CN110197080A - A kind of data protection system of power-management centre - Google Patents

A kind of data protection system of power-management centre Download PDF

Info

Publication number
CN110197080A
CN110197080A CN201910374891.XA CN201910374891A CN110197080A CN 110197080 A CN110197080 A CN 110197080A CN 201910374891 A CN201910374891 A CN 201910374891A CN 110197080 A CN110197080 A CN 110197080A
Authority
CN
China
Prior art keywords
data
module
layer
sensitive
filing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910374891.XA
Other languages
Chinese (zh)
Inventor
张宗包
黄颖祺
黄福全
杜进桥
张夕佳
王谦
刘岩
刘铠
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Power Supply Bureau Co Ltd
Original Assignee
Shenzhen Power Supply Bureau Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Power Supply Bureau Co Ltd filed Critical Shenzhen Power Supply Bureau Co Ltd
Priority to CN201910374891.XA priority Critical patent/CN110197080A/en
Publication of CN110197080A publication Critical patent/CN110197080A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes

Landscapes

  • Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Databases & Information Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Medical Informatics (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The present invention provides a kind of data protection system of power-management centre, from the bottom to top includes: data collection layer, the acquisition, transmission and storage for data comprising data acquisition module, data transmission module and data memory module;Data monitoring and analysis layer, for being monitored to data and analyzing determining sensitive data comprising data monitoring module and data analysis module;Data analysis layer, for carrying out desensitization process to sensitive data comprising data desensitization module;Data safety management layer, for carrying out filing and encryption handling to desensitization data comprising data filing module and data encryption module;And management controls and visualizes layer, is used for dynamical feedback result and visual presentation comprising dynamic analysis and feedback module and visual presentation module.The data protection system of the power-management centre uses layered model, and each layer separate design can efficient realization safe management.

Description

A kind of data protection system of power-management centre
Technical field
The present invention relates to technical field of power systems more particularly to a kind of data protection systems of power-management centre.
Background technique
With the fast development of information technology, the information data in electric power enterprise is also more and more abundant, and in these data With a large amount of sensitive and private data, such as the name of user, identification card number, address.And these data itself have multiple The features such as miscellaneous, total amount rapid development, stern challenge is proposed to the data security protecting demand of power-management centre.
Summary of the invention
Technical problem to be solved by the present invention lies in provide a kind of data protection system of power-management centre, with right The data of power-management centre realize expeditiously safe management.
In order to solve the above technical problem, the present invention provides a kind of data protection system of power-management centre, by down toward On include:
Data collection layer, acquisition, transmission and storage for data comprising data acquisition module, data transmission module And data memory module;
Data monitoring and analysis layer, for being monitored to data and analyzing determining sensitive data comprising data monitoring Module and data analysis module;
Data analysis layer, for carrying out desensitization process to sensitive data comprising data desensitization module;
Data safety management layer, for desensitization data carry out filing and encryption handling comprising data filing module and Data encryption module;And
Management control with visualize layer, be used for dynamical feedback result and visual presentation comprising dynamic analysis and Feedback module and visual presentation module.
Wherein, the data protection system further includes the data between data monitoring and analysis layer and data analysis layer Sensitive grade classification layer, for carrying out susceptibility division according to determining sensitive data comprising susceptibility division module;
The data analysis layer carries out different degrees of desensitization process according to sensitivity grade.
Wherein, the data sensitive grade classification layer further includes preset susceptibility rule base and customized sensitive pattern library;
The preset susceptibility rule base is for storing preset susceptibility Rule Information, the customized sensitive pattern library For storing customized susceptibility Rule Information.
Wherein, the data safety management layer further includes susceptibility Audit Module, is divided for auditing and counting susceptibility Process.
Wherein, the data monitoring and analysis layer further include sensitive data recognition rule library, the sensitive data identification rule Then library is used to store the characteristic information of sensitive data.
Wherein, the data filing module includes filing regular definition unit, filing storing data library;
The regular definition unit of the filing is used for storing filing data filing Rule Information, the filing storing data library Data after storage filing.
Wherein, the data safety management layer further includes the leakage-preventing module of data.
Wherein, the data safety management layer further includes expired sensitive data removing module.
Wherein, the data safety management layer further includes automatically analyzing alarm module.
Wherein, the visual presentation module includes flow path visual unit and result visualization unit.
The beneficial effect of the embodiment of the present invention is: using layered model, each layer separate design can expeditiously realize peace Full management;It is presented to staff in a manner of visual presentation, the efficiency of sensitive data safety management and straight can be improved The property seen.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this Some embodiments of invention for those of ordinary skill in the art without creative efforts, can be with It obtains other drawings based on these drawings.
Fig. 1 is a kind of structural schematic diagram of the data protection system of power-management centre of the embodiment of the present invention.
Fig. 2 is a kind of concrete structure schematic diagram of the data protection system of power-management centre of the embodiment of the present invention.
Specific embodiment
The explanation of following embodiment be with reference to attached drawing, can be to the specific embodiment implemented to the example present invention.
As shown in Figure 1, the embodiment of the present invention provides a kind of data protection system of power-management centre, wrap from the bottom to top It includes:
Data collection layer 10, acquisition, transmission and storage for data comprising data acquisition module 11, data transmission Module 12 and data memory module 13;
Data monitoring and analysis layer 20, for being monitored to data and analyzing determining sensitive data comprising data prison Control module 21 and data analysis module 22;
Data analysis layer 30, for carrying out desensitization process to sensitive data comprising data desensitization module 31;
Data safety management layer 40, for carrying out filing and encryption handling to desensitization data comprising data filing module 41 and data encryption module 42;And
Management control and visual presentation layer 50, are used for dynamical feedback result and visual presentation comprising dynamic analysis And feedback module 51 and visualize module 52.
The data protection system of the power-management centre uses layered model, and each layer separate design can efficient realization Safe management;Furthermore it is presented to staff in a manner of visual presentation, the effect of sensitive data safety management can be improved Rate and intuitive.
In data collection layer 10, as each base station acquires information, and carries out transimission and storage.
In data monitoring and analysis layer 20, i.e., the information to be obtained according to data collection layer 10 is monitored and analyzes, Determine sensitive data therein, such as the name of user, identification card number, address.It can be with preset sensitivity in data analysis module 22 The characteristic information of data quickly can be analyzed and be determined.
In data analysis layer 30, desensitize to sensitive data.Namely the deformation of data is carried out, realize privacy-sensitive number According to reliably protecting.Such as the number in the identification card number of user is replaced or is hidden, the specific can be that directly by body Latter four of part card number replace with unified symbol;Or another number is replaced with using algorithm, it is such as unified to carry out plus/minus.
Referring to Figure 2 together, it is preferable that the data protection system of the power-management centre further includes being located at data monitoring Data sensitive grade classification layer 60 between analysis layer 20 and data analysis layer 30, for according to determining sensitive data progress Susceptibility divides comprising susceptibility division module 61;The data analysis layer 30 carries out different degrees of according to sensitivity grade Desensitization process.Different modes is taken for different sensitive datas in this way, efficiency can be greatly improved.Such as can successively it divide It, can be with if identification card number is divided in lower A grade for three grades A, B, C, or by taking the identification card number of user as an example It is to replace with unified symbol, such as *, # for latter four of identification card number;If identification card number is divided in B grade, can be By the digital replacement of rear four progress of identification card number;If identification card number is divided in higher C grade, can be identity card Number all carry out digital replacements.
Preferably, the data sensitive grade classification layer 60 further includes preset susceptibility rule base 62 and customized sensitive rule Then library 63;The preset susceptibility rule base 62 is for storing preset susceptibility Rule Information, the customized sensitive pattern Library 63 is for storing customized susceptibility Rule Information.With the development of information age, the type of sensitive data is also increasing, It can according to need and be updated by the customized sensitive pattern library 63 of setting, to effectively increase the data protection system Practicability.
Preferably, the data monitoring and analysis layer 60 further include sensitive data recognition rule library 64, the sensitive data Recognition rule library 64 is used to store the characteristic information of sensitive data.It is appreciated that store in sensitive data recognition rule library 64 There is the corresponding relationship of each grade and characteristic information, therefore the grade classification of sensitive data can be rapidly performed by.
When the data protection system of the power-management centre includes above-mentioned data monitoring and analysis layer 60, it is preferable that institute Stating data safety management layer 40 further includes susceptibility Audit Module 43, for auditing and counting susceptibility partition process.It is equivalent to It is audited and is counted for susceptibility partition process, so that it is guaranteed that the accuracy of susceptibility partition process.
In some preferred embodiments, the data safety management layer 40 further includes the leakage-preventing module 44 of data.It can be with It is effectively prevent leaking data, can be and the access authority of data is limited, shielded or blocked.It is preferred real at other It applies in example, data continue to increase the data protection system in the process of running in order to prevent, increase system loading, reduce operation effect Rate, the data safety management layer 40 further include expired sensitive data removing module 45.Preferably, the data safety management layer 40 further include automatically analyzing alarm module 46, when an abnormality is discovered, is alarmed, can be directly by management control with it is visual Change presentation layer 50 and shows staff.
Preferably, the data filing module 41 includes filing regular definition unit, filing storing data library;The filing Regular definition unit is used to store the number after filing for storing filing data filing Rule Information, the filing storing data library According to.The filing of orderly property can be carried out, as needed in this way convenient for having access to and analyzing later.
Preferably, the visual presentation module 52 includes flow path visual unit and result visualization unit.Namely Process flow operation and processing result for entire data protection system can be shown, checked convenient for staff and Supervision, improves the efficiency and intuitive of safety management.
By above description it is found that the beneficial effect of the embodiment of the present invention is, using layered model, each layer separation is set Meter, can expeditiously realize safe management;It is presented to staff in a manner of visual presentation, sensitive data can be improved The efficiency and intuitive of safety management.
The above disclosure is only the preferred embodiments of the present invention, cannot limit the right model of the present invention with this certainly It encloses, therefore equivalent changes made in accordance with the claims of the present invention, is still within the scope of the present invention.

Claims (10)

1. a kind of data protection system of power-management centre, which is characterized in that include: from the bottom to top
Data collection layer, acquisition, transmission and storage for data comprising data acquisition module, data transmission module sum number According to memory module;
Data monitoring and analysis layer, for being monitored to data and analyzing determining sensitive data comprising data monitoring module And data analysis module;
Data analysis layer, for carrying out desensitization process to sensitive data comprising data desensitization module;
Data safety management layer, for carrying out filing and encryption handling to desensitization data comprising data filing module and data Encrypting module;And
Management control and visual presentation layer, are used for dynamical feedback result and visual presentation comprising dynamic analysis and feedback Module and visual presentation module.
2. the data protection system of power-management centre as described in claim 1, which is characterized in that further include being located at data to supervise Control and the data sensitive grade classification layer between analysis layer and data analysis layer, it is sensitive for being carried out according to determining sensitive data Degree divides comprising susceptibility division module;
The data analysis layer carries out different degrees of desensitization process according to sensitivity grade.
3. the data protection system of power-management centre as claimed in claim 2, which is characterized in that the data sensitive grade Dividing layer further includes preset susceptibility rule base and customized sensitive pattern library;
For storing preset susceptibility Rule Information, the customized sensitive pattern library is used for the preset susceptibility rule base Store customized susceptibility Rule Information.
4. the data protection system of power-management centre as claimed in claim 2, which is characterized in that the data safety management Layer further includes susceptibility Audit Module, for auditing and counting susceptibility partition process.
5. the data protection system of power-management centre as described in claim 1, which is characterized in that the data monitoring with point Analysis layer further includes sensitive data recognition rule library, and sensitive data recognition rule library is used to store the feature letter of sensitive data Breath.
6. the data protection system of power-management centre as described in claim 1, which is characterized in that the data filing module Including filing regular definition unit, filing storing data library;
The regular definition unit of the filing is for storing filing data filing Rule Information, and the filing storing data library is for depositing Data after storage filing.
7. the data protection system of power-management centre as described in claim 1, which is characterized in that the data safety management Layer further includes the leakage-preventing module of data.
8. the data protection system of power-management centre as described in claim 1, which is characterized in that the data safety pipe Managing layer further includes expired sensitive data removing module.
9. the data protection system of power-management centre as described in claim 1, which is characterized in that the data safety pipe Managing layer further includes automatically analyzing alarm module.
10. the data protection system of the power-management centre as described in claim any one of 1-9, which is characterized in that described Visualizing module includes flow path visual unit and result visualization unit.
CN201910374891.XA 2019-05-07 2019-05-07 A kind of data protection system of power-management centre Pending CN110197080A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910374891.XA CN110197080A (en) 2019-05-07 2019-05-07 A kind of data protection system of power-management centre

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910374891.XA CN110197080A (en) 2019-05-07 2019-05-07 A kind of data protection system of power-management centre

Publications (1)

Publication Number Publication Date
CN110197080A true CN110197080A (en) 2019-09-03

Family

ID=67752384

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910374891.XA Pending CN110197080A (en) 2019-05-07 2019-05-07 A kind of data protection system of power-management centre

Country Status (1)

Country Link
CN (1) CN110197080A (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105653981A (en) * 2015-12-31 2016-06-08 中国电子科技网络信息安全有限公司 Sensitive data protection system and method of data circulation and transaction of big data platform
CN106339942A (en) * 2016-08-31 2017-01-18 国信优易数据有限公司 Financial information processing method and system
CN108769048A (en) * 2018-06-08 2018-11-06 武汉思普崚技术有限公司 A kind of secure visualization and Situation Awareness plateform system
CN109446817A (en) * 2018-10-29 2019-03-08 成都思维世纪科技有限责任公司 A kind of detection of big data and auditing system
CN109492991A (en) * 2018-10-18 2019-03-19 华南理工大学 Distribution engineering builds intelligent comprehensive management system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105653981A (en) * 2015-12-31 2016-06-08 中国电子科技网络信息安全有限公司 Sensitive data protection system and method of data circulation and transaction of big data platform
CN106339942A (en) * 2016-08-31 2017-01-18 国信优易数据有限公司 Financial information processing method and system
CN108769048A (en) * 2018-06-08 2018-11-06 武汉思普崚技术有限公司 A kind of secure visualization and Situation Awareness plateform system
CN109492991A (en) * 2018-10-18 2019-03-19 华南理工大学 Distribution engineering builds intelligent comprehensive management system
CN109446817A (en) * 2018-10-29 2019-03-08 成都思维世纪科技有限责任公司 A kind of detection of big data and auditing system

Similar Documents

Publication Publication Date Title
Dahiya et al. Network intrusion detection in big dataset using spark
JP6508353B2 (en) Information processing device
CN109471846A (en) User behavior auditing system and method on a kind of cloud based on cloud log analysis
US10657250B2 (en) Method and apparatus for detecting anomaly based on behavior-analysis
CN108933785A (en) Network risks monitoring method, device, computer equipment and storage medium
CN106656640A (en) Early warning method and device of network attack
CN110232499A (en) A kind of power distribution network information physical side method for prewarning risk and system
CN110399400A (en) Detect method, apparatus, equipment and the medium of abnormal data
CN107609948A (en) The detection method and its system of risk order, storage medium, electronic equipment
CN108696486A (en) A kind of abnormal operation behavioral value processing method and processing device
CN106371983A (en) Method and device for alarming based on data development
Wang et al. FP-growth based regular behaviors auditing in electric management information system
Argyriou et al. A fraud detection visualization system utilizing radial drawings and heat-maps
CN110175070A (en) Management method, device, system, medium and the electronic equipment of distributed data base
CN110197080A (en) A kind of data protection system of power-management centre
CN110012000A (en) Order detection method, device, computer equipment and storage medium
CN110175100A (en) A kind of storage dish failure prediction method and forecasting system
US20180129963A1 (en) Apparatus and method of behavior forecasting in a computer infrastructure
CN115758435A (en) External sharing security processing method for company marketing data and related equipment
Choi et al. An easy-to-use framework to build and operate ai-based intrusion detection for in-situ monitoring
Wang et al. A Multi-Layer Hybrid Intrusion Detection Method Based on Nb And SVM
CN114547406A (en) Data monitoring method, system, storage medium and electronic device
Morgado et al. Technological Policing: Big data vs real data
CN115438882A (en) Business dynamic sensing system based on full-flow monitoring technology
CN206339983U (en) Ultra-large data safety protector

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination