CN112733152A - Sensitive data processing method, system and device - Google Patents
Sensitive data processing method, system and device Download PDFInfo
- Publication number
- CN112733152A CN112733152A CN202110086414.0A CN202110086414A CN112733152A CN 112733152 A CN112733152 A CN 112733152A CN 202110086414 A CN202110086414 A CN 202110086414A CN 112733152 A CN112733152 A CN 112733152A
- Authority
- CN
- China
- Prior art keywords
- security
- processor
- operating system
- level
- data processing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000003672 processing method Methods 0.000 title claims abstract description 20
- 238000000034 method Methods 0.000 claims abstract description 24
- 238000002955 isolation Methods 0.000 claims description 38
- 238000004590 computer program Methods 0.000 claims description 16
- 230000006870 function Effects 0.000 claims description 13
- 231100000279 safety data Toxicity 0.000 claims description 9
- 238000004458 analytical method Methods 0.000 abstract description 11
- 238000011156 evaluation Methods 0.000 abstract description 7
- 230000035945 sensitivity Effects 0.000 description 7
- 238000012986 modification Methods 0.000 description 5
- 230000004048 modification Effects 0.000 description 5
- 238000013500 data storage Methods 0.000 description 2
- 238000001514 detection method Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- PWPJGUXAGUPAHP-UHFFFAOYSA-N lufenuron Chemical compound C1=C(Cl)C(OC(F)(F)C(C(F)(F)F)F)=CC(Cl)=C1NC(=O)NC(=O)C1=C(F)C=CC=C1F PWPJGUXAGUPAHP-UHFFFAOYSA-N 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 230000004888 barrier function Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000003247 decreasing effect Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 235000008216 herbs Nutrition 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000011084 recovery Methods 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Health & Medical Sciences (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computing Systems (AREA)
- Medical Informatics (AREA)
- Databases & Information Systems (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a sensitive data processing method, a system and a device thereof, relating to the field of data processing, classifying sensitive data, judging the lowest security level of the corresponding data processing environment required by the sensitive data based on the classification result, namely judging whether the data processing environment is suitable according to the specific type of the sensitive data, and performing general judgment without considering the type of the sensitive data in the non-traditional method, wherein the judgment accuracy is higher, and the method comprehensively considers the operating system security and the processor security of the data processing environment, obtains the operating system security grade and the processor security grade by comprehensive evaluation, obtains the operating system security grade based on the operating system security grade and the processor security grade based on the processor security grade, and finally comprehensively compares the operating system security grade and the processor security grade to judge whether the sensitive data is suitable for processing, comprehensive and accurate analysis of the data processing environment is achieved.
Description
Technical Field
The present invention relates to the field of data processing, and in particular, to a method, a system, and an apparatus for processing sensitive data.
Background
The security of the data processing and analysis tasks is directly and intimately related to the security of the system software and hardware environment on which the program operates, in addition to the security and privacy level of the data processing and analysis program itself. The security of the system software and hardware environment is equivalent to the outermost security barrier, and once the security of the system software and hardware environment has a bug, the security of the data processing and analyzing task faces great hidden danger.
Most of the existing data processing environment security analysis adopts a single analysis mode, for example, only whether system software is safe or only whether a hardware environment is safe is analyzed, an analysis object is single and incomplete, and the existing security analysis of the system software and the hardware environment is judged only by a single index, so that the security analysis result is inaccurate, and the system software or the hardware environment is generally classified as safe or unsafe.
Disclosure of Invention
In order to realize accurate and comprehensive judgment on whether the current data processing environment is suitable for processing the current data, the invention provides a sensitive data processing method, a sensitive data processing system and a sensitive data processing device.
To achieve the above object, the present invention provides a sensitive data processing method, including:
acquiring sensitive data to be processed and relevant data of a preset data processing environment;
obtaining a classification result of the sensitive data to be processed based on the sensitive data classification standard;
acquiring a minimum security level a of a corresponding data processing environment required for processing the sensitive data to be processed based on a corresponding relation between the type of the sensitive data and the security level of the data processing environment, wherein the security level is in inverse proportion to the security of the data processing environment;
obtaining operating system safety data and processor safety data in the relevant data of the preset data processing environment based on the relevant data of the preset data processing environment;
obtaining an operating system security score based on operating system security score rules and operating system security data, and obtaining a security level b of an operating system in a preset data processing environment based on a corresponding relation between the operating system security score and the operating system security level;
obtaining a processor safety score based on a processor safety score rule and processor safety data, and obtaining a safety level c of a processor in a preset data processing environment based on a corresponding relation between the processor safety score and the processor safety level;
and if the security level c and the security level b are both smaller than or equal to the security level a, allowing the data to be processed in preset data processing environment data, otherwise, not allowing the data to be processed in the preset data processing environment data.
Wherein the principle of the method is that sensitive data is firstly classified, the lowest security level of the data processing environment corresponding to the sensitive data is judged based on the classification result, namely, whether the data processing environment is suitable or not can be judged according to the specific type of the sensitive data, the general judgment is carried out without considering the type of the sensitive data in the traditional method, the judgment accuracy is higher, the method comprehensively considers the operating system security and the processor security of the data processing environment, comprehensively evaluates to obtain the operating system security score and the processor security score, obtains the operating system security grade based on the operating system security score, and obtaining a processor security level based on the processor security score, and finally comprehensively comparing whether the sensitive data is suitable for processing through the operating system security level and the processor security level, thereby realizing comprehensive and accurate analysis of the data processing environment.
Preferably, the sensitive data in the method are divided into: the system comprises A-type sensitive data, B-type sensitive data and C-type sensitive data, wherein the lowest security level of a data processing environment required for processing the A-type sensitive data is level 1, the lowest security level of a data processing environment required for processing the B-type sensitive data is level 3, and the lowest security level of a data processing environment required for processing the C-type sensitive data is level 4.
Preferably, the operating system security index in the method includes: the security system comprises an operating system kernel version number, a known security vulnerability number approved and officially released by an operating system manufacturer or an open source community, and an unknown security vulnerability number collected from a network and related to the operating system.
Preferably, the operating system security scoring rule in the method is as follows:
if the kernel version of the current operating system is the latest version, 3 points are obtained; if the current kernel version of the operating system is not the latest version and the number of the intermediate versions which are 1-3 away from the latest version is 2 points; if the current kernel version of the operating system is not the latest version and the number of intermediate versions which are 4-5 away from the latest version is 1 score; if the kernel version of the current operating system is not the latest version and the number of intermediate versions which are more than 5 from the latest version is 0 score;
if the number of the known security vulnerabilities of the operating system is 0, 3 points are obtained; if the number of the known security vulnerabilities of the operating system is 1-3, 2 points are obtained; if the number of the known security vulnerabilities of the operating system is 4-5, 1 score is obtained; if the number of the known security vulnerabilities of the operating system is more than 5, 0 score is obtained;
if the number of unknown security vulnerabilities of the operating system is 0, 3 points are obtained; if the number of unknown security vulnerabilities of the operating system is 1-10, 2 points are obtained; if the number of unknown security vulnerabilities of the operating system is 11-20, 1 score is obtained; and if the number of unknown security vulnerabilities of the operating system is more than 20, the score of 0 is obtained.
Preferably, in the method, if the security score of the operating system is 9, the security level of the operating system is 1 level; if the safety score of the operating system is 6-8, the safety level of the operating system is 2 level; if the security score of the operating system is 5-7, the security level of the operating system is 3; and if the security score of the operating system is 0-4, the security level of the operating system is 4.
Preferably, the processor safety index in the method includes: a processor firmware version, an isolation level of the processor for applications, an isolation level of the processor for virtual machines and container operations, and a level of the processor for memory hardware encryption and an isolation level of container operations.
Preferably, the processor security scoring rule in the method is as follows:
if the firmware version of the current processor is the latest version, 3 points are obtained; if the firmware version of the current processor is not the latest version and the number of the intermediate versions of the firmware version of the current processor, which are 1-5 from the latest version, is 2 points; if the firmware version of the current processor is not the latest version and the number of the intermediate versions of the firmware version of the current processor, which are 6-10 from the latest version, is 1 point; if the firmware version of the current processor is not the latest version and the number of the intermediate versions of the firmware version of the current processor, which is far away from the latest version, is more than 10, then 0 score is obtained;
if the processor contains all the safety instructions and the isolation level of the processor aiming at the program is full isolation, 3 points are obtained; if the processor contains all the safety instructions and the isolation level of the processor aiming at the program is partially isolated, 2 points are obtained; if the processor contains a part of the safety instruction and the isolation level of the processor aiming at the program is partial isolation, 1 is obtained; the rest is 0 point;
if the isolation level of the processor aiming at the virtual machine and the container operation is 3 points for supporting the virtual machine and the container isolation function; the rest cases are 0 point;
if the processor aims at the level of the encryption of the memory hardware and the isolation level of the container operation, the processor is divided into 3 points for supporting the encryption function of the whole memory; if the processor aims at the encryption level of the memory hardware and the isolation level of the container operation, the processor is divided into 2 points for supporting the encryption function of part of the memory; the rest was 0 points.
Preferably, in the method, if the safety score of the processor is 15 points, the safety level of the processor is 1 level; if the safety score of the processor is 10-14, the safety level of the processor is 2 level; if the safety score of the processor is 5-9, the safety level of the processor is 3; if the safety score of the processor is 0-4, the safety level of the processor is 4.
The present invention also provides a sensitive data processing system, the system comprising:
the first obtaining unit is used for obtaining the sensitive data to be processed and the related data of the preset data processing environment;
the classification unit is used for obtaining a classification result of the sensitive data to be processed based on the sensitive data classification standard;
the second obtaining unit is used for obtaining the lowest security level a of the corresponding data processing environment required for processing the sensitive data to be processed based on the corresponding relation between the type of the sensitive data and the security level of the data processing environment, and the security level is in inverse proportion to the security of the data processing environment;
a third obtaining unit, configured to obtain, based on relevant data of the preset data processing environment, operating system security data and processor security data in the relevant data of the preset data processing environment;
the fourth obtaining unit is used for obtaining the security grade of the operating system based on the security grade rule of the operating system and the security data of the operating system, and obtaining the security grade b of the operating system in the preset data processing environment based on the corresponding relation between the security grade of the operating system and the security grade of the operating system;
a fifth obtaining unit, configured to obtain a processor security score based on the processor security score rule and the processor security data, and obtain a security level c of the processor in the preset data processing environment based on a correspondence between the processor security score and the processor security level;
and the comparison unit is used for allowing the data to be processed in the preset data processing environment data if the security level c and the security level b are both smaller than or equal to the security level a, and not allowing the data to be processed in the preset data processing environment data if the security level c and the security level b are not larger than or equal to the security level a.
The invention also provides a sensitive data processing device, which comprises a memory, a processor and a computer program stored in the memory and capable of running on the processor, wherein the processor realizes the steps of the sensitive data processing method when executing the computer program.
The present invention also provides a computer-readable storage medium storing a computer program which, when executed by a processor, implements the steps of the sensitive data processing method.
One or more technical schemes provided by the invention at least have the following technical effects or advantages:
the invention provides a safety assessment method aiming at system software and hardware environments, and provides a safety quantitative assessment method aiming at index subdivision, which is used for accurately assessing the safety levels of the system software and the hardware environments and providing safety risk early warning for data owners and application services of analysis and processing so as to ensure that the safety levels of basic platforms depended on in the data storage, data processing and analysis processes meet requirements, thereby ensuring the safety of the data storage, data processing and analysis processes and the accuracy and credibility of calculation results.
Drawings
The accompanying drawings, which are included to provide a further understanding of the embodiments of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the principles of the invention;
FIG. 1 is a schematic flow diagram of a sensitive data processing method;
FIG. 2 is a flow diagram of a sensitive data processing system.
Detailed Description
In order that the above objects, features and advantages of the present invention can be more clearly understood, a more particular description of the invention will be rendered by reference to the appended drawings. It should be noted that the embodiments of the present invention and features of the embodiments may be combined with each other without conflicting with each other.
In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present invention, however, the present invention may be practiced in other ways than those specifically described and thus the scope of the present invention is not limited by the specific embodiments disclosed below.
It will be understood by those skilled in the art that in the present disclosure, the terms "longitudinal," "lateral," "upper," "lower," "front," "rear," "left," "right," "vertical," "horizontal," "top," "bottom," "inner," "outer," and the like are used in an orientation or positional relationship indicated in the drawings for ease of description and simplicity of description, and do not indicate or imply that the referenced devices or components must be constructed and operated in a particular orientation and thus are not to be considered limiting.
It is understood that the terms "a" and "an" should be interpreted as meaning that a number of one element or element is one in one embodiment, while a number of other elements is one in another embodiment, and the terms "a" and "an" should not be interpreted as limiting the number.
Example one
The embodiment of the invention provides a security assessment method aiming at system software and hardware environments, and provides more comprehensive assessment for data processing and task security. For the security evaluation of system software, the main idea is to collect all known security vulnerabilities and the number of patch programs of the version, and simultaneously use a customized vulnerability detection toolkit for detection; for the safety evaluation of hardware, the safety evaluation is mainly carried out on the safety level of a CPU, and the safety level of the CPU is mainly determined by whether the CPU contains a safety special instruction set and a safety operation space.
Referring to fig. 1, fig. 1 is a schematic flow chart of a sensitive data processing method, the sensitive data processing method provided by the present invention includes:
acquiring sensitive data to be processed and relevant data of a preset data processing environment;
obtaining a classification result of the sensitive data to be processed based on the sensitive data classification standard;
acquiring a minimum security level a of a corresponding data processing environment required for processing the sensitive data to be processed based on a corresponding relation between the type of the sensitive data and the security level of the data processing environment, wherein the security level is in inverse proportion to the security of the data processing environment;
obtaining operating system safety data and processor safety data in the relevant data of the preset data processing environment based on the relevant data of the preset data processing environment;
obtaining an operating system security score based on operating system security score rules and operating system security data, and obtaining a security level b of an operating system in a preset data processing environment based on a corresponding relation between the operating system security score and the operating system security level;
obtaining a processor safety score based on a processor safety score rule and processor safety data, and obtaining a safety level c of a processor in a preset data processing environment based on a corresponding relation between the processor safety score and the processor safety level;
and if the security level c and the security level b are both smaller than or equal to the security level a, allowing the data to be processed in preset data processing environment data, otherwise, not allowing the data to be processed in the preset data processing environment data.
The following examples are provided to specifically describe the method, which comprises the following steps:
carrying out sensitivity grade grading on the sensitive data according to a classification grading standard of the data, wherein the sensitivity grade grading is respectively A-type sensitive data, B-type sensitive data and C-type sensitive data, and making sensitivity grade identifications, wherein the sensitivity of the A-type sensitive data is the highest, the sensitivity of the C-type sensitive data is the lowest, and the sensitivity of the B-type sensitive data is centered; the A-type sensitive data is data with the highest sensitivity level, private information, personal property and personal medical private information; the B-type sensitive data is special information and specifies information read by internal circulation of a special network; the class C is shared information and is advertising information which is issued in a unified mode facing the society.
Grading the safety of the processing environment of the sensitive data, and grading the safety level of the processing environment according to the grading result: the security level of the level 1 is the highest, the security level of the level 1 is the lowest, the security level of the level 1 to the level 4 is the lowest, and the security level of the level 1 to the level 4 is the lowest.
1 setting environment safety evaluation indexes including operating system safety indexes and CPU safety indexes.
Setting evaluation indexes of data processing environment safety, wherein the main indexes comprise:
operating system security index:
OS_SECURITY_METRICS=
{
OS_VERSION,
OS_KNOWN_LEAKS,
OS_POTENTIAL_LEAKS
}
OS _ VERSION: the kernel version number of the operating system comprises a main version and a secondary version;
OS _ KNOWN _ LEAKS: the security vulnerability number approved and officially released by an operating system manufacturer official or an open source community;
OS _ POTENTIAL _ LEAKS: collecting the security vulnerability number related to the operating system from the network;
CPU safety index:
CPU_SECURITY_METRICS=
{
CPU_FIRMWARE_VERSION,
CPU_PROGRAM_ISOLATION_LEVEL,
CPU_VM_ISOLATION_LEVEL,
CPU_MEMORY_ENCRYPTION_LEVEL,
CPU_FIRMWARE_PROTECTION_LEVEL,
}
CPU _ firmwave _ VERSION: a CPU firmware version;
CPU _ PROGRAM _ ISOLATION _ LEVEL: isolation level of the CPU for the application;
CPU _ VM _ ISOLATION _ LEVEL: isolation levels of the CPU for virtual machine and container operations;
CPU _ MEMORY _ ENCRYPTION _ LEVEL: the CPU aims at the level of the encryption of the memory hardware and the isolation level of the container operation;
2. a grading rule aiming at the evaluation indexes is formulated, the grading rule adopts a 3-point system, namely the score value of each index is as follows: 0. 1, 2, 3, 0 is the lowest score, i.e. the index does not score.
2.1 operating system safety index scoring rule:
OS _ VERSION: the current version is the latest version with score of 3; if the current version is not more than 3 points 2 from the intermediate version of the latest version; not more than 5 to get 1 point; the other 0 min;
OS _ KNOWN _ LEAKS: the number of the known security vulnerabilities of the current version is 0 to obtain 3 points; the number of security holes does not exceed 3 and is divided into 2 points; not more than 5 to get 1 point; the other 0 min;
OS _ POTENTIAL _ LEAKS: the potential security loopholes and the risk number of the current version are 0 and 3 points; 2 points are obtained when the number of the Chinese medicinal herbs is not more than 10; not more than 20 to get 1 point; the other 0 min;
2.2CPU safety index scoring rule:
CPU _ firmwave _ VERSION: the current version is the latest version with score of 3; if the current version is not more than 5 scores 2 from the intermediate version of the latest version; not more than 10 to get 1 point; the other 0 min;
CPU _ PROGRAM _ ISOLATION _ LEVEL: all safety instructions are contained, and the isolation level is 3 points of full isolation; all safety instructions are contained, and the isolation level is 2 points of partial isolation; the method comprises the steps of (1) containing a part of safety instructions, wherein the isolation level is the score of 1 of partial isolation; the other 0 min;
CPU _ VM _ ISOLATION _ LEVEL: score 3 supporting the virtual machine and container isolation function; an unsupported score of 0;
CPU _ MEMORY _ ENCRYPTION _ LEVEL: the score of 3 for supporting the encryption function of the whole memory is obtained; the score of 2 is supported for partial memory encryption function; the other score 0;
CPU _ FIRMWARE _ PROTECTION _ LEVEL: score 3 to support firmware protection and recovery; an unsupported score of 0;
3. acquiring all operating system safety indexes and CPU safety index data, and scoring according to the scoring rule in the step 2;
4. and obtaining a security level according to the following table according to a total score obtained by accumulating the scores of the operating system security index and the CPU security index:
operating system security rating table:
| grade | Score of |
| Level 1 Security | 9 |
| Level 2 Security | 6~8 |
| Level 3 Security | 5~7 |
| Safe level 4 | 0~4 |
CPU safety scoring grade table:
5. and (4) evaluating the safety level of the data processing environment, and if the environment requirement does not meet the requirement of a matching system, not having the capability of processing the sensitive data.
For example, for an environment with a level 4 security level for operating system security and CPU security, prohibiting storage of any high business value data and sensitive data, and prohibiting running of any applications and services involved in processing and analyzing the high business value data and sensitive data;
for example, in an environment with a security level of 3 and 2 for the operating system and the CPU, a prompt and a warning are received before any high business value data and sensitive data are stored, so as to perform risk warning for the owner and the user of the data, and a corresponding prompt and a warning are received before any application and service related to processing and analyzing the high business value data and the sensitive data are run.
Example two
Referring to fig. 2, fig. 2 is a schematic flow chart of a sensitive data processing system, which includes:
the first obtaining unit is used for obtaining the sensitive data to be processed and the related data of the preset data processing environment;
the classification unit is used for obtaining a classification result of the sensitive data to be processed based on the sensitive data classification standard;
the second obtaining unit is used for obtaining the lowest security level a of the corresponding data processing environment required for processing the sensitive data to be processed based on the corresponding relation between the type of the sensitive data and the security level of the data processing environment, and the security level is in inverse proportion to the security of the data processing environment;
a third obtaining unit, configured to obtain, based on relevant data of the preset data processing environment, operating system security data and processor security data in the relevant data of the preset data processing environment;
the fourth obtaining unit is used for obtaining the security grade of the operating system based on the security grade rule of the operating system and the security data of the operating system, and obtaining the security grade b of the operating system in the preset data processing environment based on the corresponding relation between the security grade of the operating system and the security grade of the operating system;
a fifth obtaining unit, configured to obtain a processor security score based on the processor security score rule and the processor security data, and obtain a security level c of the processor in the preset data processing environment based on a correspondence between the processor security score and the processor security level;
and the comparison unit is used for allowing the data to be processed in the preset data processing environment data if the security level c and the security level b are both smaller than or equal to the security level a, and not allowing the data to be processed in the preset data processing environment data if the security level c and the security level b are not larger than or equal to the security level a.
EXAMPLE III
The third embodiment of the present invention provides a sensitive data processing apparatus, which includes a memory, a processor, and a computer program stored in the memory and executable on the processor, where the processor implements the steps of the sensitive data processing method when executing the computer program.
The processor may be a Central Processing Unit (CPU), or other general-purpose processor, a digital signal processor (digital signal processor), an Application Specific Integrated Circuit (Application Specific Integrated Circuit), an off-the-shelf programmable gate array (field programmable gate array) or other programmable logic device, a discrete gate or transistor logic device, a discrete hardware component, or the like. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The memory may be used for storing the computer programs and/or modules, and the processor may implement various functions of the sensitive data processing apparatus in the invention by operating or executing data stored in the memory. The memory may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function (such as a sound playing function, an image playing function, etc.), and the like. Further, the memory may include high speed random access memory, and may also include non-volatile memory, such as a hard disk, a memory, a plug-in hard disk, a smart memory card, a secure digital card, a flash memory card, at least one magnetic disk storage device, a flash memory device, or other volatile solid state storage device.
Example four
The fourth embodiment of the present invention provides a computer-readable storage medium, where a computer program is stored, and when the computer program is executed by a processor, the steps of the sensitive data processing method are implemented.
The sensitive data processing device, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, all or part of the flow in the method of implementing the embodiments of the present invention may also be stored in a computer readable storage medium through a computer program, and when the computer program is executed by a processor, the computer program may implement the steps of the above-described method embodiments. Wherein the computer program comprises computer program code, an object code form, an executable file or some intermediate form, etc. The computer readable medium may include: any entity or device capable of carrying said computer program code, a recording medium, a usb-disk, a removable hard disk, a magnetic disk, an optical disk, a computer memory, a read-only memory, a random access memory, a point carrier signal, a telecommunications signal, a software distribution medium, etc. It should be noted that the computer readable medium may contain content that is appropriately increased or decreased as required by legislation and patent practice in the jurisdiction.
While preferred embodiments of the present invention have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including preferred embodiments and all such alterations and modifications as fall within the scope of the invention.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present invention without departing from the spirit and scope of the invention. Thus, if such modifications and variations of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is also intended to include such modifications and variations.
Claims (10)
1. A method for processing sensitive data, the method comprising:
acquiring sensitive data to be processed and relevant data of a preset data processing environment;
obtaining a classification result of the sensitive data to be processed based on the sensitive data classification standard;
acquiring a minimum security level a of a corresponding data processing environment required for processing the sensitive data to be processed based on a corresponding relation between the type of the sensitive data and the security level of the data processing environment, wherein the security level is in inverse proportion to the security of the data processing environment;
obtaining operating system safety data and processor safety data in the relevant data of the preset data processing environment based on the relevant data of the preset data processing environment;
obtaining an operating system security score based on operating system security score rules and operating system security data, and obtaining a security level b of an operating system in a preset data processing environment based on a corresponding relation between the operating system security score and the operating system security level;
obtaining a processor safety score based on a processor safety score rule and processor safety data, and obtaining a safety level c of a processor in a preset data processing environment based on a corresponding relation between the processor safety score and the processor safety level;
and if the security level c and the security level b are both smaller than or equal to the security level a, allowing the data to be processed in preset data processing environment data, otherwise, not allowing the data to be processed in the preset data processing environment data.
2. The sensitive data processing method according to claim 1, wherein the sensitive data is divided into: the system comprises A-type sensitive data, B-type sensitive data and C-type sensitive data, wherein the lowest security level of a data processing environment required for processing the A-type sensitive data is level 1, the lowest security level of a data processing environment required for processing the B-type sensitive data is level 3, and the lowest security level of a data processing environment required for processing the C-type sensitive data is level 4.
3. The sensitive data processing method of claim 1, wherein the operating system security metrics comprise: the security system comprises an operating system kernel version number, a known security vulnerability number approved and officially released by an operating system manufacturer or an open source community, and an unknown security vulnerability number collected from a network and related to the operating system.
4. The sensitive data processing method of claim 3, wherein the operating system security scoring rules are:
if the kernel version of the current operating system is the latest version, 3 points are obtained; if the current kernel version of the operating system is not the latest version and the number of the intermediate versions which are 1-3 away from the latest version is 2 points; if the current kernel version of the operating system is not the latest version and the number of intermediate versions which are 4-5 away from the latest version is 1 score; if the kernel version of the current operating system is not the latest version and the number of intermediate versions which are more than 5 from the latest version is 0 score;
if the number of the known security vulnerabilities of the operating system is 0, 3 points are obtained; if the number of the known security vulnerabilities of the operating system is 1-3, 2 points are obtained; if the number of the known security vulnerabilities of the operating system is 4-5, 1 score is obtained; if the number of the known security vulnerabilities of the operating system is more than 5, 0 score is obtained;
if the number of unknown security vulnerabilities of the operating system is 0, 3 points are obtained; if the number of unknown security vulnerabilities of the operating system is 1-10, 2 points are obtained; if the number of unknown security vulnerabilities of the operating system is 11-20, 1 score is obtained; and if the number of unknown security vulnerabilities of the operating system is more than 20, the score of 0 is obtained.
5. The sensitive data processing method of claim 4, wherein if the security score of the operating system is 9, the security level of the operating system is level 1; if the safety score of the operating system is 6-8, the safety level of the operating system is 2 level; if the security score of the operating system is 5-7, the security level of the operating system is 3; and if the security score of the operating system is 0-4, the security level of the operating system is 4.
6. The sensitive data processing method of claim 1, wherein the processor security metrics comprise: a processor firmware version, an isolation level of the processor for applications, an isolation level of the processor for virtual machines and container operations, and a level of the processor for memory hardware encryption and an isolation level of container operations.
7. The sensitive data processing method of claim 6, wherein the processor security scoring rule is:
if the firmware version of the current processor is the latest version, 3 points are obtained; if the firmware version of the current processor is not the latest version and the number of the intermediate versions of the firmware version of the current processor, which are 1-5 from the latest version, is 2 points; if the firmware version of the current processor is not the latest version and the number of the intermediate versions of the firmware version of the current processor, which are 6-10 from the latest version, is 1 point; if the firmware version of the current processor is not the latest version and the number of the intermediate versions of the firmware version of the current processor, which is far away from the latest version, is more than 10, then 0 score is obtained;
if the processor contains all the safety instructions and the isolation level of the processor aiming at the program is full isolation, 3 points are obtained; if the processor contains all the safety instructions and the isolation level of the processor aiming at the program is partially isolated, 2 points are obtained; if the processor contains a part of the safety instruction and the isolation level of the processor aiming at the program is partial isolation, 1 is obtained; the rest is 0 point;
if the isolation level of the processor aiming at the virtual machine and the container operation is 3 points for supporting the virtual machine and the container isolation function; the rest cases are 0 point;
if the processor aims at the level of the encryption of the memory hardware and the isolation level of the container operation, the processor is divided into 3 points for supporting the encryption function of the whole memory; if the processor aims at the encryption level of the memory hardware and the isolation level of the container operation, the processor is divided into 2 points for supporting the encryption function of part of the memory; the rest was 0 points.
8. The sensitive data processing method of claim 7, wherein if the processor has a security score of 15, the processor has a security level of 1; if the safety score of the processor is 10-14, the safety level of the processor is 2 level; if the safety score of the processor is 5-9, the safety level of the processor is 3; if the safety score of the processor is 0-4, the safety level of the processor is 4.
9. A sensitive data processing system, said system comprising:
the first obtaining unit is used for obtaining the sensitive data to be processed and the related data of the preset data processing environment;
the classification unit is used for obtaining a classification result of the sensitive data to be processed based on the sensitive data classification standard;
the second obtaining unit is used for obtaining the lowest security level a of the corresponding data processing environment required for processing the sensitive data to be processed based on the corresponding relation between the type of the sensitive data and the security level of the data processing environment, and the security level is in inverse proportion to the security of the data processing environment;
a third obtaining unit, configured to obtain, based on relevant data of the preset data processing environment, operating system security data and processor security data in the relevant data of the preset data processing environment;
the fourth obtaining unit is used for obtaining the security grade of the operating system based on the security grade rule of the operating system and the security data of the operating system, and obtaining the security grade b of the operating system in the preset data processing environment based on the corresponding relation between the security grade of the operating system and the security grade of the operating system;
a fifth obtaining unit, configured to obtain a processor security score based on the processor security score rule and the processor security data, and obtain a security level c of the processor in the preset data processing environment based on a correspondence between the processor security score and the processor security level;
and the comparison unit is used for allowing the data to be processed in the preset data processing environment data if the security level c and the security level b are both smaller than or equal to the security level a, and not allowing the data to be processed in the preset data processing environment data if the security level c and the security level b are not larger than or equal to the security level a.
10. A sensitive data processing apparatus comprising a memory, a processor and a computer program stored in the memory and executable on the processor, characterized in that the processor implements the steps of the sensitive data processing method according to any one of claims 1 to 8 when executing the computer program.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110086414.0A CN112733152A (en) | 2021-01-22 | 2021-01-22 | Sensitive data processing method, system and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110086414.0A CN112733152A (en) | 2021-01-22 | 2021-01-22 | Sensitive data processing method, system and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112733152A true CN112733152A (en) | 2021-04-30 |
Family
ID=75593520
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110086414.0A Pending CN112733152A (en) | 2021-01-22 | 2021-01-22 | Sensitive data processing method, system and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112733152A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113488127A (en) * | 2021-07-28 | 2021-10-08 | 中国医学科学院医学信息研究所 | Population health data set sensitivity processing method and system |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102043927A (en) * | 2010-12-29 | 2011-05-04 | 北京深思洛克软件技术股份有限公司 | Computer system for data divulgence protection |
| CN103853986A (en) * | 2014-01-03 | 2014-06-11 | 李凤华 | Access control method and device |
| CN105635112A (en) * | 2015-12-18 | 2016-06-01 | 国家电网公司 | Information system security performance assessment method |
| CN110941956A (en) * | 2019-10-26 | 2020-03-31 | 华为技术有限公司 | Data classification method, device and related equipment |
| CN111079182A (en) * | 2019-12-18 | 2020-04-28 | 北京百度网讯科技有限公司 | Data processing method, device, equipment and storage medium |
| CN111611592A (en) * | 2020-05-27 | 2020-09-01 | 中国信息安全测评中心 | Big data platform security assessment method and device |
| CN111726353A (en) * | 2020-06-17 | 2020-09-29 | 华中科技大学 | Sensitive data grading protection method and grading protection system based on numerical control system |
| CN112116973A (en) * | 2020-09-17 | 2020-12-22 | 山东健康医疗大数据有限公司 | Systematic desensitization method for personal health medical data |
-
2021
- 2021-01-22 CN CN202110086414.0A patent/CN112733152A/en active Pending
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102043927A (en) * | 2010-12-29 | 2011-05-04 | 北京深思洛克软件技术股份有限公司 | Computer system for data divulgence protection |
| CN103853986A (en) * | 2014-01-03 | 2014-06-11 | 李凤华 | Access control method and device |
| CN105635112A (en) * | 2015-12-18 | 2016-06-01 | 国家电网公司 | Information system security performance assessment method |
| CN110941956A (en) * | 2019-10-26 | 2020-03-31 | 华为技术有限公司 | Data classification method, device and related equipment |
| CN111079182A (en) * | 2019-12-18 | 2020-04-28 | 北京百度网讯科技有限公司 | Data processing method, device, equipment and storage medium |
| CN111611592A (en) * | 2020-05-27 | 2020-09-01 | 中国信息安全测评中心 | Big data platform security assessment method and device |
| CN111726353A (en) * | 2020-06-17 | 2020-09-29 | 华中科技大学 | Sensitive data grading protection method and grading protection system based on numerical control system |
| CN112116973A (en) * | 2020-09-17 | 2020-12-22 | 山东健康医疗大数据有限公司 | Systematic desensitization method for personal health medical data |
Non-Patent Citations (2)
| Title |
|---|
| 朱扬勇: "《大数据资源》", 31 January 2018, 上海科学技术出版社 * |
| 石瑞生: "《大数据安全与隐私保护》", 31 May 2019, 北京邮电大学出版社 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113488127A (en) * | 2021-07-28 | 2021-10-08 | 中国医学科学院医学信息研究所 | Population health data set sensitivity processing method and system |
| CN113488127B (en) * | 2021-07-28 | 2023-10-20 | 中国医学科学院医学信息研究所 | Sensitivity processing method and system for population health data set |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Rosenkrantz et al. | Prostate imaging reporting and data system (PI-RADS), version 2: a critical look | |
| Lerch et al. | Finding duplicates of your yet unwritten bug report | |
| KR20180013998A (en) | Account theft risk identification method, identification device, prevention and control system | |
| Masand et al. | Effect of information leakage and method of splitting (rational and random) on external predictive ability and behavior of different statistical parameters of QSAR model | |
| Del Giudice et al. | Systematic review of clinical features of suspected colorectal cancer in primary care | |
| US20180191765A1 (en) | Method and apparatus for calculating risk of cyber attack | |
| CN111092880B (en) | Network traffic data extraction method and device | |
| US10104428B2 (en) | Video playing detection method and apparatus | |
| CN112733152A (en) | Sensitive data processing method, system and device | |
| CN109815702B (en) | Software behavior safety detection method, device and equipment | |
| Giai Gianetto et al. | Uses and misuses of the fudge factor in quantitative discovery proteomics | |
| CN115269444B (en) | Code static detection method and device and server | |
| CN106301979B (en) | Method and system for detecting abnormal channel | |
| CN115292172A (en) | Method for improving intelligent contract detection coverage rate, electronic equipment and storage medium | |
| CN113051601B (en) | Sensitive data identification method, device, equipment and medium | |
| CN110009056B (en) | Method and device for classifying social account numbers | |
| CN114925373B (en) | Mobile application privacy protection policy vulnerability automatic identification method based on user comment | |
| KR102068605B1 (en) | Method for classifying malicious code by using sequence of functions' execution and device using the same | |
| US20160350318A1 (en) | Method, system for classifying comment record and webpage management device | |
| WO2020053264A1 (en) | Binary software composition analysis | |
| US20230107164A1 (en) | System and method for vulnerability detection in computer code | |
| Gundelach et al. | Cookiescanner: An Automated Tool for Detecting and Evaluating GDPR Consent Notices on Websites | |
| CN111225079B (en) | Method, device, storage medium and device for positioning geographical position of malicious software author | |
| KR102138939B1 (en) | System for automatically verifying and evaluating business enterprise reputation | |
| CN111027307B (en) | Method and device for judging content influencing judgment result in judgment document |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210430 |
|
| RJ01 | Rejection of invention patent application after publication |