CN111079185A - Database information processing method and device, storage medium and electronic equipment - Google Patents
Database information processing method and device, storage medium and electronic equipment Download PDFInfo
- Publication number
- CN111079185A CN111079185A CN201911329313.0A CN201911329313A CN111079185A CN 111079185 A CN111079185 A CN 111079185A CN 201911329313 A CN201911329313 A CN 201911329313A CN 111079185 A CN111079185 A CN 111079185A
- Authority
- CN
- China
- Prior art keywords
- data table
- information
- sensitive
- data
- database
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
Landscapes
- Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Databases & Information Systems (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Medical Informatics (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The embodiment of the disclosure provides a database information processing method and device, a storage medium and an electronic device. The method comprises the following steps: acquiring a data table in a database; matching the data table according to the constraint information of the sensitive data type to obtain the sensitive data type of the data table; and generating a sensitive information table corresponding to the data table based on the sensitive data type. The method and the device realize automatic identification of the type of the sensitive information in the database, and improve the identification efficiency of the sensitive information.
Description
Technical Field
The present disclosure relates to the field of computer technologies and information processing technologies, and in particular, to a method and an apparatus for processing database information, a storage medium, and an electronic device.
Background
In the prior art, the database is required to be probed frequently. The database exploration is to analyze data input into the database, and explore specific data information reports in a target database, such as a table where sensitive information in the exploration data is located and field names, depending on a database structure and a table, so as to facilitate subsequent data desensitization processing.
When sensitive information of data in a database is probed, most of the existing schemes manually judge data information of each data table of the database and determine which information is sensitive information for subsequent processing.
The database exploration mode has no specific technology, depends on more manual experience accumulation, lacks visual application in the aspect of collection and processing of medical information data depending on more manufacturers, and has low data identification efficiency.
Therefore, a new database information processing method, device, storage medium and electronic device are needed to improve the efficiency of data identification in the database.
It is to be noted that the information disclosed in the above background section is only for enhancement of understanding of the background of the present disclosure, and thus may include information that does not constitute prior art known to those of ordinary skill in the art.
Disclosure of Invention
The embodiment of the disclosure provides a method and a device for processing database information, a storage medium and an electronic device, so that the identification efficiency of sensitive information is improved at least to a certain extent.
Additional features and advantages of the disclosure will be set forth in the detailed description which follows, or in part will be obvious from the description, or may be learned by practice of the disclosure.
According to an aspect of the embodiments of the present disclosure, there is provided a method for processing database information, including: acquiring a data table in a database; matching the data table according to the constraint information of the sensitive data type to obtain the sensitive data type of the data table; and generating a sensitive information table corresponding to the data table based on the sensitive data type.
In some exemplary embodiments of the present disclosure, after obtaining the data table in the database, the method further comprises: sampling the data table, and extracting a sampling data table; matching the data table according to the constraint information of the sensitive data type to acquire the sensitive data type of the data table, wherein the method comprises the following steps: and matching the sampling data table according to the constraint information of the sensitive data type to obtain the sensitive data type of the data table.
In some exemplary embodiments of the present disclosure, obtaining a data table in a database includes: establishing a connection with the database; extracting a non-system information table from the database; and screening out parts of character types and numerical value types from the non-system information table to obtain a data table in the database.
In some exemplary embodiments of the present disclosure, matching the data table according to constraint information of the sensitive data type, and obtaining the sensitive data type of the data table includes: acquiring constraint information matched with the data table and the weight of the constraint information; determining each sensitive data type corresponding to each constraint information; calculating the weight value of the data table in each sensitive data type based on the weight of each constraint information; and comparing the weight value of the data table in each sensitive data type with the weight threshold value of each sensitive data type, and determining the sensitive data type of the data table.
In some exemplary embodiments of the present disclosure, if the constraint information includes knowledge precipitation information, acquiring each constraint information matched with the data table and a weight of each constraint information includes: and judging whether the manufacturer name, the system name, the data table name and the field name of the data table and the historical data table are the same, if so, matching the data table with the knowledge deposit information, and acquiring the weight corresponding to the knowledge deposit information.
In some exemplary embodiments of the present disclosure, after generating the sensitive information table corresponding to the data table based on the sensitive data type, the method further includes: and converting the field corresponding to the sensitive information table in the data table into an encrypted character.
In some exemplary embodiments of the present disclosure, the sensitive data types include: at least one of name, gender, telephone, identification card, mailbox, and marital status.
According to an aspect of the embodiments of the present disclosure, there is provided an apparatus for processing database information, including: the data acquisition module is configured to acquire a data table in a database; the type acquisition module is configured to match the data table according to constraint information of the sensitive data type and acquire the sensitive data type matched with the constraint information; and the information generation module is configured to generate a sensitive information table corresponding to the data table based on the sensitive data type.
In some exemplary embodiments of the present disclosure, the apparatus further comprises: the sampling module is configured to sample the data table and extract a sampling data table; and the type acquisition module is configured to match the sampling data table according to the constraint information of the sensitive data type to acquire the sensitive data type of the data table.
In some exemplary embodiments of the present disclosure, the data acquisition module is configured to establish a connection with the database; extracting a non-system information table from the database; and screening out parts of character types and numerical value types from the non-system information table to obtain a data table in the database.
In some exemplary embodiments of the present disclosure, the type obtaining module is configured to obtain each constraint information matched with the data table and a weight of each constraint information; determining each sensitive data type corresponding to each constraint information; calculating the weight value of the data table in each sensitive data type based on the weight of each constraint information; and comparing the weight value of the data table in each sensitive data type with the weight threshold value of each sensitive data type, and determining the sensitive data type of the data table.
In some exemplary embodiments of the disclosure, if the constraint information includes knowledge deposit information, the type obtaining module is configured to determine whether a manufacturer name, a system name, a data table name, and a field name of the data table and a historical data table are the same, and if so, match the data table with the knowledge deposit information and obtain a weight corresponding to the knowledge deposit information.
In some exemplary embodiments of the present disclosure, the apparatus further comprises: and the conversion module is configured to convert the field corresponding to the sensitive information table in the data table into an encrypted character.
In some exemplary embodiments of the present disclosure, the sensitive data types include: at least one of name, gender, telephone, identification card, mailbox, and marital status.
According to an aspect of the embodiments of the present disclosure, there is provided a computer-readable storage medium storing a computer program, wherein the computer program is configured to implement the method as described in the above embodiments when executed by a processor.
According to an aspect of an embodiment of the present disclosure, there is provided an electronic device including: one or more processors; storage means for storing one or more programs which, when executed by the one or more processors, cause the one or more processors to implement the method as described in the embodiments above.
In the embodiment of the invention, a data table in a database is obtained; matching the data table according to the constraint information of the sensitive data type to obtain the sensitive data type of the data table; and generating a sensitive information table corresponding to the data table based on the sensitive data type. The method and the device realize automatic identification of the type of the sensitive information in the database, and improve the identification efficiency of the sensitive information.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present disclosure and together with the description, serve to explain the principles of the disclosure. It is to be understood that the drawings in the following description are merely exemplary of the disclosure, and that other drawings may be derived from those drawings by one of ordinary skill in the art without the exercise of inventive faculty. In the drawings:
FIG. 1 illustrates a schematic diagram of an exemplary system architecture 100 to which the method or apparatus of database information processing of embodiments of the present disclosure may be applied;
FIG. 2 schematically illustrates a flow diagram of a method of database information processing, according to one embodiment of the present disclosure;
FIG. 3 schematically illustrates a flow diagram of a method of matching data tables by constraint information of sensitive data types according to one embodiment of the present disclosure;
FIG. 4 schematically illustrates a block diagram of an apparatus for database information processing according to an embodiment of the present disclosure;
FIG. 5 illustrates a schematic structural diagram of a computer system suitable for use in implementing an electronic device of an embodiment of the present disclosure.
Detailed Description
Example embodiments will now be described more fully with reference to the accompanying drawings. Example embodiments may, however, be embodied in many different forms and should not be construed as limited to the examples set forth herein; rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of example embodiments to those skilled in the art.
Furthermore, the described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments. In the following description, numerous specific details are provided to give a thorough understanding of embodiments of the disclosure. One skilled in the relevant art will recognize, however, that the subject matter of the present disclosure can be practiced without one or more of the specific details, or with other methods, components, devices, steps, and so forth. In other instances, well-known methods, devices, implementations, or operations have not been shown or described in detail to avoid obscuring aspects of the disclosure.
The block diagrams shown in the figures are functional entities only and do not necessarily correspond to physically separate entities. I.e. these functional entities may be implemented in the form of software, or in one or more hardware modules or integrated circuits, or in different networks and/or processor means and/or microcontroller means.
The flow charts shown in the drawings are merely illustrative and do not necessarily include all of the contents and operations/steps, nor do they necessarily have to be performed in the order described. For example, some operations/steps may be decomposed, and some operations/steps may be combined or partially combined, so that the actual execution sequence may be changed according to the actual situation.
Fig. 1 shows a schematic diagram of an exemplary system architecture 100 to which the method or apparatus of database information processing of the disclosed embodiments may be applied.
As shown in fig. 1, the system architecture 100 may include one or more of terminal devices 101, 102, 103, a network 104, and a server 105. The network 104 serves as a medium for providing communication links between the terminal devices 101, 102, 103 and the server 105. Network 104 may include various connection types, such as wired, wireless communication links, or fiber optic cables, to name a few.
It should be understood that the number of terminal devices, networks, and servers in fig. 1 is merely illustrative. There may be any number of terminal devices, networks, and servers, as desired for implementation. For example, server 105 may be a server cluster comprised of multiple servers, or the like.
The user may use the terminal devices 101, 102, 103 to interact with the server 105 via the network 104 to receive or send messages or the like. The terminal devices 101, 102, 103 may be various electronic devices having a display screen, including but not limited to smart phones, tablet computers, portable computers, desktop computers, and the like.
The server 105 or the terminal device 103 (which may also be the terminal device 101 or 102) may perform various operations. For example, the server 105 or the terminal device 103 acquires a data table in the database; matching the data table according to constraint information of the sensitive data type to acquire the sensitive data type matched with the constraint information; and generating a sensitive information table corresponding to the data table based on the sensitive data type.
FIG. 2 schematically shows a flow diagram of a method of database information processing according to one embodiment of the present disclosure. The method provided by the embodiment of the present disclosure may be processed by any electronic device with computing processing capability, for example, the server 105 and/or the terminal devices 102 and 103 in the embodiment of fig. 1 described above, and in the following embodiment, the server 105 is taken as an execution subject for example, but the present disclosure is not limited thereto.
As shown in fig. 2, a method for processing database information provided by an embodiment of the present disclosure may include the following steps.
In step S210, a data table in the database is acquired.
In the embodiment of the invention, the connection with the database to be detected is established, and the non-system information table is extracted from the database. The data table may be a plurality of data tables from one or more databases, and accordingly, if the data table is a data table from a plurality of databases, a connection with each database needs to be established before to acquire the data table from each database.
In the embodiment of the invention, the data address information needing to be detected can be configured, and the connection with the related database is established.
According to the embodiment of the invention, after the non-system information table is extracted from the database, the parts of the character type and the numerical value type are screened out from the non-system information table so as to obtain the data table in the database.
It should be noted that the database may include a system information table and a non-system information table. The system information table is a table required in the database creation process, and is a table related to the database. The non-system information table refers to data stored in a database as a storage device, and is not related to the database and can be stored in other storage devices.
It should be noted that the data table in the database may exist in various forms, such as character type, numerical type, time and date type, etc. In the embodiment of the invention, the partial data tables of the character types and the numerical value types are screened from the multiple types, and the data tables are matched with the constraint information of the sensitive data types, so that the screening of the non-system information tables is realized, the information quantity needing to be matched is reduced, and the sensitive information identification efficiency is improved.
In step S220, the data table is matched according to the constraint information of the sensitive data type, and the sensitive data type of the data table is obtained.
In the embodiment of the present disclosure, after the data table is obtained, the data table may be further sampled, the sampled data table is extracted, and the sampled data table is matched according to the constraint information of the sensitive data type, so as to obtain the sensitive data type of the data table.
When sampling is performed, a sampling proportion or a specific data size can be set, so that a corresponding sampling data table is extracted from each data table by random sampling.
In the embodiment of the invention, when the data table (sampling data table) is matched according to the constraint information of the sensitive data type, each constraint information matched with the data table (sampling data table) and the weight of each constraint information are obtained, each sensitive data type corresponding to each constraint information is determined, the weight value of the data table (sampling data table) in each sensitive data type is calculated based on the weight of each constraint information, the weight value of the data table (sampling data table) in each sensitive data type is compared with the weight threshold of each sensitive data type, and the sensitive data type of the data table is determined.
It should be noted that, for the sampling data table, the sensitive data type of the sampling data table is determined by comparing the weight value of the sampling data table in each sensitive data type with the weight threshold of each sensitive data type, and the sensitive data type is also the sensitive data type of the data table corresponding to the sampling data table.
In the embodiment of the invention, when the data tables (sampling data tables) are a plurality of tables, the data in each data table is matched with the constraint information one by one in a concurrent traversal mode.
In step S230, a sensitive information table corresponding to the data table is generated based on the sensitive data type.
In the embodiment of the present invention, the sensitive information table may include: database type, database name, user name, Data table name, field name, Database (DB) annotation, and sensitive Data type.
For example, table 1 is a partial sensitive information table shown in the embodiment of the present invention.
TABLE 1
It should be noted that the database type, the database name, the user name, the data table name, and the like in the sensitive information table may be obtained from the established connection of the database.
In the embodiment of the invention, a data table in a database is obtained; matching the data table according to the constraint information of the sensitive data type to obtain the sensitive data type of the data table; and generating a sensitive information table corresponding to the data table based on the sensitive data type. The method and the device realize automatic identification of the type of the sensitive information in the database, and improve the identification efficiency of the sensitive information.
In one embodiment, after the sensitive information table is generated, a desensitization operation may be further performed on the data table based on the sensitive information table, and specifically, a field corresponding to the sensitive information table in the data table may be converted into an encrypted character.
In one embodiment, the sensitive data type may include at least one of name, gender, telephone, identification card, mailbox, and marital status.
Fig. 3 schematically illustrates a flowchart of a method for matching a data table according to constraint information of a sensitive data type according to an embodiment of the present disclosure, where the method provided by the embodiment of the present disclosure may be processed by any electronic device with computing processing capability, such as the server 105 and/or the terminal devices 102 and 103 in the embodiment of fig. 1, in the following embodiment, the server 105 is taken as an execution subject for example, but the present disclosure is not limited thereto. It should be noted that the following method can also be referred to as a method of matching the sample data table according to the constraint information of the sensitive data type.
As shown in fig. 3, a method for matching a data table according to constraint information of a sensitive data type provided by an embodiment of the present disclosure may include the following steps.
In step S310, each piece of constraint information matched with the data table and the weight of each piece of constraint information are acquired.
It should be noted that the obtained data table may include at least one column of fields, and each column of fields may not include the field name of the column. Each column of fields in the data table can only correspond to one sensitive data type at most.
In the embodiment of the invention, constraint information corresponding to each sensitive type and the weight of the constraint information are preset. After the data table is obtained, matching all constraint information corresponding to all sensitive types with the data table so as to obtain each constraint information matched with the obtained data table and the weight of each constraint information.
In the embodiment of the present invention, the constraint information may include, but is not limited to: part of speech information, field type information, common names information, field name information, field remark information, knowledge deposit information, field length information, mailbox format information and the like. For example, the constraint information may be: for parts of speech, for another example, the constraint information may be: to precipitate information for knowledge, constraint information may be, for another example: the field length is 11 bits, and for another example, the constraint information may be: the field is a value type.
If the part of speech is the name, the part of speech of a field in a certain column of fields in the data table can be confirmed by using a hanLP word splitter for the Chinese language processing package when matching is performed, and if the part of speech is the name, the constraint information is satisfied.
It should be noted that, if the constraint information is common names, the first 1-2 characters of a field in a certain column in the data table are compared with a preset common name list, and if the first 1-2 characters exist in the common name list, the constraint information is satisfied.
It should be noted that, if the constraint information is knowledge precipitation information, it is determined whether the manufacturer name, the system name, the data table name, and the field name of the data table and the historical data table are the same, and if so, the data table and the constraint information that satisfies the knowledge precipitation information are determined.
It should be noted that the vendor name and the system name can be obtained from the established connection of the database. If the manufacturer name, the system name, the data table name and the field name of the data table are the same as those of the historical data table, it can be determined that the data table and the historical data table are the same table or the same type table, and the sensitive data type of the data table can be determined based on the sensitive data type of the historical data table.
It should be noted that when the constraint information is matched with the data table, a regular matching may be used.
It should be noted that, when the constraint information is matched with the data table in the embodiment of the present invention, there may be a case where partial data in the data table is matched. For example, for a certain constraint information, 50% of the fields in a column of fields in the data table conform to the constraint information.
In step S320, each sensitive data type corresponding to each constraint information is determined.
In the embodiment of the invention, constraint information corresponding to each sensitive data type is preset.
For example, for a name type, its corresponding constraint information may include, but is not limited to: the part of speech is name, the first 1-2 characters are common names, the field name is name, the field remark is name, and the knowledge deposit information is obtained.
For another example, for a type of phone number, the corresponding constraint information may include: the field length is 11, the character type is full-numeric, and the start character is "1".
It should be noted that the same constraint information may correspond to at least one sensitive data type.
In the embodiment of the invention, after each constraint information matched with the data table is determined, the sensitive data types corresponding to each matched constraint information can be determined according to the preset constraint information corresponding to each sensitive data type.
For example, if a column of fields in a data table satisfies that the first 1-2 characters are common names, the field names are names, and the field length is 11, the first 1-2 characters are determined to be common names, the field names are name types, and the field length is 11 telephone number types.
In step S330, a weight value of each sensitive data type of the data table is calculated based on the weight of each constraint information.
In the embodiment of the invention, after the constraint information matched with the data table and the weight of the constraint information are obtained, the weight value of the data table in each sensitive data type can be calculated.
For example, in the above example, if 90% of the fields in a certain column of the data table satisfy that the first 1-2 characters are common names, the weight of the constraint information is 1, the data table satisfies that the field name is a name, the weight of the constraint information is 0.5, 10% of the fields in the data table satisfy that the field length is 11, and the weight of the constraint information is 1, the weight value of the data table in the name type is: 0.9 × 1+1 × 0.5 ═ 1.4, the weight value of the telephone number type in the data table is: 0.1 × 1 is 0.1.
In step S340, comparing the weight value of the data table in each sensitive data type with the weight threshold of each sensitive data type, and determining the sensitive data type of the data table.
In the embodiment of the invention, a weight value is set for each sensitive data type, and the weight values of each sensitive data type can be equal or unequal. After the weight value of each sensitive data type of the data table is calculated, the weight value is compared with a weight threshold corresponding to the sensitive data type, if the weight value exceeds the weight threshold, the sensitive data type corresponding to the weight threshold is the sensitive data type of the data table, otherwise, the sensitive data type of the data table is not the sensitive data type corresponding to the weight threshold.
For example, in the above example, if the weight threshold of the name type is 1.2 and the weight threshold of the phone number type is 1.5, the weight value of the field of the data table in the name type is 1.4, and if the weight threshold is greater than the weight threshold, the field of the data table is the name type. The weight value of the field of the data table in the name type is 0.1, and if the weight value is less than the weight threshold value, the sensitive type of the field of the data table is not the telephone number type.
The following describes embodiments of the apparatus of the present disclosure, which may be used to perform the above-mentioned database information processing method of the present disclosure. For details that are not disclosed in the embodiments of the apparatus of the present disclosure, refer to the embodiments of the method for processing database information described above in the present disclosure.
Fig. 4 schematically shows a block diagram of an apparatus for database information processing according to an embodiment of the present disclosure.
Referring to fig. 4, an apparatus 400 for database information processing according to an embodiment of the present disclosure may include: a data acquisition module 410, a type acquisition module 420, and an information generation module 430.
The data obtaining module 410 is configured to obtain a data table in a database.
The type obtaining module 420 is configured to match the data table according to constraint information of the sensitive data type, and obtain the sensitive data type matched with the constraint information.
The information generating module 430 is configured to generate a sensitive information table corresponding to the data table based on the sensitive data type.
In the embodiment of the invention, a data table in a database is obtained; matching the data table according to the constraint information of the sensitive data type to obtain the sensitive data type of the data table; and generating a sensitive information table corresponding to the data table based on the sensitive data type. The method and the device realize automatic identification of the type of the sensitive information in the database, and improve the identification efficiency of the sensitive information.
FIG. 5 illustrates a schematic structural diagram of a computer system suitable for use in implementing an electronic device of an embodiment of the present disclosure. It should be noted that the computer system 500 of the electronic device shown in fig. 5 is only an example, and should not bring any limitation to the functions and the scope of the application of the embodiments of the present disclosure.
As shown in fig. 5, the computer system 500 includes a Central Processing Unit (CPU)501 that can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM)502 or a program loaded from a storage section 508 into a Random Access Memory (RAM) 503. In the RAM 503, various programs and data necessary for system operation are also stored. The CPU501, ROM502, and RAM 503 are connected to each other via a bus 504. An input/output (I/O) interface 505 is also connected to bus 504.
The following components are connected to the I/O interface 505: an input portion 506 including a keyboard, a mouse, and the like; an output portion 507 including a display such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker; a storage portion 508 including a hard disk and the like; and a communication section 509 including a network interface card such as a LAN card, a modem, or the like. The communication section 509 performs communication processing via a network such as the internet. The driver 510 is also connected to the I/O interface 505 as necessary. A removable medium 511 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 510 as necessary, so that a computer program read out therefrom is mounted into the storage section 508 as necessary.
In particular, the processes described below with reference to the flowcharts may be implemented as computer software programs, according to embodiments of the present disclosure. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network through the communication section 509, and/or installed from the removable medium 511. The computer program executes various functions defined in the system of the present application when executed by a Central Processing Unit (CPU) 501.
It should be noted that the computer readable media shown in the present disclosure may be computer readable signal media or computer readable storage media or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present disclosure, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In contrast, in the present disclosure, a computer-readable signal medium may include a propagated data signal with computer-readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The modules and/or units described in the embodiments of the present disclosure may be implemented by software, or may be implemented by hardware, and the described modules and/or units may also be disposed in a processor. Wherein the names of such modules and/or units do not in some way constitute a limitation on the modules and/or units themselves.
As another aspect, the present application also provides a computer-readable medium, which may be contained in the electronic device described in the above embodiments; or may exist separately without being assembled into the electronic device. The computer readable medium carries one or more programs which, when executed by an electronic device, cause the electronic device to implement the method as described in the embodiments below.
It should be noted that although in the above detailed description several modules or units of the device for action execution are mentioned, such a division is not mandatory. Indeed, the features and functionality of two or more modules or units described above may be embodied in one module or unit, according to embodiments of the present disclosure. Conversely, the features and functions of one module or unit described above may be further divided into embodiments by a plurality of modules or units.
Through the above description of the embodiments, those skilled in the art will readily understand that the exemplary embodiments described herein may be implemented by software, or by software in combination with necessary hardware. Therefore, the technical solution according to the embodiments of the present disclosure may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (which may be a CD-ROM, a usb disk, a removable hard disk, etc.) or on a network, and includes several instructions to enable a computing device (which may be a personal computer, a server, a touch terminal, or a network device, etc.) to execute the method according to the embodiments of the present disclosure.
Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure disclosed herein. This application is intended to cover any variations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.
It will be understood that the present disclosure is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the present disclosure is limited only by the appended claims.
Claims (10)
1. A method of database information processing, comprising:
acquiring a data table in a database;
matching the data table according to the constraint information of the sensitive data type to obtain the sensitive data type of the data table;
and generating a sensitive information table corresponding to the data table based on the sensitive data type.
2. The method of claim 1, wherein after retrieving the data tables in the database, the method further comprises:
sampling the data table, and extracting a sampling data table;
matching the data table according to the constraint information of the sensitive data type to acquire the sensitive data type of the data table, wherein the method comprises the following steps:
and matching the sampling data table according to the constraint information of the sensitive data type to obtain the sensitive data type of the data table.
3. The method of claim 1, wherein obtaining a data table in a database comprises:
establishing a connection with the database;
extracting a non-system information table from the database;
and screening out parts of character types and numerical value types from the non-system information table to obtain a data table in the database.
4. The method of claim 1, wherein matching the data table according to constraint information of the sensitive data type to obtain the sensitive data type of the data table comprises:
acquiring constraint information matched with the data table and the weight of the constraint information;
determining each sensitive data type corresponding to each constraint information;
calculating the weight value of the data table in each sensitive data type based on the weight of each constraint information;
and comparing the weight value of the data table in each sensitive data type with the weight threshold value of each sensitive data type, and determining the sensitive data type of the data table.
5. The method of claim 4, wherein if the constraint information includes knowledge precipitation information, obtaining constraint information and weights of the constraint information that match the data table comprises:
and judging whether the manufacturer name, the system name, the data table name and the field name of the data table and the historical data table are the same, if so, matching the data table with the knowledge deposit information, and acquiring the weight corresponding to the knowledge deposit information.
6. The method of claim 1, wherein after generating the sensitive information table corresponding to the data table based on the sensitive data type, the method further comprises:
and converting the field corresponding to the sensitive information table in the data table into an encrypted character.
7. The method of claim 1, wherein the sensitive data types comprise: at least one of name, gender, telephone, identification card, mailbox, and marital status.
8. An apparatus for processing database information, comprising:
the data acquisition module is configured to acquire a data table in a database;
the type acquisition module is configured to match the data table according to constraint information of the sensitive data type and acquire the sensitive data type matched with the constraint information;
and the information generation module is configured to generate a sensitive information table corresponding to the data table based on the sensitive data type.
9. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the method according to any one of claims 1 to 7.
10. An electronic device, comprising:
one or more processors;
storage means for storing one or more programs;
when executed by the one or more processors, cause the one or more processors to implement the method of any one of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911329313.0A CN111079185B (en) | 2019-12-20 | 2019-12-20 | Database information processing method and device, storage medium and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911329313.0A CN111079185B (en) | 2019-12-20 | 2019-12-20 | Database information processing method and device, storage medium and electronic equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111079185A true CN111079185A (en) | 2020-04-28 |
| CN111079185B CN111079185B (en) | 2022-12-30 |
Family
ID=70316396
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911329313.0A Active CN111079185B (en) | 2019-12-20 | 2019-12-20 | Database information processing method and device, storage medium and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111079185B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113704573A (en) * | 2021-08-26 | 2021-11-26 | 北京中安星云软件技术有限公司 | Database sensitive data scanning method and device |
Citations (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20130332990A1 (en) * | 2010-05-10 | 2013-12-12 | International Business Machines Corporation | Enforcement Of Data Privacy To Maintain Obfuscation Of Certain Data |
| US8628331B1 (en) * | 2010-04-06 | 2014-01-14 | Beth Ann Wright | Learning model for competency based performance |
| CN104794204A (en) * | 2015-04-23 | 2015-07-22 | 上海新炬网络信息技术有限公司 | Database sensitive data automatically-recognizing method |
| CN104933443A (en) * | 2015-06-26 | 2015-09-23 | 北京途美科技有限公司 | Automatic identifying and classifying method for sensitive data |
| WO2016073479A1 (en) * | 2014-11-03 | 2016-05-12 | Automated Clinical Guidelines, Llc | Method and platform/system for creating a web-based form that incorporates an embedded knowledge base, wherein the form provides automatic feedback to a user during and following completion of the form |
| CN107305615A (en) * | 2016-04-25 | 2017-10-31 | 深圳市深信服电子科技有限公司 | Tables of data recognition methods and system |
| CN107729456A (en) * | 2017-09-30 | 2018-02-23 | 武汉汉思信息技术有限责任公司 | Sensitive information search method, server and storage medium |
| US20180232528A1 (en) * | 2017-02-13 | 2018-08-16 | Protegrity Corporation | Sensitive Data Classification |
| CN108536739A (en) * | 2018-03-07 | 2018-09-14 | 中国平安人寿保险股份有限公司 | The recognition methods of metadata sensitive information field, device, equipment and storage medium |
| CN109359161A (en) * | 2018-09-07 | 2019-02-19 | 顺丰科技有限公司 | Address date recognition methods and device |
| CN109446844A (en) * | 2018-11-15 | 2019-03-08 | 北京信息科技大学 | A kind of method for secret protection and system towards big data publication |
| CN109829327A (en) * | 2018-12-15 | 2019-05-31 | 中国平安人寿保险股份有限公司 | Sensitive information processing method, device, electronic equipment and storage medium |
| CN110134719A (en) * | 2019-05-17 | 2019-08-16 | 贵州大学 | A kind of identification of structural data Sensitive Attributes and stage division of classifying |
| CN110209892A (en) * | 2019-04-17 | 2019-09-06 | 深圳壹账通智能科技有限公司 | Sensitive information recognition methods, device, electronic equipment and storage medium |
| CN110222170A (en) * | 2019-04-25 | 2019-09-10 | 平安科技(深圳)有限公司 | A kind of method, apparatus, storage medium and computer equipment identifying sensitive data |
-
2019
- 2019-12-20 CN CN201911329313.0A patent/CN111079185B/en active Active
Patent Citations (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8628331B1 (en) * | 2010-04-06 | 2014-01-14 | Beth Ann Wright | Learning model for competency based performance |
| US20130332990A1 (en) * | 2010-05-10 | 2013-12-12 | International Business Machines Corporation | Enforcement Of Data Privacy To Maintain Obfuscation Of Certain Data |
| WO2016073479A1 (en) * | 2014-11-03 | 2016-05-12 | Automated Clinical Guidelines, Llc | Method and platform/system for creating a web-based form that incorporates an embedded knowledge base, wherein the form provides automatic feedback to a user during and following completion of the form |
| CN104794204A (en) * | 2015-04-23 | 2015-07-22 | 上海新炬网络信息技术有限公司 | Database sensitive data automatically-recognizing method |
| CN104933443A (en) * | 2015-06-26 | 2015-09-23 | 北京途美科技有限公司 | Automatic identifying and classifying method for sensitive data |
| CN107305615A (en) * | 2016-04-25 | 2017-10-31 | 深圳市深信服电子科技有限公司 | Tables of data recognition methods and system |
| US20180232528A1 (en) * | 2017-02-13 | 2018-08-16 | Protegrity Corporation | Sensitive Data Classification |
| CN107729456A (en) * | 2017-09-30 | 2018-02-23 | 武汉汉思信息技术有限责任公司 | Sensitive information search method, server and storage medium |
| CN108536739A (en) * | 2018-03-07 | 2018-09-14 | 中国平安人寿保险股份有限公司 | The recognition methods of metadata sensitive information field, device, equipment and storage medium |
| CN109359161A (en) * | 2018-09-07 | 2019-02-19 | 顺丰科技有限公司 | Address date recognition methods and device |
| CN109446844A (en) * | 2018-11-15 | 2019-03-08 | 北京信息科技大学 | A kind of method for secret protection and system towards big data publication |
| CN109829327A (en) * | 2018-12-15 | 2019-05-31 | 中国平安人寿保险股份有限公司 | Sensitive information processing method, device, electronic equipment and storage medium |
| CN110209892A (en) * | 2019-04-17 | 2019-09-06 | 深圳壹账通智能科技有限公司 | Sensitive information recognition methods, device, electronic equipment and storage medium |
| CN110222170A (en) * | 2019-04-25 | 2019-09-10 | 平安科技(深圳)有限公司 | A kind of method, apparatus, storage medium and computer equipment identifying sensitive data |
| CN110134719A (en) * | 2019-05-17 | 2019-08-16 | 贵州大学 | A kind of identification of structural data Sensitive Attributes and stage division of classifying |
Non-Patent Citations (5)
| Title |
|---|
| AMIR HAREL 等: "M-Score:A Misuseability Weight Measure", 《IN IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING》 * |
| 张梦影: "ORACLE到POSTGRES的数据库迁移", 《中国优秀硕士学位论文全文数据库 信息科技辑》 * |
| 肖雪娇: "应用于医疗信息平台的基于块数据的采集机制", 《中国优秀硕士学位论文全文数据库 医药卫生科技辑》 * |
| 邹云峰 等: "电力客户数据隐私保护机制研究", 《电力需求侧管理》 * |
| 郑明辉 等: "相同敏感值数据表泛化算法的安全性度量研究", 《网络空间安全》 * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113704573A (en) * | 2021-08-26 | 2021-11-26 | 北京中安星云软件技术有限公司 | Database sensitive data scanning method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111079185B (en) | 2022-12-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111159220B (en) | Method and apparatus for outputting structured query statement | |
| CN112527649A (en) | Test case generation method and device | |
| CN109359194B (en) | Method and apparatus for predicting information categories | |
| US20200322570A1 (en) | Method and apparatus for aligning paragraph and video | |
| CN107908662B (en) | Method and device for realizing search system | |
| CN113657113A (en) | Text processing method and device and electronic equipment | |
| CN111563163A (en) | Text classification model generation method and device and data standardization method and device | |
| CN111126649B (en) | Method and device for generating information | |
| CN114298845A (en) | Method and device for processing claim settlement bills | |
| CN113111167B (en) | Method and device for extracting warning text received vehicle model based on deep learning model | |
| CN111079185B (en) | Database information processing method and device, storage medium and electronic equipment | |
| CN112433713A (en) | Application program design graph processing method and device | |
| CN113111165A (en) | Deep learning model-based alarm receiving warning condition category determination method and device | |
| CN116204428A (en) | Test case generation method and device | |
| CN111353039A (en) | File class detection method and device | |
| CN113111234B (en) | Regular expression-based alarm processing condition category determining method and device | |
| CN109857838B (en) | Method and apparatus for generating information | |
| CN113111897A (en) | Alarm receiving and warning condition type determining method and device based on support vector machine | |
| CN112131379A (en) | Method, device, electronic equipment and storage medium for identifying problem category | |
| CN113111169A (en) | Deep learning model-based alarm receiving and processing text address information extraction method and device | |
| CN107368597B (en) | Information output method and device | |
| CN111783572A (en) | Text detection method and device | |
| CN111274383A (en) | Method and device for classifying objects applied to quotation | |
| CN114138972B (en) | Text category identification method and device | |
| CN111131354A (en) | Method and apparatus for generating information |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20210224 Address after: 100191 room 801, 8th floor, building 9, 35 Huayuan North Road, Haidian District, Beijing Applicant after: YIDU CLOUD Ltd. Address before: Room 1502, 15 / F, Yangzi science and technology innovation center, 211 pubin Road, Jiangbei new district, Nanjing City, Jiangsu Province, 210000 Applicant before: Nanjing Yikang Technology Co.,Ltd. Applicant before: Nanjing Yiyi Yunda Data Technology Co.,Ltd. |
|
| TA01 | Transfer of patent application right | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |