CN112417501A - Block chain-based extranet confidential file detection method - Google Patents
Block chain-based extranet confidential file detection method Download PDFInfo
- Publication number
- CN112417501A CN112417501A CN202011296934.6A CN202011296934A CN112417501A CN 112417501 A CN112417501 A CN 112417501A CN 202011296934 A CN202011296934 A CN 202011296934A CN 112417501 A CN112417501 A CN 112417501A
- Authority
- CN
- China
- Prior art keywords
- block chain
- scanning
- extranet
- matching
- secret
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/14—Details of searching files based on file metadata
- G06F16/148—File search processing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
Abstract
The invention discloses a block chain-based extranet secret-related file detection method, which comprises the following steps of: s1, synchronizing the internal and external chain secret point libraries; s2, after synchronization, the server side issues the scanning rule to the external network client side; s3, matching file characteristic values on the block chain; s4, displaying and/or warning the chain on the matched result; the method and the device realize local extraction of the characteristic value of the file, protect the privacy of the local file and reduce the transmission of redundant data; through efficient and accurate matching, the conditions of missing and multiple searches of confidential data and the like are greatly avoided.
Description
Technical Field
The invention relates to the field of confidential file detection, in particular to a block chain-based extranet confidential file detection method.
Background
The existing technology is difficult to detect the secret-related data of the external network equipment, and the leakage condition of the secret-related data can be obtained only by adopting the modes of active reporting, mass inspection and source searching afterwards. Even if extranet information which is actively reported or checked is collected, when the extranet information is checked, the secret point library is stored in the mechanism, and the subsequent processing can be carried out after an external file is imported.
Disclosure of Invention
The invention aims to overcome the defects of the prior art and provides a block chain-based extranet secret-related file detection method, which is used for realizing local extraction of a file characteristic value, protecting the privacy of a local file and reducing the transmission of redundant data; through efficient and accurate matching, the conditions of missing and multiple searches of confidential data and the like are greatly avoided.
The purpose of the invention is realized by the following scheme:
a block chain-based extranet secret-related file detection method comprises the following steps:
s1, synchronizing the internal and external chain secret point libraries;
s2, after synchronization, the server side issues the scanning rule to the external network client side;
s3, matching file characteristic values on the block chain;
and S4, displaying and/or warning the chain after the matching result.
Further, in step S1, synchronizing by introducing the hash value of the derived secret point through the offline under the condition that the internal and external networks are physically separated; and under the condition of non-physical partition, performing safe synchronization of the secret point data through mechanism signature.
Further, step S2 includes the steps of:
s2.1, the management end sets a scanning rule, wherein the scanning rule comprises scanning time, a dense point matching threshold and a reporting threshold;
and S2.2, the management terminal issues the scanning rules to the corresponding client terminal, and the client terminal starts scanning.
Further, in step S3, the client includes a detection client, including the steps of:
s3.1, the detection client background starts scanning according to a scanning rule issued by the server;
s3.2, the detection client calculates the characteristic value according to the fuzzy hash algorithm;
s3.3, the management server side uploads the characteristic values to a block chain through an intelligent contract, and similarity matching of the characteristic values on the chain is carried out;
and S3.4, storing the matching result.
Further, in step S4, the matching result is displayed and/or pre-warned according to the condition threshold setting.
Further, when the matching similarity is higher than the reporting threshold, the scanning records are registered by the intelligent contract butt-joint block chain, so that the non-tampering and traceability of the scanning records are ensured.
The invention has the beneficial effects that:
(1) the method and the device realize local extraction of the characteristic value of the file, protect the privacy of the local file and reduce the transmission of redundant data; through efficient and accurate matching, the conditions of missing and multiple searches of confidential data are greatly avoided; the method solves the problems of security synchronization of the secret point libraries of the internal network and the external network, local file scanning and characteristic value extraction of external network equipment, issuing of a timing scanning task of an external network secret piece detection client, and security transmission and storage of external network detection and matching result data.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to these drawings without creative efforts.
FIG. 1 is a flow chart of inner and outer chain secret point library synchronization;
FIG. 2 is a flow chart of scan rule issuing;
FIG. 3 is a flow chart of document feature value matching and early warning.
Detailed Description
All of the features disclosed in the specification for all of the embodiments (including any accompanying claims, abstract and drawings), or all of the steps of a method or process so disclosed, may be combined and/or expanded, or substituted, in any way, except for mutually exclusive features and/or steps.
As shown in fig. 1 to 3, a block chain-based extranet secret-related file detection method includes the steps of:
s1, synchronizing the internal and external chain secret point libraries;
s2, after synchronization, the server side issues the scanning rule to the external network client side;
s3, matching file characteristic values on the block chain;
and S4, displaying and/or warning the chain after the matching result.
Further, in step S1, synchronizing by introducing the hash value of the derived secret point through the offline under the condition that the internal and external networks are physically separated; and under the condition of non-physical partition, performing safe synchronization of the secret point data through mechanism signature.
Further, step S2 includes the steps of:
s2.1, the management end sets a scanning rule, wherein the scanning rule comprises scanning time, a dense point matching threshold and a reporting threshold;
and S2.2, the management terminal issues the scanning rules to the corresponding client terminal, and the client terminal starts scanning.
Further, in step S3, the client includes a detection client, including the steps of:
s3.1, the detection client background starts scanning according to a scanning rule issued by the server;
s3.2, the detection client calculates the characteristic value according to the fuzzy hash algorithm;
s3.3, the management server side uploads the characteristic values to a block chain through an intelligent contract, and similarity matching of the characteristic values on the chain is carried out;
and S3.4, storing the matching result.
Further, in step S4, the matching result is displayed and/or pre-warned according to the condition threshold setting.
Further, when the matching similarity is higher than the reporting threshold, the scanning records are registered by the intelligent contract butt-joint block chain, so that the non-tampering and traceability of the scanning records are ensured.
In the embodiment of the invention, the safe isolation management of the secret point library is realized in an internal and external double-chain mode, and the information consistency is realized by a safe synchronization technology. The external network performs background scanning on the local file in a client mode manually or automatically at regular time. According to the cipher point matching rule, combining the fuzzy hash algorithm to perform local calculation of the file characteristic value, encrypting and uploading the file characteristic value to a block chain to match with the hash value of the cipher point on the chain. And chaining the matched result to ensure that the information cannot be tampered and traceable, and carrying out early warning on the divulgence condition to a supervision department according to the configuration rule. The specific implementation can be divided into four stages: synchronizing a security point library of a security internal link and a security external link, issuing an external network client according to rules, matching file characteristic values, scanning, recording and chaining and early warning.
Stage one: secure internal and external chain secret point library synchronization
As shown in fig. 1, the method includes the following steps:
1.1, synchronizing by a way of importing and exporting a hash value of a secret point through a line under the condition of physical partition of an internal network and an external network;
1.2 under the condition of non-physical partition, carrying out safe synchronization of secret point data through mechanism signature;
1.3 in the synchronization process of the two modes, the key fields are subjected to automatic desensitization treatment. And performing desensitization treatment on other key information entering the outer chain along with the characteristic value of the secret point, such as mechanisms, secret setting time and secret setting persons.
Description of fields:
| name of field | Meaning of a field | Remarks for note |
| org_id | Mechanism | Desensitization |
| id | Secret point ID | |
| hash | Secret-point hash | |
| secret_level | Security grade | |
| creat_time | Time of setting secret | Desensitization |
| creat_by | Person responsible for determining privacy | Desensitization |
And a second stage: scanning rule issuing external network client
As shown in fig. 2, the method includes the following steps:
2.1, setting automatic scanning time, a dense point matching threshold and a reporting threshold by a management terminal;
2.2 the server side issues the rules to the corresponding client side, and the client side starts automatic scanning.
Description of fields:
and a third stage: document feature value matching
As shown in fig. 3, the method includes the following steps:
3.1 the client background starts automatic scanning according to the server rule;
3.2, calculating a characteristic value according to a fuzzy hash algorithm;
3.3 the characteristic value is matched with the similarity of the characteristic value on the chain through the intelligent contract uploading block chain;
and 3.4, setting the scanning result according to a condition threshold value, and displaying and early warning the result.
And a fourth stage: the record uplink is scanned and an early warning is given.
4.1 when the scanning similarity is higher than the reporting threshold, the scanning record is registered by the intelligent contract butt-joint block chain, so as to ensure the non-falsification and the traceability of the scanning record.
The beneficial effects and advantages of the embodiment of the invention mainly comprise:
(1) the file characteristic value is locally extracted, so that the privacy of a local file is protected, and the transmission of redundant data is reduced; (2) through efficient and accurate matching, the conditions of missing and multiple searches of confidential data are greatly avoided.
The technical problem solved comprises the following steps:
the safe synchronization of the secret point libraries (secret point hash values) of the internal network and the external network can be realized; local file scanning and characteristic value extraction of the external network equipment; the external network confidential element detects the issuing of a timing scanning task by a client; the safe transmission and storage of the data of the external network detection and matching result; further, an optimized matching algorithm can be selected to obtain a more accurate confidential data detection result and the like, which is not described herein again.
The functionality of the present invention, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium, and all or part of the steps of the method according to the embodiments of the present invention are executed in a computer device (which may be a personal computer, a server, or a network device) and corresponding software. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, or an optical disk, exist in a read-only Memory (RAM), a Random Access Memory (RAM), and the like, for performing a test or actual data in a program implementation.
Other embodiments than the above examples may be devised by those skilled in the art based on the foregoing disclosure, or by adapting and using knowledge or techniques of the relevant art, and features of various embodiments may be interchanged or substituted and such modifications and variations that may be made by those skilled in the art without departing from the spirit and scope of the present invention are intended to be within the scope of the following claims.
Claims (6)
1. A block chain-based extranet secret-related file detection method is characterized by comprising the following steps:
s1, synchronizing the internal and external chain secret point libraries;
s2, after synchronization, the server side issues the scanning rule to the external network client side;
s3, matching file characteristic values on the block chain;
and S4, displaying and/or warning the chain after the matching result.
2. The method for detecting the extranet secret-related file based on the block chain according to claim 1, wherein in step S1, synchronization is performed by introducing and exporting a secret point hash value through a line under the condition that the extranet and the extranet are physically separated; and under the condition of non-physical partition, performing safe synchronization of the secret point data through mechanism signature.
3. The method for detecting the extranet confidential file based on the block chain according to claim 1, wherein the step S2 includes the steps of:
s2.1, the management end sets a scanning rule, wherein the scanning rule comprises scanning time, a dense point matching threshold and a reporting threshold;
and S2.2, the management terminal issues the scanning rules to the corresponding client terminal, and the client terminal starts scanning.
4. The method for detecting the extranet confidential file based on the block chain according to claim 1, wherein in step S3, the client includes a detection client, and the method includes the steps of:
s3.1, the detection client background starts scanning according to a scanning rule issued by the server;
s3.2, the detection client calculates the characteristic value according to the fuzzy hash algorithm;
s3.3, the management server side uploads the characteristic values to a block chain through an intelligent contract, and similarity matching of the characteristic values on the chain is carried out;
and S3.4, storing the matching result.
5. The method for detecting the extranet confidential file based on the block chain according to any one of claims 1 to 4, wherein in step S4, the matching result is subjected to result display and/or early warning according to condition threshold setting.
6. The method for detecting the foreign network confidential file based on the block chain according to claim 5, wherein when the matching similarity is higher than a reporting threshold, the scanning record registers the block chain through an intelligent contract, so that the scanning record is ensured to be not falsifiable and traceable.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011296934.6A CN112417501A (en) | 2020-11-18 | 2020-11-18 | Block chain-based extranet confidential file detection method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011296934.6A CN112417501A (en) | 2020-11-18 | 2020-11-18 | Block chain-based extranet confidential file detection method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112417501A true CN112417501A (en) | 2021-02-26 |
Family
ID=74772984
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011296934.6A Pending CN112417501A (en) | 2020-11-18 | 2020-11-18 | Block chain-based extranet confidential file detection method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112417501A (en) |
Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103164515A (en) * | 2013-03-01 | 2013-06-19 | 傅如毅 | Computer system confidential file knowledge base searching method |
| CN109361654A (en) * | 2018-09-18 | 2019-02-19 | 深圳崀途科技有限公司 | A kind of method and system for negotiating encryption handling business secret based on block chain |
| CN109788309A (en) * | 2018-12-25 | 2019-05-21 | 陕西优米数据技术有限公司 | Video file piracy detection method and system based on block chain technology |
| CN110019640A (en) * | 2017-07-25 | 2019-07-16 | 杭州盈高科技有限公司 | Confidential document inspection method and device |
| US20190361992A1 (en) * | 2018-05-24 | 2019-11-28 | International Business Machines Corporation | Terms of service platform using blockchain |
| CN110647505A (en) * | 2019-08-21 | 2020-01-03 | 杭州电子科技大学 | Computer-assisted secret point marking method based on fingerprint characteristics |
| CN110929110A (en) * | 2019-11-13 | 2020-03-27 | 北京北信源软件股份有限公司 | Electronic document detection method, device, equipment and storage medium |
| CN111030982A (en) * | 2019-09-26 | 2020-04-17 | 北京安天网络安全技术有限公司 | Strong management and control method, system and storage medium for confidential files |
| CN111090878A (en) * | 2019-11-29 | 2020-05-01 | 中国电子科技集团公司第二十研究所 | Password-fixed management system based on password points |
| CN111629027A (en) * | 2020-04-10 | 2020-09-04 | 云南电网有限责任公司信息中心 | Trusted file storage processing method based on block chain |
| CN111737102A (en) * | 2020-08-21 | 2020-10-02 | 北京志翔科技股份有限公司 | Safety early warning method and computer readable storage medium |
| CN111832083A (en) * | 2020-09-15 | 2020-10-27 | 江苏开博科技有限公司 | System resource tamper-proofing method based on block chain and national secret digital fingerprint technology |
-
2020
- 2020-11-18 CN CN202011296934.6A patent/CN112417501A/en active Pending
Patent Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103164515A (en) * | 2013-03-01 | 2013-06-19 | 傅如毅 | Computer system confidential file knowledge base searching method |
| CN110019640A (en) * | 2017-07-25 | 2019-07-16 | 杭州盈高科技有限公司 | Confidential document inspection method and device |
| US20190361992A1 (en) * | 2018-05-24 | 2019-11-28 | International Business Machines Corporation | Terms of service platform using blockchain |
| CN109361654A (en) * | 2018-09-18 | 2019-02-19 | 深圳崀途科技有限公司 | A kind of method and system for negotiating encryption handling business secret based on block chain |
| CN109788309A (en) * | 2018-12-25 | 2019-05-21 | 陕西优米数据技术有限公司 | Video file piracy detection method and system based on block chain technology |
| CN110647505A (en) * | 2019-08-21 | 2020-01-03 | 杭州电子科技大学 | Computer-assisted secret point marking method based on fingerprint characteristics |
| CN111030982A (en) * | 2019-09-26 | 2020-04-17 | 北京安天网络安全技术有限公司 | Strong management and control method, system and storage medium for confidential files |
| CN110929110A (en) * | 2019-11-13 | 2020-03-27 | 北京北信源软件股份有限公司 | Electronic document detection method, device, equipment and storage medium |
| CN111090878A (en) * | 2019-11-29 | 2020-05-01 | 中国电子科技集团公司第二十研究所 | Password-fixed management system based on password points |
| CN111629027A (en) * | 2020-04-10 | 2020-09-04 | 云南电网有限责任公司信息中心 | Trusted file storage processing method based on block chain |
| CN111737102A (en) * | 2020-08-21 | 2020-10-02 | 北京志翔科技股份有限公司 | Safety early warning method and computer readable storage medium |
| CN111832083A (en) * | 2020-09-15 | 2020-10-27 | 江苏开博科技有限公司 | System resource tamper-proofing method based on block chain and national secret digital fingerprint technology |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110334548B (en) | Data anomaly detection method based on differential privacy | |
| US9519774B2 (en) | Systems and methods for SQL query constraint solving | |
| US20130227604A1 (en) | Automated forensic document signatures | |
| CN110119428B (en) | Block chain information management method, device, equipment and storage medium | |
| EP3595263B1 (en) | Systems and methods for entity network analytics | |
| US10776487B2 (en) | Systems and methods for detecting obfuscated malware in obfuscated just-in-time (JIT) compiled code | |
| CN109951441B (en) | Examination information evaluation method, device, equipment and storage medium based on block chain | |
| Sallam et al. | Result-based detection of insider threats to relational databases | |
| CN112905667A (en) | Unmanned information storage and playback method, device and storage medium | |
| CN109918921B (en) | Method for detecting network communication data security | |
| CN114598514A (en) | Industrial control threat detection method and device | |
| US11657168B2 (en) | Error detection of data leakage in a data processing system | |
| CN112417501A (en) | Block chain-based extranet confidential file detection method | |
| Olliaro et al. | Empirical analysis of the impact of queries on watermarked relational databases | |
| Hong et al. | Data Auditing for Intelligent Network Security Monitoring | |
| CN112528056B (en) | Double-index field data retrieval system and method | |
| Sallam et al. | Detection of temporal data Ex-filtration threats to relational databases | |
| Chai et al. | A robust and reversible watermarking technique for relational dataset based on clustering | |
| CN110457600B (en) | Method, device, storage medium and computer equipment for searching target group | |
| Li et al. | DPIF: a framework for distinguishing unintentional quality problems from potential shilling attacks | |
| Lu et al. | One intrusion detection method based on uniformed conditional dynamic mutual information | |
| Johora et al. | Notice of Violation of IEEE Publication Principles: A Robust Database Watermarking using Local Differential Privacy | |
| US20230205896A1 (en) | Methods for securing data | |
| CN117195273B (en) | Data leakage detection method and device based on time sequence data anomaly detection | |
| Ohana et al. | DeCorus-NSA: detection and correlation of unusual signals for network syslog analytics |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210226 |