CN110210989A - A kind of security risk reporting system and its method - Google Patents
A kind of security risk reporting system and its method Download PDFInfo
- Publication number
- CN110210989A CN110210989A CN201910303605.0A CN201910303605A CN110210989A CN 110210989 A CN110210989 A CN 110210989A CN 201910303605 A CN201910303605 A CN 201910303605A CN 110210989 A CN110210989 A CN 110210989A
- Authority
- CN
- China
- Prior art keywords
- report
- information
- security risk
- user
- identity
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 23
- 238000012545 processing Methods 0.000 claims abstract description 26
- 230000010365 information processing Effects 0.000 claims description 18
- 238000004519 manufacturing process Methods 0.000 claims description 17
- 238000011835 investigation Methods 0.000 claims description 15
- 238000012795 verification Methods 0.000 claims description 10
- 238000011161 development Methods 0.000 claims description 4
- 238000003860 storage Methods 0.000 claims description 3
- 238000007726 management method Methods 0.000 description 42
- 230000006399 behavior Effects 0.000 description 10
- 230000006870 function Effects 0.000 description 9
- 230000008569 process Effects 0.000 description 9
- 238000012550 audit Methods 0.000 description 6
- 230000008859 change Effects 0.000 description 5
- 238000010586 diagram Methods 0.000 description 5
- 239000008280 blood Substances 0.000 description 4
- 210000004369 blood Anatomy 0.000 description 4
- 239000003245 coal Substances 0.000 description 4
- 230000008901 benefit Effects 0.000 description 3
- 238000012546 transfer Methods 0.000 description 3
- 230000009471 action Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000002265 prevention Effects 0.000 description 2
- 230000002441 reversible effect Effects 0.000 description 2
- 230000009466 transformation Effects 0.000 description 2
- 238000004458 analytical method Methods 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 230000004069 differentiation Effects 0.000 description 1
- 235000013399 edible fruits Nutrition 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000011156 evaluation Methods 0.000 description 1
- PCHJSUWPFVWCPO-UHFFFAOYSA-N gold Chemical compound [Au] PCHJSUWPFVWCPO-UHFFFAOYSA-N 0.000 description 1
- 239000010931 gold Substances 0.000 description 1
- 229910052737 gold Inorganic materials 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 238000012806 monitoring device Methods 0.000 description 1
- 238000011017 operating method Methods 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
- 238000013439 planning Methods 0.000 description 1
- 238000002360 preparation method Methods 0.000 description 1
- 238000012549 training Methods 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
- 230000001755 vocal effect Effects 0.000 description 1
- 239000002699 waste material Substances 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
- G06F21/6254—Protecting personal data, e.g. for financial or medical purposes by anonymising data, e.g. decorrelating personal data from the owner's identification
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
- G06Q50/02—Agriculture; Fishing; Forestry; Mining
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Business, Economics & Management (AREA)
- Bioethics (AREA)
- Economics (AREA)
- Human Resources & Organizations (AREA)
- Agronomy & Crop Science (AREA)
- Animal Husbandry (AREA)
- Marine Sciences & Fisheries (AREA)
- Mining & Mineral Resources (AREA)
- Life Sciences & Earth Sciences (AREA)
- Medical Informatics (AREA)
- Databases & Information Systems (AREA)
- Marketing (AREA)
- Primary Health Care (AREA)
- Strategic Management (AREA)
- Tourism & Hospitality (AREA)
- General Business, Economics & Management (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a kind of security risk reporting system and its methods, including identity management platform, security risk information reporting platform, wherein identity management platform includes user ID data library, identification module and identity information shroud module, identity information shroud module carries out anonymization processing to the subscriber identity information in user ID data library, report user after the processing of the anonymization of identity information shroud module, it is disclosed without having to worry about subscriber identity information and brings unnecessary trouble, preferred embodiment further includes report reward platform and capital management platform simultaneously, report reward platform is according to the received security risk report information of security risk information reporting platform, it is reported that after information is verified effectively, safety manager timely and effectively can provide reward to report user by capital management platform.The present invention can greatly protect the identity information safety of speaker; and reward is provided in time; concern and investment of the report user to security risk information are preferably transferred, promotes the raising of staff's security precautions, avoids the generation of security risk to a greater extent.
Description
Technical field
The invention belongs to high risk industries security technology areas, specifically, being related to a kind of high risk industries security risk report
The system of information report.
Background technique
Such as Safety of Coal Mine Production is the most important thing of enterprise development, prior art security risk investigation is generally pacified by enterprise
Full production division is managed collectively and is supervised, although enterprise puts into huge, such as a large amount of buyings in terms of safety in production every year
Safe production equipment, work safety training education, safety in production communication and education etc., enterprise still deposits in daily production management process
In security risk.Lot of accident investigation and analysis show casualty accident be mostly as caused by Unsafe behavior, and
Main cause is that current security evaluation and supervision also lack effective ways and means, not yet realizes supervision, public affairs to security risk
Show, audit and effective report reward mechanism, these hidden danger are substantially with generality and versatility.It will be fundamentally
The generation for preventing accident needs in advance to security risk early warning, and existing security risk processing mode, and there are security risk letters
Breath treatment process takes a long time, and causing a hidden trouble, it is long to rectify and improve the period.Although enterprise is equipped with security risk box for letters of accusation, enterprise throughout the year
Security risk can not timely and effectively be fed back due to considering immediate superior or other factors and arrive enterprise security manager portion by employee
Door.In order to improve the safety behavior consciousness and enthusiasm of the staff, and it can reward report information accurate employee in time, together
When protect employee information not to be leaked, some enterprises carry out security information report, prize using the instant message applications such as wechat at present
Encourage work, as a certain position employee find actual production process in there are security risks, then the employee need to re-register one it is micro-
Report photo, video, text are transmitted to safety management personnel again after signal, taken pictures by mobile terminal, record the hands such as video
There is report user and adopt in Duan Shangchuan security risk data although such method solves the problems, such as that report information uploads in time
Security risk is reported with anonymous way, and safety management personnel can not audit report person part.
Application No. is the Chinese patents of CN201020641532.0 to disclose a kind of mine potential safety hazard closed loop management system,
Include office data library, management server, handheld terminal which disclose one kind, passes through local side server and handheld terminal benefit
It is connected with internet, is connected with management server therebetween.The patent solves safety of coal mines hidden danger closed loop pipe in a way
Reason, but special practitioner is needed to utilize finger-print recognising instrument identification, that is, need special security risk information inspection
Personnel, and since special messenger is responsible for, real-name authentication is needed to personal information.Conventional security hidden danger management is largely followed
Methods only change a kind of means.
Application No. is the Chinese patents of CN201420530932.2 to disclose a kind of safety of coal mines hidden troubles removing management system,
The patent includes that handheld terminal (U1) is connected by WIFI signal with wireless receiving substation (U8), wireless receiving substation (U8) and work
Industrial Ethernet (U2) is attached, and further includes Web server (U4), inquiring client terminal (U5), management client (U6) and short
Believe gateway (U7).The patent changes traditional manual typing mode, improves efficiency, but the implementation of the patent and can not transfer
The prevention of total involvement security risk can not more protect the sensitive informations such as the user identity of report security risk information.
In view of this present invention is specifically proposed.
Summary of the invention
The technical problem to be solved in the present invention is that overcoming the deficiencies of the prior art and provide a kind of high risk industries security risk
Reporting system.
Existing security risk report manner functions, the report information such as conveniently take pictures, record a video using mobile terminal can be remembered in time
Record uploads;Report that award method is carried out still by the way of traditional or using other modes such as the instant message applications such as wechat.By
Can take into account real name report in report user influences the direct or indirect interests of this department, and most employees are using anonymous report
Mode to business report security risk, this method has the following problems:
1, speaker using anonymous way report security risk, safety management personnel can not audit report person part,
I.e. the operating method to worker cannot verify and anonymization is handled.If speaker's real name is reported, speaker's load
The report behavior of the heart oneself can be known by immediate superior.
2, it is reported using instant message applications such as wechats, there are information management, Information Statistics, information to deposit for report information
The problem of shelves etc..
3, enterprise is caused to be difficult to due to being anonymous granting using the granting that the instant message applications such as wechat carry out bonus
The whereabouts etc. of prize funds is managed, there are capital management hidden danger.
In order to solve the above technical problems, the present invention is using the basic conception of technical solution:
A kind of security risk reporting system is provided, anonymization can be carried out to sensitive informations such as the identity informations for reporting user
Processing, can also be managed archive to report information, award in time after can also verifying effectively report user and to peace
Full hidden danger report bonus is managed, and has the function of information report etc..
After adopting the above technical scheme, the present invention has the advantages that compared with prior art.
1, identity management platform includes user ID data library, identification module and identity information shroud module, wherein
User ID data library, identification module can identify and judge whether user identity is the our unit person of being exactly
Work, identity information shroud module can report subscriber identity information with anonymization, and report user does not have to concern report behavior bring
The direct or indirect conflict of interest.
2, the report information of security risk information reporting platform obtains module, receiving module and memory module, can be timely
To security information carry out information management, Information Statistics, archival of information, update module can be at any time according to rank of security risk etc.
Grade updating record information state.
3, there is report verification in the report result publicity that report reward platform is provided according to security risk information reporting platform
Effect timely triggers capital management platform to corresponding report user and transfers report reward, and all prize funds whereabouts can lead to
Cross capital management platform statistical report form.
To sum up, a kind of security risk reporting system of the present invention can report subscriber identity information in protection, eliminate report
The trouble and worry of user can timely provide report reward, greatly transfer the prevention security risk consciousness of the staff, together
Shi Suoyou security risk report information can be achieved, classifies, be counted, and relevant prize funds, which can count, report etc. is many has
Beneficial effect.
A specific embodiment of the invention is described in further detail with reference to the accompanying drawing.
Detailed description of the invention
Attached drawing is as a part of the invention, and for providing further understanding of the invention, of the invention is schematic
Examples and descriptions thereof are used to explain the present invention, but does not constitute an undue limitation on the present invention.Obviously, the accompanying drawings in the following description
Only some embodiments to those skilled in the art without creative efforts, can be with
Other accompanying drawings can also be obtained according to these attached drawings.In the accompanying drawings:
Fig. 1 is module diagram of the invention;
Fig. 2 is workflow schematic diagram of the invention;
Fig. 3 is method and step schematic diagram of the invention;
It should be noted that these attached drawings and verbal description are not intended to the design model limiting the invention in any way
It encloses, but illustrates idea of the invention by referring to specific embodiments for those skilled in the art.
Specific embodiment
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with the embodiment of the present invention
In attached drawing, the technical solution in embodiment is clearly and completely described, the following examples are intended to illustrate the invention, but
It is not intended to limit the scope of the invention.
In the description of the present invention, it should be noted that term " on ", "front", "rear", "left", "right", " is erected at "lower"
Directly ", the orientation or positional relationship of the instructions such as "inner", "outside" is to be based on the orientation or positional relationship shown in the drawings, merely to just
In description the present invention and simplify description, rather than the device or element of indication or suggestion meaning must have a particular orientation, with
Specific orientation construction and operation, therefore be not considered as limiting the invention.
In the description of the present invention, it should be noted that unless otherwise clearly defined and limited, term " installation ", " phase
Even ", " connection " shall be understood in a broad sense, for example, it may be being fixedly connected, may be a detachable connection, or be integrally connected;It can
To be mechanical connection, it is also possible to be electrically connected;It can be directly connected, it can also be indirectly connected through an intermediary.For this
For the those of ordinary skill in field, the concrete meaning of above-mentioned term in the present invention can be understood with concrete condition.
As shown in Figure 1, security risk reporting system of the invention includes identity management platform, for managing report user's body
Part information.Subscriber identity information can include but is not limited to personnel's name, fingerprint, blood group, photo, educational background, home address, connection
Mode, unit post, kinsfolk, staff redeployment record, person works' rewards and punishments information etc..Above-mentioned subscriber identity information passes through body
Part management platform typing is simultaneously stored to user ID data library.Report of the identification module to security risk information reporting platform
User information and user ID data library are compared to identify and judge user identity, for example, identification module is to user
Carry out identity differentiation, differentiate whether the user is enterprises worker, if it is, open security risk report permission and by
Permission is rewarded, if non-, security risk report permission do not opened and is awarded permission, only general access authority.Body
Identity database in part management platform can also establish white list according to identity data, the foundation of white list can be according to
Duty registration employee information preparation can also be worked out according to the form of unit organization or the group that keeps the safety in production.Identification module pair
The anonymization report user information of security risk information reporting platform and the white list are compared to identify and judge user
Identity.The identification function of identification module, largely avoids the report behavior of irrelevant personnel, while also having controlled and have
The malice for closing report user reports behavior, avoids the waste of associated safety hidden danger report resource.Identity information shroud module can be with
It uses as needed and anonymization processing is carried out with one of lower node:
(1) identity information shroud module carries out anonymization processing to the subscriber identity information in user ID data library, i.e.,
Identity information shroud module carries out anonymization processing simultaneously in subscriber identity information typing, and the subscriber identity information is through anonymization
Data that treated are stored in user ID data library.Because of subscriber identity information, in typing after anonymization is handled, with anonymity
Data mode after change is stored in user ID data library, greatly protects subscriber identity information safe, even if user identity
Database lost, since data are by anonymization treated data, user identity sensitive information will not divulge a secret.
(2) subscriber identity information records normal typing user ID data library, and identity information shroud module is only in report user
When carrying out the report of security risk information, carried out at anonymization when calling the report user information in relative users identity database
Reason.Subscriber identity information normal typing user ID data library, although not can guarantee subscriber identity information safety, due to only
When reporting user report security risk, identity information shroud module calls the report user letter in relative users identity database
Anonymization processing is carried out when breath, this anonymity turns to disposable anonymization, even if next time, same position report user was handled through anonymization
Result afterwards is not identical, thus the identity for protecting report user to report security risk to the full extent.
(3) identity information shroud module carries out anonymization processing in subscriber identity information typing, and report user into
When row security risk information is reported, anonymization processing is carried out when calling the report user information in relative users identity database.
Due to all using the anonymization of identity information shroud module to handle at two nodes, such mode both can guarantee report user identity
Database security, and can guarantee that report security risk Information Times accuses subscriber identity information.
The anonymization processing function of identity information shroud module, can be digital authorization certificate form, is also possible to one kind
The anonymization of above-mentioned various node mode password reversible transformation mode processes is exemplified below in password reversible transformation mode process
A kind of implementation of processing function:
(1) identity information shroud module carries out anonymization processing, the user identity in subscriber identity information typing simultaneously
Treated that data are stored in user ID data library through anonymization for information.Such as: report subscriber identity information (name: A, refers to
Line: B, blood group: C, photo: D, educational background: E, home address: F, contact method: G, unit post: H, kinsfolk: I, personnel's tune
Dynamic record: J, person works' rewards and punishments information: K) after anonymization is handled, being stored in user ID data library is that data are
(name: a, fingerprint: b, blood group: c, photo: d, educational background: e, home address: f, contact method: g, unit post: h, family at
Member: i, staff redeployment record: j, person works' rewards and punishments information: k) or the user identity that can not directly read after coding is replaced with
Data.The subscriber identity information in user ID data library is safe and reliable, and irrelevant personnel can not be obtained directly from user ID data library
To any relevant user identity information.
(2) subscriber identity information records normal typing user ID data library, and identity information shroud module is only in report user
When carrying out the report of security risk information, carried out at anonymization when calling the report user information in relative users identity database
Reason.Such as: report subscriber identity information (name: A, fingerprint: B, blood group: C, photo: D, educational background: E, home address: F, correspondent party
Formula: G, unit post: H, kinsfolk: I, staff redeployment record: J, person works' rewards and punishments information: K) normal typing is stored in use
Family identity database.When report user A hidden danger information with high safety reports behavior, identity information shroud module assigns report at random
Attribute (a) is hidden in mono- display information of user A (report user x) and a fixation, and display information (report user x) follows always
In security risk reporting process, hiding attribute (a) will be reversed to determine report during subsequent implementation security risk is reported and rewarded
The identity of user A.When user A hidden danger information with high safety reports behavior next time, identity information shroud module is assigned at random again
It gives report mono- display information of user A (report user y) and attribute (a), display information (report user y) one is hidden in a fixation
It directly follows in security risk reporting process, hiding attribute (a) will be reversed true during subsequent implementation security risk is reported and rewarded
Surely the identity of user A is reported.It avoids in this way, the first fixed form assigns the anonymization process of report subscriber identity information
It brings, after the security risk report behavior for reporting the certain number of user, it is possible to be deduced the body of corresponding report user
Part information.
(3) identity information shroud module carries out anonymization processing in subscriber identity information typing, and report user into
When row security risk information is reported, anonymization processing is carried out when calling the report user information in relative users identity database.
It can not only guarantee safety of the user ID data in identity database, can more guarantee to report that user reports in security risk
The safety of subscriber identity information in action process.
Security risk information reporting platform includes report information acquisition, reception, storage and update module, the report information
It obtains, receive, memory module is obtained accordingly, received, storage report information, update module updating record information processing shape
State.
Report information obtains module, can be various handheld terminals, such as mobile phone, tablet computer, with camera shooting sound-recording function
Instrument and equipment etc., the APP form for being also possible to intelligent terminal realizes.It is also possible to set in security risk maximum probability generation position
The fixed terminal device set, such as security cameras monitoring device.Report that user obtains module using report information, acquisition obtains
Various security risk information are taken, security risk information can be the report informations such as video, photo, audio data.Report information connects
Receiving module can be Web server, WIFI receiver, Industrial Ethernet etc..Report information receiving module, which receives, to be obtained in module
Report information is stored in report information memory module by the report information of biography, and report information memory module can be data service
Device is also possible to the equipment with data storage function, such as hard disk.
Update module updating record information processing state, report information processing status include report in, investigation in, report knot
Fruit publicity, report result publicity include that report verification is effective, report information is wrong.According to security risk report information, safety is specially
Family, production responsible person or full-time responsible person carry out verification security information, will report result publicity exhibition in time by update module
It is shown in security risk information reporting platform.The verification of security risk report information can also be, using automatic under big data mode
Safety verification, and according to security risk danger coefficient, according to investigation, prediction, hidden danger grade classification and classify, while giving preferential
Determine and detection, and introduce manpower intervention according to the actual situation, and will report result publicity by update module automatically update to
Security risk information reporting platform.Security risk information reporting platform also has security risk Information Statistics module, security risk
Statistical module generates report to security risk report information statistic of classification, can provide number for the specific investigation of current safety hidden danger
According to the mode that can also keep the safety in production for big data from now on provides data and supports.
Using security risk reporting system of the invention, safety equipment operation and input cost can be greatly reduced, improve
Safety in production information system operational efficiency, effectively improves the integrated management ability of safety in production, effectively contains the hair of safety accident
It is raw.
Preferably, security risk reporting system further includes report reward platform and capital management platform, report reward platform
It is verified effectively according to the update module updating record information processing state report in security risk information reporting platform, Identity Management
Identity information shroud module in platform calls the report subscriber identity information in user ID data library, triggers capital management platform
Reward is provided to corresponding report user.Capital management platform mainly includes online payment system, and online payment includes and all kinds of branch
The interface for paying platform, bank finance mechanism provides with funds account management function to enterprise security manager department, is used for security risk
The clearing of prize funds.Online payment needs enterprise first to squeeze into security risk bonus in capital management platform, enterprise security
Administrative staff pay the report bonus of corresponding prize scale into speaker's account after audit report information is effective;?
Can be used it is similar form is provided with monthly earnings, condition of providing is that audit report information is effective, and capital management platform is automatically by phase
The report bonus of prize scale is answered to pay into speaker's account.Further, the update mould of security risk information reporting platform
Block updating record information processing state report verify effectively, can by the risk size of security risk, the height of priority level,
Match corresponding report reward.That is the report prize funds of capital management platform management can divide height multiple ranks, no
With the reward of the amount of money.Since security risk is reported and rewards hook, after the processing of identity information shroud module anonymization, greatly
Report subscriber identity information safety is protected, the action that personnel participate in the report of security risk information is improved, thus bigger
The generation of security risk is avoided in degree.
More preferably gold management platform has capital management statistical module, reports prize funds statistic of classification to security risk
Generate report, management report prize funds.Report prize funds whereabouts can be looked into, can be traced back, to ensure enterprise reward fund security.
As shown in Fig. 2, the flow diagram of embodiment,
The node location handled according to above-mentioned identity information shroud module anonymization is different, and process can be divided into three kinds of situations:
1. identity information shroud module carries out anonymization processing, subscriber identity information warp in subscriber identity information typing simultaneously
Treated that data are stored in user ID data library for anonymization.Report subscriber identity information " name: A " is stored in user identity
Database is " name: a ".The legitimacy of user identity is determined by identification module.
It reports that user " name: a " obtains module by the report information in security risk information reporting platform, such as reports
User obtains security risk photo, video or audio-frequency information using mobile phone;Security risk information data is sent to security risk
Information reporting platform, by connecing, receiving module receives security risk information to security risk information reporting platform and report user believes
Breath, for example, mobile phone is obtained security risk photo, video or audio-frequency information anonymization treated user's body by report user
Part information passes through Industrial Ethernet together and is uploaded to Web server;Security risk information reporting platform by security risk information and
Report user information is stored in relevant data server.
The responsible person that keeps the safety in production consults the security risk information of security risk information reporting platform and handles by anonymization
Subscriber identity information " name: a " (checking and approving identity, not can know that true identity) afterwards, according to investigation, prediction, hidden danger grade
It divides and classifies, judge the validity of report information, and by the update module of security risk information reporting platform according to update
Report information processing status, report information processing status include report in, investigation in, report result publicity.Report result publicity
Including reporting that verification is effective, report information is wrong.
2. subscriber identity information is logged the user ID data library (body in identity management platform in identity management platform
Part database establishes white list according to identity data, and the foundation of white list is based on on-job registration employee) i.e. identity database
In include subscriber identity information, report subscriber identity information " name: A " etc. information are stored in identity database (white list user
Corresponding information is address name and user identity legitimacy, reports address name A, is white list for on-job registration employee
User).The legitimacy for determining user identity is known by identification module.
It reports that user " name: A " obtains module by the report information in security risk information reporting platform, such as reports
User obtains security risk photo, video or audio-frequency information using mobile phone;Security risk information data is sent to security risk
Information reporting platform, by connecing, receiving module receives security risk information to security risk information reporting platform and report user believes
Breath, for example, mobile phone is obtained security risk photo, video or audio-frequency information anonymization treated user's body by report user
Part information passes through Industrial Ethernet together and is uploaded to Web server;Security risk information reporting platform by security risk information and
Report user information is stored in relevant data server.
The responsible person that keeps the safety in production consults the security risk information of security risk information reporting platform, identity information shroud module
Anonymization processing is carried out to the subscriber identity information in user ID data library, after anonymization is handled, display report user's body
Part information is " name: a " (anonymization and belong to white list user).According to investigation, prediction, hidden danger grade classification and classify,
Judge the validity of report information, and by the update module of security risk information reporting platform according to updating record information processing
State, report information processing status include report in, investigation in, report result publicity.Report that result publicity includes that report is verified
Effectively, report information is wrong.
3. identity information shroud module carries out anonymization processing in subscriber identity information typing, and carries out in report user
When security risk information is reported, anonymization processing is carried out when calling the report user information in relative users identity database.Report
Accusing subscriber identity information " name: A " and being stored in user ID data library is " name: a ".User is determined by identification module
The legitimacy of identity.
It reports that user " name: a " obtains module by the report information in security risk information reporting platform, such as reports
User obtains security risk photo, video or audio-frequency information using mobile phone;Security risk information data is sent to security risk
Information reporting platform, by connecing, receiving module receives security risk information to security risk information reporting platform and report user believes
Breath, for example, mobile phone is obtained security risk photo, video or audio-frequency information anonymization treated user's body by report user
Part information passes through Industrial Ethernet together and is uploaded to Web server;Security risk information reporting platform by security risk information and
Report user information is stored in relevant data server.
The responsible person that keeps the safety in production consults the security risk information of security risk information reporting platform and handles by anonymization
Afterwards subscriber identity information " name: b " (identity information shroud module assign at random report mono- display information of user A " name:
B " and a fixed hiding attribute (a), check and approve identity, not can know that true identity), it is drawn according to investigation, prediction, hidden danger grade
Divide and classify, judges the validity of report information, and report according to update by the update module of security risk information reporting platform
Accuse information processing state, report information processing status include report in, investigation in, report result publicity.Report result publicity packet
It includes and reports that verification is effective, report information is wrong.
It being verified effectively according to report, safety in production responsible person arranges the relevant personnel to register security risk in time, with
The standby foundation as later period rectification.If it was found that same type security risk, illustrates it is " common fault ", then needs thoroughly to rectify and improve, and root
Decision is instructed according to the safety management that actual conditions formulate the later period.It is verified effectively in report, instantaneity safety hazards occurs, then
It must order to stop work to rectify and improve immediately.For violation commander, violation operation behaviour, should directly contact party carry out it is corresponding correct and
Punishment.For security risk person liable, visual love knot weight gives education and punishment.Due to the anonymity of identity information shroud module
Change processing function, greatly protects the identity information of report user, avoid security risk person liable, colleague, leading body at a higher level
Revenge may.
Preferably, report reward platform is verified effectively according to report in report result publicity, shields mould by identity information
Root tuber is reversed to obtain corresponding report subscriber identity information " name: A ", enterprise according to one of above-mentioned three kinds corresponding anonymization nodes
Industry safety manager is after audit report information is effective, by the report bonus payment of corresponding prize scale to report user's hair
In " name: A " account.
It is highly preferred that the capital management statistical module of capital management platform, to security risk report prize funds classification system
Family planning is at report.For example, subscriber identity information (name: a) report after report user (name: A) or anonymization is safe several times
Hidden danger information obtains corresponding amount of money award.
As shown in figure 3, the step schematic diagram of the application method of security risk reporting system,
S101. the user ID data library in subscriber identity information typing identity management platform, identity information shroud module
To the subscriber identity information in user ID data library and/or report that user information carries out anonymization processing.
S102. the identity database in identity management platform establishes white list, identification module pair according to identity data
Security risk information reporting platform report user information or anonymization report user information and the white list compare with
Identify and judge user identity.
S103. report user obtains module by the report information in security risk information reporting platform, by security risk
Information is sent to security risk information reporting platform, and security risk information reporting platform receives security risk by connecing receiving module
Information and report user information or anonymization report user information, by security risk information and report user information or anonymization report
It accuses user information and is stored in memory module, identification module is to the report user information of security risk information reporting platform or hides
Nameization report user information and user ID data library are compared to identify and judge user identity.
S104. the update module of security risk information reporting platform is according to actual development updating record information processing state,
Report information processing status include report in, investigation in, report result publicity.
S105. report result publicity includes that report verification is effective, report information is wrong.
S106. report reward platform is verified effectively according to report in report result publicity, and identity information shroud module calls
The report user information or anonymization in user ID data library report user information, trigger capital management platform to corresponding report
User provides reward.
S107. the capital management statistical module of capital management platform, it is raw to security risk report prize funds statistic of classification
At report.
The above is only presently preferred embodiments of the present invention, is not intended to limit the present invention in any form,
It may not only be applied to the high risk industries such as coal mine, be equally applicable to be related to the other industry of security hidden trouble.Although the present invention is
It is disclosed above in the preferred embodiment, however, it is not intended to limit the invention, and any technical staff for being familiar with this patent is not departing from
Within the scope of technical solution of the present invention, when the technology contents using above-mentioned prompt make a little change or are modified to equivalent variations
Equivalent embodiment, but anything that does not depart from the technical scheme of the invention content, according to the technical essence of the invention to above embodiments
Made any simple modification, equivalent change and modification, in the range of still falling within the present invention program.
Claims (10)
1. a kind of security risk reporting system, including identity management platform, security risk information reporting platform, wherein Identity Management
Platform includes user ID data library and identification module, which is characterized in that identity management platform further includes identity information screen
Module is covered, the security risk information reporting platform receives security risk information and report user information, identification module
The report user information and user ID data library of security risk information reporting platform are compared to identify and judge user
Identity, the identity information shroud module in user ID data library subscriber identity information and/or report user information into
The processing of row anonymization.
2. a kind of safety in production hidden danger reporting system according to claim 1, which is characterized in that the identity management platform
In identity database white list, report of the identification module to security risk information reporting platform are established according to identity data
User information or anonymization report user information and the white list are compared to identify and judge user identity.
3. a kind of security risk reporting system according to claim 1, which is characterized in that the identity information shroud module
Anonymization processing include user's typing when identity information anonymization and/or identification module to report user information call
When anonymization user ID data library compare to identify and judge user identity.
4. a kind of security risk reporting system according to claim 1, which is characterized in that the security risk information report
Accusing platform includes that report information obtains module, receiving module, memory module and update module, the report information obtains, receives,
Memory module obtained accordingly, received, storage report information, update module updating record information processing state.
5. a kind of security risk reporting system according to claim 4, it is characterised in that the report information handles shape
State include report in, investigation in, report result publicity, the report result publicity include report verify effectively, report information
It is wrong.
6. a kind of security risk reporting system according to claim 5, which is characterized in that further include report reward platform and
Capital management platform, identity information shroud module call the report subscriber identity information in user ID data library, the report
It rewards platform to be verified effectively according to report in report result publicity, triggering capital management platform provides reward to report user.
7. a kind of security risk reporting system according to claim 1, which is characterized in that the security risk information report
Platform has security risk Information Statistics module, and security risk statistical module generates security risk report information statistic of classification and reports
Table.
8. a kind of security risk reporting system according to claim 6, which is characterized in that the capital management platform has
Capital management statistical module generates report to security risk report prize funds statistic of classification.
9. a kind of method based on security risk reporting system described in claim 1, it is characterised in that the following steps are included:
S101. the user ID data library in subscriber identity information typing identity management platform, identity information shroud module to
Subscriber identity information and/or report user information in the identity database of family carry out anonymization processing.
S102. the identity database in identity management platform establishes white list according to identity data, and identification module is to safety
Report user information or anonymization the report user information of hidden danger information reporting platform and the white list are compared to identify
With judge user identity.
S103. report user obtains module by the report information in security risk information reporting platform, by security risk information
Be sent to security risk information reporting platform, security risk information reporting platform by receiving module receive security risk information and
It reports that user information or anonymization report user information, reports security risk information and report user information or anonymization to user
Information is stored in memory module, report user information or anonymization report of the identification module to security risk information reporting platform
It accuses user information and user ID data library is compared to identify and judge user identity.
S104. the update module of security risk information reporting platform is according to actual development updating record information processing state, report
Information processing state include report in, investigation in, report result publicity.
S105. report result publicity includes that report verification is effective, report information is wrong.
10. a kind of method based on security risk reporting system as claimed in claim 6, it is characterised in that the following steps are included:
S101. the user ID data library in subscriber identity information typing identity management platform, identity information shroud module to
Subscriber identity information and/or report user information in the identity database of family carry out anonymization processing.
S102. the identity database in identity management platform establishes white list according to identity data, and identification module is to safety
Report user information or anonymization the report user information of hidden danger information reporting platform and the white list are compared to identify
With judge user identity.
S103. report user obtains module by the report information in security risk information reporting platform, by security risk information
It is sent to security risk information reporting platform, security risk information reporting platform receives security risk information by connecing receiving module
User information is reported with report user information or anonymization, and security risk information and report user information or anonymization report are used
Family information is stored in memory module, report user information or anonymization of the identification module to security risk information reporting platform
Report user information and user ID data library are compared to identify and judge user identity.
S104. the update module of security risk information reporting platform is according to actual development updating record information processing state, report
Information processing state include report in, investigation in, report result publicity.
S105. report result publicity includes that report verification is effective, report information is wrong.
S106. report reward platform is verified effectively according to report in report result publicity, and identity information shroud module calls user
The report user information or anonymization of identity database report user information, trigger capital management platform to corresponding report user
Provide reward.
S107. the capital management statistical module of capital management platform generates report to security risk report prize funds statistic of classification
Table.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910303605.0A CN110210989A (en) | 2019-04-16 | 2019-04-16 | A kind of security risk reporting system and its method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910303605.0A CN110210989A (en) | 2019-04-16 | 2019-04-16 | A kind of security risk reporting system and its method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110210989A true CN110210989A (en) | 2019-09-06 |
Family
ID=67785360
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910303605.0A Pending CN110210989A (en) | 2019-04-16 | 2019-04-16 | A kind of security risk reporting system and its method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110210989A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111783145A (en) * | 2020-09-04 | 2020-10-16 | 城云科技(中国)有限公司 | Remote supervision platform based on urban road management |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106952078A (en) * | 2017-03-16 | 2017-07-14 | 青岛国际机场集团有限公司 | SMS safety management systems based on BPM flow engines |
| CN107609765A (en) * | 2017-09-01 | 2018-01-19 | 中国东方电气集团有限公司 | A kind of factory's hidden troubles removing method and system |
| CN108717604A (en) * | 2018-05-21 | 2018-10-30 | 西安科技大学 | A kind of production safety hidden danger closed loop management system |
-
2019
- 2019-04-16 CN CN201910303605.0A patent/CN110210989A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106952078A (en) * | 2017-03-16 | 2017-07-14 | 青岛国际机场集团有限公司 | SMS safety management systems based on BPM flow engines |
| CN107609765A (en) * | 2017-09-01 | 2018-01-19 | 中国东方电气集团有限公司 | A kind of factory's hidden troubles removing method and system |
| CN108717604A (en) * | 2018-05-21 | 2018-10-30 | 西安科技大学 | A kind of production safety hidden danger closed loop management system |
Non-Patent Citations (2)
| Title |
|---|
| 中国战略与管理研究会主编: "《战略与管理 公营住宅:日本住宅保障制度的战后70年》", 30 September 2015 * |
| 赵岗等: "《中国证券业监管发展与改革研究》", 31 January 2015, 中国发展出版社 * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111783145A (en) * | 2020-09-04 | 2020-10-16 | 城云科技(中国)有限公司 | Remote supervision platform based on urban road management |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7379879B1 (en) | Incident reporting system and method | |
| CN106797417B (en) | Contact center anti-fraud monitoring, detection and prevention scheme | |
| CN104486346B (en) | A kind of springboard machine system | |
| CN103026345A (en) | Dynamic multidimensional schemas for event monitoring priority | |
| CN104217288A (en) | Security management device and system for community comprehensive grid | |
| Dennis | A Mosaic Shield: Maynard, the Fourth Amendment, and Privacy Rights in the Digital Age | |
| CN111598574A (en) | Intelligent service transaction oriented supervision method and supervision interface | |
| CN104240014B (en) | A kind of online access control method and platform | |
| CN103944719A (en) | Comprehensive verification system and method for identities and documentary evidences | |
| US20050131828A1 (en) | Method and system for cyber-security damage assessment and evaluation measurement (CDAEM) | |
| CN105427203A (en) | House renting information management method and system | |
| Gierlack et al. | License plate readers for law enforcement: Opportunities and obstacles | |
| CN110472944A (en) | Safe operation and maintenance system based on comprehensive law enforcement management platform | |
| CN107610261B (en) | System capable of managing entrance and exit of construction site | |
| CN110210989A (en) | A kind of security risk reporting system and its method | |
| KR102365571B1 (en) | Method and apparatus for managing password including one-time password issuance function for integrally managing closed-circuit television | |
| CN109726596A (en) | A kind of appraisal of labor capacity plateform system | |
| Satwiko | Privacy and Data Protection: Indonesian Legal Framework | |
| CN115563620A (en) | Credible security method and security protection system for intelligent education platform | |
| US20200285768A1 (en) | Method for determining and displaying the security state of data | |
| JP2014081951A (en) | Real credit determination device for credit card and method therefor | |
| EP3869435A1 (en) | System for tracking banknotes transactions | |
| Ibrahim et al. | Fraud management system in detecting fraud in cellular telephone networks | |
| Gurkin et al. | Time and Attendance: Agencies Generally Compiled Data on Misconduct, and Reported Using Various Internal Controls for Monitoring | |
| CN116955441A (en) | Broken card early warning platform |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190906 |
|
| RJ01 | Rejection of invention patent application after publication |