CN110336780A - A kind of O&M auditing system of automatic alarm - Google Patents
A kind of O&M auditing system of automatic alarm Download PDFInfo
- Publication number
- CN110336780A CN110336780A CN201910379500.3A CN201910379500A CN110336780A CN 110336780 A CN110336780 A CN 110336780A CN 201910379500 A CN201910379500 A CN 201910379500A CN 110336780 A CN110336780 A CN 110336780A
- Authority
- CN
- China
- Prior art keywords
- user
- data
- auditing
- automatic alarm
- password
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/28—Restricting access to network management systems or functions, e.g. using authorisation function to access network configuration
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/72—Signcrypting, i.e. digital signing and encrypting simultaneously
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of O&M auditing systems of automatic alarm, user logs in O&M auditing system by client validation unit, the password in IP address, id information and rivest, shamir, adelman that client validation unit is inputted according to user, when three kinds of input information are correct, into server Authority Verification;When the server Authority Verification, the password in rivest, shamir, adelman is extracted, is addressed in Authority Verification library, determines the upper limit position of part permission;After determining upper limit position, user is successfully entered auditing and supervisory center, inputs object element in auditing and supervisory center, screens object element by audit aim screening unit, obtains three attribute datas of object element;User can carry out data to three attribute datas and transfer.Using by extracting the password in rivest, shamir, adelman, is addressed in Authority Verification library, determine the upper limit position of part permission, obtain the access right of user.
Description
Technical field
The invention belongs to O&M audit fields, are related to a kind of O&M auditing system of automatic alarm.
Background technique
As being constantly progressive for information technology has been increasingly subject to more close with information-based significant development, information security
Note.Not only by the threat of external factor, the violation operation and maloperation of internal user can also cause it seriously internal information
Problem of data safety.Therefore, O&M security audit product is applied in more and more network environments, to take precautions against inside
Information security issue records network resource accession log to audit afterwards.Most of such product all provides Account Administration, body
The functions such as part certification, resource authorization, single-sign-on, access control and operation audit, to help user to realize O&M bursting tube
The purpose of reason and Internal Control Audit.
O&M auditing system saves the basic datas such as user information, resource information.User refers to O&M auditing system itself
Legitimate user, user has the information such as user name, login password, E-mail address.Resource refers to be protected by O&M auditing system
Information resources, such as host, server, the network equipment, operating system, database.Resource has affiliated function, IP address, account
Number and the information such as login password.
But present auditing system can not identify the access authorization for resource of user, cause great security risk.
Summary of the invention
It is an object of the invention to: a kind of O&M auditing system of automatic alarm is provided, solves present audit system
The problem of system can not identify the access authorization for resource of user, cause great security risk.
The technical solution adopted by the invention is as follows:
A kind of O&M auditing system of automatic alarm, user log in O&M auditing system by client validation unit, visitor
The password in IP address, id information and rivest, shamir, adelman that family end authentication unit is inputted according to user, three kinds of input information
When correct, into server Authority Verification;When the server Authority Verification, the password in rivest, shamir, adelman is extracted,
Authority Verification addresses in library, determines the upper limit position of part permission;After determining upper limit position, user is successfully entered auditing and supervisory
Center inputs object element in auditing and supervisory center, screens object element by audit aim screening unit, obtains target list
Three attribute datas of member;User can carry out data to three attribute datas and transfer.
Present auditing system can not identify the access authorization for resource of user, cause great security risk, and the present invention is
It solves the problems, such as this, using by extracting the password in rivest, shamir, adelman, addresses in Authority Verification library, determine
The upper limit position of local permission obtains the access right of user, and logs in the identical just success of three kinds of information using user
Into next node, the password in rivest, shamir, adelman changes at any time, and long-term password is avoided to be changed without, and causes safety
Hidden danger.
Further, the rivest, shamir, adelman is made of private key and public key, when using public key encryption, uses corresponding private
Key is decrypted, and when using private key encryption, is decrypted using corresponding public key.Password is replaced at regular intervals, more
What is added is safe and reliable.
Further, data generate 32 unique cryptographic Hash after double SHA256 operations, reuse private key encryption Hash
Value generates digital signature, and digital signature and data are encrypted to obtain encryption data using the public key of recipient.
Further, the password in the rivest, shamir, adelman corresponds the upper limit in Authority Verification library;The user
Upper limit value it is higher, obtain permission it is bigger.One-to-one relationship is just inputted when system Construction.
Further, three attribute data includes that data are completed in field research data, online audit data and audit.This hair
Transferring in bright is the Audit data of a company.
Further, when three kinds of input information of the user are incorrect, do not pass through client authentication unit, client validation list
Three kinds of information of input are sent to alarm by member.O&M auditing system is that security properties are very high, only allows once to step on
The chance of record.
Further, the alarm sends warning message to three system operator hands simultaneously by way of wireless transmission
On machine, being sent on three system operator mobile phones is and the retrocession in order to supervise jointly.
In conclusion by adopting the above-described technical solution, the beneficial effects of the present invention are:
1. a kind of O&M auditing system of automatic alarm, using by extracting the password in rivest, shamir, adelman,
It is addressed in Authority Verification library, determines the upper limit position of part permission, obtain the access right of user, and using user
Log in three kinds of information coincide just be successfully entered next node, the password in rivest, shamir, adelman changes at any time, avoids
Long-term password is changed without, and causes security risk.
2. heretofore described rivest, shamir, adelman is made of private key and public key, when using public key encryption, correspondence is used
Private key be decrypted, when using private key encryption, be decrypted using corresponding public key.Password carries out more at regular intervals
It changes, more securely and reliably.
Detailed description of the invention
In order to illustrate the technical solution of the embodiments of the present invention more clearly, below will be to needed in the embodiment attached
Figure is briefly described, it should be understood that the following drawings illustrates only certain embodiments of the present invention, therefore is not construed as pair
The restriction of range for those of ordinary skill in the art without creative efforts, can also be according to this
A little attached drawings obtain other relevant attached drawings, in which:
Fig. 1 is present system flow chart;
Specific embodiment
In order to make the objectives, technical solutions, and advantages of the present invention clearer, with reference to the accompanying drawings and embodiments, right
The present invention is further elaborated.It should be appreciated that described herein, specific examples are only used to explain the present invention, not
For limiting the present invention, i.e., described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is logical
The component for the embodiment of the present invention being often described and illustrated herein in the accompanying drawings can be arranged and be designed with a variety of different configurations.
Therefore, the detailed description of the embodiment of the present invention provided in the accompanying drawings is not intended to limit below claimed
The scope of the present invention, but be merely representative of selected embodiment of the invention.Based on the embodiment of the present invention, those skilled in the art
Member's every other embodiment obtained without making creative work, shall fall within the protection scope of the present invention.
It should be noted that the relational terms of term " first " and " second " or the like be used merely to an entity or
Operation is distinguished with another entity or operation, and without necessarily requiring or implying between these entities or operation, there are any
This actual relationship or sequence.Moreover, the terms "include", "comprise" or its any other variant be intended to it is non-exclusive
Property include so that include a series of elements process, method, article or equipment not only include those elements, but also
Further include other elements that are not explicitly listed, or further include for this process, method, article or equipment it is intrinsic
Element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that including described
There is also other identical elements in the process, method, article or equipment of element.
A kind of O&M auditing system of automatic alarm, user log in O&M auditing system by client validation unit, visitor
The password in IP address, id information and rivest, shamir, adelman that family end authentication unit is inputted according to user, three kinds of input information
When correct, into server Authority Verification;When the server Authority Verification, the password in rivest, shamir, adelman is extracted,
Authority Verification addresses in library, determines the upper limit position of part permission;After determining upper limit position, user is successfully entered auditing and supervisory
Center inputs object element in auditing and supervisory center, screens object element by audit aim screening unit, obtains target list
Three attribute datas of member;User can carry out data to three attribute datas and transfer.
Feature and performance of the invention are described in further detail below with reference to embodiment.
Embodiment one
Present pre-ferred embodiments provide a kind of automatic alarm O&M auditing system, further, it is described it is asymmetric plus
Close algorithm is made of private key and public key, when using public key encryption, is decrypted using corresponding private key, when using private key encryption,
It is decrypted using corresponding public key.Data generate 32 unique cryptographic Hash after double SHA256 operations, reuse private key
Cryptographic hash generates digital signature, and digital signature and data are encrypted to obtain encryption data using the public key of recipient.
Present auditing system can not identify the access authorization for resource of user, cause great security risk, and the present invention is
It solves the problems, such as this, using by extracting the password in rivest, shamir, adelman, addresses in Authority Verification library, determine
The upper limit position of local permission obtains the access right of user, and logs in the identical just success of three kinds of information using user
Into next node, the password in rivest, shamir, adelman changes at any time, and long-term password is avoided to be changed without, and causes safety
Hidden danger;Password is replaced at regular intervals, more securely and reliably.
Embodiment two
The present embodiment on the basis of example 1, further, test in permission by the password in the rivest, shamir, adelman
Card corresponds the upper limit in library;The upper limit value of the user is higher, and it is bigger to obtain permission.Three attribute data includes that scene is adjusted
It grinds data, online audit data and audit and completes data.When three kinds of input information of the user are incorrect, do not tested by client
Unit is demonstrate,proved, three kinds of information of input are sent to alarm by client validation unit.The side that the alarm passes through wireless transmission
Formula is sent simultaneously on warning message to three system operator mobile phones,
Transferring in the present invention is the Audit data of a company.Just input is one-to-one when system Construction closes
System.O&M auditing system is that security properties are very high, the chance for only allowing once to log in.It is sent to three system operators
It is and the retrocession in order to supervise jointly on mobile phone.
The foregoing is merely illustrative of the preferred embodiments of the present invention, the protection scope being not intended to limit the invention, any
Those skilled in the art within the spirit and principles in the present invention made by any modifications, equivalent replacements, and improvements etc.,
It should all be included in the protection scope of the present invention.
Claims (7)
1. a kind of O&M auditing system of automatic alarm, it is characterised in that: user logs in O&M by client validation unit and examines
Meter systems, the password in IP address, id information and rivest, shamir, adelman that client validation unit is inputted according to user, three kinds
When input information is correct, into server Authority Verification;
When the server Authority Verification, the password in rivest, shamir, adelman is extracted, is addressed in Authority Verification library, determines office
The upper limit position of portion's permission;After determining upper limit position, user is successfully entered auditing and supervisory center, defeated in auditing and supervisory center
Enter object element, object element is screened by audit aim screening unit, obtains three attribute datas of object element;User can be right
Three attribute datas carry out data and transfer.
2. a kind of O&M auditing system of automatic alarm according to claim 1, it is characterised in that: the asymmetric encryption
Algorithm is made of private key and public key, when using public key encryption, is decrypted using corresponding private key, when using private key encryption, is made
It is decrypted with corresponding public key.
3. a kind of O&M auditing system of automatic alarm according to claim 2, it is characterised in that: the data encryption
Cheng Shi: data generate 32 unique cryptographic Hash after double SHA256 operations, reuse private key encryption cryptographic Hash and generate number
Signature, digital signature and data are encrypted to obtain encryption data using the public key of recipient.
4. a kind of O&M auditing system of automatic alarm according to claim 1, it is characterised in that: the asymmetric encryption
Password in algorithm corresponds the upper limit in Authority Verification library;The upper limit value of the user is higher, and it is bigger to obtain permission.
5. a kind of O&M auditing system of automatic alarm according to claim 1, it is characterised in that: three attribute data
Data are completed including field research data, online audit data and audit.
6. a kind of O&M auditing system of automatic alarm according to claim 1, it is characterised in that: three kinds of the user is defeated
Enter information it is incorrect when, not by client authentication unit, three kinds of information of input are sent to alarm by client validation unit
Device.
7. a kind of O&M auditing system of automatic alarm according to claim 6, it is characterised in that: the alarm passes through
The mode of wireless transmission is sent on warning message to three system operator mobile phones simultaneously.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910379500.3A CN110336780A (en) | 2019-05-08 | 2019-05-08 | A kind of O&M auditing system of automatic alarm |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910379500.3A CN110336780A (en) | 2019-05-08 | 2019-05-08 | A kind of O&M auditing system of automatic alarm |
Publications (1)
Publication Number | Publication Date |
---|---|
CN110336780A true CN110336780A (en) | 2019-10-15 |
Family
ID=68139629
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910379500.3A Pending CN110336780A (en) | 2019-05-08 | 2019-05-08 | A kind of O&M auditing system of automatic alarm |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110336780A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111984971A (en) * | 2020-08-10 | 2020-11-24 | 成都安恒信息技术有限公司 | Method for automatically producing and managing operation and maintenance data |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104010088A (en) * | 2014-06-16 | 2014-08-27 | 中国地质大学(武汉) | Smart-phone anti-theft method and system |
CN104794789A (en) * | 2015-04-18 | 2015-07-22 | 内蒙古科技大学 | Photoelectric coded lock system |
CN106776717A (en) * | 2016-11-16 | 2017-05-31 | 北京集奥聚合科技有限公司 | A kind of interface configurations method and system based on HBase |
CN109302404A (en) * | 2018-10-30 | 2019-02-01 | 国电南瑞南京控制系统有限公司 | A kind of remote maintenance authenticating operation method of wide area operational system |
CN109684164A (en) * | 2018-11-26 | 2019-04-26 | 武汉烽火信息集成技术有限公司 | A kind of isomery operation management method and system based on autonomous controllable software and hardware |
-
2019
- 2019-05-08 CN CN201910379500.3A patent/CN110336780A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104010088A (en) * | 2014-06-16 | 2014-08-27 | 中国地质大学(武汉) | Smart-phone anti-theft method and system |
CN104794789A (en) * | 2015-04-18 | 2015-07-22 | 内蒙古科技大学 | Photoelectric coded lock system |
CN106776717A (en) * | 2016-11-16 | 2017-05-31 | 北京集奥聚合科技有限公司 | A kind of interface configurations method and system based on HBase |
CN109302404A (en) * | 2018-10-30 | 2019-02-01 | 国电南瑞南京控制系统有限公司 | A kind of remote maintenance authenticating operation method of wide area operational system |
CN109684164A (en) * | 2018-11-26 | 2019-04-26 | 武汉烽火信息集成技术有限公司 | A kind of isomery operation management method and system based on autonomous controllable software and hardware |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111984971A (en) * | 2020-08-10 | 2020-11-24 | 成都安恒信息技术有限公司 | Method for automatically producing and managing operation and maintenance data |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP7295068B2 (en) | Federated key management | |
JP6542962B2 (en) | Delayed data access | |
EP3258374B1 (en) | Systems and methods for detecting and reacting to malicious activity in computer networks | |
JP6329970B2 (en) | Policy enforcement with relevant data | |
US9038196B2 (en) | Method for authenticating a user requesting a transaction with a service provider | |
US20190207772A1 (en) | Network scan for detecting compromised cloud-identity access information | |
EP3585032A1 (en) | Data security service | |
US11372993B2 (en) | Automatic key rotation | |
TWI424726B (en) | Method and system for defeating the man in the middle computer hacking technique | |
CN103413083A (en) | Security defending system for single host | |
CN103310161A (en) | Protection method and system for database system | |
CN117768236A (en) | Safety control and data desensitization platform and method based on API gateway | |
CN106685995B (en) | Leakage account data query system based on hardware encryption | |
CN110336780A (en) | A kind of O&M auditing system of automatic alarm | |
CN110708156B (en) | Communication method, client and server | |
Kang et al. | A strengthening plan for enterprise information security based on cloud computing | |
AlZomai et al. | Strengthening sms-based authentication through usability | |
Sheik et al. | Considerations for secure mosip deployment | |
Rocha | Cybersecurity analysis of a SCADA system under current standards, client requisites, and penetration testing | |
Sorge | IT Security measures and their relation to data protection | |
Makowski et al. | Evaluation of Real-World Risk-Based Authentication at Online Services Revisited: Complexity Wins | |
Algamdi | Security Risk Management in the Electronic Banking Environment: Some Evidence for Banking Systems | |
Anand et al. | Enhancing Security for IoT Devices using Software Defined Networking (SDN) | |
Riaz et al. | Analysis of Web based Structural Security Patterns by Employing Ten Security Principles | |
Wunsch | Guide for the enforcement of IT security in automation systems |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20191015 |
|
RJ01 | Rejection of invention patent application after publication |