CN111585988A - Data auditing method, device and system and computer storage medium - Google Patents

Data auditing method, device and system and computer storage medium Download PDF

Info

Publication number
CN111585988A
CN111585988A CN202010336857.6A CN202010336857A CN111585988A CN 111585988 A CN111585988 A CN 111585988A CN 202010336857 A CN202010336857 A CN 202010336857A CN 111585988 A CN111585988 A CN 111585988A
Authority
CN
China
Prior art keywords
data
preset
information
data transmission
client
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010336857.6A
Other languages
Chinese (zh)
Inventor
朱文义
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Citic Bank Corp Ltd
Original Assignee
China Citic Bank Corp Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Citic Bank Corp Ltd filed Critical China Citic Bank Corp Ltd
Priority to CN202010336857.6A priority Critical patent/CN111585988A/en
Publication of CN111585988A publication Critical patent/CN111585988A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0236Filtering by address, protocol, port number or service, e.g. IP-address or URL
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0245Filtering by information in the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a data auditing method, which is applied to an auditing server and comprises the following steps: the method comprises the steps that an auditing server receives to-be-audited data generated by a client, wherein the to-be-audited data comprises client address information and at least one of data flow direction information, data transmission mode information and data transmission protocol information; analyzing the data to be checked to obtain client address information and at least one of data flow direction information, data transmission mode information or data transmission protocol information; checking whether the client address data accords with a preset address matching rule; and returning an audit result, if the client address data does not accord with the preset address matching rule, judging that the audit result does not pass, and sending the audit result to the client. The invention can automatically complete data audit according to the preset rule, saves communication time and solves the problem of inaccurate audit caused by the service level and negligence of auditors during manual audit.

Description

Data auditing method, device and system and computer storage medium
Technical Field
The present invention relates to the field of computer technologies, and in particular, to a data auditing method, apparatus, system, and computer storage medium.
Background
With the wide application of office automation and networks, the information exchange inside enterprises is realized through electronic flow, data meeting safety standards is required in the interaction of the electronic flow, the application system is generally required to submit network safety audit in a mail form before online, the audit work is generally completed by manual audit of a safety team, the audit process period is long, and the relevant requirements of quick development inside the enterprises are not met.
How to realize automatic data auditing becomes a technical problem which needs to be solved urgently by enterprises.
Disclosure of Invention
In order to improve the deficiencies of the related art, the invention aims to provide a data auditing method applied to an auditing server, wherein the method comprises the following steps:
the method comprises the steps that an auditing server receives to-be-audited data generated by a client, wherein the to-be-audited data comprises client address information and at least one of data flow direction information, data transmission mode information and data transmission protocol information;
analyzing the data to be checked to obtain client address information and at least one of data flow direction information, data transmission mode information or data transmission protocol information;
checking whether the client address data accords with a preset address matching rule;
and returning an audit result, if the client address data does not accord with the preset address matching rule, judging that the audit result does not pass, and sending the audit result to the client.
And if the client address data conforms to a preset address matching rule, further checking whether the data flow direction information, the data transmission mode information and the data transmission protocol information conform to a preset data flow direction, a preset data transmission mode and a preset data transmission protocol, and sending a checking result to the client.
Further, receiving a preset address matching rule, a preset data flow direction, a preset data transmission mode and a preset data transmission protocol configured by the management end, and implementing auditing by the auditing server according to the preset address matching rule, the preset data flow direction, the preset data transmission mode and the preset data transmission protocol configured by the management end.
Another aspect of the present disclosure provides a data auditing method applied to a client, where the method includes the following steps:
generating data to be audited by a client, wherein the data to be audited comprises client address information and at least one of data flow direction information, data transmission mode information and data transmission protocol information;
sending the data to be audited to an auditing server, and analyzing the data to be audited by the auditing server to obtain client address information and at least one of data flow direction information, data transmission mode information or data transmission protocol information; the auditing server audits whether the client address data conforms to a preset address matching rule;
and receiving an audit result returned by the audit server, wherein if the client address data does not accord with the preset address matching rule, the audit result is not passed.
If the client address data conforms to a preset address matching rule, further checking whether the data flow direction information, the data transmission mode information and the data transmission protocol information conform to a preset data flow direction, a preset data transmission mode and a preset data transmission protocol, and receiving the checking result sent by the checking server by the client.
Further, the auditing server receives a preset address matching rule, a preset data flow direction, a preset data transmission mode and a preset data transmission protocol configured by the management end, and implements auditing according to the preset address matching rule, the preset data flow direction, the preset data transmission mode and the preset data transmission protocol configured by the management end.
A third aspect of the present disclosure provides a data auditing apparatus applied to an auditing server, the apparatus including:
the system comprises a receiving module, a verification module and a verification module, wherein the receiving module is used for receiving the to-be-verified data generated by a client, and the to-be-verified data comprises client address information and at least one of data flow direction information, data transmission mode information and data transmission protocol information;
the analysis module is used for analyzing the data to be checked to obtain client address information and at least one of data flow direction information, data transmission mode information or data transmission protocol information;
the auditing module is used for auditing whether the client address data conforms to a preset address matching rule;
and the sending module is used for returning an audit result, if the address data of the client does not accord with the preset address matching rule, the audit result is not passed, and the audit result is sent to the client.
A fourth aspect of the present disclosure provides a data auditing apparatus applied to a client, where the apparatus includes:
the data generating module is used for generating data to be audited by the client, wherein the data to be audited comprises client address information and at least one of data flow direction information, data transmission mode information and data transmission protocol information;
the auditing server analyzes the data to be audited to obtain client address information and at least one of data flow direction information, data transmission mode information or data transmission protocol information; the auditing server audits whether the client address data conforms to a preset address matching rule;
and the receiving module is used for receiving the auditing result returned by the auditing server, and if the client address data does not accord with the preset address matching rule, the auditing result is not passed.
A fifth aspect of the present disclosure provides a data auditing system, which includes a client, an auditing server and a management end,
the client generates data to be audited, wherein the data to be audited comprises client address information and at least one of data flow direction information, data transmission mode information and data transmission protocol information;
the auditing server receives and analyzes the data to be audited, analyzes and obtains client address information and at least one of data flow direction information, data transmission mode information or data transmission protocol information;
the auditing server audits whether the client address data conforms to a preset address matching rule, if the client address data does not conform to the preset address matching rule, the auditing result is not passed, and the auditing result is sent to the client;
the management terminal is configured with a preset address matching rule, a preset data flow direction, a preset data transmission mode and a preset data transmission protocol, and the auditing server conducts auditing according to the preset address matching rule, the preset data flow direction, the preset data transmission mode and the preset data transmission protocol configured by the management terminal.
A sixth aspect of the present invention provides a computer storage medium storing a computer program which, when executed by a processor, implements the data auditing method of any one of the above.
By adopting the technical scheme of any aspect of the disclosure, data auditing can be automatically completed according to the preset rule, communication time is saved, and the problem of inaccurate and inaccurate auditing caused by the service level and negligence of auditors during manual auditing is solved.
Drawings
FIG. 1 is a schematic diagram of a data auditing process applied to an auditing server in embodiment 1
FIG. 2 is a schematic diagram of a data auditing process applied to a client according to embodiment 2
FIG. 3 is a schematic diagram of a data auditing device applied to an auditing server
FIG. 4 is a schematic diagram of a data auditing apparatus applied to a client
FIG. 5 is a schematic diagram of a data auditing system
Detailed Description
The embodiments of the invention will be described in detail below with reference to the drawings, but the invention can be implemented in many different ways as defined and covered by the claims.
Example 1:
the following is a schematic illustration of the technical solution of the present example with reference to fig. 1, where the data auditing method of the present example is applied to an auditing server, and the method includes the following steps:
step S101, an auditing server receives to-be-audited data generated by a client, wherein the to-be-audited data comprises client address information and at least one of data flow direction information, data transmission mode information and data transmission protocol information.
The unification and standardization of the format of the data to be audited have an important effect on the efficiency and accuracy of data auditing, and if the data to be audited provided by project personnel, such as input documents, are not standard and not standard, the communication link of the auditing process is more and the efficiency is low. Therefore, when the client generates data, the data generation can be completed by means of a standardized data generation tool, and in order to reduce the need that parameters of the data generation tool need to be configured one by one at each client inside an enterprise, the parameters of the data generation tool can be uniformly configured through the cloud.
Project technicians draw the application system architecture diagram through a drawing tool and a drawing interface provided by HTML and SVG technologies at a client, and a standardized application system architecture diagram can be generated through the drawing tool and the drawing interface.
In this example, the client address information in the pending data is an IP address of the client, and the data flow direction information refers to a data flow direction between systems in the drawn application system architecture diagram, and may be unidirectional flow or bidirectional flow. The data transmission mode may be online message or file transmission, the data transmission protocol may be HTTP or HTTPs, FTP or SFTP, TCP or TCPs, and the like, in this embodiment, the data including the above contents is defined as access relationship data between application systems, and the client is a device for a user to make audit data to be audited and to look up a download audit result, so the client in this embodiment may also provide audit result viewing and downloading functions.
Step S102, analyzing the data to be checked to obtain client address information and at least one of data flow direction information, data transmission mode information or data transmission protocol information.
The auditing server analyzes the data to be audited after receiving the data to be audited, extracts key information in the data to be audited, such as IP address data of the client, data flow direction information, data transmission information and data transmission protocol information among all application systems, and can process all the information into a preset format so as to be convenient for matching with rules in a rule base in the next step.
Step S103, checking whether the client address data conforms to a preset address matching rule; the auditing means that the analyzed data to be audited, such as IP address data, data flow direction information, data transmission mode information or data transmission protocol information of the client, is compared with corresponding rules in a rule base, and a preset rule is judged if the rule is full, such as whether the IP address data of the client is in a preset address partition list, wherein the partition means that some IP addresses are divided into a set, for example, a system A located in an office network in a designed application system architecture plans to access a system B located in a production network, if the office network and the production network are two different partitions in the preset rule, the IP address of the system A of the office network and the IP address of the system B of the production network belong to different partitions and do not meet the preset address rule, the access can be prevented, and at the moment, the auditing server sends auditing results to the client to prompt that the system A and the system B of the client do not belong to the same partition, it is proposed to deploy the a-system in the production area.
And step S104, returning an audit result, if the client address data does not accord with the preset address matching rule, judging that the audit result is not passed, and sending the audit result to the client.
Step S105, if the client address data conforms to a preset address matching rule, further checking whether the data flow direction information, the data transmission mode information and the data transmission protocol information conform to a preset data flow direction, a preset data transmission mode and a preset data transmission protocol, and sending a checking result to the client.
After the address of the client is checked, if the address of the client is in the specified address list, the client is considered to be in an allowed area, and at this time, whether the data flow direction among the systems meets the preset data flow direction rule or not can be further checked, in actual needs, unidirectional transmission is required between some application systems, and bidirectional transmission is required for some application systems, so that the data flow direction rule needs to be set, and the data flow direction of the deployed application system architecture is ensured to be correct. Similarly, the data transmission mode needs to be matched with the preset data transmission mode, and the output transmission protocol also needs to meet the preset protocol rule. Through client address verification and at least one verification mode of data flow verification, data transmission mode verification and data transmission protocol verification, a double or multiple verification mode is provided, and the designed application system architecture can be ensured to meet the safety requirement. Moreover, the verification mode in the example is gradual layer by layer, so that the computation amount of the verification data can be reduced.
In order to flexibly configure the rule, the rule in this embodiment is configured by the management end, the auditing server receives the preset address matching rule, the preset data flow direction, the preset data transmission mode and the preset data transmission protocol configured by the management end, and the auditing server performs auditing according to the preset address matching rule, the preset data flow direction, the preset data transmission mode and the preset data transmission protocol configured by the management end.
In some scenarios, the matching rule needs to be changed or optimized, and at this time, the management terminal configures the corresponding rule, for example, configures the preset address matching rule, the preset data flow direction, the preset data transmission mode, and the preset data transmission protocol. The management terminal can consult or download the auditing result of the auditing server for global management.
Example 2
The embodiment provides a data auditing method, which is applied to a client side and comprises the following steps:
step S201, a client generates data to be audited, wherein the data to be audited comprises client address information and at least one of data flow direction information, data transmission mode information and data transmission protocol information;
the unification and standardization of the format of the data to be audited have an important effect on the efficiency and accuracy of data auditing, and if the data to be audited provided by project personnel, such as input documents, are not standard and not standard, the communication link of the auditing process is more and the efficiency is low. For this reason, when the client generates data, a standardized data generation tool may be used, and in order to reduce the need for configuring data generation tool parameters one by one at each client inside an enterprise, the data generation tool parameters may be uniformly configured through the cloud, which is described herein by taking an example of drawing a deployment application system architecture diagram and sending an audit.
Project technicians draw the application system architecture diagram through a drawing tool and a drawing interface provided by HTML and SVG technologies at a client, and a standardized application system architecture diagram can be generated through the drawing tool and the drawing interface.
In this example, the client address information in the pending data is an IP address of the client, and the data flow direction information refers to a data flow direction between systems in the drawn application system architecture diagram, and may be unidirectional flow or bidirectional flow. The data transmission mode may be online message or file transmission, the data transmission protocol may be HTTP or HTTPs, FTP or SFTP, TCP or TCPs, and the like, in this embodiment, the data including the above contents is defined as access relationship data between application systems, and the client is a device for a user to make audit data to be audited and to look up a download audit result, so the client in this embodiment may also provide audit result viewing and downloading functions.
Step S202, sending the data to be audited to an auditing server, and analyzing the data to be audited by the auditing server to obtain client address information and at least one of data flow direction information, data transmission mode information or data transmission protocol information; the auditing server audits whether the client address data conforms to a preset address matching rule;
the auditing server receives the data to be audited sent by the client and analyzes the data to be audited, extracts key information in the data to be audited, such as IP address data of the client, data flow direction information among application systems, data transmission information and data transmission protocol information, and can process all kinds of information into a preset format to facilitate matching with rules in a rule base in the next step.
Step S203, checking whether the client address data conforms to a preset address matching rule, wherein the checking refers to comparing the analyzed data to be checked, such as the IP address data, the data flow direction information, the data transmission mode information or the data transmission protocol information of the client, with the corresponding rule in the rule base, and judging whether the data is full or not, such as judging whether the IP address data of the client is in a preset address partition list, wherein the partition refers to dividing some IP addresses into a set, such as a system A in an office network in a designed application system architecture planning to access a system B in a production network, if the office network and the production network are two different partitions in the preset rule, the system A IP address of the office network and the system B IP address of the production network belong to different partitions, do not meet the preset address rule, the access is prevented, and at this time, the checking server sends a checking result to the client, and prompting that the system A and the system B of the client do not belong to the same partition, and suggesting that the system A is deployed in a production area.
And step S204, receiving an audit result returned by the audit server, wherein if the client address data does not accord with the preset address matching rule, the audit result is not passed.
Step S205, if the client address partition data conforms to a preset address matching rule, further checking whether the data flow direction information, the data transmission mode information, and the data transmission protocol information conform to a preset data flow direction, a preset data transmission mode, and a preset data transmission protocol, and sending a checking result to the client.
After the address of the client is checked, if the address of the client is in the specified address list, the client 10 is considered to be in an allowed area, and at this time, whether the data flow direction between the systems meets the preset data flow direction rule or not can be further checked, in actual needs, unidirectional transmission is required between some application systems, and bidirectional transmission is required for some application systems, so that the data flow direction rule needs to be set, and the data flow direction of the deployed application system architecture is ensured to be correct. Similarly, the data transmission mode needs to be matched with the preset data transmission mode, and the output transmission protocol also needs to meet the preset protocol rule. Through client address verification and at least one verification mode of data flow verification, data transmission mode verification and data transmission protocol verification, a double or multiple verification mode is provided, and the designed application system architecture can be ensured to meet the safety requirement. Moreover, the verification mode in the example is gradual layer by layer, so that the computation amount of the verification data can be reduced.
In order to flexibly configure the rule, the rule in this embodiment is configured by the management end 30, the auditing server 20 receives the preset address partition matching rule, the preset data flow direction, the preset data transmission mode and the preset data transmission protocol configured by the management end 30, and the auditing server 20 performs auditing according to the preset address partition matching rule, the preset data flow direction, the preset data transmission mode and the preset data transmission protocol configured by the management end 30.
In some scenarios, the matching rule needs to be changed or optimized, and at this time, the management terminal 30 configures the corresponding rule, for example, configures the preset address matching rule, the preset data flow direction, the preset data transmission mode, and the preset data transmission protocol through the management terminal 30. The management end 30 can review or download the audit result of the audit server for global management.
Example 3
As shown in fig. 3, the present example provides a data auditing apparatus 3, which is applied to an auditing server 20, and the apparatus 3 includes:
the receiving module 31 is configured to receive to-be-audited data generated by a client, where the to-be-audited data includes client address information and at least one of data flow direction information, data transmission mode information, and data transmission protocol information;
the analysis module 32 is configured to analyze the to-be-audited data to obtain client address information and at least one of data flow direction information, data transmission mode information, or data transmission protocol information;
the auditing module 33 is used for auditing whether the client address data conforms to a preset address matching rule;
and the sending module 34 is configured to return an audit result, and if the client address data does not meet the preset address matching rule, the audit result is not passed, and the audit result is sent to the client.
Example 4
The embodiment provides a data auditing device 4, which is applied to a client 10, and the device comprises:
the data generating module 41 is configured to generate data to be audited by a client, where the data to be audited includes client address information and at least one of data flow direction information, data transmission mode information, and data transmission protocol information;
a sending module 42, configured to send the data to be audited to an audit server, where the audit server parses the data to be audited to obtain client address information and at least one of data flow direction information, data transmission mode information, or data transmission protocol information; the auditing server audits whether the client address data conforms to a preset address matching rule;
and the receiving module 43 is configured to receive an audit result returned by the audit server, and if the client address data does not meet the preset address matching rule, the audit result is not passed.
EXAMPLE five
A fifth aspect of the present disclosure provides a data auditing system, as shown in fig. 5, including a client 10, an auditing server 20, and a management end 30, where the client 10 sends data to be audited to the auditing server 20 for auditing, and the management end 30 configures auditing rules and sends the auditing rules to the auditing server 20 for auditing the data to be audited. Both the client 10 and the administration end 30 may review or download audit reports generated by the audit server 20.
The client 10 generates data to be audited, wherein the data to be audited includes client address information and at least one of data flow direction information, data transmission mode information and data transmission protocol information.
The auditing server 20 receives and analyzes the data to be audited, and analyzes to obtain client address information and at least one of data flow direction information, data transmission mode information or data transmission protocol information; the analyzed data to be examined is further used for matching verification with the rules.
The specific auditing server 20 audits whether the client address data conforms to a preset address matching rule, if the client address data does not conform to the preset address matching rule, the auditing result is not passed, and the auditing result is sent to the client 10. And if the client address data conforms to a preset address matching rule, further checking whether the data flow direction information, the data transmission mode information and the data transmission protocol information conform to a preset data flow direction, a preset data transmission mode and a preset data transmission protocol, and sending a checking result to the client.
The management terminal 30 configures a preset address matching rule, a preset data flow direction, a preset data transmission mode and a preset data transmission protocol, and the auditing server performs auditing according to the preset address matching rule, the preset data flow direction, the preset data transmission mode and the preset data transmission protocol configured by the management terminal.
Example 6
A sixth aspect of the present invention provides a computer storage medium storing a computer program which, when executed by a processor, implements the data auditing method of any one of the above.
By adopting the technical scheme of any aspect of the disclosure, data auditing can be automatically completed according to the preset rule, communication time is saved, and the problem of inaccurate and inaccurate auditing caused by the service level and negligence of auditors during manual auditing is solved.
It should be understood that, although the steps in the flowcharts of the figures are shown in order as indicated by the arrows, the steps are not necessarily performed in order as indicated by the arrows. The steps are not performed in the exact order shown and may be performed in other orders unless explicitly stated herein. Moreover, at least a portion of the steps in the flow chart of the figure may include multiple sub-steps or multiple stages, which are not necessarily performed at the same time, but may be performed at different times, which are not necessarily performed in sequence, but may be performed alternately or alternately with other steps or at least a portion of the sub-steps or stages of other steps.
The foregoing is only a partial embodiment of the present application, and it should be noted that, for those skilled in the art, various modifications and decorations can be made without departing from the principle of the present application, and these modifications and decorations should also be regarded as the protection scope of the present application.

Claims (10)

1. A data auditing method is applied to an auditing server and is characterized by comprising the following steps:
the method comprises the steps that an auditing server receives to-be-audited data generated by a client, wherein the to-be-audited data comprises client address information and at least one of data flow direction information, data transmission mode information and data transmission protocol information;
analyzing the data to be checked to obtain client address information and at least one of data flow direction information, data transmission mode information or data transmission protocol information;
checking whether the client address data accords with a preset address matching rule;
and sending an audit result, if the client address data does not accord with the preset address matching rule, the audit result is not passed, and the audit result is sent to the client.
2. A data auditing method according to claim 1, characterised in that: and if the client address data conforms to a preset address matching rule, further checking whether the data flow direction information, the data transmission mode information and the data transmission protocol information conform to a preset data flow direction, a preset data transmission mode and a preset data transmission protocol, and sending a checking result to the client.
3. A data auditing method according to claim 1, characterised in that: and receiving a preset address matching rule, a preset data flow direction, a preset data transmission mode and a preset data transmission protocol configured by the management terminal, and implementing auditing by the auditing server according to the preset address matching rule, the preset data flow direction, the preset data transmission mode and the preset data transmission protocol configured by the management terminal.
4. A data auditing method is applied to a client, and is characterized by comprising the following steps:
generating data to be audited by a client, wherein the data to be audited comprises client address information and at least one of data flow direction information, data transmission mode information and data transmission protocol information;
sending the data to be audited to an auditing server, and analyzing the data to be audited by the auditing server to obtain client address information and at least one of data flow direction information, data transmission mode information or data transmission protocol information;
the auditing server audits whether the client address data conforms to a preset address matching rule;
and receiving an audit result returned by the audit server, wherein if the client address data does not accord with the preset address matching rule, the audit result is not passed.
5. A data auditing method according to claim 4, characterised in that: if the client address data accords with a preset address matching rule, further checking whether the data flow direction information, the data transmission mode information and the data transmission protocol information accord with a preset data flow direction, a preset data transmission mode and a preset data transmission protocol, and the client receives the checking result sent by the checking server.
6. A data auditing method according to claim 4, characterised in that: the auditing server receives a preset address matching rule, a preset data flow direction, a preset data transmission mode and a preset data transmission protocol configured by the management end, and implements auditing according to the preset address matching rule, the preset data flow direction, the preset data transmission mode and the preset data transmission protocol configured by the management end.
7. A data auditing device, characterized by: applied to the auditing server, the device comprises:
the system comprises a receiving module, a verification module and a verification module, wherein the receiving module is used for receiving the to-be-verified data generated by a client, and the to-be-verified data comprises client address information and at least one of data flow direction information, data transmission mode information and data transmission protocol information;
the analysis module is used for analyzing the data to be checked to obtain client address information and at least one of data flow direction information, data transmission mode information or data transmission protocol information;
the auditing module is used for auditing whether the client address data conforms to a preset address matching rule;
and the sending module is used for sending an audit result, if the client address data does not accord with the preset address matching rule, the audit result is not passed, and the audit result is sent to the client.
8. A data auditing device, characterized by: applied to a client, the device comprises:
the data generating module is used for generating data to be audited by the client, wherein the data to be audited comprises client address information and at least one of data flow direction information, data transmission mode information and data transmission protocol information;
the auditing server analyzes the data to be audited to obtain client address information and at least one of data flow direction information, data transmission mode information or data transmission protocol information;
the auditing server audits whether the client address data conforms to a preset address matching rule;
and the receiving module is used for receiving the auditing result sent by the auditing server, and if the client address data does not accord with the preset address matching rule, the auditing result is not passed.
9. A data auditing system comprises a client, an auditing server and a management end, and is characterized in that:
the client generates data to be audited, wherein the data to be audited comprises client address information and at least one of data flow direction information, data transmission mode information and data transmission protocol information;
the auditing server receives and analyzes the data to be audited, analyzes and obtains client address information and at least one of data flow direction information, data transmission mode information or data transmission protocol information;
the auditing server audits whether the client address data conforms to a preset address matching rule, if the client address data does not conform to the preset address matching rule, the auditing result is not passed, and the auditing result is sent to the client;
the management terminal is configured with a preset address matching rule, a preset data flow direction, a preset data transmission mode and a preset data transmission protocol, and the auditing server conducts auditing according to the preset address matching rule, the preset data flow direction, the preset data transmission mode and the preset data transmission protocol configured by the management terminal.
10. A computer storage medium storing a computer program, characterized in that the computer program, when executed by a processor, implements the method according to any one of claims 1 to 6.
CN202010336857.6A 2020-04-25 2020-04-25 Data auditing method, device and system and computer storage medium Pending CN111585988A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010336857.6A CN111585988A (en) 2020-04-25 2020-04-25 Data auditing method, device and system and computer storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010336857.6A CN111585988A (en) 2020-04-25 2020-04-25 Data auditing method, device and system and computer storage medium

Publications (1)

Publication Number Publication Date
CN111585988A true CN111585988A (en) 2020-08-25

Family

ID=72124519

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010336857.6A Pending CN111585988A (en) 2020-04-25 2020-04-25 Data auditing method, device and system and computer storage medium

Country Status (1)

Country Link
CN (1) CN111585988A (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104504079A (en) * 2014-12-24 2015-04-08 盐城工学院 Drawing and document data outgoing method based on PDM (pulse duration modulation)
WO2015052286A1 (en) * 2013-10-11 2015-04-16 Marx Erik Method for an electronic auditing
CN106375437A (en) * 2016-08-31 2017-02-01 上海银天下科技有限公司 Data auditing method and apparatus
CN108427733A (en) * 2018-02-28 2018-08-21 网易(杭州)网络有限公司 The setting method of auditing rule, device and system, equipment, storage medium
CN109194771A (en) * 2018-11-09 2019-01-11 海南高灯科技有限公司 A kind of neocaine bids to host method, apparatus, server and storage medium
CN109508949A (en) * 2018-10-09 2019-03-22 四川航天信息有限公司 A kind of credit Methods of initial evaluation of sci-tech and device

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015052286A1 (en) * 2013-10-11 2015-04-16 Marx Erik Method for an electronic auditing
CN104504079A (en) * 2014-12-24 2015-04-08 盐城工学院 Drawing and document data outgoing method based on PDM (pulse duration modulation)
CN106375437A (en) * 2016-08-31 2017-02-01 上海银天下科技有限公司 Data auditing method and apparatus
CN108427733A (en) * 2018-02-28 2018-08-21 网易(杭州)网络有限公司 The setting method of auditing rule, device and system, equipment, storage medium
CN109508949A (en) * 2018-10-09 2019-03-22 四川航天信息有限公司 A kind of credit Methods of initial evaluation of sci-tech and device
CN109194771A (en) * 2018-11-09 2019-01-11 海南高灯科技有限公司 A kind of neocaine bids to host method, apparatus, server and storage medium

Similar Documents

Publication Publication Date Title
CN105335293A (en) Automatic testing system and method based on parallel ports
CN104601403A (en) Automatic test system
CN109150610B (en) Network event acquisition method based on rule adaptation
CN105052076B (en) Network element management system and network element management method based on cloud computing
CN111106899B (en) Data verification method and device in Internet of things, computer equipment and storage medium
Kumar et al. Performance analysis of an unreliable M/G/1 retrial queue with two-way communication
CN107623599B (en) Data configuration method and system
CN110909013A (en) Service list generation method, device, equipment and computer readable storage medium
US20150317127A1 (en) System for metamodeling unification
CN113190513A (en) Data integration system and method
US20160092604A1 (en) Method for metamodeling unification
EP2563061B1 (en) Data cut-over method and apparatus
CN105260168B (en) Log-output method and device
CN115794106A (en) Method and system for analyzing configuration of binary protocol data of rail transit
Safonova On one approach to modeling enterprise-wide function-oriented computer networks
CN113746684A (en) Network equipment management method and device, computer equipment and storage medium
CN108712306A (en) A kind of information system automation inspection platform and method for inspecting
CN112732372A (en) Service calling method and device and server
CN111585988A (en) Data auditing method, device and system and computer storage medium
CN111045928A (en) Interface data testing method, device, terminal and storage medium
CN105656706B (en) Service data processing method and device
CN110209722A (en) A kind of data-interface for data exchange
CN115114271A (en) Data standard system construction method and device, storage medium and electronic equipment
CN111324654A (en) Interface calling method, system, computer device and computer readable storage medium
US9535414B2 (en) System and method for distributing and exchanging elements for planning and/or for operating automation operating equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20200825

RJ01 Rejection of invention patent application after publication