CN111400758B - Access right verification method, device and system applied to Internet of things - Google Patents
Access right verification method, device and system applied to Internet of things Download PDFInfo
- Publication number
- CN111400758B CN111400758B CN202010179700.7A CN202010179700A CN111400758B CN 111400758 B CN111400758 B CN 111400758B CN 202010179700 A CN202010179700 A CN 202010179700A CN 111400758 B CN111400758 B CN 111400758B
- Authority
- CN
- China
- Prior art keywords
- authority
- access
- terminal device
- information
- list
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
- G06F21/445—Program or device authentication by mutual authentication, e.g. between devices or programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
Abstract
The application relates to an access right verification method, equipment and system applied to the Internet of things. By applying the scheme, the first permission change track and the second permission change track of the terminal equipment in the current time period can be determined based on the equipment access list and the equipment safety information of the terminal equipment, so that the updating mode of the access permission of the terminal equipment is determined based on the consistency comparison result of the first permission change track and the second permission change track. Therefore, the change of the access right set of the terminal equipment in different time interval and the legality of the change can be taken into consideration, so that the data among the terminal equipment are prevented from being stolen due to the change of the illegal access right set when the access right of the terminal equipment is updated, and further important data are lost and private data are leaked.
Description
Technical Field
The application relates to the technical field of the Internet of things, in particular to an access right verification method, device and system applied to the Internet of things.
Background
With the development of science and technology, the interconnection of everything is gradually integrated into the production and life of people, and the internet of things with powerful functions is formed. In the Internet of things, data transmission and data interaction can be carried out among different types of Internet of things equipment so as to ensure the stable operation of the whole Internet of things. Because data among the internet of things devices in the internet of things are intercommunicated, the data among the internet of things devices can be stolen, and important data are lost and private data are leaked.
Disclosure of Invention
The application provides an access right verification method, equipment and system applied to the Internet of things, so as to improve the technical problem.
According to a first aspect of embodiments of the present application, an access right verification method applied to the internet of things is provided, and is applied to an access right verification device, where the access right verification device communicates with a plurality of terminal devices, and the method at least includes:
acquiring an equipment access list of each terminal equipment in the current time interval, and determining equipment safety information of each terminal equipment in the current time interval according to the data processing record of each terminal equipment in the current time interval;
extracting a plurality of access object information in each equipment access list and authority authentication information corresponding to each access object information; determining a first authority change track of each terminal device in the current time period based on a plurality of access object information and a plurality of authority authentication information corresponding to each device access list;
acquiring an access authority list corresponding to the device safety information of each terminal device in the current time interval from a preset database, and determining a second authority change track of each terminal device in the current time interval according to the access authority list;
judging whether the first authority change track and the second authority change track of each terminal device are consistent or not; if the access authority of each terminal device is consistent with the access authority of each terminal device, updating the access authority of each terminal device according to the first authority change track or the second authority change track; if the access authority lists are inconsistent, acquiring a third authority change track of each terminal device in the last time interval from the database according to the access authority lists, and determining historical safety information of each terminal device in the last time interval according to the third authority change track; determining whether each terminal device has abnormal access authority according to the device safety information and the historical safety information of each terminal device; if not, updating the access authority of each terminal device according to the first authority change track; if yes, updating the access authority of each terminal device according to the second authority change track.
Further, the obtaining of the device access list of each terminal device in the current time interval further includes:
acquiring an access protocol thread parameter of each terminal device, and determining an access protocol weight of each terminal device according to the access protocol thread parameter; adjusting the acquisition frequency of the access right verification equipment according to the access protocol weight so that the acquisition frequency of the access right verification equipment is matched with the access protocol weight of each terminal equipment;
acquiring a thread running log of each terminal device based on the acquisition frequency, and identifying object pointing information of each terminal device in the thread running log of each terminal device; correcting the access protocol weight of each terminal device according to the pointing identification of the object pointing information and determining the effective communication record of each terminal device;
determining a communication object identifier and a plurality of groups of communication parameter information of each effective communication record corresponding to each terminal device; judging whether a first list for representing that a terminal device initiates an authority request exists in the effective communication record according to the communication object identifier, and when the first list exists in the effective communication record, determining a feature matching coefficient between each piece of communication parameter information of the effective communication record under a second list for representing that the terminal device receives the authority request and each piece of communication parameter information of the effective communication record under the first list according to the communication parameter information of the effective communication record under the first list and the information capacity of the communication parameter information, wherein the feature matching coefficient is used for representing the association degree between different pieces of communication parameter information;
transferring the communication parameter information of which the characteristic matching coefficient between the communication parameter information of the effective communication record in the second list and the communication parameter information of the effective communication record in the first list is greater than a set coefficient to the first list;
and determining authority authentication information and access object information corresponding to the effective communication record according to the communication parameter information in the first list, and generating an equipment access list according to the access object information and the authority authentication information corresponding to each terminal equipment.
Further, the determining, according to the data processing record of each terminal device in the current time interval, the device security information of each terminal device in the current time interval further includes:
determining a log file in the data processing record, and counting first text data corresponding to the log file, wherein the log file is extracted by adopting a preset log extraction thread in the data processing record, and a thread parameter corresponding to the log extraction thread is unchanged;
acquiring an equipment operating file of each terminal equipment, and calculating the text similarity between the log file and the equipment operating file according to the first text data;
if the text similarity between the log file and the equipment operation file is smaller than a preset text similarity threshold, fusing the equipment parameters of each terminal equipment with the first text data to obtain second text data;
converting the device parameters into a parameter topology of the terminal device, and splicing the structural topology of the record form corresponding to the data processing record by taking the parameter topology as a reference to obtain a first splicing result;
and screening the first splicing result according to the second text data to obtain a second splicing result, determining node safety information of each topological node and time information corresponding to each topological node in the second splicing result, and determining equipment safety information of each terminal equipment in the current time interval according to the node safety information and the time information corresponding to each topological node.
Further, the determining, based on the multiple access object information and the multiple right authentication information corresponding to each device access list, a first right change trajectory of each terminal device in a current time period further includes:
generating an authority node according to each access object information in each equipment access order and authority authentication information corresponding to the access object information;
determining a node fluctuation sequence from each authority node;
judging whether the fluctuation value of each node in the node fluctuation sequence of each authority node is continuous relative to the adjacent two node fluctuation values of the node fluctuation value in the node fluctuation sequence of the authority node;
if so, determining the node fluctuation sequence determined from each authority node as an effective node fluctuation sequence of each authority node;
otherwise, carrying out weighted sum on each node fluctuation value in the node fluctuation sequence in each authority node and two adjacent node fluctuation values thereof, and determining the effective node fluctuation sequence of each authority node according to the weighted sum result;
and connecting each authority node according to the sequence direction information in the effective node fluctuation sequence of each authority node to obtain a first authority change track of each terminal device in the current time period.
Further, the obtaining, from a preset database, an access authority list corresponding to the device security information of each terminal device in the current time interval further includes:
sequentially selecting first authority records in the database according to the information capacity;
determining a target permission record from a second permission record in which the information capacity size in the database is positioned before the first permission record;
acquiring a first authority evaluation factor of each piece of authority information in the target authority record;
splitting the first authority record according to the corresponding relation between the first authority evaluation factor and the preset evaluation logic of each piece of authority information to obtain an authority behavior data packet of the first authority record; the preset evaluation logic of each piece of authority information is used for representing access behavior taking each piece of authority information as a reference, and the preset access behavior security detection logic of each piece of authority information is used as a reference;
performing authority data stream extraction on the authority behavior data packet to obtain an authority behavior sequence of each piece of authority information;
determining time information of a data flow direction from the authority behavior data packet to obtain a time sequence corresponding to the time information of the data flow direction;
and determining an access authority list corresponding to the equipment safety information in the current time interval from the first authority record according to the time sequence and the authority behavior sequence.
Further, the determining, according to the access right list, a second right change trajectory of each terminal device in the current time interval further includes:
obtaining list structure information containing a plurality of list units and at least one list distribution diagram containing a plurality of list units from the access authority list, wherein the list distribution diagram and the list structure information have different authority description tracks;
extracting a first information set of target information identification from the list structure information and a second information set of target information identification from the list distribution map, wherein the first information set comprises a plurality of first access right levels for marking distribution region priority in the list structure information, and the second information set comprises a plurality of second access right levels for marking distribution region priority in the list distribution map;
transferring the plurality of first access permission levels to the list distribution map to obtain a plurality of transfer levels;
constructing a level difference distribution between the plurality of transfer levels and the plurality of second access right levels;
acquiring a grade difference distribution track between a first access authority grade in the list structure information and a corresponding second access authority grade in the list distribution map based on the grade difference distribution; and weighting the grade difference distribution track according to a first time weight corresponding to a first access authority grade in the list structure information and a second time weight corresponding to a second access authority grade in the list distribution map to obtain a second authority variable track.
According to a second aspect of the embodiments of the present application, there is provided an access right verifying device applied to the internet of things, the access right verifying device communicating with a plurality of terminal devices, the access right verifying device at least including:
the list acquisition module is used for acquiring an equipment access list of each terminal equipment in the current time interval and determining the equipment safety information of each terminal equipment in the current time interval according to the data processing record of each terminal equipment in the current time interval;
the information extraction module is used for extracting a plurality of access object information in each equipment access list and authority authentication information corresponding to each access object information; determining a first authority change track of each terminal device in the current time period based on a plurality of access object information and a plurality of authority authentication information corresponding to each device access list;
the list acquisition module is used for acquiring an access authority list corresponding to the device safety information of each terminal device in the current time interval from a preset database, and determining a second authority change track of each terminal device in the current time interval according to the access authority list;
the authority updating module is used for judging whether the first authority change track and the second authority change track of each terminal device are consistent or not; if the access authority of each terminal device is consistent with the access authority of each terminal device, updating the access authority of each terminal device according to the first authority change track or the second authority change track; if the access authority lists are inconsistent, acquiring a third authority change track of each terminal device in the last time interval from the database according to the access authority lists, and determining historical safety information of each terminal device in the last time interval according to the third authority change track; determining whether each terminal device has abnormal access authority according to the device safety information and the historical safety information of each terminal device; if not, updating the access authority of each terminal device according to the first authority change track; if yes, updating the access authority of each terminal device according to the second authority change track.
According to a third aspect of the embodiments of the present application, there is provided an access right verification device applied to the internet of things, including:
a processor, and
a memory and a network interface connected with the processor;
the network interface is connected with a nonvolatile memory in the access right verification device;
when the processor is operated, the computer program is called from the nonvolatile memory through the network interface, and the computer program is operated through the memory so as to execute the method.
According to a fourth aspect of the embodiments of the present application, a readable storage medium applied to a computer is provided, where a computer program is burned in the readable storage medium, and the computer program implements the method when running in a memory of an access right verification device.
According to a fifth aspect of the embodiments of the present application, there is provided an access right verification system applied to the internet of things, including an access right verification device and a plurality of terminal devices, where the access right verification device is in communication with the plurality of terminal devices;
the terminal equipment is used for generating an equipment access list in real time during running;
the access authority verification device is used for acquiring a device access list of each terminal device in the current time interval and determining device safety information of each terminal device in the current time interval according to the data processing record of each terminal device in the current time interval; extracting a plurality of access object information in each equipment access list and authority authentication information corresponding to each access object information; determining a first authority change track of each terminal device in the current time period based on a plurality of access object information and a plurality of authority authentication information corresponding to each device access list; acquiring an access authority list corresponding to the device safety information of each terminal device in the current time interval from a preset database, and determining a second authority change track of each terminal device in the current time interval according to the access authority list; judging whether the first authority change track and the second authority change track of each terminal device are consistent or not; if the access authority of each terminal device is consistent with the access authority of each terminal device, updating the access authority of each terminal device according to the first authority change track or the second authority change track; if the access authority lists are inconsistent, acquiring a third authority change track of each terminal device in the last time interval from the database according to the access authority lists, and determining historical safety information of each terminal device in the last time interval according to the third authority change track; determining whether each terminal device has abnormal access authority according to the device safety information and the historical safety information of each terminal device; if not, updating the access authority of each terminal device according to the first authority change track; if yes, updating the access authority of each terminal device according to the second authority change track.
The access right verification method, the device and the system applied to the Internet of things can achieve the following beneficial technical effects.
The method and the device for updating the access right of the terminal device can determine the first right change track and the second right change track of the terminal device in the current time period based on the device access list and the device security information of the terminal device, so that the method for updating the access right of the terminal device is determined based on the consistency comparison result of the first right change track and the second right change track.
Therefore, the change of the access right set of the terminal equipment in different time interval and the legality of the change can be considered, so that the data among the terminal equipment are prevented from being stolen due to the change of the illegal access right set when the access right of the terminal equipment is updated, and further important data are lost and private data are leaked.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the application.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present application and together with the description, serve to explain the principles of the application.
Fig. 1 is a schematic diagram of an access right verification system according to an exemplary embodiment of the present application.
Fig. 2 is a flowchart illustrating an access right verification method according to an exemplary embodiment of the present application.
Fig. 3-7 are sub-step diagrams illustrating the present application corresponding to the steps in fig. 2 according to an exemplary embodiment.
Fig. 8 is a block diagram of one embodiment of an access right verification device according to one exemplary embodiment of the present application.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present application. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the present application, as detailed in the appended claims.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used in this application and the appended claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any and all possible combinations of one or more of the associated listed items.
It is to be understood that although the terms first, second, third, etc. may be used herein to describe various information, such information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, first information may also be referred to as second information, and similarly, second information may also be referred to as first information, without departing from the scope of the present application. The word "if" as used herein may be interpreted as "at … …" or "when … …" or "in response to a determination", depending on the context.
In order to better understand the access right verification method, device and system applied to the internet of things disclosed in the present application, an access right verification system used in the embodiments of the present application is first described, as shown in fig. 1, fig. 1 is a schematic diagram of a network architecture of an access right verification system 10 shown in the present application according to an exemplary embodiment. The access right authentication system 10 may include an access right authentication device 20 and a plurality of terminal devices 30 communicatively connected to each other.
In one possible embodiment of the present application, the access right verifying device 20 may be a computer device with data processing and information analyzing functions, such as a desktop computer, a notebook computer, a laptop computer, or the like. The terminal device 30 may be different types of internet of things devices. For example, the lamp is applied to table lamps, air conditioners, dish washing machines and the like in the field of smart home. The intelligent alarm is also applied to cameras, smoke alarms, intelligent doorbells and the like in the field of hotels. And is applied to various production apparatuses in an automated factory, for example.
In the access right verification system 10 shown in fig. 1, the access right verification device 20 may set and update the access right for each terminal device 30 at regular time according to the uploaded data or information of each terminal device 30, so as to ensure the validity of the access right of the terminal device 30, and thus ensure the data security between the terminal devices 30.
On the basis of the above, as shown in fig. 2, fig. 2 is a flowchart of an access right verification method shown in the present application according to an exemplary embodiment, which can be applied to the access right verification device 20 in fig. 1, and which can include the contents described in the following steps S21-S24.
Step S21, acquiring a device access list of each terminal device in the current time interval, and determining device security information of each terminal device in the current time interval according to the data processing record of each terminal device in the current time interval.
In the implementation of the present application, the device access list includes access object information and right authentication information corresponding to the terminal device 30 in the current time interval. The access target information includes other devices that communicate with the terminal device 30. It is understood that the access object may be the access right verifying device 20, or may be other terminal devices 30, and is not limited herein.
Further, the authority authentication information includes log information on access authority request, confirmation and verification between the terminal device 30 and the access object, which may be dynamically stored in a designated memory chip area of the access authority verification device 20.
Further, the data processing record includes processing logs and traces recorded when the terminal device 30 performs data interaction and processing with the access object, and the data processing record is used for recording continuous data processing behaviors of the terminal device 30.
In a possible implementation manner, the device security information is used to represent data interaction security of the terminal device 30 in a current time interval, where the data interaction security may be understood as a probability that the terminal device 30 or a data storage area of an access object is invaded when the terminal device 30 performs data interaction with the access object in the current time interval, and the higher the data interaction security is, the lower the probability that the data storage area is invaded is.
Step S22, extracting a plurality of access object information in each device access list and authority authentication information corresponding to each access object information; and determining a first authority change track of each terminal device in the current time period based on a plurality of access object information and a plurality of authority authentication information corresponding to each device access list.
In an implementable manner, the first permission change trajectory may be understood as a change of the access permission set of the terminal device 30 in the current time interval relative to the access permission set of the terminal device 30 in the last time interval. For example, the first permission change trajectory may represent whether the access permission range of the terminal device 30 in the current time interval is expanded or reduced.
Step S23, obtaining an access right list corresponding to the device security information of each terminal device in the current time interval from a preset database, and determining a second right change trajectory of each terminal device in the current time interval according to the access right list.
In a specific implementation, the access right list includes the agreed right between the terminal device 30 and the other device in the access right verification system 10, where the agreed right includes the privacy degree of the data of the terminal device 30 accessing the other device in the access right verification system 10 or the privacy degree of the data of the terminal device 30 accessing the other device in the access right verification system 10.
The second permission change track is used for representing the change situation of the legal access permission of the terminal device 30 in the current time interval. In practical applications, the access right ranges of the terminal device 30 in different time interval intervals may be different, and thus the access right set of the terminal device 30 between adjacent time interval intervals may change, and the change may be legal or illegal, so that it can be determined whether the change of the access right set of the terminal device 30 between adjacent time interval intervals is legal or not by using the second right change trajectory as a reference.
Step S24, judging whether the first authority change track and the second authority change track of each terminal device are consistent; if the access authority of each terminal device is consistent with the access authority of each terminal device, updating the access authority of each terminal device according to the first authority change track or the second authority change track; otherwise, acquiring a third authority change track of each terminal device in the last time interval from the database according to the access authority list, and determining historical safety information of each terminal device in the last time interval according to the third authority change track; determining whether each terminal device has abnormal access authority according to the device safety information and the historical safety information of each terminal device; if not, updating the access authority of each terminal device according to the first authority change track; if yes, updating the access authority of each terminal device according to the second authority change track.
In step S24, if the first permission variation trajectory and the second permission variation trajectory match, it is determined that the change of the access right set of the terminal device 30 in the current time interval is legal, and at this time, the access right of each terminal device may be updated according to the first permission variation trajectory or the second permission variation trajectory.
In step S24, if the first permission variation trajectory is consistent with the second permission variation trajectory, it is determined that the change of the access right set of the terminal device 30 in the current time interval is possibly illegal, and in order to further ensure that the terminal device 30 does not cause data leakage of the entire access right verification system 10 due to the illegal change of the access right set, historical security information of the terminal device 30 in the previous time interval is determined according to the third permission variation trajectory of the terminal device 30 in the previous time interval.
Further, whether the access authority of the terminal device is abnormal is determined by comparing the device security information of the terminal device 30 with the historical security information, if the access authority is not abnormal, the access authority of each terminal device can be updated according to the first authority change track, and if the access authority is abnormal, the access authority of each terminal device can be updated according to the second authority change track.
When the method described in the above-mentioned step S21-step S24 is executed, the first right change trajectory and the second right change trajectory of the terminal device in the current time period can be determined based on the device access list and the device security information of the terminal device, so that the manner of updating the access right of the terminal device is determined based on the consistency comparison result of the first right change trajectory and the second right change trajectory. Therefore, the change of the access right set of the terminal equipment in different time interval and the legality of the change can be considered, so that the data among the terminal equipment are prevented from being stolen due to the change of the illegal access right set when the access right of the terminal equipment is updated, and further important data are lost and private data are leaked.
In an example, please refer to fig. 3 in combination, the step S21 of obtaining the device access list of each terminal device in the current time interval may specifically include the method described in the following sub-steps.
Step S2111, acquiring access protocol thread parameters of each terminal device, and determining the access protocol weight of each terminal device according to the access protocol thread parameters; and adjusting the acquisition frequency of the access right verification equipment according to the access protocol weight so that the acquisition frequency of the access right verification equipment is matched with the access protocol weight of each terminal equipment.
Step S2112, acquiring the thread running log of each terminal device based on the acquisition frequency, and identifying the object pointing information of each terminal device in the thread running log of each terminal device; and correcting the access protocol weight of each terminal device according to the pointing identification of the object pointing information and determining the effective communication record of each terminal device.
Step S2113, aiming at each effective communication record corresponding to each terminal device, determining a communication object identifier and a plurality of groups of communication parameter information of the effective communication record; judging whether a first list for representing that a terminal device initiates an authority request exists in the effective communication record according to the communication object identifier, and when the first list exists in the effective communication record, determining a feature matching coefficient between each piece of communication parameter information of the effective communication record under a second list for representing that the terminal device receives the authority request and each piece of communication parameter information of the effective communication record under the first list according to the communication parameter information of the effective communication record under the first list and the information capacity of the communication parameter information, wherein the feature matching coefficient is used for representing the association degree between different pieces of communication parameter information.
In this embodiment, the larger the feature matching coefficient is, the higher the degree of association between different pieces of communication parameter information is, and the smaller the feature matching coefficient is, the lower the degree of association between different pieces of communication parameter information is.
Step S2114, transferring the communication parameter information, in which the feature matching coefficient between the communication parameter information of the effective communication record in the second list and the communication parameter information of the effective communication record in the first list is greater than the set coefficient, to the first list.
Step S2115, according to the communication parameter information in the first list, determining the authority authentication information and the access object information corresponding to the effective communication record, and according to the access object information and the authority authentication information corresponding to each terminal device, generating a device access list.
When the method described in the above step S2111 to step S2115 is applied, the device access list of each terminal device in the current time interval can be accurately determined, so as to provide an accurate data basis for subsequently determining the first permission change trajectory and the second permission change trajectory.
In another example, referring to fig. 4 in combination, the step S21 of determining the device security information of each terminal device in the current time interval according to the data processing record of each terminal device in the current time interval may specifically include the following sub-steps.
Step S2121, determining a log file in the data processing record, and counting first text data corresponding to the log file, wherein the log file is extracted by adopting a preset log extraction thread in the data processing record, and a thread parameter corresponding to the log extraction thread is unchanged.
Step S2122, obtaining the device operating file of each terminal device, and calculating the text similarity between the log file and the device operating file according to the first text data.
Step S2123, if the text similarity between the log file and the device operating file is smaller than a preset text similarity threshold, fusing the device parameter of each terminal device with the first text data to obtain second text data.
Step S2124, converting the device parameters into a parameter topology of the terminal device, and splicing the structural topology of the record form corresponding to the data processing record by taking the parameter topology as a reference to obtain a first splicing result.
Step S2125 of screening the first splicing result according to the second text data to obtain a second splicing result, determining node safety information of each topological node and time information corresponding to each topological node in the second splicing result, and determining equipment safety information of each terminal device in the current time interval according to the node safety information and the time information corresponding to each topological node.
When the method described in steps S2121 to S2125 is specifically implemented, the log file in the data processing record of the terminal device in the current time interval can be analyzed, and the device parameter of the terminal device is nodized based on the analysis result, so that the node security information of each topological node and the time information corresponding to each topological node are determined, and further, the device security information of each terminal device in the current time interval is accurately determined.
Referring to fig. 5, in a possible implementation manner, in step S22, the step of determining the first permission variation trajectory of each terminal device in the current time period based on the multiple access object information and the multiple permission authentication information corresponding to each device access list may be specifically implemented by a method described in the following steps.
Step S221, generating an authorization node according to each access object information in each device access order and authorization authentication information corresponding to the access object information.
In step S222, a node fluctuation sequence is determined from each authority node.
Step S223, determine whether each node fluctuation value in the node fluctuation sequence in each authority node is continuous with respect to two adjacent node fluctuation values of the node fluctuation value in the node fluctuation sequence in the authority node.
In step S224, if yes, the node fluctuation sequence determined from each authority node is determined as an effective node fluctuation sequence of each authority node.
And step S225, otherwise, carrying out weighted sum on each node fluctuation value in the node fluctuation sequence of each authority node and two adjacent node fluctuation values thereof, and determining the effective node fluctuation sequence of each authority node according to the weighted sum result.
Step S226, connecting each authority node according to the sequence direction information in the effective node fluctuation sequence of each authority node, to obtain a first authority change trajectory of each terminal device in the current time period.
It can be understood that based on the methods described in the above steps S221 to S226, continuity of node fluctuation values corresponding to the authority nodes can be taken into consideration, so as to determine an effective node fluctuation sequence of each authority node according to different continuity determination results, and then connect each authority node according to sequence direction information in the effective node fluctuation sequence of each authority node, so as to accurately obtain a first authority change trajectory of each terminal device in the current time period.
Referring to fig. 6, in a possible implementation manner, the step of obtaining, from the preset database, the access right list corresponding to the device security information of each terminal device in the current time interval described in step S23 may further include the following sub-steps.
Step S2311, sequentially selecting first permission records in the database according to the information capacity.
Step S2312, determining a target permission record from a second permission record in which the size of the information capacity in the database is located before the first permission record.
Step S2313, a first permission evaluation factor of each piece of permission information in the target permission record is obtained.
Step S2314, splitting the first authority record according to the corresponding relation between the first authority evaluation factor and the preset evaluation logic of each piece of authority information to obtain an authority behavior data packet of the first authority record; and the preset evaluation logic of each piece of authority information is used for representing the access behavior of each piece of authority information, which is preset by taking the access behavior of each piece of authority information as a reference, as a reference.
Step S2315, performing permission data stream extraction on the permission behavior data packet to obtain a permission behavior sequence of each piece of permission information.
Step S2316, determining time information of a data flow direction from the permission behavior packet, and obtaining a time sequence corresponding to the time information of the data flow direction.
Step S2317, determining an access permission list corresponding to the device security information in the current time interval from the first permission record according to the time sequence and the permission behavior sequence.
When the method described in steps S2311 to S2317 is applied, the access permission list corresponding to the device security information of each terminal device in the current time interval can be accurately determined from the database, so as to provide a data basis for the subsequent steps.
Referring to fig. 7, in another example, the step of determining the second permission variation trajectory of each terminal device in the current time interval according to the access permission list in step S23 may be specifically implemented by the method described in the following sub-steps.
Step S2321, obtaining list structure information including a plurality of list units and at least one list distribution map including a plurality of list units from the access permission list, where the list distribution map and the list structure information have different permission description tracks.
Step S2322, a first information set of the target information identifier is extracted from the list structure information, and a second information set of the target information identifier is extracted from the list distribution map, where the first information set includes a plurality of first access right levels for marking the distribution region priority in the list structure information, and the second information set includes a plurality of second access right levels for marking the distribution region priority in the list distribution map.
Step S2323, the multiple first access permission levels are transferred to the list distribution map, so as to obtain multiple transfer levels.
Step S2324, a level difference distribution between the plurality of transfer levels and the plurality of second access right levels is constructed.
Step S2325, based on the level difference distribution, a level difference distribution track between a first access authority level in the list structure information and a corresponding second access authority level in the list distribution map is obtained; and weighting the grade difference distribution track according to a first time weight corresponding to a first access authority grade in the list structure information and a second time weight corresponding to a second access authority grade in the list distribution map to obtain a second authority variable track.
It can be understood that based on the contents described in the above steps S2321 to S2325, the list structure information and the list distribution map corresponding to the access authority list can be analyzed, so as to determine different access authority levels from two dimensions of the list structure information and the list distribution map. In this way, the heterogeneity of the access right list at different dimensional levels can be taken into consideration, thereby ensuring the reliability of the second right change trajectory.
On the basis of the above, in another example, the step of updating the access right of each terminal device according to the first right change trajectory or the second right change trajectory in step S24 may specifically include the following.
Step S241, obtaining an access authority list corresponding to the first authority change trajectory or the second authority change trajectory.
Step S242, generating an access right change instruction including the access right list according to the device model of each terminal device, where the access right change instruction conforms to the instruction parsing logic of each terminal device.
Step S243, issuing the access permission change instruction to each terminal device according to an adjustment weight and an adjustment ratio of the first permission change trajectory or the second permission change trajectory in each terminal device, where the adjustment weight and the adjustment ratio are used to indicate a compatibility matching probability of the first permission change trajectory or the second permission change trajectory and each corresponding terminal device.
Step S244, enabling each terminal device to update the access right of the terminal device in the current time interval according to the received corresponding access right change instruction, the adjustment weight and the adjustment ratio; the access right of the terminal device in the current time interval comprises access rights of other terminal devices and the access right verification device.
In this embodiment, based on the contents described in the above steps S241 to S244, the adjustment weight and the adjustment ratio of the first right trajectory or the second right trajectory in different terminal devices can be taken into consideration, so that different terminal devices can be updated accurately and comprehensively according to the corresponding access right change instruction.
Based on the same implementation principle, please refer to fig. 8 in combination, the embodiment of the present application further provides an access right verification device 20, which specifically includes the following functional modules.
The list obtaining module 21 is configured to obtain a device access list of each terminal device in the current time interval, and determine device security information of each terminal device in the current time interval according to a data processing record of each terminal device in the current time interval.
The information extraction module 22 is configured to extract a plurality of pieces of access object information in each device access list and authority authentication information corresponding to each piece of access object information; and determining a first authority change track of each terminal device in the current time period based on a plurality of access object information and a plurality of authority authentication information corresponding to each device access list.
The list obtaining module 23 is configured to obtain, from a preset database, an access right list corresponding to the device security information of each terminal device in the current time interval, and determine, according to the access right list, a second right change trajectory of each terminal device in the current time interval.
The authority updating module 24 is configured to determine whether the first authority change trajectory of each terminal device is consistent with the second authority change trajectory; if the access authority of each terminal device is consistent with the access authority of each terminal device, updating the access authority of each terminal device according to the first authority change track or the second authority change track; if the access authority lists are inconsistent, acquiring a third authority change track of each terminal device in the last time interval from the database according to the access authority lists, and determining historical safety information of each terminal device in the last time interval according to the third authority change track; determining whether each terminal device has abnormal access authority according to the device safety information and the historical safety information of each terminal device; if not, updating the access authority of each terminal device according to the first authority change track; if yes, updating the access authority of each terminal device according to the second authority change track.
Correspondingly, an embodiment of the present invention further provides an access right verification device 20, which specifically includes: the system comprises a processor, a memory and a network interface, wherein the memory and the network interface are connected with the processor; the network interface is connected with a nonvolatile memory in the access right verification device; when the processor is operated, the computer program is called from the nonvolatile memory through the network interface, and the computer program is operated through the memory so as to execute the method.
In another embodiment, the present application also provides a readable storage medium applied to a computer, where the readable storage medium is burned with a computer program, and the computer program implements the method when running in the memory of the access right verification device 20.
The implementation process of the functions and actions of the modules is specifically described in the implementation process of the corresponding steps in the method, and is not described herein again.
For the embodiment corresponding to the functional module, since it basically corresponds to the method embodiment, reference may be made to the partial description of the method embodiment for relevant points. The above-described embodiments of the functional modules are merely schematic, where the modules described as separate components may or may not be physically separate, and the components shown as modules may or may not be physical modules, may be located in one place, or may be distributed on multiple network modules. Some or all of the modules can be selected according to actual needs to achieve the purpose of the scheme of the application. One of ordinary skill in the art can understand and implement it without inventive effort.
Other embodiments of the present application will be apparent to those skilled in the art from consideration of the specification and practice of the invention disclosed herein. This application is intended to cover any variations, uses, or adaptations of the invention following, in general, the principles of the application and including such departures from the present disclosure as come within known or customary practice within the art to which the invention pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the application being indicated by the following claims.
Claims (10)
1. An access right verification method applied to the Internet of things is applied to an access right verification device, the access right verification device is communicated with a plurality of terminal devices, and the method at least comprises the following steps:
acquiring an equipment access list of each terminal equipment in the current time interval, and determining equipment safety information of each terminal equipment in the current time interval according to the data processing record of each terminal equipment in the current time interval;
extracting a plurality of access object information in each equipment access list and authority authentication information corresponding to each access object information; determining a first authority change track of each terminal device in the current time period based on a plurality of access object information and a plurality of authority authentication information corresponding to each device access list;
acquiring an access authority list corresponding to the device safety information of each terminal device in the current time interval from a preset database, and determining a second authority change track of each terminal device in the current time interval according to the access authority list;
judging whether the first authority change track and the second authority change track of each terminal device are consistent or not; if the access authority of each terminal device is consistent with the access authority of each terminal device, updating the access authority of each terminal device according to the first authority change track or the second authority change track; if the access authority lists are inconsistent, acquiring a third authority change track of each terminal device in the last time interval from the database according to the access authority lists, and determining historical safety information of each terminal device in the last time interval according to the third authority change track; determining whether each terminal device has abnormal access authority according to the device safety information and the historical safety information of each terminal device; if not, updating the access authority of each terminal device according to the first authority change track; if yes, updating the access authority of each terminal device according to the second authority change track.
2. The method for verifying access rights according to claim 1, wherein the obtaining of the device access list of each terminal device in the current time interval further comprises:
acquiring an access protocol thread parameter of each terminal device, and determining an access protocol weight of each terminal device according to the access protocol thread parameter; adjusting the acquisition frequency of the access right verification equipment according to the access protocol weight so that the acquisition frequency of the access right verification equipment is matched with the access protocol weight of each terminal equipment;
acquiring a thread running log of each terminal device based on the acquisition frequency, and identifying object pointing information of each terminal device in the thread running log of each terminal device; correcting the access protocol weight of each terminal device according to the pointing identification of the object pointing information and determining the effective communication record of each terminal device;
determining a communication object identifier and a plurality of groups of communication parameter information of each effective communication record corresponding to each terminal device; judging whether a first list for representing that a terminal device initiates an authority request exists in the effective communication record according to the communication object identifier, and when the first list exists in the effective communication record, determining a feature matching coefficient between each piece of communication parameter information of the effective communication record under a second list for representing that the terminal device receives the authority request and each piece of communication parameter information of the effective communication record under the first list according to the communication parameter information of the effective communication record under the first list and the information capacity of the communication parameter information, wherein the feature matching coefficient is used for representing the association degree between different pieces of communication parameter information;
transferring the communication parameter information of which the characteristic matching coefficient between the communication parameter information of the effective communication record in the second list and the communication parameter information of the effective communication record in the first list is greater than a set coefficient to the first list;
and determining authority authentication information and access object information corresponding to the effective communication record according to the communication parameter information in the first list, and generating an equipment access list according to the access object information and the authority authentication information corresponding to each terminal equipment.
3. The method for verifying access rights according to claim 2, wherein the determining device security information of each terminal device in the current time interval according to the data processing record of each terminal device in the current time interval further comprises:
determining a log file in the data processing record, and counting first text data corresponding to the log file, wherein the log file is extracted by adopting a preset log extraction thread in the data processing record, and a thread parameter corresponding to the log extraction thread is unchanged;
acquiring an equipment operating file of each terminal equipment, and calculating the text similarity between the log file and the equipment operating file according to the first text data;
if the text similarity between the log file and the equipment operation file is smaller than a preset text similarity threshold, fusing the equipment parameters of each terminal equipment with the first text data to obtain second text data;
converting the device parameters into a parameter topology of the terminal device, and splicing the structural topology of the record form corresponding to the data processing record by taking the parameter topology as a reference to obtain a first splicing result;
and screening the first splicing result according to the second text data to obtain a second splicing result, determining node safety information of each topological node and time information corresponding to each topological node in the second splicing result, and determining equipment safety information of each terminal equipment in the current time interval according to the node safety information and the time information corresponding to each topological node.
4. The method for verifying access permission according to any one of claims 1 to 3, wherein the determining a first permission change trajectory of each terminal device in a current period based on a plurality of access object information and a plurality of permission authentication information corresponding to each device access list further comprises:
generating an authority node according to each access object information in each equipment access order and authority authentication information corresponding to the access object information;
determining a node fluctuation sequence from each authority node;
judging whether the fluctuation value of each node in the node fluctuation sequence of each authority node is continuous relative to the adjacent two node fluctuation values of the node fluctuation value in the node fluctuation sequence of the authority node;
if so, determining the node fluctuation sequence determined from each authority node as an effective node fluctuation sequence of each authority node;
otherwise, carrying out weighted sum on each node fluctuation value in the node fluctuation sequence in each authority node and two adjacent node fluctuation values thereof, and determining the effective node fluctuation sequence of each authority node according to the weighted sum result;
and connecting each authority node according to the sequence direction information in the effective node fluctuation sequence of each authority node to obtain a first authority change track of each terminal device in the current time period.
5. The method for verifying access permission according to claim 1, wherein the obtaining of the access permission list corresponding to the device security information of each terminal device in the current time interval from a preset database further comprises:
sequentially selecting first authority records in the database according to the information capacity;
determining a target permission record from a second permission record in which the information capacity size in the database is positioned before the first permission record;
acquiring a first authority evaluation factor of each piece of authority information in the target authority record;
splitting the first authority record according to the corresponding relation between the first authority evaluation factor and the preset evaluation logic of each piece of authority information to obtain an authority behavior data packet of the first authority record; the preset evaluation logic of each piece of authority information is used for representing access behavior taking each piece of authority information as a reference, and the preset access behavior security detection logic of each piece of authority information is used as a reference;
performing authority data stream extraction on the authority behavior data packet to obtain an authority behavior sequence of each piece of authority information;
determining time information of a data flow direction from the authority behavior data packet to obtain a time sequence corresponding to the time information of the data flow direction;
and determining an access authority list corresponding to the equipment safety information in the current time interval from the first authority record according to the time sequence and the authority behavior sequence.
6. The method for verifying access rights according to claim 5, wherein the determining a second rights change trajectory of each terminal device in a current time interval according to the access rights list further comprises:
obtaining list structure information containing a plurality of list units and at least one list distribution diagram containing a plurality of list units from the access authority list, wherein the list distribution diagram and the list structure information have different authority description tracks;
extracting a first information set of target information identification from the list structure information and a second information set of target information identification from the list distribution map, wherein the first information set comprises a plurality of first access right levels for marking distribution region priority in the list structure information, and the second information set comprises a plurality of second access right levels for marking distribution region priority in the list distribution map;
transferring the plurality of first access permission levels to the list distribution map to obtain a plurality of transfer levels;
constructing a level difference distribution between the plurality of transfer levels and the plurality of second access right levels;
acquiring a grade difference distribution track between a first access authority grade in the list structure information and a corresponding second access authority grade in the list distribution map based on the grade difference distribution; and weighting the grade difference distribution track according to a first time weight corresponding to a first access authority grade in the list structure information and a second time weight corresponding to a second access authority grade in the list distribution map to obtain a second authority variable track.
7. An access right verifying device applied to the internet of things, the access right verifying device being in communication with a plurality of terminal devices, the access right verifying device at least comprising:
the list acquisition module is used for acquiring an equipment access list of each terminal equipment in the current time interval and determining the equipment safety information of each terminal equipment in the current time interval according to the data processing record of each terminal equipment in the current time interval;
the information extraction module is used for extracting a plurality of access object information in each equipment access list and authority authentication information corresponding to each access object information; determining a first authority change track of each terminal device in the current time period based on a plurality of access object information and a plurality of authority authentication information corresponding to each device access list;
the list acquisition module is used for acquiring an access authority list corresponding to the device safety information of each terminal device in the current time interval from a preset database, and determining a second authority change track of each terminal device in the current time interval according to the access authority list;
the authority updating module is used for judging whether the first authority change track and the second authority change track of each terminal device are consistent or not; if the access authority of each terminal device is consistent with the access authority of each terminal device, updating the access authority of each terminal device according to the first authority change track or the second authority change track; if the access authority lists are inconsistent, acquiring a third authority change track of each terminal device in the last time interval from the database according to the access authority lists, and determining historical safety information of each terminal device in the last time interval according to the third authority change track; determining whether each terminal device has abnormal access authority according to the device safety information and the historical safety information of each terminal device; if not, updating the access authority of each terminal device according to the first authority change track; if yes, updating the access authority of each terminal device according to the second authority change track.
8. An access right verifying apparatus applied to the internet of things, comprising:
a processor, and
a memory and a network interface connected with the processor;
the network interface is connected with a nonvolatile memory in the access right verification device;
the processor, when running, retrieves a computer program from the non-volatile memory via the network interface and runs the computer program via the memory to perform the method of any of claims 1-6 above.
9. A readable storage medium applied to a computer, wherein the readable storage medium is burned with a computer program, and the computer program realizes the method of any one of the above claims 1 to 6 when the computer program runs in a memory of an access right verification device.
10. An access right verification system applied to the Internet of things is characterized by comprising an access right verification device and a plurality of terminal devices, wherein the access right verification device is communicated with the plurality of terminal devices;
the terminal equipment is used for generating an equipment access list in real time during running;
the access authority verification device is used for acquiring a device access list of each terminal device in the current time interval and determining device safety information of each terminal device in the current time interval according to the data processing record of each terminal device in the current time interval; extracting a plurality of access object information in each equipment access list and authority authentication information corresponding to each access object information; determining a first authority change track of each terminal device in the current time period based on a plurality of access object information and a plurality of authority authentication information corresponding to each device access list; acquiring an access authority list corresponding to the device safety information of each terminal device in the current time interval from a preset database, and determining a second authority change track of each terminal device in the current time interval according to the access authority list; judging whether the first authority change track and the second authority change track of each terminal device are consistent or not; if the access authority of each terminal device is consistent with the access authority of each terminal device, updating the access authority of each terminal device according to the first authority change track or the second authority change track; if the access authority lists are inconsistent, acquiring a third authority change track of each terminal device in the last time interval from the database according to the access authority lists, and determining historical safety information of each terminal device in the last time interval according to the third authority change track; determining whether each terminal device has abnormal access authority according to the device safety information and the historical safety information of each terminal device; if not, updating the access authority of each terminal device according to the first authority change track; if yes, updating the access authority of each terminal device according to the second authority change track.
Priority Applications (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011064124.8A CN112231680A (en) | 2020-03-16 | 2020-03-16 | Access right verification method and device based on Internet of things |
| CN202010179700.7A CN111400758B (en) | 2020-03-16 | 2020-03-16 | Access right verification method, device and system applied to Internet of things |
| CN202011064125.2A CN112231681A (en) | 2020-03-16 | 2020-03-16 | Access right verification method and system based on Internet of things |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010179700.7A CN111400758B (en) | 2020-03-16 | 2020-03-16 | Access right verification method, device and system applied to Internet of things |
Related Child Applications (2)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011064125.2A Division CN112231681A (en) | 2020-03-16 | 2020-03-16 | Access right verification method and system based on Internet of things |
| CN202011064124.8A Division CN112231680A (en) | 2020-03-16 | 2020-03-16 | Access right verification method and device based on Internet of things |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111400758A CN111400758A (en) | 2020-07-10 |
| CN111400758B true CN111400758B (en) | 2020-12-11 |
Family
ID=71430785
Family Applications (3)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010179700.7A Active CN111400758B (en) | 2020-03-16 | 2020-03-16 | Access right verification method, device and system applied to Internet of things |
| CN202011064124.8A Withdrawn CN112231680A (en) | 2020-03-16 | 2020-03-16 | Access right verification method and device based on Internet of things |
| CN202011064125.2A Withdrawn CN112231681A (en) | 2020-03-16 | 2020-03-16 | Access right verification method and system based on Internet of things |
Family Applications After (2)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011064124.8A Withdrawn CN112231680A (en) | 2020-03-16 | 2020-03-16 | Access right verification method and device based on Internet of things |
| CN202011064125.2A Withdrawn CN112231681A (en) | 2020-03-16 | 2020-03-16 | Access right verification method and system based on Internet of things |
Country Status (1)
| Country | Link |
|---|---|
| CN (3) | CN111400758B (en) |
Families Citing this family (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111866995B (en) * | 2020-07-26 | 2021-01-19 | 广云物联网科技(广州)有限公司 | WeChat applet-based intelligent device network distribution method and system |
| CN112597477A (en) * | 2020-08-02 | 2021-04-02 | 姚晓红 | Information processing method combining cloud computing and intelligent device interaction and cloud server |
| CN112488247A (en) * | 2020-08-06 | 2021-03-12 | 蔡淦祺 | Information processing method combining live webcasting and online e-commerce delivery and cloud server |
| CN112116350B (en) * | 2020-09-07 | 2021-11-23 | 上海勒微科技有限公司 | Payment network environment detection method applied to block chain payment and network server |
| CN112069242B (en) * | 2020-09-14 | 2021-10-01 | 营口国申网络科技有限公司 | Data processing method based on big data and cloud computing and big data service platform |
| CN115103456B (en) * | 2022-04-28 | 2023-08-18 | 成都交投智慧停车产业发展有限公司 | PDA intelligent docking method and intelligent docking system |
| CN116614314B (en) * | 2023-07-19 | 2023-09-22 | 北京鸿迪鑫业科技有限公司 | User grading method based on network security |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1367470A2 (en) * | 2002-05-29 | 2003-12-03 | Hitachi High-Technologies Corporation | System and method for on-line diagnostics |
| WO2006095592A1 (en) * | 2005-03-08 | 2006-09-14 | Matsushita Electric Industrial Co., Ltd. | Access control device |
| CN103870755A (en) * | 2012-12-10 | 2014-06-18 | 广东欧珀移动通信有限公司 | Method and device for transferring files between multiple users of same electronic device |
| CN104715175A (en) * | 2015-03-23 | 2015-06-17 | 浪潮集团有限公司 | Computer system safety protection method and device |
| CN104765341A (en) * | 2015-02-11 | 2015-07-08 | 苏州大学 | Air purifier control system based on Internet of Things technology |
| CN106407757A (en) * | 2015-08-10 | 2017-02-15 | 阿里巴巴集团控股有限公司 | Access right processing method, apparatus and system for database |
| CN106778303A (en) * | 2016-12-07 | 2017-05-31 | 腾讯科技(深圳)有限公司 | Delegated strategy optimization method and delegated strategy optimization device |
| CN106778128A (en) * | 2016-11-30 | 2017-05-31 | 广东欧珀移动通信有限公司 | Information protecting method, device and terminal |
| CN108205621A (en) * | 2017-11-28 | 2018-06-26 | 珠海格力电器股份有限公司 | Authority distributing method and device |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8907763B2 (en) * | 2010-12-02 | 2014-12-09 | Viscount Security Systems Inc. | System, station and method for mustering |
-
2020
- 2020-03-16 CN CN202010179700.7A patent/CN111400758B/en active Active
- 2020-03-16 CN CN202011064124.8A patent/CN112231680A/en not_active Withdrawn
- 2020-03-16 CN CN202011064125.2A patent/CN112231681A/en not_active Withdrawn
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1367470A2 (en) * | 2002-05-29 | 2003-12-03 | Hitachi High-Technologies Corporation | System and method for on-line diagnostics |
| WO2006095592A1 (en) * | 2005-03-08 | 2006-09-14 | Matsushita Electric Industrial Co., Ltd. | Access control device |
| CN103870755A (en) * | 2012-12-10 | 2014-06-18 | 广东欧珀移动通信有限公司 | Method and device for transferring files between multiple users of same electronic device |
| CN104765341A (en) * | 2015-02-11 | 2015-07-08 | 苏州大学 | Air purifier control system based on Internet of Things technology |
| CN104715175A (en) * | 2015-03-23 | 2015-06-17 | 浪潮集团有限公司 | Computer system safety protection method and device |
| CN106407757A (en) * | 2015-08-10 | 2017-02-15 | 阿里巴巴集团控股有限公司 | Access right processing method, apparatus and system for database |
| CN106778128A (en) * | 2016-11-30 | 2017-05-31 | 广东欧珀移动通信有限公司 | Information protecting method, device and terminal |
| CN106778303A (en) * | 2016-12-07 | 2017-05-31 | 腾讯科技(深圳)有限公司 | Delegated strategy optimization method and delegated strategy optimization device |
| CN108205621A (en) * | 2017-11-28 | 2018-06-26 | 珠海格力电器股份有限公司 | Authority distributing method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112231681A (en) | 2021-01-15 |
| CN111400758A (en) | 2020-07-10 |
| CN112231680A (en) | 2021-01-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111400758B (en) | Access right verification method, device and system applied to Internet of things | |
| Falco et al. | IIoT cybersecurity risk modeling for SCADA systems | |
| Sommestad et al. | The cyber security modeling language: A tool for assessing the vulnerability of enterprise system architectures | |
| CN103368904A (en) | Mobile terminal, and system and method for suspicious behavior detection and judgment | |
| CN103927483A (en) | Decision model used for detecting malicious programs and detecting method of malicious programs | |
| CN111385309B (en) | Security detection method, system and terminal for online office equipment | |
| CN113114618B (en) | Internet of things equipment intrusion detection method based on traffic classification recognition | |
| CN112214518B (en) | Block chain-based geospatial basic data sharing method and system | |
| CN112613599A (en) | Network intrusion detection method based on generation countermeasure network oversampling | |
| CN116821750A (en) | Data security risk monitoring traceability system based on artificial intelligence | |
| CN113312417B (en) | Data processing method applied to big data and cloud computing and big data service platform | |
| CN106961441B (en) | User dynamic access control method for Hadoop cloud platform | |
| Rumez et al. | Anomaly detection for automotive diagnostic applications based on N-grams | |
| CN114006735B (en) | Data protection method, device, computer equipment and storage medium | |
| CN113010909A (en) | Data security classification method and device for scientific data sharing platform | |
| CN116170199A (en) | Equipment access verification system based on gateway of Internet of things | |
| CN116032652A (en) | Gateway authentication method and system based on intelligent interactive touch panel | |
| Kulik et al. | Security verification of industrial control systems using partial model checking | |
| CN111935089B (en) | Data processing method based on big data and edge calculation and artificial intelligence server | |
| CN112291264B (en) | Security control method, device, server and storage medium | |
| CN114862372A (en) | Intelligent education data tamper-proof processing method and system based on block chain | |
| Berghoff et al. | Towards auditable ai systems | |
| CN114816964B (en) | Risk model construction method, risk detection device and computer equipment | |
| CN113949578B (en) | Automatic detection method and device for unauthorized loopholes based on flow and computer equipment | |
| CN111385342A (en) | Internet of things industry identification method and device, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information |
Address after: No.1502, 12 / F, building 6, Tanhua Shanshui garden, Panlong District, Kunming City, Yunnan Province 650051 Applicant after: Shen Shoujuan Address before: Room 406, building a, Weifang Software Park, No. 10179, Jiankang East Street, Kuiwen District, Weifang City, Shandong Province Applicant before: Shen Shoujuan |
|
| CB02 | Change of applicant information | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20201106 Address after: 100083 a-1603, floor 13, building 1, No. 18, Zhongguancun East Road, Haidian District, Beijing Applicant after: Beijing luoan Technology Co.,Ltd. Address before: No.1502, 12 / F, building 6, Tanhua Shanshui garden, Panlong District, Kunming City, Yunnan Province 650051 Applicant before: Shen Shoujuan |
|
| TA01 | Transfer of patent application right | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |