CN111581621A - Data security processing method, device, system and storage medium - Google Patents

Data security processing method, device, system and storage medium Download PDF

Info

Publication number
CN111581621A
CN111581621A CN202010378063.6A CN202010378063A CN111581621A CN 111581621 A CN111581621 A CN 111581621A CN 202010378063 A CN202010378063 A CN 202010378063A CN 111581621 A CN111581621 A CN 111581621A
Authority
CN
China
Prior art keywords
user
data
image
user terminal
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010378063.6A
Other languages
Chinese (zh)
Inventor
陈旦华
韩丽丽
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Core Integrated Circuit Ningbo Co Ltd
Original Assignee
China Core Integrated Circuit Ningbo Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Core Integrated Circuit Ningbo Co Ltd filed Critical China Core Integrated Circuit Ningbo Co Ltd
Priority to CN202010378063.6A priority Critical patent/CN111581621A/en
Publication of CN111581621A publication Critical patent/CN111581621A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/451Execution arrangements for user interfaces
    • G06F9/452Remote windowing, e.g. X-Window System, desktop virtualisation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N20/00Machine learning
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06VIMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
    • G06V20/00Scenes; Scene-specific elements
    • G06V20/50Context or environment of the image
    • G06V20/52Surveillance or monitoring of activities, e.g. for recognising suspicious objects
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06VIMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
    • G06V40/00Recognition of biometric, human-related or animal-related patterns in image or video data
    • G06V40/10Human or animal bodies, e.g. vehicle occupants or pedestrians; Body parts, e.g. hands
    • G06V40/16Human faces, e.g. facial parts, sketches or expressions
    • G06V40/161Detection; Localisation; Normalisation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06VIMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
    • G06V40/00Recognition of biometric, human-related or animal-related patterns in image or video data
    • G06V40/20Movements or behaviour, e.g. gesture recognition

Abstract

The embodiment of the invention provides a data security processing method, a device, a system and a storage medium, wherein the method comprises the following steps: acquiring a user image acquired by an image acquisition device of a user terminal, wherein the user terminal processes data of a virtual server through a virtual desktop provided by the virtual server; judging whether the user image is an abnormal image or not, wherein the abnormal image is an image for recording the suspicion behavior of data leakage of the user; and if the user image is an abnormal image, processing the abnormal image so as to determine alarm triggering information corresponding to the abnormal image, wherein the alarm triggering information is used for triggering data security alarm, and the alarm triggering information at least comprises user information corresponding to a user operating the user terminal. The embodiment of the invention can reduce the risk of data leakage.

Description

Data security processing method, device, system and storage medium
Technical Field
The embodiment of the invention relates to the technical field of data security, in particular to a data security processing method, a device, a system and a storage medium.
Background
Enterprises, governments and other organizations have increasingly common data management by using virtualization technology, and based on the virtualization technology, these organizations can virtualize a plurality of logical computers through a virtual server, and each logical computer can correspond to a virtual operating system, so that users (users such as research and development personnel, administrative personnel and the like in these organizations, who need to process data) in these organizations can log in a virtual desktop of the virtual operating system by using a user terminal to operate the virtualized logical computer, so as to implement data processing. The technology has wide application in the scenes of research and development data management, administrative data management and the like of enterprises, governments and other organizations, and even in the scenes of office work on the cloud and the like.
Enterprises, governments and other organizations have strict requirements on data security, and on the basis of data management based on virtualization technology, how to reduce the risk of data leakage is always a hot problem for research by technical personnel in the field.
Disclosure of Invention
In view of this, embodiments of the present invention provide a data security processing method, apparatus, system and storage medium to reduce the risk of data leakage.
In order to achieve the above purpose, the embodiments of the present invention provide the following technical solutions:
a data security processing method comprises the following steps:
acquiring a user image acquired by an image acquisition device of a user terminal, wherein the user terminal processes data of a virtual server through a virtual desktop provided by the virtual server;
judging whether the user image is an abnormal image or not, wherein the abnormal image is an image for recording the suspicion behavior of data leakage of the user;
and if the user image is an abnormal image, processing the abnormal image so as to determine alarm triggering information corresponding to the abnormal image, wherein the alarm triggering information is used for triggering data security alarm, and the alarm triggering information at least comprises user information corresponding to a user operating the user terminal.
An embodiment of the present invention further provides a data security processing system, including: the system comprises a user terminal, a virtual server and a data analysis server;
the user terminal is used for processing the data of the virtual server through a virtual desktop provided by the virtual server and transmitting a user image acquired by an image acquisition device arranged on the user terminal to the virtual server;
the virtual server is used for acquiring the user image; judging whether the user image is an abnormal image or not, wherein the abnormal image is an image for recording the suspicion behavior of data leakage of the user; if the user image is an abnormal image, sending the abnormal image to the data analysis server;
the data analysis server is used for determining alarm triggering information corresponding to the abnormal image, wherein the alarm triggering information is used for triggering data security alarm, and the alarm triggering information at least comprises user information corresponding to a user operating the user terminal.
An embodiment of the present invention further provides a data security processing apparatus, including:
the system comprises a user image acquisition module, a virtual server and a user image processing module, wherein the user image acquisition module is used for acquiring a user image acquired by an image acquisition device of a user terminal, and the user terminal processes data of the virtual server through a virtual desktop provided by the virtual server;
the abnormal image judging module is used for judging whether the user image is an abnormal image or not, wherein the abnormal image is an image for recording the suspicion behavior of data leakage of the user;
and the processing module is used for processing the abnormal image if the user image is the abnormal image so as to determine alarm triggering information corresponding to the abnormal image, wherein the alarm triggering information is used for triggering data security alarm, and the alarm triggering information at least comprises user information corresponding to a user operating the user terminal.
Embodiments of the present invention further provide a storage medium, which includes at least one memory and at least one processor, where the memory stores one or more computer-executable instructions, and the one or more computer-executable instructions are configured to execute the data security processing method described above.
In the data security processing method provided by the embodiment of the invention, the user terminal can process the data of the virtual server through the virtual desktop provided by the virtual server, and in the process, the virtual server can acquire the user image acquired by the image acquisition device of the user terminal; therefore, the virtual server can judge whether the user image is an abnormal image for recording the suspected behavior of the data leaked by the user, when the user image is judged to be the abnormal image, the virtual server can process the abnormal image so as to determine the alarm triggering information corresponding to the abnormal image, the alarm triggering information is used for triggering data safety alarm, the alarm triggering information at least comprises user information corresponding to the user operating the user terminal, and the user executing the suspected behavior can be tracked through the alarm triggering information. Therefore, the data security processing method provided by the embodiment of the invention can analyze the collected user image, and when the user image is an abnormal image recording the suspected behavior of data leakage of the user, the embodiment of the invention can generate the alarm trigger information, wherein the alarm trigger information at least comprises the user information corresponding to the user executing the suspected behavior, so that under the condition that the user executes the suspected behavior, the embodiment of the invention can trigger the data security alarm based on the alarm trigger information and track the user executing the suspected behavior, thereby reducing the risk of data leakage and improving the data security.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below, it is obvious that the drawings in the following description are only embodiments of the present application, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
FIG. 1 is a block diagram of a data security processing system according to an embodiment of the present invention;
FIG. 2 is another block diagram of a data security processing system according to an embodiment of the present invention;
fig. 3 is a flowchart of a data security processing method according to an embodiment of the present invention;
FIG. 4 is a further block diagram of a data security processing system according to an embodiment of the present invention;
fig. 5 is another flowchart of a data security processing method according to an embodiment of the present invention;
FIG. 6 is an exemplary diagram of a screen watermark provided by an embodiment of the invention;
FIG. 7 is a block diagram of a data security processing system according to an embodiment of the present invention;
fig. 8 is a block diagram of a data security processing apparatus according to an embodiment of the present invention;
fig. 9 is another block diagram of a data security processing apparatus according to an embodiment of the present invention;
fig. 10 is a further block diagram of a data security processing apparatus according to an embodiment of the present invention;
fig. 11 is a further block diagram of a data security processing apparatus according to an embodiment of the present invention;
fig. 12 is yet another block diagram of a data security processing apparatus according to an embodiment of the present invention;
fig. 13 is a block diagram of a virtual server according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In an alternative implementation, fig. 1 shows an alternative block diagram of a data security system provided by an embodiment of the present invention, and as shown in fig. 1, the data security system may include: a user terminal 10, a virtual server 20, a data analysis server 30;
the user terminal 10 is a terminal device used by a user needing to process data, such as a research and development staff, an administrative staff and the like of an enterprise, a government and other institutions needing to process data; in the embodiment of the present invention, the user terminal 10 needs to be installed with an image capturing device, for example, an electronic device such as a camera having an image capturing function, and the user terminal 10 may be internally installed with the image capturing device or externally connected with the image capturing device; in alternative implementations, user terminals such as smart phones, notebook computers, PCs (personal computers), etc.;
the virtual server 20 is a server device providing virtualization service, and the virtual server can virtualize a plurality of logical computers based on a virtualization technology, each logical computer corresponds to a virtual operating system, and each virtual operating system can have a virtual desktop for a user to operate; when the user terminal 10 processes data, the user terminal can access the virtual server to log in a virtual desktop of a virtual operating system, so that a logical computer corresponding to the virtual operating system is operated through the virtual desktop to process the data of the virtual server; it can be understood that the number of the user terminals may be multiple, and each user may log in a virtual desktop of a virtual operating system by using one user terminal to implement data processing, thereby implementing an effect of processing data by multiple users on the basis of data management based on a virtualization technology; in an alternative implementation, the virtual server 20 may be a single server device, or may be a server group formed by a plurality of server devices;
the data analysis server 30 is a service device for data analysis provided in the embodiment of the present invention; in an alternative implementation, the virtual server 20 may also integrate data analysis capabilities without having to provide a data analysis server.
It should be noted that, when the user terminal processes the data of the virtual server through the virtual desktop, the operation information of the virtual desktop by the user is interacted between the user terminal and the virtual server, and the virtual server can map the operation information of the virtual desktop into the processing information of the data, thereby implementing the processing of the data.
Alternatively, the user terminal 10 and the virtual server 20 may be isolated by a secure network, and the user terminal 10 accesses the virtual server 20 through the secure network; in a further alternative implementation, another block diagram of the data security system shown in FIG. 2, as shown in FIG. 2:
the user terminal 10 may be deployed in a user terminal area specifically set by an enterprise, a government, or the like, and a plurality of user terminals may be disposed in the user terminal area;
the virtual server 20 may be deployed in an internal network of an enterprise, government, or the like, for example, in an internal server room specially configured by the enterprise, government, or the like, and the server room may be accessed through the internal network of the enterprise; the user terminal 10 accesses the virtual server 20 through the secure network to log in a virtual desktop of the virtual operating system, so as to process data of the virtual server;
the data analysis server 30 is in communication connection with the virtual server 20, and in an optional implementation, the data analysis server 30 may be deployed in the cloud as the virtual server;
it should be noted that the secure network may be an internal network of an organization such as an enterprise, a government, or the like, or a network for the user terminal to access the virtual server, which is further provided on the basis of the internal network.
Optionally, the deployment manner of the data security system shown in fig. 2 may be applicable to a research and development data management scenario of an enterprise, a government, and the like, specifically, the research and development data may be stored in the virtual server 20 (for example, the virtual server 20 may be provided with a special database to store the research and development data), and when a user needs to process the research and development data, the user needs to access the virtual server through a user terminal in a user terminal area through a secure network, so as to log in a virtual desktop, and implement processing of the research and development data stored in the virtual server.
It should be noted that the deployment manner of the data security system shown in fig. 2 is only an optional implementation, the user terminal 10 may not be deployed in the user terminal area, and the user terminal 10 may also access the virtual server through a private network (such as a virtual private network VPN) on the basis of an external network.
Based on the data security system provided by the embodiment of the present invention, in an optional implementation, fig. 3 shows an optional flow of the data security method provided by the embodiment of the present invention, and as shown in fig. 3, the flow may include:
and step S10, the user terminal logs in the virtual desktop provided by the virtual server.
And step S11, the virtual server sends an activation instruction of the image acquisition device to the user terminal.
A user logs in a virtual desktop provided by a virtual server by using a user terminal so as to process data of the virtual server through the virtual desktop. Under the condition that the user terminal logs in the virtual desktop, the virtual server can send an activation instruction of the image acquisition device to the user terminal, so that the user terminal activates the image acquisition device. The image acquisition device is a built-in or external camera of the user terminal.
It should be noted that steps S10 and S11 are only an optional implementation of sending the activation instruction of the image capturing apparatus to the user terminal by the virtual server, and besides the virtual server sending the activation instruction to the user terminal when the user terminal logs in the virtual desktop, the embodiment of the present invention may also send the activation instruction to the user terminal by the virtual server in other cases, for example: the data of the virtual server can comprise common data and confidential data, the security level of the confidential data is higher than that of the common data, and in order to reduce the risk of secret leakage of the confidential data, the virtual server can send an activation instruction of the image acquisition device to the user terminal when the user terminal processes the confidential data through the virtual desktop, so that the user terminal activates the image acquisition device.
And step S12, the user terminal collects the user image through the image collecting device.
After the user terminal activates the image acquisition device, the image acquisition device can acquire a user image corresponding to a user operating the user terminal, the user image can be regarded as a user scene image acquired by the image acquisition device, and the user image can record the face, the user behavior, the scene environment where the user is located and the like of the user.
And step S13, the user terminal sends the user image to the virtual server.
In an alternative implementation, the user terminal may send the user image acquired by the image acquisition device to the virtual server in real time.
Step S14, the virtual server determines whether the user image is an abnormal image, where the abnormal image is an image for recording a suspected behavior of user leakage data.
After the virtual server acquires the user image acquired by the image acquisition device of the user terminal, the user image can be analyzed to judge whether the user image is an abnormal image for recording the suspected behavior of data leakage of the user, so that the virtual server can timely find out the suspected behavior of data leakage executed by the user through analysis and processing of the user image.
In an optional implementation, the embodiment of the invention can pre-train a machine learning module with the capability of identifying abnormal images, and judge whether the user images are abnormal images or not through the pre-trained machine learning module; optionally, in the embodiment of the present invention, a plurality of historical images in which the suspected behavior of the user leakage data is recorded may be obtained and used as positive samples, and abnormal image markers are set for the positive samples, and a plurality of historical images in which the suspected behavior of the user leakage data is not recorded are obtained and used as negative samples, and normal image markers are set for the negative samples, so that a machine learning model is trained according to the markers of the positive samples and the positive samples, and the markers of the negative samples and the negative samples, and the trained machine learning model has an ability of identifying abnormal images.
In an alternative implementation, the embodiment of the present invention may extract image features of a positive sample and image features of a negative sample, and train the machine learning model according to the image features of the positive sample and the labels of the positive sample, and the image features of the negative sample and the labels of the negative sample as training data. Correspondingly, after the virtual server acquires the user image, the image features of the user image can be extracted, and the image features of the user image are input into the trained machine learning model, so that the judgment result of whether the user image is an abnormal image or not is obtained. Of course, the embodiment of the present invention may also set that the machine learning model has the capability of extracting image features, so that in the training stage of the machine learning model, the embodiment of the present invention may directly input the positive sample and the negative sample into the machine learning model, the machine learning model extracts the image features of the positive sample, and the image features of the negative sample for training, and after the machine learning model is trained, the embodiment of the present invention may directly input the user image into the machine learning model, extract the image features of the user image by the machine learning model, and identify whether the image is an abnormal image.
The training process can be executed by the virtual server, so that the virtual server can set the trained machine learning model, and of course, the embodiment of the invention can also support training of the machine learning model by other equipment, and the virtual server obtains the trained machine learning model from the equipment for training the machine learning model.
In another optional implementation, in the embodiment of the present invention, image feature matching may be performed on the user image and a preset abnormal image to obtain a similarity between the user image and the abnormal image, so that when the similarity reaches a preset similarity threshold, the user image is determined to be the abnormal image.
In optional implementation, the suspected behavior of data leakage of the user is, for example, a photographing behavior of the user, and it can be understood that when the user terminal processes data of the virtual server through the virtual desktop, the data of the virtual server is not transmitted to the user terminal, but a data image is transmitted to the user terminal for display, and if the user uses a mobile phone, a camera, or other equipment to photograph content displayed by the user terminal, the user may execute the suspected behavior of data leakage; accordingly, the abnormal image may be an image in which a photographing behavior of the user is recorded. It should be noted that, in order to ensure data security of organizations such as enterprises and governments, the organizations generally require that users forbid carrying of devices with a photographing function when using a user terminal (for example, when using a user terminal in a user terminal area), so that when using the user terminal and operating data of a virtual server through a virtual desktop, the users collect images of the users, thereby identifying abnormal images of photographing behaviors of the users, and having an important meaning for reducing data leakage.
In other possible implementations, the suspicious act of the user revealing data is also, for example: the behavior of the user picking up the device with the photographing function (such as the behavior of the user picking up a mobile phone), the behavior of the user making a call, the behavior of the user recording contents on a paper document, and the like.
And step S15, if the user image is an abnormal image, the virtual server sends the abnormal image to a data analysis server.
When the virtual server judges that the user image is an abnormal image, the suspicion behavior of the user operating the user terminal to execute the leakage data currently is described, and in order to locate the specific user operating the user terminal and provide data safety warning, the virtual server can send the abnormal image to the data analysis server and the data analysis server performs further processing.
Step S16, the data analysis server determines alarm trigger information corresponding to the abnormal image, where the alarm trigger information is used to trigger data security alarm, and the alarm trigger information at least includes user information corresponding to a user operating the user terminal.
After the data analysis server receives the abnormal image, in order to conveniently track the suspected behavior of the user, the data analysis server can generate alarm trigger information based on the abnormal image, and the alarm trigger information can be used for triggering data security alarm so that data security responsible personnel of enterprises, governments and other mechanisms can know that the suspected behavior of data leakage executed by the user currently exists.
In order to facilitate tracking of the suspected behavior of the user, the alarm triggering information may at least include user information corresponding to the user operating the user terminal, so as to locate the specific user performing the suspected behavior; optionally, the user information may include a user name, a mobile phone number, and other information related to the user. In a specific optional implementation, when a user logs in the virtual desktop using the user terminal, the user may request to log in the virtual desktop using a user account (e.g., an employee account) and a password, so that after the virtual server verifies that the registration account matches the password, the user terminal successfully logs in the virtual desktop, and based on this, the virtual server may determine user information by operating the user account of the user terminal, for example, determining user information corresponding to the user account from registration information of the user in the virtual server.
In a further optional implementation, the alarm triggering information may further include: the terminal information of the user terminal, and/or the acquisition time of the abnormal image and the like. To further track the suspected behavior of the user, the virtual server may determine terminal information of the user terminal that sent the abnormal image, such as a name, an IP (internet protocol) address, and the like of the user terminal. In order to further track the suspected behavior of the user, the virtual server may determine the time for acquiring the abnormal image, that is, the time for acquiring the abnormal image by the image acquisition device of the user terminal.
The content of the alarm trigger information described above is only an optional example, and the content type of the alarm trigger information may be set according to an actual situation in the embodiment of the present invention, so that when a user executes a suspected behavior of revealing data, accurate tracking of the suspected behavior is achieved.
It should be noted that the manner in which the virtual server sends the abnormal image to the data analysis server and the data analysis server determines the alarm triggering information is only optional, and in the embodiment of the present invention, the virtual server may also directly determine the alarm triggering information corresponding to the abnormal image. In general, the virtual server may process the abnormal image after determining that the user image is the abnormal image, so as to determine the alarm trigger information corresponding to the abnormal image, for example, the virtual server may send the abnormal image to the data analysis server to implement processing on the abnormal image, so that the data analysis server determines the alarm trigger information, or for example, the virtual server may directly determine the alarm trigger information corresponding to the abnormal image, to implement processing on the abnormal image, and to implement determining the alarm trigger information.
In a further alternative implementation, as shown in fig. 4, the data security processing system provided in the embodiment of the present invention may further include an alarm server 40; the data analysis server can send the alarm triggering information to the alarm server so that the alarm server generates alarm information according to the alarm triggering information, and specifically, the alarm server can send the alarm information to a data safety responsible person so that the data safety responsible person audits a suspected behavior based on the alarm information and the content in the alarm triggering information, and measures are taken when the user is confirmed to really execute the behavior of revealing data.
It should be noted that the setting of the alarm server to generate the alarm information is only an optional implementation manner, and the alarm information may also be generated by the data analysis server in the embodiment of the present invention.
In the data security processing method provided by the embodiment of the invention, the virtual server can activate the image acquisition device of the user terminal when the user terminal logs in the virtual desktop, so as to acquire the user image acquired by the image acquisition device of the user terminal; furthermore, the virtual server can judge whether the user image is an abnormal image for recording the suspected behavior of the data leakage of the user, when the user image is judged to be the abnormal image, the virtual server can send the abnormal image to the data analysis server, so that the data analysis server determines alarm trigger information corresponding to the abnormal image, the alarm trigger information is used for triggering data safety alarm, the alarm trigger information at least comprises user information corresponding to the user operating the user terminal, and then the embodiment of the invention can track the user executing the suspected behavior through the alarm trigger information. Therefore, the data security processing method provided by the embodiment of the invention can analyze the collected user image, and when the user image is an abnormal image recording the suspected behavior of data leakage of the user, the embodiment of the invention can generate the alarm trigger information, wherein the alarm trigger information at least comprises the user information corresponding to the user executing the suspected behavior, so that under the condition that the user executes the suspected behavior, the embodiment of the invention can trigger the data security alarm based on the alarm trigger information and track the user executing the suspected behavior, thereby reducing the risk of data leakage and improving the data security.
In a further optional implementation of the embodiment of the present invention, the virtual server may generate a screen watermark corresponding to the virtual desktop when the user terminal logs in the virtual desktop, at least according to terminal information of the user terminal, user information corresponding to a user operating the user terminal, and the like, so that when a user operating the user terminal executes a suspicious behavior, tracking of the user and the user terminal operated by the user can be implemented based on a screen level corresponding to the virtual desktop logged in by the user terminal; optionally, fig. 5 shows another flow of the data security processing method provided in the embodiment of the present invention, where the flow may be executed by a virtual server, and as shown in fig. 5, the flow may include:
and step S20, obtaining a login request of the user terminal for logging in the virtual desktop.
In optional implementation, a user can use a user terminal to access a login interface of the virtual desktop, and the user can input login information such as a user account, a password and the like in the login interface; therefore, the user terminal can send a login request to the virtual server based on login information such as a user account and a password input by the login interface so as to request to login the virtual interface. Correspondingly, the virtual server can obtain a login request for logging in the virtual desktop by the user terminal.
Step S21, after the login request is verified, at least determining user information corresponding to the user operating the user terminal and terminal information of the user terminal.
After the virtual server obtains the login request, the virtual server can verify login information such as a user account and a password carried in the login request, for example, whether the user account is matched with the password is verified, so that after the virtual server verifies that the login request passes, the virtual server can allow the user terminal to log in the virtual desktop, and the user terminal can process data of the virtual server through the virtual desktop. At this time, in order to set the screen watermark of the virtual desktop, the virtual server may determine at least user information (e.g., a user name, a user account, etc.) corresponding to a user operating the user terminal, and terminal information (e.g., a user terminal name, an IP address, etc.) of the user terminal, so as to facilitate subsequent generation of the screen watermark based on the user information and the terminal information.
Step S22, setting the screen watermark on the virtual desktop, where the screen watermark at least records the user information and the terminal information.
In an optional implementation, the screen watermark may record information such as the time when the user terminal logs in the virtual desktop, and regarding further specific content of the screen watermark, the embodiment of the present invention may be set according to an actual situation. As an example, fig. 6 shows an example that a virtual desktop displayed by a user terminal is shown with a screen watermark, which can be referred to.
After the virtual server generates the screen watermark, the screen watermark can be set on the virtual desktop, so that when the virtual server determines that the user executes the suspected behavior of revealing data (namely when the virtual server judges that the user image is an abnormal image), the embodiment of the invention can realize the specific user tracking of the suspected behavior execution and the tracking of the user terminal operated by the user through the screen watermark of the virtual desktop logged in by the user terminal operated by the user.
In other optional implementations of the embodiment of the present invention, in the process of operating the virtual desktop by the user terminal, the virtual server may record a video of the operation process of the virtual desktop, so that the user operating the user terminal executes a suspicious behavior, and in the case of generating the alarm information according to the embodiment of the present invention, the data security responsible person may audit based on the video data and serve as a basis for tracing the user when the user actually executes a behavior of revealing data.
The data security processing method provided by the embodiment of the invention can analyze the user image acquired by the user terminal in real time, so that under the condition that the user executes the suspected behavior of revealing data, the embodiment of the invention generates the alarm triggering information for triggering the data security alarm, and tracks the user executing the suspected behavior through the alarm triggering information; meanwhile, further, by setting a screen watermark at least recording user information and terminal information on the virtual desktop, a user executing a suspected behavior and a user terminal used by the user can be conveniently positioned and tracked; furthermore, the embodiment of the invention can record the video of the operation process of the virtual desktop, thereby facilitating the audit and the data leakage responsibility investigation based on the video when the data safety responsible personnel receive the data safety alarm. The data security processing method provided by the embodiment of the invention can reduce the risk of data leakage and improve the data security.
In an optional implementation of the embodiment of the present invention, the data of the virtual server is generally stored in an intranet of an enterprise, a government, or other organization. In one possible implementation, in a specific optional implementation, when the user terminal detects an access signal that the peripheral storage device is accessed to the user terminal, the peripheral storage device may be disabled, for example, the user terminal may be installed with data management and control software, and when the data management and control software detects that the peripheral storage device is accessed to the user terminal, the data management and control software may issue an instruction to disable the peripheral storage device, so as to disable the peripheral storage device, for example, disconnect the user terminal from the peripheral storage device, or set that the peripheral storage device has no access right, and the like. In an alternative example, the peripheral storage device is a device with data storage capability, such as a USB (universal serial bus) storage device, accessible to the user terminal.
In an optional implementation of the embodiment of the present invention, the embodiment of the present invention may set that the data of the virtual server cannot be transmitted to the external network, for example, a firewall is set at a gateway connected to the external network to perform network isolation, so that the data of the virtual server cannot be transmitted from the internal network to the external network, thereby avoiding cross-network transmission of the data and further ensuring data security.
In other optional implementations of the embodiment of the present invention, the embodiment of the present invention also allows part of data (or all data) of the virtual server to be transmitted to the external network, and the embodiment of the present invention may allow data to be transmitted from the internal network to the external appearance based on setting processing means such as data confidentiality, authorization, authentication, and the like, as another block diagram of the data security processing system provided in the embodiment of the present invention illustrated in fig. 7, and as shown in fig. 1, 4, and 7, the data security processing system may further include: a data encryption server 50 and a data ferry server 60;
the data encryption server 50 is configured to encrypt data to be transmitted to an external network, and transmit the encrypted data to the data ferry server 60;
in an alternative implementation, the data encryption server may encrypt the data using a public key based on an encryption algorithm such as gpg (gnuppg).
The data ferry server 60 is configured to process the encrypted data and transmit the processed encrypted data to the external network.
Optionally, the data ferry server processes the encrypted data, for example: and carrying out multi-stage approval, virus killing, content inspection, sensitive content filtering and the like on the encrypted data. In a further optional implementation, the data ferry server may further perform real-time authentication, prior authorization, operation log audit of the data, and the like on the data transmitted to the external network, so as to implement security management and control of data transmission.
The data processing scheme provided by the embodiment of the invention can realize the safe management and control of data under the condition of no sense of a user and can reduce the risk of data leakage.
While various embodiments of the present invention have been described above, various alternatives described in the various embodiments can be combined and cross-referenced without conflict to extend the variety of possible embodiments that can be considered disclosed and disclosed in connection with the embodiments of the present invention.
In the following, the data security processing apparatus provided in the embodiment of the present invention is introduced, and the data security processing apparatus described below may be regarded as a virtual server, which is a functional module required to implement the data security processing method provided in the embodiment of the present invention. The contents of the data security processing apparatus described below may be referred to in correspondence with the contents of the data security processing method described above.
In an alternative implementation, fig. 8 is a block diagram of a data security processing apparatus provided in an embodiment of the present invention, and as shown in fig. 8, the data security processing apparatus may include:
a user image obtaining module 100, configured to obtain a user image collected by an image collecting device of a user terminal, where the user terminal processes data of a virtual server through a virtual desktop provided by the virtual server;
an abnormal image determining module 110, configured to determine whether the user image is an abnormal image, where the abnormal image is an image that records a suspected behavior of user leakage data;
a processing module 120, configured to process the abnormal image if the user image is an abnormal image, so as to determine alarm trigger information corresponding to the abnormal image, where the alarm trigger information is used to trigger a data security alarm, and the alarm trigger information at least includes user information corresponding to a user operating the user terminal.
Optionally, the abnormal image determining module 110 is configured to determine whether the user image is an abnormal image, and includes:
and judging whether the user image is an abnormal image or not according to the pre-trained machine learning model.
In an alternative implementation, fig. 9 shows another block diagram of the data security processing apparatus provided in the embodiment of the present invention, and in combination with fig. 8 and fig. 9, the data security processing apparatus may further include:
the training module 130 is configured to obtain a plurality of historical images in which suspected behaviors of user leakage data are recorded, use the historical images as positive samples, and set abnormal image markers for the positive samples; acquiring a plurality of historical images which do not record the suspected behavior of user leakage data, taking the historical images as negative samples, and setting normal image marks for the negative samples; and training a machine learning model according to the marks of the positive sample and the marks of the negative sample and the negative sample.
Optionally, the processing module 120 is configured to process the abnormal image so as to determine alarm triggering information corresponding to the abnormal image, and includes:
and sending the abnormal image to a data analysis server so that the data analysis server determines alarm triggering information corresponding to the abnormal image.
Optionally, the alarm triggering information may further include: and the terminal information of the user terminal and/or the acquisition time of the abnormal image.
Optionally, fig. 10 shows another block diagram of the data security processing apparatus according to an embodiment of the present invention, and in combination with fig. 8 and fig. 10, the data security processing apparatus may further include:
an activation instruction sending module 140, configured to send an activation instruction of the image capture device to the user terminal when the user terminal logs in the virtual desktop;
and/or when the user terminal processes confidential data of the virtual server through the virtual desktop, sending an activation instruction of the image acquisition device to the user terminal, wherein the data of the virtual server comprises common data and confidential data, and the security of the confidential data is higher than that of the common data.
Optionally, fig. 11 shows another block diagram of the data security processing apparatus according to the embodiment of the present invention, and in combination with fig. 8 and fig. 11, the data security processing apparatus may further include:
the screen watermark setting module 150 is used for acquiring a login request of a user terminal for logging in the virtual desktop; after the login request is verified, at least determining user information corresponding to a user operating the user terminal and terminal information of the user terminal; and setting the screen watermark in the virtual desktop, wherein the screen watermark at least records the user information and the terminal information.
Optionally, the screen watermark further records a time when the user terminal logs in the virtual desktop.
Optionally, fig. 12 shows yet another block diagram of the data security processing apparatus according to the embodiment of the present invention, and in combination with fig. 8 and 12, the data security processing apparatus may further include:
and the video recording module 160 is configured to record a video of an operation process of the user terminal operating the virtual desktop.
Optionally, the suspicious act may include a user photographing act and the like.
The data security processing method provided by the embodiment of the invention can analyze the collected user image, and when the user image is an abnormal image for recording the suspected behavior of data leakage of the user, the embodiment of the invention can generate the alarm trigger information, wherein the alarm trigger information at least comprises the user information corresponding to the user executing the suspected behavior, so that under the condition that the user executes the suspected behavior, the embodiment of the invention can trigger the data security alarm based on the alarm trigger information and track the user executing the suspected behavior, thereby reducing the risk of data leakage and improving the data security.
The embodiment of the invention also provides a virtual server, and the virtual server can load the functional module in the form of a program so as to realize the data security processing method executed by the virtual server in the embodiment of the invention. Optionally, fig. 13 shows a block diagram of a virtual server provided in an embodiment of the present invention, where the block diagram includes: at least one processor 1, at least one communication interface 2, at least one memory 3 and at least one communication bus 4;
in the embodiment of the present invention, the number of the processor 1, the communication interface 2, the memory 3, and the communication bus 4 is at least one, and the processor 1, the communication interface 2, and the memory 3 complete mutual communication through the communication bus 4;
optionally, the communication interface 2 may be an interface of a communication module for performing network communication;
alternatively, the processor 1 may be a CPU (central Processing Unit), a GPU (Graphics Processing Unit), an NPU (embedded neural network processor), an FPGA (Field Programmable Gate Array), a TPU (tensor Processing Unit), an AI chip, an asic (application specific integrated circuit), or one or more integrated circuits configured to implement the embodiments of the present invention.
The memory 3 may comprise a high-speed RAM memory, and may further comprise a non-volatile memory (non-volatile memory), such as at least one disk memory.
The memory 3 stores one or more computer-executable instructions, and the processor 1 calls the one or more computer-executable instructions to execute the data security processing method executed by the virtual server according to the embodiment of the present invention.
The embodiment of the invention also provides a storage medium, which can store one or more computer-executable instructions, wherein the one or more computer-executable instructions are used for executing the data security processing method executed by the virtual server in the embodiment of the invention.
Based on the above description, in an alternative implementation, the data security processing system provided by the embodiment of the present invention may include at least: the system comprises a user terminal, a virtual server and a data analysis server;
the user terminal is used for processing the data of the virtual server through a virtual desktop provided by the virtual server and transmitting a user image acquired by an image acquisition device arranged on the user terminal to the virtual server;
the virtual server is used for acquiring the user image; judging whether the user image is an abnormal image or not, wherein the abnormal image is an image for recording the suspicion behavior of data leakage of the user; if the user image is an abnormal image, sending the abnormal image to the data analysis server;
the data analysis server is used for determining alarm triggering information corresponding to the abnormal image, wherein the alarm triggering information is used for triggering data security alarm, and the alarm triggering information at least comprises user information corresponding to a user operating the user terminal.
Optionally, the detailed functions and extended functions of the user terminal, the virtual server, and the data analysis server may refer to the descriptions in the corresponding parts above.
In an optional implementation, the data security processing system provided in the embodiment of the present invention may further include: and the alarm server is used for acquiring the alarm triggering information determined by the data analysis server and generating alarm information according to the alarm triggering information.
Optionally, the user terminal may further be configured to disable the peripheral storage device when detecting an access signal of the peripheral storage device.
In a further optional implementation, the user terminal may further include: the system comprises a data encryption server and a data ferry server;
the data encryption server is used for encrypting data to be transmitted to an external network and transmitting the encrypted data to the data ferry server;
and the data ferry server is used for processing the encrypted data and transmitting the processed encrypted data to the external network.
Although the embodiments of the present invention have been disclosed, the present invention is not limited thereto. Various changes and modifications may be effected therein by one skilled in the art without departing from the spirit and scope of the invention as defined in the appended claims.

Claims (16)

1. A data security processing method is characterized by comprising the following steps:
acquiring a user image acquired by an image acquisition device of a user terminal, wherein the user terminal processes data of a virtual server through a virtual desktop provided by the virtual server;
judging whether the user image is an abnormal image or not, wherein the abnormal image is an image for recording the suspicion behavior of data leakage of the user;
and if the user image is an abnormal image, processing the abnormal image so as to determine alarm triggering information corresponding to the abnormal image, wherein the alarm triggering information is used for triggering data security alarm, and the alarm triggering information at least comprises user information corresponding to a user operating the user terminal.
2. The data security processing method according to claim 1, wherein the determining whether the user image is an abnormal image comprises:
and judging whether the user image is an abnormal image or not according to the pre-trained machine learning model.
3. The data security processing method according to claim 2, further comprising:
acquiring a plurality of historical images recording suspected behaviors of user leakage data, taking the historical images as positive samples, and setting abnormal image marks for the positive samples;
acquiring a plurality of historical images which do not record the suspected behavior of user leakage data, taking the historical images as negative samples, and setting normal image marks for the negative samples;
and training a machine learning model according to the marks of the positive sample and the marks of the negative sample and the negative sample.
4. The data security processing method according to claim 1, wherein the processing the abnormal image so as to determine the alarm triggering information corresponding to the abnormal image comprises:
and sending the abnormal image to a data analysis server so that the data analysis server determines alarm triggering information corresponding to the abnormal image.
5. The data security processing method according to claim 1, wherein the alarm triggering information further includes: and the terminal information of the user terminal and/or the acquisition time of the abnormal image.
6. The data security processing method according to any one of claims 1 to 5, further comprising:
when the user terminal logs in the virtual desktop, sending an activation instruction of an image acquisition device to the user terminal;
and/or when the user terminal processes confidential data of the virtual server through the virtual desktop, sending an activation instruction of the image acquisition device to the user terminal, wherein the data of the virtual server comprises common data and confidential data, and the security of the confidential data is higher than that of the common data.
7. The data security processing method according to claim 1, further comprising:
acquiring a login request of a user terminal for logging in a virtual desktop;
after the login request is verified, at least determining user information corresponding to a user operating the user terminal and terminal information of the user terminal;
and setting the screen watermark in the virtual desktop, wherein the screen watermark at least records the user information and the terminal information.
8. The data security processing method of claim 7, wherein the screen watermark further records a time when the user terminal logs in to a virtual desktop.
9. The data security processing method according to any one of claims 1 to 5, further comprising:
and recording the operation process of operating the virtual desktop by the user terminal.
10. The data security processing method of claim 1, wherein the suspected behavior comprises a user photo behavior.
11. A data security processing system, comprising: the system comprises a user terminal, a virtual server and a data analysis server;
the user terminal is used for processing the data of the virtual server through a virtual desktop provided by the virtual server and transmitting a user image acquired by an image acquisition device arranged on the user terminal to the virtual server;
the virtual server is used for acquiring the user image; judging whether the user image is an abnormal image or not, wherein the abnormal image is an image for recording the suspicion behavior of data leakage of the user; if the user image is an abnormal image, sending the abnormal image to the data analysis server;
the data analysis server is used for determining alarm triggering information corresponding to the abnormal image, wherein the alarm triggering information is used for triggering data security alarm, and the alarm triggering information at least comprises user information corresponding to a user operating the user terminal.
12. The data security processing system of claim 11, further comprising: and the alarm server is used for acquiring the alarm triggering information determined by the data analysis server and generating alarm information according to the alarm triggering information.
13. The data security processing system of claim 11 or 12, wherein the user terminal is further configured to disable the peripheral storage device upon detecting an access signal to the peripheral storage device.
14. The data security processing system according to claim 11 or 12, further comprising: the system comprises a data encryption server and a data ferry server;
the data encryption server is used for encrypting data to be transmitted to an external network and transmitting the encrypted data to the data ferry server;
and the data ferry server is used for processing the encrypted data and transmitting the processed encrypted data to the external network.
15. A data security processing apparatus, comprising:
the system comprises a user image acquisition module, a virtual server and a user image processing module, wherein the user image acquisition module is used for acquiring a user image acquired by an image acquisition device of a user terminal, and the user terminal processes data of the virtual server through a virtual desktop provided by the virtual server;
the abnormal image judging module is used for judging whether the user image is an abnormal image or not, wherein the abnormal image is an image for recording the suspicion behavior of data leakage of the user;
and the processing module is used for processing the abnormal image if the user image is the abnormal image so as to determine alarm triggering information corresponding to the abnormal image, wherein the alarm triggering information is used for triggering data security alarm, and the alarm triggering information at least comprises user information corresponding to a user operating the user terminal.
16. A storage medium comprising at least one memory and at least one processor, the memory storing one or more computer-executable instructions for performing the method of data security processing of any one of claims 1-10.
CN202010378063.6A 2020-05-07 2020-05-07 Data security processing method, device, system and storage medium Pending CN111581621A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010378063.6A CN111581621A (en) 2020-05-07 2020-05-07 Data security processing method, device, system and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010378063.6A CN111581621A (en) 2020-05-07 2020-05-07 Data security processing method, device, system and storage medium

Publications (1)

Publication Number Publication Date
CN111581621A true CN111581621A (en) 2020-08-25

Family

ID=72125358

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010378063.6A Pending CN111581621A (en) 2020-05-07 2020-05-07 Data security processing method, device, system and storage medium

Country Status (1)

Country Link
CN (1) CN111581621A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112153336A (en) * 2020-09-21 2020-12-29 长江存储科技有限责任公司 Monitoring method and related equipment
CN112153337A (en) * 2020-09-21 2020-12-29 长江存储科技有限责任公司 Monitoring method and related equipment
CN112637635A (en) * 2020-12-15 2021-04-09 西安万像电子科技有限公司 File security method and system, computer readable storage medium and processor
CN112822156A (en) * 2020-12-23 2021-05-18 武汉兴图新科电子股份有限公司 Confidential information monitoring system and method

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101741826A (en) * 2008-11-21 2010-06-16 北京世纪红山科技有限公司 Method and system for realizing encryption unloading on virtualized platform
CN103546478A (en) * 2013-10-30 2014-01-29 国家信息中心 Internal and external network secure access method and system
CN103701589A (en) * 2013-12-19 2014-04-02 福建星网锐捷网络有限公司 Information transmission method and device based on virtual desktop system and relevant equipment
CN104598400A (en) * 2014-12-15 2015-05-06 北京奇虎科技有限公司 Peripheral equipment management method, device and system
CN105282092A (en) * 2014-06-10 2016-01-27 中兴通讯股份有限公司 Virtual desktop authentication method, terminal and server
CN106383768A (en) * 2016-09-14 2017-02-08 江苏北弓智能科技有限公司 Mobile device operation behavior-based supervision analysis system and method
CN107179936A (en) * 2016-03-11 2017-09-19 中国电子科技集团公司电子科学研究院 A kind of virtualization partition method based on privilege separation
CN107302520A (en) * 2017-05-15 2017-10-27 北京明朝万达科技股份有限公司 A kind of dynamic anti-leak of data and method for early warning and system
CN107689943A (en) * 2016-08-04 2018-02-13 深圳市深信服电子科技有限公司 A kind of method of data encryption, user terminal, server and system
CN108650108A (en) * 2018-03-23 2018-10-12 北京明朝万达科技股份有限公司 A kind of user input data anti-leak method for early warning and system

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101741826A (en) * 2008-11-21 2010-06-16 北京世纪红山科技有限公司 Method and system for realizing encryption unloading on virtualized platform
CN103546478A (en) * 2013-10-30 2014-01-29 国家信息中心 Internal and external network secure access method and system
CN103701589A (en) * 2013-12-19 2014-04-02 福建星网锐捷网络有限公司 Information transmission method and device based on virtual desktop system and relevant equipment
CN105282092A (en) * 2014-06-10 2016-01-27 中兴通讯股份有限公司 Virtual desktop authentication method, terminal and server
CN104598400A (en) * 2014-12-15 2015-05-06 北京奇虎科技有限公司 Peripheral equipment management method, device and system
CN107179936A (en) * 2016-03-11 2017-09-19 中国电子科技集团公司电子科学研究院 A kind of virtualization partition method based on privilege separation
CN107689943A (en) * 2016-08-04 2018-02-13 深圳市深信服电子科技有限公司 A kind of method of data encryption, user terminal, server and system
CN106383768A (en) * 2016-09-14 2017-02-08 江苏北弓智能科技有限公司 Mobile device operation behavior-based supervision analysis system and method
CN107302520A (en) * 2017-05-15 2017-10-27 北京明朝万达科技股份有限公司 A kind of dynamic anti-leak of data and method for early warning and system
CN108650108A (en) * 2018-03-23 2018-10-12 北京明朝万达科技股份有限公司 A kind of user input data anti-leak method for early warning and system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
丁源: "《税收数据终端泄露防范及案例分析》", 中国税务出版社, pages: 33 - 36 *

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112153336A (en) * 2020-09-21 2020-12-29 长江存储科技有限责任公司 Monitoring method and related equipment
CN112153337A (en) * 2020-09-21 2020-12-29 长江存储科技有限责任公司 Monitoring method and related equipment
CN112637635A (en) * 2020-12-15 2021-04-09 西安万像电子科技有限公司 File security method and system, computer readable storage medium and processor
CN112822156A (en) * 2020-12-23 2021-05-18 武汉兴图新科电子股份有限公司 Confidential information monitoring system and method
CN112822156B (en) * 2020-12-23 2023-02-14 武汉兴图新科电子股份有限公司 Confidential information monitoring system and method

Similar Documents

Publication Publication Date Title
US10055559B2 (en) Security device, methods, and systems for continuous authentication
US9047464B2 (en) Continuous monitoring of computer user and computer activities
CN111581621A (en) Data security processing method, device, system and storage medium
US20140282965A1 (en) Ongoing Authentication and Access Control with Network Access Device
Dezfoli et al. Digital forensic trends and future
CN112217835B (en) Message data processing method and device, server and terminal equipment
CN108780485A (en) Data set extraction based on pattern match
CN113705619A (en) Malicious traffic detection method, system, computer and medium
CN106687971A (en) Automated code lockdown to reduce attack surface for software
CN105678193B (en) A kind of anti-tamper treating method and apparatus
CN105409164A (en) Rootkit detection by using hardware resources to detect inconsistencies in network traffic
CN106664297A (en) Method for detecting an attack on a working environment connected to a communication network
CN107948199B (en) Method and device for rapidly detecting terminal shared access
Alghamdi Digital forensics in cyber security—recent trends, threats, and opportunities
TW202009765A (en) Suspicious event analysis device and related computer program product for generating suspicious event sequence diagram
CN111274046A (en) Service call validity detection method and device, computer equipment and computer storage medium
CN109726601A (en) The recognition methods of unlawful practice and device, storage medium, computer equipment
Alotaibi et al. A Conceptual Digital Forensic Investigation Model Applicable to the Drone Forensics Field
CN113489703A (en) Safety protection system
CN108566380B (en) Proxy internet surfing behavior identification and detection method
KR20150043843A (en) Information spill prevention apparatus
Phumkaew et al. Android forensic and security assessment for hospital and stock-and-trade applications in thailand
Gupta et al. Machine learning forensics: A New Branch of digital forensics
CN106162083A (en) A kind of HD video overlap-add procedure system and the method carrying out safety certification thereof
JP2010073112A (en) Face collating system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination