CN111967024A - File sensitive data protection method and device - Google Patents

Abstract

The invention provides a method and a device for protecting sensitive data of a file, wherein the method comprises the following steps: confirming the security level of the uploaded file and judging whether the confirmed security level is reasonable or not; traversing the confirmed file with reasonable security level to discover sensitive data in the file; classifying and sorting the found sensitive data according to different data characteristics in the sensitive data; and protecting the file corresponding to the sorted sensitive data by data desensitization or data encryption or data desensitization and encryption. For the personnel with different grades, the grading decryption access control of the confidential documents is realized, namely, the personnel with different security grades can obtain different decryption information when decrypting the same confidential documents. The ability to perform hierarchical decryption. The flexibility and the safety of the access control of the encrypted file in the transmission and sharing scheme are improved.

Description

File sensitive data protection method and device

Technical Field

The invention relates to the technical field of data security management, in particular to a method and a device for protecting sensitive data of a file.

Background

Documents are stored in a computer system and transmitted and exchanged through a computer network, wherein data such as national secrets, business information, personal privacy and the like cause immeasurable loss once being illegally stolen or deleted. And establishing multi-level security levels for the files, and grading the users at the same time to ensure that the user authority corresponds to the file levels. So as to control and manage the authority of the user and reduce or prevent attacks.

Most companies today focus on peripheral security and terminal defense, purchase antivirus software or firewalls, and securely configure network devices. This prevention approach has limited implementation for central asset data in various industries. Along with the period of big data, the value of private data is higher and higher, and attention should be paid to protecting the leakage risk of sensitive data to achieve expected safety benefits.

Disclosure of Invention

Most companies today focus on peripheral security and terminal defense, purchase antivirus software or firewalls, and securely configure network devices. For central asset data of various industries, the prevention method has limited realization capability, and the invention provides a method and a device for protecting file sensitive data.

The technical scheme of the invention is as follows:

in one aspect, the present invention provides a method for protecting file sensitive data, including the following steps:

confirming the security level of the uploaded file and judging whether the confirmed security level is reasonable or not;

traversing the confirmed file with reasonable security level to discover sensitive data in the file;

classifying and sorting the found sensitive data according to different data characteristics in the sensitive data;

and protecting the file corresponding to the sorted sensitive data by data desensitization or data encryption or data desensitization and encryption.

Further, the steps of confirming the security level of the uploaded file and judging whether the confirmed security level is reasonable comprise:

in order to meet the problem that tasks mentioned in files with high security levels need to be completed by people with different security levels, the security levels of the files and the corresponding security levels of the people are divided;

for different security levels, corresponding security level sensitive information tables are created. The sensitive information table includes common sensitive data such as: sensitive data such as name, certificate number, bank account, amount of money, date, address, telephone number, Email address, license plate number, frame number, enterprise name, business registration number, organization code, taxpayer identification number and the like are used for establishing a one-to-one corresponding table.

Further, the steps of confirming the security level of the uploaded file and judging whether the confirmed security level is reasonable or not include:

confirming the security level of the uploaded file;

judging whether the confirmed file security level is reasonable or not according to the security level sensitive information table; wherein, the judgment rule is as follows: and the method and the device prevent low-security-level personnel from uploading high-security-level files, prevent the high-security-level files from being classified into low-security-level files or prevent the low-security-level personnel from operating the high-security-level files. And personnel with different security levels can check files with different levels, so that the flexibility and the security of access control of the encrypted files in a transmission and sharing scheme are improved.

Further, in the step of traversing the confirmed file with reasonable security level to discover the sensitive data in the file, according to the sensitive data rule in the sensitive information table, traversing the confirmed file with reasonable security level to discover the sensitive data in the file, the specific discovery step includes:

traversing all the line numbers of the confirmed file with reasonable security level;

taking out data of each column to match the field dictionary;

matching all the discovery rules, and marking the matching result of each discovery rule;

after all the line numbers of the file with reasonable security level are judged, the discovery result of each column is judged: and comparing the matching rate and the comparison priority with the same matching rate according to the matching result, judging whether the data matching result of each row of marks reaches a set threshold, if so, determining the final finding result and marking the type of the sensitive data according to the finding result.

Further, the step of traversing all the rows of the confirmed file with reasonable security level comprises:

setting delimiters, surrounding characters, line feed characters and character sets of the file;

judging whether the file has a header, if so, skipping a first line, and executing the following steps: traversing all the line numbers of the confirmed file with reasonable security level; if not, directly executing the following steps: and traversing all the rows of the confirmed files with reasonable security level.

Further, the method further comprises:

and uploading the protected file for sharing. And the decryption is used by people with different security levels.

On the other hand, the invention provides a file sensitive data protection device, which comprises a security level judgment and confirmation module, a sensitive data discovery module, a classification and arrangement module and a protection module;

the security level judgment and confirmation module is used for confirming the security level of the uploaded file and judging whether the confirmed security level is reasonable or not;

the sensitive data discovery module is used for traversing the confirmed files with reasonable security levels to discover sensitive data in the files;

the classification and arrangement module is used for classifying and arranging the found sensitive data according to different data characteristics in the sensitive data;

and the protection module is used for protecting the files corresponding to the sorted sensitive data through data desensitization or data encryption or data desensitization and encryption. The quick and accurate positioning of sensitive information and the multi-information association determination are realized.

Furthermore, the device also comprises a grading module and a sensitive information table creating module;

the grade division module is used for dividing the safety grade of the file and the corresponding personnel safety grade;

the sensitive information table creating module is used for creating corresponding security level sensitive information tables for different security levels;

the safety grade judging and confirming module comprises a confirming unit and a judging unit;

the confirming unit is used for confirming the security level of the uploaded file;

the judging unit is used for judging whether the confirmed file security level is reasonable or not according to the security level sensitive information table; wherein, the judgment rule is as follows: and the method and the device prevent low-security-level personnel from uploading high-security-level files, prevent the high-security-level files from being classified into low-security-level files or prevent the low-security-level personnel from operating the high-security-level files. For the personnel with different grades, the hierarchical access control of the confidential documents is realized, namely, the personnel with different security grades can obtain different decryption information when decrypting the same confidential documents.

Furthermore, the sensitive data discovery module comprises a traversal unit, a matching unit, a marking unit and a sensitive data confirmation unit;

the traversing unit is used for traversing all the line numbers of the confirmed file with reasonable security level;

the matching unit is used for taking out the data of each column to match the field dictionary;

the marking unit is used for matching all the discovery rules and marking the matching result of each discovery rule;

and the sensitive data confirmation unit is used for judging the discovery result of each column after all the rows of the file with reasonable security level are traversed and confirmed: and comparing the matching rate and the comparison priority with the same matching rate according to the matching result, judging whether the data matching result of each row of marks reaches a set threshold, if so, determining the final finding result and marking the type of the sensitive data according to the finding result.

Furthermore, the device also comprises a file uploading module, and the file uploading module is used for uploading and sharing the protected files.

According to the technical scheme, the invention has the following advantages: the method combines file discovery, file desensitization, file classification and file encryption to realize file confidentiality, integrity, usability, security sharing, file classification and work requirements under special conditions, realizes quick and accurate positioning of sensitive information and multi-information association determination, prevents disclosure of national confidentiality, and has a positive promoting effect on national security. For the personnel with different grades, the grading decryption access control of the confidential documents is realized, namely, the personnel with different security grades can obtain different decryption information when decrypting the same confidential documents. The ability to perform hierarchical decryption. The flexibility and the safety of the access control of the encrypted file in the transmission and sharing scheme are improved.

In addition, the invention has reliable design principle, simple structure and very wide application prospect.

Therefore, compared with the prior art, the invention has prominent substantive features and remarkable progress, and the beneficial effects of the implementation are also obvious.

Drawings

In order to more clearly illustrate the embodiments or technical solutions in the prior art of the present invention, the drawings used in the description of the embodiments or prior art will be briefly described below, and it is obvious for those skilled in the art that other drawings can be obtained based on these drawings without creative efforts.

FIG. 1 is a schematic flow diagram of a method of one embodiment of the invention.

Fig. 2 is a schematic block diagram of an apparatus of one embodiment of the present invention.

Detailed Description

In order to make those skilled in the art better understand the technical solution of the present invention, the technical solution in the embodiment of the present invention will be clearly and completely described below with reference to the drawings in the embodiment of the present invention, and it is obvious that the described embodiment is only a part of the embodiment of the present invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.

As shown in fig. 1, an embodiment of the present invention provides a method for protecting file sensitive data, including the following steps:

s1: confirming the security level of the uploaded file and judging whether the confirmed security level is reasonable or not;

s2: traversing the confirmed file with reasonable security level to discover sensitive data in the file;

s3: classifying and sorting the found sensitive data according to different data characteristics in the sensitive data;

according to different data characteristics in the file, common sensitive data such as names, certificate numbers, bank accounts, amounts, dates, addresses, telephone numbers, Email addresses, license plate numbers, frame numbers, enterprise names, business registration numbers, organization codes, taxpayer identification numbers and the like are classified. Particularly, for a table containing sensitive columns or an object with a higher sensitivity score, the division condition of the access right is emphatically monitored. The authorized user can normally use the sensitive data, the unauthorized user needs to initiate an examination and approval request to use the sensitive data, and the sensitive data cannot be used if the examination and approval is not passed.

S4: and protecting the file corresponding to the sorted sensitive data by data desensitization or data encryption or data desensitization and encryption.

In some embodiments, the steps of validating the security level of the uploaded file and determining whether the validated security level is reasonable may be preceded by:

in order to meet the problem that tasks mentioned in files with high security levels need to be completed by people with different security levels, the security levels of the files and the corresponding security levels of the people are divided;

for different security levels, corresponding security level sensitive information tables are created. The sensitive information table includes common sensitive data such as: sensitive data such as name, certificate number, bank account, amount of money, date, address, telephone number, Email address, license plate number, frame number, enterprise name, business registration number, organization code, taxpayer identification number and the like are used for establishing a one-to-one corresponding table.

The method comprises the following specific steps: the file security level can be divided into the following steps from high to low: the file security level one > the file security level two > the file security level three > the file security level four > the file security level five; the corresponding personnel security level can be divided into: personnel security first grade > personnel security second grade > personnel security third grade > personnel security fourth grade > personnel security fifth grade. The security personnel can process the files with the file security level not higher than the security level of the files corresponding to the user and can not process the files with the file security level higher than the security level of the files corresponding to the user.

Creating a file sensitive information table with different security levels:

file security first-level sensitive information table: (e.g., core technology OR (Special AND breakthrough) OR leader directive, … …).

File security second-level sensitive information table: (e.g., check OR problem) AND (technical AND 6S) OR finance).

File security three-level sensitive information table: (e.g., criticality AND harmfulness … …).

Document security level four sensitive information table: (e.g., internal round robin OR problem AND arbitration … …).

File security five-level sensitive information table: (e.g., morning vacation notice OR national vacation notice OR spring vacation notice … …).

Taking a file security secondary sensitive information table as an example, an access tree and a computable linear algebraic matrix are constructed, transverse vectors represented by all information are added, and whether the information can be converted into a unit vector (1,0,0,0) or not is judged. Such as the presence ("detection", "technical") information in the file. The represented vectors (1,1,0), (0, -1,0) are added to obtain a vector (1,0,0) indicating that medium and high level sensitive information can be located when simultaneous occurrences ("detection", "technique") occur in the file. The computable linear algebraic matrix is obtained by converting a monotonic Boolean function into an access tree, wherein the access trees are binary trees: each internal node is in a logical relation of AND OR OR, the leaf nodes correspond to information, AND after the conversion is completed, the access tree is converted into an equivalent matrix M; marking nodes of the access numbers by using vectors, wherein after all the nodes are marked, the vectors of leaf nodes of the marked tree form a linear matrix; when the lengths of the vectors are different, adopting 0 to fill the tail of the vector, so that the lengths of all the vectors are the same; the access tree is converted into a matrix M corresponding to the access tree, and transverse vectors of the matrix M are added, if the transverse vectors can be converted into unit vectors (1, 0., 0), the access tree indicates that the information can form sensitive information, and if the transverse vectors cannot be converted into the unit vectors, the access tree indicates that the information is not sensitive information.

In some embodiments, the steps of performing security level confirmation on the uploaded file and determining whether the confirmed security level is reasonable comprise:

confirming the security level of the uploaded file;

judging whether the confirmed file security level is reasonable or not according to the security level sensitive information table; wherein, the judgment rule is as follows: and the method and the device prevent low-security-level personnel from uploading high-security-level files, prevent the high-security-level files from being classified into low-security-level files or prevent the low-security-level personnel from operating the high-security-level files. And personnel with different security levels can check files with different levels, so that the flexibility and the security of access control of the encrypted files in a transmission and sharing scheme are improved.

In some embodiments, in the step of traversing the confirmed file with reasonable security level to discover the sensitive data in the file, according to the sensitive data rule in the sensitive information table, the step of traversing the confirmed file with reasonable security level to discover the sensitive data in the file includes:

traversing all the line numbers of the confirmed file with reasonable security level;

taking out data of each column to match the field dictionary;

matching all the discovery rules, and marking the matching result of each discovery rule;

after all the line numbers of the file with reasonable security level are judged, the discovery result of each column is judged: and comparing the matching rate and the comparison priority with the same matching rate according to the matching result, judging whether the data matching result of each row of marks reaches a set threshold, if so, determining the final finding result and marking the type of the sensitive data according to the finding result.

In some embodiments, the step of traversing all the rows of the validated reasonably secure file is preceded by:

setting delimiters, surrounding characters, line feed characters and character sets of the file;

judging whether the file has a header, if so, skipping a first line, and executing the following steps: traversing all the line numbers of the confirmed file with reasonable security level; if not, directly executing the following steps: and traversing all the rows of the confirmed files with reasonable security level.

In some embodiments, the file corresponding to the sorted sensitive data is protected by data desensitization or data encryption or data desensitization and encryption in step S4;

desensitization, wherein different sensitivity levels are designated according to different data types, a system automatically carries out sensitivity scoring on files, modes and libraries containing sensitive data, desensitization is carried out on the sensitive data, a file grading desensitization encryption method is adopted, and secondary grading of file desensitization is carried out: first, whether to desensitize and rate the file twice is selected.

When the unselected file is desensitized, jump to the encryption step.

When the file desensitization and the secondary grading are selected, desensitizing the file into security files of different grades according to the file security grade sensitive information table and the desensitization grade.

Desensitization is characterized as follows:

keeping the original characteristics of data, taking an identity card as an example, the identity card number consists of a seventeen-digit digital body code and a one-digit check code, which are respectively a region address code (6 digits), a birth date (8 digits), a sequence code (3 digits) and a check code (1 digit). Then the de-sensitization rules for the identification number need to ensure that the characteristic information remains after de-sensitization.

The consistency between the data is kept, and the data has certain relevance among different services. For example: the year and month or the relationship between the age and date of birth of the identification card. Likewise, there is a need to ensure consistency between the year and month of birth field and the date of birth contained in the identification card after desensitization of the identification card information.

Data consistency between multiple desensitizations, multiple desensitizations are performed on the same data, and it is necessary to ensure that the data for each desensitization always maintain consistency.

The specific method for desensitization is as follows:

replacing, namely replacing sensitive data found in the file with a random number, and taking the identity card as an example, replacing the random number by 8-bit birth date;

the method comprises the following steps of (1) obfuscating sensitive data found in a file by using data with the same data characteristics, and taking an identity card as an example, obfuscating 8-bit birth dates by directly using error dates with the same characteristics;

shielding, namely shielding the sensitive data found in the file by using a specific symbol, and shielding the middle 6 bits by using a mobile phone number as an example;

and (3) realizing file desensitization by using methods such as replacement, confusion, encryption, shielding and the like. For example, the user security level is an important level, the uploaded file security level is a medium-high level, the file number is 3645152678, the desensitization level is selected to be a medium level, a medium-low level, and the file has 3 security levels of the medium-high level, the medium-low level after desensitization is completed. And personnel with different security levels can check files with different levels, so that the flexibility and the security of access control of the encrypted files in a transmission and sharing scheme are improved.

Encryption: encrypting the files, and selecting different encryption algorithms to encrypt the files with different security levels; different asymmetric cryptographic algorithms may be selected for encrypting file keys for different security levels.

The encryption method comprises encryption algorithms DES, 3DES, AES and national secret SM 4; the asymmetric encryption algorithm can select RES, ECC and a national secret SM2 to summarize, different encryption methods and mixed encryption methods are selected for files with different security levels, and the specific encryption process belongs to common knowledge and is not described herein.

Further, in some embodiments, the method further comprises:

and uploading the protected file for sharing. And the decryption is used by people with different security levels. In the using process, the authorities of different objects are combed and the authority change is monitored, and the specific monitoring method is out of the range of the technical scheme.

As shown in fig. 2, an embodiment of the present invention further provides a device for protecting sensitive file data, including a security level determination and confirmation module, a sensitive data discovery module, a classification and sorting module, and a protection module;

the security level judgment and confirmation module is used for confirming the security level of the uploaded file and judging whether the confirmed security level is reasonable or not;

the sensitive data discovery module is used for traversing the confirmed files with reasonable security levels to discover sensitive data in the files;

the classification and arrangement module is used for classifying and arranging the found sensitive data according to different data characteristics in the sensitive data;

and the protection module is used for protecting the files corresponding to the sorted sensitive data through data desensitization or data encryption or data desensitization and encryption. The quick and accurate positioning of sensitive information and the multi-information association determination are realized.

In some embodiments, the apparatus further comprises a ranking module and a sensitive information table creating module;

the grade division module is used for dividing the safety grade of the file and the corresponding personnel safety grade;

the sensitive information table creating module is used for creating corresponding security level sensitive information tables for different security levels;

the safety grade judging and confirming module comprises a confirming unit and a judging unit;

the confirming unit is used for confirming the security level of the uploaded file;

the judging unit is used for judging whether the confirmed file security level is reasonable or not according to the security level sensitive information table; wherein, the judgment rule is as follows: and the method and the device prevent low-security-level personnel from uploading high-security-level files, prevent the high-security-level files from being classified into low-security-level files or prevent the low-security-level personnel from operating the high-security-level files. For the personnel with different grades, the hierarchical access control of the confidential documents is realized, namely, the personnel with different security grades can obtain different decryption information when decrypting the same confidential documents.

In some embodiments, the sensitive data discovery module comprises a traversal unit, a matching unit, a marking unit and a sensitive data confirmation unit;

the traversing unit is used for traversing all the line numbers of the confirmed file with reasonable security level;

the matching unit is used for taking out the data of each column to match the field dictionary;

the marking unit is used for matching all the discovery rules and marking the matching result of each discovery rule;

and the sensitive data confirmation unit is used for judging the discovery result of each column after all the rows of the file with reasonable security level are traversed and confirmed: and comparing the matching rate and the comparison priority with the same matching rate according to the matching result, judging whether the data matching result of each row of marks reaches a set threshold, if so, determining the final finding result and marking the type of the sensitive data according to the finding result.

In some embodiments, the apparatus further includes a file uploading module, and the file uploading module is configured to upload and share the protected file.

Although the present invention has been described in detail by referring to the drawings in connection with the preferred embodiments, the present invention is not limited thereto. Various equivalent modifications or substitutions can be made on the embodiments of the present invention by those skilled in the art without departing from the spirit and scope of the present invention, and these modifications or substitutions are within the scope of the present invention/any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the appended claims.

Claims (10)

1. A method for protecting file sensitive data is characterized by comprising the following steps:

confirming the security level of the uploaded file and judging whether the confirmed security level is reasonable or not;

traversing the confirmed file with reasonable security level to discover sensitive data in the file;

classifying and sorting the found sensitive data according to different data characteristics in the sensitive data;

and protecting the file corresponding to the sorted sensitive data by data desensitization or data encryption or data desensitization and encryption.

2. The method for protecting sensitive data of files according to claim 1, wherein the steps of confirming the security level of the uploaded files and judging whether the confirmed security level is reasonable comprise:

dividing the security level of the file and the corresponding personnel security level;

for different security levels, corresponding security level sensitive information tables are created.

3. The method for protecting the sensitive data of the file according to claim 2, wherein the steps of confirming the security level of the uploaded file and judging whether the confirmed security level is reasonable comprise:

confirming the security level of the uploaded file;

judging whether the confirmed file security level is reasonable or not according to the security level sensitive information table; wherein, the judgment rule is as follows: and the method and the device prevent low-security-level personnel from uploading high-security-level files, prevent the high-security-level files from being classified into low-security-level files or prevent the low-security-level personnel from operating the high-security-level files.

4. The method for protecting sensitive data of a file according to claim 3, wherein in the step of discovering the sensitive data in the file by traversing the file with a reasonable security level, the step of discovering the sensitive data in the file by traversing the file with a reasonable security level according to the sensitive data rule in the sensitive information table includes:

traversing all the line numbers of the confirmed file with reasonable security level;

taking out data of each column to match the field dictionary;

matching all the discovery rules, and marking the matching result of each discovery rule;

after all the line numbers of the file with reasonable security level are judged, the discovery result of each column is judged: and comparing the matching rate and the comparison priority with the same matching rate according to the matching result, judging whether the data matching result of each row of marks reaches a set threshold, if so, determining the final finding result and marking the type of the sensitive data according to the finding result.

5. The method of claim 4, wherein traversing all rows of the validated reasonably secure file comprises:

setting delimiters, surrounding characters, line feed characters and character sets of the file;

judging whether the file has a header, if so, skipping a first line, and executing the following steps: traversing all the line numbers of the confirmed file with reasonable security level; if not, directly executing the following steps: and traversing all the rows of the confirmed files with reasonable security level.

6. The method of claim 1, further comprising:

and uploading the protected file for sharing.

7. A file sensitive data protection device is characterized by comprising a security level judgment and confirmation module, a sensitive data discovery module, a classification and arrangement module and a protection module;

the security level judgment and confirmation module is used for confirming the security level of the uploaded file and judging whether the confirmed security level is reasonable or not;

the sensitive data discovery module is used for traversing the confirmed files with reasonable security levels to discover sensitive data in the files;

the classification and arrangement module is used for classifying and arranging the found sensitive data according to different data characteristics in the sensitive data;

and the protection module is used for protecting the files corresponding to the sorted sensitive data through data desensitization or data encryption or data desensitization and encryption.

8. The device for protecting the sensitive data of the file as claimed in claim 7, further comprising a grading module and a sensitive information table creating module;

the grade division module is used for dividing the safety grade of the file and the corresponding personnel safety grade;

the sensitive information table creating module is used for creating corresponding security level sensitive information tables for different security levels;

the safety grade judging and confirming module comprises a confirming unit and a judging unit;

the confirming unit is used for confirming the security level of the uploaded file;

the judging unit is used for judging whether the confirmed file security level is reasonable or not according to the security level sensitive information table; wherein, the judgment rule is as follows: and the method and the device prevent low-security-level personnel from uploading high-security-level files, prevent the high-security-level files from being classified into low-security-level files or prevent the low-security-level personnel from operating the high-security-level files.

9. The device for protecting the sensitive data of the file as claimed in claim 8, wherein the sensitive data discovery module comprises a traversal unit, a matching unit, a marking unit and a sensitive data confirmation unit;

the traversing unit is used for traversing all the line numbers of the confirmed file with reasonable security level;

the matching unit is used for taking out the data of each column to match the field dictionary;

the marking unit is used for matching all the discovery rules and marking the matching result of each discovery rule;

and the sensitive data confirmation unit is used for judging the discovery result of each column after all the rows of the file with reasonable security level are traversed and confirmed: and comparing the matching rate and the comparison priority with the same matching rate according to the matching result, judging whether the data matching result of each row of marks reaches a set threshold, if so, determining the final finding result and marking the type of the sensitive data according to the finding result.

10. The device for protecting file sensitive data of claim 7, further comprising a file uploading module, wherein the file uploading module is configured to upload and share the protected file.

Images