CN113378225A - Online sensitive data acquisition method and device, electronic equipment and storage medium - Google Patents
Online sensitive data acquisition method and device, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN113378225A CN113378225A CN202110705338.7A CN202110705338A CN113378225A CN 113378225 A CN113378225 A CN 113378225A CN 202110705338 A CN202110705338 A CN 202110705338A CN 113378225 A CN113378225 A CN 113378225A
- Authority
- CN
- China
- Prior art keywords
- information
- user
- sensitive
- data
- file
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 59
- 238000012795 verification Methods 0.000 claims abstract description 56
- 238000000586 desensitisation Methods 0.000 claims description 36
- 238000004590 computer program Methods 0.000 claims description 14
- 238000012545 processing Methods 0.000 abstract description 16
- 230000008569 process Effects 0.000 description 14
- 238000007726 management method Methods 0.000 description 13
- 230000006870 function Effects 0.000 description 10
- 238000013523 data management Methods 0.000 description 4
- 230000000694 effects Effects 0.000 description 4
- 238000004891 communication Methods 0.000 description 3
- 238000011161 development Methods 0.000 description 3
- 230000003993 interaction Effects 0.000 description 3
- 230000007123 defense Effects 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 239000004973 liquid crystal related substance Substances 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000002265 prevention Effects 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 1
- 238000004140 cleaning Methods 0.000 description 1
- 230000006835 compression Effects 0.000 description 1
- 238000007906 compression Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 230000000977 initiatory effect Effects 0.000 description 1
- 210000001503 joint Anatomy 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 238000012797 qualification Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Automation & Control Theory (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to the technical field of data processing, and provides an online sensitive data acquisition method, electronic equipment, a device and a storage medium, wherein the method comprises the following steps: receiving a data access request of a user, and acquiring login information in the data access request; using the login information to carry out authority verification on the user so as to determine whether the user has sensitive information access authority; if the user has the sensitive information access right, determining the file type of the sensitive data information to be downloaded requested by the user according to the data access request, wherein the file type comprises a desensitized file and a non-desensitized original file; and providing the sensitive data information of the corresponding file type for the user according to the file type of the sensitive data information to be downloaded requested by the user. The technical scheme provided by the invention can solve the problems that the existing online sensitive information acquisition method is low in security and sensitive information is easy to steal.
Description
Technical Field
The present invention relates to the field of data processing technologies, and in particular, to a method and an apparatus for acquiring online sensitive data, an electronic device, and a storage medium.
Background
With the development of the internet, business processes (such as management business processes) of many industries are online, and the business working efficiency and the business interaction quality can be remarkably improved by performing operations such as data interaction, business communication, business management and the like online.
However, when data interaction is performed on the line, the security of a part of data information (marked as sensitive information) is very important, which is related to the development of business and companies, and if the part of data information is known by persons without authority, it is likely that important secrets of the company are leaked, so that the whole business line of the company cannot survive and even seriously loses. Therefore, the partial data information on the line needs to be managed separately, so that people without the authority of the partial data information and even other people competing with the company are prevented from acquiring the partial data information on the line.
At present, most of the existing on-line sensitive information protection is realized by using a login password, and only relevant personnel with the login password can log in an on-line system to obtain required sensitive information; however, although this method is simple and fast, the protection effect is poor, once the login password is leaked, important confidential information of the company can be stolen, and serious loss is caused to the company.
Based on the above technical problems, a method capable of significantly improving the security of online sensitive information is needed.
Disclosure of Invention
The invention provides an online sensitive data acquisition method, an online sensitive data acquisition device, electronic equipment and a storage medium, and mainly aims to solve the problems that the existing online sensitive information acquisition method is low in safety and sensitive information is easy to steal.
In order to achieve the above object, the present invention provides a method for acquiring online sensitive data, comprising the following steps:
receiving a data access request of a user, and acquiring login information in the data access request;
using the login information to carry out authority verification on the user so as to determine whether the user has sensitive information access authority;
if the user has the sensitive information access right, determining the file type of the sensitive data information to be downloaded requested by the user according to the data access request, wherein the file type comprises a desensitized file and a non-desensitized original file;
and providing the sensitive data information of the corresponding file type for the user according to the file type of the sensitive data information to be downloaded requested by the user.
Preferably, the performing, by using the login information, an authority check on the user to determine whether the user has a sensitive information access authority includes:
judging whether the IP address of the login client of the user exists in a preset IP address query book or not;
if the IP address of the user login client does not exist in the preset IP address query book, rejecting the data access request, and adding the IP address of the user login client to an IP address blacklist;
and if the IP address of the login client of the user exists in the preset IP address query book, preliminarily judging that the user has the sensitive information access authority.
Preferably, after preliminarily determining that the user has the access right to the sensitive information, the method further includes:
if the login information does not exist in the preset authority personnel book, the data access request is refused;
and finally judging that the user has the sensitive information access authority if the login information exists in the preset authority personnel book.
Preferably, the providing, according to the file type of the sensitive data information to be downloaded requested by the user, the sensitive data information of the corresponding file type for the user includes:
if the file type of the sensitive data information to be downloaded requested by the user is the desensitization file, desensitizing a sensitive information source file matched with the sensitive data information to be downloaded in a local system according to a preset desensitization rule to form a desensitization file;
and sending the desensitization file to a login client of the user.
Preferably, the desensitizing processing of the sensitive information source file matched with the sensitive data information to be downloaded in the local system according to the preset desensitizing rule includes:
acquiring all sensitive information in the sensitive information source file and the data type of each piece of sensitive information;
if the data type of the sensitive information is an address general type, shielding Arabic numbers in the sensitive information;
if the data type of the sensitive information is a mobile phone number universal type, reserving digits at a preset position in the sensitive information, and shielding the rest digits;
if the data type of the sensitive information is a name universal type, reserving a preset number of characters in the sensitive information, and shielding the rest characters.
Preferably, the providing the sensitive data information of the corresponding file type for the user according to the file type of the sensitive data information to be downloaded requested by the user further includes:
if the file type of the sensitive data information to be downloaded requested by the user is the non-desensitized original file, performing approval verification on the user according to a preset approval rule;
if the user passes the approval verification, directly sending a sensitive information source file matched with the sensitive data information to be downloaded in the local system to a login client of the user;
and if the user does not pass the examination and approval check, rejecting the data access request.
Preferably, the data access request includes a request reason; the examination and approval verification of the user according to the preset examination and approval rule comprises the following steps:
acquiring the request reason contained in the data access request;
reporting the request reason to a preset superior approval system;
examining and approving the request reason through the superior examining and approving system; the superior examination and approval system is internally stored with a sensitive information request reason reporting book;
if the reporting request corresponding to the request reason can be matched in the sensitive information request reason reporting book, judging that the user passes the examination and approval verification; otherwise, judging that the user does not pass the examination and approval verification.
In another aspect, the present invention further provides an online sensitive data acquiring apparatus, including:
the information acquisition unit is used for receiving a data access request of a user and acquiring login information in the data access request;
the authority verification unit is used for performing authority verification on the user by using the login information so as to determine whether the user has sensitive information access authority;
the file type judging unit is used for determining the file type of the sensitive data information to be downloaded requested by the user according to the data access request if the user has the sensitive information access right, wherein the file type comprises a desensitized file and a non-desensitized original file;
and the sensitive information acquisition unit is used for providing the sensitive data information of the corresponding file type for the user according to the file type of the sensitive data information to be downloaded requested by the user.
In another aspect, the present invention further provides an electronic device, which includes a memory and a processor, where the memory stores a computer program, and the processor implements the steps in the above method for acquiring online sensitive data when executing the computer program.
In addition, the present invention also provides a computer readable storage medium, on which a computer program is stored, which, when being executed by a processor, implements the steps in the above-mentioned on-line sensitive data acquisition method.
According to the method, the device, the electronic equipment and the readable storage medium for acquiring the on-line sensitive data, disclosed by the invention, the on-line sensitive data can be prevented from being stolen by others (such as hackers) through setting authority verification; in addition, the invention also carries out desensitization processing on the online sensitive information and provides a desensitization file or a non-desensitization original file of a corresponding type for the user according to the file type, thereby perfecting the acquisition mode of sensitive data, playing a good role in prevention and control on further ensuring the information security of companies, and having defense and supervision functions.
Drawings
FIG. 1 is a flow chart of a preferred embodiment of a method for on-line sensitive data acquisition according to an embodiment of the present invention;
FIG. 2 is a block diagram of an on-line sensitive data acquisition device according to an embodiment of the present invention;
fig. 3 is a schematic diagram of an internal structure of an electronic device implementing a method for acquiring online sensitive data according to an embodiment of the present invention.
The implementation, functional features and advantages of the objects of the present invention will be further explained with reference to the accompanying drawings.
Detailed Description
In the following description, for purposes of explanation, numerous specific details are set forth in order to provide a thorough understanding of one or more embodiments. It may be evident, however, that such embodiment(s) may be practiced without these specific details.
Specific embodiments of the present application will be described in detail below with reference to the accompanying drawings.
Example 1
In order to illustrate the on-line sensitive data acquisition method provided by the present invention, fig. 1 shows a flow of the on-line sensitive data acquisition method provided by the present invention.
As shown in fig. 1, the method for acquiring online sensitive data provided by the present invention includes:
s110: receiving a data access request of a user, and acquiring login information in the data access request.
It should be noted that when a user logs in a local system to access sensitive data information, correct login information needs to be input, the local system performs permission check on the user according to the login information in the data access request, and only a user who passes the permission check can have the qualification of acquiring the required sensitive data information.
S120: and carrying out authority verification on the user by using the login information so as to determine whether the user has sensitive information access authority.
It should be noted that, for an online management platform, data inside the platform is mainly divided into two categories, one category is conventional data information, and the data is irrelevant to the security of the company or the platform and cannot be used as a secret to influence the development of the company; e.g., time deadline, general equipment parameters, process handler number, etc.; the other type is sensitive data information, which is usually important secret of the company and only allows a small number of authorized persons (such as data management post personnel, department leaders, core clients and the like) to obtain the information, such as core equipment parameters, important ip addresses and important personnel information (specifically including names, identification cards, mobile phone numbers, card numbers and the like).
Specifically, the process of performing permission check on the login information of the received data access request to determine whether the user of the data access request has the sensitive information access permission includes:
judging whether the IP address of the login client of the user is in a preset IP address query book or not, if not, rejecting the data access request, and adding the IP address of the login client of the user to an IP address blacklist; if yes, preliminarily judging that the user has sensitive information access authority; and the client corresponding to the IP address added into the IP address blacklist can not log in the online management platform any more.
In addition, the process of performing authority check on the login information of the received data access request to judge whether the user of the data access request has the access authority of the sensitive information further comprises the following steps:
if the user is preliminarily judged to have the sensitive information access authority, carrying out secondary verification on the access authority of the user; wherein, the process of carrying out secondary verification on the access authority of the user comprises the following steps:
judging whether the login information of the user is in a preset authority personnel book or not, and if not, directly returning the data access request; and if so, finally judging that the user has the sensitive information access right.
It should be noted that, for the case that the IP address of the login client does not exist in the preset IP address query book, it indicates that the client of the user is not subjected to authority authentication in advance, and it is determined that the user aims at obtaining sensitive data information for an illegal request, so that the data access request needs to be rejected, the IP address of the login client of the user needs to be listed in a blacklist, and targeted protection is performed in the later period. If the IP address of the login client exists in the preset IP address query book but the login information of the user is not in the preset authority personnel book, the situation indicates that the person without the authority accesses the sensitive information through the client with the authority, so that the data access request only needs to be directly refused at the moment.
S130: and if the user has the sensitive information access right, determining the file type of the sensitive data information to be downloaded requested by the user according to the data access request, wherein the file type comprises a desensitized file and a non-desensitized original file.
It should be noted that, a non-desensitization original file of each sensitive data information is stored inside the online management platform, in order to further improve the security of the sensitive data information, when a data access request issued by a user with a sensitive information access right is received inside the online management platform system, desensitization processing needs to be automatically performed on the sensitive data information corresponding to the data access request, so that only part of the content of the sensitive data information primarily acquired by the user can be displayed, and for the information which is very important in the sensitive data information, further verification needs to be performed on the user, so as to ensure the security of the part of the data.
S140: and providing the sensitive data information of the corresponding file type for the user according to the file type of the sensitive data information to be downloaded requested by the user.
Specifically, the providing, according to the file type of the sensitive data information to be downloaded requested by the user, the sensitive data information of the corresponding file type for the user includes:
if the file type of the sensitive data information to be downloaded requested by the user is the desensitization file, desensitizing a sensitive information source file matched with the sensitive data information to be downloaded in a local system according to a preset desensitization rule to form a desensitization file;
and sending the desensitization file to a login client of the user.
Specifically, the desensitizing processing of the sensitive information source file matched with the sensitive data information to be downloaded in the local system according to the preset desensitizing rule includes:
acquiring all sensitive information in the sensitive information source file and the data type of each piece of sensitive information;
if the data type of the sensitive information is an address general type, shielding Arabic numbers in the sensitive information;
if the data type of the sensitive information is a mobile phone number universal type, reserving digits at a preset position in the sensitive information, and shielding the rest digits;
if the data type of the sensitive information is a name universal type, reserving a preset number of characters in the sensitive information, and shielding the rest characters.
More specifically, during desensitization processing of sensitive data information corresponding to the data access request, the following desensitization rule may be employed:
AC 02: general address rules: shielding all Arabic numerals;
AC 03: the general rule of the mobile phone is as follows: reserving the first 3 digits and the last 3 digits and shielding other digits;
AC 04: the general rule of the fixed telephone is that the front 3-bit and the back 3-bit numbers are reserved, and other numbers are shielded;
AC 05: the general rule of names is that the 1 st character (namely surname) is reserved, and other characters are shielded;
AC 06: general rules for identification numbers: reserving the first 6 digits and shielding other digits;
AC 07: card number: the first 6 and last 4 digits are reserved and the other digits are masked.
In addition, it should be noted that, besides the desensitization rule, other requirements are consistent with desensitization logic provided by the information security protocol in the relevant file, including but not limited to: the processing mode of the read-only/editable control, and the processing of textarea class/inputbox class control. In addition, it should be noted that the desensitization technique can identify and desensitize various types of text, images, compressed packets, multi-layer compression, image data, and the like.
Specifically, if the file type of the sensitive data information to be downloaded requested by the user is a desensitization file, desensitization display may be directly performed on the desensitized sensitive data information (i.e., the desensitization file) through a preset display page.
It should be noted that the data information displayed on the display page is desensitized sensitive data information, so that the user can only view part of the information in the sensitive data information, and for the information that is very important in the sensitive data information, the file type in the data access request needs to be changed (to be a non-desensitized original file) to view or even download all the contents of the sensitive data information.
Of course, if the file type of the sensitive data information to be downloaded requested by the user is a desensitized file, the desensitized sensitive data information can also be directly downloaded based on a data acquisition mode (the acquisition mode comprises page preview and downloading) in the data access request according to actual requirements; note that the downloaded data is still in a desensitized state.
In addition, the providing the sensitive data information of the corresponding file type for the user according to the file type of the sensitive data information to be downloaded requested by the user further includes:
if the file type of the sensitive data information to be downloaded requested by the user is the non-desensitized original file, performing approval verification on the user according to a preset approval rule;
if the user passes the approval verification, directly sending a sensitive information source file matched with the sensitive data information to be downloaded in the local system to a login client of the user;
and if the user does not pass the examination and approval check, rejecting the data access request.
Specifically, the data access request includes a request reason; the examination and approval verification of the user according to the preset examination and approval rule comprises the following steps:
acquiring the request reason contained in the data access request;
reporting the request reason to a preset superior approval system;
examining and approving the request reason through the superior examining and approving system; the superior examination and approval system is internally stored with a sensitive information request reason reporting book;
if the reporting request corresponding to the request reason can be matched in the sensitive information request reason reporting book, judging that the user passes the examination and approval verification; otherwise, judging that the user does not pass the examination and approval verification.
It should be noted that if the file type of the sensitive data information to be downloaded requested by the user is a non-desensitized original file, the data access request of the user needs to be further approved and verified, the data access request of the user includes a sensitive data information request reason, when the file type in the data access request of the user is the non-desensitized original file, the sensitive data information request reason in the data access request needs to be reported to a preset upper-level approval system, and when the sensitive data information request reason passes the approval of the level approval system, the non-desensitized original file corresponding to the data access request is comprehensively displayed through a preset display page.
Of course, if the file type of the sensitive data information to be downloaded requested by the user is a non-desensitized file, the sensitive data information which is not desensitized can be directly downloaded according to actual requirements based on a data acquisition mode (the acquisition mode comprises page preview and downloading) in the data access request; it should be noted that the downloaded data is the same as the content of the sensitive information source file.
It should be noted that, in the process of displaying or downloading the sensitive data information (desensitized file or non-desensitized original file), because some sensitive data information has more contents or needs more backups (needs to be downloaded for multiple times), in order to ensure the security of the sensitive data information, a preset duration is set for the sensitive data information, the display or the download is started from the first time, and when the preset duration is reached, the display or the download of the sensitive data information is stopped.
It should be noted that the preset duration is set according to the frequency of use and the content amount of the specific sensitive data information, and may be set to be 7 days (7 × 24 × 3600 seconds) generally.
In order to further explain the method for acquiring the online sensitive information provided by the present invention, the following describes the process of the method for acquiring the online sensitive information in detail in combination with a specific example of the AMS system.
It should be noted that the AMS system is an asset management platform, and is mainly an operating system used by business personnel, and is used for performing online processing on the AMC asset management business process.
According to the information safety regulation in a company, sensitive data information in the AMS system cannot be exposed at will and downloaded at will, so that the AMS system sets a corresponding downloading function by introducing an online sensitive information acquisition method, and controls the authority of the sensitive data information, and for the part of sensitive data information, except for personnel such as data management post personnel, department leaders, core clients and the like, other roles have no authority to download the sensitive data information.
According to the scheme, EOA approval butt joint (corresponding to the approval verification process) is carried out on sensitive data downloading of the roles of the data management posts, data which pass approval are managed and downloaded in a unified mode, and overtime processing is set for downloading contents.
Specifically, based on the principle that the file type of the sensitive data information to be downloaded requested by the user is determined according to the data access request in step S130, when a prompt (download) is clicked, a prompt box pops up to download the sensitive data or the non-sensitive data in the AMS system, which relates to the function of downloading the sensitive data information.
Specifically, based on the acquisition of the sensitive data information in step S140, if a person with access permission (role: data management post, etc.) for the sensitive information selects to download an un-desensitized file (non-desensitized original file), a popup window for initiating an EOA approval is popped up. The EOA approval means that the process needs to be subjected to leader approval, so that the AMS system initiates the sign-up information based on the sensitive data information request reason of the user and calls the EOA system to initiate the sign-up.
When the AMS system receives a downloading request of the non-desensitized original file (corresponding to a data access request), an approval application is submitted to the EOA system according to the request, the request is approved based on the reason of the request, if the approval is rejected, the downloading request is rejected, if the approval is passed, corresponding execution file generation logic is executed, and therefore the corresponding non-desensitized original file is generated and is provided for a user to download.
It should be noted that after the request of the user passes the approval, the data source of the target download file inside the system needs to be processed, so as to generate a corresponding target download file (corresponding to the non-desensitized original file), and store the preset NAS disk. And the subsequent data is provided for users to consult and download. Note that, the valid period of the target download file in the NAS disk is normally set to 7 days according to the negotiation request of the information security and the service side, and when a click download is attempted again after 7 days (7 × 24 × 3600 seconds) from the time of file storage to the time of NAS storage, the front page popup alarm, the alarm content: the method comprises the steps of automatically cleaning files after 7 days, requesting to reinitiate approval for downloading, automatically entering a queue to be destroyed aiming at sensitive files which are out of date, and physically deleting the sensitive files which need to be destroyed from an NAS disc of an AMS system.
According to the above specific embodiment, the online sensitive data acquisition method, the electronic device and the computer readable storage medium provided by the invention have the advantages that the login personal identity information verification and the login client id verification are added in the authority verification, and compared with the existing method of performing verification only by using a login password, the security verification effect can be further improved; in addition, by setting the id verification of the login client, the id of the login client of other people can be automatically determined after other people (such as hackers) steal the identity information and the login password of the login person, and the id of the login client is subjected to authority verification, so that the safety verification effect is further improved; in addition, desensitization processing is carried out on the on-line sensitive information, corresponding examination and approval verification is set, only a login person passing the examination and approval verification can obtain corresponding non-desensitized original data, otherwise, even if the login person passes the authority verification, only the desensitized data can be obtained, and important information in the sensitive information cannot be obtained. In conclusion, the method and the device can further improve the acquisition requirement of information security on sensitive data by setting a mode of combining permission verification and approval verification, play a good role in prevention and control on further ensuring the information security of companies, and achieve the effects of defense, supervision and approval.
It should be understood that, the sequence numbers of the steps in the foregoing embodiments do not imply an execution sequence, and the execution sequence of each process should be determined by its function and inherent logic, and should not constitute any limitation to the implementation process of the embodiments of the present application.
As shown in fig. 2, the present invention also provides an on-line sensitive data acquisition apparatus 100, which can be installed in an electronic device. According to the implemented functions, the online sensitive data acquisition device 100 may include an information acquisition unit 101, a permission verification unit 102, a file type determination unit 103, and a sensitive information acquisition unit 104. The unit provided by the invention is a series of computer program segments which can be executed by a processor of the electronic equipment and can complete fixed functions, and the computer program segments are stored in a memory of the electronic equipment.
In the present embodiment, the functions regarding the respective modules/units are as follows:
an information obtaining unit 101, configured to receive a data access request of a user, and obtain login information in the data access request;
the authority verification unit 102 is configured to perform authority verification on the user by using the login information to determine whether the user has a sensitive information access authority;
a file type determining unit 103, configured to determine, according to the data access request, a file type of the sensitive data information to be downloaded requested by the user if the user has an access right to the sensitive information, where the file type includes a desensitized file and a non-desensitized original file;
the sensitive information obtaining unit 104 is configured to provide the user with the sensitive data information of the corresponding file type according to the file type of the sensitive data information to be downloaded requested by the user.
The permission verification unit comprises a preliminary verification unit, and the preliminary verification unit is used for judging whether the IP address of the login client of the user exists in a preset IP address query book or not;
if the IP address of the user login client does not exist in the preset IP address query book, rejecting the data access request, and adding the IP address of the user login client to an IP address blacklist;
and if the IP address of the login client of the user exists in the preset IP address query book, preliminarily judging that the user has the sensitive information access authority.
In addition, the permission verification unit further comprises a secondary verification unit, and the secondary verification unit is used for rejecting the data access request if the login information does not exist in a preset permission personnel book after the user is judged to have the sensitive information access permission;
and finally judging that the user has the sensitive information access authority if the login information exists in the preset authority personnel book.
In addition, the sensitive information obtaining unit comprises a desensitization information obtaining unit, and the desensitization information obtaining unit is used for performing desensitization processing on a sensitive information source file matched with the sensitive data information to be downloaded in the local system according to a preset desensitization rule to form a desensitization file if the file type of the sensitive data information to be downloaded requested by the user is the desensitization file;
and sending the desensitization file to a login client of the user.
The sensitive information acquisition unit further comprises a non-desensitization information acquisition unit, and is used for carrying out approval verification on the user according to a preset approval rule if the file type of the sensitive data information to be downloaded requested by the user is the non-desensitization original file;
if the user passes the approval verification, directly sending a sensitive information source file matched with the sensitive data information to be downloaded in the local system to a login client of the user;
and if the user does not pass the examination and approval check, rejecting the data access request.
The sensitive information acquisition unit also comprises a desensitization unit which is used for acquiring all sensitive information in the sensitive information source file and the data type of each piece of sensitive information;
if the data type of the sensitive information is an address general type, shielding Arabic numbers in the sensitive information;
if the data type of the sensitive information is a mobile phone number universal type, reserving digits at a preset position in the sensitive information, and shielding the rest digits;
if the data type of the sensitive information is a name universal type, reserving a preset number of characters in the sensitive information, and shielding the rest characters.
The sensitive information acquisition unit further comprises an approval unit used for acquiring the request reason contained in the data access request;
reporting the request reason to a preset superior approval system;
examining and approving the request reason through the superior examining and approving system; the superior examination and approval system is internally stored with a sensitive information request reason reporting book;
if the reporting request corresponding to the request reason can be matched in the sensitive information request reason reporting book, judging that the user passes the examination and approval verification; otherwise, judging that the user does not pass the examination and approval verification.
As shown in fig. 3, the present invention further provides an electronic device 1 for an online sensitive data acquisition method.
The electronic device 1 may comprise a processor 10, a memory 11 and a bus, and may further comprise a computer program, such as an on-line sensitive data acquisition program 12, stored in the memory 11 and executable on said processor 10.
The memory 11 includes at least one type of readable storage medium, which includes flash memory, removable hard disk, multimedia card, card-type memory (e.g., SD or DX memory, etc.), magnetic memory, magnetic disk, optical disk, etc. The memory 11 may in some embodiments be an internal storage unit of the electronic device 1, such as a removable hard disk of the electronic device 1. The memory 11 may also be an external storage device of the electronic device 1 in other embodiments, such as a plug-in mobile hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like, which are provided on the electronic device 1. Further, the memory 11 may also include both an internal storage unit and an external storage device of the electronic device 1. The memory 11 may be used not only to store application software installed in the electronic device 1 and various types of data, such as codes of an on-line sensitive data acquisition program, but also to temporarily store data that has been output or is to be output.
The processor 10 may be composed of an integrated circuit in some embodiments, for example, a single packaged integrated circuit, or may be composed of a plurality of integrated circuits packaged with the same or different functions, including one or more Central Processing Units (CPUs), microprocessors, digital Processing chips, graphics processors, and combinations of various control chips. The processor 10 is a Control Unit (Control Unit) of the electronic device, connects various components of the electronic device by using various interfaces and lines, and executes various functions and processes data of the electronic device 1 by running or executing programs or modules (e.g., on-line sensitive data acquisition programs, etc.) stored in the memory 11 and calling data stored in the memory 11.
The bus may be a Peripheral Component Interconnect (PCI) bus, an Extended Industry Standard Architecture (EISA) bus, or the like. The bus may be divided into an address bus, a data bus, a control bus, etc. The bus is arranged to enable connection communication between the memory 11 and at least one processor 10 or the like.
Fig. 3 shows only an electronic device with components, and it will be understood by those skilled in the art that the structure shown in fig. 3 does not constitute a limitation of the electronic device 1, and may comprise fewer or more components than those shown, or some components may be combined, or a different arrangement of components.
For example, although not shown, the electronic device 1 may further include a power supply (such as a battery) for supplying power to each component, and preferably, the power supply may be logically connected to the at least one processor 10 through a power management device, so as to implement functions of charge management, discharge management, power consumption management, and the like through the power management device. The power supply may also include any component of one or more dc or ac power sources, recharging devices, power failure detection circuitry, power converters or inverters, power status indicators, and the like. The electronic device 1 may further include various sensors, a bluetooth module, a Wi-Fi module, and the like, which are not described herein again.
Further, the electronic device 1 may further include a network interface, and optionally, the network interface may include a wired interface and/or a wireless interface (such as a WI-FI interface, a bluetooth interface, etc.), which are generally used for establishing a communication connection between the electronic device 1 and other electronic devices.
Optionally, the electronic device 1 may further comprise a user interface, which may be a Display (Display), an input unit (such as a Keyboard), and optionally a standard wired interface, a wireless interface. Alternatively, in some embodiments, the display may be an LED display, a liquid crystal display, a touch-sensitive liquid crystal display, an OLED (Organic Light-Emitting Diode) touch device, or the like. The display, which may also be referred to as a display screen or display unit, is suitable for displaying information processed in the electronic device 1 and for displaying a visualized user interface, among other things.
It is to be understood that the described embodiments are for purposes of illustration only and that the scope of the appended claims is not limited to such structures.
The on-line sensitive data acquisition program 12 stored in the memory 11 of the electronic device 1 is a combination of instructions that, when executed in the processor 10, can implement:
receiving a data access request of a user, and acquiring login information in the data access request;
using the login information to carry out authority verification on the user so as to determine whether the user has sensitive information access authority;
if the user has the sensitive information access right, determining the file type of the sensitive data information to be downloaded requested by the user according to the data access request, wherein the file type comprises a desensitized file and a non-desensitized original file;
and providing the sensitive data information of the corresponding file type for the user according to the file type of the sensitive data information to be downloaded requested by the user.
Specifically, the specific implementation method of the processor 10 for the instruction may refer to the description of the relevant steps in the embodiment corresponding to fig. 1, which is not described herein again. It should be emphasized that, in order to further ensure the privacy and security of the above-mentioned on-line sensitive data acquisition, the above-mentioned on-line sensitive data acquisition data is stored in the node of the block chain where the server cluster is located.
Further, the integrated modules/units of the electronic device 1, if implemented in the form of software functional units and sold or used as separate products, may be stored in a computer readable storage medium. The computer-readable medium may include: any entity or device capable of carrying said computer program code, recording medium, U-disk, removable hard disk, magnetic disk, optical disk, computer Memory, Read-Only Memory (ROM).
An embodiment of the present invention further provides a computer-readable storage medium, where the storage medium may be nonvolatile or volatile, and the storage medium stores a computer program, and when the computer program is executed by a processor, the computer program implements:
receiving a data access request of a user, and acquiring login information in the data access request;
using the login information to carry out authority verification on the user so as to determine whether the user has sensitive information access authority;
if the user has the sensitive information access right, determining the file type of the sensitive data information to be downloaded requested by the user according to the data access request, wherein the file type comprises a desensitized file and a non-desensitized original file;
and providing the sensitive data information of the corresponding file type for the user according to the file type of the sensitive data information to be downloaded requested by the user.
Specifically, the specific implementation method of the computer program when being executed by the processor may refer to the description of the relevant steps in the online sensitive data acquisition method in the embodiment, which is not repeated herein.
In the embodiments provided in the present invention, it should be understood that the disclosed apparatus, device and method can be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the modules is only one logical functional division, and other divisions may be realized in practice.
The modules described as separate parts may or may not be physically separate, and parts displayed as modules may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment.
In addition, functional modules in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, or in a form of hardware plus a software functional module.
It will be evident to those skilled in the art that the invention is not limited to the details of the foregoing illustrative embodiments, and that the present invention may be embodied in other specific forms without departing from the spirit or essential attributes thereof.
The present embodiments are therefore to be considered in all respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference signs in the claims shall not be construed as limiting the claim concerned.
The block chain is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, a consensus mechanism, an encryption algorithm and the like. A block chain (Blockchain), which is essentially a decentralized database, is a series of data blocks associated by using a cryptographic method, and each data block contains information of a batch of network transactions, so as to verify the validity (anti-counterfeiting) of the information and generate a next block. The blockchain may include a blockchain underlying platform, a platform product service layer, an application service layer, and the like.
Furthermore, it is obvious that the word "comprising" does not exclude other elements or steps, and the singular does not exclude the plural. A plurality of units or means recited in the system claims may also be implemented by one unit or means in software or hardware. The terms second, etc. are used to denote names, but not any particular order.
Finally, it should be noted that the above embodiments are only for illustrating the technical solutions of the present invention and not for limiting, and although the present invention is described in detail with reference to the preferred embodiments, it should be understood by those skilled in the art that modifications or equivalent substitutions may be made on the technical solutions of the present invention without departing from the spirit and scope of the technical solutions of the present invention.
Claims (10)
1. An online sensitive data acquisition method applied to an electronic device, the method comprising:
receiving a data access request of a user, and acquiring login information in the data access request;
using the login information to carry out authority verification on the user so as to determine whether the user has sensitive information access authority;
if the user has the sensitive information access right, determining the file type of the sensitive data information to be downloaded requested by the user according to the data access request, wherein the file type comprises a desensitized file and a non-desensitized original file;
and providing the sensitive data information of the corresponding file type for the user according to the file type of the sensitive data information to be downloaded requested by the user.
2. The method for acquiring online sensitive data according to claim 1, wherein the performing permission check on the user by using the login information to determine whether the user has a sensitive information access permission comprises:
judging whether the IP address of the login client of the user exists in a preset IP address query book or not;
if the IP address of the user login client does not exist in the preset IP address query book, rejecting the data access request, and adding the IP address of the user login client to an IP address blacklist;
and if the IP address of the login client of the user exists in the preset IP address query book, preliminarily judging that the user has the sensitive information access authority.
3. The on-line sensitive data acquisition method of claim 2, wherein after preliminarily determining that the user has access rights to sensitive information, the method further comprises:
if the login information does not exist in the preset authority personnel book, the data access request is refused;
and finally judging that the user has the sensitive information access authority if the login information exists in the preset authority personnel book.
4. The method for acquiring the on-line sensitive data according to claim 3, wherein the providing the sensitive data information of the corresponding file type for the user according to the file type of the sensitive data information to be downloaded requested by the user comprises:
if the file type of the sensitive data information to be downloaded requested by the user is the desensitization file, desensitizing a sensitive information source file matched with the sensitive data information to be downloaded in a local system according to a preset desensitization rule to form a desensitization file;
and sending the desensitization file to a login client of the user.
5. The method for acquiring the on-line sensitive data according to claim 4, wherein the desensitizing the sensitive information source file matched with the sensitive data information to be downloaded in the local system according to the preset desensitizing rule comprises:
acquiring all sensitive information in the sensitive information source file and the data type of each piece of sensitive information;
if the data type of the sensitive information is an address general type, shielding Arabic numbers in the sensitive information;
if the data type of the sensitive information is a mobile phone number universal type, reserving digits at a preset position in the sensitive information, and shielding the rest digits;
if the data type of the sensitive information is a name universal type, reserving a preset number of characters in the sensitive information, and shielding the rest characters.
6. The method for acquiring the on-line sensitive data according to claim 3, wherein the providing the sensitive data information of the corresponding file type for the user according to the file type of the sensitive data information to be downloaded requested by the user comprises:
if the file type of the sensitive data information to be downloaded requested by the user is the non-desensitized original file, performing approval verification on the user according to a preset approval rule;
if the user passes the approval verification, directly sending a sensitive information source file matched with the sensitive data information to be downloaded in the local system to a login client of the user;
and if the user does not pass the examination and approval check, rejecting the data access request.
7. The method for acquiring the on-line sensitive data according to claim 6, wherein the data access request comprises a request reason; the examination and approval verification of the user according to the preset examination and approval rule comprises the following steps:
acquiring the request reason contained in the data access request;
reporting the request reason to a preset superior approval system;
examining and approving the request reason through the superior examining and approving system; the superior examination and approval system is internally stored with a sensitive information request reason reporting book;
if the reporting request corresponding to the request reason can be matched in the sensitive information request reason reporting book, judging that the user passes the examination and approval verification; otherwise, judging that the user does not pass the examination and approval verification.
8. An on-line sensitive data acquisition device, comprising:
the information acquisition unit is used for receiving a data access request of a user and acquiring login information in the data access request;
the authority verification unit is used for performing authority verification on the user by using the login information so as to determine whether the user has sensitive information access authority;
the file type judging unit is used for determining the file type of the sensitive data information to be downloaded requested by the user according to the data access request if the user has the sensitive information access right, wherein the file type comprises a desensitized file and a non-desensitized original file;
and the sensitive information acquisition unit is used for providing the sensitive data information of the corresponding file type for the user according to the file type of the sensitive data information to be downloaded requested by the user.
9. An electronic device comprising a memory and a processor, the memory storing a computer program, wherein the processor when executing the computer program performs the steps of the on-line sensitive data acquisition method of any one of claims 1 to 7.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the method for on-line sensitive data acquisition according to any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110705338.7A CN113378225A (en) | 2021-06-24 | 2021-06-24 | Online sensitive data acquisition method and device, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110705338.7A CN113378225A (en) | 2021-06-24 | 2021-06-24 | Online sensitive data acquisition method and device, electronic equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113378225A true CN113378225A (en) | 2021-09-10 |
Family
ID=77578965
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110705338.7A Pending CN113378225A (en) | 2021-06-24 | 2021-06-24 | Online sensitive data acquisition method and device, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113378225A (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114205118A (en) * | 2021-11-17 | 2022-03-18 | 南方电网数字电网研究院有限公司 | Data access control analysis method based on data security method category |
| CN114244583A (en) * | 2021-11-30 | 2022-03-25 | 珠海大横琴科技发展有限公司 | Data processing method and device based on mobile client |
| CN114625700A (en) * | 2022-03-22 | 2022-06-14 | 平安普惠企业管理有限公司 | Authority-based file display method, device, equipment and storage medium |
| CN114861223A (en) * | 2022-05-05 | 2022-08-05 | 北京字跳网络技术有限公司 | Target information query method, device, equipment and readable storage medium |
| CN115098877A (en) * | 2022-08-25 | 2022-09-23 | 北京前沿信安科技股份有限公司 | File encryption and decryption method and device, electronic equipment and medium |
| CN115114646A (en) * | 2022-08-25 | 2022-09-27 | 北京前沿信安科技股份有限公司 | File authority processing method and device and storage medium |
| CN117195253A (en) * | 2023-08-24 | 2023-12-08 | 南京证券股份有限公司 | Personal information security protection method and system |
Citations (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102841902A (en) * | 2011-06-23 | 2012-12-26 | 捷达世软件(深圳)有限公司 | Database data management method and system |
| CN103500349A (en) * | 2013-10-15 | 2014-01-08 | 重庆市城投金卡信息产业股份有限公司 | RFID (radio frequency identification) digital information read-write security control method and device, and reader-writer |
| CN107871062A (en) * | 2016-09-28 | 2018-04-03 | 中兴通讯股份有限公司 | A kind of application permission control method, device and terminal |
| CN109977690A (en) * | 2017-12-28 | 2019-07-05 | 中国移动通信集团陕西有限公司 | A kind of data processing method, device and medium |
| CN111400765A (en) * | 2020-03-25 | 2020-07-10 | 支付宝(杭州)信息技术有限公司 | Private data access method and device and electronic equipment |
| CN111563269A (en) * | 2020-03-18 | 2020-08-21 | 宁波送变电建设有限公司永耀科技分公司 | Sensitive data security protection method and system based on shadow system |
| US20200293681A1 (en) * | 2019-03-15 | 2020-09-17 | ZenPayroll, Inc. | Tagging and auditing sensitive information in a database environment |
| CN111709055A (en) * | 2020-06-16 | 2020-09-25 | 四川虹微技术有限公司 | User information acquisition method and device, electronic equipment and storage medium |
| CN112069536A (en) * | 2020-08-31 | 2020-12-11 | 上海上讯信息技术股份有限公司 | Method and equipment for realizing desensitization access of database data |
| CN112165455A (en) * | 2020-09-04 | 2021-01-01 | 杭州安恒信息技术股份有限公司 | Data access control method and device, computer equipment and storage medium |
| CN112199624A (en) * | 2020-10-10 | 2021-01-08 | 杭州安恒信息技术股份有限公司 | Data access control method, device, electronic device and storage medium |
| CN112329049A (en) * | 2020-01-23 | 2021-02-05 | 北京沃东天骏信息技术有限公司 | Business data management method, device, electronic equipment and medium |
| CN112446022A (en) * | 2020-12-14 | 2021-03-05 | 招商局金融科技有限公司 | Data authority control method and device, electronic equipment and storage medium |
| CN112597481A (en) * | 2020-12-29 | 2021-04-02 | 平安银行股份有限公司 | Sensitive data access method and device, computer equipment and storage medium |
| CN112926082A (en) * | 2021-02-08 | 2021-06-08 | 联想(北京)有限公司 | Information processing method and device based on block chain |
-
2021
- 2021-06-24 CN CN202110705338.7A patent/CN113378225A/en active Pending
Patent Citations (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102841902A (en) * | 2011-06-23 | 2012-12-26 | 捷达世软件(深圳)有限公司 | Database data management method and system |
| CN103500349A (en) * | 2013-10-15 | 2014-01-08 | 重庆市城投金卡信息产业股份有限公司 | RFID (radio frequency identification) digital information read-write security control method and device, and reader-writer |
| CN107871062A (en) * | 2016-09-28 | 2018-04-03 | 中兴通讯股份有限公司 | A kind of application permission control method, device and terminal |
| CN109977690A (en) * | 2017-12-28 | 2019-07-05 | 中国移动通信集团陕西有限公司 | A kind of data processing method, device and medium |
| US20200293681A1 (en) * | 2019-03-15 | 2020-09-17 | ZenPayroll, Inc. | Tagging and auditing sensitive information in a database environment |
| CN112329049A (en) * | 2020-01-23 | 2021-02-05 | 北京沃东天骏信息技术有限公司 | Business data management method, device, electronic equipment and medium |
| CN111563269A (en) * | 2020-03-18 | 2020-08-21 | 宁波送变电建设有限公司永耀科技分公司 | Sensitive data security protection method and system based on shadow system |
| CN111400765A (en) * | 2020-03-25 | 2020-07-10 | 支付宝(杭州)信息技术有限公司 | Private data access method and device and electronic equipment |
| CN111709055A (en) * | 2020-06-16 | 2020-09-25 | 四川虹微技术有限公司 | User information acquisition method and device, electronic equipment and storage medium |
| CN112069536A (en) * | 2020-08-31 | 2020-12-11 | 上海上讯信息技术股份有限公司 | Method and equipment for realizing desensitization access of database data |
| CN112165455A (en) * | 2020-09-04 | 2021-01-01 | 杭州安恒信息技术股份有限公司 | Data access control method and device, computer equipment and storage medium |
| CN112199624A (en) * | 2020-10-10 | 2021-01-08 | 杭州安恒信息技术股份有限公司 | Data access control method, device, electronic device and storage medium |
| CN112446022A (en) * | 2020-12-14 | 2021-03-05 | 招商局金融科技有限公司 | Data authority control method and device, electronic equipment and storage medium |
| CN112597481A (en) * | 2020-12-29 | 2021-04-02 | 平安银行股份有限公司 | Sensitive data access method and device, computer equipment and storage medium |
| CN112926082A (en) * | 2021-02-08 | 2021-06-08 | 联想(北京)有限公司 | Information processing method and device based on block chain |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114205118A (en) * | 2021-11-17 | 2022-03-18 | 南方电网数字电网研究院有限公司 | Data access control analysis method based on data security method category |
| CN114205118B (en) * | 2021-11-17 | 2023-10-27 | 南方电网数字电网研究院有限公司 | Data access control analysis method based on data security method category |
| CN114244583A (en) * | 2021-11-30 | 2022-03-25 | 珠海大横琴科技发展有限公司 | Data processing method and device based on mobile client |
| CN114625700A (en) * | 2022-03-22 | 2022-06-14 | 平安普惠企业管理有限公司 | Authority-based file display method, device, equipment and storage medium |
| CN114861223A (en) * | 2022-05-05 | 2022-08-05 | 北京字跳网络技术有限公司 | Target information query method, device, equipment and readable storage medium |
| CN115098877A (en) * | 2022-08-25 | 2022-09-23 | 北京前沿信安科技股份有限公司 | File encryption and decryption method and device, electronic equipment and medium |
| CN115114646A (en) * | 2022-08-25 | 2022-09-27 | 北京前沿信安科技股份有限公司 | File authority processing method and device and storage medium |
| CN115114646B (en) * | 2022-08-25 | 2023-01-03 | 北京前沿信安科技股份有限公司 | File authority processing method and device and storage medium |
| CN117195253A (en) * | 2023-08-24 | 2023-12-08 | 南京证券股份有限公司 | Personal information security protection method and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN113378225A (en) | Online sensitive data acquisition method and device, electronic equipment and storage medium | |
| CN101310286B (en) | Improved single sign on | |
| CN110149328B (en) | Interface authentication method, device, equipment and computer readable storage medium | |
| CN108295477B (en) | Game account safety detection method, system and device based on big data | |
| CN1981277A (en) | Quarantine system | |
| CN105978855B (en) | Personal information safety protection system and method under a kind of system of real name | |
| CN105453102A (en) | Systems and methods for identifying private keys that have been compromised | |
| CN106878250B (en) | Cross-application single-state login method and device | |
| CN110929816A (en) | Two-dimensional code validity control method and system | |
| CN112632578B (en) | Business system authority control method and device, electronic equipment and storage medium | |
| US20050238174A1 (en) | Method and system for secure communications over a public network | |
| CN114726630B (en) | License-based information security authorization method and device, electronic equipment and medium | |
| CN112354190B (en) | Game login method and device and electronic equipment | |
| TW202123037A (en) | Fraud deduction system, fraud deduction method, and program | |
| CN105653904B (en) | Using the processing method of screen locking, device and mobile terminal | |
| CN108600178A (en) | A kind of method for protecting and system, reference platform of collage-credit data | |
| CN114861160A (en) | Method, device, equipment and storage medium for improving non-administrator account authority | |
| CN114697132A (en) | Method, device, equipment and storage medium for intercepting repeated access request attack | |
| CN114625700A (en) | Authority-based file display method, device, equipment and storage medium | |
| CN113190200A (en) | Exhibition data security protection method and device | |
| CN113595731A (en) | Protection method and device for shared link and computer readable storage medium | |
| CN107172106B (en) | Security information interaction method and system | |
| CN114186141B (en) | Illegal client detection method, device, equipment and medium | |
| CN112650994B (en) | Screen watermark generation method and device, electronic equipment and storage medium | |
| CN114372258A (en) | Self-adaptive identity real-time verification method, device, equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20210910 |