CN112597532A - Monitoring method and device for sensitive data access - Google Patents
Monitoring method and device for sensitive data access Download PDFInfo
- Publication number
- CN112597532A CN112597532A CN202011407538.6A CN202011407538A CN112597532A CN 112597532 A CN112597532 A CN 112597532A CN 202011407538 A CN202011407538 A CN 202011407538A CN 112597532 A CN112597532 A CN 112597532A
- Authority
- CN
- China
- Prior art keywords
- sensitive data
- data access
- access
- sensitive
- query
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/30—Monitoring
- G06F11/32—Monitoring with visual or acoustical indication of the functioning of the machine
- G06F11/324—Display of status information
- G06F11/327—Alarm or error message display
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/30—Monitoring
- G06F11/34—Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation ; Recording or statistical evaluation of user activity, e.g. usability assessment
- G06F11/3438—Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation ; Recording or statistical evaluation of user activity, e.g. usability assessment monitoring of user actions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Quality & Reliability (AREA)
- Databases & Information Systems (AREA)
- Medical Informatics (AREA)
- Storage Device Security (AREA)
Abstract
The embodiment of the invention provides a method and a device for controlling sensitive data access, wherein the method comprises the following steps: generating a data access log according to a query request of a user for data; analyzing the data access log to judge whether a sensitive data access abnormal behavior exists; an alert is generated if there is sensitive data access exception behavior. In the embodiment of the invention, the illegal access of the sensitive data can be early warned by auditing the data access log record in real time, so that the illegal access and leakage of the sensitive data can be effectively prevented.
Description
Technical Field
The invention relates to the field of data processing, in particular to a monitoring method and device for sensitive data access.
Background
Data warehouses are used more frequently in large data environments, and because data warehouses often contain large amounts of sensitive data, security auditing of the data warehouses is important. The traditional safety audit mode can not clearly and effectively record the inquiry history and inquiry condition of each user to the sensitive data, and the auditor needs to spend extra workload to check the sensitive data and apply for inquiring the registration state. And manual auditing is easily escaped using copy tables and assigning new table permissions to other users. This is a very big challenge for data security.
In view of the above problems, no effective solution has been proposed.
Disclosure of Invention
The embodiment of the invention provides a monitoring method and a monitoring device for sensitive data access, which are used for at least solving the problems of illegal access and leakage of sensitive data in the related technology.
According to an embodiment of the present invention, there is provided a method for controlling access to sensitive data, including: generating a data access log according to a query request of a user for data; analyzing the data access log to judge whether a sensitive data access abnormal behavior exists; an alert is generated if there is sensitive data access exception behavior.
In an exemplary embodiment, the data access log includes at least one of the following information: a user account initiating the query request, a server identification initiating the query request, and a data query statement.
In one exemplary embodiment, analyzing the data access log to determine whether there is a sensitive data access exception behavior includes: analyzing the data query statement to acquire sensitive data related to the query request; determining whether the sensitive data access abnormal behavior exists according to the access characteristics of the sensitive data, wherein the access characteristics at least comprise one of the following: sensitive data access range, sensitive data access quantity and sensitive data access frequency.
In an exemplary embodiment, the method for controlling access to sensitive data further includes: periodically generating a sensitive data access report, wherein the sensitive data access report at least comprises one of the following information: accessing a user account of the sensitive data and the accessed sensitive data; and sending the sensitive data access report to a specified terminal.
In an exemplary embodiment, the method for controlling access to sensitive data further includes: recording the starting time and the ending time of data query, and optimizing the query task exceeding the query duration.
According to another embodiment of the present invention, there is provided a monitoring apparatus for sensitive data access, including: the log generating module is used for generating a data access log according to a query request of a user for data; the analysis module is used for analyzing the data access log to judge whether a sensitive data access abnormal behavior exists or not; and the alarm module is used for generating an alarm under the condition that the sensitive data access abnormal behavior exists.
In one exemplary embodiment, the analysis module includes: the analysis unit is used for analyzing the data query statement to acquire sensitive data related to the query request; the determining unit is used for determining whether the sensitive data access abnormal behavior exists according to the access characteristics of the sensitive data, wherein the access characteristics at least comprise one of the following: sensitive data access range, sensitive data access quantity and sensitive data access frequency.
In one exemplary embodiment, the monitoring apparatus further includes: the report generation module is used for periodically generating a sensitive data access report, wherein the sensitive data access report at least comprises one of the following information: accessing a user account of the sensitive data and the accessed sensitive data; and the sending module is used for sending the sensitive data access report to a specified terminal.
According to a further embodiment of the present invention, there is also provided a storage medium having a computer program stored therein, wherein the computer program is arranged to perform the steps of any of the above method embodiments when executed.
According to yet another embodiment of the present invention, there is also provided an electronic device, including a memory in which a computer program is stored and a processor configured to execute the computer program to perform the steps in any of the above method embodiments.
In the embodiment of the invention, the illegal access of the sensitive data can be early warned by auditing the data access log record in real time, so that the illegal access and leakage of the sensitive data can be effectively prevented.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the invention and together with the description serve to explain the invention without limiting the invention. In the drawings:
FIG. 1 is a schematic diagram of a network architecture according to an embodiment of the present invention;
FIG. 2 is a flow diagram of a method for monitoring access to sensitive data according to an embodiment of the present invention;
FIG. 3 is a block diagram of a monitoring device for sensitive data access according to an embodiment of the present invention;
FIG. 4 is a block diagram of a monitoring device for sensitive data access according to another embodiment of the present invention;
FIG. 5 is a schematic diagram of a private data security audit according to an embodiment of the invention.
Detailed Description
In order to make the technical solutions of the present invention better understood, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that the terms "first," "second," and the like in the description and claims of the present invention and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the invention described herein are capable of operation in sequences other than those illustrated or described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
In order to better understand the technical solutions of the embodiments and the alternative embodiments of the present invention, the following description is made on possible application scenarios in the embodiments and the alternative embodiments of the present invention, but is not limited to the application of the following scenarios.
The method embodiments provided in the present application may be executed in a computer terminal, a server, or a similar computing device. Taking the operation on a computer terminal as an example, fig. 1 is a hardware structure block diagram of a computer terminal operated by the embodiment of the method of the present invention. As shown in fig. 1, the computer terminal 10 may include one or more (only one shown in fig. 1) processors 102 (the processor 102 may include, but is not limited to, a processing device such as a microprocessor MCU or a programmable logic device FPGA) and a memory 104 for storing data, and in an exemplary embodiment, may also include a transmission device 106 for communication functions and an input-output device 108. It will be understood by those skilled in the art that the structure shown in fig. 1 is only an illustration, and is not intended to limit the structure of the mobile terminal of the computer terminal. For example, the computer terminal 10 may also include more or fewer components than shown in FIG. 1, or have a different configuration than shown in FIG. 1.
The memory 104 can be used for storing computer programs, for example, software programs and modules of application software, such as computer programs corresponding to the method embodiments of the present invention, and the processor 102 executes the computer programs stored in the memory 104 to execute various functional applications and data processing, i.e., to implement the above-mentioned methods. The memory 104 may include high speed random access memory, and may also include non-volatile memory, such as one or more magnetic storage devices, flash memory, or other non-volatile solid-state memory. In some examples, the memory 104 may further include memory located remotely from the processor 102, which may be connected to the computer terminal 10 via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The transmission device 106 is used for receiving or transmitting data via a network. Specific examples of the network described above may include wired or wireless networks provided by the communication provider of the computer terminal 10. In one example, the transmission device 106 includes a Network adapter (NIC) that can be connected to other Network devices via a broadband Network so as to communicate with the internet. In one example, the transmission device 106 may be a Radio Frequency (RF) module, which is used for communicating with the internet in a wireless manner.
In order to solve the problem that the data security audit mode in the prior art is difficult to prevent the leakage of sensitive data, the invention provides a technical scheme of real-time audit analysis, and under the condition of scanning of a sensitive data table, early warning and manual intervention processing can be immediately carried out, so that the leakage and illegal access of the sensitive data are prevented.
Example one
The present embodiment provides a monitoring method for sensitive data access operable in a network architecture, and fig. 2 is a flowchart of monitoring sensitive data access according to an embodiment of the present invention, as shown in fig. 2, the flowchart includes the following steps:
step S202, generating a data access log according to a query request of a user for data;
step S204, analyzing the data access log to judge whether a sensitive data access abnormal behavior exists;
and step S206, generating an alarm if the sensitive data access abnormal behavior exists.
In an exemplary embodiment, the data access log includes at least one of the following information: a user account initiating the query request, a server identification initiating the query request, and a data query statement.
In an exemplary embodiment, step S204 may include the steps of: analyzing the data query statement to acquire sensitive data related to the query request; determining whether the sensitive data access abnormal behavior exists according to the access characteristics of the sensitive data, wherein the access characteristics at least comprise one of the following: sensitive data access range, sensitive data access quantity and sensitive data access frequency.
In one exemplary embodiment, the method may further include: periodically generating a sensitive data access report, wherein the sensitive data access report at least comprises one of the following information: accessing a user account of the sensitive data and the accessed sensitive data; and sending the sensitive data access report to a specified terminal.
In one exemplary embodiment, the method may further include: recording the starting time and the ending time of data query, and optimizing the query task exceeding the query duration.
Through the steps of the embodiment, illegal access and leakage of sensitive data can be effectively prevented, and the query task with low efficiency can be optimized conveniently by recording the data query statement time.
Through the above description of the embodiments, those skilled in the art can clearly understand that the method according to the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but the former is a better implementation mode in many cases. Based on such understanding, the technical solutions of the present invention may be embodied in the form of a software product, which is stored in a storage medium (e.g., ROM/RAM, magnetic disk, optical disk) and includes instructions for enabling a terminal device (e.g., a mobile phone, a computer, a server, or a network device) to execute the method according to the embodiments of the present invention.
Example two
The embodiment provides a monitoring device for sensitive data access, which is used to implement the foregoing embodiments and preferred embodiments, and the description of the device that has been already made is omitted. As used below, the term "module" or "unit" may implement a combination of software and/or hardware of predetermined functions. Although the means described in the embodiments below are preferably implemented in software, an implementation in hardware, or a combination of software and hardware is also possible and contemplated.
Fig. 3 is a block diagram of a monitoring apparatus for sensitive data access according to an embodiment of the present invention, and as shown in fig. 3, the apparatus includes a log generating module 10, an analyzing module 20, and an alarm module 30.
And a log generating module 10, configured to generate a data access log according to a query request of a user for data.
And the analysis module 20 is configured to analyze the data access log to determine whether a sensitive data access abnormal behavior exists.
And the alarm module 30 is used for generating an alarm under the condition that the sensitive data access abnormal behavior exists.
EXAMPLE III
Fig. 4 is a block diagram of a monitoring apparatus for sensitive data access according to another embodiment of the present invention, and as shown in fig. 4, in this embodiment, the analysis module 20 includes a parsing unit 21 and a determination unit 22.
And the analyzing unit 21 is configured to analyze the data query statement to obtain the sensitive data related to the query request.
A determining unit 22, configured to determine whether there is an abnormal behavior of the sensitive data access according to an access characteristic of the sensitive data, where the access characteristic includes at least one of: sensitive data access range, sensitive data access quantity and sensitive data access frequency.
Additionally, in an exemplary embodiment, the apparatus includes a report generation module 40 and a transmission module 50 in addition to all of the modules shown in fig. 3.
A report generation module 40, configured to periodically generate a sensitive data access report, where the sensitive data access report includes at least one of the following information: a user account number for accessing sensitive data, the accessed sensitive data.
A sending module 50, configured to send the sensitive data access report to a specified terminal.
It should be noted that, the above modules may be implemented by software or hardware, and for the latter, the following may be implemented, but not limited to: the modules are all positioned in the same processor; alternatively, the modules are respectively located in different processors in any combination.
In order to facilitate understanding of the technical solutions provided by the present invention, the following detailed description will be made with reference to embodiments of specific scenarios.
Example four
In the present embodiment, a Hive system is described as an example. In addition, the partition of the functional module in this embodiment is also different from the above embodiment, as shown in fig. 5, in this embodiment, jar packet records of log records may be added to the Hiveserver, logs may be collected, and a real-time and offline log processing logic may be added to generate an abnormal operation warning or an audit report.
And recording all user and server information and user query statements by adding a log output module. Therefore, the syntax tree of the query statement is analyzed, and the information of the table information queried by the user, the column information related to the query, the partition condition of the table, the screening condition and the like can be obtained. And (4) a private data access report is automatically generated periodically, and the account numbers and the private data are counted. The report is sent to the relevant personnel.
By analyzing the recorded log, the condition that the user inquires the sensitive data can be judged. The auditing program analyzes the user inquiry log in real time, and once the private data is abnormally accessed, such as the private data is accessed suddenly in a large range and in a large batch, or the private data is repeatedly accessed in a short time, the system can give an alarm to related personnel in real time. The query condition of the sensitive information is judged more quickly and accurately, so that the sensitive data is prevented from being leaked.
When the query statement of the user is recorded, if the starting time and the ending time of the query can be recorded, tasks which take a lot of time in the system can be found out, so that the pertinence of the tasks can be optimized with effort, the execution efficiency of the tasks in batches is improved, and the performance loss is reduced. Therefore, the using track of hive is tracked, safety is enhanced, and statement problem positioning and resource use optimization can be facilitated.
Embodiments of the present invention also provide a storage medium having a computer program stored therein, wherein the computer program is arranged to perform the steps of any of the above method embodiments when executed.
In an exemplary embodiment, in the present embodiment, the storage medium may be configured to store a computer program for executing the steps of:
s1, generating a data access log according to the query request of the user for the data;
s2, analyzing the data access log to judge whether there is a sensitive data access abnormal behavior;
s3, generating an alarm if there is sensitive data access abnormal behavior.
In an exemplary embodiment, the storage medium may include, but is not limited to: various media capable of storing computer programs, such as a usb disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic disk, or an optical disk.
Embodiments of the present invention also provide an electronic device comprising a memory having a computer program stored therein and a processor arranged to run the computer program to perform the steps of any of the above method embodiments.
In an exemplary embodiment, the electronic apparatus may further include a transmission device and an input/output device, wherein the transmission device is connected to the processor, and the input/output device is connected to the processor.
In an exemplary embodiment, in the present embodiment, the processor may be configured to execute the following steps by a computer program:
s1, generating a data access log according to the query request of the user for the data;
s2, analyzing the data access log to judge whether there is a sensitive data access abnormal behavior;
s3, generating an alarm if there is sensitive data access abnormal behavior.
In an exemplary embodiment, for specific examples in this embodiment, reference may be made to the examples described in the above embodiments and optional implementation manners, and details of this embodiment are not described herein again.
It will be apparent to those skilled in the art that the various modules or steps of the invention described above may be implemented using a general purpose computing device, which may be centralized on a single computing device or distributed across a network of computing devices, and in one exemplary embodiment may be implemented using program code executable by a computing device, such that the steps shown and described may be executed by a computing device stored in a memory device and, in some cases, executed in a sequence different from that shown and described herein, or separately fabricated into individual integrated circuit modules, or multiple ones of them fabricated into a single integrated circuit module. Thus, the present invention is not limited to any specific combination of hardware and software.
The above description is only a preferred embodiment of the present invention and is not intended to limit the present invention, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, or improvement made within the principle of the present invention should be included in the protection scope of the present invention.
Claims (10)
1. A method for monitoring access to sensitive data, comprising:
generating a data access log according to a query request of a user for data;
analyzing the data access log to judge whether a sensitive data access abnormal behavior exists;
an alert is generated if there is sensitive data access exception behavior.
2. The method of claim 1, wherein the data access log includes at least one of: a user account initiating the query request, a server identification initiating the query request, and a data query statement.
3. The method of claim 1, wherein analyzing the data access log to determine whether there is sensitive data access exception behavior comprises:
analyzing the data query statement to acquire sensitive data related to the query request;
determining whether the sensitive data access abnormal behavior exists according to the access characteristics of the sensitive data, wherein the access characteristics at least comprise one of the following: sensitive data access range, sensitive data access quantity and sensitive data access frequency.
4. The method of claim 3, further comprising:
periodically generating a sensitive data access report, wherein the sensitive data access report at least comprises one of the following information: accessing a user account of the sensitive data and the accessed sensitive data;
and sending the sensitive data access report to a specified terminal.
5. The method of claim 1, further comprising:
recording the starting time and the ending time of data query, and optimizing the query task exceeding the query duration.
6. A device for monitoring access to sensitive data, comprising:
the log generating module is used for generating a data access log according to a query request of a user for data;
the analysis module is used for analyzing the data access log to judge whether a sensitive data access abnormal behavior exists or not;
and the alarm module is used for generating an alarm under the condition that the sensitive data access abnormal behavior exists.
7. The apparatus of claim 6, wherein the analysis module comprises:
the analysis unit is used for analyzing the data query statement to acquire sensitive data related to the query request;
the determining unit is used for determining whether the sensitive data access abnormal behavior exists according to the access characteristics of the sensitive data, wherein the access characteristics at least comprise one of the following: sensitive data access range, sensitive data access quantity and sensitive data access frequency.
8. The apparatus of claim 7, further comprising:
the report generation module is used for periodically generating a sensitive data access report, wherein the sensitive data access report at least comprises one of the following information: accessing a user account of the sensitive data and the accessed sensitive data;
and the sending module is used for sending the sensitive data access report to a specified terminal.
9. A computer-readable storage medium, in which a computer program is stored, wherein the computer program is arranged to perform the method of any of claims 1 to 5 when executed.
10. An electronic device comprising a memory and a processor, wherein the memory has stored therein a computer program, and wherein the processor is arranged to execute the computer program to perform the method of any of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011407538.6A CN112597532A (en) | 2020-12-04 | 2020-12-04 | Monitoring method and device for sensitive data access |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011407538.6A CN112597532A (en) | 2020-12-04 | 2020-12-04 | Monitoring method and device for sensitive data access |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112597532A true CN112597532A (en) | 2021-04-02 |
Family
ID=75188308
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011407538.6A Pending CN112597532A (en) | 2020-12-04 | 2020-12-04 | Monitoring method and device for sensitive data access |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112597532A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113572754A (en) * | 2021-07-21 | 2021-10-29 | 国网吉林省电力有限公司 | Sensitive data intelligent probing and access behavior monitoring alarm system |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140230070A1 (en) * | 2013-02-14 | 2014-08-14 | Microsoft Corporation | Auditing of sql queries using select triggers |
| CN107409126A (en) * | 2015-02-24 | 2017-11-28 | 思科技术公司 | System and method for protecting enterprise computing environment safety |
| CN110443048A (en) * | 2019-07-04 | 2019-11-12 | 广州海颐信息安全技术有限公司 | Data center looks into number system |
| CN110798472A (en) * | 2019-11-01 | 2020-02-14 | 杭州数梦工场科技有限公司 | Data leakage detection method and device |
| CN111031035A (en) * | 2019-12-12 | 2020-04-17 | 支付宝(杭州)信息技术有限公司 | Sensitive data access behavior monitoring method and device |
| CN111159706A (en) * | 2019-12-26 | 2020-05-15 | 深信服科技股份有限公司 | Database security detection method, device, equipment and storage medium |
| CN111767573A (en) * | 2020-06-28 | 2020-10-13 | 北京天融信网络安全技术有限公司 | Database security management method and device, electronic equipment and readable storage medium |
| CN111782481A (en) * | 2020-07-15 | 2020-10-16 | 五色石(杭州)数据技术有限公司 | Universal data interface monitoring system and monitoring method |
-
2020
- 2020-12-04 CN CN202011407538.6A patent/CN112597532A/en active Pending
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140230070A1 (en) * | 2013-02-14 | 2014-08-14 | Microsoft Corporation | Auditing of sql queries using select triggers |
| CN107409126A (en) * | 2015-02-24 | 2017-11-28 | 思科技术公司 | System and method for protecting enterprise computing environment safety |
| CN110443048A (en) * | 2019-07-04 | 2019-11-12 | 广州海颐信息安全技术有限公司 | Data center looks into number system |
| CN110798472A (en) * | 2019-11-01 | 2020-02-14 | 杭州数梦工场科技有限公司 | Data leakage detection method and device |
| CN111031035A (en) * | 2019-12-12 | 2020-04-17 | 支付宝(杭州)信息技术有限公司 | Sensitive data access behavior monitoring method and device |
| CN111159706A (en) * | 2019-12-26 | 2020-05-15 | 深信服科技股份有限公司 | Database security detection method, device, equipment and storage medium |
| CN111767573A (en) * | 2020-06-28 | 2020-10-13 | 北京天融信网络安全技术有限公司 | Database security management method and device, electronic equipment and readable storage medium |
| CN111782481A (en) * | 2020-07-15 | 2020-10-16 | 五色石(杭州)数据技术有限公司 | Universal data interface monitoring system and monitoring method |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113572754A (en) * | 2021-07-21 | 2021-10-29 | 国网吉林省电力有限公司 | Sensitive data intelligent probing and access behavior monitoring alarm system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107704360B (en) | Monitoring data processing method, equipment, server and storage medium | |
| CN111552678A (en) | Data permission configuration method and device and computer equipment | |
| CN111740868B (en) | Alarm data processing method and device and storage medium | |
| CN111367760B (en) | Log collection method and device, computer equipment and storage medium | |
| CN112165445B (en) | Method, device, storage medium and computer equipment for detecting network attack | |
| CN110941632A (en) | Database auditing method, device and equipment | |
| CN112199276B (en) | Method, device, server and storage medium for detecting change of micro-service architecture | |
| CN103581185A (en) | Cloud searching and killing method, device and system for resisting anti-antivirus test | |
| CN112989330A (en) | Container intrusion detection method and device, electronic equipment and storage medium | |
| CN104021141A (en) | Method, device and system for data processing and cloud service | |
| CN106067879B (en) | The detection method and device of information | |
| CN111159520A (en) | Sample identification method and device and safety emergency response system | |
| CN114780377A (en) | Method and device for determining software exception, storage medium and electronic device | |
| CN112597532A (en) | Monitoring method and device for sensitive data access | |
| CN111367686A (en) | Service interface calling method and device, computer equipment and storage medium | |
| CN106156210B (en) | Method and device for determining application identifier matching list | |
| CN112019546B (en) | Protection strategy adjusting method, system, equipment and computer storage medium | |
| CN112329021B (en) | Method and device for checking application loopholes, electronic device and storage medium | |
| CN113452533B (en) | Charging self-inspection and self-healing method and device, computer equipment and storage medium | |
| CN109784053B (en) | Method and device for generating filter rule, storage medium and electronic device | |
| Díaz-Zayas et al. | Remote control and instrumentation of Android devices | |
| CN116886445B (en) | Processing method and device of filtering result, storage medium and electronic equipment | |
| CN115766532A (en) | Link monitoring method and device, storage medium and electronic device | |
| CN117873827A (en) | Log configuration information updating method and device, storage medium and electronic device | |
| CN114327967A (en) | Equipment repairing method and device, storage medium and electronic device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |