CN113157314A - Efficient intelligent source code safety management platform - Google Patents
Efficient intelligent source code safety management platform Download PDFInfo
- Publication number
- CN113157314A CN113157314A CN202110480184.6A CN202110480184A CN113157314A CN 113157314 A CN113157314 A CN 113157314A CN 202110480184 A CN202110480184 A CN 202110480184A CN 113157314 A CN113157314 A CN 113157314A
- Authority
- CN
- China
- Prior art keywords
- source code
- open source
- version
- open
- codes
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/70—Software maintenance or management
- G06F8/71—Version control; Configuration management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/30—Creation or generation of source code
- G06F8/36—Software reuse
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/033—Test or assess software
Abstract
The invention relates to the technical field of source code management, in particular to a high-efficiency intelligent source code safety management platform which comprises a source code library and a source code updating module, wherein the source code library stores open source codes, the source code updating module is used for acquiring the open source codes and the versions of the open source codes, inquiring whether the open source codes exist in the source code library after the open source codes and the versions of the open source codes are acquired, if yes, further comparing the existing open source code versions in the source code library with the acquired open source code versions, if the acquired open source code versions are higher than the existing open source code versions, replacing the existing open source codes with the acquired open source codes to update the source code library, and if not, directly storing the acquired open source codes in the open source code library. The invention aims to improve the security of the source code in the source code library.
Description
Technical Field
The invention relates to the technical field of source code management, in particular to a high-efficiency intelligent energy code safety management platform.
Background
Currently, in software development, code reuse brings great convenience. In the development of project software, a relatively large amount of codes are usually involved, many of the codes are obtained through a third-party source code library, and therefore, the management of the third-party source code library is necessary. At present, some security risks often exist in open source codes in a source code library, and people using the open source codes are not clear, so that developed software needs to be tested repeatedly, the development period of the software is prolonged, and certain influence is caused on software development, and therefore, in the process of managing the source code library, the security of the open source codes is a problem which needs to be solved urgently.
Disclosure of Invention
The invention aims to provide an efficient intelligent source code security management platform to improve the security of source codes in a source code library.
The technical scheme of the invention is as follows:
the efficient intelligent source code safety management platform comprises a source code base and a source code updating module, wherein open source codes are stored in the source code base, the source code updating module is used for acquiring the open source codes and versions of the open source codes, inquiring whether the open source codes exist in the source code base or not after the open source codes and the versions of the open source codes are acquired, if yes, an existing open source code version and an acquired open source code version in the source code base are further compared, if the acquired open source code version is higher than the existing open source code version, the acquired open source codes are used for replacing the existing open source codes to update the source code base, and if not, the acquired open source codes are directly stored in the open source code base.
Has the advantages that: the source code updating module is used for updating the source code base, on one hand, if the source code base does not have the acquired open source code, the acquired open source code is directly stored in the open source code base, and the number of the open source codes in the source code base is increased; on the other hand, comparing the existing open source code version with the acquired open source code version in the source code library, if the acquired open source code version is higher than the existing open source code version, replacing the existing open source code with the acquired open source code to update the source code library, that is, performing version update on the existing open source code in the source code library, generally, the code of the higher version is optimized for the code of the lower version, and the security of the open source code of the higher version is better ensured than that of the open source code of the lower version.
The system further comprises an open source code downloading frequency counting module and a safety detection module, wherein the open source code downloading frequency counting module is used for counting the downloading frequency of the open source code, and when the downloading frequency of the open source code exceeds the specified frequency, the safety detection module is used for carrying out safety detection on the open source code of which the downloading frequency exceeds the specified value.
Has the advantages that: the invention is provided with an open source code download frequency counting module, which aims to count the download and utilization frequency of each open source code, the situation of the download and utilization of the open source code can be known through the counting of the frequency, if the download frequency of a certain open source code exceeds the specified frequency, the reusability of the open source code is higher, and then the open source code reusability is higher, the open source code should be preferentially detected, so that the potential safety hazard of software development is avoided after a user who downloads the open source code uses the open source code.
Further, if it is detected that the open source code with the download times exceeding the specified value has no security vulnerability, the open source code is subjected to security marking, and if it is detected that the open source code has the security vulnerability, the version of the open source code is preferentially updated through the source code updating module.
Has the advantages that: if it is detected that the open source code with the download times exceeding the specified value has no security vulnerability, performing security marking on the open source code, and after the open source code with high reuse rate is subjected to security marking, when the open source code is downloaded again, the open source code does not need to be subjected to security detection, and the open source code can be known to be safe by inquiring the security marking; if the open source code is detected to have a security vulnerability, the version of the open source code is preferentially updated through the source code updating module, and if the open source code is detected to have the security vulnerability, the version of the open source code can be preferentially updated so as not to influence a user to use the open source code as much as possible, and the safer open source code with the higher version can be updated in time.
Furthermore, the open source code download frequency counting module is further configured to sequence the download frequency of each open source code according to the download frequency of each open source code, and the source code updating module sets the priority level of version updating according to the download frequency of each open source code from high to low.
The downloading times of the open source codes are sequenced through the downloading times of the open source codes, the purpose is to perform statistical sequencing on the multiplexing conditions of the open source codes, the more the downloading times, the higher the multiplexing rate of the open source codes corresponding to the more the downloading times, the more important the user is, therefore, the priority level of version updating is set by the source code updating module according to the downloading times of the open source codes from high to low, so that the version updating is performed preferentially on the open source programs with the more downloading times, more users can use the open source codes more confidently, and the potential safety hazard is reduced.
The system further comprises a version counting module, wherein the version counting module is used for counting the versions of the open source codes in the source code library and setting the priority level of version updating according to the versions of the open source codes from low to high.
Has the advantages that: by counting the versions of the open source codes and setting the priority level of version updating according to the version of each open source code from low to high, the open source code with high version can be updated later due to higher safety, and the open source code with low version is updated preferentially due to higher possibility of bugs. By adopting the priority form to update the version, the management cost of the platform can be reduced as far as possible under the conditions that the use of users is not influenced, the loophole risk of the open source code is controllable or not large, the version query and update of a large number of open source codes are not needed, the occupation of network data is avoided, and the communication requirement is high.
The system further comprises a query module, wherein the query module is used for querying the open source code in the source code library, querying the open source code for the security label after querying the open source code, and if the security label of the open source code is queried, performing secure downloading.
Has the advantages that: when the user uses the open source code, the user can directly inquire whether the open source code has the safety mark, if the open source code has the safety mark, the open source code is safe, and the user can download the open source code safely.
Drawings
FIG. 1 is a schematic diagram of an embodiment of an efficient smart code security management platform according to the present invention.
Detailed Description
The following is further detailed by way of specific embodiments:
example one
The embodiment is basically as shown in fig. 1, and the efficient intelligent source code security management platform in the embodiment includes a source code library, where an open source code is stored in the source code library, and the open source code can be crawled for module codes of software stored in different channels through a web crawler technology, which belongs to the prior art and is not described herein again.
In the technical scheme of this embodiment, in order to increase the number of open source codes in a source code library and update the version of the open source code, the source code update module is included, and the source code update module is configured to acquire the open source code and the version of the open source code, and after the open source code and the version of the open source code are acquired, query whether there is an open source code in the source code library, if there is an open source code version existing in the source code library and the acquired version of the open source code, further compare the existing open source code version in the source code library with the acquired version of the open source code, if the acquired version of the open source code is higher than the existing open source code version, replace the existing open source code with the acquired open source code to update the source code library, and if not, directly store the acquired open source code in the open source code library.
In this embodiment, the system further includes an open source code download frequency counting module and a security detection module, where the open source code download frequency counting module is configured to count download frequencies of open source codes, the open source code download frequency counting module is further configured to sort the download frequencies of the open source codes according to the download frequencies of the open source codes, and the source code update module sets a priority level of version update according to the download frequencies of the open source codes from high to low. In this embodiment, when the number of times of downloading the open source code exceeds the specified number of times, the security detection module performs security detection on the open source code whose number of times of downloading exceeds the specified value. The safety detection specifically comprises the following steps: whether malicious codes or vulnerability codes exist in the open source codes or not is detected, the positions, types, attributes, severity and the like of the malicious codes or the vulnerability codes of the open source codes are detected, detection analysis can be carried out through an existing vulnerability code library, so that the detection of the items is realized, the detection also belongs to the prior art, and the detailed description is omitted. If the open source code with the download times exceeding the specified value is detected to have no security loophole, the open source code is subjected to security marking, and if the open source code is detected to have the security loophole, the version of the open source code is preferentially subjected to version updating through a source code updating module.
Example two
In this embodiment, the system further includes a version statistics module, where the version statistics module is configured to count versions of each open source code in the source code library, and set a priority level of version update according to the version of each open source code from low to high.
By counting the versions of the open source codes and setting the priority level of version updating according to the version of each open source code from low to high, the open source code with high version can be updated later due to higher safety, and the open source code with low version is updated preferentially due to higher possibility of bugs.
EXAMPLE III
In this embodiment, the system further includes a query module, where the query module is configured to query an open source code in a source code library, perform query of a security label on the open source code after the open source code is queried, and perform secure downloading if the security label of the open source code is queried.
In this embodiment, the query module is further configured to perform security detection on the open source code of the latest version after querying the latest version of the open source code, and if it is detected that the open source code of the latest version has no potential safety hazard, perform security marking on the open source code of the latest version, and store the open source code of the latest version and the security marking in a source code library in an associated manner.
Some open source codes are high-version, but security detection may not be performed in a source code library, so that security detection needs to be performed on the open source codes before a user uses the open source codes, the open source codes are used after security detection does not have a security risk, and meanwhile security marking is performed on the open source codes of the latest version for security detection, so that when other users inquire the open source codes later, the open source codes can be known to be safe through the security marking and can be directly used, a step of performing security risk detection again is omitted, the utilization rate of the security codes is improved, and detection cost is reduced.
Further, in this embodiment, the system further includes an open source code download information query module, and if the user detects that the open source code has a security risk before using the open source code, the system further queries the download information of the open source code, and if the query result shows that the download information of the open source code includes download sub-information of other users of the enterprise, sends out prompt information. The method aims to further trace whether other users of the enterprise download and utilize the open source code if the open source code is detected to have the security risk, and send prompt information if the open source code is inquired, so as to prompt the other users of the enterprise or other projects to possibly have the code security risk in the development stage, and is also a supplementary means for reversely tracing the code security problem in the development process of other projects.
The foregoing is merely an example of the present invention, and common general knowledge in the field of known specific structures and characteristics is not described herein in any greater extent than that known in the art at the filing date or prior to the priority date of the application, so that those skilled in the art can now appreciate that all of the above-described techniques in this field and have the ability to apply routine experimentation before this date can be combined with one or more of the present teachings to complete and implement the present invention, and that certain typical known structures or known methods do not pose any impediments to the implementation of the present invention by those skilled in the art. It should be noted that, for those skilled in the art, without departing from the structure of the present invention, several changes and modifications can be made, which should also be regarded as the protection scope of the present invention, and these will not affect the effect of the implementation of the present invention and the practicability of the patent. The scope of the claims of the present application shall be determined by the contents of the claims, and the description of the embodiments and the like in the specification shall be used to explain the contents of the claims.
Claims (6)
1. An efficient intelligent source code security management platform comprises a source code library, wherein open source codes are stored in the source code library, and the efficient intelligent source code security management platform is characterized in that: the source code updating module is used for acquiring an open source code and the version of the open source code, inquiring whether the open source code exists in a source code base or not after the open source code and the version of the open source code are acquired, if so, further comparing the existing open source code version in the source code base with the acquired version of the open source code, if the acquired version of the open source code is higher than the existing open source code version, replacing the existing open source code with the acquired open source code to update the source code base, and if not, directly storing the acquired open source code in the open source code base.
2. The high-efficiency smart energy code security management platform of claim 1, wherein: the system also comprises an open source code downloading frequency counting module and a safety detection module, wherein the open source code downloading frequency counting module is used for counting the downloading frequency of the open source code, and when the downloading frequency of the open source code exceeds the specified frequency, the safety detection module is used for carrying out safety detection on the open source code of which the downloading frequency exceeds the specified value.
3. The efficient intelligent source code security management platform of claim 2, wherein: if the open source code with the download times exceeding the specified value is detected to have no security loophole, the open source code is subjected to security marking, and if the open source code is detected to have the security loophole, the version of the open source code is preferentially subjected to version updating through a source code updating module.
4. The efficient intelligent source code security management platform of claim 2, wherein: the open source code downloading frequency counting module is further used for sequencing the downloading frequency of each open source code according to the downloading frequency of each open source code, and the source code updating module sets the priority level of version updating according to the downloading frequency of each open source code from high to low.
5. The high-efficiency smart energy code security management platform of claim 4, wherein: the system also comprises a version counting module, wherein the version counting module is used for counting the versions of the open source codes in the source code library and setting the priority level of version updating according to the versions of the open source codes from low to high.
6. The efficient intelligent source code security management platform of claim 3, wherein: the system further comprises a query module, wherein the query module is used for querying the open source code in the source code library, querying the open source code for the security label after querying the open source code, and if the security label of the open source code is queried, carrying out secure downloading.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110480184.6A CN113157314B (en) | 2021-04-30 | 2021-04-30 | Efficient intelligent source code safety management platform |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110480184.6A CN113157314B (en) | 2021-04-30 | 2021-04-30 | Efficient intelligent source code safety management platform |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113157314A true CN113157314A (en) | 2021-07-23 |
| CN113157314B CN113157314B (en) | 2023-10-13 |
Family
ID=76872619
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110480184.6A Active CN113157314B (en) | 2021-04-30 | 2021-04-30 | Efficient intelligent source code safety management platform |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113157314B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11836483B1 (en) | 2022-05-27 | 2023-12-05 | International Business Machines Corporation | Compatible and secure software upgrades |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102073512A (en) * | 2009-11-23 | 2011-05-25 | 阿里巴巴集团控股有限公司 | JAVA cluster application system code loading and upgrading device and method |
| CN102929630A (en) * | 2012-10-31 | 2013-02-13 | 中标软件有限公司 | Method and system for code management based on distributed collaborative development environment |
| US20160092683A1 (en) * | 2014-09-26 | 2016-03-31 | Dropbox, Inc. | Scanning Content Items Based on User Activity |
| EP3019994A1 (en) * | 2013-07-12 | 2016-05-18 | Hewlett Packard Enterprise Development LP | Analyzing target software for security vulnerabilities |
| CN111625839A (en) * | 2020-05-29 | 2020-09-04 | 深圳前海微众银行股份有限公司 | Third-party component vulnerability detection method, device, equipment and computer storage medium |
-
2021
- 2021-04-30 CN CN202110480184.6A patent/CN113157314B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102073512A (en) * | 2009-11-23 | 2011-05-25 | 阿里巴巴集团控股有限公司 | JAVA cluster application system code loading and upgrading device and method |
| CN102929630A (en) * | 2012-10-31 | 2013-02-13 | 中标软件有限公司 | Method and system for code management based on distributed collaborative development environment |
| EP3019994A1 (en) * | 2013-07-12 | 2016-05-18 | Hewlett Packard Enterprise Development LP | Analyzing target software for security vulnerabilities |
| US20160092683A1 (en) * | 2014-09-26 | 2016-03-31 | Dropbox, Inc. | Scanning Content Items Based on User Activity |
| CN111625839A (en) * | 2020-05-29 | 2020-09-04 | 深圳前海微众银行股份有限公司 | Third-party component vulnerability detection method, device, equipment and computer storage medium |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11836483B1 (en) | 2022-05-27 | 2023-12-05 | International Business Machines Corporation | Compatible and secure software upgrades |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113157314B (en) | 2023-10-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP1686469B1 (en) | Publishing the status of and updating firmware components | |
| CN100578522C (en) | Electronic device, update method for same and integrated circuit | |
| US9489687B2 (en) | Methods and systems for managing software development | |
| US8527613B2 (en) | Provisioned firmware updates using object identifiers | |
| US20030163685A1 (en) | Method and system to allow performance of permitted activity with respect to a device | |
| CN104217140B (en) | A kind of reinforcement means of application program and device | |
| CN109918285B (en) | Security identification method and device for open source software | |
| CN111190603B (en) | Private data detection method and device and computer readable storage medium | |
| CN110084064B (en) | Big data analysis processing method and system based on terminal | |
| CN107797823B (en) | Business rule management method and device, storage medium and computer equipment | |
| CN104516755A (en) | Installation package generating method and device | |
| WO2020015191A1 (en) | Business rule releasing and managing method, electronic device and readable storage medium | |
| CN103246848A (en) | Software security protection method and equipment | |
| CN102236764A (en) | Method and monitoring system for Android system to defend against desktop information attack | |
| CN101557584A (en) | Method for realizing application authority control of mobile terminal and device | |
| CN107147519B (en) | Method, device and system for upgrading equipment | |
| CN113157314A (en) | Efficient intelligent source code safety management platform | |
| CN113486350A (en) | Malicious software identification method, device, equipment and storage medium | |
| CN108989304A (en) | A kind of trusted software white list construction method | |
| CN112363997B (en) | Data version management method, device and storage medium | |
| CN110018835B (en) | YANG model configuration data processing method and device, terminal device and storage medium | |
| CN105069357A (en) | Vulnerability scanning method, cloud server and system | |
| CN108229147B (en) | Memory detection device and method based on Android virtual container | |
| CN113094711B (en) | Open source code detection method and system based on staged project development | |
| CN110457289A (en) | Advertisement promotion channel interconnection method, system, electronic equipment and readable storage medium storing program for executing |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |