Disclosure of Invention
The technical problem to be solved by the present invention is to provide a method, a storage medium, and a system for protecting data privacy based on API registration in view of the above-mentioned defects in the prior art.
The technical scheme adopted by the invention for solving the technical problems is as follows: according to one aspect of the present invention, an API registration-based data privacy protection method is provided, in which an intelligent data protection device is used to perform service registration, authority control, and log writing, and the method includes the following steps:
s100, configuring privacy protection rules, wherein the privacy protection rules comprise resource permission rules, role authority rules and agent identifier rules;
s200, registering and storing the registration events according to an event format, and matching each registration event with the corresponding privacy protection rule; registering the registration event on a GUI page, including: capturing a data source, registering events according to pedestrians, events, time, places and objects, filling a path or a regular expression or a node name of a field analyzed by the corresponding data source into a field of each registered event, setting the privacy protection rule for the field of each registered event, and setting a role type for each registered event;
s300, according to the privacy protection rule, data request and feedback are carried out on the registration event.
Preferably, the event format includes an event definition, an attendee, an event time, an event source, and an attendee; the event definition comprises an event name, an event type, an operation type, occurrence time, an occurrence result and an event purpose; the participants comprise participant names, participant types, security role types, requester identities, agent identifiers, whether requesters, networks sent, policy plans, media types and usage purposes; the event source comprises an event occurrence place, a source identifier and a source type; the participant includes a participant name, a participant instance, a participant type, a role code, a life cycle code, a security identification, query parameters, and detailed information.
Preferably, the S200 includes the steps of:
s210, determining a data source format of the registration event, wherein the data source format comprises a json format, a text format or an xml format;
s220, registering and storing the registration event according to the event format according to different data source formats;
s230, matching the corresponding privacy protection rule for each registration event, and particularly refining to match the corresponding privacy protection rule for each data in the event format.
Preferably, if the data source format of the registration event is the JSON format, after data analysis, the list of the registration event displays each field and a PATH position corresponding to a JSON-PATH field corresponding to each field;
if the data source format of the registration event is the text format, after data analysis is carried out, each field and a regular expression corresponding to each field are displayed in the list of the registration event;
if the data source format of the registration event is the xml format, after data analysis is performed, each field and the node name corresponding to each field are displayed in the list of the registration event.
Preferably, the role division of the registration event, the field of the page role type of the requester identifier, and the field of the agent identifier are respectively set corresponding to different data source formats.
Preferably, the S300 includes the steps of:
s301, a requester sends a data request to a gateway;
s302, checking the ID of the requester, and judging whether the requester is in a white list or a black list; if the white list is included, executing S303; if the data request is in the blacklist, intercepting the data request and ending;
s303, requesting data and judging whether the authority exists; if yes, executing S304; if not, the data is not checked, and the process is finished;
s304, judging whether the authority accords with the authority granularity rule, if so, executing S305; if not, feeding back to the requester;
s305, reading the privacy protection rule, converting the data and feeding back the data to the requester.
Preferably, the privacy protection rules may be queried, added, edited, maintained and/or stored in terms, subsets, mappings and publications.
Preferably, the permission granularity rule can utilize a k-anonymization algorithm to carry out anonymization processing on the data.
According to the second aspect of the present invention, there is also provided a computer-readable storage medium, on which a computer program is stored, which, when executed, implements the API registration-based data privacy protection method described above.
According to a third aspect of the present invention, there is also provided an API registration based data privacy protection system, including a processor and a memory; the memory is configured to store a computer program, and the processor is configured to execute the computer program stored by the memory to cause the processor to perform the API registration based data privacy protection method as described above.
The technical scheme of the data privacy protection method and system based on the API registration has the following advantages or beneficial effects: the data privacy protection method based on the API registration carries out event registration on a registration platform according to people, events, time, places and objects, sets privacy granularity, role authority, agent identifiers and the like to carry out data processing and data privacy protection, further realizes role division on requesters with different identities, provides different control authorities for different roles and the like, and provides an effective data presentation effect while giving consideration to privacy.
Detailed Description
In order that the objects, aspects and advantages of the present invention will become more apparent, various exemplary embodiments will be described below with reference to the accompanying drawings, which form a part hereof, and in which are shown by way of illustration various exemplary embodiments in which the invention may be practiced, unless otherwise indicated, and in which like numerals in different drawings represent the same or similar elements. The implementations described in the exemplary embodiments below do not represent all implementations consistent with the present disclosure. It is to be understood that they are merely examples of apparatus and methods consistent with certain aspects of the present disclosure, as detailed in the appended claims, and that other embodiments may be used, or structural and functional modifications may be made to the embodiments set forth herein, without departing from the scope and spirit of the present disclosure. In other instances, detailed descriptions of well-known storage media, systems and methods are omitted so as not to obscure the description of the present invention with unnecessary detail.
In the description of the present invention, it is to be understood that the terms "first", "second" and the like are used for descriptive purposes only and are not to be construed as indicating or implying relative importance or implying any number of technical features indicated. Thus, the features defined as "first" and "second" may explicitly or implicitly include one or more of the described features. In the description of the present invention, "a plurality" means two or more unless specifically defined otherwise. It should be noted that the terms "mounted," "connected," and "connected" are to be construed broadly unless otherwise specifically indicated and limited. The specific meanings of the above terms in the present invention can be understood by those skilled in the art according to specific situations.
The first embodiment is as follows:
the event registration service of the invention registers each behavior data through the gateway API, such as request parameters, server return parameters, the log of the gateway and the like, and converts the log format generated by the behavior into the event format according to the event format, so that the log format corresponds to the event format. When the actual event registration behavior occurs, the event registration obtains a log in the actual situation, then the log is written in by converting the registration behavior into an event format, and the whole event registration service is designed by converting each actual behavior after log tracking into the behavior of the event format. According to the data privacy protection method based on the API registration, event registration is carried out on a registration platform according to people, events, time, places and objects, privacy granularity, role authority, agent identifiers and the like are set for data processing and data privacy protection, role division is further achieved for requesters with different identities, different control authorities are provided for different roles, and the effective data presentation effect is provided while privacy is considered.
As shown in fig. 1, the present invention provides an embodiment of a data privacy protection method based on API registration, including the following steps:
s100, configuring privacy protection rules, wherein the privacy protection rules comprise resource permission rules, role authority rules and agent identifier rules; specifically, a corresponding privacy protection rule is configured for each registration event in the data source format; more specifically, the privacy protection rules can be defined according to actual requirements, for example, a hidden code rule can be set when a certain piece of data is not seen by others; alternatively, read-only rules, etc. may be set without being modified by others.
S200, registering and storing the registered events according to the event format, and matching each registered event with the corresponding privacy protection rule.
Specifically, the event format comprises an event definition, participants, an event time, an event source and participants; specifically, the event definition includes an event name, an event type, an operation type, an occurrence time, an occurrence result, and an event purpose; the participants comprise participant names, participant types, security role types, requester identities, agent identifiers, whether requesters, networks sent, policy plans, media types and usage purposes; the event source comprises an event occurrence place, a source identifier and a source type; the participant includes a participant name, a participant instance, a participant type (code), a role code, a life cycle code (code), a security identification, query parameters, and detailed information. A more detailed event format is shown in fig. 11 and table 1.
S300, according to the privacy protection rule, data request and feedback are carried out on the registration event.
Fig. 2 is a system architecture diagram, in which the event registration service registers each behavior data through the gateway API, for example, the behavior data includes request parameters, server return parameters, a log of the gateway, and the like, and converts a log format generated by a behavior into an event format according to a format of a registered event, so that the log format corresponds to the event format. When the actual behavior occurs, the event registration service obtains the log in the actual situation, and then the log is written in by converting the registration behavior into the event format, and the whole event registration service is designed by tracking the behavior of each actual behavior converted into the event format by the log. The event format is shown in fig. 11 and table 1.
Table 1 table of format structure of registration event
Specifically, an element number field '0..1' in the table indicates that the number of elements may be 0 or at most one; '0.' indicates that the number of elements may be 0 or may be plural; 1..1' indicates that the number of elements is 1 and only 1; '1.. Indicates that the number of elements is at least 1 or may be more.
Fig. 3 is a diagram showing event registration activities, where the event registration activity flow is on a registration GUI page, and can capture an external data source, then perform event registration according to people, events, time, places, and things, set privacy granularity, role authority, and agent identifier to further perform data privacy protection, and after the setting is completed, register the event as the above-mentioned event format for storage, and the event format structure is shown in fig. 11 and table 1.
In this embodiment, the S200 includes the following steps:
s210, determining a data source format of the registration event, wherein the data source format comprises a json format, a text format or an xml format; of course, other data source formats may be included, and are not specifically limited herein;
s220, registering and storing the registered event according to the event format according to different data source formats;
s230, matching the corresponding privacy protection rule for each registered event, especially refining to match the corresponding privacy protection rule for each data in the event format.
In the present embodiment, the specific event registration process/function is as shown in the GUI screens of fig. 5 to 9 for the registered event, and the setting of people, events, time, places, and objects is performed for the registered event. The GUI page of the registration event captures an external data source, such as data in JSON, TEXT, XML, and the like (certainly, the GUI page may also be in other data source formats, and is not specifically limited herein), after the data is parsed, the page displays a list, the list displays the data field and JSON-PATH corresponding to the JSON field, or takes a regular expression of the field value of TEXT, or a node name of XML, and the field of each registration event is filled in the PATH of the field after the parsing of the corresponding data source, or takes a regular expression or a node name of the field, and the like. Meanwhile, privacy granularity is set for each field, a drop-down box reads the privacy protection rule maintained in the intelligent coding system, then privacy granularity setting is carried out, and the privacy protection rule of the data is determined. Fig. 7 is a page that sets a role type (audio event identity) for each registration event, and a drop-down box reads the role type maintained in the intelligent coding system, assigns roles to requesters, associates the roles to an authority set, implements authorization of the requesters, and controls the authority of the requesters accessing related data from different organizations or departments and with different identities and purposes; and setting an agent identifier (audioevent identity) and reading the agent identifier maintained in the intelligent coding system by a drop-down box, setting the agent identifier for a requester, and associating the identifier to a black list and a white list for preventing the system from being attacked maliciously.
Specifically, the data source format of the registration event may be a json format, a text format, or an xml format, and the data displayed after the different data sources are analyzed may be different. As shown in fig. 5, if the data source format of the registration event is the Json format, after data parsing is performed, the list of the registration event may show each field and a PATH position corresponding to a Json-PATH field corresponding to each field. As shown in fig. 6, if the data source format of the registration event is the text format, after data parsing is performed, the list of the registration event may show each field and a regular expression corresponding to each field. As shown in fig. 7, if the data source format of the registration event is the xml format, after data parsing is performed, the list of the registration event may show each field and a node name corresponding to each field.
Specifically, the role division of the registration event, the field of the page role type of the requester identifier, and the field of the proxy identifier are respectively set corresponding to different DATA source formats, and may be selected from a DATA-PATH drop-down box. Namely: a page role type field and a proxy identifier field selectable in a DATA-PATH drop-down box for setting a role division of a registration event and a requester Identifier (ID); the role rights and identifier encoding are maintained in the intelligent encoding system as shown in fig. 10 (a, b).
Fig. 4 is a flowchart illustrating a back-reference control process, when a requester requests data through a gateway, the ID of the requester is checked according to the agent identifier (audioevent identity) field in fig. 6, if the requester is in a white list, the requester continues to request access, otherwise, the requester is intercepted; dividing the role of each registered event according to the role type (audio event identity) field in fig. 6, and judging whether the requester has the right to view data, if not, the requester cannot view data; if the data is the private data, whether the data is the private data or not is judged according to the permission granularity, if not, the data is returned to the requester, if the data is the private data, the privacy protection rule managed by the intelligent coding system is read, the data is processed according to the privacy protection rule, and the data is fed back to the requester, so that personalized data service is provided for the requesters with different roles when the requesters access the data through the gateway.
For example: the method is characterized in that a requester requests to view role authority rules of an intelligent coding system, the authority granularity of data is set as an anonymous protection technology, data can be processed anonymously by using a k-anonymization (k-anonymity) algorithm, sensitive data mainly replace and summarize role authority rule data by using asterisks (#), the requester can only view data for counting role authority rules, such as the number of the role authority rules, but can not view a single specific role authority rule data, and an effective data presentation effect can be provided while privacy is considered.
The privacy preserving rules can be queried, added, edited, maintained and stored according to value domain terms/terms, subsets, mappings and publications. More specifically, the intelligent coding system establishes an authority granularity rule (code), a role authority rule (code), an agent identifier (code) and the like, and a user can manage the authority granularity rule, the role authority rule and the agent identifier rule system according to the value domain terms/terms, subsets, mapping, issuing and the like, inquire required rule code information and can add, edit and maintain rule codes. As shown in fig. 10, the specific steps are as follows: (1) the method comprises the steps of (1) clicking new value domain term attribute definition, (2) inputting name, description and version number, (3) clicking data preview, and (4) clicking submitted and stored data, so that the user-defined permission granularity rule, role permission rule and proxy identifier rule can be realized.
As shown in fig. 4, in the present embodiment, the S300 includes the following steps:
s301, a requester sends a data request to a gateway;
s302, checking the ID of the requester, and judging whether the requester is in a white list or a black list; if the white list is included, executing S303; if the data request is in the blacklist, intercepting the data request and ending;
s303, requesting data and judging whether the authority exists; if yes, executing S304; if not, the data is not checked, and the process is finished;
s304, judging whether the authority accords with privacy granularity (the privacy granularity can also be called privacy rules, authority granularity rules and the like), if so, executing S305; if not, feeding back to the requester; specifically, the privacy granularity is another call of the privacy rule and the authority granularity rule; more specifically, the privacy granularity may be implemented by an algorithm, which may be a k-anonymization algorithm (of course, other algorithms may be used, and no specific limitation is made herein), that is, anonymizing the data by using the k-anonymization algorithm. For example: the privacy rule is a hidden code, which can be implemented by the algorithm, or by other algorithms. The privacy protection rules are various and the implemented algorithms are different, and therefore, the algorithm is only one means for implementing the privacy protection rules.
S305, reading the privacy protection rule, converting the data and feeding back the data to the requester.
The invention relates to a method for protecting data privacy based on an API registration mode, which is used for protecting the data privacy of a registration platform; the role division is realized for requesters with different identities, different authority control is provided for different roles, and the like, the requesters can check data within the rule limit according to the privacy protection rule, such as the number of role authority rules, and the like, but the requesters cannot check a single specific role authority rule data, so that the effective data presentation effect can be provided while the privacy is considered.
Example two:
it will be understood by those skilled in the art that all or part of the steps for implementing the above-described method embodiments may be performed by hardware associated with a computer program. The foregoing computer program may be stored in a computer-readable storage medium, where the computer program is stored, and when executed (e.g., by a processor), the computer program performs the steps of the foregoing API registration-based data privacy protection method embodiment, where the foregoing storage medium includes: various media that can store program codes, such as ROM, RAM, magnetic or optical disks.
Example three:
the invention also provides a data privacy protection system based on the API registration type, which comprises a processor and a memory; specifically, the memory is configured to store a computer program, and the processor is configured to execute the computer program stored in the memory, so that the processor executes the steps of the embodiment of the API registration based data privacy protection method.
After reading the above description, it will be apparent to a person skilled in the art that various features described herein can be implemented by a method, a data processing apparatus or a computer program product. Accordingly, these features may be embodied in hardware, in software in their entirety, or in a combination of hardware and software. Furthermore, the above-described features may also be embodied in the form of a computer program product stored on one or more computer-readable storage media having computer-readable program code segments or instructions embodied in the storage medium. The readable storage medium is configured to store various types of data to support operations at the device. The readable storage medium may be implemented by any type of volatile or non-volatile storage device or combination thereof. Such as a static hard disk, a random access memory (SRAM), an electrically erasable programmable read-only memory (EEPROM), an erasable programmable read-only memory (EPROM), a programmable read-only memory (PROM), a read-only memory (ROM), an optical storage device, a magnetic storage device, a flash memory, a magnetic or optical disk, and/or combinations thereof.
While the invention has been described with reference to a preferred embodiment, it will be understood by those skilled in the art that various changes may be made and equivalents may be substituted for elements thereof without departing from the spirit and scope of the invention. In addition, many modifications may be made to adapt a particular situation or material to the teachings of the invention without departing from the essential scope thereof. Therefore, it is intended that the invention not be limited to the particular embodiment disclosed, but that the invention will include all embodiments falling within the scope of the appended claims.