CN114338407A - Operation and maintenance management method for enterprise information security - Google Patents
Operation and maintenance management method for enterprise information security Download PDFInfo
- Publication number
- CN114338407A CN114338407A CN202210226569.4A CN202210226569A CN114338407A CN 114338407 A CN114338407 A CN 114338407A CN 202210226569 A CN202210226569 A CN 202210226569A CN 114338407 A CN114338407 A CN 114338407A
- Authority
- CN
- China
- Prior art keywords
- enterprise
- target
- maintenance management
- maintenance
- management
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides an operation and maintenance management method for enterprise information security, which comprises the following steps: acquiring enterprise information of a target enterprise, and determining an internet behavior management target and a local behavior management target of the target enterprise based on the enterprise information; determining a first operation and maintenance management strategy according to the internet behavior management target, and simultaneously determining a second operation and maintenance management strategy based on the local behavior management target; and generating a comprehensive operation and maintenance management strategy by combining the first operation and maintenance management strategy and the second operation and maintenance management strategy, and realizing the operation and maintenance management of enterprise information security based on the comprehensive operation and maintenance management strategy. Corresponding operation and maintenance management strategies are formulated for the internet access behavior management target and the local behavior management target respectively, and all-around authority setting and encryption setting are carried out on enterprise information, so that the safety problem of the enterprise information is effectively guaranteed, and the operation and maintenance management effect on the enterprise information safety is improved.
Description
Technical Field
The invention relates to the technical field of computer information security, in particular to an operation and maintenance management method for enterprise information security.
Background
At present, with the large-scale application of a large number of mobile terminals in an enterprise, the ways and modes of data external are more and more, and data leakage is more and more convenient through external equipment such as mobile storage or other non-network ways;
the traditional operation and maintenance management can only monitor and intervene aiming at the internet surfing behavior or the local behavior, but cannot effectively combine the internet surfing behavior and the local behavior, and meanwhile, whether data leakage and the like can be effectively prevented cannot be checked when the internet surfing behavior or the local behavior is monitored;
therefore, the invention provides an operation and maintenance management method for enterprise information security, which is used for respectively making corresponding operation and maintenance management strategies for the online behavior management target and the local behavior management target to realize omnibearing authority setting and encryption setting on enterprise information, thereby effectively ensuring the security of the enterprise information and improving the operation and maintenance management effect on the enterprise information security.
Disclosure of Invention
The invention provides an operation and maintenance management method for enterprise information security, which is used for solving the technical problems.
The invention provides an operation and maintenance management method for enterprise information security, which comprises the following steps:
step 1: acquiring enterprise information of a target enterprise, and determining an internet behavior management target and a local behavior management target of the target enterprise based on the enterprise information;
step 2: determining a first operation and maintenance management strategy according to the internet behavior management target, and simultaneously determining a second operation and maintenance management strategy based on the local behavior management target;
and step 3: and generating a comprehensive operation and maintenance management strategy by combining the first operation and maintenance management strategy and the second operation and maintenance management strategy, and realizing the operation and maintenance management of enterprise information security based on the comprehensive operation and maintenance management strategy.
Preferably, the operation and maintenance management method for enterprise information security includes, in step 1:
the internet behavior management target comprises: one or more of mail management and control, instant messaging management and control and webpage browsing management and control;
the local behavior management goals include: one or more of document printing management and control, document operation management and control, external equipment, mobile storage management and control, application program control and screen monitoring.
Preferably, in step 1, enterprise information of a target enterprise is obtained, and an internet behavior management target and a local behavior management target of the target enterprise are determined based on the enterprise information, and the specific working process includes:
reading enterprise information of the target enterprise, and determining enterprise information data;
analyzing the enterprise information data, and determining enterprise requirements of the target enterprise according to an analysis result;
determining the safe operation and maintenance behavior of the target enterprise according to the enterprise requirement of the target enterprise;
and classifying the safe operation and maintenance behaviors of the target enterprise based on a behavior management target form, and determining an internet behavior management target and the local behavior management target of the target enterprise according to a classification result.
Preferably, in step 2, determining a first operation and maintenance management policy according to the internet access behavior management target includes:
reading the internet behavior management target, and calling a target internet behavior management item;
acquiring the item characteristics of the target internet behavior management item;
determining a limiting condition for a target internet behavior management project according to the requirement of the target enterprise on the internet behavior management target;
and determining an operation and maintenance management strategy for the internet behavior management target based on the item characteristics of the target internet behavior management item and the limiting condition of the target internet behavior management item, wherein the operation and maintenance strategy for the internet behavior management target is the first operation and maintenance management strategy.
Preferably, in step 2, the determining a second operation and maintenance management policy based on the local behavior management objective includes:
reading the local behavior management target, determining the authority characteristic of the local behavior management target, and simultaneously determining the privacy degree of the local behavior management target;
respectively analyzing the authority characteristics and the privacy degree of the local behavior management target, and determining the encryption level of the local behavior management target;
and carrying out operation and maintenance management description on the local behavior management target and the privacy level, and generating the second operation and maintenance management strategy according to a description result.
Preferably, in step 3, when the operation and maintenance management of the enterprise information security is performed, the operation and maintenance management method for the enterprise information security further includes:
acquiring operation and maintenance management data when the operation and maintenance management is carried out on enterprise information safety;
analyzing the operation and maintenance management data based on the comprehensive operation and maintenance management strategy to determine whether sensitive data exists in the operation and maintenance management data;
the sensitive data is data for protecting the enterprise information;
and when sensitive data exist in the operation and maintenance management data, determining a data protection condition of an operation system, and when the sensitive data meet the data protection condition, protecting the sensitive data based on the comprehensive operation and maintenance management strategy.
Preferably, in step 3, after generating the integrated operation and maintenance management policy and before implementing the operation and maintenance management on the enterprise information security based on the integrated operation and maintenance management policy, the method further includes:
reading the comprehensive operation and maintenance management strategy, determining system operation and maintenance monitoring points of the target enterprise, and constructing a monitoring network framework based on the system operation and maintenance monitoring points
Pre-building in a target system according to the monitoring network framework to generate a pre-experiment system;
in the pre-experiment system, a fault detection tree and an information attack tree are constructed according to the system operation and maintenance monitoring points;
performing fault detection on the system operation and maintenance monitoring points based on the fault detection tree, determining fault nodes of the pre-experiment system, and meanwhile determining the fault rate of the pre-experiment system based on the total amount of the fault nodes;
carrying out attack simulation on the pre-experiment system based on the information attack tree, and determining the failure probability of the pre-experiment system according to the total attack times and the attacked times;
determining an operation and maintenance management capability index of the pre-experiment system according to the fault rate of the pre-experiment system and the failure probability of the pre-experiment system;
performing first evaluation on the comprehensive operation and maintenance management strategy based on the operation and maintenance management capacity index, and determining a first evaluation score;
determining a target requirement of the target enterprise based on enterprise information of the target enterprise, and simultaneously determining the coverage rate of the target requirement in the pre-experiment system based on the system operation and maintenance monitoring point in the pre-experiment system;
performing second evaluation on the comprehensive operation and maintenance management strategy based on the coverage rate, and acquiring a second evaluation score;
performing pre-operation in the pre-experiment system, determining an operation node in the operation and maintenance monitoring of the system, reading the operation node, determining the processing rate of the data volume of the operation node, and simultaneously determining the operation efficiency of the pre-experiment system according to the processing rate;
performing third evaluation on the comprehensive operation and maintenance management strategy according to the operation efficiency, and determining a third evaluation value;
and determining a comprehensive evaluation value of the comprehensive operation and maintenance management strategy based on the first evaluation value, the second evaluation value and the third evaluation value, and meanwhile, realizing quantitative evaluation of the comprehensive operation and maintenance management strategy according to the comprehensive evaluation value.
Preferably, the operation and maintenance management method for enterprise information security further includes, after performing quantitative evaluation on the comprehensive operation and maintenance management policy:
acquiring a reference score, comparing the comprehensive evaluation value with the reference score, and judging whether the comprehensive operation and maintenance management strategy is qualified or not;
when the comprehensive evaluation value is equal to or larger than the reference score, judging that the comprehensive operation and maintenance management strategy is qualified;
when the comprehensive evaluation value is smaller than the reference value, judging that the comprehensive operation and maintenance management strategy is unqualified, simultaneously optimizing the first operation and maintenance management strategy and the second operation and maintenance management strategy respectively, and determining an optimization result;
and based on the optimization result, carrying out quantitative evaluation on the comprehensive operation and maintenance management strategy again until the comprehensive evaluation value of the comprehensive operation and maintenance management strategy is equal to or greater than the reference score.
Preferably, after the operation and maintenance management of enterprise information security is implemented based on the integrated operation and maintenance management policy, the method further includes:
acquiring the total attacked times of the enterprise platform of the target enterprise and the total defense times of the enterprise platform of the target enterprise for autonomous defense;
calculating a risk value of the enterprise information leakage based on the total attack times and the total defense times;
wherein the content of the first and second substances,
representing a risk value at which the enterprise information is compromised;
when the enterprise platform of the target enterprise is attacked, a first weight coefficient of the leakage risk of the enterprise information exists, and the value is (0, 0.3);
representing a total number of attacks on an enterprise platform of the target enterprise; m represents the total defense times of the enterprise platform of the target enterprise for defense, and m is greater than n;
representing the current ith time of the enterprise platformHistorical probability of occurrence of the attacked event;
representing the influence factor caused by the current ith time of the event that the enterprise platform is attacked;
representing the risk level of the current ith time of the event that the enterprise platform is attacked;
representing the corresponding maximum risk level in all attacked events; delta represents that when the enterprise platform of the target enterprise performs defense, the enterprise information has a leaked second weight coefficient, and the value is (0, 0.4);
representing the historical occurrence probability of the current j-th defense event of the enterprise platform;
an influence factor representing the current j-th defense event of the enterprise platform;
representing a maximum impact factor associated with the attack;
represents the maximum impact factor associated with defense;
comparing the risk value of the enterprise information leakage with a preset risk threshold value, and judging whether the comprehensive operation and maintenance strategy needs to be optimized;
when the risk value of the enterprise information leakage is smaller than or equal to the preset risk threshold value, judging that the comprehensive operation and maintenance strategy does not need to be optimized;
otherwise, establishing an optimization model for optimizing the comprehensive operation and maintenance strategy based on the risk value of the enterprise information leakage;
wherein the content of the first and second substances,
representing an optimization model for optimizing the comprehensive operation and maintenance strategy;
representing the preset risk threshold;
the evaluation coefficient of the comprehensive operation and maintenance strategy is represented, and the value is (0.702, 0.705);
representing a target defense level against the enterprise platform based on the integrated operation and maintenance policy;
represents a current defense level against the enterprise platform based on the integrated operation and maintenance policy, and
;
and optimizing the comprehensive operation and maintenance management strategy based on the optimization model, and updating the enterprise platform according to an optimization result.
Preferably, in step 3, after generating the comprehensive operation and maintenance management policy, the operation and maintenance management method for enterprise information security further includes:
editing an operation and maintenance management script based on the comprehensive operation and maintenance management strategy, and arranging in a preset container based on the operation and maintenance management script to obtain a target container;
acquiring an enterprise identifier of the target enterprise, and adding a container engine into the target container according to the enterprise identifier;
determining a container mirror image downloading request according to the container engine, and sending the container mirror image downloading request to a target mirror image warehouse, wherein the container mirror image downloading request comprises a mirror image identifier;
matching in the target mirror repository based on the mirror identification, and determining the container mirror based on a matching result;
acquiring metadata of the container mirror image, and determining a hash value of a layer file in the container mirror image;
determining a download node for downloading the container mirror image based on the metadata of the container mirror image and the hash value of the layer file in the container mirror image;
compressing the mirror image file of the container mirror image, generating a container mirror image data packet, and storing the download node into the container mirror image data packet;
sending the container mirror image data packet to an enterprise client of the target enterprise;
decompressing the container mirror image data packet based on the enterprise client, and downloading and installing the container mirror image based on the downloading node.
Preferably, in step 3, the operation and maintenance management of enterprise information security includes:
determining an operation and maintenance management instruction based on the comprehensive operation and maintenance management strategy, and performing operation and maintenance management on the enterprise platform of the target enterprise based on the operation and maintenance management instruction;
acquiring operation and maintenance management data, and monitoring the operation and maintenance management data based on the preset rule;
and when the operation and maintenance management data do not accord with the preset rule, generating an alarm instruction, and simultaneously carrying out alarm operation based on the alarm instruction.
Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.
The technical solution of the present invention is further described in detail by the accompanying drawings and embodiments.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the principles of the invention and not to limit the invention. In the drawings:
FIG. 1 is a flowchart of an operation and maintenance management method for enterprise information security according to an embodiment of the present invention;
FIG. 2 is a flowchart of step 1 of an operation and maintenance management method for enterprise information security according to an embodiment of the present invention;
fig. 3 is a flowchart of step 2 in an operation and maintenance management method for enterprise information security according to an embodiment of the present invention.
Detailed Description
The preferred embodiments of the present invention will be described in conjunction with the accompanying drawings, and it will be understood that they are described herein for the purpose of illustration and explanation and not limitation.
Example 1:
the embodiment provides an operation and maintenance management method for enterprise information security, as shown in fig. 1, including:
step 1: acquiring enterprise information of a target enterprise, and determining an internet behavior management target and a local behavior management target of the target enterprise based on the enterprise information;
step 2: determining a first operation and maintenance management strategy according to the internet behavior management target, and simultaneously determining a second operation and maintenance management strategy based on the local behavior management target;
and step 3: and generating a comprehensive operation and maintenance management strategy by combining the first operation and maintenance management strategy and the second operation and maintenance management strategy, and realizing the operation and maintenance management of enterprise information security based on the comprehensive operation and maintenance management strategy.
In this embodiment, the management requirements (i.e., the internet behavior management target and the local behavior management target) of the target enterprise may be determined by the enterprise information of the target enterprise.
In this embodiment, the enterprise information may be information related to the registration and operation of the enterprise, and generally includes: enterprise name, enterprise location, legal representative, registered capital, operating range, operating qualification, number of employees, enterprise website, contact information and the like.
In this embodiment, the internet behavior management target may be one or more of mail management, instant messaging management, and web browsing management.
In this embodiment, the local behavior management target may be one or more of document printing management, document operation management, external device, mobile storage management, application control, and screen monitoring.
In this embodiment, the first operation and maintenance management policy is used to perform operation and maintenance management on the internet access behavior management target, and may be, for example, to control web browsing permissions and set different web access permissions according to the working properties of the employee.
In this embodiment, the second operation and maintenance management policy is used to perform operation and maintenance management on the local behavior management target, and may be, for example, to control an employee to download a file privately or to control a communication authority of the employee and an external device.
In this embodiment, the comprehensive operation and maintenance management policy is obtained by combining the first operation and maintenance management policy and the second operation and maintenance management policy, and is used for performing online behavior management and local behavior management on an enterprise synchronously, where the comprehensive operation and maintenance management policy further includes technologies such as auditing, authority management and control, and encryption.
The beneficial effects of the above technical scheme are: corresponding operation and maintenance management strategies are formulated for the internet access behavior management target and the local behavior management target respectively, and all-around authority setting and encryption setting are carried out on enterprise information, so that the safety problem of the enterprise information is effectively guaranteed, and the operation and maintenance management effect on the enterprise information safety is improved.
Example 2:
on the basis of embodiment 1, this embodiment provides an operation and maintenance management method for enterprise information security, as shown in fig. 2, in step 1, enterprise information of a target enterprise is obtained, and an internet behavior management target and a local behavior management target of the target enterprise are determined based on the enterprise information, and a specific working process includes:
step 101: reading enterprise information of the target enterprise, and determining enterprise information data;
step 102: analyzing the enterprise information data, and determining enterprise requirements of the target enterprise according to an analysis result;
step 103: determining the safe operation and maintenance behavior of the target enterprise according to the enterprise requirement of the target enterprise;
step 104: and classifying the safe operation and maintenance behaviors of the target enterprise based on a behavior management target form, and determining an internet behavior management target and the local behavior management target of the target enterprise according to a classification result.
In this embodiment, the enterprise requirement may be a work category that may be involved in the business process of the enterprise, and may be one or more of mail management, instant messaging management, web browsing management, document printing management, document operation management, external device, mobile storage management, application program control, and screen monitoring, for example.
In this embodiment, the safety operation and maintenance behavior may be to determine whether the enterprise needs to be online operation and maintenance management, local operation and maintenance management, or a combination of the two according to enterprise requirements of the enterprise.
In this embodiment, the behavior management target form may be internet operation and maintenance management and local operation and maintenance management.
The beneficial effects of the above technical scheme are: the enterprise requirements and the safe operation and maintenance behaviors of the enterprise are accurately judged according to the enterprise information of the enterprise, so that the online behavior management target and the business related to the local behavior management target in the enterprise are conveniently determined, and the accuracy and the effectiveness of the operation and maintenance management of the enterprise are improved.
Example 3:
on the basis of embodiment 1, this embodiment provides an operation and maintenance management method for enterprise information security, as shown in fig. 3, and in step 2, determining a first operation and maintenance management policy according to the internet behavior management target includes:
step 201: reading the internet behavior management target, and calling a target internet behavior management item;
step 202: acquiring the item characteristics of the target internet behavior management item;
step 203: determining a limiting condition for a target internet behavior management project according to the requirement of the target enterprise on the internet behavior management target;
step 204: and determining an operation and maintenance management strategy for the internet behavior management target based on the item characteristics of the target internet behavior management item and the limiting condition of the target internet behavior management item, wherein the operation and maintenance strategy for the internet behavior management target is the first operation and maintenance management strategy.
In this embodiment, the target internet behavior management item may be one or more of email management and control, instant messaging management and control, and web browsing management and control.
In this embodiment, the item feature may be a category or an attribute of the target internet behavior management item.
In this embodiment, the limiting condition is set in advance by an enterprise and is used to limit the target internet behavior management item, so as to achieve the purpose of operation and maintenance management.
The beneficial effects of the above technical scheme are: by determining the internet surfing behavior management target and the corresponding project characteristics of the enterprise, the normative limitation on the target internet surfing behavior management project is realized, the operation and maintenance management effect on the internet surfing behavior management target is improved, and the safety degree of enterprise information is improved.
Example 4:
on the basis of embodiment 1, this embodiment provides an operation and maintenance management method for enterprise information security, and in step 2, determining a second operation and maintenance management policy based on the local behavior management target includes:
reading the local behavior management target, determining the authority characteristic of the local behavior management target, and simultaneously determining the privacy degree of the local behavior management target;
respectively analyzing the authority characteristics and the privacy degree of the local behavior management target, and determining the encryption level of the local behavior management target;
and carrying out operation and maintenance management description on the local behavior management target and the privacy level, and generating the second operation and maintenance management strategy according to a description result.
In this embodiment, the authority feature may be a restriction requirement corresponding to the local behavior management item, and for example, may be that when document operation is managed and controlled, a restriction person downloads a file to a usb disk.
In this embodiment, the privacy level may be a control level or an encryption level of the file or document.
The beneficial effects of the above technical scheme are: by determining the authority characteristics and the encryption level of the local behavior management target, the local behavior management target is accurately and effectively operated and maintained, the local behavior management normalization is improved, and the safety degree of enterprise information is enhanced.
Example 5:
on the basis of embodiment 1, this embodiment provides an operation and maintenance management method for enterprise information security, which is characterized in that, in step 3, when the operation and maintenance management for enterprise information security is performed, the method further includes:
acquiring operation and maintenance management data when the operation and maintenance management is carried out on enterprise information safety;
analyzing the operation and maintenance management data based on the comprehensive operation and maintenance management strategy to determine whether sensitive data exists in the operation and maintenance management data;
the sensitive data is data for protecting the enterprise information;
and when sensitive data exist in the operation and maintenance management data, determining a data protection condition of an operation system, and when the sensitive data meet the data protection condition, protecting the sensitive data based on the comprehensive operation and maintenance management strategy.
In this embodiment, the operation and maintenance management data may be background data when the management project is managed.
In this embodiment, the sensitive data may be data for protecting the enterprise information, such as the capital flow and financial statement in the enterprise.
In this embodiment, the data protection condition may be a condition determined according to the integrated operation and maintenance management policy to encrypt the enterprise information.
The beneficial effects of the above technical scheme are: the enterprise information security is analyzed, the data needing to be protected in the enterprise security information is determined, meanwhile, the condition that the protected data need to be encrypted is determined, the enterprise information is reliably and effectively encrypted, and therefore the security level of the enterprise information is improved.
Example 6:
on the basis of embodiment 1, this embodiment provides an operation and maintenance management method for enterprise information security, and in step 3, after generating an integrated operation and maintenance management policy and before implementing operation and maintenance management on enterprise information security based on the integrated operation and maintenance management policy, the method further includes:
reading the comprehensive operation and maintenance management strategy, determining system operation and maintenance monitoring points of the target enterprise, and constructing a monitoring network framework based on the system operation and maintenance monitoring points
Pre-building in a target system according to the monitoring network framework to generate a pre-experiment system;
in the pre-experiment system, a fault detection tree and an information attack tree are constructed according to the system operation and maintenance monitoring points;
performing fault detection on the system operation and maintenance monitoring points based on the fault detection tree, determining fault nodes of the pre-experiment system, and meanwhile determining the fault rate of the pre-experiment system based on the total amount of the fault nodes;
carrying out attack simulation on the pre-experiment system based on the information attack tree, and determining the failure probability of the pre-experiment system according to the total attack times and the attacked times;
determining an operation and maintenance management capability index of the pre-experiment system according to the fault rate of the pre-experiment system and the failure probability of the pre-experiment system;
performing first evaluation on the comprehensive operation and maintenance management strategy based on the operation and maintenance management capacity index, and determining a first evaluation score;
determining a target requirement of the target enterprise based on enterprise information of the target enterprise, and simultaneously determining the coverage rate of the target requirement in the pre-experiment system based on the system operation and maintenance monitoring point in the pre-experiment system;
performing second evaluation on the comprehensive operation and maintenance management strategy based on the coverage rate, and acquiring a second evaluation score;
performing pre-operation in the pre-experiment system, determining an operation node in the operation and maintenance monitoring of the system, reading the operation node, determining the processing rate of the data volume of the operation node, and simultaneously determining the operation efficiency of the pre-experiment system according to the processing rate;
performing third evaluation on the comprehensive operation and maintenance management strategy according to the operation efficiency, and determining a third evaluation value;
and determining a comprehensive evaluation value of the comprehensive operation and maintenance management strategy based on the first evaluation value, the second evaluation value and the third evaluation value, and meanwhile, realizing quantitative evaluation of the comprehensive operation and maintenance management strategy according to the comprehensive evaluation value.
In the embodiment, the operation and maintenance monitoring points of the system are set in advance, so that enterprise information can be conveniently checked in an all-around mode according to the monitoring points, and the current condition of the enterprise information can be guaranteed to be checked in real time.
In this embodiment, the pre-building may be training the monitoring network framework in the target system, and verifying whether the monitoring network framework can be successfully built in the target system.
In this embodiment, the fault detection tree may be used to detect whether an operation and maintenance monitoring point in the target system has a fault.
In this embodiment, the information attack tree may be used to detect whether the operation and maintenance monitoring point in the target system is attacked from the outside.
In this embodiment, the failure probability may be the probability of the target system losing its operation performance when it is attacked from the outside.
In this embodiment, the operation and maintenance capability management index may be a sum of the detection capability of the system and the capability of resisting external attacks, and is used to measure the operation and maintenance management effect on the enterprise information.
In this embodiment, the first evaluation may be to evaluate the integrated management policy by the operation and maintenance management capability index to determine the operation and maintenance management capability of the integrated operation and maintenance management policy.
In this embodiment, the coverage rate may be a measure of whether each management item existing in the pre-test system meets the target requirement.
In this embodiment, the second evaluation may be to evaluate a management range of the integrated operation and maintenance management policy, so as to ensure that the integrated operation and maintenance management policy can accurately and effectively manage all the related management items.
In this embodiment, the operational node may be a data node that stores enterprise information.
The beneficial effects of the above technical scheme are: the comprehensive operation and maintenance management strategy is evaluated from the three aspects of the operation and maintenance management capacity index, the coverage rate and the operation efficiency, so that the obtained comprehensive operation and maintenance management strategy is ensured to be reliable and effective, the operation and maintenance management on enterprise information safety is guaranteed, meanwhile, the safety degree of the enterprise information is enhanced, and the safety of the enterprise information can be effectively guaranteed when the enterprise information faces different problems.
Example 7:
on the basis of embodiment 6, this embodiment provides an operation and maintenance management method for enterprise information security, and after performing quantitative evaluation on the comprehensive operation and maintenance management policy, the method further includes:
acquiring a reference score, comparing the comprehensive evaluation value with the reference score, and judging whether the comprehensive operation and maintenance management strategy is qualified or not;
when the comprehensive evaluation value is equal to or larger than the reference score, judging that the comprehensive operation and maintenance management strategy is qualified;
when the comprehensive evaluation value is smaller than the reference value, judging that the comprehensive operation and maintenance management strategy is unqualified, simultaneously optimizing the first operation and maintenance management strategy and the second operation and maintenance management strategy respectively, and determining an optimization result;
and based on the optimization result, carrying out quantitative evaluation on the comprehensive operation and maintenance management strategy again until the comprehensive evaluation value of the comprehensive operation and maintenance management strategy is equal to or greater than the reference score.
In this embodiment, the benchmark score is set in advance, and is used to provide a reference for the evaluation value of the comprehensive operation and maintenance management policy, so as to facilitate determining whether the comprehensive operation and maintenance management policy is reasonable and reliable.
The beneficial effects of the above technical scheme are: the comprehensive evaluation value of the comprehensive operation and maintenance management strategy is compared with the reference value, so that the qualification of the comprehensive operation and maintenance management strategy is accurately judged, the comprehensive operation and maintenance management strategy is timely optimized when the comprehensive operation and maintenance management strategy is unqualified, the safe and reliable operation and maintenance of enterprise information are ensured, and the safety degree of the enterprise information is improved.
Example 8:
on the basis of embodiment 1, this embodiment provides an operation and maintenance management method for enterprise information security, and in step 3, after generating an integrated operation and maintenance management policy, the method further includes:
editing an operation and maintenance management script based on the comprehensive operation and maintenance management strategy, and arranging in a preset container based on the operation and maintenance management script to obtain a target container;
acquiring an enterprise identifier of the target enterprise, and adding a container engine into the target container according to the enterprise identifier;
determining a container mirror image downloading request according to the container engine, and sending the container mirror image downloading request to a target mirror image warehouse, wherein the container mirror image downloading request comprises a mirror image identifier;
matching in the target mirror repository based on the mirror identification, and determining the container mirror based on a matching result;
acquiring metadata of the container mirror image, and determining a hash value of a layer file in the container mirror image;
determining a download node for downloading the container mirror image based on the metadata of the container mirror image and the hash value of the layer file in the container mirror image;
compressing the mirror image file of the container mirror image, generating a container mirror image data packet, and storing the download node into the container mirror image data packet;
sending the container mirror image data packet to an enterprise client of the target enterprise;
decompressing the container mirror image data packet based on the enterprise client, and downloading and installing the container mirror image based on the downloading node.
In this embodiment, the operation and maintenance management script may be a code or text content corresponding to the integrated operation and maintenance management policy.
In this embodiment, the preset container is set in advance and is used for storing different management scripts, so as to implement a corresponding operation and maintenance management function.
In this embodiment, the target container may be a container obtained by placing the script file in a preset container, and may be capable of executing a corresponding operation and maintenance operation.
In this embodiment, the enterprise identification may be a type of tag used to label the identity between different enterprises.
In this embodiment, the container image may be a corresponding copy of the operating data in the container, and the like.
In this embodiment, the target image repository is used to store image files.
In this embodiment, the image identifier is a kind of label used to mark different image files, and the kind and corresponding functions of different images can be quickly determined by the image identifier.
In this embodiment, the metadata may be source data of the container image file.
In this embodiment, the downloading node refers to that the target user can directly download the corresponding integrated operation and maintenance management policy, that is, the downloading address or the downloading link, through the downloading node.
The beneficial effects of the above technical scheme are: by determining the script file corresponding to the comprehensive operation and maintenance management strategy, arranging the script file in the corresponding container and putting the corresponding container into the data packet after arrangement to obtain the corresponding image file data packet, different enterprises can download the image file corresponding to the comprehensive operation and maintenance management strategy according to requirements, the installation efficiency and the installation convenience are improved, and convenience is provided for guaranteeing the information security of the enterprises.
Example 9:
on the basis of embodiment 1, this embodiment provides an operation and maintenance management method for enterprise information security, and in step 3, the operation and maintenance management for enterprise information security includes:
determining an operation and maintenance management instruction based on the comprehensive operation and maintenance management strategy, and performing operation and maintenance management on the enterprise platform of the target enterprise based on the operation and maintenance management instruction;
acquiring operation and maintenance management data, and monitoring the operation and maintenance management data based on the preset rule;
and when the operation and maintenance management data do not accord with the preset rule, generating an alarm instruction, and simultaneously carrying out alarm operation based on the alarm instruction.
In this embodiment, the operation and maintenance management instruction may be to control the integrated operation and maintenance management policy to perform operation and maintenance management on the enterprise platform of the target enterprise.
In this embodiment, the preset rule is set in advance and is used for monitoring the operation and maintenance management data.
The beneficial effects of the above technical scheme are: the operation and maintenance management process of the comprehensive operation and maintenance management strategy is monitored, whether the operation and maintenance management result meets the preset rule or not is judged, and corresponding alarm operation is carried out when the operation and maintenance management result does not meet the preset rule, so that the check strictness of the comprehensive operation and maintenance management strategy is improved, and the safety of enterprise information can be guaranteed effectively.
Example 10:
on the basis of embodiment 1, in step 3, after the operation and maintenance management of enterprise information security is implemented based on the integrated operation and maintenance management policy, the method further includes:
acquiring the total attacked times of the enterprise platform of the target enterprise and the total defense times of the enterprise platform of the target enterprise for autonomous defense;
calculating a risk value of the enterprise information leakage based on the total attack times and the total defense times;
wherein the content of the first and second substances,
representing a risk value at which the enterprise information is compromised;
when the enterprise platform of the target enterprise is attacked, a first weight coefficient of the leakage risk of the enterprise information exists, and the value is (0, 0.3);
representing a total number of attacks on an enterprise platform of the target enterprise; m represents the total defense times of the enterprise platform of the target enterprise for defense, and m is greater than n;
representing the historical occurrence probability of the current ith time of the event that the enterprise platform is attacked;
representing the influence factor caused by the current ith time of the event that the enterprise platform is attacked;
representing the risk level of the current ith time of the event that the enterprise platform is attacked;
representing the corresponding maximum risk level in all attacked events; delta represents that when the enterprise platform of the target enterprise performs defense, the enterprise information has a leaked second weight coefficient, and the value is (0, 0.4);
representing the historical occurrence probability of the current j-th defense event of the enterprise platform;
an influence factor representing the current j-th defense event of the enterprise platform;
representing a maximum impact factor associated with the attack;
represents the maximum impact factor associated with defense;
comparing the risk value of the enterprise information leakage with a preset risk threshold value, and judging whether the comprehensive operation and maintenance strategy needs to be optimized;
when the risk value of the enterprise information leakage is smaller than or equal to the preset risk threshold value, judging that the comprehensive operation and maintenance strategy does not need to be optimized;
otherwise, establishing an optimization model for optimizing the comprehensive operation and maintenance strategy based on the risk value of the enterprise information leakage;
wherein the content of the first and second substances,
representing an optimization model for optimizing the comprehensive operation and maintenance strategy;
representing the preset risk threshold;
the evaluation coefficient of the comprehensive operation and maintenance strategy is represented, and the value is (0.702, 0.705);
representing a target defense level against the enterprise platform based on the integrated operation and maintenance policy;
represents a current defense level against the enterprise platform based on the integrated operation and maintenance policy, and
;
and optimizing the comprehensive operation and maintenance management strategy based on the optimization model, and updating the enterprise platform according to an optimization result.
In this embodiment, the preset risk threshold is set in advance, and is used to measure an optimization criterion for optimizing the comprehensive operation and maintenance strategy.
In this embodiment, the target defense level may be set in advance, and the target defense level may be set at 8 levels, 9 levels, or 10 levels, specifically according to actual requirements.
In this embodiment, the current defense level may be a defense level of the integrated operation and maintenance management policy on the enterprise platform of the target enterprise, and includes: level 1, level 2, level 3, level 4, level 5, level 6, level 7, level 8, level 9, level 10.
The beneficial effects of the above technical scheme are: the total attacked times of the enterprise platform of the target enterprise and the defense times of the enterprise platform of the target enterprise for defense are determined, so that the risk value of enterprise information leakage is calculated, whether the comprehensive operation and maintenance management strategy needs to be optimized or not is further evaluated, and when the comprehensive operation and maintenance management strategy needs to be optimized, the guarantee efficiency of the safety problem of the enterprise information is further improved through optimization and platform updating.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present invention without departing from the spirit and scope of the invention. Thus, if such modifications and variations of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is also intended to include such modifications and variations.
Claims (10)
1. An operation and maintenance management method for enterprise information security is characterized by comprising the following steps:
step 1: acquiring enterprise information of a target enterprise, and determining an internet behavior management target and a local behavior management target of the target enterprise based on the enterprise information;
step 2: determining a first operation and maintenance management strategy according to the internet behavior management target, and simultaneously determining a second operation and maintenance management strategy based on the local behavior management target;
and step 3: and generating a comprehensive operation and maintenance management strategy by combining the first operation and maintenance management strategy and the second operation and maintenance management strategy, and realizing the operation and maintenance management of enterprise information security based on the comprehensive operation and maintenance management strategy.
2. The operation and maintenance management method for enterprise information security according to claim 1, wherein step 1 comprises:
the internet behavior management target comprises: one or more of mail management and control, instant messaging management and control and webpage browsing management and control;
the local behavior management goals include: one or more of document printing management and control, document operation management and control, external equipment, mobile storage management and control, application program control and screen monitoring.
3. The operation and maintenance management method for enterprise information security according to claim 1, wherein in step 1, enterprise information of a target enterprise is obtained, and an internet behavior management target and a local behavior management target of the target enterprise are determined based on the enterprise information, and a specific working process includes:
reading enterprise information of the target enterprise, and determining enterprise information data;
analyzing the enterprise information data, and determining enterprise requirements of the target enterprise according to an analysis result;
determining the safe operation and maintenance behavior of the target enterprise according to the enterprise requirement of the target enterprise;
and classifying the safe operation and maintenance behaviors of the target enterprise based on a behavior management target form, and determining an internet behavior management target and the local behavior management target of the target enterprise according to a classification result.
4. The operation and maintenance management method for enterprise information security according to claim 1, wherein in step 2, determining the first operation and maintenance management policy according to the internet behavior management target includes:
reading the internet behavior management target, and calling a target internet behavior management item;
acquiring the item characteristics of the target internet behavior management item;
determining a limiting condition for a target internet behavior management project according to the requirement of the target enterprise on the internet behavior management target;
and determining an operation and maintenance management strategy for the internet behavior management target based on the item characteristics of the target internet behavior management item and the limiting condition of the target internet behavior management item, wherein the operation and maintenance strategy for the internet behavior management target is the first operation and maintenance management strategy.
5. The operation and maintenance management method for enterprise information security according to claim 1, wherein in step 2, determining a second operation and maintenance management policy based on the local behavior management objective includes:
reading the local behavior management target, determining the authority characteristic of the local behavior management target, and simultaneously determining the privacy degree of the local behavior management target;
respectively analyzing the authority characteristics and the privacy degree of the local behavior management target, and determining the encryption level of the local behavior management target;
and carrying out operation and maintenance management description on the local behavior management target and the privacy level, and generating the second operation and maintenance management strategy according to a description result.
6. The operation and maintenance management method for enterprise information security according to claim 1, wherein in step 3, when the operation and maintenance management for enterprise information security is performed, the method further comprises:
acquiring operation and maintenance management data when the operation and maintenance management is carried out on enterprise information safety;
analyzing the operation and maintenance management data based on the comprehensive operation and maintenance management strategy to determine whether sensitive data exists in the operation and maintenance management data;
the sensitive data is data for protecting the enterprise information;
and when sensitive data exist in the operation and maintenance management data, determining a data protection condition of an operation system, and when the sensitive data meet the data protection condition, protecting the sensitive data based on the comprehensive operation and maintenance management strategy.
7. The operation and maintenance management method for enterprise information security according to claim 1, wherein in step 3, after generating the integrated operation and maintenance management policy and before implementing the operation and maintenance management on the enterprise information security based on the integrated operation and maintenance management policy, the method further comprises:
reading the comprehensive operation and maintenance management strategy, determining a system operation and maintenance monitoring point of the target enterprise, and constructing a monitoring network framework based on the system operation and maintenance monitoring point;
pre-building in a target system according to the monitoring network framework to generate a pre-experiment system;
in the pre-experiment system, a fault detection tree and an information attack tree are constructed according to the system operation and maintenance monitoring points;
performing fault detection on the system operation and maintenance monitoring points based on the fault detection tree, determining fault nodes of the pre-experiment system, and meanwhile determining the fault rate of the pre-experiment system based on the total amount of the fault nodes;
carrying out attack simulation on the pre-experiment system based on the information attack tree, and determining the failure probability of the pre-experiment system according to the total attack times and the attacked times;
determining an operation and maintenance management capability index of the pre-experiment system according to the fault rate of the pre-experiment system and the failure probability of the pre-experiment system;
performing first evaluation on the comprehensive operation and maintenance management strategy based on the operation and maintenance management capacity index, and determining a first evaluation score;
determining a target requirement of the target enterprise based on enterprise information of the target enterprise, and simultaneously determining the coverage rate of the target requirement in the pre-experiment system based on the system operation and maintenance monitoring point in the pre-experiment system;
performing second evaluation on the comprehensive operation and maintenance management strategy based on the coverage rate, and acquiring a second evaluation score;
performing pre-operation in the pre-experiment system, determining an operation node in the system operation and maintenance monitoring point, reading the operation node, determining the processing rate of the data volume of the operation node, and simultaneously determining the operation efficiency of the pre-experiment system according to the processing rate;
performing third evaluation on the comprehensive operation and maintenance management strategy according to the operation efficiency, and determining a third evaluation value;
determining a comprehensive evaluation value of the comprehensive operation and maintenance management strategy based on the first evaluation value, the second evaluation value and the third evaluation value, and meanwhile, realizing quantitative evaluation of the comprehensive operation and maintenance management strategy according to the comprehensive evaluation value;
acquiring a reference score, comparing the comprehensive evaluation value with the reference score, and judging whether the comprehensive operation and maintenance management strategy is qualified or not;
when the comprehensive evaluation value is equal to or larger than the reference score, judging that the comprehensive operation and maintenance management strategy is qualified;
when the comprehensive evaluation value is smaller than the reference value, judging that the comprehensive operation and maintenance management strategy is unqualified, simultaneously optimizing the first operation and maintenance management strategy and the second operation and maintenance management strategy respectively, and determining an optimization result;
and based on the optimization result, carrying out quantitative evaluation on the comprehensive operation and maintenance management strategy again until the comprehensive evaluation value of the comprehensive operation and maintenance management strategy is equal to or greater than the reference score.
8. The operation and maintenance management method for enterprise information security according to claim 1, wherein after the operation and maintenance management of enterprise information security is implemented based on the integrated operation and maintenance management policy, the method further comprises:
acquiring the total attacked times of the enterprise platform of the target enterprise and the total defense times of the enterprise platform of the target enterprise for autonomous defense;
calculating a risk value of the enterprise information leakage based on the total attack times and the total defense times;
wherein the content of the first and second substances,
representing a risk value at which the enterprise information is compromised;
when the enterprise platform of the target enterprise is attacked, a first weight coefficient of the leakage risk of the enterprise information exists, and the value is (0, 0.3);
representing a total number of attacks on an enterprise platform of the target enterprise; m represents the total defense times of the enterprise platform of the target enterprise for defense, and m is greater than n;
representing the historical occurrence probability of the current ith time of the event that the enterprise platform is attacked;
representing the influence factor caused by the current ith time of the event that the enterprise platform is attacked;
representing the risk level of the current ith time of the event that the enterprise platform is attacked;
representing the corresponding maximum risk level in all attacked events; delta represents that when the enterprise platform of the target enterprise performs defense, the enterprise information has a leaked second weight coefficient, and the value is (0, 0.4);
representing the historical occurrence probability of the current j-th defense event of the enterprise platform;
an influence factor representing the current j-th defense event of the enterprise platform;
representing a maximum impact factor associated with the attack;
representing maximum shadow associated with defenseA noise factor;
comparing the risk value of the enterprise information leakage with a preset risk threshold value, and judging whether the comprehensive operation and maintenance strategy needs to be optimized;
when the risk value of the enterprise information leakage is smaller than or equal to the preset risk threshold value, judging that the comprehensive operation and maintenance strategy does not need to be optimized;
otherwise, establishing an optimization model for optimizing the comprehensive operation and maintenance strategy based on the risk value of the enterprise information leakage;
wherein the content of the first and second substances,
representing an optimization model for optimizing the comprehensive operation and maintenance strategy;
representing the preset risk threshold;
the evaluation coefficient of the comprehensive operation and maintenance strategy is represented, and the value is (0.702, 0.705);
representing a target defense level against the enterprise platform based on the integrated operation and maintenance policy;
represents a current defense level against the enterprise platform based on the integrated operation and maintenance policy, and
;
and optimizing the comprehensive operation and maintenance management strategy based on the optimization model, and updating the enterprise platform according to an optimization result.
9. The operation and maintenance management method for enterprise information security according to claim 1, wherein after generating the comprehensive operation and maintenance management policy in step 3, the method further comprises:
editing an operation and maintenance management script based on the comprehensive operation and maintenance management strategy, and arranging in a preset container based on the operation and maintenance management script to obtain a target container;
acquiring an enterprise identifier of the target enterprise, and adding a container engine into the target container according to the enterprise identifier;
determining a container mirror image downloading request according to the container engine, and sending the container mirror image downloading request to a target mirror image warehouse, wherein the container mirror image downloading request comprises a mirror image identifier;
matching in the target mirror repository based on the mirror identification, and determining the container mirror based on a matching result;
acquiring metadata of the container mirror image, and determining a hash value of a layer file in the container mirror image;
determining a download node for downloading the container mirror image based on the metadata of the container mirror image and the hash value of the layer file in the container mirror image;
compressing the mirror image file of the container mirror image, generating a container mirror image data packet, and storing the download node into the container mirror image data packet;
sending the container mirror image data packet to an enterprise client of the target enterprise;
decompressing the container mirror image data packet based on the enterprise client, and downloading and installing the container mirror image based on the downloading node.
10. The operation and maintenance management method for enterprise information security according to claim 1, wherein the operation and maintenance management for enterprise information security in step 3 includes:
determining an operation and maintenance management instruction based on the comprehensive operation and maintenance management strategy, and performing operation and maintenance management on the enterprise platform of the target enterprise based on the operation and maintenance management instruction;
acquiring operation and maintenance management data, and monitoring the operation and maintenance management data based on the preset rule;
and when the operation and maintenance management data do not accord with the preset rule, generating an alarm instruction, and simultaneously carrying out alarm operation based on the alarm instruction.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210226569.4A CN114338407B (en) | 2022-03-09 | 2022-03-09 | Operation and maintenance management method for enterprise information security |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210226569.4A CN114338407B (en) | 2022-03-09 | 2022-03-09 | Operation and maintenance management method for enterprise information security |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114338407A true CN114338407A (en) | 2022-04-12 |
| CN114338407B CN114338407B (en) | 2022-05-27 |
Family
ID=81033874
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210226569.4A Active CN114338407B (en) | 2022-03-09 | 2022-03-09 | Operation and maintenance management method for enterprise information security |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114338407B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116708157A (en) * | 2023-08-07 | 2023-09-05 | 北京鹰速光电科技有限公司 | Computer security operation and maintenance service system |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20160012360A1 (en) * | 2014-07-08 | 2016-01-14 | Tata Consultancy Services Limited | Assessing an information security governance of an enterprise |
| CN105391687A (en) * | 2015-10-13 | 2016-03-09 | 南京联成科技发展有限公司 | System and method for supplying information security operation service to medium-sized and small enterprises |
| CN107547228A (en) * | 2016-06-29 | 2018-01-05 | 南京联成科技发展股份有限公司 | A kind of safe operation management platform based on big data realizes framework |
| US20180375892A1 (en) * | 2017-06-23 | 2018-12-27 | Ido Ganor | Enterprise cyber security risk management and resource planning |
| CN113158149A (en) * | 2021-05-19 | 2021-07-23 | 深圳前海微众银行股份有限公司 | Method and device for processing operation authority |
| WO2021203979A1 (en) * | 2020-11-16 | 2021-10-14 | 平安科技(深圳)有限公司 | Operation and maintenance processing method and apparatus, and computer device |
-
2022
- 2022-03-09 CN CN202210226569.4A patent/CN114338407B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20160012360A1 (en) * | 2014-07-08 | 2016-01-14 | Tata Consultancy Services Limited | Assessing an information security governance of an enterprise |
| CN105391687A (en) * | 2015-10-13 | 2016-03-09 | 南京联成科技发展有限公司 | System and method for supplying information security operation service to medium-sized and small enterprises |
| CN107547228A (en) * | 2016-06-29 | 2018-01-05 | 南京联成科技发展股份有限公司 | A kind of safe operation management platform based on big data realizes framework |
| US20180375892A1 (en) * | 2017-06-23 | 2018-12-27 | Ido Ganor | Enterprise cyber security risk management and resource planning |
| WO2021203979A1 (en) * | 2020-11-16 | 2021-10-14 | 平安科技(深圳)有限公司 | Operation and maintenance processing method and apparatus, and computer device |
| CN113158149A (en) * | 2021-05-19 | 2021-07-23 | 深圳前海微众银行股份有限公司 | Method and device for processing operation authority |
Non-Patent Citations (4)
| Title |
|---|
| 范向军: ""企业共性的八大信息防泄漏手段"", 《电子世界》 * |
| 范向军: ""企业共性的八大信息防泄漏手段"", 《电子世界》, 30 October 2013 (2013-10-30), pages 104 * |
| 谭祖清 等: ""IP-guard在苏20区块计算机管理中的应用效果评价"", 《信息系统工程》 * |
| 谭祖清 等: ""IP-guard在苏20区块计算机管理中的应用效果评价"", 《信息系统工程》, 20 July 2014 (2014-07-20) * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116708157A (en) * | 2023-08-07 | 2023-09-05 | 北京鹰速光电科技有限公司 | Computer security operation and maintenance service system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114338407B (en) | 2022-05-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10878102B2 (en) | Risk scores for entities | |
| CN107577939B (en) | Data leakage prevention method based on keyword technology | |
| US9672355B2 (en) | Automated behavioral and static analysis using an instrumented sandbox and machine learning classification for mobile security | |
| US9106681B2 (en) | Reputation of network address | |
| US20140172495A1 (en) | System and method for automated brand protection | |
| CN112560046A (en) | Method and device for evaluating service data security index | |
| CN114338407B (en) | Operation and maintenance management method for enterprise information security | |
| Berdibayev et al. | A concept of the architecture and creation for siem system in critical infrastructure | |
| CN109388949B (en) | Data security centralized management and control method and system | |
| CN117478433B (en) | Network and information security dynamic early warning system | |
| Chang et al. | A framework for estimating privacy risk scores of mobile apps | |
| CN116702229B (en) | Safety house information safety control method and system | |
| CN115730320A (en) | Security level determination method, device, equipment and storage medium | |
| Feng et al. | Defense-in-depth security strategy in LOG4J vulnerability analysis | |
| McAuliffe et al. | Is your computer being misused? A survey of current intrusion detection system technology | |
| CN117708880A (en) | Intelligent security processing method and system for banking data | |
| CN115600201A (en) | User account information safety processing method for power grid system software | |
| Moharamkhani et al. | Intrusion detection system based firefly algorithm‐random forest for cloud computing | |
| Kim et al. | A study on analyzing risk scenarios about vulnerabilities of security monitoring system: focused on information leakage by insider | |
| Adharsh et al. | Prevention of Data Breach by Machine Learning Techniques | |
| Gheorghică et al. | A new framework for enhanced measurable cybersecurity in computer networks | |
| Yang et al. | Network Security Risk Assessment Based on Enterprise Environment Characteristics | |
| Seppänen | Methods for Managed Deployment of User Behavior Analytics to SIEM product | |
| Pratap Singh et al. | Real-Time Security Monitoring System Using Applications Log Data | |
| US20220272111A1 (en) | Cloud-platform push for known data breaches |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |