CN114362979B - Method and system for managing application - Google Patents
Method and system for managing application Download PDFInfo
- Publication number
- CN114362979B CN114362979B CN202011037068.9A CN202011037068A CN114362979B CN 114362979 B CN114362979 B CN 114362979B CN 202011037068 A CN202011037068 A CN 202011037068A CN 114362979 B CN114362979 B CN 114362979B
- Authority
- CN
- China
- Prior art keywords
- network security
- requirement
- application
- reply
- list
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 34
- 238000011156 evaluation Methods 0.000 claims abstract description 47
- 230000004044 response Effects 0.000 claims abstract description 9
- 238000012546 transfer Methods 0.000 claims description 20
- 230000005540 biological transmission Effects 0.000 claims description 18
- 238000012549 training Methods 0.000 claims description 3
- 238000000605 extraction Methods 0.000 claims 2
- 238000007726 management method Methods 0.000 description 29
- 235000010957 calcium stearoyl-2-lactylate Nutrition 0.000 description 17
- 238000010586 diagram Methods 0.000 description 9
- 238000004891 communication Methods 0.000 description 5
- 238000004458 analytical method Methods 0.000 description 4
- 238000013500 data storage Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 3
- 238000012423 maintenance Methods 0.000 description 3
- 230000003287 optical effect Effects 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 230000001105 regulatory effect Effects 0.000 description 3
- 238000012550 audit Methods 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 238000010295 mobile communication Methods 0.000 description 2
- 239000007787 solid Substances 0.000 description 2
- 238000013459 approach Methods 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000010267 cellular communication Effects 0.000 description 1
- 230000005611 electricity Effects 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 230000036541 health Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 238000013439 planning Methods 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 239000000126 substance Substances 0.000 description 1
- 230000002123 temporal effect Effects 0.000 description 1
- 238000010200 validation analysis Methods 0.000 description 1
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The present disclosure provides a method and system for managing applications implemented by a computer. The method comprises the following steps: receiving a request of a user for an identifier of a new application; sending a notification containing the request to a network security assessment system; in response to receiving the notification, sending a feedback message to the user, the feedback message including a link for linking to a network security requirement assessment questionnaire; receiving a response of the user to the network security requirement assessment questionnaire; determining that the application is a web security related application based on a user's answer to a web security requirement evaluation questionnaire and evaluating one or more web security requirement values of the application based on a set of predefined web security rules; selecting one or more network security task creation templates from a plurality of network security task creation templates according to the one or more network security requirement values; and creating a network security related task using the selected one or more network security task creation templates.
Description
Technical Field
The present disclosure relates to software development technology, and more particularly, to a method, apparatus, and computer storage medium for managing applications using the internet and software development technology.
Background
The latest "network security laws of the people's republic of China" (hereinafter referred to as "network security laws" or CSL) clearly prescribes aspects such as network operators, personal information protection, data cross-border transmission, key information infrastructures and the like. Manufacturing enterprises in modern society, especially across countries, often also take the role of network operators and must therefore comply with the relevant regulations of the "network security laws".
Large, nationwide enterprises often have many different departments belonging to different areas, within which there are various types of projects, applications, products, infrastructure, etc., each of which complies with different standards during development, maintenance, or operation. It is necessary for the respective products, projects, applications, etc. of these different departments to follow the same standard in order to meet the requirements of the network security law. However, conventional approaches have difficulty in planning, implementing, auditing, tracking, maintenance, etc. for applications or projects, etc.
Accordingly, there is a need for a method and system for efficiently managing applications by technical means.
Disclosure of Invention
The present disclosure provides a novel method and system for managing applications.
According to a first aspect of the present disclosure, there is provided a computer-implemented method of managing items, comprising: receiving, by the management system, a request by a user for an identifier of the new item that is related to the network security attribute; responsive to receiving the request, sending, by the management system, a notification containing the request to the network security assessment system; in response to receiving the notification, sending, by the network security assessment system, a feedback message to the user, the feedback message including a link for linking to a network security requirement assessment questionnaire; receiving, by the network security assessment system, a reply to the network security requirement assessment questionnaire from the user; determining, by the network security assessment system, that the application is a network security related application in accordance with a user's answer to a network security requirement assessment questionnaire, and assessing one or more network security requirement values of the item based on a set of predefined network security rules; selecting one or more network security task creation templates from a plurality of network security task creation templates by a network security assessment system according to the one or more network security requirement values, and sending the one or more network security task creation templates to a project management system; and creating a network security related task in the project management system using the selected one or more network security task creation templates.
According to a second aspect of the present disclosure, there is provided a system for managing items implemented by a computer, comprising: a terminal device configured to receive a request from a user for an identifier of a new item; a management system configured to receive a request for an identifier of a new item by a user transmitted by a terminal device through a network, and transmit a notification containing the request to a network security assessment system; a network security assessment system configured to send a feedback message to the terminal device in response to receiving the notification, the feedback message including a link for linking to a network security requirement assessment questionnaire, the network security assessment system being further configured to receive a user's reply to the network security requirement assessment questionnaire and to determine that the application is a network security-related application from the user's reply to the network security requirement assessment questionnaire and to assess one or more network security requirement values of the item based on a set of predefined network security rules; a project management system configured to receive the selected one or more network security task creation templates from the network security assessment system and to create network security related tasks using the one or more network security task creation templates.
According to a third aspect of the present disclosure, there is provided a computer system comprising: at least one processor; and at least one non-transitory computer-readable medium having stored thereon computer-executable instructions that, when executed by the at least one processor, cause the at least one processor to perform the aforementioned method.
According to a fourth aspect of the present disclosure, there is provided a non-transitory computer-readable medium having stored thereon computer-executable instructions that, when executed by one or more computing devices, cause the one or more computing devices to perform the aforementioned method.
Other features of the present invention and its advantages will become more apparent from the following detailed description of exemplary embodiments of the invention, which proceeds with reference to the accompanying drawings.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments of the disclosure and together with the description, serve to explain the principles of the disclosure.
The disclosure may be more clearly understood from the following detailed description taken in conjunction with the accompanying drawings in which:
fig. 1 shows a flowchart of a system for managing applications according to an exemplary embodiment of the present invention.
Fig. 2 shows a flowchart of a method of managing an application according to an exemplary embodiment of the present invention.
FIG. 3 illustrates a flow chart of one or more network security requirement values of an evaluation application in accordance with an exemplary embodiment of the present invention.
Fig. 4 shows a schematic diagram of a list of network security applications according to an exemplary embodiment of the invention.
Fig. 5 shows a schematic diagram of a security page for each network security application according to an exemplary embodiment of the present invention.
Fig. 6A and 6B are diagrams illustrating a user interface for accessing various listings through a navigation page according to one example embodiment of the present invention.
FIG. 7 illustrates a schematic diagram of a user interface for managing a product library page for a product according to an exemplary embodiment of the present invention.
FIG. 8 illustrates an exemplary configuration of a computing device in which embodiments according to the invention may be implemented.
Detailed Description
Preferred embodiments of the present invention will be described in detail below with reference to the accompanying drawings. Details and functions not necessary for the invention are omitted so as not to obscure the understanding of the present invention.
Note that like reference numerals and letters refer to like items in the figures, and thus once an item is defined in one figure, it is not necessary to discuss it in subsequent figures.
In this disclosure, the terms "first," "second," and the like are used merely to distinguish between elements or steps and are not intended to indicate a temporal order, priority, or importance.
The invention uses the internet technology to audit, track and maintain the application, especially audit the implementation degree of the requirements of the network security law, and maintain the information related to the application, thereby conveniently and efficiently managing all the applications in the enterprise. It should be appreciated that the application is described herein as an example, and those skilled in the art will appreciate that the inventive concepts are not limited to applications, but may be applied to products, services, items, etc.
Fig. 1 shows a flowchart of a system for managing applications according to an exemplary embodiment of the present invention.
As shown in fig. 1, the system includes a terminal device 101, a network 102, a management system 103, a network security assessment system 104, a project management system 105, and a database 106. When the user 100 wants to start a new item or product or application, a request for applying for a new application is entered at the terminal device 101, the request comprising a request for assigning an Identifier (ID) to the application. The request is sent to the management system 103 via the wired or wireless network 102. Upon receiving the request, the management system 103 transmits a notification containing the request to the network security assessment system 104. Upon receiving the notification, the network security assessment system 104 sends a feedback message to the user 100 including a link to a network security requirement assessment questionnaire. The user 100 replies to the network security requirement assessment questionnaire through the terminal device 101, and then transmits the reply to the network security assessment system 104 through the network 102. Upon receiving a reply from the user to the network security requirement assessment questionnaire, the network security assessment system 104 determines from the reply whether the application is a network security-related application. If the application is one that is involved in network security, a further network security assessment is made. Specifically, the network security assessment system 104 assesses one or more network security requirement values of the application based on a set of predefined network security rules stored in the database 105.
The network security assessment system 104 may issue the assessment results and the assigned IDs to the user 100. In addition, the management system 103 generates an information page for each application for maintaining information associated with each application. The management system 103 may automatically update information of a web security-related page among the information pages according to the evaluation result. In addition, the network security assessment system 104 may pre-store a plurality of network security task creation templates in a database. The network security assessment system 104 selects one or more network security task creation templates from the plurality of network security task creation templates according to the assessment results, and sends the selected one or more network security task creation templates to the project management system 105 via the network 102. A user or developer creates a template in the project management system 105 using the selected one or more network security tasks to create network security related tasks.
The set of predefined network security rules herein may include Network Operator (NO) requirements, network security level protection system (MLPS) requirements, personally Identifiable Information (PII) requirements, data cross-border transport (CB) requirements, critical Information Infrastructure (CII) requirements, and the like. NO requirements refer to general requirements of the network operator, such as the scope of network operation, website level, ICP registration, etc. The MLPS requirements refer to requirements for cloud computing, industrial control systems, mobile communication, internet of things, and the like to establish a network security level protection scheme to protect network security, and the like. PII requirements refer to requirements related to protecting user information. The data cross-border transmission requirement refers to a condition that an enterprise needs to satisfy when transmitting personal information and important data collected and generated in operation within china to the outside. CII requirements refer to requirements related to national regulatory critical information infrastructure (e.g., energy, finance, etc.).
Specifically, the "network security laws" specify explicitly the network operators, personal information protection, data cross-border transmission, and critical information infrastructure. In addition, there are other laws and regulations, industry standards, etc. in terms of network security. The inventors have collected these laws, regulations, industry standards, etc. in advance and stored the collected information in database 105 for maintenance. For example, a legal, regulatory, or industry standard may be represented in the database for each entry, each entry including a name, type, date of validation, which aspect of the network security law is associated (e.g., NO-related, PII-related), etc., to facilitate database searching and structuring.
Then, based on the established legal library, a questionnaire and various checklists related to network security are created, and the questionnaire and checklists are also stored in the database 106. The questionnaire is used to issue a user fill out, and then the network security assessment system 104 gives an assessment result by comparing with the checklist based on the content filled out by the user. Examples of checklists include NO requirement list, MLPS requirement list, PII requirement list, data cross-border (CB) requirement list, CII requirement list. It should be understood that these lists are merely examples and that one skilled in the art may add other lists or combine some lists. For example, there may also be a mobile application requirements list or a personal financial information requirements list, etc. Comparing the user filling results with the manifest may be done by text recognition or recognition of predetermined fields and semantic analysis. Based on the feedback of the questionnaire and the checklist, instructions for network security assessment and rectification are generated. These instructions specify how the enterprise should adjust for each product and behavior to ensure compliance with network security laws, such as web site and mobile APP registration, PII privacy protocols, transport encryption, and the like. The following will describe in detail.
Fig. 2 shows a flowchart of a method of managing items according to an exemplary embodiment of the present invention.
In step S201, the system receives a request from the user 100 for an identifier of a new application. Specifically, the user inputs a request for applying a new application at the terminal device 101, the request including a request for assigning an Identifier (ID) to the application. The request is received by the management system 103 via the wired or wireless network 102.
In step S202, the system sends a notification containing the request. Specifically, upon receiving the request, the management system 103 transmits a notification containing the request to the network security assessment system 104. The notification may be sent to the network security assessment system 104 via email. It should be noted that email is only one example manner, and those skilled in the art will also appreciate that users of the network security assessment system 104 may be notified by other means.
In step S203, the system sends a feedback message to the user in response to receiving the notification, the feedback message containing a link that can be linked to the network security requirement assessment questionnaire. Specifically, the network security assessment system 104, upon receiving the notification, sends a feedback message to the mailbox account of the user 100.
In step S204, the system receives a user' S answer to the network security requirement assessment questionnaire. Specifically, the user 100 replies to the network security requirement assessment questionnaire through the terminal device 101, and then receives the reply by the network security assessment system 104 through the network 102.
In step S205, the system determines whether the application is an application related to network security according to the user' S answer to the network security requirement evaluation questionnaire. If the application is an application that involves network security, one or more network security requirement values of the item are evaluated based on a set of predefined network security rules. Specifically, network security assessment system 104, upon receiving the user's reply, assesses one or more network security requirement values for the item based on a set of predefined network security rules stored in database 106 in accordance with the reply. A specific evaluation flow will be described in detail later with reference to fig. 3.
In step S206, the network security assessment system 104 selects one or more network security task creation templates from the plurality of network security task creation templates according to the one or more network security requirement values obtained by the previous assessment, and transmits the one or more network security task creation templates to the project management system 105.
In step S207, the user or developer creates a template in the project management system 105 using the selected one or more network security tasks, creating tasks related to network security. The network security related tasks may be sent to the relevant personnel responsible for network security for operation and monitoring. For example, these network security measure related tasks will be distributed to development and operation teams of applications and infrastructure to implement deployment to achieve the goals of network security compliance in complex application systems and data environments for large enterprises.
Furthermore, although not shown in fig. 2, the method of the present invention also includes some additional steps. For example, the network security assessment system 104 may send the results of the assessment and the assigned ID to the user 100. The management system 103 may automatically update information of a web security-related page among information pages for an application according to the evaluation result. Further, the network security assessment system 104 may generate instructions for network security assessment and rectification based on the feedback of the questionnaire and checklist.
FIG. 3 illustrates a flow chart of evaluating one or more network security requirement values of an item according to an exemplary embodiment of the invention.
As shown in fig. 3, after the system receives a user' S answer to the network security requirement assessment questionnaire in step S204, it is determined in step 300 that the application is a network security related application. If it is determined that the application is a network security related application, then the process of further evaluating one or more network security requirement values of the application continues.
Specifically, in step S301, the network security evaluation system 104 evaluates the network operator demand value by comparing the NO-demand-related reply among the replies with the NO-demand list. As previously mentioned, NO requirements relate to general requirements of the network operator, such as the scope of network operation, website level, ICP registration, etc.
In step S302, the network security evaluation system 104 evaluates the MLPS requirement value by comparing the reply related to the MLPS requirement among the replies with the MLPS requirement list. As previously mentioned, MLPS requirements relate to requirements for cloud computing, industrial control systems, mobile communications, internet of things, etc. to establish network security protection schemes to protect network security. Thus, this step may first perform an MLPS rating on the item, which may be classified into L1, L2, and L3 according to the importance of the item. The MLPS requirement values are then evaluated according to the MLPS requirement list of the respective levels.
In step S303, the network security evaluation system 104 determines whether the item relates to Personally Identifiable Information (PII) through the reply. Personal identifiable information such as personal basic information of name, date of birth, sex, etc.; personal identity information such as an identity card number, a passport number and the like; personal health physiological information; personal property information, and the like.
If the item relates to PII, it is further determined in step S306 whether the item relates to other network security related aspects by comparing the reply associated with personally identifiable information in the reply to the personal information security manifest.
For example, it is determined in step S306 that the item relates to a mobile application or financial personal information. If the item relates to mobile application or financial personal data, the personally identifiable information requirement value is evaluated in step S308 by comparing the answer associated with the mobile application or financial personal data in the answer to a mobile application evaluation list or personal financial information security list, respectively.
On the other hand, after comparing the answer related to the personally identifiable information among the answers with the personal information security manifest in step S306, it may be judged in step S309 whether the item involves cross-border data transfer or not through the answer. For example, foreign operators access systems within China containing personal information of suppliers, user data collected during operation within China is sent to foreign interface systems, etc.
If cross-border data transfer is involved, the cross-border data transfer requirement value is evaluated in step S310 by comparing the answer in the answer that is related to transfer of personally identifiable information with a data cross-border transfer evaluation list.
In step S304, the network security assessment system 104 determines from the reply whether the item relates to important data, such as whether the data relates to electricity, communication, electronic information, chemical industry, geographical information, financial information, electronic commerce, or the like.
If the item relates to important data, it is also determined in step S309 if the item relates to cross-border data transfer. If cross-border data transfer is involved, the cross-border data transfer requirement value is also evaluated in step S310 by comparing the answer related to transfer of important data in the answer with the data cross-border transfer evaluation list.
In step S305, the network security assessment system 104 determines whether the item relates to a critical information infrastructure through the reply. As previously mentioned, CII requirements refer to requirements related to national regulatory critical information infrastructure (e.g., energy, finance, etc.).
If the item relates to a key information infrastructure, a key information infrastructure requirement value is evaluated by comparing a reply related to the key information infrastructure among the replies with a key information infrastructure evaluation list in step S311.
The above comparison of the user's questionnaire answer results with the respective listings may be performed by text recognition and analysis or recognition and analysis techniques of predetermined fields. For example, when using text recognition techniques, the user's questionnaire answers may be text recognized and compared one by one for each check item in the manifest. For example, for the checking item related to the identification card number, the question and the answer related to the identification card number in the questionnaire answer of the user are identified, and then whether the identification card number, namely the personally identifiable information question is related is determined.
Identification and analysis techniques of the predetermined fields may also be used. The network security assessment system 104 knows in advance which aspects of network security each question of the questionnaire issued to the user may be related to, and thus can identify one by one of the user's replies to each question, and based on the reply results, match the relevant check items of the respective listings.
It will be appreciated that the execution of the comparison step may not be limited to the above-described manner, but may take other forms. For example, the questionnaire and the evaluation list may be further structured in a database storage and lookup manner to facilitate lookup and comparison.
For some items, the evaluation result may be a binary result such as yes or no, 1 or 0, e.g. whether PII is involved, yes is involved, and no is not involved. But for some other items the evaluation result may also be a value representing a level, e.g. L1, L2, etc. The evaluation result may also be a combination of a binary value and a value representing a grade, such as yes-L1, etc. The person skilled in the art can set different evaluation result values according to the actual situation.
For applications involving network security, the items may be archived in a list of network security applications to facilitate user tracking, supervision, and management of the applications. The list of network security applications may have been previously created and maintained by the user or may have been newly created.
Fig. 4 shows a schematic diagram of a user interface of a list of network security applications according to an exemplary embodiment of the invention. The column diagram of fig. 4 shows two entries, each representing an application related to network security, each including an item ID, name, principal, ownership type, and one or more network security assessment values. For example, the item with the ID APP-00001, named XXX, is responsible for XYZ, and represents whether the evaluation value related to CSL is YES, whether the evaluation value related to MLPS access is YES, the evaluation value related to MLPS grade is YES-L1, and whether the evaluation value related to CSL access is YES. It should be noted that the list shown in fig. 4 is only one exemplary example, and that one skilled in the art could display list entries comprising different display elements in accordance with the inventive concepts.
As shown in fig. 4, the list may be searched and selectively displayed by selection of a particular item. For example, a department name may be entered in a blank box representing the APP department, such that the display interface displays all CSL-related items for that department. By maintaining such a list of CSLs involved and configuring tools for searching, it may be possible for an administrator to intuitively and efficiently track, supervise, and manage all items within an enterprise.
The management system or management system 103 or network security assessment system 104 is also configured with a dedicated network security related page for each application, as shown in fig. 5. Fig. 5 is a schematic diagram illustrating a security page of a network security application according to an exemplary embodiment of the present invention. As shown in fig. 5, for each application, the system is configured with a management page that includes a plurality of sub-pages, such as a product structure (Product Structure), and the like. The management page also comprises, inter alia, a Security page (Security) containing a plurality of tags and corresponding blank fields identifying problems associated with network Security. For example, the security page in fig. 5 includes an "Involve CSL" (related to CSL) tag, a "Involve Personal Identifiable Information" (related to personally identifiable information) tag, and the like. And a blank box is arranged below each label and is used for inputting corresponding information by a user or automatically filling related information according to a user answer to a questionnaire or a network security evaluation result. By providing each item with a management page containing a security page, it is possible for the manager and the author of the item to update the information of the item and thus track, monitor and manage the item.
The management system or management system 103 or network security assessment system 104 may also provide specialized navigation pages for facilitating user lookup of network security related content, such as the various checklists described above. Fig. 6A and 6B are diagrams illustrating a user interface for accessing various listings through a navigation page according to one example embodiment of the present invention. Fig. 6A shows a navigation page. As shown in fig. 6A, the navigation page may include a home page and a page tree including a plurality of sub-pages. The home PAGE may include clickable interface elements that may be entered into the plurality of sub-PAGEs, as shown by the plurality of clickable items under PAGE TREE on the left side of fig. 6A. The plurality of sub-pages may include at least a page (CSL Legislation and Standard) regarding network security laws and standards, a page (CSL Instruction and Check List) of network security related listings, a page of network security Training (CSL Training), and a page of application registration (APP Registration for CSL homepage), etc.
FIG. 6B illustrates a clearing page displayed by clicking on an interface element of the relevant manifest on the navigation page. The page lists checklists of various fields and categories relating to network security, including the NO list (i.e., CSL generic requirements list), MLPS evaluation list, personal information security list, APP PI collection evaluation list, personal financial information security list, data cross-border transmission evaluation list, CII evaluation list, etc., as described previously. By providing specialized navigation pages to manage content related to network security, a user may be enabled to conveniently find and understand relevant laws, enterprise regulations, and operational procedures, among others.
The management system or management system 103 or network security assessment system 104 may also add CSL-related control points to the enterprise internal control system to enable product developers to fulfill CSL requirements in products and services. FIG. 7 illustrates a schematic diagram of a user interface for managing a product library page for a product according to an exemplary embodiment of the present invention. As shown in FIG. 7, the internal control system may include multiple hierarchical pages, for example, a first level page may be IT Governac & Security Repository and a second level page may be Guiding Principles, … … Product device, etc. Product device is a Product library page for managing products. The third layer page under the Product device page may include a Compliance manual (compliance manual) page. The CSL checklist may be inserted under page Compliance manual as a fourth layer page. By clicking on a clickable element on the display page, the user may enter the manifest page. Also similar to that shown in fig. 6B, the checklist page lists checklists for various areas and categories relating to network security, including the NO checklist (i.e., CSL general requirements checklist), MLPS evaluation checklist, personal information security checklist, APP PI collection evaluation checklist, personal financial information security checklist, data cross-border transmission evaluation checklist, CII evaluation checklist, etc., as previously described. By setting corresponding CSL control points in the internal control system, it is ensured that the user or product developer is able to follow the corresponding regulations.
FIG. 8 illustrates an exemplary configuration of a computer system in which embodiments according to the invention may be implemented. Computer system 800 is an example of a hardware device in which the above aspects of the invention may be applied. Computer system 800 may be any machine configured to perform processes and/or calculations. The computer system 800 may be, but is not limited to, a workstation, a system, a desktop computer, a laptop computer, a tablet computer, a Personal Data Assistant (PDA), a smart phone, an in-vehicle computer, or a combination thereof.
As shown in fig. 8, computer system 800 may include one or more elements that may be connected to or in communication with bus 802 via one or more interfaces. Bus 802 may include, but is not limited to, an industry standard architecture (Industry Standard Architecture, ISA) bus, a micro channel architecture (Micro Channel Architecture, MCA) bus, an Enhanced ISA (EISA) bus, a Video Electronics Standards Association (VESA) local bus, and a Peripheral Component Interconnect (PCI) bus, among others. Computer system 800 may include, for example, one or more processors 804, one or more input devices 806, and one or more output devices 808. The one or more processors 804 may be any kind of processor and may include, but is not limited to, one or more general purpose processors or special purpose processors (such as special purpose processing chips). Input device 806 may be any type of input device capable of inputting information to a computing device and may include, but is not limited to, a mouse, keyboard, touch screen, microphone, and/or remote controller. Output device 808 may be any type of device capable of presenting information and may include, but is not limited to, a display, speakers, video/audio output terminals, vibrators, and/or printers.
The computer system 800 may also include or be connected to a non-transitory storage device 814, which non-transitory storage device 814 may be any storage device that is non-transitory and that may enable data storage, and may include, but is not limited to, disk drives, optical storage devices, solid state memory, floppy diskettes, flexible disks, hard disks, magnetic tape, or any other magnetic medium, compact disk or any other optical medium, cache memory, and/or any other memory chip or module, and/or any other medium from which a computer may read data, instructions, and/or code. Computer system 800 may also include Random Access Memory (RAM) 810 and Read Only Memory (ROM) 812. The ROM 812 may store programs, utilities or processes to be executed in a non-volatile manner. RAM 810 may provide volatile data storage and stores instructions related to the operation of computer system 800. Computer system 800 may also include a network/bus interface 816 coupled to a data link 818. The network/bus interface 816 may be any kind of device or system capable of enabling communication with external apparatuses and/or networks and may include, but is not limited to, modems, network cards, infrared communication devices, wireless communication devices, and/or chipsets (such as bluetooth) TM Devices, 1302.11 devices, wiFi devices, wiMax devices, cellular communication facilities, etc.).
The various aspects, embodiments, implementations, or features of the foregoing embodiments may be used singly or in any combination. The various aspects of the foregoing embodiments may be implemented by software, hardware, or a combination of hardware and software.
For example, the foregoing embodiments may be embodied as computer readable code on a computer readable medium. The computer readable medium is any data storage device that can store data which can thereafter be read by a computer system. Examples of a computer readable medium include read-only memory, random-access memory, CD-ROMs, DVDs, magnetic tape, hard drives, solid state drives, and optical data storage devices. The computer readable medium can also be distributed over network coupled computer systems so that the computer readable code is stored and executed in a distributed fashion.
While certain specific embodiments of the invention have been illustrated in detail by way of example, it will be appreciated by those skilled in the art that the foregoing examples are intended to be illustrative only and not to limit the scope of the invention. It should be appreciated that some of the steps in the foregoing methods are not necessarily performed in the order illustrated, but they may be performed simultaneously, in a different order, or in an overlapping manner. Furthermore, one skilled in the art may add some steps or omit some steps as desired. Some of the components in the foregoing systems are not necessarily arranged as shown, and one skilled in the art may add some components or omit some components as desired. It will be appreciated by those skilled in the art that changes could be made to the embodiments described above without departing from the scope and spirit of the invention. The scope of the invention is defined by the appended claims.
Claims (18)
1. A computer-implemented method of managing an application, comprising:
receiving, by the management system, a request for an identifier of the new application sent by the user via the terminal device;
responsive to receiving the request, sending, by the management system, a notification containing the request to the network security assessment system;
in response to receiving the notification, sending, by the network security assessment system, a feedback message to the user, the feedback message including a link for linking to a network security requirement assessment questionnaire;
receiving, by the network security assessment system, a reply to the network security requirement assessment questionnaire from the user;
determining, by a network security assessment system, that the application is a network security related application in accordance with a user's answer to a network security requirement assessment questionnaire, and assessing one or more network security requirement values of the application based on a set of predefined network security rules;
selecting one or more network security task creation templates from a plurality of network security task creation templates by a network security assessment system according to the one or more network security requirement values, and sending the one or more network security task creation templates to a project management system; and
creating a network security related task in the project management system using the selected one or more network security task creation templates.
2. The method of claim 1, wherein the set of predefined network security rules includes network operator requirements, network security level protection system requirements, personally identifiable information requirements, data cross-border transmission requirements, critical information infrastructure requirements.
3. The method of claim 2, wherein the one or more network security requirement values comprise a network operator requirement evaluation value, a network security level protection system requirement evaluation value, a personally identifiable information requirement evaluation value, a data cross-border transmission requirement evaluation value, a critical information infrastructure requirement evaluation value, the evaluating the one or more network security requirement values of the application comprising:
evaluating a network operator requirement evaluation value by comparing a reply related to a network operator requirement among the replies with a network operator requirement list;
evaluating a network security level protection system requirement evaluation value by comparing a reply related to a network security level protection system requirement among the replies with a network security level protection system requirement list;
judging whether the application relates to a key information infrastructure or not through the reply; and
if the application is related to a critical information infrastructure, a critical information infrastructure requirement assessment value is assessed by comparing a reply related to the critical information infrastructure in the replies to a critical information infrastructure requirement list.
4. The method of claim 3, wherein said evaluating the network security requirement value of the application further comprises:
judging whether the application relates to personally identifiable information through the reply;
if the application relates to personally identifiable information, then:
determining whether the application relates to a mobile application or financial personal information by comparing a reply associated with personally identifiable information in the replies to a personally identifiable information requirements list;
if the application relates to a mobile application or financial personal information, evaluating a personally identifiable information requirement assessment value by comparing a reply associated with the mobile application or financial personal information in the reply to a mobile application requirement list or financial personal information requirement list, respectively;
determining whether the application involves cross-border data transfer by comparing ones of the replies that are related to personally identifiable information with a personally identifiable information requirements list; and
if the application involves cross-border data transfer, evaluating the evaluation cross-border data transfer requirement value by comparing a reply associated with the data cross-border transfer of the replies to the data cross-border transfer requirement list.
5. The method of claim 4, wherein said evaluating the network security requirement value of the application further comprises:
judging whether the application relates to specific data or not through the reply;
if the application relates to specific data, judging whether the specific data relates to data cross-border transmission or not; and
if the particular data relates to data cross-border transmission, a data cross-border transmission requirement assessment value is assessed by comparing a reply associated with the data cross-border transmission in the reply to a data cross-border transmission requirement list.
6. A method according to any one of claims 3 to 5, wherein the step of comparing is performed by text recognition of the reply or extraction and recognition of a predetermined field in the reply.
7. The method of claim 1, further comprising:
a page for maintaining the application is generated by the management system, the page comprising a security sub-page containing a plurality of tags identifying issues related to network security and corresponding fillable fields, wherein the fillable fields are automatically filled in according to the one or more network security requirement values.
8. The method of any of claims 3 to 5, further comprising:
the applications are archived in a list of network security applications, where the list includes respective names, identifiers, responsible person information, and one or more network security requirement values for one or more network security related applications.
9. The method of claim 5, wherein the network security requirement assessment questionnaire and each manifest are created based on a database storing laws and regulations relating to network security.
10. The method of claim 9, wherein each manifest is accessible through a respective link on a navigation page, the navigation page comprising a home page and a plurality of sub-pages, the home page comprising clickable interface elements accessible to the plurality of sub-pages, the plurality of sub-pages comprising pages for web security laws and standards, web security related manifests, web security training and application registration.
11. The method of claim 9, wherein links for accessing the respective listings are provided in a product library page for managing products.
12. A system for managing applications implemented by a computer, comprising:
a terminal device configured to receive a request from a user for an identifier of a new application;
a management system configured to receive a request for an identifier of a new application by a user transmitted by a terminal device through a network, and to transmit a notification containing the request to a network security assessment system;
a network security assessment system configured to:
in response to receiving the notification, sending a feedback message to the terminal device, wherein the feedback message comprises a link for linking to a network security requirement assessment questionnaire;
receiving a response of the user to the network security requirement assessment questionnaire, and determining that the application is an application related to network security according to the response of the user to the network security requirement assessment questionnaire;
evaluating one or more network security requirement values of the application based on a set of predefined network security rules; and
selecting one or more network security task creation templates from a plurality of network security task creation templates according to the one or more network security requirement values; and a project management system configured to receive the selected one or more network security task creation templates from the network security assessment system and to create network security related tasks using the one or more network security task creation templates.
13. The system of claim 12, wherein the one or more network security requirement values comprise a network operator requirement evaluation value, a network security level protection system requirement evaluation value, a personally identifiable information requirement evaluation value, a data cross-border transmission requirement evaluation value, a critical information infrastructure requirement evaluation value, the evaluating the one or more network security requirement values of the application comprising:
evaluating a network operator requirement evaluation value by comparing a reply related to a network operator requirement among the replies with a network operator requirement list;
evaluating a network security level protection system requirement evaluation value by comparing a reply related to a network security level protection system requirement among the replies with a network security level protection system requirement list;
judging whether the application relates to a key information infrastructure or not through the reply;
if the application involves a critical information infrastructure, evaluating a critical information infrastructure requirement assessment value by comparing a reply related to the critical information infrastructure in the replies to a critical information infrastructure requirement list;
judging whether the application relates to personally identifiable information through the reply;
if the application relates to personally identifiable information, then:
determining whether the application relates to a mobile application or financial personal information by comparing a reply associated with personally identifiable information in the replies to a personally identifiable information requirements list;
if the application relates to a mobile application or financial personal information, evaluating a personally identifiable information requirement assessment value by comparing a reply associated with the mobile application or financial personal information in the reply to a mobile application requirement list or financial personal information requirement list, respectively;
determining whether the application involves cross-border data transfer by comparing ones of the replies that are related to personally identifiable information with a personally identifiable information requirements list;
if the application involves cross-border data transfer, evaluating an evaluation cross-border data transfer requirement value by comparing a reply associated with data cross-border transfer in the reply to a data cross-border transfer requirement list;
judging whether the application relates to specific data or not through the reply;
if the application relates to specific data, judging whether the specific data relates to data cross-border transmission or not; and
if the particular data relates to data cross-border transmission, a data cross-border transmission requirement assessment value is assessed by comparing a reply associated with the data cross-border transmission in the reply to a data cross-border transmission requirement list.
14. The system of claim 12 or 13, wherein the network security assessment system is configured to perform the comparing step by text recognition of the reply or extraction and recognition of predetermined fields in the reply.
15. The system of claim 12 or 13, wherein the management system is further configured to create a page for maintaining the application, the page comprising a security sub-page containing a plurality of tags identifying issues related to network security and corresponding fillable fields, wherein the fillable fields are automatically filled in according to the one or more network security requirement values.
16. The system of claim 12 or 13, wherein the management system is further configured to archive the application into a list of network security applications, wherein the list includes respective names, identifiers, responsible person information, and one or more network security requirement values of one or more network security related applications.
17. A non-transitory computer-readable medium having stored thereon computer-executable instructions that, when executed by one or more computing devices, cause the one or more computing devices to perform the method of any of claims 1-11.
18. A computer system, the computer system comprising:
at least one processor; and
at least one non-transitory computer-readable medium having stored thereon computer-executable instructions that, when executed by the at least one processor, cause the at least one processor to perform the method according to any of claims 1-11.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011037068.9A CN114362979B (en) | 2020-09-28 | 2020-09-28 | Method and system for managing application |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011037068.9A CN114362979B (en) | 2020-09-28 | 2020-09-28 | Method and system for managing application |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114362979A CN114362979A (en) | 2022-04-15 |
| CN114362979B true CN114362979B (en) | 2023-11-21 |
Family
ID=81090287
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011037068.9A Active CN114362979B (en) | 2020-09-28 | 2020-09-28 | Method and system for managing application |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114362979B (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102693384A (en) * | 2012-05-22 | 2012-09-26 | 清华大学 | Method and apparatus for safe self adjustment of browsers |
| CN104901838A (en) * | 2015-06-23 | 2015-09-09 | 中国电建集团成都勘测设计研究院有限公司 | Enterprise network safety event management system and method thereof |
| CN108197305A (en) * | 2018-01-30 | 2018-06-22 | 深圳壹账通智能科技有限公司 | Questionnaire test and appraisal processing method, device, computer equipment and storage medium |
| CN108702367A (en) * | 2016-02-26 | 2018-10-23 | 甲骨文国际公司 | Technology for the safety for finding and managing application |
| CN109523295A (en) * | 2018-10-11 | 2019-03-26 | 平安科技(深圳)有限公司 | A kind of information processing method, storage medium and server |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10706131B2 (en) * | 2016-06-10 | 2020-07-07 | OneTrust, LLC | Data processing systems and methods for efficiently assessing the risk of privacy campaigns |
-
2020
- 2020-09-28 CN CN202011037068.9A patent/CN114362979B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102693384A (en) * | 2012-05-22 | 2012-09-26 | 清华大学 | Method and apparatus for safe self adjustment of browsers |
| CN104901838A (en) * | 2015-06-23 | 2015-09-09 | 中国电建集团成都勘测设计研究院有限公司 | Enterprise network safety event management system and method thereof |
| CN108702367A (en) * | 2016-02-26 | 2018-10-23 | 甲骨文国际公司 | Technology for the safety for finding and managing application |
| CN108197305A (en) * | 2018-01-30 | 2018-06-22 | 深圳壹账通智能科技有限公司 | Questionnaire test and appraisal processing method, device, computer equipment and storage medium |
| CN109523295A (en) * | 2018-10-11 | 2019-03-26 | 平安科技(深圳)有限公司 | A kind of information processing method, storage medium and server |
Non-Patent Citations (1)
| Title |
|---|
| 关于数据出境安全评估办法征求意见稿的若干意见;张金平;;信息安全与通信保密(第06期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114362979A (en) | 2022-04-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11238169B2 (en) | Privacy score | |
| CN108874638B (en) | Intelligent cloud management based on portrait information | |
| CN102947819A (en) | Information tracking system and method | |
| US20180227263A1 (en) | System and method for providing services | |
| US11232229B2 (en) | Unsubscribe and delete automation | |
| US20230139128A1 (en) | Unsubscribe and delete automation | |
| US11863687B2 (en) | Post-completion action management in online document system | |
| US11196693B2 (en) | Unsubscribe automation | |
| CN114362979B (en) | Method and system for managing application | |
| CN109726883B (en) | Risk management and control method, device and equipment for insurance business and storage medium | |
| US20100057733A1 (en) | Method, computer program product, and apparatus for enabling access to enterprise information | |
| US20220350984A1 (en) | Identity verification in a document management system | |
| US11836241B1 (en) | Automatic update of user information | |
| US11243969B1 (en) | Systems and methods for interaction between multiple computing devices to process data records | |
| CN113326506A (en) | Applet monitoring method and device | |
| KR20200125824A (en) | Method for Recommending Conversational Mode Company Welfare Support | |
| KR20200003692A (en) | Method for Managing Integration Company Eco Mileage Supply | |
| US20240111961A1 (en) | System and method for incorporating risk related topics into chatbot functionality | |
| KR101955464B1 (en) | System for providing the customized information, method thereof, and recordable medium storing the method | |
| KR20230106435A (en) | Method and apparatus for providing service that manages user privacy and consent detail | |
| IE20190191A1 (en) | Digital user consent preferences and control | |
| CN114327379A (en) | Method, apparatus, computer system, and medium for assisting software product development | |
| CN113377367A (en) | Data collection method and device, computer equipment and storage medium | |
| JP2023112776A (en) | Program, information processing device, information processing method, and information processing system | |
| CN114661714A (en) | Data query method and device and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |