CN113094676A - Saas-based intelligent safety operation and maintenance system - Google Patents
Saas-based intelligent safety operation and maintenance system Download PDFInfo
- Publication number
- CN113094676A CN113094676A CN202110503217.4A CN202110503217A CN113094676A CN 113094676 A CN113094676 A CN 113094676A CN 202110503217 A CN202110503217 A CN 202110503217A CN 113094676 A CN113094676 A CN 113094676A
- Authority
- CN
- China
- Prior art keywords
- information
- user
- access
- module
- login
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses an intelligent safe operation and maintenance system based on saas, comprising; the saas platform and the operation and maintenance management unit; the saas platform comprises a client service layer, a cloud service management layer and an information management layer, wherein the client service layer is used for providing each function module for a user and displaying the function modules on a user end face, and the user realizes a data access request through each function module; when a user performs login data access in a client service layer in the saas platform, the operation and maintenance management unit analyzes the user login access safety from a plurality of levels of user login information, access time information and access data type information related to the user login access, the safety of operation and maintenance management is remarkably improved, and data leakage is effectively prevented.
Description
Technical Field
The invention relates to the technical field of safe operation and maintenance, in particular to an intelligent safe operation and maintenance system based on saas.
Background
The SaaS platform is used for establishing all network infrastructures, software and hardware operation platforms required by informatization of enterprises, is responsible for a series of services such as implementation in the early stage and maintenance in the later stage, the enterprises can use the information system through the Internet without purchasing software and hardware, building a machine room and recruiting IT personnel, and the SaaS-based intelligent operation and maintenance system is used for carrying out safe operation and maintenance management on the login and data access of the SaaS platform.
If the application publication number is CN111756765A, the application publication date is 2020.10.09, the name is 'a SaaS platform-based system security architecture', and the application publication number specifically discloses that the system security architecture comprises a user login module, a network server, an operation and maintenance management module and an operation and maintenance database; an access control layer is arranged for the user login module, and the access control layer comprises identity authentication and authority management; setting a security compliance layer for the web server, the security compliance layer conforming to GDPR; a management protective layer is arranged on the operation and maintenance management module, and comprises a fort machine, a WAF and the like; the operation and maintenance database is provided with an SSL encryption layer which comprises data encryption and decryption, file encryption and decryption service, picture conversion into binary stream encryption and storage, OSS server side encryption, transparent data encryption TDE, cloud disk encryption, DLP, hardware encryptor, intrusion prevention HIDS/EDR and the like
The prior art including the above application has the disadvantages that the currently used SaaS platform mostly adopts network modes such as identity authentication, authority management and the like to perform security management when performing operation and maintenance security management, has a single analysis means for user login access security management, is poor in security, cannot intelligently provide authentication login for a user when an error occurs, and is inconvenient for the user to use.
Disclosure of Invention
The invention aims to provide an intelligent security operation and maintenance system based on saas to solve the above defects in the prior art
In order to achieve the above purpose, the invention provides the following technical scheme: an intelligent security operation and maintenance system based on saas comprises; the saas platform and the operation and maintenance management unit; the saas platform comprises a client service layer, a cloud service management layer and an information management layer, wherein the client service layer is used for providing each function module for a user and displaying the function modules on a user end face, and the user realizes a data access request through each function module; the cloud service management layer receives a user data access request and completes data processing to realize data access feedback; the information management layer is used for analyzing and storing the user access information to form user access historical data; the operation and maintenance management unit is in interactive connection with the client service layer, the cloud service management layer and the information management layer, and achieves the purposes of collecting current user access information, reading user access historical data for safety analysis and intelligently controlling the cloud server management layer according to analysis results.
As a further description of the above technical solution: the user access information comprises login information of a user login client service layer and data accessed by the user.
As a further description of the above technical solution: the operation and maintenance management unit comprises a current access information acquisition module, a historical information reading module and a comprehensive processing unit; the current access information acquisition module is used for calling current user access information of a client service layer; the historical information reading module is used for reading user historical access information stored in the information management layer; the comprehensive processing unit is used for carrying out multi-directional comparison analysis on the current access information of the user and the historical access information of the user to determine the access security degree, and intelligently controlling the cloud service management layer according to the access security degree.
For the further description of the technical scheme: the information management layer comprises an information import module and an information classification and arrangement module; the information import module is used for importing the access information of each time the user logs in the client service layer; the information classification and arrangement module is used for carrying out corresponding classification and integration storage on the user access information and the access time period information.
As a further description of the above technical solution: the information management layer also comprises an information analysis processing module; the information analysis processing module is used for storing the access data used in the access information in a dividing mode according to the related types.
As a further description of the above technical solution: the information management layer also comprises an information updating module; and the information updating module is used for writing and storing the login access information of each time of the user so as to update the historical data of the user.
As a further description of the above technical solution: the comprehensive processing unit comprises a user information analysis module, an access time analysis module and a data type analysis module; the user information analysis module is used for comparing and analyzing the current user login information with the historical login information to determine the login state security; the access time analysis module is used for comparing and analyzing the current login time information of the user with the historical login time to determine the state security of the user login time; the data type analysis module is used for comparing and analyzing the current login access data type and the historical access data type of the user and determining the safety of the user access state.
As a further description of the above technical solution: the user login information comprises current user login equipment information, user account information and user login account security information.
As a further description of the above technical solution: the device also comprises a secondary verification unit; the secondary verification unit is connected with the comprehensive processing unit, and when the comprehensive processing unit analyzes that the safety crisis exists, the information is imported into the secondary verification unit, and the secondary verification unit is used for providing secondary verification access for the user according to historical access data.
As a further description of the above technical solution: the secondary verification unit comprises an information index module and a verification generation module; the information index module is used for acquiring user historical data in an information management layer; the verification generation module is used for automatically generating safety verification information according to the user historical data and transmitting the safety verification information to the client service layer to realize secondary verification access to the user.
In the technical scheme, when a user accesses login data in a client service layer of a saas platform, an operation and maintenance management unit analyzes user login access security from multiple levels of user login information, access time information and access data type information related to the user login access, the safety of operation and maintenance management is remarkably improved, data leakage is effectively prevented, meanwhile, a secondary verification unit is arranged, and login security verification is intelligently generated according to user historical data, so that when login access limitation is caused by errors, intelligent secondary verification login can be performed on user personal information, convenience is provided for user use, and the safety is further improved.
Drawings
In order to more clearly illustrate the embodiments of the present application or technical solutions in the prior art, the drawings needed to be used in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments described in the present invention, and other drawings can be obtained by those skilled in the art according to the drawings.
Fig. 1 is an overall schematic diagram of an saas-based intelligent security operation and maintenance system according to an embodiment of the present invention;
FIG. 2 is a diagram of an operation and maintenance management unit according to an embodiment of the present invention;
FIG. 3 is a diagram of an information management layer according to an embodiment of the present invention;
FIG. 4 is a schematic diagram of an integrated processing unit provided by an embodiment of the present invention;
fig. 5 is a schematic diagram of a secondary verification unit according to an embodiment of the present invention.
Detailed Description
In order to make the technical solutions of the present invention better understood, those skilled in the art will now describe the present invention in further detail with reference to the accompanying drawings.
Referring to fig. 1-5, an embodiment of the present invention provides a technical solution: an intelligent security operation and maintenance system based on saas comprises; the saas platform and the operation and maintenance management unit; the saas platform comprises a client service layer, a cloud service management layer and an information management layer, wherein the client service layer is used for providing each function module for a user and displaying the function modules on the user end face, and the user realizes a data access request through each function module; the cloud service management layer receives the user data access request and completes data processing to realize data access feedback; the information management layer is used for analyzing and storing the user access information to form user access historical data; the operation and maintenance management unit is in interactive connection with the client service layer, the cloud service management layer and the information management layer, and achieves the purposes of collecting current user access information, reading user access historical data for safety analysis and intelligently controlling the cloud server management layer according to analysis results. The user access information comprises login information of a user for logging in the client service layer and data accessed by the user.
Specifically, the saas platform comprises a client service layer, a cloud service management layer and an information management layer, wherein the client service layer is in interactive communication connection with the cloud service management layer, the information management layer is in communication connection with the cloud service management layer, the information management layer is used for calling user access information in the cloud service management layer to analyze and store, an operation and maintenance management unit is in interaction with the information management layer to read history data of user login and access stored in the information management layer, the operation and maintenance management unit is in interaction with the client service layer to call current user login and access data, compares and analyzes the current user login and access data with the user login and access history data, and intelligently controls the cloud service management layer according to an analysis result, and the specific control mode comprises that the current user login and access are limited when the analysis result indicates that a safety risk exists, and when the analysis result is normal, the user normally logs in and accesses data.
The operation and maintenance management unit comprises a current access information acquisition module, a historical information reading module and a comprehensive processing unit; the current access information acquisition module is used for calling current user access information of the client service layer; the historical information reading module is used for reading user historical access information stored in the information management layer; the comprehensive processing unit is used for carrying out multi-directional comparison analysis on the current access information of the user and the historical access information of the user to determine the access security degree, and carrying out intelligent control on the cloud service management layer according to the access security degree. The comprehensive processing unit comprises a user information analysis module, an access time analysis module and a data type analysis module; the user information analysis module is used for comparing and analyzing the current user login information with the historical login information to determine the login state security; the access time analysis module is used for comparing and analyzing the current login time information of the user with the historical login time to determine the state security of the user login time; the data type analysis module is used for comparing and analyzing the current login access data type and the historical access data type of the user and determining the security of the user access state. The operation and maintenance management unit analyzes the user login access safety from a plurality of hierarchies of user login information, access time information and access data type information related to user login access through the comprehensive processing unit, the safety of operation and maintenance management is obviously improved, data leakage is effectively prevented, three occupied proportions of the user login information, the access time information and the access data type information are configured according to actual needs when the user login information, the access time information and the access data type information are compared and analyzed safely, and finally the safety risk is calculated comprehensively by the user login information, the access time information and the access data type information which are more occupied proportions.
The information management layer comprises an information import module and an information classification and arrangement module; the information import module is used for importing the access information of each time the user logs in the client service layer; the information classification and arrangement module is used for carrying out corresponding classification and integration storage on the user access information and the access time period information. The information management layer also comprises an information analysis processing module; the information analysis processing module is used for storing the access data used in the access information in a dividing mode according to the related types. The information management layer also comprises an information updating module; and the information updating module is used for writing and storing the login access information of each time of the user so as to update the historical data of the user. The information management layer integrates the time period information of each login access of the user, provides safety comparison verification for user login according to the time period information of habitual login access of the user, performs classified storage statistics on the user access data type information, and analyzes and judges the safety of current user access when the data type information of the current user access does not coincide with the historical access data type information.
The device also comprises a secondary verification unit; the secondary verification unit is connected with the comprehensive processing unit, and when the comprehensive processing unit analyzes that the safety crisis exists, the information is imported into the secondary verification unit, and the secondary verification unit is used for providing secondary verification access for the user according to the historical access data. The secondary verification unit comprises an information index module and a verification generation module; the information index module is used for acquiring user historical data in the information management layer; and the verification generation module is used for automatically generating safety verification information according to the user historical data and transmitting the safety verification information to the client service layer to realize secondary verification access to the user. Furthermore, a secondary verification unit is arranged, the secondary verification unit intelligently generates login security verification according to user historical data, and login security verification generates login verification problems according to user historical user login information, access time information and access data type information, wherein the verification problems include but are not limited to previous login information of a user, previous access time information of the user and previous access data type information of the user, so that when login access limitation is caused by errors, intelligent secondary verification login can be performed on personal information of the user, convenience is provided for the user to use, and the security is further improved.
While certain exemplary embodiments of the present invention have been described above by way of illustration only, it will be apparent to those of ordinary skill in the art that the described embodiments may be modified in various different ways without departing from the spirit and scope of the invention. Accordingly, the drawings and description are illustrative in nature and should not be construed as limiting the scope of the invention.
Claims (10)
1. An intelligent security operation and maintenance system based on saas is characterized by comprising; the saas platform and the operation and maintenance management unit;
the saas platform comprises a client service layer, a cloud service management layer and an information management layer, wherein the client service layer is used for providing each function module for a user and displaying the function modules on a user end face, and the user realizes a data access request through each function module;
the cloud service management layer receives a user data access request and completes data processing to realize data access feedback;
the information management layer is used for analyzing and storing the user access information to form user access historical data;
the operation and maintenance management unit is in interactive connection with the client service layer, the cloud service management layer and the information management layer, and achieves the purposes of collecting current user access information, reading user access historical data for safety analysis and intelligently controlling the cloud server management layer according to analysis results.
2. The saas-based intelligent security operation and maintenance system as claimed in claim 1, wherein the user access information comprises login information of user login to the client service layer and data accessed by the user.
3. The saas-based intelligent safety operation and maintenance system according to claim 1, wherein the operation and maintenance management unit comprises a current access information acquisition module, a history information reading module and a comprehensive processing unit;
the current access information acquisition module is used for calling current user access information of a client service layer;
the historical information reading module is used for reading user historical access information stored in the information management layer;
the comprehensive processing unit is used for carrying out multi-directional comparison analysis on the current access information of the user and the historical access information of the user to determine the access security degree, and intelligently controlling the cloud service management layer according to the access security degree.
4. The saas-based intelligent security operation and maintenance system as claimed in claim 1, wherein the information management layer comprises an information import module and an information sorting module;
the information import module is used for importing the access information of each time the user logs in the client service layer;
the information classification and arrangement module is used for carrying out corresponding classification and integration storage on the user access information and the access time period information.
5. The saas-based intelligent security operation and maintenance system as claimed in claim 1, wherein the information management layer further comprises an information analysis processing module;
the information analysis processing module is used for storing the access data used in the access information in a dividing mode according to the related types.
6. The saas-based intelligent security operation and maintenance system as claimed in claim 1, wherein the information management layer further comprises an information update module;
and the information updating module is used for writing and storing the login access information of each time of the user so as to update the historical data of the user.
7. The saas-based intelligent security operation and maintenance system according to claim 1, wherein the integrated processing unit comprises a user information analysis module, an access time analysis module and a data type analysis module;
the user information analysis module is used for comparing and analyzing the current user login information with the historical login information to determine the login state security;
the access time analysis module is used for comparing and analyzing the current login time information of the user with the historical login time to determine the state security of the user login time;
the data type analysis module is used for comparing and analyzing the current login access data type and the historical access data type of the user and determining the safety of the user access state.
8. The saas-based intelligent security operation and maintenance system according to claim 7, wherein the user login information comprises user current login device information, user account information, and user login account security information.
9. The saas-based intelligent security operation and maintenance system as claimed in claim 1, further comprising a secondary verification unit;
the secondary verification unit is connected with the comprehensive processing unit, and when the comprehensive processing unit analyzes that the safety crisis exists, the information is imported into the secondary verification unit, and the secondary verification unit is used for providing secondary verification access for the user according to historical access data.
10. The saas-based intelligent security operation and maintenance system according to claim 9, wherein the secondary verification unit comprises an information indexing module and a verification generation module;
the information index module is used for acquiring user historical data in an information management layer;
the verification generation module is used for automatically generating safety verification information according to the user historical data and transmitting the safety verification information to the client service layer to realize secondary verification access to the user.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110503217.4A CN113094676A (en) | 2021-05-10 | 2021-05-10 | Saas-based intelligent safety operation and maintenance system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110503217.4A CN113094676A (en) | 2021-05-10 | 2021-05-10 | Saas-based intelligent safety operation and maintenance system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113094676A true CN113094676A (en) | 2021-07-09 |
Family
ID=76664966
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110503217.4A Pending CN113094676A (en) | 2021-05-10 | 2021-05-10 | Saas-based intelligent safety operation and maintenance system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113094676A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117278333A (en) * | 2023-11-21 | 2023-12-22 | 武汉盛博汇信息技术有限公司 | Intelligent medical data processing method, device and system based on SaaS platform |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102982408A (en) * | 2012-11-05 | 2013-03-20 | 中国电力科学研究院 | Large-scale electric car operation monitoring platform based on cloud computing |
| CN103957248A (en) * | 2014-04-21 | 2014-07-30 | 中国科学院软件研究所 | Public real-time data management cloud service platform based on Internet of Things |
| CN108197480A (en) * | 2017-12-12 | 2018-06-22 | 泰康保险集团股份有限公司 | Access control method, device and computer readable storage medium |
| US10972475B1 (en) * | 2020-01-29 | 2021-04-06 | Capital One Services, Llc | Account access security using a distributed ledger and/or a distributed file system |
| CN112615828A (en) * | 2020-12-08 | 2021-04-06 | 浙江启博知识产权运营有限公司 | Intellectual property operating system based on cloud computing network and intelligent authorization method |
-
2021
- 2021-05-10 CN CN202110503217.4A patent/CN113094676A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102982408A (en) * | 2012-11-05 | 2013-03-20 | 中国电力科学研究院 | Large-scale electric car operation monitoring platform based on cloud computing |
| CN103957248A (en) * | 2014-04-21 | 2014-07-30 | 中国科学院软件研究所 | Public real-time data management cloud service platform based on Internet of Things |
| CN108197480A (en) * | 2017-12-12 | 2018-06-22 | 泰康保险集团股份有限公司 | Access control method, device and computer readable storage medium |
| US10972475B1 (en) * | 2020-01-29 | 2021-04-06 | Capital One Services, Llc | Account access security using a distributed ledger and/or a distributed file system |
| CN112615828A (en) * | 2020-12-08 | 2021-04-06 | 浙江启博知识产权运营有限公司 | Intellectual property operating system based on cloud computing network and intelligent authorization method |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117278333A (en) * | 2023-11-21 | 2023-12-22 | 武汉盛博汇信息技术有限公司 | Intelligent medical data processing method, device and system based on SaaS platform |
| CN117278333B (en) * | 2023-11-21 | 2024-01-30 | 武汉盛博汇信息技术有限公司 | Intelligent medical data processing method, device and system based on SaaS platform |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110197058B (en) | Unified internal control security management method, system, medium and electronic device | |
| CN105139139B (en) | Data processing method and device and system for O&M audit | |
| CN105430000A (en) | Cloud computing security management system | |
| CN112650762A (en) | Data quality monitoring method and device, electronic equipment and storage medium | |
| CN105303455A (en) | Power enterprise user data storage and analysis system | |
| CN104504014A (en) | Data processing method and device based on large data platform | |
| Ford et al. | Clustering of smart meter data for disaggregation | |
| CN111046421A (en) | Enterprise management sharing method based on APP | |
| CN110719298A (en) | Method and device for supporting user-defined change of privileged account password | |
| CN112182625A (en) | Data sharing system for smart city | |
| CN113094676A (en) | Saas-based intelligent safety operation and maintenance system | |
| CN107944293A (en) | Fictitious assets guard method, system, equipment and storage medium | |
| CN110768963A (en) | Trusted security management platform with distributed architecture | |
| CN113536380A (en) | Data privacy protection system | |
| CN112257089A (en) | Automatic storage system for customer information | |
| CN117521091A (en) | Access control method and system of security policy matrix based on data classification and grading | |
| CN107294766B (en) | Centralized control method and system | |
| CN115643573A (en) | Privileged account authentication method and system based on dynamic security environment | |
| CN115600189A (en) | Commercial password application security evaluation system | |
| CN114936224A (en) | Rail inspection data service system based on Hadoop | |
| CN110489947B (en) | Safe office management and control system | |
| CN116167025A (en) | Multi-factor user identity dynamic authentication system and method thereof | |
| CN115239261A (en) | Account login method, device, equipment and medium | |
| CN113626857A (en) | Meteorological information sharing service system based on visual plug-in and use method | |
| CN111553694A (en) | Distributed storage block chain method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |