score value is identical is set as 100 points.Since each business is closed, rule Rule content is different, and corresponding close is advised Score value is different, such as closes in rule rule in A business, may be configured as every appearance and once forbids the field value occurred, corresponding conjunction rule Score value is 5 points, and the global variable occurred is once forbidden in every appearance, and corresponding conjunction rule score value is 3 points, if the numerical value occurred in code Maximum value set in rule rule is closed greater than business, corresponding conjunction rule score value is 5 points.

The default score value of conjunction rule is subtracted each target service and closes the corresponding conjunction rule score value of rule rule, obtains institute by step p It states and closes the conjunction rule index score value advised in index in the business operation to operation code.

After getting the corresponding conjunction rule score value of each target service rule, the default score value of rule will be closed and subtract each target industry Business closes the corresponding each conjunction of rule rule and advises score value, obtains closing the conjunction rule index point in rule index in business operation to operation code Value.Such as be 3 to the matched target service rule of operation code, it is respectively 5 points, 3 points and 5 that score value is advised in every corresponding conjunctions Point, then close index score value=100-5-3-5=87 points of rule.

Further, after conjunction rule index score value is calculated, judge to close whether rule index score value is less than the corresponding 4th Pre-set level score value, however, it is determined that close rule index score value less than the 4th pre-set level score value, then can determine and do not pass through to operation code Audit；If it is determined that closing rule index score value is more than or equal to the 4th pre-set level score value, then can determine to operation code by examining Meter, wherein the 4th pre-set level score value can be equal with the first preset rules score value, can also be with the first preset rules score value not phase Deng.

Step S20 obtains the corresponding default weighted value of each weight index, calculates each index score value and corresponding institute State the index product between default weighted value.

Obtain the corresponding default weighted value of each weight index, wherein the corresponding default weighted value of each weight index can It is set as desired, the present embodiment default weighted value corresponding to each weight index is not particularly limited.It can will such as produce The default weighted value of O&M index is set as 0.2, sets 0.1 for the default weighted value of algorithm Walkthrough index, code is compared The default weighted value of index is set as 0.3, sets 0.3 for the default weighted value of database manipulation index, business operation is closed The default weighted value of rule index is set as 0.1.After getting each weight index corresponding default weighted value, each finger is calculated The product between score value and corresponding default weighted value is marked, the product between each index score value and corresponding default weighted value is denoted as Index product.

Further, the auditing method of the operation code further include:

Step q determines the corresponding approval node of the weight index, obtains each approval node in each weight index Default score value.

It determines the corresponding approval node of weight index, and obtains default point of each approval node in each weight index Value.It should be noted that requirement of each approval node for each weight index be it is different, default score value is according to each Requirement of the approval node to weight index is arranged, during each approval node corresponding default score value is arranged, it is desirable that For each approval node, the sum of default score value of each weight index is corresponded to equal to fixed value, the fixed value is settable It is 100, or is set as 1 etc..Such as producing O&M index, relative to business approval node, exploitation approval node and safety Approval node, O&M approval node have higher requirement, and therefore, the corresponding default score value of O&M approval node is than other examination & approval Node wants high；Rule index such as is closed for business operation, relative to O&M approval node, exploitation approval node and safety examination & approval section Point, business approval node have higher requirement, and therefore, the corresponding default score value of business approval node is than other approval nodes It is high.

In order to make it easy to understand, being illustrated by taking the relation table between weight index and default score value as an example below, it is below By taking fixed value is 100 as an example.

In above table, production O&M index is indicated with x, indicates algorithm Walkthrough index with y, indicate that code compares with z Index indicates that business operation closes rule index with h with g identification database operation index, in production O&M index, O&M examination & approval The corresponding default score value of node is 30 points, and the corresponding default score value of business approval node is 10 points, and exploitation approval node is corresponding Default score value is 20 points, and the corresponding default score value of safe approval node is 20 points, compares index in algorithm Walkthrough index and code In, the default score value of O&M approval node is 10 points, and in database manipulation index, the default score value of O&M approval node is 30 Point, it being closed in rule index in business operation, the default score value of O&M approval node is 20 points, therefore, and in each weight index, fortune The corresponding default total score=30+10+10+30+20=100 of approval node is tieed up, i.e., for O&M approval node, is corresponded to each The sum of default score value of weight index is equal to fixed value.

Step w, according to the corresponding default weighted value for calculating each weight index of the corresponding default score value of each weight index.

After getting each weight index corresponding default score value, it is each default point corresponding to calculate same weight index The sum of value, obtains pre-set level score value, by pre-set level score value divided by the quantity of approval node, obtains the pre- of respective weights index If weighted value, to obtain the default weighted value of each weight index.As code compares default weighted value=(10+15+ of index 25+10) 4 ÷ 100=0.15 of ÷.It should be noted that being needed during calculating default weighted value when fixed value is 100 Divided by 100, default weighted value is converted into the numerical value less than 1, in order to calculate.It is understood that calculating default power It can not also only need to adjust the corresponding upper limit value of pre-set level score range and lower limit value at this time divided by 100 during weight values , to guarantee it can be concluded that whether passing through the result of audit to operation code.

Step S30, if each index sum of products is not in pre-set level score range, it is determined that described to operation code Not by audit, and forbid being sent to described in preset production environment to operation code.

After obtaining index product, the index sum of products is denoted as index total score, and judged by the parameter sum of products Whether index total score is in pre-set level score range.If index total score does not divide in range in pre-set level score value, really It is fixed not pass through audit to operation code, forbid to be sent to operation code in preset production environment and run, wherein produces ring Border is to pre-set, and runs the production environment to operation code；If index total score is in pre-set level score range, really It is fixed to pass through audit to operation code.

With continued reference to above table, if indicating index total score with s, s=x × 0.2+y × 0.175+z × 0.15+g × 0.3+h×0.175.Wherein, pre-set level score range is arranged according to specific needs, can such as incite somebody to action (85,100] it is set as pre- If index score value, i.e., when index total score is greater than 85 timesharing, it may be determined that pass through audit to operation code；When index total score is less than Or when being equal to 85, determination does not pass through audit to operation code.Further, it is corresponding that each index grade of setting can also be preset Score range, can such as set the score range of A index grade to (80,100], the score range of B index grade is set as (60,80], the score range of C index grade be set as (40,60], the score range of D index grade be set as (0,40].When true When determining index total score and belonging to A index grade, determines and pass through audit to operation code；When determining that index total score is B index etc. When grade, C index grade and D index grade, determination does not pass through audit to operation code.

Further, however, it is determined that operation code by audit, then life is determined according to the parameter to be configured to operation code Environment is produced, will be sent in identified production environment and run to operation code.Specifically, if identified production environment Subject to production environment, then after operation code quasi- production environment operation after, obtaining operation result, only operation result meets out When the expection of hair personnel, operation maintenance personnel and business personnel, it can just be run final production environment is sent to operation code.It can With understanding, expectation index is can be set in developer, operation maintenance personnel and business personnel, when the data in operation result reach When expectation index, that is, it can determine that operation result meets the expection of counterpart personnel.

The present embodiment passes through the index point calculated when receiving after operation code to operation code in weight index Value, obtains the corresponding default weighted value of each weight index, calculates between each index score value and corresponding default weighted value Index product, if each index sum of products is in pre-set level score range, it is determined that pass through audit to operation code.It realizes It is receiving after operation code, will not be sent to production environment operation to operation code at once, but treat operation code It audits, if not passing through audit to operation code, forbids to be sent to operation code in production environment, to avoid that will deposit In being sent in production environment to operation code for safety issue, the safety of production environment is improved, and improves life Produce the safety of funds transaction in environment.

Further, the auditing method second embodiment of operation of the present invention code is proposed.

The auditing method first embodiment of the auditing method second embodiment and operation code of the operation code Difference is that step S10 includes:

Step y, when receiving after operation code, the default approval node of acquisition is authorized described to operation code operation permission Authorization result.

When receiving after operation code, obtains default approval node and authorize the authorization knot for running permission to operation code Fruit.Specifically, it can will receive and be sent to the corresponding examination & approval terminal of each approval node to operation code, when examination & approval terminal receives To after operation code, output prompt information prompts whether corresponding approving person's audit authorizes to operation code in production environment The operation permission of middle operation.Wherein, approving person decides whether to authorize to operation code in production environment according to specific needs The operation permission of middle operation.Decide whether to authorize to operation code operation permission when audit terminal receives corresponding approving person After authorizing instruction, returns to this and authorize instruction.Instruction is authorized when receiving this, instruction is authorized according to this and corresponding authorizes mark Determine whether each approval node authorizes the Authorization result to operation code operation permission.Specifically, permission is identified as when authorizing When operation mark, show that the approval node authorizes the operation permission run in production environment to operation code；It is identified when authorizing When to forbid operation to identify, show that the approval node does not authorize the operation permission run in production environment to operation code.? In the present embodiment, not limiting allows to run the form of expression for identifying and operation being forbidden to identify.In authorizing instruction, node is carried Mark, can determine that this authorizes index by node identification is that the corresponding examination & approval terminal of which approval node is sent.

Step z authorizes the approval node quantity to operation code operation permission if determining according to the Authorization result More than or equal to default number of nodes, then the index score value to operation code in weight index is calculated.

If after getting Authorization result, calculating in Authorization result and authorizing the operation run in production environment to operation code The approval node quantity of permission, that is, calculating institute, received to authorize in instruction how many authorizes instruction be to carry to allow to run to identify 's.It is more than or equal to default number of nodes to the approval node quantity of operation code operation permission if it is determined that authorizing, then calculates To index score value of the operation code in weight index.Wherein, default number of nodes can be determined according to the quantity of approval node, The quantity of approval node is more, and default number of nodes is bigger, such as when there are 4 approval nodes, can set default number of nodes It is set to 3；When there are 8 approval nodes, 6 can be set by default number of nodes.Further, however, it is determined that authorize generation to be operated The approval node quantity of code operation permission is less than default number of nodes, it is determined that does not pass through audit to operation code.

The present embodiment obtains default approval node and authorizes to operation code operation power by receiving after operation code The Authorization result of limit is greater than or waits to the approval node quantity of operation code operation permission being determined to authorize according to Authorization result When default number of nodes, the index score value to operation code in weight index is just calculated, avoids and is authorizing generation to be operated When the approval node quantity of code operation permission is less than default number of nodes, the index to operation code in weight index is also calculated Score value simplifies the audit process audited to operation code.

Further, the auditing method 3rd embodiment of operation of the present invention code is proposed.

The auditing method 3rd embodiment of the operation code and the auditing method first or second of the operation code are real The difference for applying example is, referring to Fig. 2, the auditing method of operation code further include:

Step S40 generates the security audit to operation code and reports.

When determining after operation code does not pass through audit, it will be returned to operation code to operation code counterpart terminal, and It generates and is reported to the security audit of operation code, wherein to operation code counterpart terminal be the technology people write to operation code Member's used terminal.It include matched to the matched production O&M audit regulation of operation code institute, institute in security audit report Code security rule, the operation to dispersion degree value, illegal connection database between operation code and history codes and institute The data such as the target private data matched.

Step S50, security audit report is sent to it is described in the corresponding terminal of operation code, for the end End is after receiving the security audit report, to the corresponding technical staff of operation code according to the security audit described in prompt Report modification is described to operation code.

After generating security audit report, security audit report is sent to the corresponding terminal of operation code, for Operation code counterpart terminal is after receiving security audit report, according to security audit report prompt to the corresponding skill of operation code Art personnel, the place to need to modify in operation code, in order to modify generation to be operated to the corresponding technical staff of operation code Code.

Further, after generating security audit report, the corresponding modification side of each data in security audit report is obtained Case sends jointly to the modification and security audit report to the corresponding terminal of operation code, in order to technical staff's root It quickly modifies according to the modification to operation code.In embodiments of the present invention, it is corresponding to be previously stored with each weight index Modification is such as stored in advance each item production O&M audit regulation and corresponds to modification, and each code security rule is corresponding to repair Change scheme etc..

The present embodiment generates the security audit report to operation code by determining after operation code does not pass through audit It accuses, security audit report is sent to in the corresponding terminal of operation code, so that terminal is after receiving security audit report, Prompt is modified according to security audit report to operation code, in order to operation code pair to the corresponding technical staff of operation code The technical staff answered quickly determines the place for needing to modify to operation code.

Further, the auditing method fourth embodiment of operation of the present invention code is proposed.

The auditing method fourth embodiment of the operation code and the auditing method the first, second or the of the operation code The difference of three embodiments is, referring to Fig. 3, the auditing method of operation code further include:

Step S60, if each index sum of products is in pre-set level score range, it is determined that described logical to operation code Audit is crossed, then configures corresponding operation ginseng to operation code to be described to the corresponding parameter to be configured of operation code according to described Number, it is described to operation code after obtaining configuration operating parameter.

Step S70, will after configuration operating parameter described in be sent in preset production environment and run to operation code.

When determining that each index sum of products is in pre-set level score range, determine to operation code by auditing, It obtains to the corresponding parameter to be configured of operation code, and according to the parameter to be configured, to configure corresponding operation to operation code Parameter, after obtaining configuration operating parameter to operation code, such as configuration needed for operation code operational process to route and institute The database etc. that need to be connected.When obtain configuration operating parameter after after operation code, by configure operating parameter after wait operate Code is sent in preset production environment and runs, which can determine according to parameter to be configured.

The present embodiment is by determining after operation code is by audit, according to the corresponding ginseng to be configured of operation code Number, to configure corresponding operating parameter to operation code, and being sent to after configuration operating parameter to operation code is preset It runs, is avoided before whether determination passes through audit to operation code in production environment, to configure operation ginseng to operation code Number simplifies the audit process audited to operation code.

In addition, the present invention also provides a kind of audit device of operation code, the audit of the operation code fills referring to Fig. 4 It sets and includes:

Computing module 10, for when receiving after operation code, calculate it is described to operation code in weight index Index score value, wherein described at least to correspond to two weight indexs to operation code；

Module 20 is obtained, for obtaining the corresponding default weighted value of each weight index；

The computing module 10 is also used to calculate the finger between each index score value and the corresponding default weighted value Scalar multiplication product；

Determining module 30, if for each index sum of products not in pre-set level score range, it is determined that it is described to Operation code does not pass through audit；

Disabled module 40 is sent to described in preset production environment to operation code for forbidding.

Further, when the weight index is production O&M index, the computing module 10 includes:

First acquisition unit, for when receiving after operation code, obtaining the corresponding production O&M of production O&M index Audit regulation collection；

First computing unit, the first regular quantity concentrated for calculating the production O&M audit regulation；It calculates in institute It states production O&M audit regulation to concentrate, with the Second Rule quantity to the matched production O&M audit regulation of operation code； The life to operation code in production O&M index is calculated according to the described first regular quantity and the Second Rule quantity Produce O&M index score value.

Further, when the weight index is algorithm Walkthrough index, the computing module 10 further include:

Second acquisition unit, for when receiving after operation code, the corresponding each code of acquisition algorithm Walkthrough index Safety regulation collection；

Comparison unit, for being compared described to operation code and each code security rule set；

First determination unit, for according to compare resulting comparing result determine it is described to operation code in each generation The regular score that code safety regulation is concentrated；

The second acquisition unit is also used to obtain the corresponding regular weight of each code security rule set；

Second computing unit, it is described to obtain for calculating the regular product of each regular score and rule of correspondence weight To algorithm Walkthrough index score value of the operation code in the algorithm Walkthrough index.

Further, when the weight index is that code compares index, the computing module 10 includes:

Third acquiring unit, it is described to operation code corresponding history generation for obtaining when receiving after operation code Code；

Third computing unit, it is described to the dispersion degree value between operation code and the history codes for calculating；If The dispersion degree value is less than predeterminable level value, then the degree calculated between the dispersion degree value and the predeterminable level value is poor Value；

Second determination unit, for comparing index in the code to operation code according to degree difference determination is described In code compare index score value.

Further, when the weight index is database manipulation index, the computing module 10 includes:

Detection unit, for when receiving after operation code, detection it is described to operation code in the process of running, if There are the operations of illegal connection database；

4th acquiring unit, if for it is described to operation code in the process of running, not there is no illegal connection database Operation, then obtain the private data collection of the database manipulation index；

Third determination unit, for determining that the private data is concentrated, with described to the matched target privacy of operation code Data；

4th acquiring unit is also used to obtain the corresponding private data score value of the target private data；

4th computing unit, for referring to operation code in database manipulation according to private data score value calculating is described Operation index score value in mark.

Further, when the weight index is that business operation closes rule index, the computing module 10 includes:

5th acquiring unit closes the corresponding business of rule index for when receiving after operation code, obtaining business operation Close rule rule；

4th determination unit, for determining that the business is closed in rule rule, with described to the matched target industry of operation code Rule rule is closed in business；

5th acquiring unit is also used to obtain each article of target service and closes the corresponding conjunction rule score value of rule rule, and obtains It closes and advises default score value；

5th computing unit closes the corresponding conjunction rule of rule rule for the default score value of conjunction rule to be subtracted each target service Score value obtains the conjunction rule index score value closed to operation code in the business operation in rule index.

Further, the determining module 30 is also used to determine the corresponding approval node of the weight index；

The acquisition module 20 is also used to obtain default score value of each approval node in each weight index；

The computing module 10 is also used to be referred to according to the corresponding each weight of calculating of the corresponding default score value of each weight index Target presets weighted value.

Further, the computing module 10 further include:

6th acquiring unit, for when receiving after operation code, the default approval node of acquisition to be authorized described wait operate The Authorization result of code operation permission；

6th computing unit, if authorizing the examining to operation code operation permission for determining according to the Authorization result It criticizes number of nodes and is more than or equal to default number of nodes, then calculate the index to operation code in weight index and divide Value.

Further, the audit device of the operation code further include:

Generation module is reported for generating the security audit to operation code；

First sending module, it is described in the corresponding terminal of operation code for security audit report to be sent to, So that the terminal is after receiving the security audit report, to the corresponding technical staff of operation code according to institute described in prompt It is described to operation code to state security audit report modification.

Further, if the determining module 30 is also used to each index sum of products in pre-set level score range, Pass through audit to operation code described in then determining；

The audit device of the operation code further include:

Configuration module, for, to the corresponding parameter to be configured of operation code, being configured to be described to operation code according to described Corresponding operating parameter, it is described to operation code after obtaining configuration operating parameter；

Second sending module, for being sent to preset production environment to operation code described in configuring after operating parameter Middle operation.

It should be noted that the auditing method of each embodiment of the audit device of operation code and aforesaid operations code Each embodiment is essentially identical, and in this not go into detail.

In addition, the present invention also provides a kind of audit devices of operation code.As shown in figure 5, Fig. 5 is embodiment of the present invention side The structural schematic diagram for the hardware running environment that case is related to.

It should be noted that Fig. 5 can be the structural schematic diagram of the hardware running environment of the audit device of operation code.This The audit device of inventive embodiments operation code can be PC, the terminal devices such as portable computer.

As shown in figure 5, the audit device of the operation code may include: processor 1001, such as CPU, memory 1005, User interface 1003, network interface 1004, communication bus 1002.Wherein, communication bus 1002 is for realizing between these components Connection communication.User interface 1003 may include display screen (Display), input unit such as keyboard (Keyboard), can Selecting user interface 1003 can also include standard wireline interface and wireless interface.Network interface 1004 optionally may include mark Wireline interface, the wireless interface (such as WI-FI interface) of standard.Memory 1005 can be high speed RAM memory, be also possible to stablize Memory (non-volatile memory), such as magnetic disk storage.Memory 1005 optionally can also be independently of preceding State the storage device of processor 1001.

Optionally, the audit device of operation code can also include camera, RF (Radio Frequency, radio frequency) electricity Road, sensor, voicefrequency circuit, WiFi module etc..

It will be understood by those skilled in the art that the audit device structure of operation code shown in Fig. 5 is not constituted to behaviour The restriction for making the audit device of code may include perhaps combining certain components or not than illustrating more or fewer components Same component layout.

As shown in figure 5, as may include that operating system, network are logical in a kind of memory 1005 of computer storage medium Believe the auditing procedure of module, Subscriber Interface Module SIM and operation code.Wherein, operating system manages and controls operation code The program of audit device hardware and software resource supports the auditing procedure of operation code and the operation of other softwares or program.

In the audit device of operation code shown in Fig. 5, user interface 1003 is mainly used for connecting client (user End), data communication is carried out with client；Network interface 1004 is mainly used for connecting background server, carries out with background server Data communication；Processor 1001 can be used for calling the auditing procedure of the operation code stored in memory 1005, and execute such as The step of auditing method of the upper operation code.

The audit device specific embodiment of operation of the present invention code and each embodiment of auditing method of aforesaid operations code Essentially identical, details are not described herein.

In addition, the embodiment of the present invention also proposes a kind of computer readable storage medium, the computer readable storage medium On be stored with the auditing procedure of operation code, realized when the auditing procedure of the operation code is executed by processor as described above The step of auditing method of operation code.

Each embodiment of auditing method of computer readable storage medium specific embodiment of the present invention and aforesaid operations code Essentially identical, details are not described herein.

It should be noted that, in this document, the terms "include", "comprise" or its any other variant are intended to non-row His property includes, so that the process, method, article or the device that include a series of elements not only include those elements, and And further include other elements that are not explicitly listed, or further include for this process, method, article or device institute it is intrinsic Element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that including being somebody's turn to do There is also other identical elements in the process, method of element, article or device.

The serial number of the above embodiments of the invention is only for description, does not represent the advantages or disadvantages of the embodiments.

Through the above description of the embodiments, those skilled in the art can be understood that above-described embodiment side Method can be realized by means of software and necessary general hardware platform, naturally it is also possible to by hardware, but in many cases The former is more preferably embodiment.Based on this understanding, technical solution of the present invention substantially in other words does the prior art The part contributed out can be embodied in the form of software products, which is stored in a storage medium In (such as ROM/RAM, magnetic disk, CD), including some instructions are used so that a terminal device (can be mobile phone, computer, clothes Business device, air conditioner or the network equipment etc.) execute method described in each embodiment of the present invention.

The above is only a preferred embodiment of the present invention, is not intended to limit the scope of the invention, all to utilize this hair Equivalent structure or equivalent flow shift made by bright specification and accompanying drawing content is applied directly or indirectly in other relevant skills Art field, is included within the scope of the present invention.

Claims (18)

1. a kind of auditing method of operation code, which is characterized in that the auditing method of the operation code the following steps are included:

When receiving after operation code, calculate the index score value to operation code in weight index, wherein it is described to Operation code at least corresponds to two weight indexs；

The corresponding default weighted value of each weight index is obtained, each index score value and the corresponding default weighted value are calculated Between index product；

If each index sum of products is not in pre-set level score range, it is determined that it is described not pass through audit to operation code, And forbid being sent to described in preset production environment to operation code.

2. the auditing method of operation code as described in claim 1, which is characterized in that when the weight index is production O&M It is described when receiving after operation code when index, calculate the step of the index score value to operation code in weight index Suddenly include:

When receiving after operation code, the corresponding production O&M audit regulation collection of production O&M index is obtained, and described in calculating Produce the O&M audit regulation is concentrated first regular quantity；

It calculates and is concentrated in the production O&M audit regulation, produce the of O&M audit regulation to operation code is matched with described Two regular quantity；

According to the described first regular quantity and the Second Rule quantity calculate it is described to operation code in production O&M index Production O&M index score value.

3. the auditing method of operation code as described in claim 1, which is characterized in that when the weight index is algorithm Walkthrough It is described when receiving after operation code when index, calculate the step of the index score value to operation code in weight index Suddenly include:

When receiving after operation code, the corresponding each code security rule set of acquisition algorithm Walkthrough index；

It is compared described to operation code and each code security rule set, according to comparing, resulting comparing result is true The fixed regular score to operation code in each code security rule set；

The corresponding regular weight of each code security rule set is obtained, and calculates the rule of each regular score and rule of correspondence weight Then product, to obtain the algorithm Walkthrough index score value to operation code in the algorithm Walkthrough index.

4. the auditing method of operation code as described in claim 1, which is characterized in that when the weight index is code comparison It is described when receiving after operation code when index, calculate the step of the index score value to operation code in weight index Suddenly include:

When receiving after operation code, acquisition is described to the corresponding history codes of operation code, and calculates the generation to be operated Dispersion degree value between code and the history codes；

If the dispersion degree value is less than predeterminable level value, calculate between the dispersion degree value and the predeterminable level value Degree difference；

The code comparison index score value to operation code in code comparison index is determined according to the degree difference.

5. the auditing method of operation code as described in claim 1, which is characterized in that when the weight index is database behaviour It is described when receiving after operation code when making index, calculate the index score value to operation code in weight index Step includes:

When receiving after operation code, described in detection in the process of running to operation code, if there are illegal connection data The operation in library；

If it is described to operation code in the process of running, not there is no the operation of illegal connection database, then obtain the database The private data collection of operation index；

Determine that the private data is concentrated, with described to the matched target private data of operation code, and it is hidden to obtain the target The corresponding private data score value of private data；

The operation index score value to operation code in database manipulation index is calculated according to the private data score value.

6. the auditing method of operation code as described in claim 1, which is characterized in that when the weight index is business operation It is described when receiving after operation code when closing rule index, calculate the index score value to operation code in weight index The step of include:

When receiving after operation code, obtains business operation and close the corresponding business conjunction rule rule of rule index, and determine the industry Business is closed in rule rule, closes rule rule to the matched target service of operation code with described；

It obtains each target service and closes the corresponding conjunction rule score value of rule rule, and obtain to close and advise default score value；

Default score value is advised into the conjunction and subtracts the corresponding conjunction rule score value of each target service conjunction rule rule, obtains the generation to be operated Code closes the conjunction in rule index in the business operation and advises index score value.

7. the auditing method of operation code as described in claim 1, which is characterized in that each weight index of acquisition is corresponding Default weighted value the step of before, further includes:

It determines the corresponding approval node of the weight index, obtains default point of each approval node in each weight index Value；

According to the corresponding default weighted value for calculating each weight index of the corresponding default score value of each weight index.

8. the auditing method of operation code as described in claim 1, which is characterized in that described to receive to operation code Afterwards, the step of calculating the index score value to operation code in weight index include:

When receiving after operation code, obtains default approval node and authorize the authorization knot to operation code operation permission Fruit；

It is greater than or waits if is determined according to the Authorization result and authorizing the approval node quantity to operation code operation permission In default number of nodes, then the index score value to operation code in weight index is calculated.

9. the auditing method of operation code as claimed in any one of claims 1 to 8, which is characterized in that if each index The sum of products is not in pre-set level score range, it is determined that it is described not pass through audit to operation code, and forbid by it is described to Operation code is sent to after the step in preset production environment, further includes:

The security audit to operation code is generated to report；

Security audit report is sent to it is described in the corresponding terminal of operation code, so that the terminal is receiving After stating security audit report, described in prompt to the corresponding technical staff of operation code according to security audit report modification To operation code.

10. the auditing method of operation code as claimed in any one of claims 1 to 8, which is characterized in that described to obtain each power The corresponding default weighted value of weight index calculates the index product between each index score value and the corresponding default weighted value The step of after, further includes:

If each index sum of products is in pre-set level score range, it is determined that described to pass through audit, and root to operation code According to described to the corresponding parameter to be configured of operation code, corresponding operating parameter is configured to operation code to be described, is configured It is described to operation code after operating parameter；

Will after configuration operating parameter described in be sent in preset production environment and run to operation code.

11. a kind of audit device of operation code, which is characterized in that the audit device of the operation code includes:

Computing module, for calculating the index to operation code in weight index point when receiving after operation code Value, wherein described at least to correspond to two weight indexs to operation code；

Module is obtained, for obtaining the corresponding default weighted value of each weight index；

The computing module is also used to calculate the index product between each index score value and the corresponding default weighted value；

Determining module, if for each index sum of products not in pre-set level score range, it is determined that the generation to be operated Code does not pass through audit；

Disabled module is sent to described in preset production environment to operation code for forbidding.

12. the audit device of operation code as claimed in claim 11, which is characterized in that when the weight index is production fortune When tieing up index, the computing module includes:

First acquisition unit, for when receiving after operation code, obtaining the corresponding production O&M audit of production O&M index Rule set；

First computing unit, the first regular quantity concentrated for calculating the production O&M audit regulation；It calculates in the life It produces O&M audit regulation to concentrate, with the Second Rule quantity to the matched production O&M audit regulation of operation code；According to Described first regular quantity and the Second Rule quantity calculate the production fortune to operation code in production O&M index Tie up index score value.

13. the audit device of operation code as claimed in claim 11, which is characterized in that when the weight index is walked for algorithm When looking into index, the computing module further include:

Second acquisition unit, for when receiving after operation code, the corresponding each code security of acquisition algorithm Walkthrough index Rule set；

Comparison unit, for being compared described to operation code and each code security rule set；

First determination unit, for described pacifying to operation code in each code according to comparing resulting comparing result and determine Regular score in full rule set；

The second acquisition unit is also used to obtain the corresponding regular weight of each code security rule set；

Second computing unit, it is described wait grasp to obtain for calculating the regular product of each regular score and rule of correspondence weight Make algorithm Walkthrough index score value of the code in the algorithm Walkthrough index.

14. the audit device of operation code as claimed in claim 11, which is characterized in that when the weight index is code ratio When to index, the computing module includes:

Third acquiring unit, it is described to the corresponding history codes of operation code for obtaining when receiving after operation code；

Third computing unit, it is described to the dispersion degree value between operation code and the history codes for calculating；If described Dispersion degree value is less than predeterminable level value, then calculates the degree difference between the dispersion degree value and the predeterminable level value；

Second determination unit, for being compared in index to operation code in the code according to degree difference determination is described Code compares index score value.

15. the audit device of operation code as claimed in claim 11, which is characterized in that when the weight index is database When operation index, the computing module includes:

Detection unit, for when receiving after operation code, detection it is described to operation code in the process of running, if exist The operation of illegal connection database；

4th acquiring unit, if for it is described to operation code in the process of running, not there is no the operation of illegal connection database, Then obtain the private data collection of the database manipulation index；

Third determination unit, for determining that the private data is concentrated, with described to the matched target private data of operation code；

4th acquiring unit is also used to obtain the corresponding private data score value of the target private data；

4th computing unit, for according to the private data score value calculate it is described to operation code in database manipulation index Operation index score value.

16. the audit device of operation code as claimed in claim 11, which is characterized in that when the weight index is business behaviour When making to close rule index, the computing module includes:

5th acquiring unit closes the corresponding business conjunction rule of rule index for when receiving after operation code, obtaining business operation Rule；

4th determination unit is closed with described to the matched target service of operation code for determining that the business is closed in rule rule Rule rule；

5th acquiring unit is also used to obtain each article of target service and closes the corresponding conjunction rule score value of rule rule, and obtains and close rule Default score value；

5th computing unit subtracts the corresponding conjunction rule point of each target service conjunction rule rule for default score value to be advised in the conjunction Value obtains the conjunction rule index score value closed to operation code in the business operation in rule index.

17. a kind of audit device of operation code, which is characterized in that the audit device of the operation code includes memory, place Reason device and the auditing procedure for being stored in the operation code that can be run on the memory and on the processor, the operation generation The audit of the operation code as described in any one of claims 1 to 10 is realized when the auditing procedure of code is executed by the processor The step of method.

18. a kind of computer readable storage medium, which is characterized in that be stored with operation generation on the computer readable storage medium The auditing procedure of code realizes such as any one of claims 1 to 10 when the auditing procedure of the operation code is executed by processor The step of auditing method of the operation code.