CN112437075A - Data processing method, device, equipment and storage medium - Google Patents
Data processing method, device, equipment and storage medium Download PDFInfo
- Publication number
- CN112437075A CN112437075A CN202011293232.2A CN202011293232A CN112437075A CN 112437075 A CN112437075 A CN 112437075A CN 202011293232 A CN202011293232 A CN 202011293232A CN 112437075 A CN112437075 A CN 112437075A
- Authority
- CN
- China
- Prior art keywords
- code
- hosting platform
- target code
- sensitive information
- target
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The embodiment of the application provides a data processing method, a data processing device, data processing equipment and a storage medium. The method comprises the following steps: receiving a code submission request input by a user, wherein the code submission request comprises an identifier of an object code hosting platform, and the code submission request is used for requesting to submit object code to the object code hosting platform; when the target code hosting platform is determined not to belong to a white list, judging whether sensitive information exists in the target code; and if sensitive information exists in the target code, generating first prompt information, wherein the first prompt information is used for indicating cancellation of submitting the target code to the target code hosting platform. According to the method and the device, the code containing the sensitive information can be prevented from being submitted to the code hosting platform which is open to all users by developers, potential safety hazards are reduced, and the safety of the system is improved.
Description
Technical Field
The embodiment of the application relates to the technical field of information security, in particular to a data processing method, a data processing device, data processing equipment and a storage medium.
Background
With the rapid development of information processing technology, network applications and computer software are widely used in various industries, and code hosting platform applications, such as Github, are used to manage codes supporting the operation of the corresponding network applications and computer software.
In the related art, when a code is uploaded to a code hosting platform, the code generally needs to be scanned to determine whether the code meets a development specification, whether security holes exist or not, and the like.
Disclosure of Invention
The embodiment of the application provides a data processing method, a data processing device, data processing equipment and a storage medium, so as to improve the safety of code hosting.
In a first aspect, an embodiment of the present application provides a data processing method, including:
receiving a code submission request input by a user, wherein the code submission request comprises an identifier of an object code hosting platform, and the code submission request is used for requesting to submit object code to the object code hosting platform;
when the target code hosting platform is determined not to belong to a white list, judging whether sensitive information exists in the target code;
and if sensitive information exists in the target code, generating first prompt information, wherein the first prompt information is used for indicating cancellation of submitting the target code to the target code hosting platform.
In one possible implementation manner, the white list includes an identifier of at least one code hosting platform, and the determining that the target code hosting platform does not belong to the white list includes:
determining whether the identity of the target code hosting platform exists in the identities of the at least one code hosting platform;
and if not, determining that the target code hosting platform does not belong to the white list.
In a possible implementation manner, the determining whether sensitive information exists in the object code includes:
acquiring a sensitive information set; the sensitive information set comprises at least one item of sensitive information; the sensitive information includes at least one of: a user name, a password and an encryption key;
and judging whether the target code has sensitive information or not according to the sensitive information set.
In a possible implementation manner, the determining whether there is sensitive information in the object code according to the set of sensitive information includes:
and if the target code has at least one item of sensitive information in the sensitive information set, judging that the target code has sensitive information.
In a possible implementation manner, if there is no sensitive information in the object code, the method further includes:
generating second prompt information, wherein the second prompt information is used for indicating that the target code is allowed to be submitted to the target code hosting platform;
uploading the target code to the target hosting platform.
In a possible implementation manner, if the target hosting platform belongs to the white list, the method further includes:
sending third prompt information, wherein the third prompt information is used for indicating that the target code is allowed to be submitted to the target code hosting platform;
uploading the code to the target hosting platform.
In a possible implementation manner, after the generating the first prompt information, the method further includes:
and uploading the information of the target code submission request to a server.
In a second aspect, an embodiment of the present application provides a data processing apparatus, including:
the system comprises an acquisition module, a storage module and a control module, wherein the acquisition module is used for receiving a code submission request input by a user, the code submission request comprises an identifier of a target code hosting platform, and the code submission request is used for requesting to submit a target code to the target code hosting platform;
the judging module is used for judging whether sensitive information exists in the target code or not when the target code hosting platform is determined not to belong to a white list;
and the processing module is used for generating first prompt information if sensitive information exists in the target code, wherein the first prompt information is used for indicating cancellation of submitting the target code to the target code hosting platform.
In a third aspect, the present application provides a computer-readable storage medium, on which a computer program is stored, and the computer program, when executed by a processor, implements the method of any one of the first aspect.
In a fourth aspect, an embodiment of the present application provides an electronic device, including:
a processor; and
a memory for storing executable instructions of the processor;
wherein the processor is configured to perform the method of any of the first aspects via execution of the executable instructions.
The data processing method, the device, the equipment and the storage medium provided by the embodiment of the application receive a code submission request input by a user, namely when the user requests to submit a target code to a target code hosting platform, whether the target code hosting platform belongs to a white list or not can be determined firstly; when the target code hosting platform is determined not to belong to the white list, judging whether sensitive information exists in the target code; if the target code has the sensitive information, generating first prompt information, wherein the first prompt information is used for indicating that the target code is not submitted to the target code hosting platform, so that potential safety hazards caused by sensitive information leakage are reduced, and safety is improved.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present disclosure and together with the description, serve to explain the principles of the disclosure.
Fig. 1 is a schematic diagram of a system architecture according to an embodiment of the present application;
FIG. 2 is a schematic flow chart diagram of a data processing method provided in an embodiment of the present application;
FIG. 3 is a schematic diagram of a user operation provided in an embodiment of the present application;
FIG. 4 is a flow chart of a method provided by an embodiment of the present application;
FIG. 5 is a schematic interaction flow diagram of a data processing method according to an embodiment of the present application;
FIG. 6 is a schematic diagram of a configured white list and sensitive information provided by an embodiment of the present application;
FIG. 7 is a schematic structural diagram of a data processing apparatus according to an embodiment of the present application;
fig. 8 is a schematic structural diagram of an electronic device provided in an embodiment of the present application.
With the foregoing drawings in mind, certain embodiments of the disclosure have been shown and described in more detail below. These drawings and written description are not intended to limit the scope of the disclosed concepts in any way, but rather to illustrate the concepts of the disclosure to those skilled in the art by reference to specific embodiments.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The implementations described in the exemplary embodiments below are not intended to represent all implementations consistent with the present disclosure. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the present disclosure, as detailed in the appended claims.
The terms "comprising" and "having," and any variations thereof, in the description and claims of this application and the drawings described herein are intended to cover non-exclusive inclusions. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not limited to only those steps or elements listed, but may alternatively include other steps or elements not listed, or inherent to such process, method, article, or apparatus.
The terms "first," "second," and the like in the description and in the claims of the present application and in the above-described drawings (if any) are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the application described herein are, for example, capable of operation in sequences other than those illustrated or otherwise described herein.
First, a part of vocabulary and application scenarios related to the embodiments of the present application will be described.
Fig. 1 is a schematic diagram of a system architecture according to an embodiment of the present application. As shown in fig. 1, the system architecture of the embodiment of the present application may include, but is not limited to: electronic device 11 and server 12. The electronic apparatus includes, for example: mobile phones, tablet computers, and the like.
The electronic device 11 and the server 12 may be connected via a network.
The method provided by the embodiment of the application can be realized by an electronic device such as a processor executing corresponding software codes, and can also be realized by an electronic device performing data interaction with a server while executing the corresponding software codes.
With the rapid development of information processing technology, network applications and computer software are widely applied to various industries, and in order to create software ecology, various industries also gradually and actively open sources of codes supporting the operation of corresponding network applications and computer software, and meanwhile, more and more users also manage the developed codes by using code hosting platforms such as Github and the like in order to more conveniently develop and manage code projects.
In the related art, when a code is uploaded to a code hosting platform, the code generally needs to be scanned to determine whether the code meets a development specification, whether security holes exist or not, and the like. For example, an attacker can access important data and resources by using the sensitive information, which can seriously result in the effect of "library dragging" and the like, namely stealing data in the database.
According to the method, before the code is uploaded to the code hosting platform, whether the code hosting platform belongs to a white list or not is determined, namely whether the code hosting platform is safe and reliable or not is determined, if the code hosting platform does not belong to the white list, whether sensitive information exists in the code is detected, if the code hosting platform does not belong to the white list, the code is forbidden to be uploaded to the code hosting platform, sensitive information in the code is prevented from being uploaded to the code hosting platform, sensitive information leakage is avoided, and potential safety hazards are reduced.
The technical solution of the present application will be described in detail below with specific examples. The following several specific embodiments may be combined with each other, and details of the same or similar concepts or processes may not be repeated in some embodiments.
Fig. 2 is a schematic flowchart of a data processing method according to an embodiment of the present application. As shown in fig. 2, the method provided by this embodiment includes:
specifically, the user inputs a code submission request through a receiving component of the device, such as a keyboard, a mouse, a touch screen, a voice receiving component, and the like, and is used for requesting to submit the object code to the object code hosting platform.
The code submission request may include an identifier of the target hosting platform, such as a name and an address of the target hosting platform, and may also include an identifier of the target code, such as a storage path of the target code and a capacity of a storage space occupied by the target code.
As shown in fig. 3, a user inputs an identification of an object code hosting platform, such as a name and an address, inputs a path of an object code, clicks a confirmation button, i.e., generates a code submission request, and the device receives the code submission request input by the user.
And 102, judging whether sensitive information exists in the target code or not when the target code hosting platform is determined not to belong to the white list.
Specifically, after receiving the code submission request, it is determined whether the target code hosting platform belongs to a white list, and if not, whether sensitive information exists in the target code is determined.
For example, a preset white list may be obtained before step 102, where the white list includes identifiers of one or more code hosting platforms, and the white list indicates that sensitive information check is not required when code is submitted to the code hosting platforms, and the code hosting platforms are safe and reliable.
Sensitive information is for example the user name of some databases, secrets, encryption keys etc.
And 103, if sensitive information exists in the target code, generating first prompt information, wherein the first prompt information is used for indicating that the target code is canceled from being submitted to the target code hosting platform.
Specifically, if there is sensitive information in the object code, the object code is not allowed to be submitted to the object code hosting platform, and first prompt information may be generated, where the first prompt information is used to indicate that the submission of the object code to the object code hosting platform is cancelled.
The first prompt message may include, for example, at least one of the following: voice prompt information, text prompt information, or image prompt information.
The method of the embodiment receives a code submission request input by a user, that is, when the user requests to submit a target code to a target code hosting platform, whether the target code hosting platform belongs to a white list or not can be determined; when the target code hosting platform is determined not to belong to the white list, judging whether sensitive information exists in the target code; if the target code has the sensitive information, generating first prompt information, wherein the first prompt information is used for indicating that the target code is not submitted to the target code hosting platform, so that potential safety hazards caused by sensitive information leakage are reduced, and safety is improved.
On the basis of the foregoing embodiment, optionally, as shown in fig. 4, if there is no sensitive information in the object code, the method further includes:
generating second prompt information, wherein the second prompt information is used for indicating that the target code is allowed to be submitted to the target code hosting platform;
uploading the target code to the target hosting platform.
Specifically, if the sensitive information does not exist in the object code, there is no need to worry about leakage of the sensitive information, and therefore, the object code may be submitted to the object code hosting platform, for example, second hint information may be generated to indicate that the object code is allowed to be submitted to the object code hosting platform.
Wherein, the second prompt message may include at least one of the following: voice prompt information, text prompt information, or image prompt information.
Optionally, if the target code hosting platform belongs to a white list, the method further includes:
sending third prompt information, wherein the third prompt information is used for indicating that the target code is allowed to be submitted to the target code hosting platform;
uploading the target code to the target hosting platform.
Specifically, if the target code hosting platform belongs to the white list, which indicates that the code hosting platform is safe and reliable, the target code can be submitted to the target code hosting platform.
As shown in fig. 4 and 5, after the first prompt message is generated, that is, when the target code is not allowed to be submitted to the target code hosting platform, the message of the code submission request may be uploaded to the server.
When sensitive information is found, reporting an operation record of a code submission request related to the developer to a server, and storing the operation record of the code submission request by the server for later analysis and problem tracing.
In the above embodiment, when a user requests to submit a target code to a target code hosting platform, it may be determined whether the target code hosting platform belongs to a white list; if the target code hosting platform belongs to the white list, the target code is allowed to be submitted to the target code hosting platform, and if the target code hosting platform does not belong to the white list, whether sensitive information exists in the target code is judged; if the target code has sensitive information, first prompt information is generated and used for indicating that the target code is not submitted to the target code hosting platform, so that potential safety hazards caused by sensitive information leakage are reduced, safety is improved, operation of a code submitting request can be recorded, and follow-up problem tracing is facilitated.
In an embodiment, as shown in fig. 5, the specific content of the sensitive information to be checked is determined, for example, a sensitive information set may be formed, the sensitive information set includes at least one item of sensitive information, and a white list of the code hosting platforms may include an identifier of at least one code hosting platform.
As shown in fig. 6, the white list and the set of sensitive information may be configured in the electronic device or in a server.
The electronic device obtains the white list and the set of sensitive information before checking the object code.
When a developer submits a code, firstly, whether a target code hosting platform belongs to a white list is judged, if the target code hosting platform belongs to the range of the white list, submission is allowed, and if the target code hosting platform does not belong to the range of the white list, the submitted code is scanned, namely, whether sensitive information exists in the target code is judged;
if sensitive information is found in the code after scanning, giving a corresponding prompt and canceling the submitting operation;
and if the sensitive information is not found in the code after scanning, allowing the submitting operation.
Optionally, the method further comprises: when sensitive information is found, reporting the operation record of the related code submission request of the developer to a server for later analysis and tracing.
In an embodiment, the white list includes an identification of at least one code hosting platform, and the determining that the target code hosting platform does not belong to the white list includes:
determining whether the identity of the target code hosting platform exists in the identities of the at least one code hosting platform;
and if not, determining that the target code hosting platform does not belong to the white list.
Specifically, the white list may store an identifier of at least one code hosting platform, the code hosting platforms are considered safe and reliable by the user, and whether the identifier of the target code hosting platform exists is searched for in the identifier of the at least one code hosting platform included in the white list, so that whether the target code hosting platform belongs to the white list is determined.
In one embodiment, the determining whether sensitive information is present in the object code includes:
acquiring a sensitive information set; the sensitive information set comprises at least one item of sensitive information; the sensitive information includes at least one of: a user name, a password and an encryption key;
and judging whether the target code has sensitive information or not according to the sensitive information set.
Specifically, the specific content of the sensitive information may be configured in advance, for example, implemented in a set manner, where the set of sensitive information includes at least one item of sensitive information, such as a user name, a password, an encryption key, and the like.
And judging whether the target code has sensitive information or not according to a preset sensitive information set.
In an embodiment, the determining whether there is sensitive information in the object code according to the set of sensitive information includes:
and if the target code has at least one item of sensitive information in the sensitive information set, judging that the target code has sensitive information.
Specifically, whether at least one item of sensitive information included in the sensitive information set exists in the object code is checked, if at least one item of sensitive information exists, it is indicated that the sensitive information exists in the object code, and the object code cannot be uploaded to the object code hosting platform, otherwise, potential safety hazards caused by sensitive information leakage may occur.
In the above embodiment, whether at least one item of sensitive information in the sensitive information set exists in the target code is determined through the pre-configured sensitive information set, so as to determine whether the target code is allowed to be submitted to the target code hosting platform, and thus potential safety hazards caused by sensitive information leakage can be reduced.
An embodiment of the present application further provides a data processing apparatus, where the data processing apparatus includes: the device comprises a rule configuration unit, a search unit, a processing unit and a management unit.
The rule configuration unit is used for locally configuring the content of the sensitive information and a white list of the code hosting platform by a developer; or obtain the content of the sensitive information from the management unit and the white list of the code hosting platform.
And the processing unit is used for judging whether the operation of the code submitting request needs to be checked or not, and executing operations such as alarming and intercepting when sensitive information is found.
And the searching unit is used for searching whether the code contains sensitive information.
The management unit is used for storing the content of the sensitive information and a white list of the code hosting platform for the local client to read, and receiving the inspection result uploaded by the client, namely the result can be uploaded to the server for later analysis and use when the sensitive information is found.
In an embodiment, the data processing apparatus may be deployed in two parts, namely, a client side and a server side, and the data processing apparatus on the client side includes: the rule configuration unit, the search unit and the processing unit can be installed and deployed on equipment such as a local computer and a server used by a developer in the form of a development tool plug-in and the like, and the data processing device at the server end comprises a management unit and is deployed on a remote server, and the two parts are communicated through a network.
For example, the sensitive information includes information that is not suitable for disclosure, such as a database user name, a database password, and a private key of an RSA encryption algorithm, and the white list of the code hosting platform generally includes: the code management platform is a non-public code management platform which is built inside a company independently, but does not belong to a white list if Github.
Firstly, the management unit is configured with sensitive information as a user name of a database for storing user data, such as prod _ user _ info, and a warehouse http:// a1.com/user _ info for storing and processing user data codes is configured as a white list.
After the developer installs the data processing device on the client side on the local computer, and the rule configuration unit in the client side can automatically synchronize the configuration information of the management unit in the data processing device on the server side after the installation is successful.
When a developer submits a code containing prod _ user _ info to a code hosting platform http:// a1.com/user _ info, the processing unit judges that the submitted code hosting platform belongs to the white list range, and then allows the submission operation.
When a developer submits a code containing prod _ user _ info to a warehouse http:// githu. com/user _ info, a processing unit judges that a target code hosting platform submitted this time does not belong to the range of a white list, a searching unit is called, whether sensitive information prod _ user _ info is contained in the code or not is scanned, the code contains the sensitive information configured in a rule configuration unit through scanning discovery, and the searching unit informs the processing unit of a searching result.
And the processing unit obtains the search result, judges that the submitted code contains sensitive information, sends an alarm to the developer, cancels the submitting operation and remotely synchronizes the operation information of the developer to the server side.
In other embodiments, the client in the device can also be used separately from the server, and the data processing device on the client side includes a management unit, so that the sensitive information and the white list are configured by developers and can be dynamically updated without being restricted by the server.
The method of the embodiment of the application can prevent developers from submitting the codes containing the sensitive information to the code hosting platform which is open to a plurality of users, and potential safety hazards are reduced.
Fig. 7 is a schematic structural diagram of a data processing apparatus according to an embodiment of the present application, and as shown in fig. 7, the data processing apparatus according to the embodiment includes:
an obtaining module 110, configured to receive a code submission request input by a user, where the code submission request includes an identifier of an object code hosting platform, and the code submission request is used to request to submit an object code to the object code hosting platform;
the judging module 111 is configured to, when it is determined that the target code hosting platform does not belong to a white list, judge whether sensitive information exists in the target code;
a processing module 112, configured to generate first prompt information if there is sensitive information in the object code, where the first prompt information is used to indicate to cancel submitting the object code to the object code hosting platform.
In a possible implementation manner, the white list includes an identifier of at least one code hosting platform, and the determining module 111 is specifically configured to:
determining whether the identity of the target code hosting platform exists in the identities of the at least one code hosting platform;
and if not, determining that the target code hosting platform does not belong to the white list.
In a possible implementation manner, the obtaining module 110 is further configured to:
acquiring a sensitive information set; the sensitive information set comprises at least one item of sensitive information; the sensitive information includes at least one of: a user name, a password and an encryption key;
the determining module 111 is specifically configured to: and judging whether the target code has sensitive information or not according to the sensitive information set.
In a possible implementation manner, the determining module 111 is specifically configured to:
and if the target code has at least one item of sensitive information in the sensitive information set, judging that the target code has sensitive information.
In one possible implementation, the processing module 112 is further configured to:
if sensitive information does not exist in the target code, generating second prompt information, wherein the second prompt information is used for indicating that the target code is allowed to be submitted to the target code hosting platform;
uploading the target code to the target hosting platform.
In one possible implementation, the processing module 112 is further configured to:
if the target hosting platform belongs to the white list, sending third prompt information, wherein the third prompt information is used for indicating that the target code is allowed to be submitted to the target code hosting platform;
uploading the target code to the target hosting platform.
In a possible implementation manner, the processing module 112 is further configured to:
and uploading the information of the code submission request to a server.
The apparatus of this embodiment may be configured to implement the technical solutions of the above method embodiments, and the implementation principles and technical effects are similar, which are not described herein again.
The acquiring module may implement the function of the rule configuration unit in the foregoing embodiment, the determining module may implement the function of the search unit in the foregoing embodiment, and the processing module may implement the functions of the processing unit and the management unit in the foregoing embodiment.
Fig. 8 is a schematic structural diagram of an electronic device according to an embodiment of the present application, and as shown in fig. 8, the electronic device includes:
a processor 121, and a memory 122 for storing executable instructions of the processor 121.
Optionally, the method may further include: a communication interface 123 for enabling communication with other devices.
The above components may communicate over one or more buses.
The processor 121 is configured to execute the corresponding method in the foregoing method embodiment by executing the executable instruction, and the specific implementation process of the method may refer to the foregoing method embodiment, which is not described herein again.
The embodiment of the present application further provides a computer-readable storage medium, where a computer program is stored, and when the computer program is executed by a processor, the method in the foregoing method embodiment is implemented.
Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure disclosed herein. This application is intended to cover any variations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.
It will be understood that the present disclosure is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the present disclosure is limited only by the appended claims.
Claims (10)
1. A data processing method, comprising:
receiving a code submission request input by a user, wherein the code submission request comprises an identifier of an object code hosting platform, and the code submission request is used for requesting to submit object code to the object code hosting platform;
when the target code hosting platform is determined not to belong to a white list, judging whether sensitive information exists in the target code;
and if sensitive information exists in the target code, generating first prompt information, wherein the first prompt information is used for indicating cancellation of submitting the target code to the target code hosting platform.
2. The method of claim 1, wherein the whitelist includes an identification of at least one code hosting platform, and wherein the determining that the target code hosting platform does not belong to the whitelist comprises:
determining whether the identity of the target code hosting platform exists in the identities of the at least one code hosting platform;
and if not, determining that the target code hosting platform does not belong to the white list.
3. The method of claim 1 or 2, wherein the determining whether sensitive information is present in the object code comprises:
acquiring a sensitive information set; the sensitive information set comprises at least one item of sensitive information; the sensitive information includes at least one of: a user name, a password and an encryption key;
and judging whether the target code has sensitive information or not according to the sensitive information set.
4. The method of claim 3, wherein determining whether sensitive information exists in the object code according to the set of sensitive information comprises:
and if the target code has at least one item of sensitive information in the sensitive information set, judging that the target code has sensitive information.
5. The method of claim 1 or 2, wherein if sensitive information is not present in the object code, the method further comprises:
generating second prompt information, wherein the second prompt information is used for indicating that the target code is allowed to be submitted to the target code hosting platform;
uploading the target code to the target hosting platform.
6. The method of claim 1 or 2, wherein if the target hosting platform belongs to the whitelist, the method further comprises:
sending third prompt information, wherein the third prompt information is used for indicating that the target code is allowed to be submitted to the target code hosting platform;
uploading the target code to the target hosting platform.
7. The method according to claim 1 or 2, wherein after generating the first prompt message, the method further comprises:
and uploading the information of the code submission request to a server.
8. A data processing apparatus, comprising:
the system comprises an acquisition module, a storage module and a control module, wherein the acquisition module is used for receiving a code submission request input by a user, the code submission request comprises an identifier of a target code hosting platform, and the code submission request is used for requesting to submit a target code to the target code hosting platform;
the judging module is used for judging whether sensitive information exists in the target code or not when the target code hosting platform is determined not to belong to a white list;
and the processing module is used for generating first prompt information if sensitive information exists in the target code, wherein the first prompt information is used for indicating cancellation of submitting the target code to the target code hosting platform.
9. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the method of any one of claims 1 to 7.
10. An electronic device, comprising:
a processor; and
a memory for storing executable instructions of the processor;
wherein the processor is configured to perform the method of any of claims 1-7 via execution of the executable instructions.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011293232.2A CN112437075A (en) | 2020-11-18 | 2020-11-18 | Data processing method, device, equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011293232.2A CN112437075A (en) | 2020-11-18 | 2020-11-18 | Data processing method, device, equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112437075A true CN112437075A (en) | 2021-03-02 |
Family
ID=74693283
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011293232.2A Pending CN112437075A (en) | 2020-11-18 | 2020-11-18 | Data processing method, device, equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112437075A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117112016A (en) * | 2023-08-25 | 2023-11-24 | 北京火山引擎科技有限公司 | Code operation behavior detection method, device, medium and electronic equipment |
| WO2023241046A1 (en) * | 2022-06-16 | 2023-12-21 | 中兴通讯股份有限公司 | Code management method and apparatus, and electronic device and storage medium |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060070126A1 (en) * | 2004-09-26 | 2006-03-30 | Amiram Grynberg | A system and methods for blocking submission of online forms. |
| CN106713266A (en) * | 2016-11-14 | 2017-05-24 | 腾讯科技(深圳)有限公司 | Method, device, terminal and system for preventing information leakage |
| CN108959565A (en) * | 2018-07-04 | 2018-12-07 | 广东小天才科技有限公司 | Method, device and server for filtering webpage content |
| US10180836B1 (en) * | 2015-08-24 | 2019-01-15 | Amazon Technologies, Inc. | Generating source code review comments using code analysis tools |
| CN109544267A (en) * | 2018-10-19 | 2019-03-29 | 中国平安人寿保险股份有限公司 | Resource acquiring method, device, computer equipment and storage medium |
| CN110598411A (en) * | 2019-09-23 | 2019-12-20 | 腾讯科技(深圳)有限公司 | Sensitive information detection method and device, storage medium and computer equipment |
| CN111143858A (en) * | 2019-12-31 | 2020-05-12 | 中国联合网络通信集团有限公司 | Data checking method and device |
-
2020
- 2020-11-18 CN CN202011293232.2A patent/CN112437075A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060070126A1 (en) * | 2004-09-26 | 2006-03-30 | Amiram Grynberg | A system and methods for blocking submission of online forms. |
| US10180836B1 (en) * | 2015-08-24 | 2019-01-15 | Amazon Technologies, Inc. | Generating source code review comments using code analysis tools |
| CN106713266A (en) * | 2016-11-14 | 2017-05-24 | 腾讯科技(深圳)有限公司 | Method, device, terminal and system for preventing information leakage |
| CN108959565A (en) * | 2018-07-04 | 2018-12-07 | 广东小天才科技有限公司 | Method, device and server for filtering webpage content |
| CN109544267A (en) * | 2018-10-19 | 2019-03-29 | 中国平安人寿保险股份有限公司 | Resource acquiring method, device, computer equipment and storage medium |
| CN110598411A (en) * | 2019-09-23 | 2019-12-20 | 腾讯科技(深圳)有限公司 | Sensitive information detection method and device, storage medium and computer equipment |
| CN111143858A (en) * | 2019-12-31 | 2020-05-12 | 中国联合网络通信集团有限公司 | Data checking method and device |
Non-Patent Citations (4)
| Title |
|---|
| YVONNE: "《https://developer.aliyun.com/article/772290》", 14 September 2020 * |
| 刘臻等: "基于漏洞指纹的软件脆弱性代码复用检测方法", 《浙江大学学报(工学版)》 * |
| 张晓云等, 中国铁道出版社 * |
| 毕婷_DBEA: "《https://developer.aliyun.com/article/772338》", 15 September 2020 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2023241046A1 (en) * | 2022-06-16 | 2023-12-21 | 中兴通讯股份有限公司 | Code management method and apparatus, and electronic device and storage medium |
| CN117112016A (en) * | 2023-08-25 | 2023-11-24 | 北京火山引擎科技有限公司 | Code operation behavior detection method, device, medium and electronic equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10216377B2 (en) | Visual regression analysis | |
| US9280665B2 (en) | Fast and accurate identification of message-based API calls in application binaries | |
| US10754717B2 (en) | Fast and accurate identification of message-based API calls in application binaries | |
| WO2019067598A1 (en) | Systems and method for deploying, securing, and maintaining computer-based analytic environments | |
| CN108763951B (en) | Data protection method and device | |
| US11846972B2 (en) | Method and apparatus for generating software test reports | |
| CN112149109B (en) | Modularized authority control management method and system | |
| CN110471728B (en) | Method and related device for displaying interface based on user permission | |
| US20220253297A1 (en) | Automated deployment of changes to applications on a cloud computing platform | |
| CN112437075A (en) | Data processing method, device, equipment and storage medium | |
| US20240223378A1 (en) | Verification of the reliability of software and devices against assertions and guarantees | |
| KR102352265B1 (en) | System and method for providing web application development platform | |
| CN109818972B (en) | Information security management method and device for industrial control system and electronic equipment | |
| CN113326539B (en) | Method, device and system for private data leakage detection aiming at applet | |
| KR20120078017A (en) | Cloud computing-based system for supporting analysis of malicious code and analyst terminal using the same | |
| CN108462580B (en) | Numerical value transferring method and device | |
| CN111488286B (en) | Method and device for independently developing Android modules | |
| CN116501336A (en) | Component integration method, device, equipment and storage medium | |
| CN110348226A (en) | A kind of scan method of project file, device, electronic equipment and storage medium | |
| CN112543194B (en) | Mobile terminal login method and device, computer equipment and storage medium | |
| KR101548606B1 (en) | A system and a computer-readable storage medium for remotely controlling an user equipment by an administrator's terminal | |
| CN114238273A (en) | Database management method, device, equipment and storage medium | |
| CN109714371B (en) | Industrial control network safety detection system | |
| CN109933990B (en) | Multi-mode matching-based security vulnerability discovery method and device and electronic equipment | |
| CN107567627B (en) | Device with test execution environment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |