CN113505351A - Identity authentication-based process industry white list access method and system - Google Patents
Identity authentication-based process industry white list access method and system Download PDFInfo
- Publication number
- CN113505351A CN113505351A CN202110700702.0A CN202110700702A CN113505351A CN 113505351 A CN113505351 A CN 113505351A CN 202110700702 A CN202110700702 A CN 202110700702A CN 113505351 A CN113505351 A CN 113505351A
- Authority
- CN
- China
- Prior art keywords
- white list
- software
- operator
- computer
- record
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 63
- 230000008569 process Effects 0.000 title claims abstract description 44
- 238000012216 screening Methods 0.000 claims description 3
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 230000006854 communication Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 230000002159 abnormal effect Effects 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005469 granulation Methods 0.000 description 1
- 230000003179 granulation Effects 0.000 description 1
- 238000013515 script Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F18/00—Pattern recognition
- G06F18/20—Analysing
- G06F18/22—Matching criteria, e.g. proximity measures
Abstract
The invention discloses a process industry white list access method and a system based on identity authentication, wherein the method comprises the following steps: starting white list software, and acquiring all operator user lists on a computer by using the white list software; making a white list record, and scanning software used on a computer to be included in the white list; in the process of making the white list record by the administrator, correspondingly matching the data in the white list record with the operator; and in the process of using the software used on the computer by the operator, the white list software acquires the identity of the operator and judges whether the software used on the computer is in the white list record. The invention solves the problems of complicated generation and rough management of the existing industrial white list.
Description
Technical Field
The invention relates to the technical field of network security, in particular to a process industry white list access method and system based on identity authentication.
Background
The white list technology is widely used in industrial control network security, is more suitable for industrial control network environment compared with the traditional network security black list technology, and completes the white list modeling of the industrial control communication protocol through intelligent learning. The control field and the control value field of the industrial control protocol are deeply analyzed through analyzing and identifying the industrial protocol in the industrial control network, so that protocol control instructions in all communication processes are learned, a white list model of the industrial control protocol is modeled, and then the access of the deep and fine-grained control industrial control protocol is performed by utilizing the white list, the purpose that the control instructions of abnormal access service cannot access the industrial control equipment is achieved, malicious control attack behaviors are prevented, and the safety of the industrial control equipment and the safety of the industrial control network are protected.
The PC computer used in the industrial field can log in different operator users, the requirements of the different operator users on various software used on the PC computer are inconsistent, the granularity of the existing white list is relatively coarse, so different white lists need to be manufactured, and the white list manufactured by different operators is relatively complicated to switch.
Disclosure of Invention
Therefore, the invention provides a process industry white list access method and system based on identity authentication, and aims to solve the problems of complex generation and rough management of the existing industry white list.
In order to achieve the above purpose, the invention provides the following technical scheme:
according to a first aspect of the present invention, a method for accessing a process industry white list based on identity authentication is disclosed, the method comprising:
starting white list software, and acquiring all operator user lists on a computer by using the white list software;
making a white list record, and scanning software used on a computer to be included in the white list;
in the process of making the white list record by the administrator, correspondingly matching the data in the white list record with the operator;
and in the process of using the software used on the computer by the operator, the white list software acquires the identity of the operator and judges whether the software used on the computer is in the white list record.
Furthermore, the white list software corresponds to a plurality of operators, the software used on a computer used by each operator is different, the software used on the computer needs to be included in the white list record, and the white list software is used for recording and registering the operators.
Further, the operators have identification fields, each operator identification field corresponding to a white list record.
Further, the white list records include all software used by the operators on all computers, and each operator generates one white list record.
Furthermore, in the process of making the white list records, the administrator adds a screening function through white list software to enable each white list record to automatically correspond to the corresponding operator identifier on the computer.
According to a second aspect of the present invention, an identity authentication-based process industry white list access system is disclosed, the system comprising: the system comprises a white list making module, a scanning module and a matching module, wherein the white list making module makes white list records through white list software, the scanning module scans conventional software used by an operator and brings the conventional software into the white list records, and the matching module correspondingly matches the operator with the white list records.
Further, the white list making module obtains information of all operator users through an administrator by using white list software, and makes a white list record preliminarily.
Further, the scanning module scans software used on a computer used by each operator, marks the scanned software used on the computer as safe software, and includes scanning results into a white list record.
Further, the matching module matches the operator identification field with the white list records, so that each operator corresponds to one white list record.
Further, in the using process of the system, when different operators log in the computer side to operate software, the white list obtains the identity of the operator through the operator identification field, and the software used by the operator is compared with the corresponding white list record to judge whether the software can be operated.
The invention has the following advantages:
the invention discloses a process industry white list access method and system based on identity authentication, which are characterized in that a white list record is made by operating white list software by an administrator, the software used on a computer used by the operator is brought into the white list record, and the white list record is correspondingly matched with an operator identification field, so that whether the software can run or not can be quickly judged when the operator uses the software, the software running in the white list is subjected to granular control, the white list making process is reduced, and enterprise managers can finely manage the white list.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below. It should be apparent that the drawings in the following description are merely exemplary, and that other embodiments can be derived from the drawings provided by those of ordinary skill in the art without inventive effort.
The structures, ratios, sizes, and the like shown in the present specification are only used for matching with the contents disclosed in the specification, so as to be understood and read by those skilled in the art, and are not used to limit the conditions that the present invention can be implemented, so that the present invention has no technical significance, and any structural modifications, changes in the ratio relationship, or adjustments of the sizes, without affecting the effects and the achievable by the present invention, should still fall within the range that the technical contents disclosed in the present invention can cover.
Fig. 1 is a flowchart of a process industry white list access method based on identity authentication according to an embodiment of the present invention;
Detailed Description
The present invention is described in terms of particular embodiments, other advantages and features of the invention will become apparent to those skilled in the art from the following disclosure, and it is to be understood that the described embodiments are merely exemplary of the invention and that it is not intended to limit the invention to the particular embodiments disclosed. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Example 1
The embodiment discloses a process industry white list access method based on identity authentication, which comprises the following steps:
starting white list software, and acquiring all operator user lists on a computer by using the white list software;
making a white list record, and scanning software used on a computer to be included in the white list;
in the process of making the white list record by the administrator, correspondingly matching the data in the white list record with the operator;
and in the process of using the software used on the computer by the operator, the white list software acquires the identity of the operator and judges whether the software used on the computer is in the white list record.
White listing is generally a technique that enables an enterprise to approve which processes are allowed to run on a particular system by identifying whether processes or files in the system have approved properties, common process names, file names, publisher names, digital signatures. Some vendor products include only executable files, while others include scripts and macros, and may block more extensive files. Zero-day malware and targeted attacks can be defended because by default, any unauthorized software, tools and processes cannot run on the endpoint. If malware attempts to install at a whitelisted-enabled endpoint, the whitelisting technique may determine that the process is untrusted and deny its operating rights.
The white list software corresponds to a plurality of operators, the software used on a computer used by each operator is different, the software used on the computer needs to be brought into a white list record, and the white list software is used for recording and registering the operators. Because there are multiple operators, and the software that each operator needs to operate is different, all operator information needs to be entered and registered. Each operator has its own unique identification field, which corresponds to a white list record.
The white list records comprise software used by operators on all computers, and each operator generates a white list record; in the process of making the white list records, the administrator adds a screening function through white list software to enable each white list record to automatically correspond to the corresponding operator identification on the computer.
When an operator logs in the software for use at a computer end, the white list software firstly acquires the identification field of the operator, determines the identity of the operator, acquires the white list record of the operator, compares the element in use by the operator with the white list record, and determines whether the software in use is in the white list record.
Example 2
The embodiment discloses a process industry white list access system based on identity authentication, which comprises: the system comprises a white list making module, a scanning module and a matching module, wherein the white list making module makes white list records through white list software, the scanning module scans conventional software used by an operator and brings the conventional software into the white list records, and the matching module correspondingly matches the operator with the white list records.
The white list making module obtains information of all operator users by using white list software through an administrator and preliminarily makes a white list record; all the operator information is recorded into the white list software, and an administrator can add or delete the operator name list according to actual requirements, so that fine management is facilitated.
The scanning module scans software used on a computer used by each operator, marks the scanned software used on the computer as safe software, and brings the scanning result into a white list for recording; because the software used on the computer used by each operator is different, the software used on the computer used by each operator needs to be scanned, so that omission is avoided, and the software used on the computer cannot be normally used by the operators in the subsequent process;
the matching module matches the operator identification field with the white list records, so that each operator corresponds to one white list record.
In the using process, when different operators log in the computer side to operate the software, the white list obtains the identity of the operator through the operator identification field, the software used by the operator is compared with the corresponding white list record, and whether the software can be operated or not is judged.
According to the identity authentication-based process industry white list access system, a white list record is made by operating white list software through an administrator, the software used by an operator on a computer is brought into the white list record, the white list record is correspondingly matched with an operator identification field, whether the software can be rapidly judged when the operator uses the software, the software running in the white list is controlled in a granulation mode, the white list making process is reduced, and enterprise managers can finely manage the white list.
Although the invention has been described in detail above with reference to a general description and specific examples, it will be apparent to one skilled in the art that modifications or improvements may be made thereto based on the invention. Accordingly, such modifications and improvements are intended to be within the scope of the invention as claimed.
Claims (10)
1. A process industry white list access method based on identity authentication is characterized in that the method comprises the following steps:
starting white list software, and acquiring all operator user lists on a computer by using the white list software;
making a white list record, and scanning software used on a computer to be included in the white list;
in the process of making the white list record by the administrator, correspondingly matching the data in the white list record with the operator;
and in the process of using the software used on the computer by the operator, the white list software acquires the identity of the operator and judges whether the software used on the computer is in the white list record.
2. The identity authentication-based process industry white list access method as claimed in claim 1, wherein the white list software corresponds to a plurality of operators, the software used on the computer used by each operator is different, the software used on the computer needs to be included in the white list record, and the white list software is used for entering and registering the operators.
3. The identity authentication-based process industry whitelist access method of claim 2, wherein the operators have identification fields, each operator identification field corresponding to a whitelist record.
4. The identity authentication-based process industry white list access method as claimed in claim 1, wherein the white list records comprise all software used by operators on computers, and each operator generates one white list record.
5. The identity authentication-based process industry white list access method as claimed in claim 1, wherein the administrator adds a screening function through white list software in the process of making white list records, so that each white list record automatically corresponds to the corresponding operator identifier on the computer.
6. A process industry whitelist access system based on identity authentication, the system comprising: the system comprises a white list making module, a scanning module and a matching module, wherein the white list making module makes white list records through white list software, the scanning module scans conventional software used by an operator and brings the conventional software into the white list records, and the matching module correspondingly matches the operator with the white list records.
7. The identity authentication-based process industry white list access system of claim 6, wherein the white list creation module initially creates a white list record by an administrator using white list software to obtain information of all operator users.
8. The identity authentication-based process industry white list access system of claim 6, wherein the scanning module scans software used on a computer used by each operator, marks the scanned software used on the computer as security software, and includes the scan results in a white list record.
9. The identity authentication-based process industry white list access system of claim 6, wherein the matching module matches operator identification fields with white list records, one for each operator.
10. The identity authentication-based process industry white list access system as claimed in claim 6, wherein in the using process of the system, when different operators log in the computer side operating software, the white list obtains the identity of the operator through the operator identification field, and compares the software used by the operator with the corresponding white list record to judge whether the software can be operated.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110700702.0A CN113505351A (en) | 2021-06-23 | 2021-06-23 | Identity authentication-based process industry white list access method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110700702.0A CN113505351A (en) | 2021-06-23 | 2021-06-23 | Identity authentication-based process industry white list access method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113505351A true CN113505351A (en) | 2021-10-15 |
Family
ID=78010826
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110700702.0A Pending CN113505351A (en) | 2021-06-23 | 2021-06-23 | Identity authentication-based process industry white list access method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113505351A (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104573516A (en) * | 2014-12-25 | 2015-04-29 | 中国科学院软件研究所 | Industrial control system trusted environment control method and platform based on safety chip |
| CN109766694A (en) * | 2018-12-29 | 2019-05-17 | 北京威努特技术有限公司 | Program protocol white list linkage method and device of industrial control host |
| CN109815735A (en) * | 2019-01-23 | 2019-05-28 | 浙江安点科技有限责任公司 | To the management-control method and system of different user access same asset file permission |
| CN109873803A (en) * | 2018-05-04 | 2019-06-11 | 360企业安全技术(珠海)有限公司 | The authority control method and device of application program, storage medium, computer equipment |
| CN111368293A (en) * | 2020-03-05 | 2020-07-03 | 深信服科技股份有限公司 | Process management method, device, system and computer readable storage medium |
| CN111935061A (en) * | 2019-12-26 | 2020-11-13 | 长扬科技(北京)有限公司 | Industrial control host and network security protection implementation method thereof |
-
2021
- 2021-06-23 CN CN202110700702.0A patent/CN113505351A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104573516A (en) * | 2014-12-25 | 2015-04-29 | 中国科学院软件研究所 | Industrial control system trusted environment control method and platform based on safety chip |
| CN109873803A (en) * | 2018-05-04 | 2019-06-11 | 360企业安全技术(珠海)有限公司 | The authority control method and device of application program, storage medium, computer equipment |
| CN109766694A (en) * | 2018-12-29 | 2019-05-17 | 北京威努特技术有限公司 | Program protocol white list linkage method and device of industrial control host |
| CN109815735A (en) * | 2019-01-23 | 2019-05-28 | 浙江安点科技有限责任公司 | To the management-control method and system of different user access same asset file permission |
| CN111935061A (en) * | 2019-12-26 | 2020-11-13 | 长扬科技(北京)有限公司 | Industrial control host and network security protection implementation method thereof |
| CN111368293A (en) * | 2020-03-05 | 2020-07-03 | 深信服科技股份有限公司 | Process management method, device, system and computer readable storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108322446B (en) | Method and device for detecting vulnerability of intranet assets, computer equipment and storage medium | |
| CN106326699B (en) | Server reinforcing method based on file access control and process access control | |
| US9558343B2 (en) | Methods and systems for controlling access to resources and privileges per process | |
| US8117441B2 (en) | Integrating security protection tools with computer device integrity and privacy policy | |
| EP3462698A1 (en) | System and method of cloud detection, investigation and elimination of targeted attacks | |
| US8220050B2 (en) | Method and system for detecting restricted content associated with retrieved content | |
| US20040143749A1 (en) | Behavior-based host-based intrusion prevention system | |
| US20090248696A1 (en) | Method and system for detecting restricted content associated with retrieved content | |
| US20090247125A1 (en) | Method and system for controlling access of computer resources of mobile client facilities | |
| WO2007089786B1 (en) | Identifying unauthorized privilege escalations | |
| US20110252468A1 (en) | Method and system for protecting a computer againts malicious software | |
| CN102263773A (en) | Real-time protection method and apparatus thereof | |
| CN115701019A (en) | Access request processing method and device of zero trust network and electronic equipment | |
| CN115314286A (en) | Safety guarantee system | |
| CN110086812B (en) | Safe and controllable internal network safety patrol system and method | |
| CN113505351A (en) | Identity authentication-based process industry white list access method and system | |
| US10725898B2 (en) | Testing network framework and information management method applied thereto | |
| CN110958236A (en) | Dynamic authorization method of operation and maintenance auditing system based on risk factor insight | |
| CN106856471A (en) | AD domains login authentication method under 802.1X | |
| US10972469B2 (en) | Protecting critical data and application execution from brute force attacks | |
| Kern et al. | Using RBAC to enforce the principle of least privilege in industrial remote maintenance sessions | |
| CN101777102B (en) | Security audit method and system for kernel | |
| CN116578994B (en) | Data security operation method, computer device and computer storage medium | |
| CN117150453B (en) | Network application detection method, device, equipment, storage medium and program product | |
| Qiao et al. | Research and Design of Robot Application System Security Protection in Electric Power Business Hall based on Artificial Intelligence |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20211015 |
|
| RJ01 | Rejection of invention patent application after publication |