CN112257048A - Information security protection method and device - Google Patents
Information security protection method and device Download PDFInfo
- Publication number
- CN112257048A CN112257048A CN202011513579.3A CN202011513579A CN112257048A CN 112257048 A CN112257048 A CN 112257048A CN 202011513579 A CN202011513579 A CN 202011513579A CN 112257048 A CN112257048 A CN 112257048A
- Authority
- CN
- China
- Prior art keywords
- information
- transmission
- obtaining
- nth
- verification code
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2133—Verifying human interaction, e.g., Captcha
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Databases & Information Systems (AREA)
- Alarm Systems (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a method and a device for information safety protection, wherein the method comprises the following steps: obtaining first history information of transmission information of a first user in a preset time period; obtaining a first safety factor according to the first historical information; judging whether the first safety coefficient meets a first preset condition or not, and acquiring a first transmission permission when the first safety coefficient meets the first preset condition; acquiring first authority information, second authority information and the Nth authority information according to the first transmission authority; generating a first verification code according to the first authority information; generating a second verification code according to the second authority information and the first verification code, and generating an Nth verification code according to the Nth authority information and the N-1 th verification code by analogy; and respectively copying and storing all the authority information and the verification codes on the M devices. The technical problems that screening and identification, access authority management and information encryption of users are weak in the prior art are solved.
Description
Technical Field
The present invention relates to the field of information security technologies, and in particular, to a method and an apparatus for information security protection.
Background
The security protection of information should include that information remains unmodified, non-destructive, and non-lost during transmission, exchange, storage, and processing; information is not leaked to unauthorized persons, entities or processes or provided for utilization thereof on a given demand; the information participants can not deny the integrity of the information; information dissemination should enable efficient control etc. Malicious information in network communication has now affected personal information security, and numerous information security threats are spread throughout the network environment.
In the process of implementing the technical scheme of the invention in the embodiment of the present application, the inventor of the present application finds that the above-mentioned technology has at least the following technical problems:
the screening and identification of users, the management of access authority and the encryption of information are weak.
Disclosure of Invention
The embodiment of the application provides a method and a device for information security protection, solves the technical problem that screening and identification, access authority management and information encryption of users are weak in the prior art, and achieves the technical purposes of enhancing accuracy of user authority screening and enhancing security of information transmission.
The embodiment of the application provides an information security protection method, which is applied to a network security protection system, wherein the method comprises the following steps: obtaining first transmission information; acquiring first user information according to the first transmission information; acquiring first history information according to the first user information, wherein the first history information is network transmission information of a first user in a preset time period; obtaining a first safety factor according to the first historical information; judging whether the first safety coefficient meets a first preset condition or not, and acquiring a first transmission permission when the first safety coefficient meets the first preset condition; acquiring first authority information, second authority information and the Nth authority information according to the first transmission authority; generating a first verification code according to the first authority information, wherein the first verification code corresponds to the first authority information one to one; generating a second verification code according to the second authority information and the first verification code, and generating an Nth verification code according to the Nth authority information and the (N-1) th verification code by analogy, wherein N is a natural number greater than 1; and respectively copying and storing all the authority information and the verification codes on M devices, wherein M is a natural number greater than 1.
In another aspect, the present application further provides an information security device, where the information security device includes: a first obtaining unit configured to obtain first transmission information; a second obtaining unit, configured to obtain first user information according to the first transmission information; a third obtaining unit, configured to obtain first history information according to the first user information, where the first history information is information sent by a network of a first user within a predetermined time period; a fourth obtaining unit, configured to obtain a first safety factor according to the first history information; the first judgment unit is used for judging whether the first safety coefficient meets a first preset condition or not, and acquiring a first transmission permission when the first safety coefficient meets the first preset condition; a fifth obtaining unit, configured to obtain, according to the first transmission permission, first permission information, second permission information, and up to nth permission information; a sixth obtaining unit, configured to generate a first verification code according to the first permission information, where the first verification code corresponds to the first permission information one to one; a seventh obtaining unit, configured to generate a second verification code according to the second permission information and the first verification code, and by analogy, generate an nth verification code according to the nth permission information and an nth-1 verification code, where N is a natural number greater than 1; the first storage unit is used for respectively copying and storing all authority information and verification codes on M devices, wherein M is a natural number greater than 1.
On the other hand, an embodiment of the present application further provides an apparatus for information security protection, which includes a memory, a processor, and a computer program stored on the memory and executable on the processor, where the processor implements the steps of the method according to the first aspect when executing the program.
One or more technical solutions provided in the embodiments of the present application have at least the following technical effects or advantages:
the network security protection system is adopted to identify and analyze the user information transmission content through the keyword matching technology, and obtain accurate security factor information through evaluation, so that the information transmission users can be screened, the information transmission permission of the users is determined according to the security factor information, the users with permission are allowed to access the network information, and the access application of the users without permission is refused. And a data information storage method based on a block chain is adopted, and the user authority information is stored in blocks, so that the reliability of data storage is improved, and the safety of data is effectively ensured, thereby achieving the technical aims of enhancing the accuracy of user authority screening and enhancing the safety of information transmission.
The foregoing is a summary of the present disclosure, and embodiments of the present disclosure are described below to make the technical means of the present disclosure more clearly understood.
Drawings
Fig. 1 is a schematic flowchart of a method for information security protection according to an embodiment of the present application;
FIG. 2 is a schematic structural diagram of an information security device according to an embodiment of the present disclosure;
fig. 3 is a schematic structural diagram of an exemplary electronic device according to an embodiment of the present application.
Description of reference numerals: a first obtaining unit 11, a second obtaining unit 12, a third obtaining unit 13, a fourth obtaining unit 14, a first judging unit 15, a fifth obtaining unit 16, a sixth obtaining unit 17, a seventh obtaining unit 18, a first storage unit 19, a bus 300, a receiver 301, a processor 302, a transmitter 303, a memory 304, and a bus interface 305.
Detailed Description
The embodiment of the application provides a method and a device for information security protection, solves the technical problem that screening and identification, access authority management and information encryption of users are weak in the prior art, and achieves the technical purposes of enhancing accuracy of user authority screening and enhancing security of information transmission. Hereinafter, example embodiments of the present application will be described in detail with reference to the accompanying drawings. It should be apparent that the described embodiments are merely some embodiments of the present application and not all embodiments of the present application, and it should be understood that the present application is not limited to the example embodiments described herein.
The security protection of information should include that information remains unmodified, non-destructive, and non-lost during transmission, exchange, storage, and processing; information is not leaked to unauthorized persons, entities or processes or provided for utilization thereof on a given demand; the information participants can not deny the integrity of the information; information dissemination should enable efficient control etc. Malicious information in network communication has an influence on personal information security, and numerous information security threats are spread in a network environment, and the technical problems of weak screening and identification of users, weak access authority management and weak information encryption exist in the prior art.
In view of the above technical problems, the technical solution provided by the present application has the following general idea:
the embodiment of the application provides an information security protection method, which is applied to a network security protection system, wherein the method comprises the following steps: obtaining first transmission information; acquiring first user information according to the first transmission information; acquiring first history information according to the first user information, wherein the first history information is network transmission information of a first user in a preset time period; obtaining a first safety factor according to the first historical information; judging whether the first safety coefficient meets a first preset condition or not, and acquiring a first transmission permission when the first safety coefficient meets the first preset condition; acquiring first authority information, second authority information and the Nth authority information according to the first transmission authority; generating a first verification code according to the first authority information, wherein the first verification code corresponds to the first authority information one to one; generating a second verification code according to the second authority information and the first verification code, and generating an Nth verification code according to the Nth authority information and the (N-1) th verification code by analogy, wherein N is a natural number greater than 1; and respectively copying and storing all the authority information and the verification codes on M devices, wherein M is a natural number greater than 1.
Having thus described the general principles of the present application, various non-limiting embodiments thereof will now be described in detail with reference to the accompanying drawings.
Example one
As shown in fig. 1, an embodiment of the present application provides an information security protection method applied to a network security protection system, where the method includes:
step S100: obtaining first transmission information;
specifically, both communication parties transmit information on the network, and a logical channel needs to be established between transmission and reception. This involves first determining the route from the sender to the receiver and then selecting the communication protocol to be used on that route. In order to securely transfer information in an open network environment, it is necessary to provide security mechanisms and security services for the information. And a trusted network communication monitoring party carries out safety monitoring on the two communication parties, including user identity identification, information transmission encryption and the like. Under the application of encryption technology, the network information system can perform screening on users applying for access, allow users with authority to access network information, and refuse access applications of users without authority. And the network security protection system acquires the first user information accessing the network by acquiring the first transmission information, so as to realize user screening.
Step S200: acquiring first user information according to the first transmission information;
specifically, the network security protection system obtains the first user information by obtaining the first transmission information. The first user information includes account information, identity authentication information, login terminal information of the first user, data information contained in the first user account, and the like. And screening a basis for subsequent user permission by acquiring the first user information.
Step S300: acquiring first history information according to the first user information, wherein the first history information is network transmission information of a first user in a preset time period;
specifically, the network security protection system obtains various pieces of data information of the first user account based on the first user information, where the data information includes content information of information transmission performed by the first user through a network. The network security protection system may set a time threshold for screening user security within a specified time period. The first historical information is the network sending information of the first user in a preset time period, and a foundation is laid for user security screening through user communication data through obtaining of the first historical information.
Step S400: obtaining a first safety factor according to the first historical information;
specifically, the first safety factor is obtained by inputting the first history information into a neural network model, which is a complex network system formed by widely interconnecting a large number of simple processing units (called neurons) reflecting many basic features of human brain functions, and is a highly complex nonlinear dynamical learning system. The first historical information is input into the neural network model, the neural network model is continuously corrected and optimized through training data, accuracy of machine learning model processing data is improved through a supervised learning process, and therefore the first safety factor is obtained more accurately. By obtaining the accurate first safety factor, a foundation is laid for improving the accuracy of user safety screening.
Step S500: judging whether the first safety coefficient meets a first preset condition or not, and acquiring a first transmission permission when the first safety coefficient meets the first preset condition;
specifically, the network security protection system determines whether the first security factor meets the first predetermined condition, the first predetermined condition is an evaluation index of network information transmission security, and if the first security factor meets the first predetermined condition, it represents that the first user meets the information transmission security requirement, so that information security transmission can be realized, an information transmission permission can be obtained, and a technical purpose of performing security screening on user permissions is realized.
Step S600: acquiring first authority information, second authority information and the Nth authority information according to the first transmission authority;
step S700: generating a first verification code according to the first authority information, wherein the first verification code corresponds to the first authority information one to one;
step S800: generating a second verification code according to the second authority information and the first verification code, and generating an Nth verification code according to the Nth authority information and the (N-1) th verification code by analogy, wherein N is a natural number greater than 1;
step S900: and respectively copying and storing all the authority information and the verification codes on M devices, wherein M is a natural number greater than 1.
Specifically, in order to ensure the security of user access authority management, a first verification code is generated according to the first authority information, wherein the first verification code is in one-to-one correspondence with the first authority information; and generating a second verification code according to the second authority information and the first verification code, and generating an Nth verification code according to the Nth authority information and the (N-1) th verification code by analogy, wherein N is a natural number greater than 1, and N storage units are obtained in total. The verification code information is used as main body identification information, and the identification information of the main body is used for distinguishing from other main bodies. When the training data needs to be called, after each next node receives the data stored by the previous node, the data is verified through a common identification mechanism and then stored, and each storage unit is connected in series through a Hash technology, so that the training data is not easy to lose and damage, and the safety and the accuracy of the user access authority are improved through a data information processing technology based on a block chain, so that the technical purpose of enhancing the safety of information transmission is realized.
Further, the embodiment S100 of the present application further includes:
step S101 a: acquiring first content information according to the first transmission information;
step S102 a: obtaining a second safety factor according to the first content information;
step S103 a: judging whether the second safety factor meets a second preset condition or not;
step S104 a: and when the first transmission permission is satisfied, obtaining the first transmission permission.
Specifically, the network security protection system identifies and extracts bad information from the first content information by obtaining network transmission content of the first user and based on methods such as feature library comparison, semantic analysis technology, machine learning, and the like. And obtaining the second safety factor by a neural network model based on the recognition result. And the system determines whether the first user obtains the first transmission permission or not by judging whether the second safety factor meets the second preset condition or not.
Further, step S102a in the embodiment of the present application further includes:
step S102a 1: judging whether the first content information contains link information or not;
step S102a 2: when the link information is contained, obtaining first code information according to the link information;
step S102a 3: judging whether the first code information contains risk information or not;
step S102a 4: and when the first warning instruction is contained, obtaining a first warning instruction, wherein the first warning instruction is used for sending reminding information.
Specifically, the network security protection system automatically extracts link information in the first content information by obtaining network transmission content of the first user, obtains the first code information, analyzes and processes data through a training model, identifies and judges whether the first code information contains risk information, and obtains the first early warning instruction for early warning user security if the first code information contains risk information through judgment. And the safety protection of information transmission is further improved.
Further, step S102a3 in the embodiment of the present application further includes:
step S102a 31: obtaining the risk information database;
step S102a 32: taking the risk information database as first input data;
step S102a 33: taking the first code information as second input data;
step S102a 34: inputting the first input data and the second input data into a first training model, wherein the first training model is obtained by training a plurality of sets of training data, and each set of training data in the plurality of sets comprises: the first input data, the second input data, and identification information to identify whether risk information is included;
step S102a 35: and obtaining first output information of the first training model, wherein the first output information comprises a first result, and the first result is whether the first code information contains risk information.
Specifically, the risk information database contains various types of risk code information, the first training model is obtained by training multiple sets of training data, and the process of training the first training model by the training data is essentially a supervised learning process. Each set of training data in the plurality of sets of training data comprises: the first input data, the second input data, and identification information to identify whether risk information is included; under the condition of obtaining the first input data and the second input data, if the first code information is matched with the risk information database, the machine learning model outputs identification information of the first code information containing risk information, whether the first code information output by the machine learning model contains the risk information is verified through whether the identified first code information contains the risk information, and after the machine learning model reaches the expected accuracy, supervised learning of the next group of data is carried out. The machine learning model is continuously corrected and optimized through training data, the accuracy of the machine learning model for processing the data is improved through the process of supervised learning, and whether the first code information contains risk information is more accurate, so that the technical purpose of enhancing the safety of information transmission is further realized.
Further, step S800 in the embodiment of the present application further includes:
step S801: taking the Nth authority information and the Nth verification code as an Nth storage unit;
step S802: obtaining the recording time of the Nth storage unit, wherein the recording time of the Nth storage unit represents the time required to be recorded by the Nth storage unit;
step S803: acquiring first equipment with the largest memory in the M equipment according to the recording time of the Nth storage unit;
step S804: and sending the recording right of the Nth storage unit to the first equipment.
Specifically, the nth authority information and the nth verification code are partitioned to generate a plurality of blocks, and the nth device node is added to the block chain after identifying the blocks. And the Nth storage unit records time which is used for verifying the equipment node through a 'consensus mechanism' based on the obtained Nth verification code information and the Nth permission information, and storing and adding the verification result into the original block after the verification is passed. The shorter the recording time of the Nth storage unit is, the fastest the transport capacity of the equipment node is. The equipment with the fastest transport capacity is selected as the block recording equipment, so that the real-time performance of data interaction under the chain in the block chain is improved, the safe, effective and stable operation of a decentralized block chain system is guaranteed, the block chain message processing efficiency is improved, and the technical effects of improving the accuracy and safety of user authority management and storage are achieved.
Further, step S100 in the embodiment of the present application further includes:
step S101 b: judging whether the first transmission information contains first tool software;
step S102 b: when the first transmission data set is included, obtaining a first transmission data set according to the first tool software, wherein the first transmission data set comprises a sending user set and a sending information content set;
step S103 b: determining whether the first bulk data set contains risk information;
step S104 b: and when the first early warning information is contained, obtaining second early warning information.
Specifically, the network security protection system determines whether the first transmission information includes information transmission tools such as a group transmission tool, and if so, further determines the security of the first transmission information content, where the first transmission data set includes information receiving user information and transmission information content of the first transmission information, and performs keyword extraction on the first group transmission data set based on methods such as feature library comparison, semantic analysis technology, machine learning, and the like, and determines whether the first group transmission data set includes risk information, and if so, further obtains the occurrence frequency of the keyword including the risk information, thereby further implementing risk assessment, and performing risk early warning by sending prompt information and the like. The technical purpose of further improving the accuracy of user permission screening is achieved.
Further, step S100 in the embodiment of the present application further includes:
step S101 c: acquiring first transmission time and a first IP address according to the first transmission information;
step S102 c: obtaining second transmission time according to a preset time condition;
step S103 c: acquiring a second IP address according to the first user information and the second transmission time;
step S104 c: obtaining a first correlation according to the first IP address and the second IP address;
step S105 c: determining whether the first correlation satisfies a predetermined threshold;
step S106 c: and when the first warning information does not meet the requirement, third warning information is obtained.
Specifically, the network security protection system obtains information such as information transmission time and an IP address from the first transmission information, obtains time information for a user to perform data transmission with different IP addresses within a preset time, that is, the second transmission time, determines the first correlation threshold by judging correlation between the first IP address and the second IP address within the preset time and combining feasibility of user IP address change within the preset time, for example, if the preset time is short, the correlation between the IP addresses is small, the user IP address change within the preset time cannot be realized, for example, a common QQ is stolen, that is, a user account may be stolen. And if the first correlation does not meet the preset threshold, the first user information has risk hidden danger, and risk early warning is carried out through the third early warning information, so that the safety of user information transmission is enhanced.
To sum up, the method for information security protection provided by the embodiment of the application has the following technical effects:
the network security protection system is adopted to identify and analyze the user information transmission content through the keyword matching technology, and obtain accurate security factor information through evaluation, so that the information transmission users can be screened, the information transmission permission of the users is determined according to the security factor information, the users with permission are allowed to access the network information, and the access application of the users without permission is refused. And a data information storage method based on a block chain is adopted, and the user authority information is stored in blocks, so that the reliability of data storage is improved, and the safety of data is effectively ensured, thereby achieving the technical aims of enhancing the accuracy of user authority screening and enhancing the safety of information transmission.
Example two
Based on the same inventive concept as the information security protection method in the foregoing embodiment, the present invention further provides an information security protection apparatus, as shown in fig. 2, the apparatus includes:
a first obtaining unit 11, where the first obtaining unit 11 is configured to obtain first transmission information;
a second obtaining unit 12, where the second obtaining unit 12 is configured to obtain first user information according to the first transmission information;
a third obtaining unit 13, where the third obtaining unit 13 is configured to obtain first history information according to the first user information, where the first history information is network transmission information of the first user in a predetermined time period;
a fourth obtaining unit 14, where the fourth obtaining unit 14 is configured to obtain a first safety factor according to the first history information;
the first judging unit 15 is used for judging whether the first safety factor meets a first preset condition or not, and when the first safety factor meets the first preset condition, a first transmission authority is obtained;
a fifth obtaining unit 16, where the fifth obtaining unit 16 is configured to obtain the first right information, the second right information, and up to the nth right information according to the first transmission right;
a sixth obtaining unit 17, where the sixth obtaining unit 17 is configured to generate a first verification code according to the first authority information, where the first verification code is in one-to-one correspondence with the first authority information;
a seventh obtaining unit 18, where the seventh obtaining unit 18 is configured to generate a second verification code according to the second permission information and the first verification code, and so on, and generate an nth verification code according to the nth permission information and an nth-1 verification code, where N is a natural number greater than 1;
a first storage unit 19, where the first storage unit 19 is configured to copy and store all right information and verification codes on M devices, where M is a natural number greater than 1.
Further, the apparatus further comprises:
an eighth obtaining unit, configured to obtain first content information according to the first transmission information;
a ninth obtaining unit, configured to obtain a second security factor according to the first content information;
the second judgment unit is used for judging whether the second safety factor meets a second preset condition or not;
a tenth obtaining unit configured to obtain the first transmission right when satisfied.
Further, the apparatus further comprises:
a third judging unit configured to judge whether the first content information includes link information;
an eleventh obtaining unit configured to obtain, when the link information is included, first code information according to the link information;
a fourth judging unit, configured to judge whether the first code information includes risk information;
and the twelfth obtaining unit is used for obtaining a first early warning instruction when the first early warning instruction is contained, and the first early warning instruction is used for sending reminding information.
Further, the apparatus further comprises:
a thirteenth obtaining unit configured to obtain the risk information database;
a fourteenth obtaining unit configured to take the risk information database as first input data;
a fifteenth obtaining unit configured to obtain the first code information as second input data;
a first input unit, configured to input the first input data and the second input data into a first training model, where the first training model is obtained by training multiple sets of training data, and each set of training data in the multiple sets includes: the first input data, the second input data, and identification information to identify whether risk information is included;
a sixteenth obtaining unit, configured to obtain first output information of the first training model, where the first output information includes a first result, and the first result is whether the first code information includes risk information.
Further, the apparatus further comprises:
a seventeenth obtaining unit configured to use the nth right information and the nth verification code as an nth storage unit;
an eighteenth obtaining unit, configured to obtain the nth storage unit recording time, where the nth storage unit recording time represents a time that the nth storage unit needs to record;
a nineteenth obtaining unit, configured to obtain, according to the recording time of the nth storage unit, a first device with a largest memory in the M devices;
a first sending unit, configured to send the recording right of the nth storage unit to the first device.
Further, the apparatus further comprises:
a fifth judging unit, configured to judge whether the first transmission information includes first tool software;
a twentieth obtaining unit, configured to, when included, obtain a first set of transmission data according to the first utility software, where the first set of transmission data includes a set of sending users and a set of sending information contents;
a sixth determining unit, configured to determine whether the first bulk data set includes risk information;
a twenty-first obtaining unit configured to obtain second warning information when the second warning information is included.
Further, the apparatus further comprises:
a twenty-second obtaining unit, configured to obtain a first transmission time and a first IP address according to the first transmission information;
a twenty-third obtaining unit, configured to obtain a second transmission time according to a preset time condition;
a twenty-fourth obtaining unit, configured to obtain a second IP address according to the first user information and the second transmission time;
a twenty-fifth obtaining unit, configured to obtain a first correlation according to the first IP address and the second IP address;
a seventh judging unit configured to judge whether the first correlation satisfies a predetermined threshold;
a twenty-sixth obtaining unit, configured to obtain third warning information when the first warning information does not meet the second warning information.
Various modifications and specific examples of the method for information security protection in the first embodiment of fig. 1 are also applicable to the apparatus for information security protection in the present embodiment, and a person skilled in the art can clearly know the apparatus for information security protection in the present embodiment through the foregoing detailed description of the method for information security protection, so that the detailed description is omitted here for the sake of brevity.
Exemplary electronic device
The electronic device of the embodiment of the present application is described below with reference to fig. 3.
Fig. 3 illustrates a schematic structural diagram of an electronic device according to an embodiment of the present application.
Based on the inventive concept of a method for information security protection as described in the previous embodiments, the present invention further provides an apparatus for information security protection, which has a computer program stored thereon, and when the program is executed by a processor, the method performs any of the steps of the method for information security protection described above.
Where in fig. 3a bus architecture (represented by bus 300), bus 300 may include any number of interconnected buses and bridges, bus 300 linking together various circuits including one or more processors, represented by processor 302, and memory, represented by memory 304. The bus 300 may also link together various other circuits such as peripherals, voltage regulators, power management circuits, and the like, which are well known in the art, and therefore, will not be described any further herein. A bus interface 305 provides an interface between the bus 300 and the receiver 301 and transmitter 303. The receiver 301 and the transmitter 303 may be the same element, i.e., a transceiver, providing a means for communicating with various other apparatus over a transmission medium.
The processor 302 is responsible for managing the bus 300 and general processing, and the memory 304 may be used for storing data used by the processor 302 in performing operations.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, apparatus, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention has been described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (devices), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks. While preferred embodiments of the present invention have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including preferred embodiments and all such alterations and modifications as fall within the scope of the invention.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present invention without departing from the spirit and scope of the invention. Thus, if such modifications and variations of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is also intended to include such modifications and variations.
Claims (9)
1. An information security protection method applied to a network security protection system, wherein the method comprises:
obtaining first transmission information;
acquiring first user information according to the first transmission information;
acquiring first history information according to the first user information, wherein the first history information is network transmission information of a first user in a preset time period;
obtaining a first safety factor according to the first historical information;
judging whether the first safety coefficient meets a first preset condition or not, and acquiring a first transmission permission when the first safety coefficient meets the first preset condition;
acquiring first authority information, second authority information and the Nth authority information according to the first transmission authority;
generating a first verification code according to the first authority information, wherein the first verification code corresponds to the first authority information one to one;
generating a second verification code according to the second authority information and the first verification code, and generating an Nth verification code according to the Nth authority information and the (N-1) th verification code by analogy, wherein N is a natural number greater than 1;
and respectively copying and storing all the authority information and the verification codes on M devices, wherein M is a natural number greater than 1.
2. The method of claim 1, wherein the method comprises:
acquiring first content information according to the first transmission information;
obtaining a second safety factor according to the first content information;
judging whether the second safety factor meets a second preset condition or not;
and when the first transmission permission is satisfied, obtaining the first transmission permission.
3. The method of claim 2, wherein said obtaining a second security factor based on said first content information comprises:
judging whether the first content information contains link information or not;
when the link information is contained, obtaining first code information according to the link information;
judging whether the first code information contains risk information or not;
and when the first warning instruction is contained, obtaining a first warning instruction, wherein the first warning instruction is used for sending reminding information.
4. The method of claim 3, wherein the determining whether the first code information includes risk information comprises:
obtaining the risk information database;
taking the risk information database as first input data;
taking the first code information as second input data;
inputting the first input data and the second input data into a first training model, wherein the first training model is obtained by training a plurality of sets of training data, and each set of training data in the plurality of sets comprises: the first input data, the second input data, and identification information to identify whether risk information is included;
and obtaining first output information of the first training model, wherein the first output information comprises a first result, and the first result is whether the first code information contains risk information.
5. The method of claim 1, wherein the method comprises:
taking the Nth authority information and the Nth verification code as an Nth storage unit;
obtaining the recording time of the Nth storage unit, wherein the recording time of the Nth storage unit represents the time required to be recorded by the Nth storage unit;
acquiring first equipment with the largest memory in the M equipment according to the recording time of the Nth storage unit;
and sending the recording right of the Nth storage unit to the first equipment.
6. The method of claim 1, wherein the method comprises:
judging whether the first transmission information contains first tool software;
when the first transmission data set is included, obtaining a first transmission data set according to the first tool software, wherein the first transmission data set comprises a sending user set and a sending information content set;
determining whether the first bulk data set contains risk information;
and when the first early warning information is contained, obtaining second early warning information.
7. The method of claim 1, wherein the method comprises:
acquiring first transmission time and a first IP address according to the first transmission information;
obtaining second transmission time according to a preset time condition;
acquiring a second IP address according to the first user information and the second transmission time;
obtaining a first correlation according to the first IP address and the second IP address;
determining whether the first correlation satisfies a predetermined threshold;
and when the first warning information does not meet the requirement, third warning information is obtained.
8. An apparatus for information security protection, wherein the apparatus comprises:
a first obtaining unit configured to obtain first transmission information;
a second obtaining unit, configured to obtain first user information according to the first transmission information;
a third obtaining unit, configured to obtain first history information according to the first user information, where the first history information is information sent by a network of a first user within a predetermined time period;
a fourth obtaining unit, configured to obtain a first safety factor according to the first history information;
the first judgment unit is used for judging whether the first safety coefficient meets a first preset condition or not, and acquiring a first transmission permission when the first safety coefficient meets the first preset condition;
a fifth obtaining unit, configured to obtain, according to the first transmission permission, first permission information, second permission information, and up to nth permission information;
a sixth obtaining unit, configured to generate a first verification code according to the first permission information, where the first verification code corresponds to the first permission information one to one;
a seventh obtaining unit, configured to generate a second verification code according to the second permission information and the first verification code, and by analogy, generate an nth verification code according to the nth permission information and an nth-1 verification code, where N is a natural number greater than 1;
the first storage unit is used for respectively copying and storing all authority information and verification codes on M devices, wherein M is a natural number greater than 1.
9. An apparatus for information security protection, comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the steps of the method of any one of claims 1-7 when executing the program.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011513579.3A CN112257048B (en) | 2020-12-21 | 2020-12-21 | Information security protection method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011513579.3A CN112257048B (en) | 2020-12-21 | 2020-12-21 | Information security protection method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112257048A true CN112257048A (en) | 2021-01-22 |
| CN112257048B CN112257048B (en) | 2021-10-08 |
Family
ID=74225788
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011513579.3A Active CN112257048B (en) | 2020-12-21 | 2020-12-21 | Information security protection method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112257048B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112765220A (en) * | 2021-02-24 | 2021-05-07 | 汇正(广州)企业管理咨询有限公司 | Service data monitoring method and system based on cloud computing |
| CN112819441A (en) * | 2021-02-05 | 2021-05-18 | 汇正(广州)企业管理咨询有限公司 | Enterprise management method and system based on big data |
| CN117061232A (en) * | 2023-09-18 | 2023-11-14 | 北京中科网芯科技有限公司 | Early warning method for message security in network communication |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101616101A (en) * | 2008-06-26 | 2009-12-30 | 阿里巴巴集团控股有限公司 | A kind of method for filtering user information and device |
| CN110011981A (en) * | 2019-03-15 | 2019-07-12 | 湖北工程学院 | A kind of credible cloud storage method and system based on block chain |
| CN110647503A (en) * | 2019-10-09 | 2020-01-03 | 重庆特斯联智慧科技股份有限公司 | Distributed storage method and device |
| CN111327613A (en) * | 2020-02-20 | 2020-06-23 | 深圳市腾讯计算机系统有限公司 | Distributed service authority control method and device and computer readable storage medium |
| CN111897795A (en) * | 2020-06-24 | 2020-11-06 | 苏宁金融科技(南京)有限公司 | Management method, device and system of alliance chain |
| CN112069527A (en) * | 2020-11-10 | 2020-12-11 | 大象慧云信息技术有限公司 | Tax control invoice protection method and system based on multiple safety protection measures |
-
2020
- 2020-12-21 CN CN202011513579.3A patent/CN112257048B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101616101A (en) * | 2008-06-26 | 2009-12-30 | 阿里巴巴集团控股有限公司 | A kind of method for filtering user information and device |
| CN110011981A (en) * | 2019-03-15 | 2019-07-12 | 湖北工程学院 | A kind of credible cloud storage method and system based on block chain |
| CN110647503A (en) * | 2019-10-09 | 2020-01-03 | 重庆特斯联智慧科技股份有限公司 | Distributed storage method and device |
| CN111327613A (en) * | 2020-02-20 | 2020-06-23 | 深圳市腾讯计算机系统有限公司 | Distributed service authority control method and device and computer readable storage medium |
| CN111897795A (en) * | 2020-06-24 | 2020-11-06 | 苏宁金融科技(南京)有限公司 | Management method, device and system of alliance chain |
| CN112069527A (en) * | 2020-11-10 | 2020-12-11 | 大象慧云信息技术有限公司 | Tax control invoice protection method and system based on multiple safety protection measures |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112819441A (en) * | 2021-02-05 | 2021-05-18 | 汇正(广州)企业管理咨询有限公司 | Enterprise management method and system based on big data |
| CN112819441B (en) * | 2021-02-05 | 2024-05-03 | 爱晋仕(上海)信息科技有限公司 | Enterprise management method and system based on big data |
| CN112765220A (en) * | 2021-02-24 | 2021-05-07 | 汇正(广州)企业管理咨询有限公司 | Service data monitoring method and system based on cloud computing |
| CN117061232A (en) * | 2023-09-18 | 2023-11-14 | 北京中科网芯科技有限公司 | Early warning method for message security in network communication |
| CN117061232B (en) * | 2023-09-18 | 2024-03-15 | 北京中科网芯科技有限公司 | Early warning method for message security in network communication |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112257048B (en) | 2021-10-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112257048B (en) | Information security protection method and device | |
| CN102077208B (en) | The method and system of the licence of protected content is provided to application program collection | |
| NO326590B1 (en) | Procedure and device for verification of information access in ICT systems with multiple security dimensions and security levels. | |
| CN107005568A (en) | Data safety is operated with being expected | |
| CN113726784B (en) | Network data security monitoring method, device, equipment and storage medium | |
| CN109905360A (en) | Data verification method and terminal device | |
| CN115168888B (en) | Service self-adaptive data management method, device and equipment | |
| CN110708162A (en) | Resource acquisition method and device, computer readable medium and electronic equipment | |
| CN111817859A (en) | Data sharing method, device, equipment and storage medium based on zero knowledge proof | |
| Mitchell | Finite-state analysis of security protocols | |
| CN113918977A (en) | User information transmission device based on Internet of things and big data analysis | |
| Rumez et al. | Anomaly detection for automotive diagnostic applications based on N-grams | |
| CN112734050A (en) | Text model training method, text model recognition device, text model equipment and storage medium | |
| Ramsay | The General Data ProtectionRegulation vs. The Blockchain: A legal study on the compatibility between blockchain technology and the GDPR | |
| CN116506206A (en) | Big data behavior analysis method and system based on zero trust network user | |
| CN116028964A (en) | Information security risk management system | |
| US20240163299A1 (en) | Email security diagnosis device based on quantitative analysis of threat elements, and operation method thereof | |
| CN114006735B (en) | Data protection method, device, computer equipment and storage medium | |
| CN112636921A (en) | Method and system for improving network information transmission security | |
| CN114372092A (en) | Case collaborative search processing method, system, device and electronic equipment | |
| CN114282186A (en) | Method and system for safely exporting large file data | |
| CN110414251B (en) | Data monitoring method and device | |
| CN108108310A (en) | A kind of data processing method, device and server | |
| TWI667587B (en) | Information security protection method | |
| CN112788186B (en) | Method and device for automatic batch call forwarding based on open source software development |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |