CN114493382B - Enterprise risk data processing method and system based on enterprise risk associated graph - Google Patents
Enterprise risk data processing method and system based on enterprise risk associated graph Download PDFInfo
- Publication number
- CN114493382B CN114493382B CN202210391598.6A CN202210391598A CN114493382B CN 114493382 B CN114493382 B CN 114493382B CN 202210391598 A CN202210391598 A CN 202210391598A CN 114493382 B CN114493382 B CN 114493382B
- Authority
- CN
- China
- Prior art keywords
- risk
- enterprise
- data
- level
- authority
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/06—Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
- G06Q10/063—Operations research, analysis or management
- G06Q10/0635—Risk analysis of enterprise or organisation activities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/06—Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
- G06Q10/063—Operations research, analysis or management
- G06Q10/0639—Performance analysis of employees; Performance analysis of enterprise or organisation operations
Abstract
The invention relates to the related field of data security management, and discloses an enterprise risk data processing method and system based on an enterprise risk association graph.
Description
Technical Field
The invention relates to the related field of data security management, in particular to an enterprise risk data processing method and system based on an enterprise risk association graph.
Background
In an enterprise cooperation project, risks accompany, and risks of different cooperation object enterprises in different cooperation fields are different, so that in cooperation, a certain processing coping scheme is required to be set to reduce the occurrence of risk events or reduce possible benefit loss caused by the risks.
Most of the risk handling in the prior art is risk management for the cooperative project established based on the risk records of the cooperative enterprises, namely, the risk occurrence probability is reduced from the aspects of project-related technical means and the like, and the processing mode is beneficial to both parties and can improve the technical experience in subsequent cooperation.
However, in the prior art, part of the risks are from the aspects of the enterprise management modes of the cooperation mode and the cooperation parties, for example, the leakage of project data of cooperation, especially the leakage of project data of cooperation, is very serious for the cooperation parties.
Disclosure of Invention
The invention aims to provide an enterprise risk data processing method and system based on an enterprise risk association graph so as to solve the problems in the background technology.
In order to achieve the purpose, the invention provides the following technical scheme:
an enterprise risk data processing system based on an enterprise risk association map comprises:
the system comprises a target acquisition module, a risk association map acquisition module and a risk association map generation module, wherein the risk association map acquisition module is used for acquiring a risk information transmission relation among enterprises and a historical risk event occurrence log of the enterprises;
the event analysis module is used for acquiring historical risk events through the risk association map, judging the risk types of the historical risk events to acquire a plurality of enterprise risk types, evaluating and counting the plurality of enterprise risk types, and acquiring corresponding association risk levels;
the data evaluation module is used for acquiring a management snapshot log of a database of the target enterprise, performing data security evaluation on the target enterprise through the management snapshot log, and generating a data security level, wherein the management snapshot log is used for representing an accessed behavior record of data, and the data security level corresponds to a personnel permission level;
the data management module is used for acquiring the associated risk level corresponding to a preset enterprise cooperation type and generating a data processing rule according to the associated risk level and the data security level, wherein the enterprise risk type corresponds to the enterprise cooperation type, and the data processing rule is used for protecting risk data cooperating with the target enterprise;
as a further scheme of the invention: the data processing rules comprise risk grade division rules and authority division rules of the risk data, and the data management module comprises:
the type obtaining unit is used for obtaining the enterprise cooperation type of the target enterprise cooperation project, the enterprise cooperation type is used for representing the type of the target enterprise cooperation project and corresponds to the enterprise risk type;
a risk level unit, configured to compare the enterprise risk types according to the enterprise cooperation type, and obtain the associated risk levels corresponding to the enterprise risk types;
the level rule unit is used for traversing a preset level division table according to the associated risk level to acquire a risk level division rule, and the risk level division rule and the associated risk level are stored in the level division table in a one-to-one correspondence manner;
and the authority rule unit is used for acquiring the data security level of the target enterprise, traversing a preset authority division table according to the data security level and acquiring authority division rules, wherein the authority division rules and the data security level are stored in the authority division table in a one-to-one correspondence manner.
As a further scheme of the invention: still include the management execution module, the management execution module includes:
the processing response unit is used for acquiring the risk grade division rule and the authority division rule in the data processing rule;
the grade dividing unit is used for acquiring the corresponding risk data, carrying out risk grade division on the risk data according to the risk grade dividing rule, if the risk grade is higher than or equal to a preset risk grade, the risk data are not shared, and if the risk grade is lower than the preset risk grade, the risk data are shared with the target enterprise;
and the permission limiting unit is used for acquiring the corresponding risk data, and performing permission grade division on the risk data according to the permission grade division rule, wherein the permission grade corresponds to the personnel permission grade and is used for limiting the access permission of relevant personnel to the risk data.
As a further scheme of the invention: the event analysis module includes:
the event acquisition unit is used for acquiring historical risk events through the risk association map;
the type judgment unit is used for extracting the content of the cooperation project from the historical risk event and judging the type of the cooperation project according to the project content so as to generate an enterprise risk type;
and the evaluation statistical unit is used for acquiring the occurrence times of the enterprise risk types and the risk funds corresponding to the enterprise risk types, evaluating the occurrence times and the risk funds according to the preset risk judgment standard, and generating a correlation risk level, wherein the risk funds are used for representing the fund loss generated by the historical risk events.
As a further scheme of the invention: the system also comprises an authority authentication module;
the authority authentication module is used for acquiring personnel authentication information, performing identity verification according to the personnel authentication information, acquiring the access authority level of the personnel authentication information, and acquiring the risk data of which the authority level is less than or equal to the access authority level according to the access authority level to generate an access list.
The embodiment of the invention aims to provide an enterprise risk data processing method based on an enterprise risk associated graph, which comprises the following steps:
acquiring a risk associated map of a target enterprise, wherein the risk associated map is used for recording risk information transmission relations among enterprises and historical risk event occurrence logs of the enterprises;
acquiring historical risk events through the risk association map, judging the risk types of the historical risk events to acquire a plurality of enterprise risk types, evaluating and counting the plurality of enterprise risk types, and acquiring corresponding association risk levels;
acquiring a management snapshot log of a database of the target enterprise, and performing data security evaluation on the target enterprise through the management snapshot log to generate a data security level, wherein the management snapshot log is used for representing an accessed behavior record of data, and the data security level corresponds to a personnel permission level;
and acquiring the associated risk level corresponding to a preset enterprise cooperation type, and generating a data processing rule according to the associated risk level and the data security level, wherein the enterprise risk type corresponds to the enterprise cooperation type, and the data processing rule is used for protecting risk data cooperating with a target enterprise.
As a further scheme of the invention: the step of obtaining the associated risk level corresponding to a preset enterprise cooperation type and generating a data processing rule according to the associated risk level and the data security level includes:
acquiring the enterprise cooperation type of the target enterprise cooperation project, wherein the enterprise cooperation type is used for representing the type of the target enterprise cooperation project and corresponds to the enterprise risk type;
traversing and comparing a plurality of enterprise risk types according to the enterprise cooperation type to obtain the associated risk level corresponding to the enterprise risk type;
traversing a preset grade division table according to the associated risk grade to obtain a risk grade division rule, wherein the risk grade division rule and the associated risk grade are stored in the grade division table in a one-to-one correspondence manner;
and acquiring the data security level of the target enterprise, traversing a preset authority division table according to the data security level, and acquiring authority division rules, wherein the authority division rules and the data security level are stored in the authority division table in a one-to-one correspondence manner.
As a further scheme of the invention: further comprising the steps of:
acquiring the risk level division rule and the authority division rule in the data processing rule;
acquiring corresponding risk data, and dividing risk levels of the risk data according to the risk level division rule, wherein if the risk levels are higher than or equal to a preset risk level, the risk data are not shared, and if the risk levels are lower than the preset risk level, the risk data are shared with the target enterprise;
and acquiring the corresponding risk data, and performing authority level division on the risk data according to the authority level division rule, wherein the authority level corresponds to the personnel authority level and is used for limiting the access authority of relevant personnel to the risk data.
Compared with the prior art, the invention has the beneficial effects that: through the setting of the target acquisition module, the event analysis module, the data evaluation module and the data management module, the risk analysis and the data risk analysis of a target enterprise are realized, so that data generated in cooperation and data required to be provided can be processed according to a risk judgment result of the target enterprise, the protection effect of enterprise risk data is achieved, the risk and loss caused by data leakage and other problems in cooperation are reduced, meanwhile, compared with a single-party dominant cooperation mode, convenience can be provided for cooperation of two parties to a certain extent according to a data management mode of risk degree, and the problem of data cooperation in the single-party dominant mode is avoided.
Drawings
FIG. 1 is a block diagram of an enterprise risk data processing system based on an enterprise risk association graph.
FIG. 2 is a block diagram of data management modules in an enterprise risk data processing system based on an enterprise risk association graph.
FIG. 3 is a block diagram of an event analysis module in an enterprise risk data processing system based on an enterprise risk correlation graph.
FIG. 4 is a flow chart diagram of an enterprise risk data processing method based on an enterprise risk association graph.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
The following detailed description of specific embodiments of the present invention is provided in connection with specific embodiments.
As shown in fig. 1, an enterprise risk data processing system based on an enterprise risk association graph according to an embodiment of the present invention includes:
the target obtaining module 100 is configured to obtain a risk association map of a target enterprise, where the risk association map is used to record a risk information transfer relationship between enterprises and a historical risk event occurrence log of the enterprise.
The event analysis module 300 is configured to obtain a historical risk event through the risk association graph, determine a risk type of the historical risk event to obtain a plurality of enterprise risk types, perform evaluation statistics on the plurality of enterprise risk types, and obtain a corresponding association risk level.
The data evaluation module 500 is configured to obtain a management snapshot log of the database of the target enterprise, perform data security evaluation on the target enterprise through the management snapshot log, and generate a data security level, where the management snapshot log is used to represent an access behavior record of data, and the data security level corresponds to a personnel permission level.
The data management module 700 is configured to obtain the associated risk level corresponding to a preset enterprise cooperation type, and generate a data processing rule according to the associated risk level and the data security level, where the enterprise risk type corresponds to the enterprise cooperation type, and the data processing rule is used to protect risk data cooperating with the target enterprise.
In this embodiment, in use, the target obtaining module 100 obtains a risk associated map of a target enterprise, where the risk associated map records historical cooperation information between enterprises, including content types of cooperation, risk impact and loss caused by the cooperation (certainly, the risk associated map is obtained by negotiating with an opposite company and obtaining the data by a legal means on the premise of cooperation), and then the event analysis module 300 summarizes and evaluates the enterprise risk types of the obtained data, so as to know the risk occurrence probability and average fund loss caused in a certain type of cooperation field (for example, a certain type of project or project, etc.), and the data evaluation module 500 performs security evaluation on the data management system of the target enterprise, and determines the data access record of the target enterprise, obtaining a data security level, which mainly lies in the judgment of data access authority, namely, in the target enterprise, the number of persons who can release and read the files of a certain level can be used for judging the authority level of the related cooperation files in cooperation with the target enterprise; further, the data management module 700 can perform security processing on the data (i.e. risk data) involved in the collaboration (including the data generated in the process and the data that may need to be provided) according to the enterprise risk type and the data security level, for example, set a proper access right and set a more limited access path, thereby achieving the purpose of protecting the security of the risk data.
As shown in fig. 2, as another preferred embodiment of the present invention, the data processing rule includes a risk classification rule and an authority classification rule of the risk data, and the data management module 700 includes:
a type obtaining unit 701, configured to obtain the enterprise collaboration type of the target enterprise collaboration item, where the enterprise collaboration type is used to characterize a type of the target enterprise collaboration item and corresponds to the enterprise risk type.
A risk level unit 702, configured to compare the enterprise risk types according to the enterprise cooperation type, and obtain the associated risk levels corresponding to the enterprise risk types.
A level rule unit 703 is configured to traverse a preset level division table according to the associated risk level to obtain a risk level division rule, where the risk level division rule and the associated risk level are stored in the level division table in a one-to-one correspondence manner.
An authority rule unit 704, configured to obtain the data security level of the target enterprise, and traverse a preset authority partition table according to the data security level to obtain an authority partition rule, where the authority partition rule and the data security level are stored in the authority partition table in a one-to-one correspondence manner.
In this embodiment, the data management module 700 is further described, and some contents of the data management module are described in more detail, where an enterprise cooperation type refers to a type of a project that needs to cooperate with a target enterprise, and the enterprise cooperation type is consistent with an acquisition manner or a summary manner of an enterprise risk type of a historical risk event in a risk association graph, that is, the acquisition manner or the summary manner corresponds to the enterprise risk type, so that according to the enterprise risk type, a corresponding associated risk level of the target enterprise can be acquired, and therefore, a determination is performed according to a manually-defined level division table and an authority division table, so as to acquire a risk level division rule and an authority division rule, which are used for performing division setting related to protection on risk data related to the cooperation with the target enterprise.
As another preferred embodiment of the present invention, the present invention further includes a management execution module, and the management execution module includes:
and the processing response unit is used for acquiring the risk level division rule and the authority division rule in the data processing rule.
And the grade dividing unit is used for acquiring the corresponding risk data, dividing the risk grade of the risk data according to the risk grade dividing rule, if the risk grade is higher than or equal to a preset risk grade, the risk data are not shared, and if the risk grade is lower than the preset risk grade, the risk data are shared with the target enterprise.
And the permission limiting unit is used for acquiring the corresponding risk data, and performing permission grade division on the risk data according to the permission grade division rule, wherein the permission grade corresponds to the personnel permission grade and is used for limiting the access permission of relevant personnel to the risk data.
In this embodiment, a management execution module is supplemented, which is used for executing a response data processing rule to protect risk data, and mainly includes a ranking unit and an authority limit unit, where the ranking unit is used for responding to the risk ranking rule, and is used for feeding back a risk association ranking, and is used for ranking data cooperating with a target enterprise, and storing more important data in the enterprise database, so that if relevant collaborators of the target enterprise need to use, the data needs to be verified by the enterprise system to ensure the security of the data, and for general data, in order to facilitate the collaboration, the data is handed over to the target enterprise for recording and saving (certainly, the enterprise also has a copy book, and the work is facilitated), where the ranking is determined according to the target enterprise, and the target enterprise has a higher risk in the project type, the less data that can be directly saved; the permission limiting unit is used for responding to permission level division, wherein the permission level division is generated based on a data access snapshot log of a target enterprise, and permission division is carried out on data according to the condition that the data of the target enterprise can be accessed, so that personnel groups which can contact cooperative data are guaranteed, the purpose of protecting the data is achieved, and the probability of data leakage is reduced.
As shown in fig. 3, as another preferred embodiment of the present invention, the event analysis module 300 includes:
an event obtaining unit 301, configured to obtain historical risk events through the risk association map.
A type determination unit 302, configured to extract the content of the collaboration item from the historical risk event, and determine the type of the collaboration item according to the item content, thereby generating an enterprise risk type.
The evaluation statistical unit 303 is configured to obtain the occurrence number of the enterprise risk type and the risk fund corresponding to the enterprise risk type, evaluate the occurrence number and the risk fund according to the preset risk determination standard, and generate a correlation risk level, where the risk fund is used to represent fund loss generated by the historical risk event.
In this embodiment, the event analysis module 300 generates the associated risk level by performing statistics on the total occurrence probability of the events in the enterprise risk types, and evaluating and determining the related fund loss, and the higher the probability of occurrence of the risk event is and the higher the related loss amount is, the higher the risk is, in the unified enterprise risk types.
As another preferred embodiment of the present invention, the present invention further comprises a right authentication module;
the authority authentication module is used for acquiring personnel authentication information, performing identity verification according to the personnel authentication information, acquiring the access authority level of the personnel authentication information, and acquiring the risk data of which the authority level is less than or equal to the access authority level according to the access authority level to generate an access list.
In this embodiment, the authority authentication module is used for verifying when the related personnel in the cooperation project access the data in cooperation (i.e. risk data), so as to protect the risk data.
As shown in fig. 4, the present invention further provides an enterprise risk data processing method based on the enterprise risk association graph, which includes the following steps:
s200, acquiring a risk associated map of the target enterprise, wherein the risk associated map is used for recording risk information transmission relations among the enterprises and historical risk event occurrence logs of the enterprises.
S400, acquiring historical risk events through the risk association map, judging the risk types of the historical risk events to acquire a plurality of enterprise risk types, evaluating and counting the plurality of enterprise risk types, and acquiring corresponding association risk levels.
S600, acquiring a management snapshot log of the database of the target enterprise, performing data security evaluation on the target enterprise through the management snapshot log, and generating a data security level, wherein the management snapshot log is used for representing an accessed behavior record of data, and the data security level corresponds to a personnel permission level.
S800, acquiring the associated risk level corresponding to a preset enterprise cooperation type, and generating a data processing rule according to the associated risk level and the data security level, wherein the enterprise risk type corresponds to the enterprise cooperation type, and the data processing rule is used for protecting risk data cooperating with a target enterprise.
As another preferred embodiment of the present invention, the data processing rule includes a risk level classification rule and an authority classification rule of the risk data, and the step of obtaining the associated risk level corresponding to a preset enterprise cooperation type and generating the data processing rule according to the associated risk level and the data security level specifically includes:
and acquiring the enterprise cooperation type of the target enterprise cooperation project, wherein the enterprise cooperation type is used for representing the type of the target enterprise cooperation project and corresponds to the enterprise risk type.
And traversing and comparing the enterprise risk types according to the enterprise cooperation types to obtain the associated risk levels corresponding to the enterprise risk types.
And traversing a preset grade division table according to the associated risk grade to obtain a risk grade division rule, wherein the risk grade division rule and the associated risk grade are stored in the grade division table in a one-to-one correspondence manner.
And acquiring the data security level of the target enterprise, traversing a preset authority division table according to the data security level, and acquiring authority division rules, wherein the authority division rules and the data security level are stored in the authority division table in a one-to-one correspondence manner.
As another preferred embodiment of the present invention, further comprising the steps of:
and acquiring the risk level division rule and the authority division rule in the data processing rule.
Acquiring corresponding risk data, dividing risk levels of the risk data according to the risk level division rule, if the risk levels are higher than or equal to a preset risk level, the risk data are not shared, and if the risk levels are lower than the preset risk level, the risk data are shared with the target enterprise.
And acquiring the corresponding risk data, and performing authority level division on the risk data according to the authority level division rule, wherein the authority level corresponds to the personnel authority level and is used for limiting the access authority of relevant personnel to the risk data.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, which can be stored in a non-volatile computer-readable storage medium, and can include the processes of the embodiments of the methods described above when the program is executed. Any reference to memory, storage, database, or other medium used in the embodiments provided herein may include non-volatile and/or volatile memory, among others. Non-volatile memory can include read-only memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), Double Data Rate SDRAM (DDRSDRAM), Enhanced SDRAM (ESDRAM), Synchronous Link DRAM (SLDRAM), Rambus Direct RAM (RDRAM), direct bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM).
Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure herein. This application is intended to cover any variations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.
It will be understood that the present disclosure is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the present disclosure is limited only by the appended claims.
Claims (3)
1. Enterprise risk data processing system based on enterprise risk associated map, characterized by, includes:
the system comprises a target acquisition module, a risk association map acquisition module and a risk association map generation module, wherein the risk association map acquisition module is used for acquiring a risk information transmission relation among enterprises and a historical risk event occurrence log of the enterprises;
the event analysis module is used for acquiring historical risk events through the risk association map, judging the risk types of the historical risk events to acquire a plurality of enterprise risk types, evaluating and counting the plurality of enterprise risk types, and acquiring corresponding association risk levels;
the data evaluation module is used for acquiring a management snapshot log of a database of the target enterprise, performing data security evaluation on the target enterprise through the management snapshot log, and generating a data security level, wherein the management snapshot log is used for representing an accessed behavior record of data, and the data security level corresponds to a personnel permission level;
the data management module is used for acquiring the associated risk level corresponding to a preset enterprise cooperation type and generating a data processing rule according to the associated risk level and the data security level, wherein the enterprise risk type corresponds to the enterprise cooperation type, and the data processing rule is used for protecting risk data cooperating with the target enterprise;
the data processing rules comprise risk grade division rules and authority division rules of the risk data, and the data management module comprises:
the type obtaining unit is used for obtaining the enterprise cooperation type of the target enterprise cooperation project, the enterprise cooperation type is used for representing the type of the target enterprise cooperation project and corresponds to the enterprise risk type;
a risk level unit, configured to compare the enterprise risk types according to the enterprise cooperation type, and obtain the associated risk levels corresponding to the enterprise risk types;
the level rule unit is used for traversing a preset level division table according to the associated risk level to acquire a risk level division rule, and the risk level division rule and the associated risk level are stored in the level division table in a one-to-one correspondence manner;
the authority rule unit is used for acquiring the data security level of the target enterprise, traversing a preset authority division table according to the data security level and acquiring authority division rules, wherein the authority division rules and the data security level are stored in the authority division table in a one-to-one correspondence manner;
still include the management execution module, the management execution module includes:
the processing response unit is used for acquiring the risk grade division rule and the authority division rule in the data processing rule;
the grade classification unit is used for acquiring the corresponding risk data, performing risk grade classification on the risk data according to the risk grade classification rule, if the risk grade is higher than or equal to a preset risk grade, the risk data are not shared, and if the risk grade is lower than the preset risk grade, the risk data are shared with the target enterprise;
the authority limiting unit is used for acquiring the corresponding risk data, and performing authority grade division on the risk data according to the authority grade division rule, wherein the authority grade corresponds to the personnel authority grade and is used for limiting the access authority of relevant personnel to the risk data;
the system also comprises an authority authentication module;
the authority authentication module is used for acquiring personnel authentication information, performing identity verification according to the personnel authentication information, acquiring the access authority level of the personnel authentication information, and acquiring the risk data of which the authority level is less than or equal to the access authority level according to the access authority level to generate an access list.
2. The enterprise risk data processing system based on an enterprise risk correlation graph of claim 1, wherein the event analysis module comprises:
the event acquisition unit is used for acquiring historical risk events through the risk association map;
the type judgment unit is used for extracting the content of the cooperation project from the historical risk event and judging the type of the cooperation project according to the project content so as to generate an enterprise risk type;
and the evaluation statistical unit is used for acquiring the occurrence times of the enterprise risk types and the risk funds corresponding to the enterprise risk types, evaluating the occurrence times and the risk funds according to a preset risk judgment standard, and generating a correlation risk level, wherein the risk funds are used for representing the fund loss generated by the historical risk events.
3. An enterprise risk data processing method based on an enterprise risk associated map is characterized by comprising the following steps:
acquiring a risk associated map of a target enterprise, wherein the risk associated map is used for recording risk information transmission relations among enterprises and historical risk event occurrence logs of the enterprises;
acquiring historical risk events through the risk association map, judging the risk types of the historical risk events to acquire a plurality of enterprise risk types, evaluating and counting the plurality of enterprise risk types, and acquiring corresponding association risk levels;
acquiring a management snapshot log of a database of the target enterprise, and performing data security evaluation on the target enterprise through the management snapshot log to generate a data security level, wherein the management snapshot log is used for representing an accessed behavior record of data, and the data security level corresponds to a personnel permission level;
acquiring the associated risk level corresponding to a preset enterprise cooperation type, and generating a data processing rule according to the associated risk level and the data security level, wherein the enterprise risk type corresponds to the enterprise cooperation type, and the data processing rule is used for protecting risk data cooperating with a target enterprise;
the method is characterized in that the data processing rules comprise risk grade division rules and authority division rules of the risk data, and the steps of acquiring the associated risk grade corresponding to the preset enterprise cooperation type and generating the data processing rules according to the associated risk grade and the data security grade specifically comprise:
acquiring the enterprise cooperation type of the target enterprise cooperation project, wherein the enterprise cooperation type is used for representing the type of the target enterprise cooperation project and corresponds to the enterprise risk type;
traversing and comparing a plurality of enterprise risk types according to the enterprise cooperation type to obtain the associated risk level corresponding to the enterprise risk type;
traversing a preset grade division table according to the associated risk grade to obtain a risk grade division rule, wherein the risk grade division rule and the associated risk grade are stored in the grade division table in a one-to-one correspondence manner;
acquiring the data security level of the target enterprise, traversing a preset authority division table according to the data security level, and acquiring authority division rules, wherein the authority division rules and the data security level are stored in the authority division table in a one-to-one correspondence manner;
further comprising the steps of:
acquiring the risk level division rule and the authority division rule in the data processing rule;
acquiring corresponding risk data, and dividing risk levels of the risk data according to the risk level division rule, wherein if the risk levels are higher than or equal to a preset risk level, the risk data are not shared, and if the risk levels are lower than the preset risk level, the risk data are shared with the target enterprise;
acquiring corresponding risk data, and dividing the risk data into authority levels according to the authority dividing rule, wherein the authority levels correspond to the personnel authority levels and are used for limiting the access authority of relevant personnel to the risk data;
further comprising the steps of:
acquiring personnel authentication information, performing identity verification according to the personnel authentication information, acquiring the access authority level of the personnel authentication information, and acquiring the risk data of which the authority level is less than or equal to the access authority level according to the access authority level to generate an access list.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210391598.6A CN114493382B (en) | 2022-04-14 | 2022-04-14 | Enterprise risk data processing method and system based on enterprise risk associated graph |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210391598.6A CN114493382B (en) | 2022-04-14 | 2022-04-14 | Enterprise risk data processing method and system based on enterprise risk associated graph |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114493382A CN114493382A (en) | 2022-05-13 |
| CN114493382B true CN114493382B (en) | 2022-07-01 |
Family
ID=81488431
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210391598.6A Active CN114493382B (en) | 2022-04-14 | 2022-04-14 | Enterprise risk data processing method and system based on enterprise risk associated graph |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114493382B (en) |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112241540A (en) * | 2020-10-16 | 2021-01-19 | 浙江中烟工业有限责任公司 | Method and device for improving data interaction security between enterprises |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107204978B (en) * | 2017-05-24 | 2019-10-15 | 北京邮电大学 | A kind of access control method and device based on multi-tenant cloud environment |
| CN109787946B (en) * | 2017-11-14 | 2022-02-25 | 阿里巴巴集团控股有限公司 | Access method and authority management method and device for shared space |
| CN113496389A (en) * | 2020-07-06 | 2021-10-12 | 青岛黄海学院 | Cooperative management system based on foreign trade big data |
-
2022
- 2022-04-14 CN CN202210391598.6A patent/CN114493382B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112241540A (en) * | 2020-10-16 | 2021-01-19 | 浙江中烟工业有限责任公司 | Method and device for improving data interaction security between enterprises |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114493382A (en) | 2022-05-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109767322B (en) | Suspicious transaction analysis method and device based on big data and computer equipment | |
| WO2019041859A1 (en) | Method, device, and server for processing supervision information, and storage medium | |
| CN110458401A (en) | Information processing unit, method and storage medium based on block chain | |
| CN110674145B (en) | Data consistency detection method, device, computer equipment and storage medium | |
| CN109409659A (en) | Method for prewarning risk, device, computer equipment and storage medium | |
| CN114493382B (en) | Enterprise risk data processing method and system based on enterprise risk associated graph | |
| CN108984754B (en) | Client information updating method and device, computer equipment and storage medium | |
| CN114036489A (en) | Information security management method and system based on big data | |
| CN110084476B (en) | Case adjustment method, device, computer equipment and storage medium | |
| CN116401688A (en) | Data security risk prediction method, device, computer equipment and medium | |
| CN115587898A (en) | Cloud service-based financial data secure sharing method and system | |
| CN113987432A (en) | Role authorization method, role authorization device, computer equipment and storage medium | |
| CN114757556A (en) | Automobile industry information security system credibility assessment method and assessment system | |
| CN113687800A (en) | File printing processing method and device, computer equipment and storage medium | |
| CN117726435B (en) | Image data management method and system | |
| CN110851864A (en) | Sensitive data automatic identification and processing method and system | |
| CN117131534B (en) | Secret document security management and control method based on blockchain | |
| CN114139189B (en) | Data security processing method and device based on mutual simulation equivalence | |
| CN117094033B (en) | Security destruction evaluation system and method based on key data sensitivity | |
| Liu | Reflection on Big Data Technology: Problems and Countermeasures in" Big Data Credit Reporting" of Internet Finance in China | |
| CN115630375A (en) | Electronic insurance risk management and control method, system and electronic equipment | |
| CN116663067B (en) | Financial user information protection method, system, terminal equipment and storage medium | |
| CN117474554A (en) | Gold transaction data security management method and system | |
| CN116992443A (en) | Data security identification method and system based on network monitoring | |
| CN114328627A (en) | Big data-based data right-confirming analysis method, equipment and medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |