CN111415012B - Security policy recommendation method and device for intelligent device and electronic device - Google Patents
Security policy recommendation method and device for intelligent device and electronic device Download PDFInfo
- Publication number
- CN111415012B CN111415012B CN202010193317.7A CN202010193317A CN111415012B CN 111415012 B CN111415012 B CN 111415012B CN 202010193317 A CN202010193317 A CN 202010193317A CN 111415012 B CN111415012 B CN 111415012B
- Authority
- CN
- China
- Prior art keywords
- security policy
- loss probability
- intelligent
- data
- owner
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N20/00—Machine learning
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N20/00—Machine learning
- G06N20/10—Machine learning using kernel methods, e.g. support vector machines [SVM]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/08—Learning methods
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N7/00—Computing arrangements based on specific mathematical models
- G06N7/01—Probabilistic graphical models, e.g. probabilistic networks
Abstract
One or more embodiments of the present specification provide a method, an apparatus, and an electronic device for recommending a security policy of an intelligent device; the method comprises the following steps: acquiring intelligent equipment characteristic data and owner characteristic data, accurately describing the characteristics of intelligent equipment and an owner of the intelligent equipment through the intelligent equipment characteristic data and the owner characteristic data, and further generating a characteristic vector of the intelligent equipment according to the intelligent equipment characteristic data and the owner characteristic data; obtaining the loss probability of the intelligent equipment according to the feature vector and a loss probability prediction model trained in advance; and recommending a security policy according to the loss probability.
Description
Technical Field
One or more embodiments of the present disclosure relate to the technical field of artificial intelligence, and in particular, to a method and an apparatus for recommending a security policy of an intelligent device, and an electronic device.
Background
With the rapid development of internet technology and intelligent device technology, intelligent devices have become necessities in people's lives. In daily use, in order to ensure the property safety of the intelligent device and the owner thereof when the intelligent device is lost, various forms of security policies applied to the intelligent device are widely applied, such as biometric authentication, short message authentication, and the like.
However, the existing security policies are recommended in the same way for different smart device owners, which seriously affects the accuracy of the recommended security policies, the security assurance effect of the security policies, and the usage efficiency.
Disclosure of Invention
In view of this, one or more embodiments of the present disclosure are directed to a method and an apparatus for recommending a security policy of an intelligent device, and an electronic device.
In view of the above, one or more embodiments of the present specification provide a security policy recommendation method for an intelligent device, including:
acquiring intelligent equipment characteristic data and owner characteristic data;
generating a feature vector of the intelligent equipment according to the feature data of the intelligent equipment and the feature data of the owner;
obtaining the loss probability of the intelligent equipment according to the feature vector and a pre-trained loss probability prediction model;
and recommending a security policy according to the loss probability.
Based on the same inventive concept, one or more embodiments of the present specification further provide a security policy recommendation apparatus for an intelligent device, including:
an acquisition module configured to acquire smart device characteristic data and owner characteristic data;
a generating module configured to generate a feature vector of the smart device according to the smart device feature data and the owner feature data;
the prediction module is configured to obtain the loss probability of the intelligent equipment according to the feature vector and a pre-trained loss probability prediction model;
and the recommending module is configured to recommend the security policy according to the loss probability.
Based on the same inventive concept, one or more embodiments of the present specification further provide an electronic device, which includes a memory, a processor, and a computer program stored on the memory and executable on the processor, and the processor implements the method as described in any one of the above items when executing the program.
As can be seen from the foregoing, the security policy recommendation method and apparatus for an intelligent device and the electronic device provided in one or more embodiments of the present disclosure accurately depict characteristics of the intelligent device and its owner through intelligent device characteristic data and owner characteristic data, determine a loss probability of the intelligent device through an artificial intelligence manner, and perform personalized and targeted security policy recommendation based on the loss probability, thereby effectively improving accuracy of the security policy, security guarantee effect of the security policy, and use efficiency of the security policy.
Drawings
In order to more clearly illustrate one or more embodiments or technical solutions in the prior art in the present specification, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are only one or more embodiments of the present specification, and that other drawings can be obtained by those skilled in the art without inventive effort from these drawings.
Fig. 1 is a flowchart of a security policy recommendation method of an intelligent device according to one or more embodiments of the present disclosure;
fig. 2 is a flowchart illustrating steps of managing transaction requests of a smart device according to one or more embodiments of the present disclosure;
fig. 3 is a schematic structural diagram of a security policy recommendation apparatus of an intelligent device according to one or more embodiments of the present disclosure;
fig. 4 is a schematic structural diagram of an electronic device according to one or more embodiments of the present disclosure.
Detailed Description
For the purpose of promoting a better understanding of the objects, aspects and advantages of the present disclosure, reference is made to the following detailed description taken in conjunction with the accompanying drawings.
It is to be noted that unless otherwise defined, technical or scientific terms used in one or more embodiments of the present specification should have the ordinary meaning as understood by those of ordinary skill in the art to which this disclosure belongs. The use of "first," "second," and similar terms in one or more embodiments of the specification is not intended to indicate any order, quantity, or importance, but rather is used to distinguish one element from another. The word "comprising" or "comprises", and the like, means that the element or item preceding the word covers the element or item listed after the word and its equivalents, but does not exclude other elements or items.
As described in the background section, in the prior art, in the recommendation of the security policy of the smart device, it is impossible to adopt the same security policy recommendation method for different smart device owners, that is, it is impossible to implement personalized recommendation, which causes a problem that the accuracy of the current security policy recommendation is low, and further the security guarantee effect and the use efficiency of the security policy are poor.
Specifically, for an application scenario of security assurance under the condition that the intelligent device is lost, the problem caused by the fact that personalized recommendation cannot be realized is obvious. For example, for an intelligent device with a high market value, the potential loss probability is high, and when the security policy recommendation is performed on the intelligent device, if only the security policies with low security levels such as password authentication and gesture authentication are recommended, the security policies are easy to break, and obviously, the security of the intelligent device when the intelligent device is lost cannot be effectively guaranteed. For example, for a case where the activity range is small at ordinary times, such as when the owner of the smart device is fully active near the residence, if the recommended security policy is a security policy with a higher security level, such as third party authentication and digital certificate medium authentication, the owner of the smart device needs to perform authentication in a troublesome manner when using the smart device, which causes inconvenience and complication in operation. The above situations all result in lower accuracy of the recommendation of the existing security policy, and poor security guarantee effect and use efficiency of the security policy.
In view of the above problems in the prior art, one or more embodiments of the present specification provide a technical solution for recommending a security policy of an intelligent device. Specifically, the characteristics of the intelligent device and the owner of the intelligent device are accurately described through data related to the intelligent device or data related to the owner of the intelligent device, the loss probability of the intelligent device is determined in an artificial intelligence mode, personalized and targeted safety strategy recommendation is carried out based on the loss probability, and the problems in the prior art are solved.
Hereinafter, the technical means of the present disclosure will be described in further detail with reference to specific examples.
First, one or more embodiments of the present specification propose a security policy recommendation method for an intelligent device. Referring to fig. 1, the method for recommending security policies of an intelligent device includes the following steps:
and S101, acquiring intelligent equipment characteristic data and owner characteristic data.
In this step, first, the intelligent device feature data and the owner feature data are obtained, and the loss probability of the intelligent device is predicted subsequently based on the intelligent device feature data and the owner feature data. The intelligent device can be mobile intelligent devices such as a mobile phone, a tablet personal computer, an intelligent watch and intelligent glasses or wearable intelligent devices.
The smart device feature data is data reflecting features such as attributes and states of the smart device. Specifically, the smart device characteristic data may be price data, idle time data, historical location data, brand data, operating system data, specification and size data, and the like of the smart device.
The owner feature data is data reflecting features such as attributes, states, and usage habits of the owner of the smart device. Specifically, the owner characteristic data may be identity data, age data, gender data, replacement smart device frequency data, and the like of the owner of the smart device.
In a specific implementation process, specific contents included in the smart device feature data and the owner feature data can be selected according to needs.
Optionally, the smart device feature data includes: at least one of price data, idle time data, historical location data; the owner profile data includes: at least one of identity data and replacement intelligent device frequency data.
The price data is data reflecting market prices of the intelligent devices, and can reflect values of the intelligent devices, namely, if the price data is large, the values of the intelligent devices are high, and if the price data is small, the values of the intelligent devices are low. For the influence of the loss probability, the value is considered to be higher, so that the potential loss probability is higher, and the value is lower, so that the potential loss probability is lower. In this embodiment, the acquisition route of the price data is not specifically limited, and may be actively uploaded by the owner of the intelligent device; or may be obtained from an external data source, such as obtaining a purchase record of the smart device, obtaining sales information of the smart device, and the like.
The idle time data is data reflecting the length of time that the smart device is in an unused idle state. For the influence of the loss probability, the potential loss probability is small if the idle time is long, and the potential loss probability is large if the idle time is short. In this embodiment, the acquisition route of the price data is not specifically limited, and may be actively uploaded by the owner of the intelligent device; the monitoring of the intelligent device may be performed, for example, by monitoring the power-on state of the intelligent device, if the intelligent device is powered on for a long time, the intelligent device is in an idle state, or by monitoring the position information of the intelligent device, if the position information is not changed for a long time, the intelligent device is in an idle state.
The historical location data is data reflecting locations where the smart device has historically appeared. Specifically, it is recorded whether the smart device appears in a place or place where the smart device is prone to be lost within a predetermined time period, such as a station, a mall, or the like. For the influence of the loss probability, if the intelligent device is found in a place or a place where the intelligent device is likely to be lost, the potential loss probability is high, and if the intelligent device is not found in a place or a place where the intelligent device is likely to be lost, the potential loss probability is low. Generally, the historical location data can be obtained through a positioning function of the intelligent device. Furthermore, historical location data may also be obtained by other means, such as historical travel information, historical search records relating to locations, and the like.
The owner identity data refers to data reflecting the identity of the owner of the intelligent device. In particular, it means that the owner of the smart device belongs to a certain identity, such as a merchant or an individual. For the influence of the loss probability, when the owner of the intelligent device is a merchant, more people are contacted with the owner of the intelligent device, the potential loss probability is higher, and when the owner of the intelligent device is a person, the potential loss probability is lower. In this embodiment, the obtaining way of the owner identity data is not specifically limited, and the owner identity data can be obtained by uploading by a user; and the information can be obtained by other data sources, such as registration information of a network platform, national identity information counted by a government department, and the like.
The owner replacement smart device frequency data is data that reflects the number of times that the owner of the smart device has historically replaced different smart devices. For the influence of the loss probability, the potential loss probability is higher if the number of times of replacing the intelligent device is more, and the potential loss probability is lower if the number of times of replacing the intelligent device is less. In the embodiment, the acquisition way of the frequency data of the intelligent equipment replaced by the owner is not specifically limited, and the frequency data can be acquired by uploading by a user; the information can also be obtained through other data sources, such as purchase records of the intelligent device, registration records of the intelligent device and the like.
In the implementation process, the smart device feature data and the owner feature data may use only a part of the above five kinds of data, or may use all the above five kinds of data. In this embodiment and other embodiments that follow, the above-mentioned five data are used simultaneously as an example for explanation.
And S102, generating a feature vector of the intelligent equipment according to the intelligent equipment feature data and the owner feature data.
In this step, a feature vector corresponding to the smart device is generated based on the smart device feature data and the owner feature data acquired in the previous step, and the feature vector is used as an input of a loss probability prediction model in the subsequent prediction step.
Specifically, for price data, idle time data, historical position data, owner identity data and owner replacement intelligent device frequency data, respective corresponding characteristic values, namely a price characteristic value, an idle time characteristic value, a historical position characteristic value, an identity characteristic value and a replacement frequency characteristic value, are respectively determined.
And for the price data, the corresponding price characteristic value is the numerical value of the price of the intelligent equipment. For example, if the market price of the smart device is 5000, the price characteristic value is 5000.
For the idle time data, the corresponding idle time characteristic value is the time length value of the intelligent device in the idle state, and time units such as days, months, years and the like can be set as required. For example, in month unit, the smart device is already in the idle state for 6 months, and the idle time characteristic value is 6.
For historical position data, the corresponding historical position characteristic value can be represented by a vector. The positions of the elements in the vector represent specific locations or places, and the values of the elements represent whether the elements are present at the corresponding locations or places. As one example, the historical location feature value may be expressed as (place) 1 ,…,place N ) That is, N locations or sites are present. Wherein, the value of each element is 1 or 0; a value of 1 indicates that the smart device has occurred there and a value of 0 indicates that it has not.
For the owner identity data, the corresponding identity characteristic value can be represented by a vector. The position of an element in the vector represents an identity, and the value of the element represents whether the owner of the intelligent device is the identity. As one example, the identity characteristic value may be expressed as (status) 1 ,…,status N ) I.e. N identities are represented. Wherein each element takes the value of 1 or 0; a value of 1 indicates that the owner of the smart device is the identity, and a value of 0 indicates that the owner of the smart device is not the identity.
And for the frequency data of the intelligent equipment replaced by the owner, the corresponding replacement frequency characteristic value is the historical replacement frequency of the intelligent equipment of the owner of the intelligent equipment. For example, if the owner of the smart device uses a total of 5 other smart devices before the smart device currently used, the replacement frequency characteristic value is 5.
And when the characteristic vector is generated, combining the price characteristic value, the idle time characteristic value, the historical position characteristic value, the identity characteristic value and the replacement frequency characteristic value into one vector to obtain the characteristic vector of the intelligent device.
A more specific example is given below. The places or places where the history of the intelligent equipment appears are set to be two, namely places 1 : station and place 2 : a shopping mall. The identity of the owner of the intelligent equipment is set to two kinds, namely status 1 : merchant and status 2 : an individual. Specifically, for an intelligent device, its market price is 5000; the smart device has been idle for 6 months; the intelligent device never appears at a station but appears in a shopping mall; the identity of the owner of the intelligent device is personal and not a merchant; the owner of the smart device has historically exchanged his smart device 5 times. Then, according to the feature data of the intelligent device and the feature data of the owner, the feature vector of the intelligent device is: (5000,6,0,1,0,1,5).
And S103, obtaining the loss probability of the intelligent equipment according to the feature vector and a loss probability prediction model trained in advance.
In this step, the loss probability of the smart device is predicted by a loss probability prediction model based on the feature vector of the smart device obtained in the previous step.
In this embodiment, the loss probability prediction model is obtained by using a large number of pieces of intelligent device feature data and owner feature data of different intelligent devices obtained in the same or similar obtaining manner and construction method in the foregoing steps as a training set, and training an initial machine learning model based on the training set by using a predetermined machine learning algorithm. Wherein, the predetermined machine learning algorithm may be selected from one or more of a naive bayes algorithm, a decision tree algorithm, a support vector machine algorithm, a K-nearest neighbor (kNN) algorithm, a neural network algorithm, a deep learning algorithm, and a logistic regression algorithm, according to specific implementation requirements.
For the loss probability prediction model, for an input feature vector of the intelligent device, a value between 0 and 1 can be output, and the value is the loss probability of the intelligent device.
And step S104, recommending the security policy according to the loss probability.
In this step, a security policy is recommended to the intelligent device according to the loss probability of the intelligent device obtained in the previous step.
The security policy is a processing flow capable of verifying the smart device or the owner of the smart device to determine the validity of the smart device. Common security strategies are: password authentication, gesture authentication, biometric authentication, digital certificate medium authentication, third party authentication, and the like. The security policy also has a high or low security score according to its operation.
Password authentication and gesture authentication are conventional and necessary security strategies, but generally, the password authentication and the gesture authentication are easy to crack and have low security.
Compared with the conventional password verification and gesture verification, the biometric verification is not easy to crack, and the security is moderate. The biological characteristics referred to in the present embodiment may include, for example, eye prints, voice prints, fingerprints, palm prints, heart beats, pulse, chromosomes, DNA, human teeth bites, and the like. Wherein the eye pattern may include biological features of the iris, sclera, etc.
The third party authentication and the digital certificate medium authentication are difficult to crack by conventional means, and have higher security. Third party authentication requires authentication of the current device, such as a common emergency contact, through a valid third party account or third party device. The digital certificate medium verification, namely the general U shield, adopts high-strength information encryption, digital authentication and digital signature technology, has non-replicability, and can effectively prevent payment risks.
It should be noted that, since the password authentication and the gesture authentication are conventional and necessary security policies for the smart device, when the security policy is recommended according to the loss probability of the smart device in this embodiment, the security policy is selected from the group consisting of third party authentication, digital certificate medium authentication, and biometric authentication.
In this embodiment, the loss probability of the smart device is a value between 0 and 1, so that the security policy is recommended according to the loss probability. When the loss probability is higher, the intelligent equipment is indicated to be easy to lose, so that a security policy with higher security is recommended to the intelligent equipment, and the security of the intelligent equipment is guaranteed through the security policy with higher security; correspondingly, when the loss probability is lower, the intelligent equipment is not easy to lose, so that a safety strategy with lower safety is recommended to the intelligent equipment, a complicated verification process caused by the safety strategy with higher safety is prevented, and the use efficiency is improved.
As an example, the theoretical value range [0-1] of the loss probability is divided into three intervals, specifically: a first interval: [0.8-1], a second interval [0.4-0.8) and a third interval [ 0-0.4).
And when the loss probability falls into the first interval, namely, the loss probability is more than or equal to 0.8 and less than or equal to 1, judging that the intelligent equipment is very easy to lose, and recommending a security policy with the highest security, namely, at least one of third party authentication and digital certificate medium authentication.
And when the loss probability falls into the second interval, namely, the loss probability is greater than or equal to 0.4 and less than 0.8, judging that the intelligent equipment is easy to lose, and recommending a safety strategy with medium safety, namely, biological feature verification.
When the loss probability falls into the third interval, namely, the loss probability is greater than or equal to 0 and less than 0.4, the intelligent device is judged not to be lost easily, the third party authentication, the digital certificate medium authentication, the biological characteristic authentication and the like are not recommended, only the default password authentication and the default gesture authentication are used, and even no security policy is recommended.
It should be noted that the above-mentioned division of the loss probability interval and the recommendation of the corresponding security policy are only examples, and in the specific implementation process, the loss probability interval and the corresponding security policy may be set according to specific needs.
It can be seen that, in the method for recommending a security policy of an intelligent device according to one or more embodiments of the present specification, the characteristics of the intelligent device and its owner are accurately depicted by price data, idle time data, historical position data, owner identity data, and owner replacement frequency data of the intelligent device, the loss probability of the intelligent device is determined in an artificial intelligence manner, and personalized and targeted security policy recommendation is performed based on the loss probability, so that the accuracy of the security policy, the security assurance effect of the security policy, and the use efficiency of the security policy are effectively improved.
As an optional embodiment, referring to fig. 2, after obtaining the loss probability of the smart device, the method further includes a step of managing and controlling a transaction request of the smart device, which specifically includes:
step S201, responding to a payment request initiated by the intelligent equipment, and acquiring a payment amount corresponding to the payment request.
In this embodiment, when the intelligent device performs the payment service, the intelligent device performs security control on the intelligent device. Specifically, when a payment request is initiated by the smart device, as a key parameter of the payment service, the payment amount related to the payment service is generally recorded in the payment request. Therefore, in this step, in response to the payment request initiated by the intelligent device, the payment amount corresponding to the payment request is obtained.
The technical carrier involved in the payment request may include Near Field Communication (NFC), WIFI, 3G/4G/5G, POS machine card swiping technology, two-dimensional code scanning technology, barcode scanning technology, bluetooth, infrared, Short Message Service (SMS), Multimedia Message Service (MMS), and the like, for example.
And S202, carrying out safety processing on the payment request according to the loss probability and the payment amount.
In this step, the two elements jointly determine the security processing to the payment request according to the loss probability of the smart device obtained by the loss probability prediction model and the payment amount obtained according to the payment request. Specifically, for a payment request with a high loss probability and a high payment amount of the intelligent device, it is determined that the payment request is most likely to be operated by an illegal person after the intelligent device is lost, so that the strictest security processing should be adopted, such as directly intercepting the payment request, or directly freezing an account related to the payment request; and judging that the payment request is normal payment for the payment request with smaller loss probability and smaller payment amount of the intelligent equipment, so that normal safety processing is adopted, such as the payment request is directly released, or a safety strategy with general safety is adopted, such as the release after password verification, gesture verification and biological feature verification. And for the payment request with moderate loss probability and payment amount, after the payment request can be verified through the security policy, intercepting or releasing the payment request according to the verification result.
As an example, in the first section in the foregoing embodiment: 0.8-1), a second interval 0.4-0.8) and a third interval 0-0.4) further consider the payment amount. The payment amount is also divided into three amount intervals correspondingly, wherein the first amount interval is as follows: 10000-infinity), a second monetary interval 6000-10000) and a third monetary interval (0-6000).
And when the loss probability falls into the first interval and the payment amount falls into the first amount interval, judging that the current risk is extremely large, and adopting safety processing for intercepting the payment request.
When the loss probability falls into the second interval and the payment amount falls into the second amount interval, the current risk is judged to be larger, so that blocked safety treatment is adopted as follows: verifying through at least one security policy of the third party verification, the digital certificate medium verification and the biological characteristic verification; and if the verification is passed, the payment request is released, otherwise, the payment request is intercepted.
And when the loss probability falls into the third interval and the payment amount falls into the third amount interval, judging that the current risk is lower, and allowing the payment request to pass.
It should be noted that the division of the money amount interval and the corresponding loss probability interval, and the corresponding specific security processing are only examples, and in the specific implementation process, the division and the corresponding specific security processing may be flexibly set according to specific needs.
Further, as an optional embodiment, on the basis of the foregoing embodiment of performing security processing on the payment request according to the loss probability and the payment amount, whether an occurrence or an abnormal event occurs in the smart device may be further considered. The method specifically comprises the following steps:
carrying out abnormal event detection on the intelligent equipment to obtain an abnormal event detection result;
and carrying out safety processing on the payment request according to the loss probability, the payment amount and the abnormal event detection result.
The abnormal events comprise remote login, password recovery, verification failure and the like. And recording whether the intelligent equipment has the abnormal event or not according to the abnormal event detection result.
Correspondingly, when the payment request is subjected to security processing, the security processing required to be adopted is jointly judged through the loss probability, the payment amount and the abnormal event detection result. If the abnormal event detection result indicates that the intelligent device has an abnormal event, the corresponding current risk is higher, and stricter safety processing can be adopted.
For example, on the basis of the foregoing example, when the loss probability falls in the third interval, the payment amount falls in the third interval, and the abnormal event detection result indicates that the intelligent device has an abnormal event, the corresponding security processing may be stricter, the release payment request is verified by the foregoing security policy, and the corresponding security processing is performed according to the verification result. And when the loss probability falls into the second interval, the payment amount falls into the second interval and the abnormal event detection result shows that the intelligent equipment has an abnormal event, adopting stricter safety processing, namely intercepting the payment request.
Therefore, according to the safety strategy recommendation method for the intelligent device, after the loss probability of the intelligent device is obtained, the payment request of the intelligent device is further subjected to safety control according to the loss probability and the transaction amount, and the safety guarantee effect of the intelligent device when the intelligent device is lost is effectively improved.
It will be appreciated that the method of one or more embodiments of the present description may be performed by a single device, such as a computer or server. The method of the embodiment can also be applied to a distributed scene and completed by the mutual cooperation of a plurality of devices. In such a distributed scenario, one of the devices may perform only one or more steps of the method of one or more embodiments of the present disclosure, and the devices may interact with each other to complete the method.
The foregoing description has been directed to specific embodiments of this disclosure. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims may be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing may also be possible or may be advantageous.
Based on the same inventive concept, one or more embodiments of the present specification further provide a security policy recommendation apparatus for an intelligent device. Referring to fig. 3, the security policy recommendation apparatus for an intelligent device includes:
an obtaining module 301 configured to obtain smart device feature data and owner feature data;
a generating module 302 configured to generate a feature vector of the smart device according to the smart device feature data and the owner feature data;
a prediction module 303, configured to obtain a loss probability of the smart device according to the feature vector and a loss probability prediction model trained in advance;
and the recommending module 304 is configured to recommend the security policy according to the loss probability.
As an optional embodiment, the smart device feature data includes: at least one of price data, idle time data, historical location data; the owner profile data includes: at least one of identity data and replacement intelligent device frequency data.
As an optional embodiment, the security policy includes: at least one of third party authentication, digital certificate media authentication, biometric authentication.
As an optional embodiment, the theoretical value range of the loss probability is divided into a first interval, a second interval and a third interval from large to small; the recommending module 304 is specifically configured to recommend the security policy if the loss probability falls within the first interval; the security policy comprises at least one of third party authentication and digital certificate medium authentication; if the loss probability falls into the second interval, recommending the security strategy; the security policy comprises biometric verification; if the loss probability falls into the third interval, the security policy is not recommended.
As an optional embodiment, the apparatus further comprises: the management and control module is configured to respond to a payment request initiated by the intelligent device and acquire a payment amount corresponding to the payment request; and carrying out safe processing on the payment request according to the loss probability and the payment amount.
As an optional embodiment, the management and control module is specifically configured to perform abnormal event detection on the intelligent device to obtain an abnormal event detection result; and carrying out safety processing on the payment request according to the loss probability, the payment amount and the abnormal event detection result.
As an optional embodiment, the security process includes: and releasing the payment request, intercepting the payment request or verifying through the security policy.
For convenience of description, the above devices are described as being divided into various modules by functions, and are described separately. Of course, the functionality of the modules may be implemented in the same one or more of software and/or hardware in implementing one or more embodiments of the present description.
The apparatus of the foregoing embodiment is used to implement the corresponding method in the foregoing embodiment, and has the beneficial effects of the corresponding method embodiment, which are not described herein again.
One or more embodiments of the present specification further provide an electronic device based on the same inventive concept. The electronic device comprises a memory, a processor and a computer program stored on the memory and capable of running on the processor, wherein the processor executes the program to implement the security policy recommendation method for the intelligent device according to any one of the embodiments.
Fig. 4 is a schematic diagram illustrating a more specific hardware structure of an electronic device according to this embodiment, where the electronic device may include: a processor 1010, a memory 1020, an input/output interface 1030, a communication interface 1040, and a bus 1050. Wherein the processor 1010, memory 1020, input/output interface 1030, and communication interface 1040 are communicatively coupled to each other within the device via bus 1050.
The processor 1010 may be implemented by a general-purpose CPU (Central Processing Unit), a microprocessor, an Application Specific Integrated Circuit (ASIC), or one or more Integrated circuits, and is configured to execute related programs to implement the technical solutions provided in the embodiments of the present disclosure.
The Memory 1020 may be implemented in the form of a ROM (Read Only Memory), a RAM (Random Access Memory), a static Memory device, a dynamic Memory device, or the like. The memory 1020 may store an operating system and other application programs, and when the technical solution provided by the embodiments of the present specification is implemented by software or firmware, the relevant program codes are stored in the memory 1020 and called to be executed by the processor 1010.
The input/output interface 1030 is used for connecting an input/output module to input and output information. The i/o module may be configured as a component in a device (not shown) or may be external to the device to provide a corresponding function. Wherein the input devices may include a keyboard, mouse, touch screen, microphone, various sensors, etc., and the output devices may include a display, speaker, vibrator, indicator light, etc.
The communication interface 1040 is used for connecting a communication module (not shown in the drawings) to implement communication interaction between the present apparatus and other apparatuses. The communication module can realize communication in a wired mode (for example, USB, network cable, etc.), and can also realize communication in a wireless mode (for example, mobile network, WIFI, bluetooth, etc.).
The bus 1050 includes a path that transfers information between the various components of the device, such as the processor 1010, the memory 1020, the input/output interface 1030, and the communication interface 1040.
It should be noted that although the above-mentioned device only shows the processor 1010, the memory 1020, the input/output interface 1030, the communication interface 1040 and the bus 1050, in a specific implementation, the device may also include other components necessary for normal operation. In addition, those skilled in the art will appreciate that the above-described apparatus may also include only those components necessary to implement the embodiments of the present description, and not necessarily all of the components shown in the figures.
Those of ordinary skill in the art will understand that: the discussion of any embodiment above is meant to be exemplary only, and is not intended to intimate that the scope of the disclosure, including the claims, is limited to these examples; within the spirit of the present disclosure, features from the above embodiments or from different embodiments may also be combined, steps may be implemented in any order, and there are many other variations of different aspects of one or more embodiments of the present description as described above, which are not provided in detail for the sake of brevity.
While the present disclosure has been described in conjunction with specific embodiments thereof, many alternatives, modifications, and variations of these embodiments will be apparent to those of ordinary skill in the art in light of the foregoing description. For example, other memory architectures (e.g., dynamic ram (dram)) may use the embodiments discussed.
It is intended that the one or more embodiments of the present specification embrace all such alternatives, modifications and variations as fall within the broad scope of the appended claims. Therefore, any omissions, modifications, substitutions, improvements, and the like that may be made without departing from the spirit and principles of one or more embodiments of the present disclosure are intended to be included within the scope of the present disclosure.
Claims (15)
1. A security policy recommendation method for an intelligent device comprises the following steps:
acquiring intelligent equipment characteristic data and owner characteristic data; the intelligent device characteristic data comprises idle time data used for reflecting the time length of the intelligent device in an unused idle state; the owner characteristic data comprises replacement intelligent device frequency data used for reflecting the times of historically replacing different intelligent devices by an owner of the intelligent device;
generating a feature vector of the intelligent equipment according to the intelligent equipment feature data and the owner feature data;
obtaining the loss probability of the intelligent equipment according to the feature vector and a pre-trained loss probability prediction model;
and recommending a security policy according to the loss probability.
2. The security policy recommendation method of a smart device according to claim 1,
the smart device feature data further comprises: at least one of price data, historical location data;
the owner profile further comprises: identity data.
3. The security policy recommendation method of a smart device according to claim 1, the security policy comprising: at least one of third party authentication, digital certificate media authentication, biometric authentication.
4. The method for recommending the security policy of the smart device according to claim 3, wherein the theoretical value range of the loss probability is divided into a first interval, a second interval and a third interval from large to small;
the recommending the security policy according to the loss probability specifically includes:
if the loss probability falls into the first interval, recommending the security policy; the security policy comprises at least one of third party authentication and digital certificate medium authentication;
if the loss probability falls into the second interval, recommending the security policy; the security policy comprises biometric verification;
if the loss probability falls into the third interval, the security policy is not recommended.
5. The security policy recommendation method for a smart device according to claim 1, further comprising:
responding to a payment request initiated by the intelligent equipment, and acquiring a payment amount corresponding to the payment request;
and carrying out safety processing on the payment request according to the loss probability and the payment amount.
6. The method for recommending a security policy of an intelligent device according to claim 5, wherein the security processing of the payment request according to the loss probability and the payment amount specifically includes:
carrying out abnormal event detection on the intelligent equipment to obtain an abnormal event detection result;
and carrying out safety processing on the payment request according to the loss probability, the payment amount and the abnormal event detection result.
7. The security policy recommendation method of the smart device according to claim 5 or 6, the security process comprising: and releasing the payment request, intercepting the payment request or verifying through the security policy.
8. A security policy recommendation apparatus of a smart device, comprising:
the acquisition module is configured to acquire intelligent device characteristic data and owner characteristic data; the intelligent device characteristic data comprises idle time data used for reflecting the time length of the intelligent device in an unused idle state; the owner characteristic data comprises replacement intelligent device frequency data used for reflecting the times of historically replacing different intelligent devices by an owner of the intelligent device;
a generating module configured to generate a feature vector of the smart device according to the smart device feature data and the owner feature data;
the prediction module is configured to obtain the loss probability of the intelligent equipment according to the feature vector and a pre-trained loss probability prediction model;
and the recommending module is configured to recommend the security policy according to the loss probability.
9. The apparatus of claim 8, the smart device characterization data further comprising: at least one of price data, historical location data; the owner profile further comprises: identity data.
10. The apparatus of claim 8, the security policy comprising: at least one of third party authentication, digital certificate media authentication, biometric authentication.
11. The apparatus of claim 10, wherein the theoretical range of the loss probability is divided into a first interval, a second interval and a third interval from large to small; the recommending module is specifically configured to recommend the security policy if the loss probability falls within the first interval; the security policy comprises at least one of third party authentication and digital certificate medium authentication; if the loss probability falls into the second interval, recommending the security policy; the security policy comprises biometric verification; if the loss probability falls into the third interval, the security policy is not recommended.
12. The apparatus of claim 8, further comprising: the management and control module is configured to respond to a payment request initiated by the intelligent device and obtain a payment amount corresponding to the payment request; and carrying out safety processing on the payment request according to the loss probability and the payment amount.
13. The apparatus according to claim 12, wherein the management and control module is specifically configured to perform abnormal event detection on the smart device, so as to obtain an abnormal event detection result; and carrying out safety processing on the payment request according to the loss probability, the payment amount and the abnormal event detection result.
14. The apparatus of claim 12 or 13, the secure process, comprising: and releasing the payment request, intercepting the payment request or verifying through the security policy.
15. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the method of any one of claims 1 to 7 when the program is executed by the processor.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010193317.7A CN111415012B (en) | 2020-03-18 | 2020-03-18 | Security policy recommendation method and device for intelligent device and electronic device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010193317.7A CN111415012B (en) | 2020-03-18 | 2020-03-18 | Security policy recommendation method and device for intelligent device and electronic device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111415012A CN111415012A (en) | 2020-07-14 |
| CN111415012B true CN111415012B (en) | 2022-09-23 |
Family
ID=71494156
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010193317.7A Active CN111415012B (en) | 2020-03-18 | 2020-03-18 | Security policy recommendation method and device for intelligent device and electronic device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111415012B (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104301117A (en) * | 2014-10-22 | 2015-01-21 | 中国联合网络通信集团有限公司 | Identity verification method and device |
| CN106548342A (en) * | 2015-09-22 | 2017-03-29 | 阿里巴巴集团控股有限公司 | A kind of credible equipment determines method and device |
| WO2017071147A1 (en) * | 2015-10-30 | 2017-05-04 | 宇龙计算机通信科技(深圳)有限公司 | Mobile payment monitoring method and system, and intelligent terminal |
| CN108875327A (en) * | 2018-05-28 | 2018-11-23 | 阿里巴巴集团控股有限公司 | One seed nucleus body method and apparatus |
| CN109165940A (en) * | 2018-06-28 | 2019-01-08 | 阿里巴巴集团控股有限公司 | A kind of theft preventing method, device and electronic equipment |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103020820A (en) * | 2011-09-20 | 2013-04-03 | 深圳市财付通科技有限公司 | Transaction payment method and system |
-
2020
- 2020-03-18 CN CN202010193317.7A patent/CN111415012B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104301117A (en) * | 2014-10-22 | 2015-01-21 | 中国联合网络通信集团有限公司 | Identity verification method and device |
| CN106548342A (en) * | 2015-09-22 | 2017-03-29 | 阿里巴巴集团控股有限公司 | A kind of credible equipment determines method and device |
| WO2017071147A1 (en) * | 2015-10-30 | 2017-05-04 | 宇龙计算机通信科技(深圳)有限公司 | Mobile payment monitoring method and system, and intelligent terminal |
| CN108875327A (en) * | 2018-05-28 | 2018-11-23 | 阿里巴巴集团控股有限公司 | One seed nucleus body method and apparatus |
| CN109165940A (en) * | 2018-06-28 | 2019-01-08 | 阿里巴巴集团控股有限公司 | A kind of theft preventing method, device and electronic equipment |
Non-Patent Citations (1)
| Title |
|---|
| "2013中国手机防盗研究报告";艾媒网;《https://www.iimedia.cn/c400/36996.html》;20131130;第1-13页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111415012A (en) | 2020-07-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11599619B1 (en) | Relative and dynamic multifactor authentication | |
| US10740845B2 (en) | System for mobile device enabled biometric monitoring | |
| US20190156345A1 (en) | Adaptive biometric and environmental authentication system | |
| CN106104555B (en) | For protecting the behavioural analysis of peripheral equipment | |
| US9826400B2 (en) | Method and apparatus that facilitates a wearable identity manager | |
| US20150170148A1 (en) | Real-time transaction validity verification using behavioral and transactional metadata | |
| US11803835B2 (en) | Methods and systems for displaying account information | |
| CN107077671A (en) | Use the payment mechanism and method of security module | |
| US20210075619A1 (en) | Identifying and authorizing user data over a network based on a biometric chip | |
| KR102106489B1 (en) | Method, apparatus and computer readable recording medium for providing pet care service based social platform | |
| US9456343B1 (en) | Assessing mobile user authenticity based on communication activity | |
| US11954188B1 (en) | Systems and methods for dynamic bio-behavioral authentication | |
| CN111415012B (en) | Security policy recommendation method and device for intelligent device and electronic device | |
| US11704657B2 (en) | Presence verification for electronic transactions | |
| US10664845B1 (en) | Systems and methods for use in implementing account controls | |
| Alotaibi et al. | A novel transparent user authentication approach for mobile applications | |
| Liu et al. | Privacy-based adaptive context-aware authentication system for personal mobile devices. | |
| WO2021027146A1 (en) | Payment method and apparatus, calculation device, and storage medium | |
| US20210216994A1 (en) | Methods and systems for processing a transaction | |
| US20240012934A1 (en) | Healthcare-activity triggered data management | |
| Hocking | Authentication Aura: A cooperative and distributed approach to user authentication on mobile devices | |
| WO2024073070A1 (en) | Token misalignment detection and remediation device | |
| WO2019027547A1 (en) | Distributed automated learning of user personalization | |
| CN109491879A (en) | A kind of method for secret protection and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |