CN112866080B - Mail information security control method and device, computer equipment and storage medium - Google Patents

Mail information security control method and device, computer equipment and storage medium Download PDF

Info

Publication number
CN112866080B
CN112866080B CN201911175218.XA CN201911175218A CN112866080B CN 112866080 B CN112866080 B CN 112866080B CN 201911175218 A CN201911175218 A CN 201911175218A CN 112866080 B CN112866080 B CN 112866080B
Authority
CN
China
Prior art keywords
mail
information
account
level
terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201911175218.XA
Other languages
Chinese (zh)
Other versions
CN112866080A (en
Inventor
陈栋
柯栋
益爱丽
容敬民
贾聪
王志德
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Gree Electric Appliances Inc of Zhuhai
Zhuhai Lianyun Technology Co Ltd
Original Assignee
Gree Electric Appliances Inc of Zhuhai
Zhuhai Lianyun Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Gree Electric Appliances Inc of Zhuhai, Zhuhai Lianyun Technology Co Ltd filed Critical Gree Electric Appliances Inc of Zhuhai
Priority to CN201911175218.XA priority Critical patent/CN112866080B/en
Publication of CN112866080A publication Critical patent/CN112866080A/en
Application granted granted Critical
Publication of CN112866080B publication Critical patent/CN112866080B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/42Mailbox-related aspects, e.g. synchronisation of mailboxes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/21Monitoring or handling of messages
    • H04L51/216Handling conversation history, e.g. grouping of messages in sessions or threads
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/21Monitoring or handling of messages
    • H04L51/23Reliability checks, e.g. acknowledgments or fault reporting
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/21Monitoring or handling of messages
    • H04L51/234Monitoring or handling of messages for tracking messages

Abstract

The invention discloses a mail information security control method, which can solve the defect that a leakage source cannot be effectively positioned in the prior art, and comprises the following steps: acquiring account information of an account for looking up the mail and/or terminal information of a terminal; and embedding the account information and/or the terminal information as tracing information into the mail content of the mail. The present disclosure also provides a mail information security control apparatus, a computer device, and a computer-readable storage medium.

Description

Mail information security control method and device, computer equipment and storage medium
Technical Field
The invention relates to the technical field of computers, in particular to a mail information security control method, a mail information security control device, a computer device and a computer readable storage medium.
Background
With the rapid development of computer technology and the wide popularization of the internet, electronic mails are increasingly applied to various aspects of social production, life and learning, and play a very important role. People, especially enterprise employees, need to face the issue of information security of internal mails of enterprises, which is caused by the openness of the internet and computer software bugs, while enjoying the convenience and rapidness of internal mails of enterprises.
In order to ensure the information security of the mails in enterprises, the prior art generally adopts an encryption transmission mode to perform security control on the transmission of the mails, and adopts an encryption storage mode to perform security control on the storage of the mails.
However, the inventor finds that at least the following defects are stored in the prior art in the process of researching the invention: after the internal mails of an enterprise are revealed, the prior art cannot effectively locate the source of the leakage.
Disclosure of Invention
The invention aims to provide a mail information security control method, a mail information security control device, computer equipment and a computer readable storage medium, which can overcome the defect that a leakage source cannot be effectively positioned in the prior art.
One aspect of the present invention provides a mail information security control method, including: acquiring account information of an account for looking up the mail and/or terminal information of a terminal; and embedding the account information and/or the terminal information as tracing information into the mail content of the mail.
Optionally, embedding the account information and/or the terminal information as traceability information into the mail content of the mail, including: determining the mail level of the mail, and embedding the account information and/or the terminal information into the mail content as the traceability information when the mail level is higher than or equal to a mail level threshold; and/or when the mail carries a mail attachment, determining the mail attachment level of the mail attachment, and when the mail attachment level is higher than or equal to an attachment level threshold, embedding the account information and/or the terminal information into the mail content as the traceability information; and/or determining the account level of the account according to the account information, and embedding the account information and/or the terminal information into the mail content as the traceability information when the account level is lower than or equal to an account level threshold.
Optionally, embedding the account information and/or the terminal information as traceability information into the mail content of the mail, including: embedding the account information and/or the terminal information as the traceability information into a mail body of the mail; and/or embedding the account information and/or the terminal information as the traceability information into a mail attachment of the mail.
Optionally, after the account information and/or the terminal information are embedded into the mail content of the mail as tracing information, the method further includes: responding to a forwarding signal of the mail, and determining the account level of the account according to the account information; determining the mail grade of the mail from the mail content; determining the receiver grade of the receiver indicated by the forwarding signal; and when the account number grade is higher than or equal to the mail grade and the receiver grade at the same time, allowing the mail to be forwarded.
Optionally, the method further comprises: when the account level is lower than the mail level and/or the recipient level, sending the account information to an authentication device, wherein the authentication device is used for authenticating whether the account is authorized to forward the mail according to the account information; and receiving an authentication result returned by the authentication device, wherein the mail is forwarded to the receiver when the authentication result represents that the mail is allowed to be forwarded, and the authentication result is displayed to the account when the authentication result represents that the mail is forbidden to be forwarded.
Optionally, when the account information is stored in the authentication device, a serial number corresponding to the account information is returned, and when the account level is lower than the mail level and/or the recipient level, the account information is sent to the authentication device, and the method further includes: receiving the serial number returned by the authentication equipment; acquiring hardware information of hardware installed on the terminal; encrypting the serial number by using a preset encryption algorithm by taking the hardware information as a secret key to obtain encrypted information; and sending the encrypted information to the authentication equipment, wherein the authentication equipment is used for matching the encrypted information with the encrypted value which is stored in the authentication equipment and corresponds to the serial number, if the matching is successful, an authentication result representing that the mail is allowed to be forwarded is returned, and if the matching is failed, an authentication result representing that the mail is forbidden to be forwarded is returned.
Optionally, the terminal information includes an IP address or a unique identification code, and the hardware information includes a CPU serial number, a hard disk serial number, or an MAC address.
Optionally, the method further comprises: and recording the behavior information of the account on the mail.
Another aspect of the present invention provides a mail information security control apparatus, including: the acquisition module is used for acquiring account information of an account for looking up the mail and/or terminal information of a terminal; and the embedding module is used for embedding the account information and/or the terminal information into the mail content of the mail as tracing information.
Optionally, the embedding module is further configured to: determining the mail level of the mail, and embedding the account information and/or the terminal information into the mail content as the traceability information when the mail level is higher than or equal to a mail level threshold; and/or when the mail carries a mail attachment, determining the mail attachment level of the mail attachment, and when the mail attachment level is higher than or equal to an attachment level threshold, embedding the account information and/or the terminal information into the mail content as the traceability information; and/or determining the account level of the account according to the account information, and embedding the account information and/or the terminal information into the mail content as the traceability information when the account level is lower than or equal to an account level threshold.
Optionally, the embedding module is further configured to: embedding the account information and/or the terminal information as the traceability information into a mail body of the mail; and/or embedding the account information and/or the terminal information as the traceability information into a mail attachment of the mail.
Optionally, the apparatus further comprises: the first determining module is used for responding to a forwarding signal of the mail after the account information and/or the terminal information are embedded into the mail content of the mail as the traceability information, and determining the account level of the account according to the account information; the second determining module is used for determining the mail grade of the mail from the mail content; a third determining module, configured to determine a recipient level of the recipient indicated by the forwarding signal; and the allowing module is used for allowing the mail to be forwarded when the account number grade is higher than or equal to the mail grade and the recipient grade at the same time.
Optionally, the apparatus further comprises: the first sending module is used for sending the account information to an authentication device when the account level is lower than the mail level and/or the recipient level, wherein the authentication device is used for authenticating whether the account is authorized to forward the mail or not according to the account information; and the first receiving module is used for receiving an authentication result returned by the authentication equipment, wherein the mail is forwarded to the receiver when the authentication result represents that the mail is allowed to be forwarded, and the authentication result is displayed to the account when the authentication result represents that the mail is forbidden to be forwarded.
Optionally, when the account information is stored in the authentication device, a serial number corresponding to the account information is returned, and the apparatus further includes: the second receiving module is used for receiving the serial number returned by the authentication equipment after the account information is sent to the authentication equipment when the account level is lower than the mail level and/or the recipient level; a third obtaining module, configured to obtain hardware information of hardware installed on the terminal; the encryption module is used for encrypting the serial number by using a preset encryption algorithm by taking the hardware information as a secret key to obtain encrypted information; and the second sending module is used for sending the encrypted information to the authentication equipment, wherein the authentication equipment is used for matching the encrypted information with an encrypted value which is stored in the authentication equipment and corresponds to the serial number, if the matching is successful, an authentication result representing that the mail is allowed to be forwarded is returned, and if the matching is failed, an authentication result representing that the mail is forbidden to be forwarded is returned.
Optionally, the terminal information includes an IP address or a unique identification code, and the hardware information includes a CPU serial number, a hard disk serial number, or an MAC address.
Optionally, the apparatus further comprises: and the recording module is used for recording the behavior information of the account on the mail.
Yet another aspect of the present invention provides a computer apparatus, comprising: the system comprises a memory, a processor and a computer program which is stored on the memory and can run on the processor, wherein the processor realizes the mail information security control method of any embodiment when executing the computer program.
Yet another aspect of the present invention provides a computer-readable storage medium, on which a computer program is stored, which, when executed by a processor, implements the mail information security control method described in any of the above embodiments.
The mail information safety control method provided by the invention can be applied to a mail client of an enterprise, the mail client is installed on a terminal device (terminal for short) in the enterprise, the mail client realizes mail communication through a mail server, when receiving a mail, the mail client can receive the mail information of the mail from the mail server, then the mail information is analyzed to obtain the mail content, when looking up the mail by logging in an account of the mail client, the account information and/or the terminal information of the looked-up mail can be embedded into the mail content as tracing information, so that when the mail is leaked, the enterprise can accurately and quickly locate who has browsed the mail, reduce the suspected range of the leaked mail, and even accurately locate the leakage source.
Drawings
Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the invention. Also, like reference numerals are used to refer to like parts throughout the drawings. In the drawings:
fig. 1 schematically shows a flowchart of a mail information security control method according to an embodiment of the present invention;
fig. 2 schematically shows a flowchart of a mail information security control method according to another embodiment of the present invention;
FIG. 3 schematically illustrates a flow chart of a mail tracing method according to an embodiment of the present invention;
fig. 4 schematically shows a block diagram of a mail information security control apparatus according to an embodiment of the present invention;
fig. 5 schematically shows a block diagram of a computer device adapted to implement the mail information security control method according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The embodiment of the invention provides a mail information security control method, which can be applied to the following service scenes: the mail information security control method can be applied to a mail client of an enterprise, the mail client is installed on a terminal device (terminal for short) in the enterprise, the mail client realizes mail communication through a mail server, when receiving a mail, the mail client can receive mail information of the mail from the mail server, then the mail information can be analyzed to obtain mail content, when a user such as an enterprise employee searches the mail by logging in an account of the mail client, the account information and/or the terminal information of the searched mail can be embedded into the mail content as tracing information, so that when the mail is leaked, the enterprise can accurately and quickly locate who has browsed the mail, reduce the suspected range of the leaked mail, and even accurately locate the leakage source. Specifically, fig. 1 schematically shows a flowchart of a mail information security control method according to an embodiment of the present invention. As shown in fig. 1, the mail archiving method may include step S101 and step S102, wherein:
and step S101, acquiring account information of an account for referring to the mail and/or terminal information of a terminal.
Before step S101, the mail information needs to be acquired from the mailbox server and parsed to obtain the mail content. For example, the Mail information may be obtained by a POP3(Post Office Protocol-Version 3) Protocol or an SMTP (Simple Mail Transfer Protocol) Protocol, and then the Mail information may be analyzed to obtain the Mail content. In addition, the mail content can be stored in an archiving server for subsequent archiving processing. The mail content may include mail body, mail attachment, mail subject, sender and receiver, etc.
The account is a mailbox account for logging in the email client, such as a mailbox account of an enterprise employee, and the account information may include an account name, an identity number of a registered account, or a mobile phone number of the registered account. The terminal is a terminal device such as a notebook computer, a mobile phone, a desktop computer or a tablet computer for installing the mail client, and the terminal information includes an IP address of the terminal, a unique identification code of the terminal or an MAC address of the terminal.
And step S102, the account information and/or the terminal information are/is embedded into the mail content of the mail as tracing information.
The tracing information may be watermark information or letter paper shading, etc.
In this embodiment, the account information and/or the terminal information may be embedded into the mail content of all the mails as the traceability information, and the account information and/or the terminal information may also be selectively embedded into the mail content of a part of the mails as the traceability information. For example, step S102 may include:
determining the mail level of the mail, and embedding account information and/or terminal information serving as traceability information into the mail content when the mail level is higher than or equal to a mail level threshold; and/or
When the mail carries the mail attachment, determining the mail attachment grade of the mail attachment, and when the mail attachment grade is higher than or equal to the attachment grade threshold, embedding account information and/or terminal information as traceability information into the mail content; and/or
And determining the account level of the account according to the account information, and embedding the account information and/or the terminal information as traceability information into the mail content when the account level is lower than or equal to an account level threshold.
Specifically, three rules are provided in the present embodiment, and the three rules may be used separately or in a mutually overlapping manner. For the first rule, the mail content may further include a mail level, which may be used to define a mail security level, and the level of the mail security level may be directly known through the mail level, and when it is determined whether tracing information needs to be added to the mail, the mail level of the mail may be determined from the mail content, and then it is determined whether the mail level is higher than or equal to a mail level threshold, if so, the security level of the mail is considered to be higher, information for tracing a leakage source, such as tracing information, needs to be added, and account information and/or terminal information is further embedded into the mail content as the tracing information, otherwise, the mail is considered to be a general mail, and no defense needs to be set. For the second rule, if the mail carries the mail attachment, the mail content further includes the mail attachment level of the mail attachment, and when the mail attachment level is higher than or equal to the attachment level threshold, the security level of the mail attachment is considered to be higher, and the traceability information needs to be added. For the third rule, account number level of the account number is also considered, in this embodiment, department information of an employee corresponding to the account number may be queried according to the account number information in combination with an LDPA (light Directory Access Protocol) Protocol, and then, the employee level of the employee is determined from the department information of the employee, as the account number level, and further, when the account number level is lower than or equal to an account number level threshold, it is indicated that the account number has a lower authority and the security level of the account number is not high, and at this time, the account number information and/or terminal information needs to be embedded into mail content as traceability information.
Alternatively, step S103 may include: the account information and/or the terminal information are/is used as tracing information to be embedded into the mail body of the mail; and/or embedding the account information and/or the terminal information as traceability information into a mail attachment of the mail. E.g., embedded in the background of the body of the mail.
That is, the mail content may include a mail body, or the mail content includes both the mail body and a mail attachment, when the mail body is read, the account information and/or the terminal information may be embedded into the mail body as traceability information, and when the mail attachment is read, the account information and/or the terminal information may be embedded into the mail attachment as traceability information, such as being embedded into a background of the mail attachment. Therefore, whether the mail text or the mail attachment is leaked, enterprises can narrow the suspected range of the leaked mails through the traceability information, and even accurately position the leakage source. For example, the tracing of disclosure is performed when sensitive information in the mail is leaked due to photographing or screenshot.
Optionally, the mail information security control method may further include: and recording the behavior information of the account on the mail.
The behavior information may include: forwarding behavior, deleting behavior, saving behavior, screenshot behavior, photographing behavior and the like. The recording of the behavior information of the account may be, for example, determining whether the account performs a screenshot operation on the email according to a key operation of the mobile terminal, and determining whether the account performs the screenshot operation on the email according to information of screenshot software enabled by the PC terminal. According to the method and the system for monitoring the mail leakage, the behavior information of the account is recorded, and the behavior information and the mail are stored and archived in an associated mode, so that when the mail leaks, what operation the account performs on the mail once can be checked from the archive server, and the mail leakage is caused.
Optionally, after step S102, the mail information security control method further includes step a1 to step a4, where:
step A1, responding to the forwarding signal of the mail, and determining the account level of the account according to the account information;
step A2, determining the mail grade of the mail from the mail content;
step A3, determining the receiver grade of the receiver indicated by the forwarding signal;
and step A4, when the account level is higher than or equal to the mail level and the receiver level at the same time, allowing the mail to be forwarded.
The manner of determining the account level and the mail level is as described in the above embodiments, and is not described herein again. Before forwarding the mail, the account number inputs a receiver of the mail, the receiver is the receiver indicated by the forwarding signal, the mail client can obtain the receiver information of the receiver, then inquiry the department information of the receiver by combining the LDPA protocol, and then determine the receiver grade of the receiver from the department information of the receiver.
Further, whether the account can forward the email is determined according to an email information security rule, which is, for example: and when the account number grade is higher than or equal to the mail grade and the receiver grade at the same time, allowing the account number to forward the mail. Therefore, the present embodiment reduces the risk of mail leakage from the perspective of security level. In addition, the mail security rules may also be stored at the archive server.
Optionally, the mail information security control method further includes a step B1 to a step B2, where:
step B1, when the account level is lower than the mail level and/or the recipient level, sending the account information to an authentication device, wherein the authentication device is used for authenticating whether the account is authorized to forward the mail according to the account information;
and step B2, receiving an authentication result returned by the authentication equipment, wherein when the authentication result represents that the mail is allowed to be forwarded, the mail is forwarded to a receiver, and when the authentication result represents that the mail is prohibited to be forwarded, the authentication result is displayed to the account.
In this embodiment, when the account level is lower than the mail level, the account level is lower than the recipient level, or the account level is lower than both the mail level and the recipient level, any one of the following two processing schemes may be used, where the first scheme is: the method comprises the steps that an account adjusts the current mail level to a default mail level, then a forwarding button is clicked, a mail client identifies that the mail level of the mail is the default mail level at the moment, the mail is forwarded to a receiver, and meanwhile behavior information of the account for adjusting the mail level is recorded, wherein the default mail level can represent the lowest mail level; the second scheme is as follows: whether the account is privileged without level limit is authenticated through the account information. Specifically, the account information may be sent to the authentication device, and the authentication device authenticates the account based on the received account information, for example, an account privilege table is preset in the authentication device, account information of a privileged account is recorded in the account privilege table, the authentication device matches the received account information with the account information in the account privilege table, if matching is successful, the account is considered to be privileged, at this time, the authentication device may return an authentication result representing that the email is allowed to be forwarded to the email client, if matching is failed, the account is considered not to be privileged, at this time, the authentication device may return an authentication result representing that the email is prohibited from being forwarded to the email client. After the mail client receives the authentication result, if the authentication result is identified to be used for representing that the mail is allowed to be forwarded, the mail is directly forwarded to the receiver, and if the authentication result is identified to be used for representing that the mail is forbidden to be forwarded, the authentication result is displayed to the account so as to clearly inform the account of the reason for forbidding the account to forward the mail.
Optionally, when the account information is stored in the authentication device, returning a serial number corresponding to the account information, and after step B1, the method for controlling security of mail information further includes steps C1 to C4, where:
step C1, receiving the serial number returned by the authentication device;
step C2, acquiring hardware information of hardware installed on the terminal;
step C3, using the hardware information as a key, and encrypting the serial number by using a preset encryption algorithm to obtain encrypted information;
and step C4, sending the encrypted information to the authentication device, wherein the authentication device is used for matching the encrypted information with the encrypted value stored in the authentication device and corresponding to the serial number, if the matching is successful, returning an authentication result representing that the mail is allowed to be forwarded, and if the matching is failed, returning an authentication result representing that the mail is forbidden to be forwarded.
The terminal privilege table can be preset in the authentication device, and the significance of the terminal privilege table is that the privilege is effective only when the account sharing the privilege logs in on a specific terminal, so that the account can be prevented from logging in other terminals at will, if other terminals have potential safety hazards, the risk of mail leakage is increased easily, and meanwhile, after the mail is exposed, if other terminals are not devices inside an enterprise, the source of leakage is not easy to position. The terminal privilege table may include a plurality of association relations, each association relation may include account information, a serial number, and an encrypted value of the privileged account, where the serial number may be any value, or the serial number may represent the number of times that the account authenticates with the authentication device, and the encrypted value may be: and encrypting the serial number by using a preset encryption algorithm by taking hardware information of hardware installed on a specific terminal corresponding to the account as a secret key to obtain a result. The hardware information can comprise a CPU serial number, a hard disk serial number or an MAC address, and because the hardware information can not be counterfeited, the accuracy and the safety of authentication are ensured.
In this embodiment, after sending the account information to the authentication device, the authentication device first matches from the account privilege table, and if matching is successful, searches for an association relationship containing the account information from the terminal privilege table, and then returns a sequence number in the found association relationship to the mail client. Further, hardware information of hardware installed on the terminal is obtained, then the hardware information is used as a secret key, the received serial number is encrypted by using a preset encryption algorithm to obtain encrypted information, the encrypted information is sent to the authentication equipment, the authentication equipment compares the encrypted information with an encrypted value in a corresponding incidence relation, if the encrypted information is consistent with the encrypted value, the account is considered to be logged in on the specific terminal, the privilege is effective at the moment, and the authentication equipment can return an authentication result representing that the mail is allowed to be forwarded. If the two are not consistent, the account is not registered on the specific terminal, the privilege is forbidden at the moment, and the authentication device can return an authentication result of forbidding forwarding the mail.
Fig. 2 schematically shows a flowchart of a mail information security control method according to another embodiment of the present invention.
As shown in fig. 2, the mail client may obtain mail information from the mail server, analyze the mail information to obtain mail content, for example, obtain a mail body, a mail attachment, account information, a mail level, and the like, add the account information and/or terminal information as tracing information such as a watermark to the mail body and the mail attachment when an account looks up a mail, record behavior information of the account on the mail, determine the account level according to the account information, determine a recipient level according to a recipient when the mail is forwarded, allow forwarding when the account level is higher than or equal to the recipient level and the mail level at the same time, and prohibit forwarding when the account level is lower than the recipient level and/or the mail level.
Fig. 3 schematically shows a flow chart of a mail tracing method according to an embodiment of the present invention.
As shown in fig. 3, when sensitive information in the mail leaks, the mail is located according to the content of the sensitive information, whether tracing information such as account information and/or terminal information in the form of a watermark exists in the mail body and the mail attachment is judged, if so, the suspected range is determined according to tracing information, and finally the sensitive information leakage source is located. Otherwise, searching the filing server, searching the mail grade, the account number grade and the account number behavior information of the mail in the filing server, and tracing the information leakage source by combining the analysis of the mail information safety rule.
The embodiment of the present invention further provides a mail information security control device, which corresponds to the mail information security control method provided in the above embodiment, and corresponding technical features and technical effects are not described in detail in this embodiment, and reference may be made to the above embodiment for relevant points. Specifically, fig. 4 is a block diagram of a mail information security control apparatus according to an embodiment of the present invention. As shown in fig. 4, the mail information security control apparatus 400 may include an obtaining module 401 and an embedding module 402, wherein:
an obtaining module 401, configured to obtain account information of an account that refers to the email and/or terminal information of a terminal;
an embedding module 402, configured to embed the account information and/or the terminal information as tracing information into mail content of the mail.
Optionally, the embedding module is further configured to: determining the mail level of the mail, and embedding the account information and/or the terminal information into the mail content as the traceability information when the mail level is higher than or equal to a mail level threshold; and/or when the mail carries a mail attachment, determining the mail attachment level of the mail attachment, and when the mail attachment level is higher than or equal to an attachment level threshold, embedding the account information and/or the terminal information into the mail content as the traceability information; and/or determining the account level of the account according to the account information, and embedding the account information and/or the terminal information into the mail content as the traceability information when the account level is lower than or equal to an account level threshold.
Optionally, the embedding module is further configured to: embedding the account information and/or the terminal information as traceability information into a mail body of the mail; and embedding the account information and/or the terminal information as tracing information into a mail attachment of the mail.
Optionally, the apparatus further comprises: the first determining module is used for responding to a forwarding signal of the mail after the account information and/or the terminal information are embedded into the mail content of the mail as tracing information, and determining the account level of the account according to the account information; the second determining module is used for determining the mail grade of the mail from the mail content; a third determining module, configured to determine a recipient level of the recipient indicated by the forwarding signal; and the allowing module is used for allowing the mail to be forwarded when the account number grade is higher than or equal to the mail grade and the recipient grade at the same time.
Optionally, the apparatus further comprises: the first sending module is used for sending the account information to an authentication device when the account and the like are lower than the mail level and/or the recipient level, wherein the authentication device is used for authenticating whether the account is authorized to forward the mail or not according to the account information; and the first receiving module is used for receiving an authentication result returned by the authentication equipment, wherein the mail is forwarded to the receiver when the authentication result represents that the mail is allowed to be forwarded, and the authentication result is displayed to the account when the authentication result represents that the mail is forbidden to be forwarded.
Optionally, when the account information is stored in the authentication device, a serial number corresponding to the account information is returned, and the apparatus further includes: the second receiving module is used for receiving the serial number returned by the authentication equipment after the account information is sent to the authentication equipment when the account level is lower than the mail level and/or the recipient level; a third obtaining module, configured to obtain hardware information of hardware installed on the terminal; the encryption module is used for encrypting the serial number by using a preset encryption algorithm by taking the hardware information as a secret key to obtain encrypted information; and the second sending module is used for sending the encrypted information to the authentication equipment, wherein the authentication equipment is used for matching the encrypted information with an encrypted value which is stored in the authentication equipment and corresponds to the serial number, if the matching is successful, an authentication result representing that the mail is allowed to be forwarded is returned, and if the matching is failed, an authentication result representing that the mail is forbidden to be forwarded is returned.
Optionally, the terminal information includes an IP address or a unique identification code, and the hardware information includes a CPU serial number, a hard disk serial number, or an MAC address.
Optionally, the apparatus further comprises: and the recording module is used for recording the behavior information of the account on the mail.
Fig. 5 schematically shows a block diagram of a computer device adapted to implement the mail information security control method according to an embodiment of the present invention. In this embodiment, the computer device 500 may be a smart phone, a tablet computer, a notebook computer, a desktop computer, a rack-mounted server, a blade server, a tower server, or a rack-mounted server (including an independent server or a server cluster composed of a plurality of servers) for executing programs, and the like. As shown in fig. 5, the computer device 500 of the present embodiment includes at least but is not limited to: a memory 501, a processor 502, and a network interface 503 communicatively coupled to each other via a system bus. It is noted that FIG. 5 only illustrates the computer device 500 having components 501 and 503, but it is to be understood that not all illustrated components are required to be implemented, and that more or fewer components can alternatively be implemented.
In this embodiment, the memory 503 includes at least one type of computer-readable storage medium, and the readable storage medium includes a flash memory, a hard disk, a multimedia card, a card-type memory (e.g., SD or DX memory, etc.), a Random Access Memory (RAM), a Static Random Access Memory (SRAM), a Read Only Memory (ROM), an Electrically Erasable Programmable Read Only Memory (EEPROM), a Programmable Read Only Memory (PROM), a magnetic memory, a magnetic disk, an optical disk, and the like. In some embodiments, the storage 501 may be an internal storage unit of the computer device 500, such as a hard disk or a memory of the computer device 500. In other embodiments, the memory 501 may also be an external storage device of the computer device 500, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), or the like, provided on the computer device 500. Of course, the memory 501 may also include both internal and external memory units of the computer device 500. In the present embodiment, the memory 501 is generally used for storing an operating system installed in the computer device 500 and various types of application software, such as program codes of a mail information security control method and the like. Further, the memory 501 may also be used to temporarily store various types of data that have been output or are to be output.
Processor 502 may be a Central Processing Unit (CPU), controller, microcontroller, microprocessor, or other data Processing chip in some embodiments. The processor 502 generally operates to control the overall operation of the computer device 500. Such as program codes of a mail information security control method that performs control and processing related to data interaction or communication with the computer apparatus 500.
In this embodiment, the mail information security control method stored in the memory 501 may be further divided into one or more program modules and executed by one or more processors (in this embodiment, the processor 502) to complete the present invention.
The network interface 503 may include a wireless network interface or a wired network interface, and the network interface 503 is typically used to establish communication links between the computer device 500 and other computer devices. For example, the network interface 503 is used to connect the computer device 500 to an external terminal via a network, establish a data transmission channel and a communication link between the computer device 500 and the external terminal, and the like. The network may be a wireless or wired network such as an Intranet (Intranet), the Internet (Internet), a Global System of Mobile communication (GSM), Wideband Code Division Multiple Access (WCDMA), a 4G network, a 5G network, Bluetooth (Bluetooth), or Wi-Fi.
The present embodiment also provides a computer-readable storage medium including a flash memory, a hard disk, a multimedia card, a card-type memory (e.g., SD or DX memory, etc.), a Random Access Memory (RAM), a Static Random Access Memory (SRAM), a Read Only Memory (ROM), an Electrically Erasable Programmable Read Only Memory (EEPROM), a Programmable Read Only Memory (PROM), a magnetic memory, a magnetic disk, an optical disk, a server, an App application mall, etc., on which a computer program is stored, which implements a mail information security control method when executed by a processor.
It will be apparent to those skilled in the art that the modules or steps of the embodiments of the invention described above may be implemented by a general purpose computing device, they may be centralized on a single computing device or distributed across a network of multiple computing devices, and alternatively, they may be implemented by program code executable by a computing device, such that they may be stored in a storage device and executed by a computing device, and in some cases, the steps shown or described may be performed in an order different than that described herein, or they may be separately fabricated into individual integrated circuit modules, or multiple ones of them may be fabricated into a single integrated circuit module. Thus, embodiments of the invention are not limited to any specific combination of hardware and software.
Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner.
The above description is only a preferred embodiment of the present invention, and not intended to limit the scope of the present invention, and all modifications of equivalent structures and equivalent processes, which are made by using the contents of the present specification and the accompanying drawings, or directly or indirectly applied to other related technical fields, are included in the scope of the present invention.

Claims (9)

1. A mail information security control method is characterized by comprising the following steps:
acquiring account information of an account for looking up the mail and/or terminal information of a terminal;
embedding the account information and/or the terminal information as tracing information into the mail content of the mail;
responding to a forwarding signal of the mail, and determining the account level of the account according to the account information; determining the mail grade of the mail from the mail content; determining the receiver grade of the receiver indicated by the forwarding signal; when the account number grade is higher than or equal to the mail grade and the recipient grade at the same time, allowing the mail to be forwarded;
when the account level is lower than the mail level and/or the recipient level, sending the account information to an authentication device, wherein the authentication device is used for authenticating whether the account is authorized to forward the mail according to the account information; and receiving an authentication result returned by the authentication device, wherein the mail is forwarded to the receiver when the authentication result represents that the mail is allowed to be forwarded, and the authentication result is displayed to the account when the authentication result represents that the mail is forbidden to be forwarded.
2. The method according to claim 1, wherein embedding the account information and/or the terminal information as traceability information into the mail content of the mail comprises:
determining the mail level of the mail, and embedding the account information and/or the terminal information into the mail content as the traceability information when the mail level is higher than or equal to a mail level threshold; and/or
When the mail carries a mail attachment, determining the mail attachment grade of the mail attachment, and when the mail attachment grade is higher than or equal to an attachment grade threshold value, embedding the account information and/or the terminal information as the traceability information into the mail content; and/or
And determining the account level of the account according to the account information, and embedding the account information and/or the terminal information as the traceability information into the mail content when the account level is lower than or equal to an account level threshold.
3. The method according to claim 1, wherein embedding the account information and/or the terminal information as traceability information into the mail content of the mail comprises:
embedding the account information and/or the terminal information as the traceability information into a mail body of the mail; and/or
And embedding the account information and/or the terminal information as the traceability information into a mail attachment of the mail.
4. The method according to claim 1, wherein when the account information is stored in the authentication device, a serial number corresponding to the account information is returned, and when the account level is lower than the mail level and/or the recipient level, the method further comprises, after the account information is sent to the authentication device:
receiving the serial number returned by the authentication equipment;
acquiring hardware information of hardware installed on the terminal;
encrypting the serial number by using a preset encryption algorithm by taking the hardware information as a secret key to obtain encrypted information;
and sending the encrypted information to the authentication equipment, wherein the authentication equipment is used for matching the encrypted information with the encrypted value which is stored in the authentication equipment and corresponds to the serial number, if the matching is successful, an authentication result representing that the mail is allowed to be forwarded is returned, and if the matching is failed, an authentication result representing that the mail is forbidden to be forwarded is returned.
5. The method of claim 4, wherein the terminal information comprises an IP address or a unique identification code, and the hardware information comprises a CPU serial number, a hard disk serial number or a MAC address.
6. The method according to any one of claims 1 to 5, further comprising:
and recording the behavior information of the account on the mail.
7. An apparatus for controlling security of mail information, the apparatus comprising:
the acquisition module is used for acquiring account information of an account for looking up the mail and/or terminal information of a terminal;
the embedding module is used for embedding the account information and/or the terminal information into the mail content of the mail as tracing information;
the first determining module is used for responding to a forwarding signal of the mail after the account information and/or the terminal information are embedded into the mail content of the mail as tracing information, and determining the account level of the account according to the account information; the second determining module is used for determining the mail grade of the mail from the mail content; a third determining module, configured to determine a recipient level of the recipient indicated by the forwarding signal; the permission module is used for permitting the mail to be forwarded when the account number grade is higher than or equal to the mail grade and the recipient grade;
the first sending module is used for sending the account information to an authentication device when the account and the like are lower than the mail level and/or the recipient level, wherein the authentication device is used for authenticating whether the account is authorized to forward the mail or not according to the account information; and the first receiving module is used for receiving an authentication result returned by the authentication equipment, wherein the mail is forwarded to the receiver when the authentication result represents that the mail is allowed to be forwarded, and the authentication result is displayed to the account when the authentication result represents that the mail is forbidden to be forwarded.
8. A computer device, characterized in that the computer device comprises: memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the method of any one of claims 1 to 6 when executing the computer program.
9. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the method of any one of claims 1 to 6.
CN201911175218.XA 2019-11-26 2019-11-26 Mail information security control method and device, computer equipment and storage medium Active CN112866080B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911175218.XA CN112866080B (en) 2019-11-26 2019-11-26 Mail information security control method and device, computer equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911175218.XA CN112866080B (en) 2019-11-26 2019-11-26 Mail information security control method and device, computer equipment and storage medium

Publications (2)

Publication Number Publication Date
CN112866080A CN112866080A (en) 2021-05-28
CN112866080B true CN112866080B (en) 2021-12-03

Family

ID=75984963

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911175218.XA Active CN112866080B (en) 2019-11-26 2019-11-26 Mail information security control method and device, computer equipment and storage medium

Country Status (1)

Country Link
CN (1) CN112866080B (en)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1414205A1 (en) * 2002-10-24 2004-04-28 Alcatel Method and device for tracing of electronic mail
CN102710548A (en) * 2012-06-08 2012-10-03 上海东数信息技术有限公司 Method and system for tracking operation of each email receiver over email
CN103595583A (en) * 2013-11-12 2014-02-19 国家电网公司 Embedded type mail security monitoring and control method based on intranet new mail platform
CN104219135A (en) * 2013-06-05 2014-12-17 北京国信冠群技术有限公司 System and method for trajectory tracking during circulation of E-mail
CN106027498A (en) * 2016-05-05 2016-10-12 北京元心科技有限公司 Method and device for improving email security of enterprise mobile management (EMM) system
CN108632128A (en) * 2017-03-15 2018-10-09 阿里巴巴集团控股有限公司 A kind of email tracking method and apparatus
CN108809803A (en) * 2018-04-18 2018-11-13 北京明朝万达科技股份有限公司 A kind of anti-method and system divulged a secret with tracing of fileinfo
CN108833254A (en) * 2018-04-19 2018-11-16 华为技术有限公司 A kind of email processing method, device and storage medium

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8918466B2 (en) * 2004-03-09 2014-12-23 Tonny Yu System for email processing and analysis

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1414205A1 (en) * 2002-10-24 2004-04-28 Alcatel Method and device for tracing of electronic mail
CN102710548A (en) * 2012-06-08 2012-10-03 上海东数信息技术有限公司 Method and system for tracking operation of each email receiver over email
CN104219135A (en) * 2013-06-05 2014-12-17 北京国信冠群技术有限公司 System and method for trajectory tracking during circulation of E-mail
CN103595583A (en) * 2013-11-12 2014-02-19 国家电网公司 Embedded type mail security monitoring and control method based on intranet new mail platform
CN106027498A (en) * 2016-05-05 2016-10-12 北京元心科技有限公司 Method and device for improving email security of enterprise mobile management (EMM) system
CN108632128A (en) * 2017-03-15 2018-10-09 阿里巴巴集团控股有限公司 A kind of email tracking method and apparatus
CN108809803A (en) * 2018-04-18 2018-11-13 北京明朝万达科技股份有限公司 A kind of anti-method and system divulged a secret with tracing of fileinfo
CN108833254A (en) * 2018-04-19 2018-11-16 华为技术有限公司 A kind of email processing method, device and storage medium

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
"Trace email back to its source and stop spam";Visualware;《http://www.emailtrackerpro.com》;20130118;全文 *
"邮件防泄密系统建设及应用效果评价";陈宗宇等;《第十四届宁夏青年科学家论坛石化专题论坛论文集》;20180724;全文 *

Also Published As

Publication number Publication date
CN112866080A (en) 2021-05-28

Similar Documents

Publication Publication Date Title
CN110336797B (en) Enterprise authentication and authentication tracing method, device and equipment based on block chain
US9450921B2 (en) Systems and methods for controlling email access
US9467410B2 (en) Just-in-time, email embedded URL reputation determination
US10193844B1 (en) Secure cloud-based messaging and storage
US20140208405A1 (en) Simplified and Safe User Authentication
US20130247144A1 (en) Controlling Access to Resources on a Network
CN111181975B (en) Account management method, device, equipment and storage medium
US8935768B1 (en) Controlling client access to email responsive to email class levels
CN110417718B (en) Method, device, equipment and storage medium for processing risk data in website
US20170371894A1 (en) Samba configuration management method and system for network device
CN103491532A (en) Cooperative privacy protection method and system based on Android platform
CN107872440A (en) Identification authentication methods, devices and systems
US20200120052A1 (en) Systems and methods for detecting, reporting and cleaning metadata from inbound attachments
US20160191432A1 (en) Secure conversation and document binder
CN111371889B (en) Message processing method and device, internet of things system and storage medium
US9432357B2 (en) Computer network security management system and method
CN103685254A (en) Common account information safety detecting method and server
US10511631B2 (en) Safe data access through any data channel
US9887950B2 (en) Validating E-mails using message posting services
CN112866080B (en) Mail information security control method and device, computer equipment and storage medium
US9923857B2 (en) Symbolic variables within email addresses
CN108965108B (en) Message pushing method and related equipment
US8813242B1 (en) Auto-insertion of information classification
CN110909086A (en) Mail archiving method, system, computer device and computer readable storage medium
CN112583761A (en) Management method and device of security entity, computer equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CP03 Change of name, title or address
CP03 Change of name, title or address

Address after: 519015 Room 601, Lianshan Lane, Jida Jingshan Road, Zhuhai City, Guangdong Province

Patentee after: Zhuhai Lianyun Technology Co.,Ltd.

Patentee after: GREE ELECTRIC APPLIANCES Inc. OF ZHUHAI

Address before: 519000 Qianshan Golden Chicken West Road in Zhuhai, Guangdong

Patentee before: GREE ELECTRIC APPLIANCES Inc. OF ZHUHAI

Patentee before: Zhuhai Lianyun Technology Co.,Ltd.