CN114139840A

CN114139840A - Data center access compliance verification method and system

Info

Publication number: CN114139840A
Application number: CN202010806348.5A
Authority: CN
Inventors: 王鹏达; 焦秀珍; 钟晓睿; 孟庆昕; 王玉; 冯东煜
Original assignee: Diankeyun Beijing Technology Co ltd; China Academy of Electronic and Information Technology of CETC
Current assignee: Diankeyun Beijing Technology Co ltd; China Academy of Electronic and Information Technology of CETC
Priority date: 2020-08-12
Filing date: 2020-08-12
Publication date: 2022-03-04

Abstract

The invention provides a method and a system for verifying data center access compliance, wherein the method comprises the following steps: respectively providing a plurality of data receiving entries with different set category indexes and corresponding prompt information; receiving the uploaded data to be verified at a data receiving inlet with set category indexes, and loading compliance verification basis files of corresponding indexes; performing semantic comparison verification on the data to be verified and the compliance verification reference file under the condition that the data to be verified are characters to obtain and display an automatic compliance verification report comprising qualified items, unqualified content lists and verification passing rate; receiving retransmission data of unqualified items in an automatic compliance verification report, and receiving a manual compliance verification result of the unqualified items so as to update corresponding unqualified items and a passing rate in the automatic compliance verification report to obtain a compliance verification result of a corresponding index; and obtaining a compliance verification result of the data center according to the compliance verification result of each index. Through the scheme, the verification efficiency can be improved.

Description

Data center access compliance verification method and system

Technical Field

The invention relates to the technical field of data evaluation, in particular to a method and a system for verifying data center access compliance.

Background

The data center access compliance verification is used for evaluating the current situation of a data center builder, and mainly aims to solve the outstanding problem that data resource sharing is difficult to open, promote data transaction circulation among departments of various industries, promote data open sharing and cultivate a new cross-fused big data application state.

At present, whether the data center meets the requirement of compliance or not is mainly determined by manually checking whether various conditions of the data center meet the requirement or not, a large amount of labor and time are consumed, and the efficiency of data center compliance checking is low.

Disclosure of Invention

In view of this, the present invention provides a method and a system for verifying data center compliance, so as to improve the efficiency of data center compliance check.

In order to achieve the purpose, the invention is realized by adopting the following scheme:

according to an aspect of an embodiment of the present invention, a method for verifying data center admission compliance is provided, including:

respectively providing a plurality of data receiving entries with different set category indexes and corresponding data uploading prompt information;

receiving uploaded data to be verified of a data center to be subjected to compliance verification at a provided data receiving inlet of a first set type index, and loading a compliance verification basis file of the first set type index;

under the condition that the data to be verified is a text file, extracting corresponding fields of corresponding files from the data to be verified and the compliance verification basis file to perform semantic comparison verification, and obtaining and displaying an automatic compliance verification report, wherein the automatic compliance verification report comprises qualified items, unqualified content lists and verification passing rate of the data to be verified;

receiving the retransmission data of the unqualified items in the automatic compliance verification report, and receiving the manual compliance verification result of the retransmission data corresponding to the unqualified items in the automatic compliance verification report;

updating the verification result of the corresponding unqualified item in the automatic compliance verification report by using the manual compliance verification result, and updating the verification passing rate in the automatic compliance verification report to obtain the compliance verification result of the data center to be subjected to compliance verification, which corresponds to the first set category index;

and obtaining an admission compliance verification result of the data center to be subjected to compliance verification according to the compliance verification result of the data center to be subjected to compliance verification corresponding to each set category index.

In some embodiments, the method for verifying data center admission compliance further includes: and under the condition that the data to be verified is not a character file, if the data to be verified is a picture file, performing OCR (optical character recognition) on the data to be verified, and taking the data to be verified as the data to be verified of the character file.

In some embodiments, the plurality of different setting category indicators include an enterprise background indicator, a data center construction indicator, a data quality indicator, and a data center security indicator.

In some embodiments, the enterprise context indicators include enterprise property requirements, capital construction requirements, business decision rights requirements, personnel management requirements, business situation requirements, qualification requirements, credit rating requirements; the data center construction indexes comprise construction scale requirements, geographic position requirements, machine room compliance requirements, network boundary requirements and data center asset requirements; the data quality index comprises: the method comprises the following steps of (1) requiring data normalization, data integrity, data accuracy, data consistency, data effectiveness and data accessibility; the data center safety indexes comprise: network security level protection requirements, network security review requirements, and network security risk assessment requirements.

In some embodiments, the providing the data receiving entries and the corresponding data uploading prompt messages of a plurality of different setting type indexes respectively includes: providing a plurality of data receiving entries with different set type indexes and corresponding data uploading prompt information according to a set sequence.

In some embodiments, obtaining an admissible compliance verification result of the to-be-compliant verification data center according to the compliance verification result of the to-be-compliant verification data center corresponding to each set category index includes: and displaying the passing rate of each set category index corresponding to the data center to be subjected to compliance verification and the basis corresponding to the compliance verification basis file in a directory mode, and taking the passing rate and the basis as the access compliance verification result of the data center to be subjected to compliance verification.

According to another aspect of the embodiments of the present invention, there is provided a data center admission compliance verification system, including:

the verification type determining module is used for respectively providing a plurality of data receiving entries with different set type indexes and corresponding data uploading prompt information;

the verification data acquisition module is used for receiving the uploaded data to be verified of the data center to be subjected to compliance verification at a provided data receiving inlet of the first set category index and loading a compliance verification basis file of the first set category index;

the automatic comparison and verification module is used for extracting corresponding fields of corresponding files from the data to be verified and the compliance verification base file to perform semantic comparison and verification under the condition that the data to be verified is a text file, and obtaining and displaying an automatic compliance verification report, wherein the automatic compliance verification report comprises qualified items, unqualified content lists and verification passing rate of the data to be verified;

the manual rechecking verification module is used for receiving the retransmission data of the unqualified items in the automatic compliance verification report and receiving the manual compliance verification result of the retransmission data corresponding to the unqualified items in the automatic compliance verification report;

the verification result integration module is used for updating the verification result of the corresponding unqualified item in the automatic compliance verification report by using the manual compliance verification result and updating the verification pass rate in the automatic compliance verification report to obtain the compliance verification result of the data center to be subjected to compliance verification corresponding to the first set category index;

and the verification result output module is used for obtaining the access compliance verification result of the data center to be subjected to compliance verification according to the compliance verification result of the data center to be subjected to compliance verification corresponding to each set class index.

In some embodiments, the data center admission compliance verification system further includes: and the OCR recognition module is used for performing OCR recognition on the data to be verified to obtain the data to be verified of the character file if the data to be verified is not the character file and is the picture file.

In some embodiments, the verification material acquisition module comprises:

the enterprise background data verification module is used for receiving the uploaded data to be verified of the data center to be subjected to compliance verification at the data receiving inlet of the provided enterprise background indexes and loading compliance verification basis files of the enterprise background indexes;

the data center construction data verification module is used for receiving the uploaded data to be verified of the data center to be subjected to compliance verification at a data receiving inlet of the provided data center construction indexes and loading compliance verification basis files of the data center construction indexes;

the data quality data verification module is used for receiving the uploaded data to be verified of the data center to be subjected to compliance verification at the data receiving inlet of the provided data quality index and loading a compliance verification basis file of the data quality index;

the data center safety data verification module is used for receiving the uploaded data to be verified of the data center to be subjected to compliance verification at a data receiving inlet of the provided data center safety index and loading a compliance verification basis file of the data center safety index;

an automatic comparison verification module comprising:

the system comprises an enterprise background information automatic verification module, a data receiving port and a display module, wherein the enterprise background information automatic verification module is used for extracting corresponding fields of corresponding files from compliance verification basis files of the information to be verified and the enterprise background indexes to carry out semantic comparison verification under the condition that the information to be verified received by the data receiving port of the enterprise background indexes is a text file, and obtaining and displaying an automatic compliance verification report of the enterprise background indexes, wherein the automatic compliance verification report comprises qualified items, unqualified content lists and verification passing rate of the information to be verified;

the data center construction data automatic verification module is used for extracting corresponding fields of corresponding files from the data to be verified and the compliance verification basis files of the data center construction indexes to carry out semantic comparison verification under the condition that the data to be verified received by the data receiving inlet of the data center construction indexes are character files, and obtaining and displaying an automatic compliance verification report of the data center construction indexes, wherein the automatic compliance verification report comprises qualified items, unqualified content lists and verification passing rate of the data to be verified;

the automatic verification module of the data quality data is used for extracting corresponding fields of corresponding files from the data to be verified and the compliance verification basis files of the data quality indexes to carry out semantic comparison verification under the condition that the data to be verified received by the data receiving inlet of the data quality indexes are character files, and obtaining and displaying an automatic compliance verification report of the data quality indexes, wherein the automatic compliance verification report comprises qualified items, unqualified content lists and verification passing rate of the data to be verified;

the data center safety data verification module is used for extracting corresponding fields of corresponding files from the data to be verified and the compliance verification basis files of the data center safety indexes to carry out semantic comparison verification under the condition that the data to be verified received by the data receiving inlet of the data center safety indexes are character files, and obtaining and displaying an automatic compliance verification report of the data center safety indexes, wherein the automatic compliance verification report comprises qualified items, unqualified content lists and verification passing rate of the data to be verified;

the manual review verification module comprises:

the enterprise background information manual rechecking verification module is used for receiving the retransmission information of the unqualified items in the automatic compliance verification report of the enterprise background index and receiving the manual compliance verification result of the retransmission information of the unqualified items in the automatic compliance verification report corresponding to the enterprise background index;

the data center construction data manual rechecking verification module is used for receiving the retransmission data of the unqualified items in the automatic compliance verification report of the data center construction indexes and receiving the manual compliance verification result of the retransmission data of the unqualified items in the automatic compliance verification report corresponding to the data center construction indexes;

the data quality data manual rechecking verification module is used for receiving the retransmission data of the unqualified items in the automatic compliance verification report of the data quality index and receiving the manual compliance verification result of the retransmission data of the unqualified items in the automatic compliance verification report corresponding to the data quality index;

the data center safety data manual rechecking verification module is used for receiving the retransmission data of the unqualified items in the automatic compliance verification report of the data center safety index and receiving the manual compliance verification result of the retransmission data of the unqualified items in the automatic compliance verification report corresponding to the data center safety index;

the verification result synthesis module comprises:

the enterprise background data verification result integration module is used for updating the verification result of the corresponding unqualified item in the automatic compliance verification report of the enterprise background index by using the manual compliance verification result of the enterprise background index, and updating the verification passing rate in the automatic compliance verification report of the enterprise background index to obtain the compliance verification result of the enterprise background index corresponding to the data center to be subjected to compliance verification;

the data center construction data verification result integration module is used for updating the verification result of the corresponding unqualified item in the automatic compliance verification report of the data center construction index by using the manual compliance verification result of the data center construction index, and updating the verification passing rate in the automatic compliance verification report of the data center construction index to obtain the compliance verification result of the corresponding data center construction index of the data center to be subjected to compliance verification;

the data quality data verification result integration module is used for updating the verification result of the corresponding unqualified item in the automatic compliance verification report of the data quality index by using the manual compliance verification result of the data quality index, and updating the verification passing rate in the automatic compliance verification report of the data quality index to obtain the compliance verification result of the corresponding data quality index of the data center to be subjected to compliance verification;

and the data center safety data verification result integration module is used for updating the verification result of the corresponding unqualified item in the automatic compliance verification report of the data center safety index by using the manual compliance verification result of the data center safety index, and updating the verification passing rate in the automatic compliance verification report of the data center safety index to obtain the compliance verification result of the data center safety index corresponding to the data center to be subjected to compliance verification.

According to another aspect of embodiments of the present invention, there is provided a computer-readable storage medium, on which a computer program is stored, which when executed by a processor implements the steps of the method of any of the above embodiments.

The data center access compliance verification method, the data center access compliance verification system and the computer readable storage medium can realize automatic verification of data to be verified according to the compliance verification file, improve the efficiency of data center access compliance verification, and improve the correctness of data center access compliance verification by further verifying unqualified items manually.

Drawings

In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts. In the drawings:

fig. 1 is a flowchart illustrating a method for verifying data center admission compliance according to an embodiment of the present invention;

fig. 2 is a schematic structural diagram of a data center admission compliance verification system according to an embodiment of the present invention;

fig. 3 is a schematic structural diagram of a data center admission compliance verification system according to an embodiment of the present invention;

fig. 4 is a flowchart illustrating a method for verifying data center admission compliance according to an embodiment of the present invention.

Detailed Description

In order to make the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the embodiments of the present invention are further described in detail below with reference to the accompanying drawings. The exemplary embodiments and descriptions of the present invention are provided to explain the present invention, but not to limit the present invention.

It should be noted in advance that the features described in the following embodiments or examples or mentioned therein can be combined with or replace the features in other embodiments or examples in the same or similar manner to form a possible implementation. In addition, the term "comprises/comprising" as used herein refers to the presence of a feature, element, step or component, but does not preclude the presence or addition of one or more other features, elements, steps or components.

Fig. 1 is a flowchart illustrating a method for verifying data center admission compliance according to an embodiment of the present invention. As shown in fig. 1, the data center admission compliance verification method may include the following steps S110 to S160.

Specific embodiments of steps S110 to S160 will be described in detail below.

Step S110: respectively providing a plurality of data receiving entries with different set type indexes and corresponding data uploading prompt information.

In step S110, the data receiving entry of a certain type of index may be used for the user to upload the data related to the certain type of index for detection or verification. The corresponding data uploading prompt information can include prompt information of data to be uploaded, and can be determined according to the corresponding category index. The plurality of different setting type indexes can comprise enterprise background indexes, data center construction indexes, data quality indexes and data center safety indexes. Each category index may correspond to a functional module.

Each index may be specifically partitioned for more detailed detection or verification. For example, the enterprise context indicators may include enterprise property requirements, capital constitution requirements, business decision rights requirements, personnel management requirements, business situation requirements, qualification requirements, credit rating requirements. The data center construction indexes can comprise construction scale requirements, geographic position requirements, machine room compliance requirements, network boundary requirements and data center asset requirements. The data quality indicators may include: data normalization requirements, data integrity requirements, data accuracy requirements, data consistency requirements, data effectiveness requirements, and data accessibility requirements. The data center security metrics may include: network security level protection requirements, network security review requirements, and network security risk assessment requirements.

The enterprise background index can investigate the admission background requirements of the unit, organization or enterprise to which the research data center belongs. The enterprise property requirements can be mainly used for investigating the enterprise properties of the units (responsibility main bodies) to which the data center belongs, and can comprise national enterprises, civil enterprises, foreign enterprises, joint venture enterprises and the like; the index name is 'enterprise name', and the corresponding 'index description' can be a complete enterprise name recorded by the industry and commerce; the index name is 'enterprise property', and the corresponding 'index description' can include the condition of enterprise property, and can be national enterprise, civil enterprise, foreign enterprise and joint venture enterprise. The capital constitution requirement is mainly used for investigating the capital constitution situation of the enterprise; the index name is "shareholder composition," and the corresponding "index description" may include a detailed listing of the shareholders of the enterprise; the index name is "stock control ratio", and the corresponding "index description" may include the detailed listing of the stock control ratio of the shareholder. The operation decision right requirement is mainly used for examining the operation decision right of an enterprise; the index name is 'enterprise organizational structure', and the corresponding 'index description' can comprise the detailed description of the organizational structure of the enterprise; the index name is 'operation decision right', and the corresponding 'index description' can comprise the operation decision right for describing the enterprise in detail; personnel management requirements are mainly used for investigating the background, the capability and the like of management layer personnel and data center personnel of an enterprise; the index name is "board of corresponding" index describe "can include the detailed description board of board; the index name is the 'board of directors' condition, and the corresponding 'index description' can include the personnel background condition and whether the foreign person exists; the index name is 'data center staffing situation', and the corresponding 'index description' can comprise the number of people, the background situation of the people, the capability of the people and the like. The operation condition requirements are mainly used for investigating the operation condition conditions of the enterprises, and can comprise total assets, liability conditions, profit conditions, liability rates and the like; the index name is 'enterprise total asset condition', and the corresponding 'index description' can comprise the steps of providing a financial audit report and explaining the total asset condition; the index name is "liability condition", and the corresponding index description "can include providing a description of liability condition of the enterprise; the index name is 'profit condition', and the corresponding 'index description' can comprise the explanation of the profit condition of the enterprise; the index name is "liability rate", and the corresponding "index description" may include accounting for changes in liability rate in recent years. The qualification requirements are mainly used for inspecting the qualification conditions acquired by enterprises, including IDC license plates, cloud service license plates and the like; the index name is 'IDC license plate', and the corresponding 'index description' can comprise the provision of IDC license plate; the index name is 'cloud service license plate', and the corresponding 'index description' can comprise the provision of the cloud service license plate; the index name is "other license plate," and the corresponding "index description" may include qualifications, license plates, etc. that provide other provable capabilities. The credit rating requirement is mainly used for inspecting the credit rating condition of an enterprise and the like; the index name is 'credit level requirement', and the corresponding 'index description' can comprise the description of providing the credit level situation of the enterprise; the index name is "illegal violation condition," and the corresponding "index description" may include the behavior of whether there was an illegal violation historically.

The data center construction index can investigate the condition of the data center. The construction scale requirement is mainly used for evaluating the construction area of a data center, the construction scale of a machine room, the resource distribution condition (calculation, network, storage and the like) and the like; the index name is 'data center construction area', and the corresponding 'index description' can comprise a data center floor area (drawing) RT identification technology; the index name is 'data center machine room construction scale', and the corresponding 'index description' can comprise the number of machine rooms and the construction area of the machine rooms; the index name is "resource allocation condition", and the corresponding "index description" may include that the physical resource allocation condition is mainly considered, including the deployment condition of the physical server, the network device, and the storage device. The geographical position requirement is mainly used for evaluating the position of a data center, the position of a machine room, the position of key physical equipment, a data storage position, a data backup position and the like; the index name is 'the position of the data center', and the corresponding 'index description' can mainly investigate the physical position of the data center accessed to the national integrated big data center, and is positioned in China or abroad; the index name is the position of the machine room, and the corresponding index description can comprise the position of the machine room which is mainly inspected; the index name is the position of the key physical equipment, and the corresponding index description can mainly examine the position of the key physical equipment, including a physical server, network equipment, storage equipment, other hardware equipment and the like; the index name is "data storage location", and the corresponding "index description" may include the main survey data storage location, such as stored inside a data center; the index name is 'data backup position', and the corresponding 'index description' can comprise that the data backup position is mainly considered, whether the data backup position is stored in China or backed up to the outside. The requirement of the computer room compliance can refer to the requirements of GB/T9361 plus 2011 'computer site safety requirement' and GB 50174 plus 2008 'electronic information system computer room design specification'; the index name is 'selection of physical position', and the corresponding 'index description' can comprise 1) a machine room and an office site are selected in a building with the capabilities of shock resistance, wind resistance, rain resistance and the like, and 2) the machine room site is prevented from being arranged at a high layer or a basement of the building and a lower layer or a partition wall of water utilization equipment; the index name is 'physical access control', and the corresponding 'index description' can comprise 1) a special person is required to be arranged at the entrance and exit of the machine room to control, identify and record the entering person, 2) the visitor who needs to enter the machine room is required to pass through the application and approval process and limit and monitor the activity range, 3) the machine room is managed in divided areas, a physical isolation device is arranged between the areas, transition areas such as delivery or installation are arranged in front of the important area, and 4) an electronic access control system is required to be arranged in the important area to control, identify and record the entering person; the index name is anti-theft and anti-damage, the corresponding index description can include 1) main equipment should be placed in a machine room, 2) equipment or main parts should be fixed and obviously marks which are difficult to remove are set, 3) communication cables should be laid at hidden positions and can be laid underground or in pipelines, 4) medium classification marks should be dealt with and stored in a medium library or a file room, 5) a machine room anti-theft alarm system should be set by using technologies such as light, electricity and the like, and 6) a monitoring alarm system should be set in the machine room; the index name is 'lightning protection', and the corresponding 'index description' can comprise 1) a lightning protection device should be arranged in a machine room building, 2) a lightning protection protector should be arranged to prevent induction lightning, and 3) an alternating current power supply ground wire should be arranged in the machine room; the index name is 'fire prevention', the corresponding 'index description' can comprise 1) the machine room is provided with a fire automatic fire-fighting system which can automatically detect the fire, automatically alarm and automatically extinguish fire, 2) the machine room and the related working room and auxiliary room are made of building materials with fire-resistant grade, and 3) the machine room is made of regional isolation fire-proof measures to isolate important equipment from other equipment; the index name is waterproof and moistureproof, and the corresponding index description can comprise 1) water pipe installation which cannot penetrate through the roof and the movable floor of the machine room, 2) measures to prevent rainwater from permeating through windows, roofs and walls of the machine room, 3) measures to prevent water vapor condensation and transfer and permeation of underground accumulated water in the machine room, and 4) a detection instrument or element sensitive to water is installed to perform waterproof detection and alarm on the machine room; the index name is 'antistatic', and the corresponding 'index description' can comprise 1) the main equipment should adopt necessary grounding antistatic measures, and 2) the machine room should adopt an antistatic floor; the index name is 'temperature and humidity control', and the corresponding 'index description' can comprise that a temperature and humidity automatic adjusting facility is arranged in the machine room, so that the temperature and humidity change of the machine room is in the allowable range of equipment operation; the index name is 'power supply', and the corresponding 'index description' can comprise 1) a voltage stabilizer and overvoltage protection equipment should be arranged on a power supply line of a machine room, 2) short-term standby power supply should be provided, and at least the normal operation requirement of main equipment under the condition of power failure is met, 3) redundant or parallel power cable lines should be arranged to supply power to a computer system, and 4) a standby power supply system should be established; the index name is 'electromagnetic protection', and the corresponding 'index description' can include 1) external electromagnetic interference and equipment parasitic coupling interference should be prevented by adopting a grounding mode, 2) power lines and communication cables should be laid in an isolation mode to avoid mutual interference, and 3) key equipment and magnetic media should be shielded electromagnetically. The network boundary requirement is mainly used for inspecting whether the network boundary of the data center is clear, whether the network boundary protection is strict and whether the management boundary is clear; the index name is "network topology", and the corresponding "index description" may include providing data center network topology; the index name is "network boundary," and the corresponding "index description" may include whether the network boundary is explicit in the network topology; the index name is 'boundary protection', and the corresponding 'index description' can include whether the boundary protection condition is strict or not; the index name is 'management boundary', and the corresponding 'index description' can include whether the network management boundary is clear or not and whether the responsibility division is reasonable or not. The data center asset requirements are mainly used for investigating the data center asset conditions, and can comprise asset scale, asset ownership, data center access asset conditions and the like; the index name is 'asset list', and the corresponding 'index description' can comprise the steps of providing a data center asset list; the index name is 'property ownership', and the corresponding 'index description' can comprise the specific data center property ownership; the index name is "data center access asset" and a corresponding "index description" may include an explicit listing of data center access related asset instances.

The data quality index can be used to examine aspects of data quality. The data normalization requirement may refer to the degree to which the data conforms to a data standard, a data model, a business rule, metadata, or authoritative reference data; the index name is 'data standard', and the corresponding 'index description' can comprise the measurement that the data meets the data standard (note 1: the standard that the collected data is required to follow when naming, creating, defining, updating and filing when evaluating the data quality, including international standard, national standard, industry standard, local standard or relevant regulation, and the like; note 2: the same as or more important than data filing, and the destruction of the old data in a complete data rule generally has a more detailed and performable regulation); the index name is 'data model', and the corresponding 'index description' can comprise the measurement that the data conforms to the data model (note 1: the data model is a means for intuitively describing the structure of the organization data and is the specification of data expression; note 2: whether clearly understandable data model definition and the organization form of the data exist or not needs to be checked when evaluating the data quality); the index name is "metadata", and the corresponding "index description" may include a measure of the data's conformity to the metadata definition (note: metadata labels, descriptions, or other data are depicted to make it easier to retrieve, or use information; evaluation of data quality requires checking whether a interpretable metadata document is provided; for example: a data dictionary containing the contents of field names, descriptions, type value fields, etc. is a metadata document); the index name is 'business rule', and the corresponding 'index description' can include the measurement that the data accords with the business rule (note 1: the business rule is an authoritative principle or guideline for describing business interaction and establishing the rule of action and data behavior result and integrity; note 2: the business rule of good filing needs to be checked when evaluating the data quality); the index name is 'authoritative reference data', and the corresponding 'index description' can comprise a value set or a classification table for reference of the reference data, such as a system, application software, a database, a process, a report, a transaction record and a main record (note that a reference data list needs to be collected when evaluating the data quality; for example, a valid value list for a specific field is a reference data type); the index name is "security specification", and the corresponding "index description" may include that the security specification is a rule in terms of security and privacy, including data authority management, data desensitization processing, and the like. Data integrity requirements may refer to the degree to which data elements are assigned values as required by the data rules; the index name is 'data element integrity', and the corresponding 'index description' can comprise the assignment degree of the data elements to be assigned in the data set according to the requirement of the business rule; the index name is "data record integrity", and the corresponding "index description" may include the degree of assignment of the data record to which the value in the data set should be assigned, as required by the business rules. Data accuracy may refer to the degree to which it provides the true value of the data; the index name is "data content correctness", and the corresponding "index description" may include whether the data content is expected data; the index name is 'data format compliance', and the corresponding 'index description' can include whether the data format (including data type, numerical range, data length, precision and the like) meets the expected requirement (for example: the content except male/female cannot appear in the sex column, punctuation marks cannot appear in the identity card number, and some limits on character coding are realized by specifying the format of the content); the index name is "data repetition rate," and the corresponding "index description" may include a measure of accidental repetition of a particular field, record, file, or data set; the index name is "data uniqueness rate", and the corresponding "index description" may include a measure of uniqueness of a particular field, record, file, or data set; the index name is "dirty data occurrence rate," and the corresponding "index description" may include a measure of invalid data outside of the correct field, record, file, or data set (e.g., dirty data may occur when a transaction rolls back due to an incomplete or imperfect rollback mechanism). Data consistency requirements may refer to the degree to which data is not inconsistent with data used in other specific contexts; the index name is 'same data consistency', the corresponding 'index description' can include the consistency of the data when the same data is stored in different positions or used by different applications or users, and the same data stored in different positions is synchronously modified when the data is changed; the index name is "associated data consistency", and the corresponding "index description" may include checking the consistency of the associated data according to a consistency constraint rule. The data validity requirement may refer to: the degree of correctness of the data in time variation; the index name is "correctness based on time period", and the corresponding "index description" may include the degree to which the number of records or frequency distribution based on the date range meets the business requirement; the index name is "based on the timeliness of the time point", and the corresponding index description "can include the degree that the record number, frequency distribution or delay time based on the timestamp meet the service requirement; the index name is "chronology," and a corresponding "index description" may include relative chronological relationships between data elements of the same entity in a dataset. Data accessibility requirements may refer to the extent to which data can be accessed; the index name is "accessible," and the corresponding "index description" may include the availability of data as needed; the index name is "availability," and the corresponding "index description" may include the availability of the data within a set effective life cycle.

The data center safety index is mainly used for inspecting various safety conditions of the data center. The network security level protection requirement is mainly used for inspecting the data center level protection implementation situation; the index name is 'information system number', and the corresponding 'index description' can comprise the total number of the information systems of the data center; the index name is 'grading and filing', and the corresponding 'index description' can include whether the data center and the information system are subjected to network security level protection grading and filing or not; the index name is 'level protection evaluation', and the corresponding 'index description' can comprise whether level protection evaluation work is carried out or not; the index name is 'grade evaluation conclusion', and the corresponding 'index description' can comprise whether the grade protection evaluation conclusion is basically or accords. The network security examination requirements can be requirements of network security examination proposed by central network letter, and the cloud computing platform providing services should pass the network security examination by combining the requirements of network product and service security examination methods (trial); the index name is 'network security examination application condition', and the corresponding 'index description' can comprise whether the party administration cloud service network security examination is applied or not; the index name is 'network security examination development situation', and the corresponding 'index description' can comprise whether the examination work is carried out or not; the index name is "network security review pass condition", and the corresponding "index description" may include whether the review has passed. The network security risk assessment requirement is mainly used for investigating the development condition of data center risk assessment work; the index name is 'risk assessment development situation', and the corresponding 'index description' can include whether risk assessment work is regularly carried out on the data center information system; the index name is "risk rectification condition", and the corresponding "index description" may include whether or not the vulnerability found in the risk assessment work is rectified.

In specific implementation, the data receiving entries can be provided in a certain sequence for the user to upload data for verification or detection. For example, the step S110, namely, providing a plurality of data receiving entries with different setting type indexes and corresponding data uploading prompt information respectively, may specifically include: providing a plurality of data receiving entries with different set type indexes and corresponding data uploading prompt information according to a set sequence. For example, the data receiving entries may be provided in the order of enterprise background index- > data center construction index- > data quality index- > data center security index. More specifically, for example, the verification or detection of the enterprise background index, the data center construction index, the data quality index, and the data center security index may be completed by providing the data receiving entry corresponding to the enterprise background index, performing subsequent steps S120 to S150, providing the data receiving entry corresponding to the data center construction index, and repeating the steps in sequence.

In other embodiments, the data receiving entries of the indexes of the respective categories may be displayed simultaneously, that is, the function modules may be displayed simultaneously.

Step S120: and receiving the uploaded to-be-verified data of the to-be-compliant verification data center at the provided first data receiving inlet with the set category index, and loading a compliance verification basis file with the first set category index.

In step S120, the data to be verified may be uploaded from the corresponding data receiving entry by the user according to the set category index. The data to be verified that a certain category of indexes needs to be uploaded can comprise one or more. The compliance verification base file (data center compliance verification index standard) can be derived from a national data center standard system file, and a compliance verification data center compliance database can be formed according to the national data center standard system file, so that the compliance verification base file required when the corresponding index is detected can be read or loaded from the database. The data to be verified may be text data, or may be other types of data, such as picture data.

Step S130: and under the condition that the data to be verified is a text file, extracting corresponding fields of corresponding files from the data to be verified and the compliance verification basis file to perform semantic comparison verification, and obtaining and displaying an automatic compliance verification report, wherein the automatic compliance verification report comprises qualified items, unqualified content lists and verification passing rate of the data to be verified.

In step S130, when the data to be verified is text data, the corresponding data file can be found from the data to be verified and the compliance verification reference file according to the file name, the extension name, and the like. And corresponding fields can be found from two corresponding files and then the contents of the fields can be verified by means of a sense comparison. One or more items may be contained in one file. After automatic verification, an automatic compliance verification report corresponding to the category index can be generated, and a qualified item, an unqualified content list, a verification passing rate and the like can be output and displayed in the report, and the report can also comprise an unsuitable item, a score value and the like. Therefore, fine-grained automatic verification information can be obtained. Wherein, the verification passing rate can be a weighted ratio of the qualified items.

In a specific implementation, the step S130 may specifically include: screening data files meeting set conditions from the data to be verified and the compliance verification basis files, and reading corresponding fields in the screened data files; storing corresponding fields in the screened data files as fields to be verified in a set list; then checking whether the field of the data to be verified stored in the setting list meets the requirements or rules of the field of the compliance verification reference file, if so, the field is compliant; when the fields to be verified in the same data file are all in compliance, if all the data files of the item corresponding to the data file are in compliance, the item is in compliance, otherwise, the item is not in compliance.

In other embodiments, the conversion may be performed if the data to be verified is not text. Illustratively, the method shown in fig. 1 may further include the steps of: s170, under the condition that the data to be verified is not a character file, if the data to be verified is a picture file, performing OCR (optical character recognition) on the data to be verified, and enabling the data to be verified of the character file. After the text is converted into the text, the semantic comparison and verification can be further performed by using the data to be verified of the text file.

Step S140: and receiving the retransmission data of the unqualified items in the automatic compliance verification report, and receiving a manual compliance verification result of the retransmission data corresponding to the unqualified items in the automatic compliance verification report.

In step S140, the corresponding data receiving entry may be newly provided for the unqualified item in the automatic compliance verification report, so that the user may upload the unqualified item of data again, and then manually review the retransmitted data. Wherein the human may focus on verification by checking in conjunction with the list of non-conforming content in the automatic compliance verification report. After manual re-verification, the manual compliance verification result can be uploaded to the system, so that the final verification result not only improves the efficiency through automatic verification, but also can consider the manual recheck result, and the verification accuracy is ensured.

Step S150: and updating the verification result of the corresponding unqualified item in the automatic compliance verification report by using the manual compliance verification result, and updating the verification passing rate in the automatic compliance verification report to obtain the compliance verification result of the data center to be subjected to compliance verification, which corresponds to the first set category index.

In this step S150, in a specific implementation, if the result of the manual compliance verification of a certain item is different from the original non-compliance result, the result of the automatically verified non-compliance item may be replaced with the result of the manual verification. If some automatically verified unqualified items become qualified items after manual verification, the verification passing rate can also change correspondingly, so that the verification passing rate can be updated.

Step S160: and obtaining an admission compliance verification result of the data center to be subjected to compliance verification according to the compliance verification result of the data center to be subjected to compliance verification corresponding to each set category index.

In step S160, the passing rates in the compliance verification results of each set category index may be weighted and summed to obtain a total score, or the results of each index may be output separately. The result of the data center compliance verification may be a passing rate of the final data center compliance verification obtained by calculating the data compliance rate of each module.

For example, in practical implementation, the step S160 may specifically include: and S161, displaying the passing rate of each set category index corresponding to the data center to be subjected to compliance verification and the basis corresponding to the compliance verification basis file in a directory form, and taking the passing rate and the basis as the admission compliance verification result of the data center to be subjected to compliance verification. Therefore, the verification condition and the verification basis condition of each index can be clearly known, and further verification can be facilitated.

Based on the same inventive concept as the data center admission compliance verification method shown in fig. 1, an embodiment of the present invention further provides a data center admission compliance verification apparatus, as described in the following embodiments. Because the principle of solving the problem of the data center admission compliance verification device is similar to that of the data center admission compliance verification method, the implementation of the data center admission compliance verification device can refer to the implementation of the data center admission compliance verification method, and repeated parts are not described again.

Fig. 2 is a schematic structural diagram of a data center admission compliance verification system according to an embodiment of the present invention. As shown in fig. 2, a data center admission compliance verification system of some embodiments may include: a verification type determining module 210, a verification data obtaining module 220, an automatic comparison verification module 230, a manual review verification module 240, a verification result integrating module 250 and a verification result outputting module 260.

The verification type determining module 210 is configured to provide a plurality of data receiving entries with different set type indexes and corresponding data uploading prompt information.

The verification data obtaining module 220 is configured to receive the uploaded data to be verified of the data center to be subjected to compliance verification at the provided data receiving entry of the first set category index, and load a compliance verification reference file of the first set category index.

The automatic comparison and verification module 230 is configured to, when the to-be-verified data is a text file, extract corresponding fields of corresponding files from the to-be-verified data and the compliance verification reference file to perform semantic comparison and verification, and obtain and display an automatic compliance verification report, where the automatic compliance verification report includes a qualified item, an unqualified content list, and a verification passing rate of the to-be-verified data.

A manual review verification module 240, configured to receive the retransmission data of the unqualified item in the automatic compliance verification report, and receive a manual compliance verification result corresponding to the retransmission data of the unqualified item in the automatic compliance verification report.

And the verification result integration module 250 is configured to update the verification result of the corresponding unqualified item in the automatic compliance verification report by using the manual compliance verification result, and update the verification pass rate in the automatic compliance verification report to obtain the compliance verification result of the to-be-compliant verification data center corresponding to the first set category index.

And the verification result output module 260 is configured to obtain an admission compliance verification result of the data center to be subjected to compliance verification according to the compliance verification result of the data center to be subjected to compliance verification corresponding to each set category index.

In some embodiments, the data center admission compliance verification system shown in fig. 2 may further include: an OCR recognition module. And the OCR recognition module is used for performing OCR recognition on the data to be verified to obtain the data to be verified of the character file if the data to be verified is not the character file and is the picture file.

In some embodiments, the plurality of different setting category indicators may include an enterprise background indicator, a data center construction indicator, a data quality indicator, and a data center security indicator.

In some embodiments, the enterprise context indicators may include enterprise property requirements, capital construction requirements, business decision rights requirements, personnel management requirements, business situation requirements, qualification requirements, credit rating requirements; the data center construction indexes can comprise construction scale requirements, geographic position requirements, machine room compliance requirements, network boundary requirements and data center asset requirements; the data quality indicators may include: the method comprises the following steps of (1) requiring data normalization, data integrity, data accuracy, data consistency, data effectiveness and data accessibility; the data center security metrics may include: network security level protection requirements, network security review requirements, and network security risk assessment requirements.

In some embodiments, the verification type determining module 210 is specifically configured to provide a plurality of data receiving entries with different setting type indicators and corresponding data uploading prompt messages in a setting order.

In some embodiments, the verification result output module 260 is specifically configured to display, in a directory format, the passing rate of each set type index corresponding to the data center to be subjected to compliance verification and the basis corresponding to the compliance verification basis file as the admission compliance verification result of the data center to be subjected to compliance verification.

In some embodiments, the verification material obtaining module 220 may include:

and the data center safety data verification module is used for receiving the uploaded data to be verified of the data center to be subjected to compliance verification at the data receiving inlet of the provided data center safety index and loading a compliance verification basis file of the data center safety index.

In some embodiments, the automatic alignment verification module 230 may include:

the data center safety data verification module is used for extracting corresponding fields of corresponding files from the data to be verified and the compliance verification basis files of the data center safety indexes to carry out semantic comparison verification under the condition that the data to be verified received by the data receiving inlet of the data center safety indexes are character files, and obtaining and displaying an automatic compliance verification report of the data center safety indexes, wherein the automatic compliance verification report comprises qualified items, unqualified content lists and verification passing rates of the data to be verified.

In some embodiments, the manual review verification module 240 may include:

and the data center safety data manual rechecking verification module is used for receiving the retransmission data of the unqualified items in the automatic compliance verification report of the data center safety indexes and receiving the manual compliance verification result of the retransmission data of the unqualified items in the automatic compliance verification report corresponding to the data center safety indexes.

In some embodiments, the verification result integration module 250 may include:

In addition, an embodiment of the present invention further provides a computer-readable storage medium, on which a computer program is stored, and the computer program, when executed by a processor, implements the steps of the method according to any of the above embodiments.

In order that those skilled in the art will better understand the present invention, embodiments of the present invention will be described below with reference to specific examples.

Fig. 3 is a schematic structural diagram of a data center admission compliance verification system according to an embodiment of the present invention. Referring to fig. 3, the system mainly utilizes an artificial intelligence semantic recognition technology to perform analysis and verification (wherein, image data is subjected to semantic recognition and verification after being subjected to character conversion mainly through an OCR recognition technology), and performs compliance detection on background requirements, data center construction requirements, data quality requirements and data center safety compliance of a unit, a mechanism or an enterprise to which the data center belongs, and a system platform can be divided into five modules: the system comprises an enterprise background module, a data center module, a data quality module, a data center safety module and a comprehensive index evaluation module. The enterprise background module, the data center module, the data quality module and the data center security module are exemplified by the enterprise background module: the module comprises data uploading, a compliance verification basis, a compliance verification result detail page, a manual compliance verification page and a compliance evaluation result page; wherein, the content of the compliance verification result page may be: giving the passing rate and the verification basis of the compliance or the non-compliance of each verified file in a directory form; the manual compliance verification page contents may be: the result is input without passing through the item detail and data uploading module; the compliance assessment results page content may include: compliance items, non-compliance items, list of non-compliance contents and total score, the above evaluation result contents can be obtained from the results obtained by combining automatic evaluation and manual evaluation. The comprehensive index evaluation module can mainly present four evaluation standard comprehensive evaluation results of enterprise background, data center, data quality and data center safety, and the page content can be as follows: each item verification score histogram.

Fig. 4 is a flowchart illustrating a method for verifying data center admission compliance according to an embodiment of the present invention. Referring to fig. 4, according to the data center verification index, the verification system specifically includes the following steps:

1. adding corresponding index data to the system according to the index classification;

2. according to the data center verification index, the system inspects the enterprise to be detected and inputs an inspection file into the system (in the steps, the method also comprises the following steps of performing OCR recognition on picture data, storing the data file in a corresponding data folder after recognition, and performing the first step);

3. the system utilizes artificial intelligence semantic recognition technology to verify the input file data, automatically compares and verifies the input file data, and gives a qualified rate and an unqualified item list;

4. manually verifying the non-compliance data and the non-compliance items according to the verification result of the system;

5. after manual verification, the system inputs the verification result into an enterprise background verification compliance report;

6. after the verification is finished, the system generates a verification report according to the verification result, wherein the report content comprises: compliance terms, non-compliance terms, list of non-compliance content, and total score;

7. repeating the steps 1-6 for other items;

8. and finally obtaining a comprehensive data center compliance verification index after the four modules are verified.

And the system is divided into four modules according to the inspection indexes, the four modules are verified according to the procedures, and after the verification is finished, the system automatically synthesizes a final data center compliance comprehensive report.

The data center admission compliance verification is that in the construction of a national integrated big data center, the admission compliance of each dispersed data center accessed to the big data center through a network is evaluated, the key points of the evaluation can comprise the background requirements of the unit, mechanism or enterprise to which the data center belongs, the data center construction requirements, the data quality requirements and the data center safety compliance requirements, and the background controllable condition of the data center responsibility main body, the data center construction scale, the data quality, the data center safety protection capability and the like are comprehensively evaluated.

Compared with the prior art, the verification method for the access compliance of the integrated large data center construction data center is established, the data center access verification evaluation indexes are mainly designed around the background requirements of the unit, the organization or the enterprise to which the data center belongs, the data center construction requirements, the data quality requirements and the data center safety compliance requirements, and the background controllable condition of the data center responsibility main body, the data center construction scale, the data quality, the data center safety protection capability and the like are comprehensively evaluated.

In summary, the data center admission compliance verification method, the data center admission compliance verification system and the computer-readable storage medium according to the embodiments of the present invention can implement automatic verification of data to be verified according to a compliance verification reference file, thereby improving the efficiency of data center admission compliance verification, and further improve the correctness of data center admission compliance verification by further verifying the unqualified items manually.

In the description herein, reference to the description of the terms "one embodiment," "a particular embodiment," "some embodiments," "for example," "an example," "a particular example," or "some examples," etc., means that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the invention. In this specification, the schematic representations of the terms used above do not necessarily refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples. The sequence of steps involved in the various embodiments is provided to schematically illustrate the practice of the invention, and the sequence of steps is not limited and can be suitably adjusted as desired.

As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.

The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

The above-mentioned embodiments are intended to illustrate the objects, technical solutions and advantages of the present invention in further detail, and it should be understood that the above-mentioned embodiments are only exemplary embodiments of the present invention, and are not intended to limit the scope of the present invention, and any modifications, equivalent substitutions, improvements and the like made within the spirit and principle of the present invention should be included in the scope of the present invention.

Claims

1. A data center admission compliance verification method is characterized by comprising the following steps:

2. The data center admission compliance verification method of claim 1, further comprising:

and under the condition that the data to be verified is not a character file, if the data to be verified is a picture file, performing OCR (optical character recognition) on the data to be verified, and taking the data to be verified as the data to be verified of the character file.

3. The method for verifying data center admission compliance of claim 1, wherein the plurality of different setting category indicators include an enterprise background indicator, a data center construction indicator, a data quality indicator, and a data center security indicator.

4. The data center admission compliance verification method of claim 3,

the enterprise background indexes comprise enterprise property requirements, capital constitution requirements, operation decision rights requirements, personnel management requirements, operation condition requirements, qualification requirements and credit level requirements;

the data center construction indexes comprise construction scale requirements, geographic position requirements, machine room compliance requirements, network boundary requirements and data center asset requirements;

the data quality index comprises: the method comprises the following steps of (1) requiring data normalization, data integrity, data accuracy, data consistency, data effectiveness and data accessibility;

the data center safety indexes comprise: network security level protection requirements, network security review requirements, and network security risk assessment requirements.

5. The data center admission compliance verification method of claim 1,

the data receiving entrance and corresponding data uploading prompt information which respectively provide a plurality of different set category indexes comprises:

providing a plurality of data receiving entries with different set type indexes and corresponding data uploading prompt information according to a set sequence.

6. The method for verifying the admittance compliance of a data center according to claim 1, wherein obtaining the admittance compliance verification result of the data center to be complied with according to the compliance verification result of the data center to be complied with and corresponding to each of the set category indexes comprises:

and displaying the passing rate of each set category index corresponding to the data center to be subjected to compliance verification and the basis corresponding to the compliance verification basis file in a directory mode, and taking the passing rate and the basis as the access compliance verification result of the data center to be subjected to compliance verification.

7. A data center admission compliance verification system, comprising:

8. The data center admission compliance verification system of claim 7, further comprising:

and the OCR recognition module is used for performing OCR recognition on the data to be verified to obtain the data to be verified of the character file if the data to be verified is not the character file and is the picture file.

9. The data center admission compliance verification system of claim 7,

the verification data acquisition module comprises:

an automatic comparison verification module comprising:

the manual review verification module comprises:

the verification result synthesis module comprises:

10. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 6.