CN112702336A - Security control method and device for government affair service, security gateway and storage medium - Google Patents

Security control method and device for government affair service, security gateway and storage medium Download PDF

Info

Publication number
CN112702336A
CN112702336A CN202011525588.4A CN202011525588A CN112702336A CN 112702336 A CN112702336 A CN 112702336A CN 202011525588 A CN202011525588 A CN 202011525588A CN 112702336 A CN112702336 A CN 112702336A
Authority
CN
China
Prior art keywords
request
government affair
government
data
service request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202011525588.4A
Other languages
Chinese (zh)
Inventor
陈默
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Digital Guangdong Network Construction Co Ltd
Original Assignee
Digital Guangdong Network Construction Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Digital Guangdong Network Construction Co Ltd filed Critical Digital Guangdong Network Construction Co Ltd
Priority to CN202011525588.4A priority Critical patent/CN112702336A/en
Publication of CN112702336A publication Critical patent/CN112702336A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/105Multiple levels of security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Abstract

The embodiment of the disclosure discloses a security control method and device for government affair services, a security gateway and a storage medium. The method comprises the following steps: the security gateway receives a government affair data service request sent by a government affair service requester; invoking a corresponding request component based on the government affair data service request; when it is determined based on the request component that the government affair data service request meets a first preset safety rule, sending the government affair data service request to a first target external information system; wherein, the first preset safety rule is pre-configured in the request component; the first target external information system is an external system for providing government affairs data corresponding to the government affairs data service request. The scheme can effectively solve the technical problems of high development complexity and high development cost caused by directly integrating the data security control strategy in an external information system, and can modify the security rules configured in the request assembly as required, thereby improving the flexibility of the security verification of government affair services.

Description

Security control method and device for government affair service, security gateway and storage medium
Technical Field
The embodiment of the disclosure relates to the technical field of computers, in particular to a security control method and device for government affair services, a security gateway and a storage medium.
Background
The government affair industry has strict requirements on the security and privacy of data, so that the government affair data has higher requirements on operations of access authority control, auditing, desensitization and the like. However, the government affair industry systems for providing government affair services are various and have insufficient centralization degree, and there are many operation management bodies of the systems, and if control strategies for data security and privacy are directly integrated in each government affair industry system, the security and privacy control strategies of a plurality of government affair industry systems need to be modified, and codes must be rewritten, which results in high development complexity, high development cost and high difficulty in realizing unified security control.
Disclosure of Invention
The embodiment of the disclosure provides a security control method and device for government affair services, a security gateway and a storage medium, and the security of the government affair services can be effectively ensured through the security gateway.
In a first aspect, an embodiment of the present disclosure provides a security control method for government affairs service, including:
receiving a government affair data service request sent by a government affair service requester;
invoking a corresponding request component based on the government affair data service request;
when it is determined based on the request component that the government affair data service request meets a first preset safety rule, sending the government affair data service request to a first target external information system; wherein the first preset security rule is pre-configured in the request component; the first target external information system is an external system for providing government affair data corresponding to the government affair data service request.
In a second aspect, an embodiment of the present disclosure further provides a security control device for government affairs service, including:
the service request receiving module is used for receiving a government affair data service request sent by a government affair service requester;
the request component calling module is used for calling a corresponding request component based on the government affair data service request;
a first service request sending module, configured to send the government data service request to a first target external information system when it is determined, based on the request component, that the government data service request satisfies a first preset security rule; wherein the first preset security rule is pre-configured in the request component; the first target external information system is an external system for providing government affair data corresponding to the government affair data service request.
In a third aspect, an embodiment of the present disclosure further provides a security gateway, where the security gateway includes:
one or more processing devices;
storage means for storing one or more programs;
when the one or more programs are executed by the one or more processing devices, the one or more processing devices are caused to implement the security control method for government affairs service according to the embodiment of the disclosure.
In a fourth aspect, the disclosed embodiments also provide a computer readable medium, on which a computer program is stored, which when executed by a processing device, implements a security control method for government affairs services according to the disclosed embodiments.
The embodiment of the disclosure provides a security control scheme applied to a government affair service of a security gateway, which receives a government affair data service request sent by a government affair service requester; invoking a corresponding request component based on the government affair data service request; when it is determined based on the request component that the government affair data service request meets a first preset safety rule, sending the government affair data service request to a first target external information system; wherein the first preset security rule is pre-configured in the request component; the first target external information system is an external system for providing government affair data corresponding to the government affair data service request. According to the technical scheme, the security verification is carried out on the government affair data service request through the security gateway, the technical problems that the development complexity is high, the development cost is high and the difficulty of achieving security control is high due to the fact that a control strategy of data security and privacy is directly integrated in an external information system for providing government affair services can be effectively solved, the request assembly is configured in the security gateway, the request assembly corresponding to the government affair data service request is called to carry out security verification on the government affair data service request through establishing a unified security interception access control point of the multi-system access service, not only can the security of the government affair services be effectively guaranteed, but also the security rules configured in the request assembly can be modified according to needs, and the flexibility of the security verification on the government affair services is improved.
Drawings
Fig. 1 is a flowchart of a security control method of a government service in an embodiment of the present disclosure;
fig. 2 is a flowchart of a security control method of a government affairs service in another embodiment of the present disclosure;
FIG. 3 is a flowchart of a security control method for government services in yet another embodiment of the present disclosure;
fig. 4 is a flowchart of a security control method of a government affairs service in a further embodiment of the present disclosure;
fig. 5 is a schematic structural diagram of a security control device for government affairs services in another embodiment of the present disclosure;
fig. 6 is a schematic structural diagram of a security gateway in another embodiment of the present disclosure.
Detailed Description
Embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While certain embodiments of the present disclosure are shown in the drawings, it is to be understood that the present disclosure may be embodied in various forms and should not be construed as limited to the embodiments set forth herein, but rather are provided for a more thorough and complete understanding of the present disclosure. It should be understood that the drawings and embodiments of the disclosure are for illustration purposes only and are not intended to limit the scope of the disclosure.
It should be understood that the various steps recited in the method embodiments of the present disclosure may be performed in a different order, and/or performed in parallel. Moreover, method embodiments may include additional steps and/or omit performing the illustrated steps. The scope of the present disclosure is not limited in this respect.
The term "include" and variations thereof as used herein are open-ended, i.e., "including but not limited to". The term "based on" is "based, at least in part, on". The term "one embodiment" means "at least one embodiment"; the term "another embodiment" means "at least one additional embodiment"; the term "some embodiments" means "at least some embodiments". Relevant definitions for other terms will be given in the following description.
It should be noted that the terms "first", "second", and the like in the present disclosure are only used for distinguishing different devices, modules or units, and are not used for limiting the order or interdependence relationship of the functions performed by the devices, modules or units.
It is noted that references to "a", "an", and "the" modifications in this disclosure are intended to be illustrative rather than limiting, and that those skilled in the art will recognize that "one or more" may be used unless the context clearly dictates otherwise.
The names of messages or information exchanged between devices in the embodiments of the present disclosure are for illustrative purposes only, and are not intended to limit the scope of the messages or information.
Fig. 1 is a flowchart of a security control method for a government affairs service according to an embodiment of the present disclosure, where the embodiment of the present disclosure is applicable to a case where a government affair is processed, and the method may be performed by a security control device for the government affairs service, which may be composed of hardware and/or software and may be generally integrated in a security gateway having a security control function for the government affairs service. As shown in fig. 1, the method specifically includes the following steps:
in step 110, a government data service request sent by a government service requester is received.
The government affair service requester can include a government affair requester or a government affair requester needing to obtain government affair service data corresponding to the government affair in the process of processing the government affair, such as a government deposit collector, a transit certificate transaction in a harbor and a government agency, a business license transaction, an identity card transaction and the like. In the process of providing the government affair service or processing the government affair matters, the government affair service requester needs to acquire the relevant information of the user, and in order to effectively improve the efficiency of providing the government affair service, the government affair service requester can acquire the corresponding data information through different external information systems. However, in the process of acquiring the government affair service data from the external information system, the government affair service requester needs to effectively ensure the security of the government affair service.
In the embodiment of the disclosure, the secure gateway receives a government affair data service request sent by a government affair service requester, wherein the government affair data service request may be a service request in an HTTP (HyperText Transfer Protocol) form. Optionally, the government affair data service request may include relevant information such as a type of government affair service data and content of government affair service data requested to be obtained; optionally, the request for the government affair data service may further include ID information of the request and related information such as an IP address of a requesting party of the government affair service, which is advantageous in that, when the government affair service has a security problem, the government affair service can be queried and tracked based on the above information.
And step 120, calling a corresponding request component based on the government affair data service request.
In the disclosed embodiment, different request components are configured in the security gateway, so that the security gateway can perform different security authentication or security control on the government affair data service request. The requesting component can also be understood as a requesting plug-in component, different security rules can be configured in different requesting components, and when the requesting component is called, the security verification can be carried out on the government affairs data service request based on the security rule corresponding to the requesting component.
Illustratively, the government data service request may include a link address, wherein the link address may specifically be a URL (Uniform Resource Locator) address of a requesting component in the security gateway. When receiving a government affair data service request sent by a government affair service requester, analyzing the government affair data service request, and calling a corresponding request component according to a link address contained in the government affair data service request. As another example, the government affair data service request may include identification information of the request component, and when receiving the government affair data service request sent by the government affair service requester, the government affair data service request is parsed, and the corresponding request component is invoked according to the identification information of the request component included in the government affair data service request. As another example, when a government data service request is received, determining the type of the government data service request; the method has the advantages that different request components can be called according to the government affair data service request.
Optionally, when a government affair data service request is received, analyzing the government affair data service request, determining the security level of the government affair data obtained by the government affair data service request, and calling a request component corresponding to the government affair data service request according to the security level and the correspondence table between the security level and the request component; the security levels are different, the corresponding request components are different, and the number and the sequence of the called request components are also different. For example, the government affair data service request can be a service request in the form of an HTTP protocol, when the government affair data service request is received, the header and the body of the government affair data service request in the form of the HTTP protocol are parsed, content information and summary information of government affair data or government affair service acquired by the government affair data service request are determined, and the security level of the government affair data acquired by the government affair data service request is determined based on the content information or the summary information, wherein the summary information can be contained in the header of the HTTP request, and the content information can be contained in the body of the HTTP request.
It should be noted that there may be one or more request components invoked based on the government affairs data service request, and the number of the request components invoked based on the government affairs data service request is not limited in the embodiment of the present disclosure.
Step 130, when the government affair data service request is determined to meet a first preset safety rule based on the request component, sending the government affair data service request to a first target external information system; wherein the first preset security rule is pre-configured in the request component; the first target external information system is an external system for providing government affair data corresponding to the government affair data service request.
In the embodiment of the disclosure, whether a government affair data service request meets a first preset safety rule configured in the request component is judged based on the called request component, if so, the government affair data service request is a non-malicious request, and the government affair data service request is sent to a first target external information system; otherwise, the government data service request can be returned to the government service requester or an end operation can be performed. Wherein the first target external information system is capable of providing government affair data corresponding to the government affair data service request.
Optionally, the number of the request components is at least two; invoking a corresponding request component based on the government data service request, comprising: polling to invoke respective at least two request components based on the government data service request; when it is determined based on the request component that the government data service request satisfies a first preset security rule, transmitting the government data service request to a first target external information system, including: and for each request component called by polling, when the fact that the government affair data service request meets a first preset safety rule is determined based on the request component, judging whether an un-called request component corresponding to the government affair data service request exists, if so, returning to execute at least two corresponding request components called by polling based on the government affair data service request, and otherwise, sending the government affair data service request to a first target external information system. The advantage of this arrangement is that the security of the government affair service can be further ensured by invoking multiple request components through polling and performing multi-level security check on the government affair data service request.
For example, when a plurality of request components are provided, each corresponding request component may be polled and called based on the government affair data service request, and for each request component polled and called, whether the government affair data service request satisfies a first preset security rule is determined based on the request component, and when the government affair data service request satisfies the first preset security rule configured in each request component, the government affair data service request is forwarded to the first target external information system. The first preset safety rules configured in different request components are different, so that multi-level safety verification can be performed on the government affair data service request by calling different request components. For example, if the corresponding request components called based on the polling of the government affair data service request include a request component a, a request component B and a request component C, it may be sequentially determined whether the government affair data service request satisfies the first preset security rule configured by the request component a, the first preset security rule configured by the request component B and the first preset security rule configured by the request component C. It is understood that when it is determined based on the request component a that the government data service request satisfies the first preset security rule configured by the request component a, it is further determined based on the request component B whether the government data service request satisfies the first preset security rule configured by the request component B, if not, an ending operation may be performed, or the government data service request is returned to the government service requester, if so, it is further determined based on the request component C whether the government data service request satisfies the first preset security rule configured by the request component C, if so, the government data service request is sent to the first target external information system, otherwise, an ending operation may be performed, or the government data service request is returned to the government service requester.
Specifically, when it is determined that the government affair data service request meets a first preset security rule built in the currently called request component based on the currently called request component, whether a request component corresponding to the government affair data service request which is not called exists is continuously judged, that is, whether all the request components corresponding to the government affair data service request are called is judged. When there is no request component corresponding to the government affair data service request, the next request component is called continuously based on the polling calling rule, and whether the government affair data service request meets the first preset safety rule or not is judged continuously based on the currently called request component. The advantage of setting up like this lies in, can effectively guarantee that the corresponding request subassembly of government affairs data service request can call and finish, can further guarantee the security of government affairs service.
Optionally, when a plurality of request components correspond to the administrative data service request, the plurality of request components may be called in parallel, whether the administrative data service request satisfies the first preset security rule configured in each request component is judged in parallel, and when the administrative data service request satisfies the first preset security rule configured in each request component, the administrative data service request is sent to the first target external information system; when the government affair data service request does not meet any one of the first preset safety rules configured in the plurality of request components, an ending operation can be executed, or the government affair data service request is returned to the government affair service requester.
The embodiment of the disclosure provides a security control method applied to government affair service of a security gateway, which receives a government affair data service request sent by a government affair service requester; invoking a corresponding request component based on the government affair data service request; when it is determined based on the request component that the government affair data service request meets a first preset safety rule, sending the government affair data service request to a first target external information system; wherein the first preset security rule is pre-configured in the request component; the first target external information system is an external system for providing government affair data corresponding to the government affair data service request. According to the technical scheme, security verification is carried out on the government affair data service request through the security gateway, the technical problems that the development complexity is high, the development cost is high and the difficulty of achieving security control is high due to the fact that a control strategy of integrating data security and privacy is directly integrated in an external information system for providing government affair services can be effectively solved, a request component is configured in the security gateway, security verification is carried out on the government affair data service request through calling the request component corresponding to the government affair data service request, not only can the security of the government affair services be effectively guaranteed, but also security rules configured in the request component can be modified according to needs, and the flexibility of the security verification of the government affair services is improved.
In some embodiments, the security control method of the government affairs service further includes: when it is determined based on the request component that the government data service request does not satisfy the first preset security rule, modifying the government data service request based on the first preset security rule; sending the modified government affair data service request to a second target external information system based on the first preset safety rule; wherein the second target external information system is an external system for providing government affair data corresponding to the modified government affair data service request. The advantage of setting up like this is that under the prerequisite of effectively guaranteeing the security of government affairs service, can accord with the government affairs data service request of predetermineeing the safety rule to external information system, helps external information system to provide government affairs service for government affairs request service side fast.
Illustratively, when the request component determines that the government data service request does not satisfy the first preset security rule, the government data service request may be modified based on the first preset security rules, for example, by determining that sensitive information is included in the government data service request, the government data service request may be modified based on the first preset security rules to perform a desensitization operation on the government data service request, or sensitive information in the government affair data service request is deleted, the modified government affair data service request is sent to a second target external information system based on a first preset safety rule, wherein the second target external information system may provide the government affairs data corresponding to the modified government affairs data service request, for example, the second target external information system may be an external system that does not contain sensitive information.
In some embodiments, the security control method of the government affairs service further includes: and when the fact that the government affair data service request does not meet the first preset safety rule is determined based on the request component, intercepting the government affair data service request, and returning the government affair data service request to the government affair service requester. For example, when the request component determines that the government data service request does not satisfy the first preset security rule, it indicates that the government data service request does not satisfy the security requirement of the government service, and if the government data obtained by the government data service request is sensitive information or the government data service request is a malicious request, the security gateway may directly intercept the government data service request and return the government data service request to the government service requester. The benefit of setting up like this lies in, not only can effectively avoid will not conform to the government affairs data service request of security requirement and forward to the external information system, can effectively guarantee the completeness of government affairs service, can also make the government affairs service requestor in time know that government affairs data service request does not pass the security check to in time modify government affairs data service request.
In some embodiments, after sending the government data service request to the first target external information system, further comprising: receiving government affair request response data corresponding to the government affair data service request fed back by the first target external information system; invoking a corresponding response component based on the government affair request response data; when it is determined based on the response component that the government affair request response data meets a second preset safety rule, transmitting the government affair request response data to the government affair service requester; wherein the second preset safety rule is pre-configured in the response component; and when the fact that the government affair request response data do not meet the second preset safety rule is determined based on the response component, intercepting the government affair request response data, and returning the government affair request response data to the first target external information system. This has the advantage that the security of the government affairs service can be further improved.
Illustratively, after the government affair data service request is sent to the first target external information system, the first target external information system analyzes the government affair data service request, and obtains government affair request response data corresponding to the government affair data service request. The security gateway receives the government affair request response data sent by the first target external information system, and calls a corresponding response component based on the government affair request response data. The response component can be a plug-in configured in the security gateway, and can perform security verification or security control on the government affair request response data. Different security rules may be configured in different response components, and when invoked, the government affairs request response data may be security verified based on the security rules corresponding to the response components.
Illustratively, the government affair request response data may include a link address, wherein the link address may specifically be a URL address of a response component in the security gateway. When the government affair request response data sent by the first target external information system are received, the government affair request response data are analyzed, and corresponding response components are called according to the link addresses contained in the government affair request response data. As another example, the government affair request response data may include identification information of the response component, and when the government affair request response data sent by the government affair service requester is received, the government affair request response data is parsed, and the corresponding response component is invoked according to the identification information of the response component included in the government affair request response data. As another example, when the government affair request response data is received, the type of the government affair request response data is determined; the advantage of determining a target response component corresponding to the type of the received government affair request response data sent by the government affair service requester based on the preset corresponding relation table of the type of the government affair request response data and the response component and calling the target response component is that different response components can be called according to the government affair request response data.
Optionally, when receiving the government affair request response data, analyzing the government affair request response data, determining the security level of the government affair request response data, and calling a response component corresponding to the government affair request response data according to the security level and the correspondence table between the security level and the response component; the safety levels are different, the corresponding response components are different, and the number and the sequence of the called response components are also different. For example, the government affair request response data may be a service request in the form of HTTP protocol, when the government affair request response data is received, the header and body of the government affair request response data in the form of HTTP protocol are parsed, content information and summary information of the government affair request response data are determined, and the security level of the government affair request response data is determined based on the content information or the summary information, wherein the summary information may be included in the HTTP request header and the content information may be included in the HTTP request body.
Illustratively, when the response component determines that the government affair request response data does not satisfy the second preset security rule, the government affair request response data does not satisfy the security requirement of the government affair service, for example, if the government affair request response data is sensitive data, the security gateway can directly intercept the government affair request response data and return the government affair request response data to the first target external information system. Not only can effectively avoid sending the government affair request response data which do not accord with the security requirement to the government affair service requester, but also can enable the first target external information system to timely know that the government affair request response data do not pass the security verification, and can timely modify the government affair request response data.
It should be noted that there may be one or more response components invoked based on the government affair request response data, and the number of response components invoked based on the government affair request response data is not limited in the embodiments of the present disclosure.
Optionally, the number of the response components is at least two; invoking a corresponding response component based on the government affair request response data, comprising: invoking respective at least two response components based on the government affair request response data; when it is determined based on the response component that the government affair request response data satisfies a second preset security rule, sending the government affair request response data to the government affair service requester, including: and for each response component called by polling, when the response component determines that the government affair request response data meets a second preset safety rule, judging whether an un-called response component corresponding to the government affair request response data exists, if so, returning to execute calling of at least two corresponding response components based on the government affair request response data, and otherwise, sending the government affair request response data to the government affair service requester.
For example, when there are a plurality of response components, polling and calling each corresponding response component based on the government affair request response data, judging whether the government affair request response data satisfies a second preset safety rule based on the response component for each polled and sending the government affair request response data to the government affair service requester when the government affair request response data satisfies the second preset safety rule configured in each response component. The second preset safety rules configured in different response components are different, so that multi-level safety verification can be performed on the government affair request response data by calling different response components. Specifically, when it is determined that the government affair request response data meets the second preset safety rule based on the currently called response component, it is continuously determined whether there is a response component corresponding to the government affair request response data that is not called, that is, it is determined whether the response component corresponding to the government affair request response data has been called completely. When there is no response component corresponding to the government affair request response data, the next response component is called continuously based on the polling calling rule, and whether the government affair request response data meets the second preset safety rule is judged continuously based on the currently called response component. The advantage of setting up like this lies in, can effectively guarantee that the response subassembly that the government affair request response data corresponds can call and finish, can further guarantee the security of government affair service.
In some embodiments, after sending the government affairs request response data to the government affairs service requester, the method further comprises: recording the response time length of the government affair data service request; or, after returning the government affair request response data to the first target external information system, further comprising: and recording error information of the government affair request response data. For example, when the security gateway sends the government affair request response data to the government affair service requester, the government affair service requester can successfully acquire the secure government affair data or the government affair service, so that the response time of the government affair data service request can be recorded after the security gateway sends the government affair request response data to the government affair service requester, wherein the response time of the government affair data service request can also be understood as the time for the government affair service requester to acquire the secure government affair data or the government service, and this is beneficial to enabling the user to know the time for acquiring the government affair service in time. If the security gateway returns the government affair request response data to the first target external information system, it indicates that the government affair service requester cannot successfully acquire the secure government affair data or the government affair service, so that after the government affair request response data is returned to the first target external information system, error information of the government affair request response data can be recorded, wherein the error information can be understood as data or information which does not accord with the second preset security rule in the government affair request response data, and the set benefit lies in that a user can timely know the reason why the government affair service response data does not accord with the security rule.
Fig. 2 is a flowchart of a security control method of a government affairs service in another embodiment of the present disclosure, as shown in fig. 2, the method including the steps of:
at step 210, the security gateway receives a government affair data service request sent by a government affair service requester.
The security gateway invokes the corresponding request component based on the government data service request, step 220.
Step 230, determining whether the government data service request meets a first preset safety rule based on the request component, if so, executing step 240, otherwise, executing step 250.
Wherein the first predetermined security rule is pre-configured in the requesting component.
Step 240, the security gateway sends the government affair data service request to the first target external information system; wherein the first target external information system is an external system for providing government affairs data corresponding to the government affairs data service request.
At step 250, the security gateway modifies the government affairs data service request based on the first preset security rule.
Step 260, the security gateway sends the modified government affair data service request to a second target external information system based on a first preset security rule; wherein the second target external information system is an external system for providing government affair data corresponding to the modified government affair data service request.
The security control method for government affair service provided by the embodiment of the disclosure, the security gateway carries out security verification on the government affair data service request by calling the request component corresponding to the government affair data service request, if the verification is passed, the government affair data service request can be directly sent to the first target external information system, otherwise, the government affair data service request is modified based on the preset security rule, and the modified government affair data service request is sent to the second target external information system based on the preset security rule, thereby effectively solving the technical problems of high development complexity, high development cost and high difficulty in realizing security control caused by directly integrating the control strategy of data security and privacy in the external information system for providing government affair service, configuring the request component in the security gateway, and carrying out security verification on the government affair data service request by calling the request component corresponding to the government affair data service request, not only can effectively guarantee the security of government affair service, can also modify the security rule of configuration in requesting the subassembly as required, improved the flexibility of verifying government affair service security. In addition, on the premise of effectively ensuring the security of the government affair service, the government affair data service request which does not meet the security requirement can be modified based on the preset security rule and then forwarded to the corresponding external information system, so that the external information system is facilitated to rapidly provide the government affair service for the government affair request service party.
Fig. 3 is a flowchart of a security control method of a government affairs service in another embodiment of the present disclosure, as shown in fig. 3, the method including the steps of:
at step 310, the security gateway receives a government affair data service request sent by a government affair service requester.
At step 320, the security gateway invokes the corresponding request component based on the government data service request.
Step 330, determining whether the government affair data service request meets a first preset safety rule based on the request component, if so, executing step 340, otherwise, executing step 3100.
The first preset safety rule is configured in the request component in advance.
Step 340, the security gateway sends the government affair data service request to the first target external information system; wherein the first target external information system is an external system for providing government affairs data corresponding to the government affairs data service request.
And step 350, the security gateway receives government affair request response data corresponding to the government affair data service request fed back by the first target external information system.
At step 360, the security gateway invokes the corresponding response component based on the government affair request response data.
The second preset safety rule is pre-configured in the response component.
Step 370, determining whether the government affair request response data meets the second preset safety rule based on the response component, if yes, executing step 380, otherwise, executing step 390.
And 380, the security gateway sends the government affair request response data to the government affair service requester and records the response time of the government affair data service request.
Step 390, after intercepting the government affair request response data, the security gateway returns the government affair request response data to the first target external information system, and records error information of the government affair request response data.
And 3100, intercepting the government affair data service request by the security gateway, and returning the government affair data service request to the government affair service requester.
The security control method for the government affair service provided by the embodiment of the disclosure, the security gateway calls the request component corresponding to the government affair data service request to perform security verification on the government affair data service request, if the verification is passed, the security gateway can directly send the government affair data service request to the first target external information system and receive government affair request response data fed back by the first target external information system, then the security verification is performed on the government affair request response data again by calling the response component corresponding to the government affair request response data, if the verification is passed, the government affair request response data is sent to the government affair service requester, the government affair data request and the government affair request response data are intercepted respectively through double security verification on the government affair data service request and the government affair request response data and when the verification of the government affair data service request and the government affair request response data is not passed, the method and the system can solve the technical problems of high development complexity, high development cost and high difficulty in realizing safety control caused by directly integrating the control strategies of data safety and privacy in an external information system for providing government affair services, and effectively ensure the safety of the government affair services by establishing a plug-in safety control mechanism of service requests and service responses.
Fig. 4 is a flowchart of a security control method of a government affairs service in another embodiment of the present disclosure, as shown in fig. 4, the method including the steps of:
and step 410, receiving a government affair data service request sent by a government affair service requester.
At step 420, polling is invoked for the respective at least two request components based on the government data service request.
Step 430, judging whether the government affair data service request meets the first preset safety rule or not based on the currently called request component, if so, executing step 440, otherwise, executing step 4110.
Step 440, determining whether there is any un-called request component corresponding to the government affair data service request, if yes, returning to execute step 420, otherwise, executing step 450.
Step 450, send the government affairs data service request to the first target external information system.
Step 460, receiving government affair request response data corresponding to the government affair data service request fed back by the first target external information system.
At step 470, the respective at least two response components are invoked based on the government affairs request response data.
Step 480, judging whether the government affair request response data meet the second preset safety rule or not based on the currently called response component, if so, executing step 490, and otherwise, executing step 4120.
The second preset safety rule is pre-configured in the response component.
Step 490, determine whether there are any response components corresponding to the government affair request response data that have not been called, if yes, return to step 470, otherwise, execute step 4100.
At step 4100, the government affair request response data is sent to the government affair service requester.
Step 4110, intercept the government affair data service request, and return the government affair data service request to the government affair service requester.
Step 4120, intercept the government affairs request response data and return the government affairs request response data to the first target external information system.
The security control method for the government affair service provided by the embodiment of the disclosure can solve the technical problems of high development complexity, high development cost and high difficulty in realizing security control caused by directly integrating the control strategies of data security and privacy in an external information system for providing the government affair service, and effectively ensures the data security including the security of private data and sensitive data when the multi-government affair system executes the service by building a multi-system service access unified security interception access control point including a service request control point and a service response control point.
Fig. 5 is a schematic structural diagram of a security control device for government affairs services according to another embodiment of the present disclosure. As shown in fig. 5, the apparatus includes: a service request receiving module 510, a request component calling module 520, and a first service request sending module 530.
A service request receiving module 510, configured to receive a government affair data service request sent by a government affair service requester;
a request component calling module 520, configured to call a corresponding request component based on the government affair data service request;
a first service request sending module 530, configured to send the government data service request to a first target external information system when it is determined that the government data service request satisfies a first preset security rule based on the request component; wherein the first preset security rule is pre-configured in the request component; the first target external information system is an external system for providing government affair data corresponding to the government affair data service request.
The embodiment of the disclosure provides a security control scheme applied to a government affair service of a security gateway, which receives a government affair data service request sent by a government affair service requester; invoking a corresponding request component based on the government affair data service request; when it is determined based on the request component that the government affair data service request meets a first preset safety rule, sending the government affair data service request to a first target external information system; wherein the first preset security rule is pre-configured in the request component; the first target external information system is an external system for providing government affair data corresponding to the government affair data service request. According to the technical scheme, security verification is carried out on the government affair data service request through the security gateway, the technical problems that the development complexity is high, the development cost is high and the difficulty of achieving security control is high due to the fact that a control strategy of integrating data security and privacy is directly integrated in an external information system for providing government affair services can be effectively solved, a request component is configured in the security gateway, security verification is carried out on the government affair data service request through calling the request component corresponding to the government affair data service request, not only can the security of the government affair services be effectively guaranteed, but also security rules configured in the request component can be modified according to needs, and the flexibility of the security verification of the government affair services is improved.
Optionally, the apparatus further comprises:
a service request modification module, configured to modify the government affair data service request based on the first preset security rule when it is determined that the government affair data service request does not satisfy the first preset security rule based on the request component;
the second service request sending module is used for sending the modified government affair data service request to a second target external information system based on the first preset safety rule; wherein the second target external information system is an external system for providing government affair data corresponding to the modified government affair data service request.
Optionally, the apparatus further comprises:
and the service request returning module is used for intercepting the government affair data service request and returning the government affair data service request to the government affair service requester when the request component determines that the government affair data service request does not meet the first preset safety rule.
Optionally, the number of the request components is at least two;
the request component calling module is configured to:
polling to invoke respective at least two request components based on the government data service request;
the first service request sending module includes:
and the first service request sending unit is used for judging whether an un-called request component corresponding to the government data service request exists or not when the request component determines that the government data service request meets a first preset safety rule, if so, returning to execute at least two corresponding request components based on the government data service request polling call, and otherwise, sending the government data service request to a first target external information system.
Optionally, the apparatus further comprises:
the response data receiving module is used for receiving government affair request response data which are fed back by the first target external information system and correspond to the government affair data service request after the government affair data service request is sent to the first target external information system;
the response component calling module is used for calling a corresponding response component based on the government affair request response data;
a response data sending module, configured to send the government affair request response data to the government affair service requester when it is determined that the government affair request response data satisfies a second preset security rule based on the response component; wherein the second preset safety rule is pre-configured in the response component;
and the response data returning module is used for intercepting the government affair request response data and returning the government affair request response data to the first target external information system when the response component determines that the government affair request response data does not meet the second preset safety rule.
Optionally, the number of the response components is at least two;
the response component invoking module is to:
invoking respective at least two response components based on the government affair request response data;
the response data sending module comprises:
and the response data sending unit is used for judging whether response components which are not called and correspond to the government affair request response data exist or not when the response components determine that the government affair request response data meet the second preset safety rule, if so, returning to execute calling of at least two corresponding response components based on the government affair request response data, and otherwise, sending the government affair request response data to the government affair service requester.
Optionally, the apparatus further comprises:
the response time length recording module is used for recording the response time length of the government affair data service request after the government affair request response data are sent to the government affair service requester; alternatively, the first and second electrodes may be,
and the error information recording module is used for recording the error information of the government affair request response data after the government affair request response data is returned to the first target external information system.
The device can execute the methods provided by all the embodiments of the disclosure, and has corresponding functional modules and beneficial effects for executing the methods. For technical details which are not described in detail in the embodiments of the present disclosure, reference may be made to the methods provided in all the aforementioned embodiments of the present disclosure.
Referring now to FIG. 6, a schematic diagram of a security gateway 600 suitable for use in implementing embodiments of the present disclosure is shown. The security gateway in the embodiments of the present disclosure may include, but is not limited to, a mobile terminal such as a notebook computer, a digital broadcast receiver, a PDA (personal digital assistant), a PAD (tablet), a PMP (portable multimedia player), etc., and a fixed terminal such as a digital TV, a desktop computer, etc., or various forms of servers such as a stand-alone server or a server cluster. The security gateway shown in fig. 6 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present disclosure.
As shown in fig. 6, security gateway 600 may include a processing device (e.g., central processing unit, graphics processor, etc.) 601 that may perform various appropriate actions and processes in accordance with a program stored in a read-only memory device (ROM)602 or a program loaded from a storage device 605 into a random access memory device (RAM) 603. In RAM 603, various programs and data necessary for the operation of security gateway 600 are also stored. The processing device 601, the ROM 602, and the RAM 603 are connected to each other via a bus 604. An input/output (I/O) interface 605 is also connected to bus 604.
Generally, the following devices may be connected to the I/O interface 605: input devices 606 including, for example, a touch screen, touch pad, keyboard, mouse, camera, microphone, accelerometer, gyroscope, etc.; output devices 607 including, for example, a Liquid Crystal Display (LCD), a speaker, a vibrator, and the like; storage 608 including, for example, tape, hard disk, etc.; and a communication device 609. Communication means 609 may allow security gateway 600 to communicate wirelessly or by wire with other devices to exchange data. While FIG. 6 illustrates security gateway 600 having various devices, it is to be understood that not all of the illustrated devices are required to be implemented or provided. More or fewer devices may alternatively be implemented or provided.
In particular, according to an embodiment of the present disclosure, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer-readable medium, the computer program containing program code for performing a method for recommending words. In such an embodiment, the computer program may be downloaded and installed from a network through the communication means 609, or installed from the storage means 605, or installed from the ROM 602. The computer program, when executed by the processing device 601, performs the above-described functions defined in the methods of the embodiments of the present disclosure.
It should be noted that the computer readable medium in the present disclosure can be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present disclosure, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In contrast, in the present disclosure, a computer readable signal medium may comprise a propagated data signal with computer readable program code embodied therein, either in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: electrical wires, optical cables, RF (radio frequency), etc., or any suitable combination of the foregoing.
In some embodiments, the clients, servers may communicate using any currently known or future developed network protocol, such as HTTP, and may be interconnected with any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include a local area network ("LAN"), a wide area network ("WAN"), the Internet (e.g., the Internet), and peer-to-peer networks (e.g., ad hoc peer-to-peer networks), as well as any currently known or future developed network.
The computer readable medium may be embodied in the security gateway; or may exist separately and not be incorporated into the security gateway.
The computer readable medium carries one or more programs which, when executed by the security gateway, cause the security gateway to: invoking a corresponding request component based on the government affair data service request; when it is determined based on the request component that the government affair data service request meets a first preset safety rule, sending the government affair data service request to a first target external information system; wherein the first preset security rule is pre-configured in the request component; the first target external information system is an external system for providing government affair data corresponding to the government affair data service request.
Computer program code for carrying out operations for the present disclosure may be written in any combination of one or more programming languages, including but not limited to an object oriented programming language such as Java, Smalltalk, C + +, and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units described in the embodiments of the present disclosure may be implemented by software or hardware. Where the name of an element does not in some cases constitute a limitation on the element itself.
The functions described herein above may be performed, at least in part, by one or more hardware logic components. For example, without limitation, exemplary types of hardware logic components that may be used include: field Programmable Gate Arrays (FPGAs), Application Specific Integrated Circuits (ASICs), Application Specific Standard Products (ASSPs), systems on a chip (SOCs), Complex Programmable Logic Devices (CPLDs), and the like.
In the context of this disclosure, a machine-readable medium may be a tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. The machine-readable medium may be a machine-readable signal medium or a machine-readable storage medium. A machine-readable medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
According to one or more embodiments of the present disclosure, there is provided a security control method for a government affairs service, including:
receiving a government affair data service request sent by a government affair service requester;
invoking a corresponding request component based on the government affair data service request;
when it is determined based on the request component that the government affair data service request meets a first preset safety rule, sending the government affair data service request to a first target external information system; wherein the first preset security rule is pre-configured in the request component; the first target external information system is an external system for providing government affair data corresponding to the government affair data service request.
Further, still include:
when it is determined based on the request component that the government data service request does not satisfy the first preset security rule, modifying the government data service request based on the first preset security rule;
sending the modified government affair data service request to a second target external information system based on the first preset safety rule; wherein the second target external information system is an external system for providing government affair data corresponding to the modified government affair data service request.
Further, still include:
and when the fact that the government affair data service request does not meet the first preset safety rule is determined based on the request component, intercepting the government affair data service request, and returning the government affair data service request to the government affair service requester.
Further, the number of the request components is at least two;
invoking a corresponding request component based on the government data service request, comprising:
polling to invoke respective at least two request components based on the government data service request;
when it is determined based on the request component that the government data service request satisfies a first preset security rule, transmitting the government data service request to a first target external information system, including:
and for each request component called by polling, when the fact that the government affair data service request meets a first preset safety rule is determined based on the request component, judging whether an un-called request component corresponding to the government affair data service request exists, if so, returning to execute at least two corresponding request components called by polling based on the government affair data service request, and otherwise, sending the government affair data service request to a first target external information system.
Further, after sending the government affairs data service request to the first target external information system, the method further comprises:
receiving government affair request response data corresponding to the government affair data service request fed back by the first target external information system;
invoking a corresponding response component based on the government affair request response data;
when it is determined based on the response component that the government affair request response data meets a second preset safety rule, transmitting the government affair request response data to the government affair service requester; wherein the second preset safety rule is pre-configured in the response component;
and when the fact that the government affair request response data do not meet the second preset safety rule is determined based on the response component, intercepting the government affair request response data, and returning the government affair request response data to the first target external information system.
Further, the number of the response components is at least two;
invoking a corresponding response component based on the government affair request response data, comprising:
invoking respective at least two response components based on the government affair request response data;
when it is determined based on the response component that the government affair request response data satisfies a second preset security rule, sending the government affair request response data to the government affair service requester, including:
and for each response component called by polling, when the response component determines that the government affair request response data meets a second preset safety rule, judging whether an un-called response component corresponding to the government affair request response data exists, if so, returning to execute calling of at least two corresponding response components based on the government affair request response data, and otherwise, sending the government affair request response data to the government affair service requester.
Further, after sending the government affair request response data to the government affair service requester, the method further comprises:
recording the response time length of the government affair data service request; alternatively, the first and second electrodes may be,
after returning the government affair request response data to the first target external information system, further comprising:
and recording error information of the government affair request response data.
It is to be noted that the foregoing is only illustrative of the preferred embodiments of the present disclosure and the technical principles employed. Those skilled in the art will appreciate that the present disclosure is not limited to the particular embodiments described herein, and that various obvious changes, adaptations, and substitutions are possible, without departing from the scope of the present disclosure. Therefore, although the present disclosure has been described in greater detail with reference to the above embodiments, the present disclosure is not limited to the above embodiments, and may include other equivalent embodiments without departing from the spirit of the present disclosure, the scope of which is determined by the scope of the appended claims.

Claims (10)

1. A security control method for government affair service is applied to a security gateway and comprises the following steps:
receiving a government affair data service request sent by a government affair service requester;
invoking a corresponding request component based on the government affair data service request;
when it is determined based on the request component that the government affair data service request meets a first preset safety rule, sending the government affair data service request to a first target external information system; wherein the first preset security rule is pre-configured in the request component; the first target external information system is an external system for providing government affair data corresponding to the government affair data service request.
2. The method of claim 1, further comprising:
when it is determined based on the request component that the government data service request does not satisfy the first preset security rule, modifying the government data service request based on the first preset security rule;
sending the modified government affair data service request to a second target external information system based on the first preset safety rule; wherein the second target external information system is an external system for providing government affair data corresponding to the modified government affair data service request.
3. The method of claim 1, further comprising:
and when the fact that the government affair data service request does not meet the first preset safety rule is determined based on the request component, intercepting the government affair data service request, and returning the government affair data service request to the government affair service requester.
4. The method of claim 1, wherein the number of requesting components is at least two;
invoking a corresponding request component based on the government data service request, comprising:
polling to invoke respective at least two request components based on the government data service request;
when it is determined based on the request component that the government data service request satisfies a first preset security rule, transmitting the government data service request to a first target external information system, including:
and for each request component called by polling, when the fact that the government affair data service request meets a first preset safety rule is determined based on the request component, judging whether an un-called request component corresponding to the government affair data service request exists, if so, returning to execute at least two corresponding request components called by polling based on the government affair data service request, and otherwise, sending the government affair data service request to a first target external information system.
5. The method according to any one of claims 1-4, further comprising, after sending the government data service request to the first target external information system:
receiving government affair request response data corresponding to the government affair data service request fed back by the first target external information system;
invoking a corresponding response component based on the government affair request response data;
when it is determined based on the response component that the government affair request response data meets a second preset safety rule, transmitting the government affair request response data to the government affair service requester; wherein the second preset safety rule is pre-configured in the response component;
and when the fact that the government affair request response data do not meet the second preset safety rule is determined based on the response component, intercepting the government affair request response data, and returning the government affair request response data to the first target external information system.
6. The method of claim 5, wherein the number of response components is at least two;
invoking a corresponding response component based on the government affair request response data, comprising:
invoking respective at least two response components based on the government affair request response data;
when it is determined based on the response component that the government affair request response data satisfies a second preset security rule, sending the government affair request response data to the government affair service requester, including:
and for each response component called by polling, when the response component determines that the government affair request response data meets a second preset safety rule, judging whether an un-called response component corresponding to the government affair request response data exists, if so, returning to execute calling of at least two corresponding response components based on the government affair request response data, and otherwise, sending the government affair request response data to the government affair service requester.
7. The method according to claim 5, after transmitting said government affairs request response data to said government affairs service requester, further comprising:
recording the response time length of the government affair data service request; alternatively, the first and second electrodes may be,
after returning the government affair request response data to the first target external information system, further comprising:
and recording error information of the government affair request response data.
8. A security control device for government affairs service, applied to a security gateway, comprising:
the service request receiving module is used for receiving a government affair data service request sent by a government affair service requester;
the request component calling module is used for calling a corresponding request component based on the government affair data service request;
a first service request sending module, configured to send the government data service request to a first target external information system when it is determined, based on the request component, that the government data service request satisfies a first preset security rule; wherein the first preset security rule is pre-configured in the request component; the first target external information system is an external system for providing government affair data corresponding to the government affair data service request.
9. A security gateway, characterized in that the security gateway comprises:
one or more processing devices;
storage means for storing one or more programs;
when the one or more programs are executed by the one or more processing devices, cause the one or more processing devices to implement the security control method for government services according to any one of claims 1 to 7.
10. A computer-readable medium, on which a computer program is stored, characterized in that the program, when being executed by a processing means, implements a security control method for a government service according to any one of claims 1 to 7.
CN202011525588.4A 2020-12-22 2020-12-22 Security control method and device for government affair service, security gateway and storage medium Pending CN112702336A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011525588.4A CN112702336A (en) 2020-12-22 2020-12-22 Security control method and device for government affair service, security gateway and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011525588.4A CN112702336A (en) 2020-12-22 2020-12-22 Security control method and device for government affair service, security gateway and storage medium

Publications (1)

Publication Number Publication Date
CN112702336A true CN112702336A (en) 2021-04-23

Family

ID=75510158

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011525588.4A Pending CN112702336A (en) 2020-12-22 2020-12-22 Security control method and device for government affair service, security gateway and storage medium

Country Status (1)

Country Link
CN (1) CN112702336A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113282628A (en) * 2021-06-09 2021-08-20 支付宝(杭州)信息技术有限公司 Big data platform access method and device, big data platform and electronic equipment
CN115022088A (en) * 2022-07-21 2022-09-06 中国建设银行股份有限公司 Government affair gateway system
CN115242433A (en) * 2022-06-13 2022-10-25 易保网络技术(上海)有限公司 Data processing method, system, electronic device and computer readable storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101043478A (en) * 2007-04-20 2007-09-26 北京航空航天大学 Service gateway and method for realizing message safe process
CN103078832A (en) * 2011-10-26 2013-05-01 阿里巴巴集团控股有限公司 Internet business security defending method and internet business security defending system
CN109032783A (en) * 2018-08-01 2018-12-18 杭州朗和科技有限公司 Information interacting method, medium, device and calculating equipment
CN110213225A (en) * 2019-04-22 2019-09-06 重庆金融资产交易所有限责任公司 Gateway configuration method, device and computer equipment based on data analysis

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101043478A (en) * 2007-04-20 2007-09-26 北京航空航天大学 Service gateway and method for realizing message safe process
CN103078832A (en) * 2011-10-26 2013-05-01 阿里巴巴集团控股有限公司 Internet business security defending method and internet business security defending system
CN109032783A (en) * 2018-08-01 2018-12-18 杭州朗和科技有限公司 Information interacting method, medium, device and calculating equipment
CN110213225A (en) * 2019-04-22 2019-09-06 重庆金融资产交易所有限责任公司 Gateway configuration method, device and computer equipment based on data analysis

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113282628A (en) * 2021-06-09 2021-08-20 支付宝(杭州)信息技术有限公司 Big data platform access method and device, big data platform and electronic equipment
CN115242433A (en) * 2022-06-13 2022-10-25 易保网络技术(上海)有限公司 Data processing method, system, electronic device and computer readable storage medium
WO2023241366A1 (en) * 2022-06-13 2023-12-21 易保网络技术(上海)有限公司 Data processing method and system, and electronic device and computer-readable storage medium
CN115242433B (en) * 2022-06-13 2024-02-09 易保网络技术(上海)有限公司 Data processing method, system, electronic device and computer readable storage medium
CN115022088A (en) * 2022-07-21 2022-09-06 中国建设银行股份有限公司 Government affair gateway system

Similar Documents

Publication Publication Date Title
CN111062024B (en) Application login method and device
CN108923908B (en) Authorization processing method, device, equipment and storage medium
CN112702336A (en) Security control method and device for government affair service, security gateway and storage medium
CN112243002B (en) Data forwarding method, device, electronic equipment and computer readable medium
CN110839087B (en) Interface calling method and device, electronic equipment and computer readable storage medium
US10601831B2 (en) Accessing local information based on a browser session
CN110535659B (en) Method, apparatus, electronic device and computer readable medium for processing data request
CN111212075A (en) Service request processing method and device, electronic equipment and computer storage medium
CN112866385B (en) Interface calling method and device, electronic equipment and storage medium
CN110958119A (en) Identity verification method and device
CN112491778A (en) Authentication method, device, system and medium
CN108900562B (en) Login state sharing method and device, electronic equipment and medium
CN111199037A (en) Login method, system and device
CN114049122A (en) Service processing method and system
CN110247917B (en) Method and apparatus for authenticating identity
US20160248773A1 (en) Authorizations For Computing Devices To Access A Protected Resource
CN114584381A (en) Security authentication method and device based on gateway, electronic equipment and storage medium
CN112905990A (en) Access method, client, server and access system
CN115374207A (en) Service processing method and device, electronic equipment and computer readable storage medium
CN114048498A (en) Data sharing method, device, equipment and medium
CN115098840A (en) Identity authentication method, device, equipment, medium and product
CN110855655B (en) Information verification method, device, equipment and storage medium
CN114491489A (en) Request response method and device, electronic equipment and storage medium
CN112929453A (en) Method and device for sharing session data
US9270621B1 (en) Securely providing messages from the cloud

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20210423