CN114398667A - Data security access system and method of computer storage system - Google Patents

Data security access system and method of computer storage system Download PDF

Info

Publication number
CN114398667A
CN114398667A CN202111528966.9A CN202111528966A CN114398667A CN 114398667 A CN114398667 A CN 114398667A CN 202111528966 A CN202111528966 A CN 202111528966A CN 114398667 A CN114398667 A CN 114398667A
Authority
CN
China
Prior art keywords
operation information
user
file
unit time
website
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111528966.9A
Other languages
Chinese (zh)
Inventor
张庆龙
刘娟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Telecom Construction 3rd Engineering Co Ltd
Original Assignee
China Telecom Construction 3rd Engineering Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Telecom Construction 3rd Engineering Co Ltd filed Critical China Telecom Construction 3rd Engineering Co Ltd
Priority to CN202111528966.9A priority Critical patent/CN114398667A/en
Publication of CN114398667A publication Critical patent/CN114398667A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/02Marketing; Price estimation or determination; Fundraising
    • G06Q30/0241Advertisements
    • G06Q30/0248Avoiding fraud
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/02Marketing; Price estimation or determination; Fundraising
    • G06Q30/0241Advertisements
    • G06Q30/0277Online advertisement
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Abstract

The invention discloses a data security access system and a data security access method of a computer storage system. When the operation information of the user is analyzed, the comprehensive evaluation of the operation behavior of the user is realized through the local operation information of the user and the browser operation information, the safety risk coefficient corresponding to the operation information of the user is judged according to the evaluation result, the access authority of the user is further judged, and whether the user is allowed to access the computer storage system is finally judged, so that the safety of the data of the user is ensured.

Description

Data security access system and method of computer storage system
Technical Field
The invention relates to the technical field of computers, in particular to a data security access system and a data security access method of a computer storage system.
Background
With the rapid development of computer technology, computers bring great convenience to the production and life of people, but people face certain danger while using computers, when people browse websites, viruses on webpages can attack computers browsing the websites or hide in the computers, so that the computers of people have higher risks, and when people access important data, certain threats can be caused to the safety of the accessed data.
The existing data security access system only analyzes the keyword information of the browsed website and judges the security level of the computer by identifying the browsed website type to further ensure the data security in the computer, but the mode has a great defect, the stored data in the computer is hidden in two aspects of security risks, on one hand, the data is lost due to the fact that people delete the data by mistake, on the other hand, the website is browsed by a browser, but general viruses are hidden in advertisement bars in the website, the viruses are implanted into the computer by clicking the links corresponding to the advertisement bars, and meanwhile, the advertisement bars are not always provided with the viruses, and the advertisement bars with the hidden security risks (viruses) are also influenced by the propaganda content corresponding to the advertisement bars.
In view of the above, there is a need for a system and method for secure data access in a computer storage system.
Disclosure of Invention
The present invention is directed to a system and method for data security access of a computer storage system, so as to solve the problems mentioned in the background art.
In order to solve the technical problems, the invention provides the following technical scheme: a data security access system for a computer storage system, comprising:
the operation information acquisition module acquires operation information of a user in unit time on a computer;
the data security processing module is used for classifying the user operation information acquired by the operation information acquisition module, and acquiring and storing the user operation information corresponding to each category after processing;
the data security judgment module analyzes the result stored by the data security processing module and judges security risk coefficients corresponding to various types of operation information in the user operation information;
and the access authority judging module judges the access authority corresponding to the user according to the safety risk coefficient corresponding to the operation information of each user and judges whether the user is allowed to access the storage system according to the access authority corresponding to the user.
According to the invention, through the cooperative cooperation of all the modules, the access authority of the user is determined by analyzing the safety risk coefficient corresponding to the operation information of the user in unit time on the computer, and whether the user is allowed to access the storage system is further judged, so that the safety of data in the storage system is ensured.
Further, the operation information of the user in the unit time on the computer acquired by the operation information acquisition module includes: the local operation information and the browser operation information,
the local operation information refers to operation information of a user on local contents of the computer, and comprises accessed folders and positions, and files are added, deleted, modified and searched;
the browser operation information refers to operation information executed by a user on a browser in a computer, and comprises a website name and browsing content information corresponding to opened website information.
The operation information of the user is analyzed from the two aspects of the local operation information and the browsing operation information, because the directions of the potential safety hazards related to the local operation information and the browsing operation information are different, the local operation information corresponds to the factors of the user, all the potential safety hazards are caused by the misoperation of the user (the content of the analysis is to judge whether the user has a habit of deleting the files by mistake and the severity of the habit), the browser operation information corresponds to the external factors, and the potential safety hazards depend on the probability of risks in websites browsed by the user.
Further, when the data security processing module performs classification processing on the acquired user operation information, a processing result of local operation information of the user in the computer per unit time is recorded as a first operation information set of the user, and a processing result of browser operation information of the user in the computer per unit time is recorded as a second operation information set of the user.
The first operation information set and the second operation information set are arranged to facilitate subsequent analysis of processing results corresponding to the local operation information and the browser operation information respectively, the processing results of the local operation information and the browser operation information can be effectively distinguished, and therefore the situation that the analysis results corresponding to the local operation information and the browser operation information are mixed up when stored is avoided, further, the subsequent data analysis is affected, and the analysis results are deviated.
Further, the method for acquiring the first operation information set of the user by the data security processing module comprises the following steps:
s1.1, acquiring all operation information contents corresponding to local operation information of a user in unit time;
s1.2, respectively marking files deleted by a user in the local operation information and files searched or restored in the recycle bin, wherein the files deleted by the user are marked with a first mark, the files searched by the user in the recycle bin are marked with a second mark, and the files restored by the user are marked with a third mark;
s1.3, judging whether the local operation information of each third marked user after restoring the file contains the modification operation aiming at the file,
when the local operation information of the user restored the file contains the modification operation aiming at the file, the modification operation is bound with the user restored file, the modification content corresponding to the modification operation and the time length of the modification operation from the user restored the file are obtained,
when the local operation information of the user restored the file does not contain the modification operation aiming at the file, the file restored by the user is not processed;
s1.4, according to the time sequence of the local operation information, inputting the operation information corresponding to each first mark, each second mark and each third mark into a blank set one by one to form a first operation information set;
the method for acquiring the second operation information set of the user by the data security processing module comprises the following steps:
s2.1, acquiring browser operation information of a user in a computer within a unit time;
s2.2, comparing the website name corresponding to each browser operation information with a comparison database,
if the website name corresponding to the browser operation information is contained in the comparison database, determining that the website name corresponding to the browser operation information is an authorized website,
if the website name corresponding to the browser operation information is not contained in the comparison database, judging that the website name corresponding to the browser operation information is an unauthorized website;
s2.3, respectively extracting corresponding advertisement strips in the website content of each unauthorized website, and respectively binding the extracted advertisement strips with the corresponding unauthorized websites;
and S2.4, adding the operation information corresponding to the name of each unauthorized website into a blank set one by one according to the time sequence of the browser operation information to form a second operation information set.
When a first operation information set is acquired, files deleted by a user in local operation information and files searched or restored in a recycle bin are respectively marked, because the three are convenient to distinguish, any one of the three has certain risk and can cause data loss, the deleted files are the cause of file loss, the searched files are visual representations of file loss, and the restored files are compensation measures for file loss, so that the habit of the user in local operation and the influence degree of file loss caused by the habit are visually embodied, the habit easily causes data loss in a computer storage system, and serious consequences (data cannot be restored) can be caused under the condition that data backup is not stored; whether the website is authorized or not is judged by obtaining the second operation information set, in order to confirm whether a user browses an unauthorized website (contained in a comparison database) or not, and the corresponding advertisement bar in the website content of each unauthorized website is extracted, because the unauthorized website has a large potential safety hazard, especially a link corresponding to the advertisement bar, and therefore the unauthorized website needs to be bound with the corresponding unauthorized website, and then the unauthorized website is analyzed.
Further, the data security judgment module acquires a first operation information set of the user and analyzes the first operation information set to obtain a first security risk coefficient;
and the data security judgment module acquires and analyzes a second operation information set of the user to obtain a second security risk coefficient.
Further, the method for obtaining the first security risk coefficient by the data security judgment module includes the following steps:
s3.1, acquiring the content in the first operation information set corresponding to the user;
s3.2, calculating a first safety risk coefficient Q1 corresponding to the user,
the above-mentioned
Figure BDA0003410041710000041
Where a1 denotes the delete file risk coefficient, a2 denotes the lost file risk coefficient, a3 denotes the restore file risk coefficient,
b1 indicates the number of the un-backed-up deleted files corresponding to the first marker in the first operation information set,
the number of the un-backed deleted files corresponding to the first mark in the first operation information set is obtained through the corresponding retrieval result when the data security judgment module automatically retrieves the name of the deleted file corresponding to the first mark in the computer,
when the file with the same name as the name of the deleted file corresponding to the first mark does not exist in the retrieval result, the deleted file corresponding to the first mark is judged not to be backed up,
when a file with the same name as the name of the deleted file corresponding to the first mark exists in the retrieval result, judging that the deleted file corresponding to the first mark is backed up;
b2 represents the number of lost files, which is equal to the number of the files not found in the search result corresponding to the second mark in the first operation information set, the number of the files not found in the search result corresponding to the second mark in the first operation information set is obtained through the corresponding search result when the name of the search file corresponding to the second mark in the computer is automatically searched through the data security judgment module,
b3 indicates the number of third labels in the first set of operation information,
Ciindicating the risk value of the restored file corresponding to the ith third mark,
the above-mentioned
Figure BDA0003410041710000051
Wherein C1 represents the risk value of the restored file when the restored file corresponding to the ith third mark is not bound for modification operation,
Figure BDA0003410041710000052
indicating a risk value of the restored file during the binding modification operation of the restored file corresponding to the ith third mark,
d1 represents the reduction content risk coefficient, d2 represents the reduction duration risk coefficient,
R1ithe total word number of the modified content corresponding to the modification operation of the restored file binding corresponding to the ith third mark is represented, the modified content represents a sentence in which character addition, character deletion or character replacement occurs in the restored file,
R2iindicating the total word number before the bound modification operation is executed on the restored file corresponding to the ith third mark,
tithe modification operation distance of the restored file binding corresponding to the ith third mark from the time when the user restores the file is represented;
the a1, a2 and a3 are dynamically changed, the corresponding a1 or a2 or a3 in different unit time may be different, the corresponding values of a1, a2 and a3 in the next unit time are obtained based on the current time,
the method for acquiring the value corresponding to the a1 in the next unit time based on the current time comprises the following steps:
s3.2.1, respectively obtaining the current time in the historical data based on the unit time of the current timeThe product of a1 and B1 corresponding to each unit time in the first n unit times of the unit time to which the time belongs is calculated, and the average value of the sum of the obtained products is recorded as
Figure BDA0003410041710000053
S3.2.2, respectively obtaining the average value of the sum of B1 corresponding to each unit time in the previous n unit times of the unit time of the current time in the historical data based on the unit time of the current time, and recording the average value as
Figure BDA0003410041710000054
S3.2.3, respectively obtaining the average value of the sum of a1 corresponding to each unit time in the previous n unit times of the unit time of the current time in the historical data based on the unit time of the current time
Figure BDA0003410041710000055
S3.2.4, the value of a1 in the next unit time obtained based on the current time is
Figure BDA0003410041710000056
And
Figure BDA0003410041710000057
the minimum value of the two is recorded as
Figure BDA0003410041710000058
Wherein the value of p is equal to the value of a1 corresponding to the unit time to which the current time belongs;
according to the method of obtaining the value corresponding to a1 in the next unit time based on the current time, the values corresponding to a2 and a3 in the next unit time are obtained based on the current time respectively,
the method for acquiring the value corresponding to the a2 in the next unit time based on the current time comprises the following steps:
s3.2.1-1, respectively acquiring the current time in the historical data based on the unit time of the current timeThe product of a2 and B2 corresponding to each unit time in the first n unit times of the unit time to which the previous time belongs is calculated, and the average value of the sum of the obtained products is recorded as
Figure BDA0003410041710000061
S3.2.2-2, respectively obtaining the average value of the sum of B2 corresponding to each unit time in the previous n unit times of the unit time of the current time in the historical data based on the unit time of the current time, and recording the average value as
Figure BDA0003410041710000062
S3.2.3-2, respectively obtaining the average value of the sum of a2 corresponding to each unit time in the previous n unit times of the unit time of the current time in the historical data based on the unit time of the current time, and recording the average value as
Figure BDA0003410041710000063
S3.2.4-2, the value of a2 in the next unit time obtained based on the current time is
Figure BDA0003410041710000064
And
Figure BDA0003410041710000065
the minimum value of the two is recorded as
Figure BDA0003410041710000066
Wherein the value of p1 is equal to the value of a2 corresponding to the unit time to which the current time belongs;
the method for acquiring the value corresponding to the a3 in the next unit time based on the current time comprises the following steps:
s3.2.1-3, respectively obtaining a3 and a3 corresponding to each unit time in the previous n unit times of the unit time of the current time in the historical data based on the unit time of the current time
Figure BDA0003410041710000067
And calculating the average of the sum of the obtained products, and recording as
Figure BDA0003410041710000068
S3.2.2-3, respectively obtaining the unit time corresponding to each unit time in the first n unit times of the unit time to which the current time belongs in the historical data based on the unit time to which the current time belongs
Figure BDA0003410041710000069
Average of the sum of (1), is noted
Figure BDA00034100417100000610
S3.2.3-3, respectively obtaining the average value of the sum of a3 corresponding to each unit time in the previous n unit times of the unit time of the current time in the historical data based on the unit time of the current time, and recording the average value as
Figure BDA00034100417100000611
S3.2.4-3, the value of a3 in the next unit time obtained based on the current time is
Figure BDA00034100417100000612
And
Figure BDA00034100417100000613
the minimum value of the two is recorded as
Figure BDA00034100417100000614
Wherein the value of p2 is equal to the value of a3 corresponding to the unit time to which the current time belongs.
In the process of calculating the first security risk factor Q1 corresponding to the user, a1, a2 and a3 are obtained by database query, and a1 is used to multiply B1 (the number of the un-backed deleted files corresponding to the first marker in the first operation information set) instead of the number of the first marker, because the deleted files include the deleted filesBacked up and not backed up, only the files not backed up will cause data loss; b2 might contain the corresponding un-backed up and deleted file of B1, but the two do not conflict, because B2 might also include the un-backed up file deleted before the unit time, and the number of times the file is searched can highlight the importance of the file on the side; setting a multi-segment function when calculating the risk value of the restored file because the risk value condition of the restored file corresponding to the third mark when the restored file is not bound for modification operation needs to be considered; when the value corresponding to a1 in the next unit time is obtained based on the current time,
Figure BDA0003410041710000071
and
Figure BDA0003410041710000072
the average value of a1 respectively corresponding to the previous n unit times under the state that each unit time in the previous n unit times of the unit time to which the current time belongs in the historical data is not influenced by the B1 value and is influenced by the B1 value,
Figure BDA0003410041710000073
Figure BDA0003410041710000074
and
Figure BDA0003410041710000075
are deduced according to the relation between the obtained average value and the a1 value corresponding to the unit time of the current time and the a1 value corresponding to the next unit time, the preset three values are stable and have an equal difference relation, and further the decibel is deduced
Figure BDA0003410041710000076
And
Figure BDA0003410041710000077
is provided with
Figure BDA0003410041710000078
Is to make acquisitionThe next unit time of (a) 1 is more stable, thereby minimizing the error.
Further, the method for obtaining the second security risk coefficient by the data security judgment module includes the following steps:
s4.1, acquiring the content in the second operation information set corresponding to the user;
s4.2, calculating a second safety risk coefficient Q2 corresponding to the user, wherein the second safety risk coefficient Q2 is obtained by calculating the safety risk coefficient
Figure BDA0003410041710000079
Wherein j1 represents the total category number of the corresponding advertisement banner in the website content of the unauthorized website,
e3jthe number of the advertisement bars corresponding to the jth class in the advertisement bars corresponding to the website contents of the unauthorized website is shown,
e4 represents the total number of corresponding advertisement banner in the website content of the unauthorized website,
d4jthe advertisement risk coefficient corresponding to the advertisement strip corresponding to the jth class in the advertisement strips corresponding to the website contents of the unauthorized website is represented,
the category of the corresponding advertisement bar in the website content of the unauthorized website is divided by the picture corresponding to the advertisement bar, and the specific division method comprises the following steps:
s5.1, obtaining pictures in the advertisement strip;
s5.2, respectively obtaining corresponding character contents in the pictures through image recognition, and extracting keywords from the character contents;
and S5.3, comparing all the keywords extracted from each picture with a category comparison database respectively to obtain the category corresponding to the picture, and further obtaining the category corresponding to the advertisement strip.
In the process of obtaining a second safety risk coefficient by the data safety judgment module, the category of the advertisement strip and the advertisement risk coefficient corresponding to each category are obtained, and the advertisement risk coefficient is obtained by inquiring the database; when the category of the advertisement is divided, the category of the advertisement is divided by identifying the character information in the picture and according to the keywords in the character information, and the image identification method adopted here to acquire the character information in the picture is applied to the prior art.
Further, when the access right determining module determines the access right corresponding to the user, it needs to obtain a first security risk coefficient and a second security risk coefficient corresponding to the operation information of each user, calculate the sum of the first security risk coefficient and the second security risk coefficient corresponding to the operation information of each user, and record the sum as a final security risk value corresponding to the corresponding user,
when the final security risk value corresponding to the user is larger than or equal to the first threshold value, judging that the user has the authority of accessing the storage system, and allowing the user to access the storage system;
and when the final security risk value corresponding to the user is smaller than the first threshold value, judging that the user does not have the authority of accessing the storage system, and forbidding the user to access the storage system.
According to the method and the device, the sum of the first safety risk coefficient and the second safety risk coefficient corresponding to the operation information of each user is calculated, so that the comprehensive evaluation of the risks corresponding to the local operation information and the browser operation information of the user can be realized, and the prediction of the safety risk condition corresponding to the user operation information is realized.
A method of securing access to data of a computer storage system, the method comprising the steps of:
s1, acquiring the operation information of the user in unit time on the computer through the operation information acquisition module;
s2, classifying the user operation information acquired by the operation information acquisition module in the data security processing module, and acquiring and storing the user operation information corresponding to each category after processing;
s3, analyzing the result stored by the data security processing module through the data security judging module, and judging security risk coefficients corresponding to various types of operation information in the user operation information;
and S4, in the access authority judging module, judging the access authority corresponding to the user according to the security risk coefficient corresponding to the operation information of each user respectively, and judging whether the user is allowed to access the storage system according to the access authority corresponding to the user.
Compared with the prior art, the invention has the following beneficial effects: when the operation information of the user is analyzed, the comprehensive evaluation of the operation behavior of the user is realized through the local operation information of the user and the browser operation information, the safety risk coefficient corresponding to the operation information of the user is judged according to the evaluation result, the access authority of the user is further judged, and whether the user is allowed to access the computer storage system is finally judged, so that the safety of the data of the user is ensured.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the principles of the invention and not to limit the invention. In the drawings:
FIG. 1 is a schematic diagram of a data security access system of a computer storage system according to the present invention;
FIG. 2 is a flowchart illustrating a method for a data security processing module to obtain a first operation information set of a user in a data security access system of a computer storage system according to the present invention;
FIG. 3 is a flowchart illustrating a method for acquiring a second operation information set of a user by a data security processing module in a data security access system of a computer storage system according to the present invention;
FIG. 4 is a flow chart illustrating a method for securely accessing data in a computer storage system according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1-4, the present invention provides a technical solution: a data security access system for a computer storage system, comprising:
the operation information acquisition module acquires operation information of a user in unit time on a computer;
the data security processing module is used for classifying the user operation information acquired by the operation information acquisition module, and acquiring and storing the user operation information corresponding to each category after processing;
the data security judgment module analyzes the result stored by the data security processing module and judges security risk coefficients corresponding to various types of operation information in the user operation information;
and the access authority judging module judges the access authority corresponding to the user according to the safety risk coefficient corresponding to the operation information of each user and judges whether the user is allowed to access the storage system according to the access authority corresponding to the user.
According to the invention, through the cooperative cooperation of all the modules, the access authority of the user is determined by analyzing the safety risk coefficient corresponding to the operation information of the user in unit time on the computer, and whether the user is allowed to access the storage system is further judged, so that the safety of data in the storage system is ensured.
The operation information of the user in unit time on the computer acquired by the operation information acquisition module comprises: the local operation information and the browser operation information,
the local operation information refers to operation information of a user on local contents of the computer, and comprises accessed folders and positions, and files are added, deleted, modified and searched;
the browser operation information refers to operation information executed by a user on a browser in a computer, and comprises a website name and browsing content information corresponding to opened website information.
The operation information of the user is analyzed from the two aspects of the local operation information and the browsing operation information, because the directions of the potential safety hazards related to the local operation information and the browsing operation information are different, the local operation information corresponds to the factors of the user, all the potential safety hazards are caused by the misoperation of the user (the content of the analysis is to judge whether the user has a habit of deleting the files by mistake and the severity of the habit), the browser operation information corresponds to the external factors, and the potential safety hazards depend on the probability of risks in websites browsed by the user.
When the data security processing module classifies the acquired user operation information, the processing result of the local operation information of the user in the computer per unit time is recorded as a first operation information set of the user, and the processing result of the browser operation information of the user in the computer per unit time is recorded as a second operation information set of the user.
The first operation information set and the second operation information set are arranged to facilitate subsequent analysis of processing results corresponding to the local operation information and the browser operation information respectively, the processing results of the local operation information and the browser operation information can be effectively distinguished, and therefore the situation that the analysis results corresponding to the local operation information and the browser operation information are mixed up when stored is avoided, further, the subsequent data analysis is affected, and the analysis results are deviated.
The method for acquiring the first operation information set of the user by the data security processing module comprises the following steps:
s1.1, acquiring all operation information contents corresponding to local operation information of a user in unit time;
s1.2, respectively marking files deleted by a user in the local operation information and files searched or restored in the recycle bin, wherein the files deleted by the user are marked with a first mark, the files searched by the user in the recycle bin are marked with a second mark, and the files restored by the user are marked with a third mark;
s1.3, judging whether the local operation information of each third marked user after restoring the file contains the modification operation aiming at the file,
when the local operation information of the user restored the file contains the modification operation aiming at the file, the modification operation is bound with the user restored file, the modification content corresponding to the modification operation and the time length of the modification operation from the user restored the file are obtained,
when the local operation information of the user restored the file does not contain the modification operation aiming at the file, the file restored by the user is not processed;
s1.4, according to the time sequence of the local operation information, inputting the operation information corresponding to each first mark, each second mark and each third mark into a blank set one by one to form a first operation information set;
the method for acquiring the second operation information set of the user by the data security processing module comprises the following steps:
s2.1, acquiring browser operation information of a user in a computer within a unit time;
s2.2, comparing the website name corresponding to each browser operation information with a comparison database,
if the website name corresponding to the browser operation information is contained in the comparison database, determining that the website name corresponding to the browser operation information is an authorized website,
if the website name corresponding to the browser operation information is not contained in the comparison database, judging that the website name corresponding to the browser operation information is an unauthorized website;
s2.3, respectively extracting corresponding advertisement strips in the website content of each unauthorized website, and respectively binding the extracted advertisement strips with the corresponding unauthorized websites;
and S2.4, adding the operation information corresponding to the name of each unauthorized website into a blank set one by one according to the time sequence of the browser operation information to form a second operation information set.
When a first operation information set is acquired, files deleted by a user in local operation information and files searched or restored in a recycle bin are respectively marked, because the three are convenient to distinguish, any one of the three has certain risk and can cause data loss, the deleted files are the cause of file loss, the searched files are visual representations of file loss, and the restored files are compensation measures for file loss, so that the habit of the user in local operation and the influence degree of file loss caused by the habit are visually embodied, the habit easily causes data loss in a computer storage system, and serious consequences (data cannot be restored) can be caused under the condition that data backup is not stored; whether the website is authorized or not is judged by obtaining the second operation information set, in order to confirm whether a user browses an unauthorized website (contained in a comparison database) or not, and the corresponding advertisement bar in the website content of each unauthorized website is extracted, because the unauthorized website has a large potential safety hazard, especially a link corresponding to the advertisement bar, and therefore the unauthorized website needs to be bound with the corresponding unauthorized website, and then the unauthorized website is analyzed.
The data security judgment module acquires and analyzes a first operation information set of a user to obtain a first security risk coefficient;
and the data security judgment module acquires and analyzes a second operation information set of the user to obtain a second security risk coefficient.
The method for obtaining the first safety risk coefficient by the data safety judgment module comprises the following steps:
s3.1, acquiring the content in the first operation information set corresponding to the user;
s3.2, calculating a first safety risk coefficient Q1 corresponding to the user,
the above-mentioned
Figure BDA0003410041710000121
Where a1 denotes the delete file risk coefficient, a2 denotes the lost file risk coefficient, a3 denotes the restore file risk coefficient,
b1 indicates the number of the un-backed-up deleted files corresponding to the first marker in the first operation information set,
the number of the un-backed deleted files corresponding to the first mark in the first operation information set is obtained through the corresponding retrieval result when the data security judgment module automatically retrieves the name of the deleted file corresponding to the first mark in the computer,
when the file with the same name as the name of the deleted file corresponding to the first mark does not exist in the retrieval result, the deleted file corresponding to the first mark is judged not to be backed up,
when a file with the same name as the name of the deleted file corresponding to the first mark exists in the retrieval result, judging that the deleted file corresponding to the first mark is backed up;
b2 represents the number of lost files, which is equal to the number of the files not found in the search result corresponding to the second mark in the first operation information set, the number of the files not found in the search result corresponding to the second mark in the first operation information set is obtained through the corresponding search result when the name of the search file corresponding to the second mark in the computer is automatically searched through the data security judgment module,
b3 indicates the number of third labels in the first set of operation information,
Ciindicating the risk value of the restored file corresponding to the ith third mark,
the above-mentioned
Figure BDA0003410041710000122
Wherein C1 represents the risk value of the restored file when the restored file corresponding to the ith third mark is not bound for modification operation,
Figure BDA0003410041710000123
indicating a risk value of the restored file during the binding modification operation of the restored file corresponding to the ith third mark,
d1 represents the reduction content risk coefficient, d2 represents the reduction duration risk coefficient,
R1ithe modification corresponding to the modification operation of the restored file binding corresponding to the ith third markChanging the total word number of the content, wherein the modified content represents a sentence in which character addition, character deletion or character replacement occurs in the restored file,
R2iindicating the total word number before the bound modification operation is executed on the restored file corresponding to the ith third mark,
tithe modification operation distance of the restored file binding corresponding to the ith third mark from the time when the user restores the file is represented;
in this embodiment, the user a contains two restored files corresponding to the third mark, the restored file corresponding to the 1 st third mark is not bound to modify operation, the total number of words of modified content corresponding to the modify operation bound to the restored file corresponding to the 2 nd third mark is 50 words, the total number of words before the modify operation is performed on the restored file corresponding to the 2 nd third mark is 500 words, the time length from the modify operation bound to the restored file corresponding to the 2 nd third mark to the time when the user restores the file is 15 hours,
c1 is 1, d1 is 10, d2 is 3,
then C is1=1;
Figure BDA0003410041710000131
The a1, the a2 and the a3 are dynamically changed, the corresponding a1, a2 or a3 in different unit time may be different, the corresponding values of a1, a2 and a3 in the next unit time are obtained based on the current time, the obtained corresponding values of a1, a2 and a3 in the next unit time are saved in a database,
the method for acquiring the value corresponding to the a1 in the next unit time based on the current time comprises the following steps:
s3.2.1, respectively obtaining products of a1 and B1 corresponding to each unit time in the first n unit times of the unit time of the current time in the historical data based on the unit time of the current time, and calculating the average value of the sum of the obtained products, and recording the average value as the sum of the products
Figure BDA0003410041710000132
S3.2.2, respectively obtaining the average value of the sum of B1 corresponding to each unit time in the previous n unit times of the unit time of the current time in the historical data based on the unit time of the current time, and recording the average value as
Figure BDA0003410041710000133
S3.2.3, respectively obtaining the average value of the sum of a1 corresponding to each unit time in the previous n unit times of the unit time of the current time in the historical data based on the unit time of the current time
Figure BDA0003410041710000134
S3.2.4, the value of a1 in the next unit time obtained based on the current time is
Figure BDA0003410041710000135
And
Figure BDA0003410041710000136
the minimum value of the two is recorded as
Figure BDA0003410041710000137
Wherein the value of p is equal to the value of a1 corresponding to the unit time to which the current time belongs;
the value of a1 corresponding to the unit time to which the current time belongs in this embodiment is 0.5,
the value of B1 corresponding to each unit time in the first 3 unit times of the unit time of the current time in the historical data is 2, 4 and 3,
the values of a1 corresponding to each unit time in the first 3 unit times of the unit time of the current time in the historical data are 0.4, 0.6 and 0.5 respectively,
then it is corresponding to
Figure BDA0003410041710000138
Corresponding to
Figure BDA0003410041710000141
Corresponding to
Figure BDA0003410041710000142
Then
Figure BDA0003410041710000143
Figure BDA0003410041710000144
And then to
Figure BDA0003410041710000145
According to the method of obtaining the value corresponding to a1 in the next unit time based on the current time, the values corresponding to a2 and a3 in the next unit time are obtained based on the current time, respectively.
In the process of calculating the first security risk factor Q1 corresponding to the user, a1, a2 and a3 are obtained by database query, and a1 is used to multiply B1 (the number of the un-backed deleted files corresponding to the first mark in the first operation information set) instead of the number of the first mark, because the deleted files include backed up and un-backed up files, only the un-backed up files can cause data loss; b2 might contain the corresponding un-backed up and deleted file of B1, but the two do not conflict, because B2 might also include the un-backed up file deleted before the unit time, and the number of times the file is searched can highlight the importance of the file on the side; the multi-segment function is set when the risk value of the restored file is calculated, because the risk value condition of the restored file when the restored file corresponding to the third mark is not bound and modified needs to be considered.
The method for obtaining the second safety risk coefficient by the data safety judgment module comprises the following steps:
s4.1, acquiring the content in the second operation information set corresponding to the user;
s4.2, calculating a second safety risk coefficient Q2 corresponding to the user, wherein the second safety risk coefficient Q2 is obtained by calculating the safety risk coefficient
Figure BDA0003410041710000146
Wherein j1 represents the total category number of the corresponding advertisement banner in the website content of the unauthorized website,
e3jthe number of the advertisement bars corresponding to the jth class in the advertisement bars corresponding to the website contents of the unauthorized website is shown,
e4 represents the total number of corresponding advertisement banner in the website content of the unauthorized website,
d4jthe advertisement risk coefficient corresponding to the advertisement strip corresponding to the jth class in the advertisement strips corresponding to the website contents of the unauthorized website is represented,
in this embodiment, the total number of the corresponding advertisement pieces in the website content of the unauthorized website is 3, the total number of the corresponding advertisement pieces in the website content of the unauthorized website is 5,
the number of the advertisement strips corresponding to the 1 st type in the corresponding advertisement strips in the website content of the unauthorized website is 2,
the number of the advertisement strips corresponding to the type 2 in the corresponding advertisement strips in the website content of the unauthorized website is 1,
the number of the 3 rd type corresponding advertisement strips in the website contents of the unauthorized website is 2,
in the corresponding advertisement banner in the website content of the unauthorized website,
the ad risk factor for the category 1 corresponding ad banner is 1.5,
the ad risk factor for the category 2 corresponding ad banner is 2,
the ad risk factor for the category 3 corresponding ad banner is 1.3,
then the corresponding second security risk factor for that user
Figure BDA0003410041710000151
The category of the corresponding advertisement bar in the website content of the unauthorized website is divided by the picture corresponding to the advertisement bar, and the specific division method comprises the following steps:
s5.1, obtaining pictures in the advertisement strip;
s5.2, respectively obtaining corresponding character contents in the pictures through image recognition, and extracting keywords from the character contents;
and S5.3, comparing all the keywords extracted from each picture with a category comparison database respectively to obtain the category corresponding to the picture, and further obtaining the category corresponding to the advertisement strip.
In the process of obtaining a second safety risk coefficient by the data safety judgment module, the category of the advertisement strip and the advertisement risk coefficient corresponding to each category are obtained, and the advertisement risk coefficient is obtained by inquiring the database; when the category of the advertisement is divided, the category of the advertisement is divided by identifying the character information in the picture and according to the keywords in the character information, and the image identification method adopted here to acquire the character information in the picture is applied to the prior art.
When the access authority judging module judges the access authority corresponding to the user, a first safety risk coefficient and a second safety risk coefficient corresponding to the operation information of each user respectively need to be obtained, the sum of the first safety risk coefficient and the second safety risk coefficient corresponding to the operation information of each user is calculated and recorded as a final safety risk value corresponding to the corresponding user,
when the final security risk value corresponding to the user is larger than or equal to the first threshold value, judging that the user has the authority of accessing the storage system, and allowing the user to access the storage system;
and when the final security risk value corresponding to the user is smaller than the first threshold value, judging that the user does not have the authority of accessing the storage system, and forbidding the user to access the storage system.
According to the method and the device, the sum of the first safety risk coefficient and the second safety risk coefficient corresponding to the operation information of each user is calculated, so that the comprehensive evaluation of the risks corresponding to the local operation information and the browser operation information of the user can be realized, and the prediction of the safety risk condition corresponding to the user operation information is realized.
A method of securing access to data of a computer storage system, the method comprising the steps of:
s1, acquiring the operation information of the user in unit time on the computer through the operation information acquisition module;
s2, classifying the user operation information acquired by the operation information acquisition module in the data security processing module, and acquiring and storing the user operation information corresponding to each category after processing;
s3, analyzing the result stored by the data security processing module through the data security judging module, and judging security risk coefficients corresponding to various types of operation information in the user operation information;
and S4, in the access authority judging module, judging the access authority corresponding to the user according to the security risk coefficient corresponding to the operation information of each user respectively, and judging whether the user is allowed to access the storage system according to the access authority corresponding to the user.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus.
Finally, it should be noted that: although the present invention has been described in detail with reference to the foregoing embodiments, it will be apparent to those skilled in the art that changes may be made in the embodiments and/or equivalents thereof without departing from the spirit and scope of the invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims (9)

1. A system for securing access to data of a computer storage system, comprising:
the operation information acquisition module acquires operation information of a user in unit time on a computer;
the data security processing module is used for classifying the user operation information acquired by the operation information acquisition module, and acquiring and storing the user operation information corresponding to each category after processing;
the data security judgment module analyzes the result stored by the data security processing module and judges security risk coefficients corresponding to various types of operation information in the user operation information;
and the access authority judging module judges the access authority corresponding to the user according to the safety risk coefficient corresponding to the operation information of each user and judges whether the user is allowed to access the storage system according to the access authority corresponding to the user.
2. A system for securing access to data in a computer storage system according to claim 1, wherein: the operation information of the user in unit time on the computer acquired by the operation information acquisition module comprises: the local operation information and the browser operation information,
the local operation information refers to operation information of a user on local contents of the computer, and comprises accessed folders and positions, and files are added, deleted, modified and searched;
the browser operation information refers to operation information executed by a user on a browser in a computer, and comprises a website name and browsing content information corresponding to opened website information.
3. A system for securing access to data in a computer storage system according to claim 2, wherein: when the data security processing module classifies the acquired user operation information, the processing result of the local operation information of the user in the computer per unit time is recorded as a first operation information set of the user, and the processing result of the browser operation information of the user in the computer per unit time is recorded as a second operation information set of the user.
4. A system for securing access to data in a computer storage system according to claim 3, wherein: the method for acquiring the first operation information set of the user by the data security processing module comprises the following steps:
s1.1, acquiring all operation information contents corresponding to local operation information of a user in unit time;
s1.2, respectively marking files deleted by a user in the local operation information and files searched or restored in the recycle bin, wherein the files deleted by the user are marked with a first mark, the files searched by the user in the recycle bin are marked with a second mark, and the files restored by the user are marked with a third mark;
s1.3, judging whether the local operation information of each third marked user after restoring the file contains the modification operation aiming at the file,
when the local operation information of the user restored the file contains the modification operation aiming at the file, the modification operation is bound with the user restored file, the modification content corresponding to the modification operation and the time length of the modification operation from the user restored the file are obtained,
when the local operation information of the user restored the file does not contain the modification operation aiming at the file, the file restored by the user is not processed;
s1.4, according to the time sequence of the local operation information, inputting the operation information corresponding to each first mark, each second mark and each third mark into a blank set one by one to form a first operation information set;
the method for acquiring the second operation information set of the user by the data security processing module comprises the following steps:
s2.1, acquiring browser operation information of a user in a computer within a unit time;
s2.2, comparing the website name corresponding to each browser operation information with a comparison database,
if the website name corresponding to the browser operation information is contained in the comparison database, determining that the website name corresponding to the browser operation information is an authorized website,
if the website name corresponding to the browser operation information is not contained in the comparison database, judging that the website name corresponding to the browser operation information is an unauthorized website;
s2.3, respectively extracting corresponding advertisement strips in the website content of each unauthorized website, and respectively binding the extracted advertisement strips with the corresponding unauthorized websites;
and S2.4, adding the operation information corresponding to the name of each unauthorized website into a blank set one by one according to the time sequence of the browser operation information to form a second operation information set.
5. The system of claim 4, wherein the data security access system comprises: the data security judgment module acquires and analyzes a first operation information set of a user to obtain a first security risk coefficient;
and the data security judgment module acquires and analyzes a second operation information set of the user to obtain a second security risk coefficient.
6. The system of claim 5, wherein the data security access system comprises: the method for obtaining the first safety risk coefficient by the data safety judgment module comprises the following steps:
s3.1, acquiring the content in the first operation information set corresponding to the user;
s3.2, calculating a first safety risk coefficient Q1 corresponding to the user,
the above-mentioned
Figure FDA0003410041700000031
Where a1 denotes the delete file risk coefficient, a2 denotes the lost file risk coefficient, a3 denotes the restore file risk coefficient,
b1 indicates the number of the un-backed-up deleted files corresponding to the first marker in the first operation information set,
the number of the un-backed deleted files corresponding to the first mark in the first operation information set is obtained through the corresponding retrieval result when the data security judgment module automatically retrieves the name of the deleted file corresponding to the first mark in the computer,
when the file with the same name as the name of the deleted file corresponding to the first mark does not exist in the retrieval result, the deleted file corresponding to the first mark is judged not to be backed up,
when a file with the same name as the name of the deleted file corresponding to the first mark exists in the retrieval result, judging that the deleted file corresponding to the first mark is backed up;
b2 represents the number of lost files, which is equal to the number of the files not found in the search result corresponding to the second mark in the first operation information set, the number of the files not found in the search result corresponding to the second mark in the first operation information set is obtained through the corresponding search result when the name of the search file corresponding to the second mark in the computer is automatically searched through the data security judgment module,
b3 indicates the number of third labels in the first set of operation information,
Ciindicating the risk value of the restored file corresponding to the ith third mark,
the above-mentioned
Figure FDA0003410041700000032
Wherein C1 represents the risk value of the restored file when the restored file corresponding to the ith third mark is not bound for modification operation,
Figure FDA0003410041700000033
indicating a risk value of the restored file during the binding modification operation of the restored file corresponding to the ith third mark,
d1 represents the reduction content risk coefficient, d2 represents the reduction duration risk coefficient,
R1ithe total word number of the modified content corresponding to the modification operation of the restored file binding corresponding to the ith third mark is represented, the modified content represents a sentence in which character addition, character deletion or character replacement occurs in the restored file,
R2iindicating the total word number before the bound modification operation is executed on the restored file corresponding to the ith third mark,
tithe modification operation distance of the restored file binding corresponding to the ith third mark from the time when the user restores the file is represented;
the a1, the a2 and the a3 are dynamically changed, the corresponding a1, a2 or a3 in different unit time may be different, the corresponding values of a1, a2 and a3 in the next unit time are obtained based on the current time, the obtained corresponding values of a1, a2 and a3 in the next unit time are saved in a database,
the method for acquiring the value corresponding to the a1 in the next unit time based on the current time comprises the following steps:
s3.2.1, respectively obtaining products of a1 and B1 corresponding to each unit time in the first n unit times of the unit time of the current time in the historical data based on the unit time of the current time, and calculating the average value of the sum of the obtained products, and recording the average value as the sum of the products
Figure FDA0003410041700000041
S3.2.2, respectively obtaining the average value of the sum of B1 corresponding to each unit time in the previous n unit times of the unit time of the current time in the historical data based on the unit time of the current time, and recording the average value as
Figure FDA0003410041700000042
S3.2.3, respectively obtaining the average value of the sum of a1 corresponding to each unit time in the previous n unit times of the unit time of the current time in the historical data based on the unit time of the current time
Figure FDA0003410041700000043
S3.2.4, the value of a1 in the next unit time obtained based on the current time is
Figure FDA0003410041700000044
And
Figure FDA0003410041700000045
the minimum value of the two is recorded as
Figure FDA0003410041700000046
Wherein the value of p is equal to the value of a1 corresponding to the unit time to which the current time belongs;
according to the method of obtaining the value corresponding to a1 in the next unit time based on the current time, the values corresponding to a2 and a3 in the next unit time are obtained based on the current time, respectively.
7. A system for securing access to data in a computer storage system according to claim 6, wherein: the method for obtaining the second safety risk coefficient by the data safety judgment module comprises the following steps:
s4.1, acquiring the content in the second operation information set corresponding to the user;
s4.2, calculating a second safety risk coefficient Q2 corresponding to the user, wherein the second safety risk coefficient Q2 is obtained by calculating the safety risk coefficient
Figure FDA0003410041700000047
Wherein j1 represents the total category number of the corresponding advertisement banner in the website content of the unauthorized website,
e3jthe number of the advertisement bars corresponding to the jth class in the advertisement bars corresponding to the website contents of the unauthorized website is shown,
e4 represents the total number of corresponding advertisement banner in the website content of the unauthorized website,
d4jthe advertisement risk coefficient corresponding to the advertisement strip corresponding to the jth class in the advertisement strips corresponding to the website contents of the unauthorized website is represented,
the category of the corresponding advertisement bar in the website content of the unauthorized website is divided by the picture corresponding to the advertisement bar, and the specific division method comprises the following steps:
s5.1, obtaining pictures in the advertisement strip;
s5.2, respectively obtaining corresponding character contents in the pictures through image recognition, and extracting keywords from the character contents;
and S5.3, comparing all the keywords extracted from each picture with a category comparison database respectively to obtain the category corresponding to the picture, and further obtaining the category corresponding to the advertisement strip.
8. A system for securing access to data in a computer storage system according to claim 7, wherein: when the access authority judging module judges the access authority corresponding to the user, a first safety risk coefficient and a second safety risk coefficient corresponding to the operation information of each user respectively need to be obtained, the sum of the first safety risk coefficient and the second safety risk coefficient corresponding to the operation information of each user is calculated and recorded as a final safety risk value corresponding to the corresponding user,
when the final security risk value corresponding to the user is larger than or equal to the first threshold value, judging that the user has the authority of accessing the storage system, and allowing the user to access the storage system;
and when the final security risk value corresponding to the user is smaller than the first threshold value, judging that the user does not have the authority of accessing the storage system, and forbidding the user to access the storage system.
9. A method for securing access to data of a computer storage system of a system for securing access to data of a computer storage system, according to any of claims 1 to 8, characterized by: the method comprises the following steps:
s1, acquiring the operation information of the user in unit time on the computer through the operation information acquisition module;
s2, classifying the user operation information acquired by the operation information acquisition module in the data security processing module, and acquiring and storing the user operation information corresponding to each category after processing;
s3, analyzing the result stored by the data security processing module through the data security judging module, and judging security risk coefficients corresponding to various types of operation information in the user operation information;
and S4, in the access authority judging module, judging the access authority corresponding to the user according to the security risk coefficient corresponding to the operation information of each user respectively, and judging whether the user is allowed to access the storage system according to the access authority corresponding to the user.
CN202111528966.9A 2021-12-14 2021-12-14 Data security access system and method of computer storage system Pending CN114398667A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111528966.9A CN114398667A (en) 2021-12-14 2021-12-14 Data security access system and method of computer storage system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111528966.9A CN114398667A (en) 2021-12-14 2021-12-14 Data security access system and method of computer storage system

Publications (1)

Publication Number Publication Date
CN114398667A true CN114398667A (en) 2022-04-26

Family

ID=81226583

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111528966.9A Pending CN114398667A (en) 2021-12-14 2021-12-14 Data security access system and method of computer storage system

Country Status (1)

Country Link
CN (1) CN114398667A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116451262A (en) * 2023-06-16 2023-07-18 河北登浦信息技术有限公司 Data encryption method and encryption system for financial system client

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116451262A (en) * 2023-06-16 2023-07-18 河北登浦信息技术有限公司 Data encryption method and encryption system for financial system client
CN116451262B (en) * 2023-06-16 2023-08-25 河北登浦信息技术有限公司 Data encryption method and encryption system for financial system client

Similar Documents

Publication Publication Date Title
US8225190B1 (en) Methods and apparatus for clustering news content
Liu et al. Opinion observer: analyzing and comparing opinions on the web
Urvoy et al. Tracking web spam with html style similarities
US8630972B2 (en) Providing context for web articles
US20140280183A1 (en) Method For Cross-Domain Feature Correlation
Badi et al. Recognizing user interest and document value from reading and organizing activities in document triage
CN114911917B (en) Asset meta-information searching method and device, computer equipment and readable storage medium
CN107153656B (en) Information searching method and device
Liu et al. Identifying indicators of fake reviews based on spammer's behavior features
CN102959578A (en) Forensic system and forensic method, and forensic program
US8423885B1 (en) Updating search engine document index based on calculated age of changed portions in a document
US20090089373A1 (en) System and method for identifying spam hosts using stacked graphical learning
CN111553137B (en) Report generation method and device, storage medium and computer equipment
CN101841628A (en) Image processing system, history management apparatus, image processing control apparatus and computer readable medium
CN109146625B (en) Content-based multi-version App update evaluation method and system
EP2933734A1 (en) Method and system for the structural analysis of websites
CN108763961B (en) Big data based privacy data grading method and device
CN112149387A (en) Visualization method and device for financial data, computer equipment and storage medium
CN113886830A (en) Information security scoring system construction method based on artificial intelligence
CN114398667A (en) Data security access system and method of computer storage system
US8515987B1 (en) Database information consolidation
CN112288510A (en) Article recommendation method, device, equipment and storage medium
CN116455623A (en) Computer information security sharing system and method based on big data identification technology
Sundareswara et al. A large-scale exploration of terms of service documents on the web
EP1286284A1 (en) Spreadsheet data processing system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination