CN111047309B - Security compliance detection method and device, computer equipment and storage medium - Google Patents

Security compliance detection method and device, computer equipment and storage medium Download PDF

Info

Publication number
CN111047309B
CN111047309B CN201911312826.0A CN201911312826A CN111047309B CN 111047309 B CN111047309 B CN 111047309B CN 201911312826 A CN201911312826 A CN 201911312826A CN 111047309 B CN111047309 B CN 111047309B
Authority
CN
China
Prior art keywords
detection
safety compliance
safety
compliance detection
rule
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201911312826.0A
Other languages
Chinese (zh)
Other versions
CN111047309A (en
Inventor
李观鹏
冷杉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Three Cloud Computing Co ltd
Beijing Sankuai Online Technology Co Ltd
Original Assignee
Beijing Sankuai Online Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Sankuai Online Technology Co Ltd filed Critical Beijing Sankuai Online Technology Co Ltd
Priority to CN201911312826.0A priority Critical patent/CN111047309B/en
Publication of CN111047309A publication Critical patent/CN111047309A/en
Application granted granted Critical
Publication of CN111047309B publication Critical patent/CN111047309B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/085Payment architectures involving remote charge determination or related payment systems
    • G06Q20/0855Payment architectures involving remote charge determination or related payment systems involving a third party
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4016Transaction verification involving fraud or risk level assessment in transaction processing

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Finance (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Alarm Systems (AREA)

Abstract

The application relates to a safety compliance detection method, a safety compliance detection device, computer equipment and a storage medium, and relates to the field of safety compliance detection. The method comprises the following steps: the server receives a safety compliance detection command sent by the detection terminal; acquiring a corresponding safety compliance detection rule according to the safety compliance detection command; issuing a safety compliance detection rule to an Agent; receiving a detection result which is fed back by the Agent and obtained by executing a corresponding safety compliance detection strategy according to a safety compliance detection rule; and integrating and counting the detection results and then sending the detection results to the detection terminal so that the detection terminal can display the detection results after the integration and counting in a display interface. By the method, the automatic adjustment of the safety compliance detection rules aiming at different safety compliance detection commands is realized in the safety compliance detection process, so that the detection efficiency, the detection safety, the detection accuracy and the detection flexibility of the safety compliance detection are improved.

Description

Security compliance detection method and device, computer equipment and storage medium
Technical Field
The present disclosure relates to the field of safety compliance detection, and in particular, to a method and an apparatus for safety compliance detection, a computer device, and a storage medium.
Background
Along with the improvement of the popularization rate of the intelligent terminal, the market environment is mature day by day, the mobile payment gradually becomes an indispensable part of the daily life of people, and the mobile payment safety is more and more paid attention by people.
In the related art, the security compliance detection for mobile payment usually depends on manual detection or a detection method combining shell script (shell script) assisted detection and manual detection to realize the security compliance detection for mobile payment.
However, in the safety compliance detection process with manual detection, the phenomena of low detection efficiency, low detection safety and low detection accuracy are caused by the limitation of artificial factors, the influence caused by the artificial factors cannot be avoided even in the safety compliance detection of shell script auxiliary detection, and meanwhile, due to the limitation of shell script operation, the expandability of the safety compliance detection method is poor.
Disclosure of Invention
The application relates to a safety compliance detection method, a safety compliance detection device, computer equipment and a storage medium, and the technical scheme is as follows:
in one aspect, a security compliance detection method is provided, the method being performed by a server, the method comprising:
receiving a safety compliance detection command sent by a detection terminal;
acquiring a corresponding safety compliance detection rule according to the safety compliance detection command;
issuing the safety compliance detection rule to an agent component;
receiving a detection result fed back by the agent component, wherein the detection result is obtained by the agent component executing a corresponding security compliance detection strategy according to the security compliance detection rule;
and performing integration statistics on the detection result and then sending the detection result to the detection terminal so that the detection terminal can display the detection result after the integration statistics in a display interface.
In a possible implementation manner, the obtaining, according to the safety compliance detection command, a corresponding safety compliance detection rule includes:
acquiring a corresponding safety compliance detection standard according to the safety compliance detection command;
and acquiring a corresponding safety compliance detection rule according to the safety compliance detection standard, wherein the safety compliance detection rule is configured in advance according to the safety compliance detection standard.
In a possible implementation manner, before the receiving a security compliance detection command sent by a detection terminal, the method further includes:
receiving a configuration instruction sent by a configuration terminal;
and configuring the corresponding relation between the safety compliance detection standard and the safety compliance detection rule according to the configuration instruction.
In one possible implementation, the security compliance detection standard includes at least one of a level three level network security level protection, a payment card industry data security standard PCI DSS, and a union pay card payment information security management standard UPDSS.
In one possible implementation, the safety compliance detection rule includes at least one of an interval rule, a precondition, and a combination condition;
the interval rule is used for indicating the agent component to judge the numerical interval;
the precondition is used for indicating the agent component to judge the specified condition before carrying out numerical value detection;
the combination condition is used for indicating the agent component to judge the combination logic relationship.
In another aspect, a security compliance detection method is provided, the method being performed by an agent component, the method comprising:
receiving a safety compliance detection rule sent by a server;
analyzing the safety compliance detection rule to obtain a corresponding safety compliance detection strategy;
executing the safety compliance detection strategy to obtain a detection result;
and sending the detection result to a server so that the server can carry out integration statistics on the detection result and then send the detection result to a detection terminal, and the detection terminal displays the detection result after the integration statistics in a display interface.
In a possible implementation manner, the safety compliance detection policy refers to detection of a value corresponding to the safety compliance detection rule, where the detection of the value includes at least one of comparison of values, interval judgment of values, and logical relationship judgment of values.
In another aspect, there is provided a security compliance detection apparatus, which is used in a server, the apparatus including:
the first receiving module is used for receiving a safety compliance detection command sent by the detection terminal;
the acquisition module is used for acquiring a corresponding safety compliance detection rule according to the safety compliance detection command;
the issuing module is used for issuing the safety compliance detection rule to the agent component;
a second receiving module, configured to receive a detection result fed back by the proxy component, where the detection result is a result obtained by the proxy component executing a corresponding security compliance detection policy according to the security compliance detection rule;
and the sending module is used for carrying out integration statistics on the detection result and then sending the detection result to the detection terminal so that the detection terminal can display the detection result after the integration statistics in a display interface.
In one possible implementation manner, the obtaining module includes:
the first acquisition submodule is used for acquiring a corresponding safety compliance detection standard according to the safety compliance detection command;
and the second obtaining submodule is used for obtaining a corresponding safety compliance detection rule according to the safety compliance detection standard, wherein the safety compliance detection rule is configured in advance according to the safety compliance detection standard.
In one possible implementation, the apparatus further includes:
a third receiving module, configured to receive a configuration command sent by a configuration terminal before the first receiving module receives a security compliance detection command sent by a detection terminal;
and the configuration module is used for configuring the corresponding relation between the safety compliance detection standard and the safety compliance detection rule according to the configuration instruction.
In one possible implementation, the security compliance detection standard includes at least one of a level three level network security level protection, a payment card industry data security standard PCI DSS, and a union pay card payment information security management standard UPDSS.
In one possible implementation, the safety compliance detection rule includes at least one of an interval rule, a precondition, and a combination condition;
the interval rule is used for indicating the agent component to judge the numerical interval;
the precondition is used for indicating the agent component to judge the specified condition before carrying out numerical value detection;
the combination condition is used for indicating the agent component to judge the combination logic relationship.
In another aspect, there is provided a security compliance detection apparatus for use in a proxy component, the apparatus comprising:
the receiving module is used for receiving the safety compliance detection rule sent by the server;
the analysis module is used for analyzing the safety compliance detection rule to obtain a corresponding safety compliance detection strategy;
the execution module is used for executing the safety compliance detection strategy to obtain a detection result;
and the sending module is used for sending the detection result to a server so that the server can carry out integration statistics on the detection result and then send the detection result to a detection terminal, and the detection terminal displays the detection result after the integration statistics in a display interface.
In a possible implementation manner, the safety compliance detection policy refers to a numerical detection corresponding to the safety compliance detection rule, where the numerical detection includes at least one of comparison of numerical values, judgment of numerical intervals, and judgment of logical relationships.
In another aspect, a computer device is provided, which includes a processor and a memory, the memory storing at least one instruction, at least one program, a set of codes, or a set of instructions, which is loaded and executed by the processor to implement the method provided in the embodiments of the present application.
In another aspect, a computer-readable storage medium is provided, in which at least one instruction, at least one program, a set of codes, or a set of instructions is stored, and the at least one instruction, the at least one program, the set of codes, or the set of instructions is loaded and executed by a processor to implement the method provided in the embodiments of the present application.
The beneficial effect that technical scheme that this application provided brought includes at least:
the method comprises the steps that a server receives a safety compliance detection command sent by a detection terminal, obtains a corresponding safety compliance detection rule according to the safety compliance detection command, issues the safety compliance detection rule to an Agent, receives a detection result fed back by the Agent and obtained by executing a corresponding safety compliance detection strategy according to the safety compliance detection rule, integrates and counts the detection result and sends the detection result to the detection terminal, so that the detection terminal displays the detection result after integration and counting in a display interface, and automatic adjustment of the safety compliance detection rule aiming at different safety compliance detection commands is realized in the safety compliance detection process, so that the detection efficiency, the detection safety, the detection accuracy and the detection flexibility of safety compliance detection are improved.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
FIG. 1 illustrates a flow chart of a security compliance detection method provided by an exemplary embodiment of the present application;
FIG. 2 illustrates a flow chart of a security compliance detection method provided by another exemplary embodiment of the present application;
FIG. 3 illustrates a flow chart of a security compliance detection method provided by another exemplary embodiment of the present application;
fig. 4 is a block diagram illustrating a structure of a security compliance detection apparatus provided in an exemplary embodiment of the present disclosure;
fig. 5 is a block diagram illustrating a structure of a security compliance detection apparatus according to an exemplary embodiment of the present disclosure;
FIG. 6 is a block diagram illustrating the structure of a computer device in accordance with an exemplary embodiment;
FIG. 7 is a block diagram illustrating the structure of a computer device according to an example embodiment.
Detailed Description
To make the objects, technical solutions and advantages of the present application more clear, embodiments of the present application will be described in further detail below with reference to the accompanying drawings.
First, the terms referred to in the embodiments of the present application will be briefly described:
1) third party Payment Industry Data Security Standard (PCI DSS)
The PCI DSS is a set of requirements specified by the PCI security standards committee to ensure the security of cardholder data, facilitating the widespread adoption of uniform data security standards worldwide. The requirements in PCI DSS are mainly set forth for companies and institutions that need to process cardholder data during daily operations.
The PCI DSS puts specific requirements on the safety construction of a payment system from six aspects of establishing and maintaining a safe network, protecting cardholder data, maintaining a vulnerability management program, executing strict access control measures, regularly monitoring and testing the network and maintaining an information safety strategy.
2) Unionpay card payment information security management standard (UPDSS)
The UPDSS aims to clarify and refine the requirements of each participant of the order receiving business on account information security management and prevent the risk of account information leakage caused by an order receiving network. It explicitly defines and classifies the protected core object, i.e. "payment information". At present, payment information is clearly defined as account information recorded on a union pay card, network payment account information for developing payment service based on the union pay card, identity authentication information, necessary personal information related to the payment service and other payment related information, and is subdivided into sensitive payment information, important payment information and general payment information.
According to the requirements of the UPDSS, the organization is applicable to the UPDSS as long as the business process of the organization relates to any link of card number acquisition, transmission, processing and storage of the Unionpay card.
The typical types of organizations currently available for UPDSS are mainly classified as: the system comprises a union pay card issuing mechanism, a bank card clearing mechanism related to the transaction of the union pay card, an acquiring mechanism engaged in the payment business of the union pay card, a payment account issuer based on the union pay card, a special merchant for acquiring the union pay card, a mechanism for providing specialized service for acquiring the bill to the union pay card acquiring mechanism, an aggregation payment facilitator and other participants related to the business of the union pay card.
3) Network security level protection three-level
The information safety technology information system safety grade protection evaluation requirement and other related standards divide the grade protection into two major modules of 'technology' and 'management', wherein the technology part comprises: physical security, network security, host security, application security, data security and backup recovery; the management section includes: the system comprises five aspects of a safety management mechanism, a safety management system, personnel safety management, system construction management and system operation and maintenance management.
The evaluation items of the level protection three levels comprise: structure safety, access control, intrusion prevention, network equipment protection, safety audit, software fault tolerance, data backup and recovery and the like.
4) Network security compliance detection
The network security compliance detection refers to security detection conducted on an information system and a production environment (including a network policy, a system host, a database, middleware, an application system, and a data security and backup recovery policy of the system). According to the standards of the basic requirements of level protection, the technical specification of a south Internet (IT) baseline, the network access security evaluation management method and the like, various security configurations are checked, various security protection measures are detected, and various security vulnerabilities are scanned from the aspects of identity authentication, access control, security audit, communication integrity, communication confidentiality, software fault tolerance, resource control and the like.
5) Agent (Agent)
The Agent refers to a software or hardware entity capable of performing autonomous activities, and in the embodiment of the application, refers to a background program running on a host, and is used for analyzing the safety compliance detection rule, executing a safety compliance detection strategy corresponding to the safety compliance detection rule, obtaining a detection result, and feeding back the detection result to the server.
In the related art, in order to implement safety compliance detection on a machine, two modes of pure manual detection or shell script assisted detection are generally adopted.
Specifically, the pure manual detection scheme is that each machine is manually logged in, then each coordination or process information needing to be detected is checked according to the compliance requirement, each detection item is finally recorded by using excel, grading is carried out, and finally the total score is calculated so as to realize the safety compliance detection of the machine; and the scheme of using the shell script for auxiliary detection is to use the shell script to output a host detection item and a score, record the host detection item and the score to the excel, and integrate other detection items to perform total score calculation.
In the pure manual detection scheme, the detection efficiency is in a lower state due to the dependence on manual operation, and corresponding authorities need to be given to manual operation when each machine is detected, so that the safety of the detection process is lower. In conclusion, the pure manual detection has the defects of low detection efficiency, low safety and low correctness.
In the case of using the shell script auxiliary detection scheme, because the detection logic of the shell script is generally fixed in the using process, namely, one shell script only corresponds to one detection scene, and for two detection scenes with smaller difference, namely, when one detection item in one detection scene is replaced, the compiling of the shell script needs to be carried out again, so that the expandability of the shell script auxiliary detection scheme is poor; although manual operations such as operations of manually checking the configuration of a Hybrid hard disk (SSHD), whether a network port is opened, running processes and checking an installation package are replaced in some aspects by using shell script assisted detection, manual operations such as logging in a host cannot be replaced for other operation shell scripts. The operations such as network topology and the like are checked, the operations still need to be realized by manual operation, and because the manual operation is replaced by the shell script indication in some aspects, the detection efficiency is improved to a certain extent by using shell script auxiliary detection, but the defects of low efficiency, low safety and low correctness still exist by using shell script auxiliary detection due to the defects of manual operation. In conclusion, the shell script is used for assisting detection, and the defects of poor extensibility, low detection efficiency, low safety and low accuracy exist.
In order to solve the defects in the safety compliance detection schemes in the related art, the application provides a safety compliance detection method, which can realize the automation of safety compliance detection. Referring to fig. 1, a flowchart of a security compliance detection method provided by an exemplary embodiment of the present application is shown, where the method is executed by a server, and as shown in fig. 1, the method includes:
and step 110, receiving a safety compliance detection command sent by the detection terminal.
Optionally, a plurality of detection buttons for the user to perform touch interaction are provided in the display interface of the terminal, different detection buttons correspond to different detection items, the detection items may be the same detection item under different safety compliance detection standards, or different detection items under the same safety compliance detection standard, for example, in a possible case, the user can trigger the safety compliance detection of the same detection item on the machine under the same safety compliance detection standard through the touch operation of the detection button, or, the safety compliance detection of a plurality of detection items is carried out on the machine under the same safety compliance detection standard, or, and carrying out safety compliance detection on the same detection item on the machine under different safety compliance detection standards, or, and carrying out safety compliance detection on a plurality of detection items on the machine under different safety compliance detection standards.
When the user triggers the safety compliance detection through the touch detection button, the server receives the safety compliance detection command correspondingly.
And step 120, acquiring a corresponding safety compliance detection rule according to the safety compliance detection command.
The method comprises the steps that touch buttons in a terminal display Interface correspond to different safety compliance detection interfaces (APIs), a detection API is called to send a safety compliance detection command to a server, a safety compliance detection rule base is stored in the server, safety compliance detection rules corresponding to detection items in various safety compliance detection standards are stored in the safety compliance detection rule base, and when the server receives the safety compliance detection command sent by the terminal, the server can obtain the detection rules corresponding to the safety compliance monitoring standards and the detection items from the stored safety compliance detection rule base according to the safety compliance detection standards and the detection items indicated by the safety compliance detection command sent by the terminal.
Step 130, the security compliance detection rules are issued to the agent component.
In the embodiment of the present application, the agent component may be a background program running on the host, or a hardware entity, or a component combining software and hardware, and is configured to analyze the received security compliance detection rule, execute a corresponding response policy, obtain a corresponding detection result, and feed back the detection result to the server.
Step 140, receiving a detection result fed back by the agent component, where the detection result is obtained by the agent component executing a corresponding security compliance detection policy according to the security compliance detection rule.
The detection result may be a detection result for each detection item, and may include a detailed description, an actual value, a standard value, a score, whether to pass or not, and the like of each detection item.
And 150, performing integration statistics on the detection results and then sending the detection results to the detection terminal so that the detection terminal can display the detection results after the integration statistics in a display interface.
The detection result fed back by the Agent to the server is the detection result of each detection item, the server integrates and counts the detection results to obtain the total score, the score of each detection item and other related information, the result after statistics integration is sent to the detection terminal, and the detection terminal displays the total score, the score of each detection item and other related information in a display interface.
In summary, the security compliance detection method provided in the embodiment of the present application is applied to a server, and by receiving a security compliance detection command sent by a detection terminal, acquiring a corresponding safety compliance detection rule according to the safety compliance detection command, issuing the safety compliance detection rule to the Agent, receiving a detection result which is fed back by the Agent and obtained by executing a corresponding safety compliance detection strategy according to the safety compliance detection rule, the detection result is integrated and counted and then sent to the detection terminal, so that the detection terminal displays the detection result after the integration and counting in a display interface, so that the automatic adjustment of the safety compliance detection rules aiming at different safety compliance detection commands is realized in the safety compliance detection process, therefore, the detection efficiency, the detection safety, the detection accuracy and the detection flexibility of safety compliance detection are improved.
Referring to fig. 2 for the Agent side, a flowchart of a security compliance detection method provided in an exemplary embodiment of the present application is shown, where the method is executed by an Agent, and as shown in fig. 2, the method includes:
step 210, receiving the security compliance detection rule sent by the server.
And step 220, analyzing the safety compliance detection rule to obtain a corresponding safety compliance detection strategy.
The security compliance detection policy may be a functional relationship obtained by analyzing the security compliance detection rule, for example, the functional relationship may be a detection of a value, and the Agent may implement the security compliance detection according to a calculation result obtained by executing a corresponding function calculation.
And step 230, executing a safety compliance detection strategy to obtain a detection result.
And 240, sending the detection result to the server so that the server can carry out integration statistics on the detection result and then send the detection result to the detection terminal, and the detection terminal displays the detection result after the integration statistics in a display interface.
To sum up, the method for detecting safety compliance provided in the embodiment of the present application is applied to Agent, and the method for detecting safety compliance is implemented by receiving, detecting and receiving a safety compliance detection rule sent by a server, analyzing the safety compliance detection rule, obtaining a corresponding safety compliance detection policy, executing the safety compliance detection policy, obtaining a detection result, sending the detection result to the server, so that the server performs integration and statistics on the detection result and sends the detection result to a detection terminal, and the detection terminal displays the detection result after the integration and statistics in a display interface, so that in the process of detecting safety compliance, automatic adjustment of the safety compliance detection rule aiming at different safety compliance detection commands is realized, and therefore, the detection efficiency, the detection safety, the detection accuracy and the detection flexibility of safety compliance detection are improved.
Referring to fig. 3 in conjunction with the security compliance detection method in the embodiments shown in fig. 1 and fig. 2, a flowchart of a security compliance detection method provided in an exemplary embodiment of the present application is shown, where the method is performed by a detection terminal, a configuration terminal, a server, and an Agent interactively, and as shown in fig. 3, the method includes:
step 301, the configuration terminal sends a configuration instruction, and correspondingly, the server receives the configuration instruction sent by the terminal.
The configuration terminal is used for providing a background configuration interface, developers can classify the safety compliance detection rules in the background configuration interface, and the safety compliance detection rules are combined and configured according to detection items of different safety compliance detection standards.
The configuration terminal sends the configuration instruction to the server, wherein the configuration instruction may include a safety and regulation detection rule configured by a developer, detection items of different safety compliance detection standards, and a corresponding relationship between the safety and regulation detection rules and the detection items of the different safety compliance detection standards, and is used for indicating the server to configure, in the server, the corresponding relationship between the safety compliance detection rule sent to the server and the detection items of the safety compliance detection standards according to the configuration command.
And step 302, the server configures the corresponding relation between the safety compliance detection standard and the safety compliance detection rule according to the configuration instruction.
Optionally, the security compliance detection standard includes at least one of a network security level protection three-level, a payment card industry data security standard PCI DSS, and a union pay card payment information security management standard UPDSS.
Step 303, the detection terminal sends a safety compliance detection command, and correspondingly, the server receives the safety compliance detection command sent by the detection terminal.
And step 304, the server acquires a corresponding safety compliance detection standard according to the safety compliance detection command.
One safety compliance test standard may include test standards of a plurality of test items, and different safety compliance test standards may exist for the same test item, for example, for the same test item of the same machine, the safety compliance test standard a specifies that a machine parameter of the machine in the test item is acceptable within a (0, 100) interval, but the safety compliance test standard B specifies that a machine parameter of the machine in the test item is acceptable within a (0, 80) interval, and when a machine parameter of the machine in the test item is 90, the safety compliance test standard a specifies that a machine parameter of the machine is acceptable, but the safety compliance test standard B specifies that the machine parameter is not acceptable.
Since the detection item of the user for the machine may be a combination of a plurality of detection items, and the plurality of detection items may belong to different safety compliance detection standards, the safety compliance detection command sent by the detection terminal may correspond to a detection item of the plurality of safety compliance detection standards, and therefore, it is necessary to first judge the safety compliance detection standard related to the safety compliance detection command to obtain the safety compliance detection rule corresponding to the detection item under the corresponding safety compliance detection standard.
Step 305, the server obtains a corresponding safety compliance detection rule according to the safety compliance detection standard, wherein the safety compliance detection rule is configured in advance according to the safety compliance detection standard.
Optionally, the safety compliance detection rule includes at least one of an interval rule, a precondition and a combination condition;
the interval rule is used for indicating the agent component to judge the value interval;
for example, a certain detection item for security compliance detection is to perform security compliance detection on a number in a configuration item of a certain file, and when the number is within an interval range, the file is judged to meet the security compliance requirement.
The value interval indicated by the interval rule can be set as an open interval according to the safety compliance detection standard, and can also be a closed interval.
The precondition is used for indicating the agent component to judge the specified condition before carrying out numerical value detection;
for example, in the mail log detection project, whether a syslog process exists or not is detected first, whether a mail is configured in a syslog configuration file is checked, and when the condition is not met, namely the syslog process exists and the mail is configured in the syslog configuration file, whether a record of the mail log exists or not can be checked.
The combination condition is used for instructing the agent component to judge the combination logic relationship.
The combination condition refers to a combination of logical relations of and, or and the like for a plurality of conditions of the same parameter or attribute, for example, if the condition (value >0& & value <100) indicates that the value is greater than 0 and less than 100, the safety compliance detection rule is satisfied.
Step 306, the server issues the security compliance detection rule to the agent component, and correspondingly, the agent component receives the security compliance detection rule.
Step 307, the agent component parses the rule for security compliance detection to obtain a corresponding security compliance detection policy.
Optionally, the safety compliance detection policy refers to detection of a preset value according to a safety compliance detection rule, where the detection of the value includes at least one of value size comparison, value interval judgment, and value logical relationship judgment.
And 308, executing a security compliance detection strategy by the agent component to obtain a detection result.
For example, the following rules are provided in a safety compliance test:
Figure BDA0002324990880000121
after the Agent acquires the rule, the Agent analyzes the rule, after detecting the corresponding "uuid", further acquires pre _ param (precondition) and param (specific compliance condition), detects pre _ param, does not need to detect the precondition because pre _ param is empty, next detects param, type is "check _ redis", the Agent adjusts the method to acquire the corresponding value, the safety compliance detection rule is (value >0& & value <100) | value in [12:123), when the value is in an interval greater than 0 and less than 100 or in an interval greater than 12 and less than 123, the safety compliance detection rule is passed, the value is assumed to be 110, because the value is greater than 100, the value is not satisfied (value >0& & value <100), but the value is in [12:123), the safety compliance detection is passed.
Step 309, the agent component feeds back the detection result to the server, and the corresponding server receives the detection result fed back by the agent component, wherein the detection result is obtained by the agent component executing the corresponding security compliance detection policy according to the security compliance detection rule.
And 310, the server integrates and counts the detection results and then sends the detection results to the detection terminal, and correspondingly, the detection terminal receives the detection results after the integration and counting of the server and displays the detection results after the integration and counting in a display interface.
In summary, in the security compliance detection provided in the embodiment of the present application, the server receives the security compliance detection command sent by the detection terminal, acquiring a corresponding safety compliance detection rule according to the safety compliance detection command, issuing the safety compliance detection rule to the Agent, receiving a detection result which is fed back by the Agent and obtained by executing a corresponding safety compliance detection strategy according to the safety compliance detection rule, the detection result is integrated and counted and then sent to the detection terminal, so that the detection terminal displays the detection result after the integration and counting in a display interface, so that the automatic adjustment of the safety compliance detection rules aiming at different safety compliance detection commands is realized in the safety compliance detection process, therefore, the detection efficiency, the detection safety, the detection accuracy and the detection flexibility of safety compliance detection are improved.
Referring to fig. 4, a block diagram of a security compliance detection apparatus provided in an exemplary embodiment of the present disclosure, the apparatus being used in a server, as shown in fig. 4, the apparatus includes:
a first receiving module 410, configured to receive a security compliance detection command sent by a detection terminal;
an obtaining module 420, configured to obtain a corresponding safety compliance detection rule according to the safety compliance detection command;
the issuing module 430 is used for issuing the safety compliance detection rule to the agent component;
a second receiving module 440, configured to receive a detection result fed back by the agent component, where the detection result is a result obtained by the agent component executing a corresponding security compliance detection policy according to the security compliance detection rule;
the sending module 450 is configured to send the detection result to the detection terminal after performing the integration statistics, so that the detection terminal displays the detection result after the integration statistics in the display interface.
In a possible implementation manner, the obtaining module 420 includes:
the first acquisition submodule is used for acquiring a corresponding safety compliance detection standard according to the safety compliance detection command;
and the second acquisition submodule is used for acquiring a corresponding safety compliance detection rule according to the safety compliance detection standard, wherein the safety compliance detection rule is configured in advance according to the safety compliance detection standard.
In one possible implementation, the apparatus further includes:
the third receiving module is used for receiving the configuration command sent by the configuration terminal before the first receiving module receives the safety compliance detection command sent by the detection terminal;
and the configuration module is used for configuring the corresponding relation between the safety compliance detection standard and the safety compliance detection rule according to the configuration instruction.
In one possible implementation, the security compliance detection standard includes at least one of a level three level network security level protection, a payment card industry data security standard PCI DSS, and a union pay card payment information security management standard UPDSS.
In one possible implementation, the safety compliance detection rule includes at least one of an interval rule, a precondition, and a combination condition;
the interval rule is used for indicating the agent component to judge the value interval;
the precondition is used for indicating the agent component to judge the specified condition before carrying out numerical value detection;
the combination condition is used for instructing the agent component to judge the combination logic relationship.
In summary, the safety compliance detection device provided in the embodiment of the present application is applied to a server, and receives a safety compliance detection command sent by a detection terminal, acquiring a corresponding safety compliance detection rule according to the safety compliance detection command, issuing the safety compliance detection rule to the Agent, receiving a detection result which is fed back by the Agent and obtained by executing a corresponding safety compliance detection strategy according to the safety compliance detection rule, the detection result is integrated and counted and then sent to the detection terminal, so that the detection terminal displays the detection result after the integration and counting in a display interface, so that the automatic adjustment of the safety compliance detection rules aiming at different safety compliance detection commands is realized in the safety compliance detection process, therefore, the detection efficiency, the detection safety, the detection accuracy and the detection flexibility of safety compliance detection are improved.
Referring to fig. 5, a block diagram of a security compliance detection apparatus provided in an exemplary embodiment of the present disclosure, the apparatus being used in a server, as shown in fig. 5, the apparatus includes:
a receiving module 510, configured to receive a security compliance detection rule sent by a server;
the analysis module 520 is configured to analyze the safety compliance detection rule to obtain a corresponding safety compliance detection policy;
an executing module 530, configured to execute the security compliance detection policy to obtain a detection result;
the sending module 540 is configured to send the detection result to the server, so that the server performs integration and statistics on the detection result and sends the detection result to the detection terminal, and the detection terminal displays the detection result after the integration and statistics in the display interface.
In a possible implementation manner, the safety compliance detection policy refers to a numerical detection corresponding to the safety compliance detection rule, and the numerical detection includes at least one of comparison of numerical values, judgment of numerical value intervals, and judgment of logical relationships.
To sum up, the safety compliance detection device provided in the embodiment of the present application is applied to an Agent, and receives a safety compliance detection rule sent by a server through receiving detection, analyzes the safety compliance detection rule, obtains a corresponding safety compliance detection policy, executes the safety compliance detection policy, obtains a detection result, sends the detection result to the server, so that the server integrates and counts the detection result and sends the result to a detection terminal, and the detection terminal displays the detection result after integration and statistics in a display interface, so that in the safety compliance detection process, automatic adjustment of the safety compliance detection rule aiming at different safety compliance detection commands is realized, thereby improving the detection efficiency, the detection safety, the detection accuracy and the detection flexibility of the safety compliance detection.
Fig. 6 is a block diagram illustrating the structure of a computer device 600 according to an example embodiment. The computer device 600 may be implemented as the detection terminal and the configuration terminal in the above-described scheme, such as a smart phone, a tablet computer, or a desktop computer. Computer device 600 may also be referred to by other names such as user equipment, portable terminals, laptop terminals, desktop terminals, and the like.
Generally, the computer device 600 includes: a processor 601 and a memory 602.
The processor 601 may include one or more processing cores, such as a 4-core processor, an 8-core processor, and so on. The processor 601 may be implemented in at least one hardware form of a DSP (Digital Signal Processing), an FPGA (Field-Programmable Gate Array), and a PLA (Programmable Logic Array). The processor 601 may also include a main processor and a coprocessor, where the main processor is a processor for Processing data in an awake state, and is also called a Central Processing Unit (CPU); a coprocessor is a low power processor for processing data in a standby state. In some embodiments, the processor 601 may be integrated with a GPU (Graphics Processing Unit), which is responsible for rendering and drawing the content required to be displayed on the display screen. In some embodiments, processor 601 may also include an AI (Artificial Intelligence) processor for processing computational operations related to machine learning.
The memory 602 may include one or more computer-readable storage media, which may be non-transitory. The memory 602 may also include high-speed random access memory, as well as non-volatile memory, such as one or more magnetic disk storage devices, flash memory storage devices. In some embodiments, a non-transitory computer readable storage medium in memory 602 is used to store at least one instruction for execution by processor 601 to implement the methods provided by the method embodiments herein.
In some embodiments, the computer device 600 may further optionally include: a peripheral interface 603 and at least one peripheral. The processor 601, memory 602, and peripheral interface 603 may be connected by buses or signal lines. Various peripheral devices may be connected to the peripheral interface 603 via a bus, signal line, or circuit board. Specifically, the peripheral device includes: at least one of a radio frequency circuit 604, a touch screen display 605, a camera 606, an audio circuit 607, a positioning component 608, and a power supply 609.
The peripheral interface 603 may be used to connect at least one peripheral related to I/O (Input/Output) to the processor 601 and the memory 602. In some embodiments, the processor 601, memory 602, and peripheral interface 603 are integrated on the same chip or circuit board; in some other embodiments, any one or two of the processor 601, the memory 602, and the peripheral interface 603 may be implemented on a separate chip or circuit board, which is not limited in this embodiment.
The Radio Frequency circuit 604 is used for receiving and transmitting RF (Radio Frequency) signals, also called electromagnetic signals. The radio frequency circuitry 604 communicates with communication networks and other communication devices via electromagnetic signals. The rf circuit 604 converts an electrical signal into an electromagnetic signal to transmit, or converts a received electromagnetic signal into an electrical signal. Optionally, the radio frequency circuit 604 comprises: an antenna system, an RF transceiver, one or more amplifiers, a tuner, an oscillator, a digital signal processor, a codec chipset, a subscriber identity module card, and so forth. The radio frequency circuitry 604 may communicate with other terminals via at least one wireless communication protocol. The wireless communication protocols include, but are not limited to: the world wide web, metropolitan area networks, intranets, generations of mobile communication networks (2G, 3G, 4G, and 5G), Wireless local area networks, and/or WiFi (Wireless Fidelity) networks. In some embodiments, the rf circuit 604 may further include NFC (Near Field Communication) related circuits, which are not limited in this application.
The display 605 is used to display a UI (User Interface). The UI may include graphics, text, icons, video, and any combination thereof. When the display screen 605 is a touch display screen, the display screen 605 also has the ability to capture touch signals on or over the surface of the display screen 605. The touch signal may be input to the processor 601 as a control signal for processing. At this point, the display 605 may also be used to provide virtual buttons and/or a virtual keyboard, also referred to as soft buttons and/or a soft keyboard. In some embodiments, the display 605 may be one, providing the front panel of the computer device 600; in other embodiments, the display 605 may be at least two, respectively disposed on different surfaces of the computer device 600 or in a folded design; in still other embodiments, the display 605 may be a flexible display disposed on a curved surface or on a folded surface of the computer device 600. Even more, the display 605 may be arranged in a non-rectangular irregular pattern, i.e., a shaped screen. The Display 605 may be made of LCD (Liquid Crystal Display), OLED (Organic Light-Emitting Diode), and the like.
The camera assembly 606 is used to capture images or video. Optionally, camera assembly 606 includes a front camera and a rear camera. Generally, a front camera is disposed at a front panel of the terminal, and a rear camera is disposed at a rear surface of the terminal. In some embodiments, the number of the rear cameras is at least two, and each rear camera is any one of a main camera, a depth-of-field camera, a wide-angle camera and a telephoto camera, so that the main camera and the depth-of-field camera are fused to realize a background blurring function, and the main camera and the wide-angle camera are fused to realize panoramic shooting and VR (Virtual Reality) shooting functions or other fusion shooting functions. In some embodiments, camera assembly 606 may also include a flash. The flash lamp can be a monochrome temperature flash lamp or a bicolor temperature flash lamp. The double-color-temperature flash lamp is a combination of a warm-light flash lamp and a cold-light flash lamp, and can be used for light compensation at different color temperatures.
Audio circuitry 607 may include a microphone and a speaker. The microphone is used for collecting sound waves of a user and the environment, converting the sound waves into electric signals, and inputting the electric signals to the processor 601 for processing or inputting the electric signals to the radio frequency circuit 604 to realize voice communication. For stereo capture or noise reduction purposes, the microphones may be multiple and located at different locations on the computer device 600. The microphone may also be an array microphone or an omni-directional pick-up microphone. The speaker is used to convert electrical signals from the processor 601 or the radio frequency circuit 604 into sound waves. The loudspeaker can be a traditional film loudspeaker or a piezoelectric ceramic loudspeaker. When the speaker is a piezoelectric ceramic speaker, the speaker can be used for purposes such as converting an electric signal into a sound wave audible to a human being, or converting an electric signal into a sound wave inaudible to a human being to measure a distance. In some embodiments, audio circuitry 607 may also include a headphone jack.
The Location component 608 is used to locate the current geographic Location of the computer device 600 to implement navigation or LBS (Location Based Service). The Positioning component 608 can be a Positioning component based on the Global Positioning System (GPS) in the united states, the beidou System in china, or the galileo System in russia.
The power supply 609 is used to supply power to the various components in the computer device 600. The power supply 609 may be ac, dc, disposable or rechargeable. When the power supply 609 includes a rechargeable battery, the rechargeable battery may be a wired rechargeable battery or a wireless rechargeable battery. The wired rechargeable battery is a battery charged through a wired line, and the wireless rechargeable battery is a battery charged through a wireless coil. The rechargeable battery may also be used to support fast charge technology.
In some embodiments, the computer device 600 also includes one or more sensors 610. The one or more sensors 610 include, but are not limited to: acceleration sensor 611, gyro sensor 612, pressure sensor 613, fingerprint sensor 614, optical sensor 615, and proximity sensor 616.
The acceleration sensor 611 may detect the magnitude of acceleration in three coordinate axes of a coordinate system established with the computer apparatus 600. For example, the acceleration sensor 611 may be used to detect components of the gravitational acceleration in three coordinate axes. The processor 601 may control the touch screen display 605 to display the user interface in a landscape view or a portrait view according to the gravitational acceleration signal collected by the acceleration sensor 611. The acceleration sensor 611 may also be used for acquisition of motion data of a game or a user.
The gyro sensor 612 may detect a body direction and a rotation angle of the computer apparatus 600, and the gyro sensor 612 may cooperate with the acceleration sensor 611 to acquire a 3D motion of the user on the computer apparatus 600. The processor 601 may implement the following functions according to the data collected by the gyro sensor 612: motion sensing (such as changing the UI according to a user's tilting operation), image stabilization at the time of photographing, game control, and inertial navigation.
The pressure sensors 613 may be disposed on the side bezel of the computer device 600 and/or underneath the touch display screen 605. When the pressure sensor 613 is disposed on the side frame of the computer device 600, the holding signal of the user to the computer device 600 can be detected, and the processor 601 performs left-right hand recognition or shortcut operation according to the holding signal collected by the pressure sensor 613. When the pressure sensor 613 is disposed at the lower layer of the touch display screen 605, the processor 601 controls the operability control on the UI interface according to the pressure operation of the user on the touch display screen 605. The operability control comprises at least one of a button control, a scroll bar control, an icon control and a menu control.
The fingerprint sensor 614 is used for collecting a fingerprint of a user, and the processor 601 identifies the identity of the user according to the fingerprint collected by the fingerprint sensor 614, or the fingerprint sensor 614 identifies the identity of the user according to the collected fingerprint. Upon identifying that the user's identity is a trusted identity, the processor 601 authorizes the user to perform relevant sensitive operations including unlocking the screen, viewing encrypted information, downloading software, paying, and changing settings, etc. The fingerprint sensor 614 may be provided on the front, back, or side of the computer device 600. When a physical key or vendor Logo is provided on the computer device 600, the fingerprint sensor 614 may be integrated with the physical key or vendor Logo.
The optical sensor 615 is used to collect the ambient light intensity. In one embodiment, processor 601 may control the display brightness of touch display 605 based on the ambient light intensity collected by optical sensor 615. Specifically, when the ambient light intensity is high, the display brightness of the touch display screen 605 is increased; when the ambient light intensity is low, the display brightness of the touch display screen 605 is turned down. In another embodiment, the processor 601 may also dynamically adjust the shooting parameters of the camera assembly 606 according to the ambient light intensity collected by the optical sensor 615.
The proximity sensor 616, also known as a distance sensor, is typically disposed on the front panel of the computer device 600. The proximity sensor 616 is used to capture the distance between the user and the front of the computer device 600. In one embodiment, the processor 601 controls the touch display screen 605 to switch from the bright screen state to the rest screen state when the proximity sensor 616 detects that the distance between the user and the front face of the computer device 600 is gradually decreased; when the proximity sensor 616 detects that the distance between the user and the front of the computer device 600 is gradually increasing, the touch display screen 605 is controlled by the processor 601 to switch from the breath screen state to the bright screen state.
Those skilled in the art will appreciate that the configuration shown in FIG. 6 does not constitute a limitation of the computer device 600, and may include more or fewer components than those shown, or combine certain components, or employ a different arrangement of components.
FIG. 7 is a block diagram illustrating the structure of a computer device 700 according to an example embodiment. The computer device can be implemented as a server and an Agent in the above-mentioned scheme of the present application. The computer device 700 includes a Central Processing Unit (CPU) 701, a system Memory 704 including a Random Access Memory (RAM) 702 and a Read-Only Memory (ROM) 703, and a system bus 705 connecting the system Memory 704 and the CPU 701. The computer device 700 also includes a basic Input/Output system (I/O system) 706, which facilitates transfer of information between devices within the computer, and a mass storage device 707 for storing an operating system 713, application programs 714, and other program modules 715.
The basic input/output system 706 comprises a display 708 for displaying information and an input device 709, such as a mouse, keyboard, etc., for a user to input information. Wherein the display 708 and input device 709 are connected to the central processing unit 701 through an input output controller 710 coupled to the system bus 705. The basic input/output system 706 may also include an input/output controller 710 for receiving and processing input from a number of other devices, such as a keyboard, mouse, or electronic stylus. Similarly, input-output controller 710 may also provide output to a display screen, a printer, or other type of output device.
The mass storage device 707 is connected to the central processing unit 701 through a mass storage controller (not shown) connected to the system bus 705. The mass storage device 707 and its associated computer-readable media provide non-volatile storage for the computer device 700. That is, the mass storage device 707 may include a computer-readable medium (not shown) such as a hard disk or Compact Disc-Only Memory (CD-ROM) drive.
Without loss of generality, the computer-readable media may comprise computer storage media and communication media. Computer storage media includes volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data. Computer storage media includes RAM, ROM, Erasable Programmable Read-Only Memory (EPROM), Electrically Erasable Programmable Read-Only Memory (EEPROM), flash Memory or other solid state Memory technology, CD-ROM, Digital Versatile Disks (DVD), or other optical, magnetic, or other magnetic storage devices. Of course, those skilled in the art will appreciate that the computer storage media is not limited to the foregoing. The system memory 704 and mass storage device 707 described above may be collectively referred to as memory.
According to various embodiments of the present application, the computer device 700 may also operate as a remote computer connected to a network via a network, such as the Internet. That is, the computer device 700 may be connected to the network 712 through the network interface unit 711 connected to the system bus 705, or may be connected to other types of networks or remote computer systems (not shown) using the network interface unit 711.
The memory further includes one or more programs, the one or more programs are stored in the memory, and the central processing unit 701 implements all or part of the steps of the method shown in fig. 1, fig. 2 or fig. 3 by executing the one or more programs.
Those skilled in the art will appreciate that in one or more of the examples described above, the functions described in the embodiments of the present application may be implemented in hardware, software, firmware, or any combination thereof. When implemented in software, the functions may be stored on or transmitted over as one or more instructions or code on a computer-readable medium. Computer-readable media includes both computer storage media and communication media including any medium that facilitates transfer of a computer program from one place to another. A storage media may be any available media that can be accessed by a general purpose or special purpose computer.
Embodiments of the present application further provide a computer-readable storage medium for storing at least one instruction, at least one program, a code set, or a set of instructions, which is loaded and executed by a processor to implement the above-mentioned security compliance detection method. For example, the computer readable storage medium may be a ROM, a RAM, a CD-ROM, a magnetic tape, a floppy disk, an optical data storage device, and the like.
Other embodiments of the present application will be apparent to those skilled in the art from consideration of the specification and practice of the invention disclosed herein. This application is intended to cover any variations, uses, or adaptations of the invention following, in general, the principles of the application and including such departures from the present disclosure as come within known or customary practice within the art to which the invention pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the application being indicated by the following claims.
It will be understood that the present application is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the application is limited only by the appended claims.

Claims (12)

1. A security compliance detection method, performed by a server, the method comprising:
receiving a safety compliance detection command sent by a detection terminal; the safety compliance detection command is used for indicating a detection item needing to be detected and a safety compliance detection standard corresponding to the detection item; the safety compliance detection standard comprises at least one of network safety level protection three levels, payment card industry data safety standard PCI DSS and Unionpay card payment information safety management standard UPDSS;
acquiring safety compliance detection rules corresponding to the detection items to be detected from a safety compliance detection rule base according to the safety compliance detection command; the safety compliance detection rule base stores the safety compliance detection rules corresponding to the detection items in each safety compliance detection standard; the safety compliance detection rule comprises at least one of an interval rule, a precondition and a combination condition; the interval rule is used for indicating the agent component to judge the numerical interval; the precondition is used for indicating the agent component to judge the specified condition before carrying out numerical value detection; the combination condition is used for indicating the agent component to judge the combination logic relationship;
issuing the safety compliance detection rule to an agent component;
receiving a detection result fed back by the agent component, wherein the detection result is obtained by the agent component executing a corresponding security compliance detection strategy according to the security compliance detection rule;
and performing integration statistics on the detection result and then sending the detection result to the detection terminal so that the detection terminal can display the detection result after the integration statistics in a display interface.
2. The method of claim 1, wherein obtaining the corresponding safety compliance detection rule according to the safety compliance detection command comprises:
acquiring a corresponding safety compliance detection standard according to the safety compliance detection command;
and acquiring a corresponding safety compliance detection rule according to the safety compliance detection standard, wherein the safety compliance detection rule is configured in advance according to the safety compliance detection standard.
3. The method according to claim 2, wherein before receiving the security compliance detection command sent by the detection terminal, the method further comprises:
receiving a configuration instruction sent by a configuration terminal;
and configuring the corresponding relation between the safety compliance detection standard and the safety compliance detection rule according to the configuration instruction.
4. A security compliance detection method, performed by an agent component, the method comprising:
receiving a safety compliance detection rule sent by a server; the safety compliance detection rule is that the server acquires the safety compliance detection rule corresponding to each detection item to be detected from a safety compliance detection rule base according to a safety compliance detection command; the safety compliance detection command is used for indicating a detection item needing to be detected and a safety compliance detection standard corresponding to the detection item; the safety compliance detection standard comprises at least one of network safety level protection three levels, payment card industry data safety standard PCI DSS and Unionpay card payment information safety management standard UPDSS; the safety compliance detection rule comprises at least one of an interval rule, a precondition and a combination condition; the interval rule is used for indicating the agent component to judge the numerical interval; the precondition is used for indicating the agent component to judge the specified condition before carrying out numerical value detection; the combination condition is used for indicating the agent component to judge the combination logic relationship;
analyzing the safety compliance detection rule to obtain a corresponding safety compliance detection strategy;
executing the safety compliance detection strategy to obtain a detection result;
and sending the detection result to a server so that the server can carry out integration statistics on the detection result and then send the detection result to a detection terminal, and the detection terminal displays the detection result after the integration statistics in a display interface.
5. The method according to claim 4, wherein the security compliance detection policy refers to detection of a value corresponding to the security compliance detection rule, and the detection of the value includes at least one of comparison of values, judgment of interval of values, and judgment of logical relationship of values.
6. A security compliance detection apparatus, for use in a server, the apparatus comprising:
the first receiving module is used for receiving a safety compliance detection command sent by the detection terminal; the safety compliance detection command is used for indicating a detection item needing to be detected and a safety compliance detection standard corresponding to the detection item; the safety compliance detection standard comprises at least one of network safety level protection three levels, payment card industry data safety standard PCI DSS and Unionpay card payment information safety management standard UPDSS;
the acquisition module is used for acquiring the safety compliance detection rules corresponding to the detection items to be detected from a safety compliance detection rule base according to the safety compliance detection command; the safety compliance detection rule base stores the safety compliance detection rules corresponding to the detection items in each safety compliance detection standard; the safety compliance detection rule comprises at least one of an interval rule, a precondition and a combination condition; the interval rule is used for indicating the agent component to judge the numerical interval; the precondition is used for indicating the agent component to judge the specified condition before carrying out numerical value detection; the combination condition is used for indicating the agent component to judge the combination logic relationship;
the issuing module is used for issuing the safety compliance detection rule to the agent component;
a second receiving module, configured to receive a detection result fed back by the proxy component, where the detection result is a result obtained by the proxy component executing a corresponding security compliance detection policy according to the security compliance detection rule;
and the sending module is used for carrying out integration statistics on the detection result and then sending the detection result to the detection terminal so that the detection terminal can display the detection result after the integration statistics in a display interface.
7. The apparatus of claim 6, wherein the obtaining module comprises:
the first acquisition submodule is used for acquiring a corresponding safety compliance detection standard according to the safety compliance detection command;
and the second obtaining submodule is used for obtaining a corresponding safety compliance detection rule according to the safety compliance detection standard, wherein the safety compliance detection rule is configured in advance according to the safety compliance detection standard.
8. The apparatus of claim 7, further comprising:
a third receiving module, configured to receive a configuration command sent by a configuration terminal before the first receiving module receives a security compliance detection command sent by a detection terminal;
and the configuration module is used for configuring the corresponding relation between the safety compliance detection standard and the safety compliance detection rule according to the configuration instruction.
9. A security compliance detection apparatus, for use in a proxy component, the apparatus comprising:
the receiving module is used for receiving the safety compliance detection rule sent by the server; the safety compliance detection rule is that the server acquires the safety compliance detection rule corresponding to each detection item to be detected from a safety compliance detection rule base according to a safety compliance detection command; the safety compliance detection command is used for indicating a detection item needing to be detected and a safety compliance detection standard corresponding to the detection item; the safety compliance detection standard comprises at least one of network safety level protection three levels, payment card industry data safety standard PCI DSS and Unionpay card payment information safety management standard UPDSS; the safety compliance detection rule comprises at least one of an interval rule, a precondition and a combination condition; the interval rule is used for indicating the agent component to judge the numerical interval; the precondition is used for indicating the agent component to judge the specified condition before carrying out numerical value detection; the combination condition is used for indicating the agent component to judge the combination logic relationship;
the analysis module is used for analyzing the safety compliance detection rule to obtain a corresponding safety compliance detection strategy;
the execution module is used for executing the safety compliance detection strategy to obtain a detection result;
and the sending module is used for sending the detection result to a server so that the server can carry out integration statistics on the detection result and then send the detection result to a detection terminal, and the detection terminal displays the detection result after the integration statistics in a display interface.
10. The apparatus according to claim 9, wherein the security compliance detection policy is a numerical detection corresponding to the security compliance detection rule, and the numerical detection includes at least one of comparison of numerical values, judgment of numerical intervals, and judgment of logical relationships.
11. A computer device comprising a processor and a memory, the memory storing at least one instruction, at least one program, a set of codes, or a set of instructions, the at least one instruction, the at least one program, the set of codes, or the set of instructions being loaded and executed by the processor to implement the security compliance detection method according to any one of claims 1 to 5.
12. A computer readable storage medium having stored therein at least one instruction, at least one program, set of codes, or set of instructions, which is loaded and executed by a processor to implement a security compliance detection method according to any one of claims 1 to 5.
CN201911312826.0A 2019-12-18 2019-12-18 Security compliance detection method and device, computer equipment and storage medium Active CN111047309B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911312826.0A CN111047309B (en) 2019-12-18 2019-12-18 Security compliance detection method and device, computer equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911312826.0A CN111047309B (en) 2019-12-18 2019-12-18 Security compliance detection method and device, computer equipment and storage medium

Publications (2)

Publication Number Publication Date
CN111047309A CN111047309A (en) 2020-04-21
CN111047309B true CN111047309B (en) 2022-03-11

Family

ID=70237659

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911312826.0A Active CN111047309B (en) 2019-12-18 2019-12-18 Security compliance detection method and device, computer equipment and storage medium

Country Status (1)

Country Link
CN (1) CN111047309B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112560033B (en) * 2020-12-10 2023-06-16 青岛海洋科学与技术国家实验室发展中心 Baseline scanning method and device based on user context
CN113392410B (en) * 2021-08-17 2022-02-11 腾讯科技(深圳)有限公司 Interface security detection method and device, computer equipment and storage medium
CN113688055B (en) * 2021-09-07 2023-08-22 天津津航计算技术研究所 Single DSP equipment testing arrangement based on DSS
CN116016261B (en) * 2022-12-26 2024-05-14 广东保伦电子股份有限公司 System operation and maintenance method, device and equipment

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104506351A (en) * 2014-12-18 2015-04-08 北京随方信息技术有限公司 Method and system for performing online full-automatic configuration of compliance safety audit
CN104573508A (en) * 2013-10-22 2015-04-29 中国银联股份有限公司 Method for detecting compliance of payment applications under virtualization environment
CN104766166A (en) * 2015-03-27 2015-07-08 杭州安恒信息技术有限公司 Grade-protection-oriented information system security compliance check method
CN106530121A (en) * 2016-10-24 2017-03-22 南方电网科学研究院有限责任公司 Power monitoring system security protection compliance detection method and system
CN107248985A (en) * 2017-06-07 2017-10-13 广东南方信息安全研究院 A kind of network security test and appraisal and project quality assessment system

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8261342B2 (en) * 2008-08-20 2012-09-04 Reliant Security Payment card industry (PCI) compliant architecture and associated methodology of managing a service infrastructure
CN102427445B (en) * 2011-08-29 2014-10-22 北京随方信息技术有限公司 Safe auditing method of IT simulation infrastructure offline compliance
CN109040037A (en) * 2018-07-20 2018-12-18 南京方恒信息技术有限公司 A kind of safety auditing system based on strategy and rule

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104573508A (en) * 2013-10-22 2015-04-29 中国银联股份有限公司 Method for detecting compliance of payment applications under virtualization environment
CN104506351A (en) * 2014-12-18 2015-04-08 北京随方信息技术有限公司 Method and system for performing online full-automatic configuration of compliance safety audit
CN104766166A (en) * 2015-03-27 2015-07-08 杭州安恒信息技术有限公司 Grade-protection-oriented information system security compliance check method
CN106530121A (en) * 2016-10-24 2017-03-22 南方电网科学研究院有限责任公司 Power monitoring system security protection compliance detection method and system
CN107248985A (en) * 2017-06-07 2017-10-13 广东南方信息安全研究院 A kind of network security test and appraisal and project quality assessment system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
网络安全漏洞检测与合规性管理系统;黄桂妲;《信息与电脑(理论版)》;20180715;全文 *

Also Published As

Publication number Publication date
CN111047309A (en) 2020-04-21

Similar Documents

Publication Publication Date Title
CN111047309B (en) Security compliance detection method and device, computer equipment and storage medium
CN108306771B (en) Log reporting method, device and system
CN110457946B (en) Digital asset generation method and device, electronic equipment and storage medium
CN110555780B (en) Insurance data processing method, device and equipment based on block chain and storage medium
CN111274155B (en) Memory operation recording method, device, equipment and storage medium of dynamic library
CN111078521A (en) Abnormal event analysis method, device, equipment, system and storage medium
CN110599328B (en) Block chain based risk user determination method, device, equipment and storage medium
CN112398819A (en) Method and device for recognizing abnormality
CN110909264A (en) Information processing method, device, equipment and storage medium
CN112036887A (en) Resource transfer method, device, equipment and storage medium
CN112231666A (en) Illegal account processing method, device, terminal, server and storage medium
CN111931712A (en) Face recognition method and device, snapshot machine and system
CN111881423A (en) Method, device and system for limiting function use authorization
CN109842593B (en) Information acquisition method and device and computer readable storage medium
CN111047328A (en) Mobile payment method, device, system and storage medium
CN115329309A (en) Verification method, verification device, electronic equipment and storage medium
CN112764824B (en) Method, device, equipment and storage medium for triggering identity verification in application program
CN114816600A (en) Session message display method, device, terminal and storage medium
CN111324815A (en) Automobile information processing method and device and storage medium
CN112308104A (en) Abnormity identification method and device and computer storage medium
CN111131619A (en) Account switching processing method, device and system
CN113378190B (en) Bill online clearing method, system, terminal and storage medium
CN110569631B (en) Account number detection method, device, equipment and storage medium based on block chain
CN108970122B (en) Method, device, terminal and storage medium for preventing plug-in
CN113935740A (en) Method, device, terminal and storage medium for transmitting check information

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20221031

Address after: 100102 Room 01, Floor 3, Room 01, Building 2 to 4, Yard 6, Wangjing East Road, Chaoyang District, Beijing

Patentee after: Beijing three cloud computing Co.,Ltd.

Patentee after: BEIJING SANKUAI ONLINE TECHNOLOGY Co.,Ltd.

Address before: 100080 2106-030, 9 North Fourth Ring Road, Haidian District, Beijing.

Patentee before: BEIJING SANKUAI ONLINE TECHNOLOGY Co.,Ltd.