CN114745203A - Method and device for monitoring full life cycle of user account - Google Patents
Method and device for monitoring full life cycle of user account Download PDFInfo
- Publication number
- CN114745203A CN114745203A CN202210516515.1A CN202210516515A CN114745203A CN 114745203 A CN114745203 A CN 114745203A CN 202210516515 A CN202210516515 A CN 202210516515A CN 114745203 A CN114745203 A CN 114745203A
- Authority
- CN
- China
- Prior art keywords
- user account
- information
- identity authentication
- authentication platform
- unified identity
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/102—Entity profiles
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Power Engineering (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a method and a device for monitoring the whole life cycle of a user account, wherein the whole process from the time when a user enters the job to the time when the user leaves the job to the time when the user account is filed is completed on a unified identity authentication platform. The invention realizes the monitoring of all the operation behaviors of the user account in the whole life cycle, thereby improving the operation and maintenance management level of the information system.
Description
Technical Field
The invention relates to the technical field of information security, in particular to a method and a device for monitoring the full life cycle of a user account.
Background
With the development of information technology and the continuous progress of informatization construction, business applications, office systems and business platforms are continuously released and put into operation, and information systems are comprehensively permeated in enterprise operation. Due to the fact that the information system comprises numerous devices and servers, the management difficulty is relatively high and other factors, unauthorized access, misoperation, abuse of operation permission, malicious damage and the like occur sometimes, and therefore economic operation energy efficiency of enterprises is seriously affected.
Therefore, how to monitor the operation behavior of the user based on the user account and improve the operation and maintenance management level of the information system becomes a technical problem that needs to be solved urgently by technical personnel in the field.
Disclosure of Invention
In view of this, the invention discloses a method and a device for monitoring a full life cycle of a user account, so as to monitor all operation behaviors of the full life cycle of the user account, thereby improving the operation and maintenance management level of an information system.
A method for monitoring the full life cycle of a user account number comprises the following steps:
creating user account related information on a front-end unified identity authentication platform, wherein the user account related information comprises: the method comprises the steps that a user account, corresponding user account attribute information and access operation authority are obtained;
when the user account attribute information is monitored to be changed and/or abnormal operation occurs on the unified identity authentication platform, modifying the access operation authority of a target user account with the changed user account attribute information and/or the abnormal operation, wherein the changed user account attribute information comprises user position calling and user job leaving;
synchronizing the target user account related information modified by the access operation authority to all applications docked with the unified identity authentication platform, wherein the target user account related information comprises: and the target user account, corresponding target user account attribute information and target user account access operation authority.
Optionally, the creating of the user account related information on the front-end unified identity authentication platform specifically includes:
and synchronizing the existing user account related information in the active directory domain and/or the office automation system to the unified identity authentication platform so as to complete the creation of the user account related information.
Optionally, after the synchronizing the information related to the user account existing in the active directory domain and/or the office automation system to the unified identity authentication platform, the method further includes:
and carrying out multi-dimensional recording on the synchronization success information and/or the synchronization failure information of the user account related information.
Optionally, the creating of the user account related information on the front-end unified identity authentication platform includes:
establishing a user account on the unified identity authentication platform by adopting a preset unified account naming standard;
and adding corresponding user account attribute information for the newly-built user account, and distributing corresponding access operation permission.
Optionally, a preset unified account naming specification is adopted, and a user account is newly created on the unified identity authentication platform, which specifically includes:
arranging and combining initial consonants and final consonants in pinyin of the user name, and meanwhile, combining a unified code coding table to obtain an initial user account;
the initial user account is sent to a server side, and the server side verifies the uniqueness and the legality of the initial user account;
and receiving a verification passing instruction fed back by the server side, and determining the initial user account as a user account newly established on the unified identity authentication platform.
Optionally, a preset unified account naming specification is adopted, and a user account is newly created on the unified identity authentication platform, which specifically includes:
arranging and combining initial consonants and final consonants in pinyin of the user name, and meanwhile, combining a unified code coding table to obtain an initial user account;
the initial user account is sent to a server side, and the server side verifies the uniqueness and the legality of the initial user account;
and receiving a modified user account fed back by the server, and determining the modified user account as a newly-established user account on the unified identity authentication platform, wherein the modified user account is generated by superimposing a unique random number behind the initial user account when the server determines that the initial user account is repeated.
Optionally, the method further includes:
when a system administrator account logs in the unified identity authentication platform, receiving extension information of the user account attribute information sent by the system administrator account;
and adding the extended information into the attribute information of the user account, and synchronizing the attribute information of the user account added with the extended information into all the applications in the butt joint with the unified identity authentication platform.
Optionally, the method further includes:
receiving modification content aiming at the related information of the user account sent by the user account which has logged in the unified identity authentication platform;
and sending the modified content to a system administrator terminal for validity check, wherein the validity check content at least comprises: whether the modified content is information except the unique identity of the user account in the related information of the user account or not;
and receiving a validity verification passing instruction fed back by the system administrator, modifying the related information of the user account according to the modification content, and synchronizing the modified related information of the user account to all applications in the joint with the unified identity authentication platform.
A monitoring device for a full life cycle of a user account number comprises:
an information creating unit, configured to create user account related information on a front-end unified identity authentication platform, where the user account related information includes: a user account, corresponding user account attribute information and access operation authority;
the authority modification unit is used for modifying the access operation authority of the target user account with the changed user account attribute information and/or abnormal operation when the change and/or abnormal operation of the user account attribute information is monitored on the unified identity authentication platform, wherein the change of the user account attribute information comprises user position calling and user off-position;
an information synchronization unit, configured to synchronize information related to a target user account with access operation permission modified to all applications docked with the unified identity authentication platform, where the information related to the target user account includes: and the target user account, corresponding target user account attribute information and target user account access operation authority.
Optionally, the information creating unit specifically includes:
and the first information creating subunit is used for synchronizing the existing user account related information in the active directory domain and/or the office automation system to the unified identity authentication platform so as to complete the creation of the user account related information.
Optionally, the information creating unit further includes:
and the information recording subunit is used for carrying out multi-dimensional recording on the synchronization success information and/or the synchronization failure information of the user account related information.
Optionally, the information creating unit further includes:
the second information creating subunit is used for creating a user account on the unified identity authentication platform by adopting a preset unified account naming standard;
and the permission allocation subunit is used for adding corresponding user account attribute information to the newly-built user account and allocating corresponding access operation permission.
Optionally, the second information creating subunit is specifically configured to:
arranging and combining initial consonants and vowels in pinyin of user names, and simultaneously combining a uniform code coding table to obtain an initial user account;
the initial user account is sent to a server side, and the server side verifies the uniqueness and the legality of the initial user account;
and receiving a verification passing instruction fed back by the server side, and determining the initial user account as a user account newly established on the unified identity authentication platform.
Optionally, the second information creating subunit is specifically configured to:
arranging and combining initial consonants and vowels in pinyin of user names, and simultaneously combining a uniform code coding table to obtain an initial user account;
the initial user account is sent to a server side, and the server side verifies the uniqueness and the legality of the initial user account;
and receiving a modified user account fed back by the server, and determining the modified user account as a user account newly established on the unified identity authentication platform, wherein the modified user account is generated by superposing a random number with uniqueness behind the initial user account when the server determines that the initial user account is repeated.
Optionally, the method further includes:
the extended information receiving unit is used for receiving extended information of the user account attribute information sent by the system administrator account after the system administrator account logs in the unified identity authentication platform;
and the extended information adding unit is used for adding the extended information into the user account attribute information and synchronizing the user account attribute information added with the extended information into all the applications in the butt joint with the unified identity authentication platform.
Optionally, the method further includes:
a modified content receiving unit, configured to receive modified content for the information related to the user account sent by the user account that has logged in the unified identity authentication platform;
and the modified content auditing unit is used for sending the modified content to a system administrator terminal for validity auditing, wherein the validity auditing content at least comprises: whether the modified content is information except the unique identity of the user account in the related information of the user account or not;
and the modified content synchronization unit is used for receiving a validity verification passing instruction fed back by the system administrator, modifying the related information of the user account according to the modified content, and synchronizing the modified related information of the user account to all applications in the interface with the unified identity authentication platform.
According to the technical scheme, the invention discloses a method and a device for monitoring the full life cycle of a user account, wherein the related information of the user account is established on a front-end unified identity authentication platform, and the related information of the user account comprises the following steps: when the user account attribute information is monitored to be changed and/or abnormal operation occurs on the user account attribute information through the unified identity authentication platform, the access operation authority of the target user account with the changed user account attribute information and/or the abnormal operation occurs is modified, and the related information of the target user account with the modified access operation authority is synchronized to all applications in butt joint with the unified identity authentication platform. The invention creates corresponding user account related information from user enrollment, and the whole process from user off-job user account archiving is completed on the unified identity authentication platform, when the unified identity authentication platform monitors that the user account attribute information is changed, such as user job position movement or user off-job, and/or abnormal operation occurs, the unified identity authentication platform modifies the access operation authority of the target user account with the user account attribute information changed and/or abnormal operation to limit the access operation authority of the user, the unified identity authentication platform is used as a unique data source for docking all applications, and synchronizes the target user account related information with the modified access operation authority into all docked applications, thereby realizing synchronous updating of the unified identity authentication platform and all docked applications, therefore, the invention realizes the monitoring of all the operation behaviors of the user account in the whole life cycle through the unified identity authentication platform, thereby improving the operation and maintenance management level of the information system.
Drawings
In order to more clearly illustrate the embodiments of the present specification or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present specification, and other drawings can be obtained by those skilled in the art without creative efforts.
Fig. 1 is a flowchart of a method for monitoring a full life cycle of a user account according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram of a monitoring apparatus for a full life cycle of a user account according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, a flowchart of a method for monitoring a full life cycle of a user account disclosed in the embodiment of the present invention is applied to a front end, and includes:
s101, creating user account related information on a unified identity authentication platform at the front end;
the user account related information comprises: and the user account, the corresponding user account attribute information and the access operation authority.
The unified identity authentication platform is a user authentication data source and a user account full life cycle management platform.
In this embodiment, the unified identity authentication platform interfaces with a plurality of application systems, where the interfacing application system includes, but is not limited to, an AD (Active Directory) domain, an OA (Office Automation) system, and all interfacing applications.
The unified identity authentication platform and the plurality of application systems establish communication connection by adopting a preset communication protocol, and the preset communication protocol may include: SCIM (System for Cross-domain Identity Management), JNDI (Java Naming and Directory Interface), and LDAP (Lightweight Directory Access Protocol).
The user account attribute information may include: mailbox, cell phone number, job position, home address, etc.
S102, when the attribute information of the user account is monitored to be changed and/or abnormal operation occurs through the unified identity authentication platform, modifying the access operation authority of the target user account with the changed attribute information of the user account and/or the abnormal operation;
the user account attribute information is changed, wherein the user account attribute information comprises user position calling and user job leaving.
The user establishes corresponding user account related information on the unified identity authentication platform, and after a system administrator configures corresponding user account attribute information and access operation authority for the user account, the user account can access applications and resources according to the access operation authority.
A system administrator: the system has the highest authority after logging in the unified identity authentication platform, can add and maintain users, user organizations and user groups, allocate user access operation authority and manage and maintain the whole life cycle of the users, and can also be responsible for examining and approving all self attribute information except accounts and names which are independently modified by the users.
And the unified identity authentication platform maintains the normal operation of the whole unified identity authentication platform according to the security access strategy set by the unified identity authentication platform.
Specifically, the attribute information of the user account is changed, for example, the user leaves a job (once the user submits a leave flow, a system policy is triggered), and the attribute of the user account is changed (for example, the user attribute is tampered through an abnormal channel to increase the access authority).
The abnormal operation includes: the user account frequently logs in a unified identity authentication platform, multiple remote logins and multiple terminals frequently log in, and the like. And when abnormal operation occurs, a safety wind control reaction mechanism of the unified identity authentication platform is caused.
When the user account attribute information is monitored to be changed and/or abnormal operation occurs through the unified identity authentication platform, the system modifies the access operation authority of the target user account with the changed user account attribute information and/or the abnormal operation according to the existing security access strategy, and synchronizes the information related to the target user account with the modified access operation authority to all applications connected with the unified identity authentication platform. That is, all the applications that are docked are notified at the first time after the access operation authority is modified, so that the modified access operation authority becomes effective immediately, and the loss of the unified identity authentication platform is reduced to the minimum or prevented. The user is unaware in the whole process and is completely and automatically completed by the system.
The security access policy may be, for example, that if it is detected that the user account frequently logs in the unified identity authentication platform for more than a preset number of times (e.g., 3 times) within a preset time (e.g., 1 min), and all the times are terminated by failure, the current user account is temporarily sealed.
And step S103, synchronizing the information related to the target user account with the modified access operation authority to all applications in butt joint with the unified identity authentication platform.
The target user account related information comprises: and the target user account, corresponding target user account attribute information and target user account access operation authority.
In summary, the method for monitoring the full life cycle of the user account disclosed by the invention creates the relevant information of the user account on the unified identity authentication platform at the front end, wherein the relevant information of the user account comprises the following steps: when the user account attribute information is monitored to be changed and/or abnormal operation occurs on the user account attribute information through the unified identity authentication platform, the access operation authority of the target user account with the changed user account attribute information and/or the abnormal operation occurs is modified, and the related information of the target user account with the modified access operation authority is synchronized to all applications in butt joint with the unified identity authentication platform. The invention creates the corresponding user account related information from the user's job entering to the user's off-job user account filing process, all completed on the unified identity authentication platform, in the user account life cycle, when the unified identity authentication platform monitors the user account attribute information to change, such as the user position movement or user off-job, and/or abnormal operation, the unified identity authentication platform will modify the access operation authority of the target user account which has changed user account attribute information and/or abnormal operation, so as to limit the user's access operation authority, the unified identity authentication platform as the only data source for docking all applications, will synchronize the target user account related information modified by the access operation authority to all docked applications, thereby realizing the synchronous update of the unified identity authentication platform and all docked applications, therefore, the invention realizes the monitoring of all the operation behaviors of the user account in the whole life cycle through the unified identity authentication platform, thereby improving the operation and maintenance management level of the information system.
In practical application, the invention mainly has two modes of establishing the related information of the user account on the unified identity authentication platform at the front end, wherein the first mode is synchronous related information of the user account, and the second mode is directly establishing the related information of the user account on the unified identity authentication platform.
Therefore, step S101 may specifically include:
and synchronizing the existing user account related information in the active directory domain and/or the office automation system to a unified identity authentication platform through a synchronization engine, an affair mechanism and a preset communication protocol so as to complete the creation of the user account related information.
In the synchronization process, multi-dimensional recording can be performed on the synchronization success information and/or the synchronization failure information of the user account related information. The synchronization success information can be output in a report form so as to be convenient for a system administrator to check, and the synchronization failure information can trigger the synchronization process again through a timer mechanism until the synchronization is successful.
Step S101 may specifically include:
establishing a user account on a unified identity authentication platform by adopting a preset unified account naming standard;
and adding corresponding user account attribute information for the newly-built user account, and distributing corresponding access operation permission.
It should be noted that the newly created user account is the only information for determining the user identity, so in order to prevent duplicate names, the invention defines the same account naming standard for the user account.
The method specifically comprises the following steps of establishing a new user account on a unified identity authentication platform by adopting a preset unified account naming standard:
arranging and combining initial consonants and final consonants in pinyin of user names, and combining a unified code (Unicode) coding table to obtain an initial user account;
the initial user account is sent to a server side, and the server side verifies the uniqueness and the legality of the initial user account;
and receiving a verification passing instruction fed back by the server side, and determining the initial user account as a user account newly established on the unified identity authentication platform.
It should be noted that, when the server detects that there is a duplicate user account in the initial user account, in order to ensure the uniqueness of the user account, the server may superimpose a random number with uniqueness behind the initial user account to modify the initial user account, and feed back the modified initial user account to the front end.
The random number may be any random number with uniqueness, such as a random number with uniqueness within 100, which is determined by actual needs, and the present invention is not limited herein.
Therefore, creating a new user account on the unified identity authentication platform by using a preset unified account naming specification may specifically include:
arranging and combining initial consonants and vowels in pinyin of user names, and simultaneously combining a uniform code coding table to obtain an initial user account;
sending the initial user account to a server side, and checking the uniqueness and the legality of the initial user account by the server side;
and receiving a modified user account fed back by the server, and determining the modified user account as a newly-built user account on the unified identity authentication platform, wherein the modified user account is generated by superposing a unique random number behind an initial user account when the server determines that the initial user account is repeated.
After the user account related information is created on the unified identity authentication platform, the user account related information can be maintained through the unified identity authentication platform, the user account, the name and the like can be used for determining the uniqueness and the irredifilability of the user identity information, and the unified identity authentication platform can perform custom expansion on other user information, such as information of a mailbox, a mobile phone number, a position, an address and the like, so that the user account information is perfected. The system administrator has the highest operation authority for the unified identity authentication platform, and in practical application, the system administrator can expand the attribute information of the user account on the unified identity authentication platform according to actual requirements.
Therefore, to further optimize the above embodiment, the monitoring method may further include:
when a system administrator account logs in a unified identity authentication platform, receiving extension information of user account attribute information sent by the system administrator account;
and adding the extended information into the attribute information of the user account, and synchronizing the attribute information of the user account added with the extended information into all applications in butt joint with the unified identity authentication platform.
In practical application, the user account full life cycle management can be realized through the unified identity authentication platform, organization establishment or synchronous work can be carried out according to the existing personnel department, group information and category, an organization is selected, all member lists of the organization are obtained, and company department information, personnel information and synchronous personnel information can be added, modified and deleted to all applications which are connected with the unified identity authentication platform in a member list interface.
After the system administrator defines the attribute information (attribute field) of the user account on the unified identity authentication platform, the system administrator can not only maintain the attribute information through the related information of the existing user account, but also independently modify all information except the user account, name and the like which uniquely determine the user identity information, such as the position, the address and the like, by the user through a PC terminal and a mobile terminal. After other information such as the position, the address, etc. changes, the user can not inform the system administrator to modify, the user modifies after logging in the unified identity authentication platform, the modification information is sent to the system administrator to be audited, and the auditing content can include: whether the modified content is valid, whether the modified format is correct, whether the job information invocation is correct, and the like. And when the user passes the content modification audit, the content modification audit is immediately effective. And if the modified content is associated with all the applications docked by the unified identity authentication platform, the unified identity authentication platform synchronizes the modified related information of the user account to all the docked applications.
Therefore, to further optimize the above embodiment, the monitoring method may further include:
receiving modification content aiming at user account related information sent by a user account which has logged in a unified identity authentication platform;
and sending the modified content to a system administrator terminal for validity check, wherein the validity check content at least comprises: whether the modified content is information except the unique identity of the user account in the related information of the user account or not is judged;
and receiving a validity verification passing instruction fed back by a system administrator, modifying the related information of the user account according to the modification content, and synchronizing the modified related information of the user account to all applications in butt joint with the unified identity authentication platform.
It should be noted that, if the system administrator finds that the modified content is incorrect or incorrect, the modified content will not be approved, at this time, the system administrator sends an email to the user through the unified identity authentication platform to inform that the audit is not approved, and the reason for the non-approval is described. And after the user modifies the content, submitting the content again, and performing auditing again by a system administrator until the modified content is approved or the user gives up modifying. Aiming at the modified content, the system can provide complete modified records and user operation behavior information.
In addition, the terminal device of the user account is usually installed with security protection software (such as antivirus software, EDR, EPP, and the like) to check and kill dangerous files in the electronic device.
In order to further improve the safety protection capability of the terminal equipment, under the condition that a user allows, the safety protection software is used for collecting potential dangerous files existing in the electronic equipment, and the collected potential dangerous files are detected to obtain file information of the potential dangerous files; and then uploading the collected potentially dangerous data (including potentially dangerous files and file information thereof) to a server, so that the potentially dangerous data is further analyzed by the server, and the safety protection capability of the electronic equipment can be improved according to the analysis result of the server.
However, the potentially dangerous data collected by the electronic device may carry sensitive information concerned by the user, and therefore the sensitive information may be leaked when the potentially dangerous data is collected.
In order to solve the problem of sensitive information leakage existing in the process of collecting potentially dangerous data, the method further comprises the following steps:
step A, responding to a scanning instruction issued by a unified identity authentication platform, and scanning target electronic equipment to obtain potential danger data existing in the target electronic equipment; wherein the potential danger data comprises a potential danger file and file information of the potential danger file;
b, determining an acquisition strategy of the target electronic equipment;
step C, filtering the potential danger data by using an acquisition strategy to obtain target potential danger data for uploading to a server; wherein the target potentially dangerous data does not carry sensitive information concerned by the user.
In the embodiment of the invention, the potential danger data existing in the target electronic equipment is obtained by scanning the target electronic equipment, and then the potential danger data is filtered by utilizing the acquisition strategy of the target electronic equipment, so that the target potential danger data which is used for uploading the server and does not carry sensitive information concerned by a user is obtained. According to the technical scheme, the threat detection analysis and the traceability analysis can be carried out on the potential danger file by utilizing the target potential danger data, and the leakage of relevant sensitive information can be avoided, so that the problem of sensitive information leakage existing in the process of collecting the potential danger data is solved.
In some embodiments, the electronic device may be a computer or a mobile terminal, and the specific type of the electronic device is not limited herein. The target electronic device is an electronic device installed with related safety protection software, that is, an electronic device that scans potential dangerous data existing in the target electronic device by using the safety protection software.
It will be appreciated that potentially dangerous files are used to represent potentially dangerous files, such as files suspected of being viruses and files of unknown security, etc.
Generally, when the security protection software detects a dangerous file (i.e. a file determined as a virus or a file determined as unsafe) by using a danger detection rule set by the security protection software, the dangerous file can be directly deleted. Because the dangerous killing (or virus killing) capability of the safety protection software is limited, the server is needed to improve the killing capability of the safety protection software. That is to say, when a potentially dangerous file is detected by using a danger detection rule set by the security protection software, the security protection software cannot determine whether the currently potentially dangerous file is a dangerous file, and therefore the detected potentially dangerous file needs to be uploaded to the server, so as to improve the killing capability of the security protection software by means of the server.
In some embodiments, the file information may include at least one of: file name, file directory, file path, file type, file content of document file, and whether macro virus exists in office file.
In this embodiment, the acquired potentially dangerous files are detected to obtain file information, and the file information is uploaded, so that the potentially dangerous files are subjected to source tracing analysis by using the server, so that the potentially dangerous files can be better recognized in the aspects of dangerous sources, an intrusion process, an intrusion mechanism and the like, and the searching and killing capability of the safety protection software can be greatly improved.
The file type may be, for example, a binary executable type including suffixes such as "exe, dll, elf", or an office type (also a document type, that is, the document type includes an office type) including suffixes such as "doc, ppt, xls", or a document type including suffixes such as "txt, pdf", and specific file types are not described herein again.
When the file type is a document file, the file content thereof is likely to contain sensitive information in the form of words such as "inside, trade secret, secret", and the like, and thus it is necessary to acquire the file content. Generally, a document file whose file content contains sensitive information is not generally a potentially dangerous file, and an office file that has file content containing sensitive information is likely to be a potentially dangerous file only. This is because, when the detected potentially dangerous file is an office file (that is, the file type of the potentially dangerous file is an office type), the content of the office file contains sensitive information, and the office file is infected with a macro virus, so that the sensitive information in the file content may be leaked after the office file is uploaded to the server. Therefore, it is necessary to comprehensively consider the file contents and whether macro viruses exist in the office file.
For example, the file path named "E: \ work material \ personal account. doc" is the file directory, "E: \ work material" is the file name, "personal account" is the file name. Assuming that the "personal account" is sensitive information that the user is interested in, the sensitive information may be leaked if the file information is uploaded, so it is necessary to filter file information such as file name, file directory, file path, etc. to avoid the leakage of the sensitive information.
In some embodiments, the acquisition strategy may include at least one of:
acquiring a first strategy, and determining whether to upload a current potentially dangerous file to a server based on the file type of the potentially dangerous file;
acquiring a strategy II, and determining whether macro viruses exist in the current potential dangerous file when the file type of the potential dangerous file is an office type; if yes, determining whether the file content of the current potential dangerous file contains sensitive information concerned by the user; if so, extracting macro viruses of the current potential dangerous file, and uploading the extracted macro viruses to a server;
acquiring a strategy III, and determining whether the file content of the current potential dangerous file contains sensitive information concerned by a user when the file type of the potential dangerous file is a file type; if so, not uploading the current potential dangerous file to the server;
acquiring a strategy IV, and determining whether a file path of the current potential dangerous file contains sensitive information concerned by a user; if so, not uploading the current potential dangerous file to the server;
acquiring a strategy V, and determining whether to upload the current potentially dangerous file to a server based on the file directory of the potentially dangerous file;
and acquiring a strategy six, converting the file name and the file path of the current potentially dangerous file into a hash value, and uploading the hash value to a server.
For the first collection policy, generally, the file type of the potentially dangerous file is mostly a binary executable type of suffixes such as "exe, dll, elf", and the like, and although the office type of the suffixes such as "doc, ppt, xls" may also be the file type of the potentially dangerous file, the file content of the office file may contain sensitive information focused by the user. Thus, to avoid leakage of sensitive information, for example, it may be considered to upload potential hazard files of binary executable type of suffixes "exe, dll, elf", etc. to a server, while not uploading potential hazard files of office type of suffixes "doc, ppt, xls", etc. to the server.
For the second collection policy, as described in the first collection policy, when the detected potentially dangerous file is an office file, if the content of the office file contains sensitive information and the office file is infected with macro virus, the sensitive information in the file content may be leaked after the office file is uploaded to the server. In order to realize that the content of the office file can not be uploaded to the server, and the macro virus infected by the office file can be uploaded to the server, the structure of the office file can be detached to extract the macro virus of the office file, and the extracted macro virus can be uploaded to the server. It should be noted that the detachment of the structure of the office file is well known to those skilled in the art, and will not be described herein.
For the acquisition policy III, compared with the acquisition policy II, the acquisition policy III can directly select a potential dangerous file uploading server which does not use the file type as the document type and has the sensitive information concerned by the user in the file content, so that the leakage of the sensitive information can be avoided.
Regarding the collection policy four, as mentioned above, for example, the "personal account" in the file path named "E: \ work material \ personal account.
For the fifth collection strategy, for example, Files in the file directory of the 'E: \ work material' are mostly private Files concerned by the user, and most of the Files in the file directory of the 'E: \ Program Files' are not concerned by the user, so that the Files in the file directory of the 'E: \ work material' can be directly selected not to be uploaded to the server, and sensitive information can be prevented from being leaked.
For the acquisition strategy six, in order to accurately trace the source, the file name and the file path of each potentially dangerous file need to be uploaded to a server; in order to achieve private uploading, the file name and the file path of the current potentially dangerous file can be converted into a hash value and then uploaded to a server, so that sensitive information can be prevented from being leaked.
The acquisition policy of the target electronic device may be configured by the user, or may be configured automatically by the target electronic device, and the configuration manner of the acquisition policy of the target electronic device is not limited herein.
When the acquisition strategy of the target electronic equipment is configured by a user, the acquisition strategy can be displayed to the user in a pop-up window mode after the potential dangerous data existing in the target electronic equipment is obtained, and then the user can carry out adaptive configuration in the window; or after the safety protection software is successfully installed, the user needs to perform initial configuration on the adopted acquisition strategy, that is, the acquisition strategy can also be configured in advance by the user.
When the acquisition policy of the target electronic device is automatically configured by the target electronic device, step B may include:
determining an acquisition strategy of the target electronic equipment based on the application scene of the target electronic equipment; wherein, the application scene comprises at least one of the following: the application field, the detection condition of the current dangerous file and the detection condition of the historical dangerous file.
In the embodiment, the acquisition strategy is automatically configured based on the application scene of the target electronic device, so that better flexible use degree can be ensured, and the use experience of a user is improved.
When the application scene of the target electronic device is the application field, the automatic configuration process of the target electronic device may be: after the safety protection software is installed successfully, the installation protection software can prompt the user of what kind of field the occupation is, at the moment, the user can check the financial field, and then the target electronic equipment can automatically configure the acquisition strategy according to the checked financial field. For example, the automatically configured acquisition policy may be acquisition policy one, acquisition policy three, and acquisition policy five, as described above.
When the application scenario of the target electronic device is a detection situation of the current dangerous file, an automatic configuration process of the target electronic device may be: when the safety protection software is used for collecting potential dangerous files existing in the target electronic equipment, the installation protection software can judge the danger level of the target electronic equipment at the moment according to the current detection condition of the dangerous files. If more dangerous files are detected at this time, the judged dangerous level can be high-level, so that the number of automatically configured acquisition strategies can be increased to improve the safety protection capability of the target electronic equipment, for example, an acquisition strategy one, an acquisition strategy two, an acquisition strategy three, an acquisition strategy five and an acquisition strategy six can be selected. If the detected dangerous files are less, the judged dangerous level can be low level, so that the collection strategy of the automatic configuration can be reduced to reduce the strategy matching time of the target electronic equipment, for example, a collection strategy one and a collection strategy three can be selected.
When the application scenario of the target electronic device is a detection situation of the historical dangerous file, the automatic configuration process of the target electronic device may be: when the safety protection software is used for collecting potential dangerous files existing in the target electronic equipment, the installation protection software can judge the danger level of the target electronic equipment at the moment according to the historical detection condition of the dangerous files. If more dangerous files are detected in history, the judged dangerous level can be high-level, so that the number of automatically configured acquisition strategies can be increased to improve the safety protection capability of the target electronic equipment, for example, an acquisition strategy one, an acquisition strategy two, an acquisition strategy three, an acquisition strategy five and an acquisition strategy six can be selected. If the number of the historically detected dangerous files is small, the judged dangerous level can be low, so that the collection strategy of the automatic configuration can be reduced, the strategy matching time of the target electronic equipment is reduced, and for example, a collection strategy one and a collection strategy three can be selected.
In conclusion, the acquisition strategies can be combined and used adaptively according to different application scenes of the target electronic equipment, so that the requirements of threat detection analysis and tracing can be met, and the leakage risk of sensitive information can be reduced minimally.
Corresponding to the embodiment of the method, the invention also discloses a monitoring device for the full life cycle of the user account.
Referring to fig. 2, a schematic structural diagram of a device for monitoring a full life cycle of a user account disclosed in an embodiment of the present invention includes:
an information creating unit 201, configured to create user account related information on a front-end unified identity authentication platform, where the user account related information includes: the method comprises the steps that a user account, corresponding user account attribute information and access operation authority are obtained;
in this embodiment, the unified identity authentication platform interfaces with a plurality of application systems, where the interfacing application system includes, but is not limited to, an AD (Active Directory) domain, an OA (Office Automation) system, and all interfacing applications.
The unified identity authentication platform and the plurality of application systems establish communication connection by adopting a preset communication protocol, and the preset communication protocol may include: SCIM (System for Cross-domain Identity Management), JNDI (Java Naming and Directory Interface), and LDAP (Lightweight Directory Access Protocol).
The user account attribute information may include: mailbox, mobile phone number, position, home address, etc.
The authority modification unit 202 is configured to modify an access operation authority of a target user account with changed user account attribute information and/or abnormal operation when it is monitored that the user account attribute information is changed and/or abnormal operation occurs on the unified identity authentication platform, where the change of the user account attribute information includes user position calling and user leaving;
the user establishes corresponding user account related information on the unified identity authentication platform, and after a system administrator configures corresponding user account attribute information and access operation authority for the user account, the user account can access applications and resources according to the access operation authority.
A system administrator: the system has the highest authority after logging in the unified identity authentication platform, can add and maintain users, user organizations and user groups, allocate user access operation authority and manage and maintain the whole life cycle of the users, and can also be responsible for examining and approving all self attribute information except accounts and names which are independently modified by the users.
And the unified identity authentication platform maintains the normal operation of the whole unified identity authentication platform according to the self-set security access strategy and the wind control system.
Specifically, the attribute information of the user account is changed, for example, the user leaves a job (the user triggers a system policy once submitting a job leaving process), and the attribute of the user account is changed (for example, the user attribute is tampered through an abnormal channel to increase the access authority).
The abnormal operation includes: the user account frequently logs in a unified identity authentication platform, multiple remote logins and multiple terminals frequently log in, and the like. And when abnormal operation occurs, a safety wind control reaction mechanism of the unified identity authentication platform is caused.
When the user account attribute information is monitored to be changed and/or abnormal operation occurs through the unified identity authentication platform, the system modifies the access operation authority of the target user account with the changed user account attribute information and/or the abnormal operation according to the existing task mechanism or the existing safety strategy, and synchronizes the information related to the target user account with the modified access operation authority to all applications in butt joint with the unified identity authentication platform. That is, all the applications that are docked are notified at the first time after the access operation authority is modified, so that the modified access operation authority becomes effective immediately, and the loss of the unified identity authentication platform is reduced to the minimum or prevented. The user is unaware in the whole process and is completely and automatically completed by the system.
An information synchronization unit 203, configured to synchronize information related to a target user account with an access operation permission modified to all applications docked with the unified identity authentication platform, where the information related to the target user account includes: and the target user account, corresponding target user account attribute information and target user account access operation authority.
In summary, the monitoring apparatus for the full life cycle of the user account disclosed in the present invention creates the relevant information of the user account on the unified identity authentication platform at the front end, where the relevant information of the user account includes: when the user account attribute information is monitored to be changed and/or abnormal operation occurs on the user account attribute information through the unified identity authentication platform, the access operation authority of the target user account with the changed user account attribute information and/or the abnormal operation occurs is modified, and the related information of the target user account with the modified access operation authority is synchronized to all applications in butt joint with the unified identity authentication platform. The invention creates corresponding user account related information from user enrollment, and the whole process from user off-job user account archiving is completed on the unified identity authentication platform, when the unified identity authentication platform monitors that the user account attribute information is changed, such as user job position movement or user off-job, and/or abnormal operation occurs, the unified identity authentication platform modifies the access operation authority of the target user account with the user account attribute information changed and/or abnormal operation to limit the access operation authority of the user, the unified identity authentication platform is used as a unique data source for docking all applications, and synchronizes the target user account related information with the modified access operation authority into all docked applications, thereby realizing synchronous updating of the unified identity authentication platform and all docked applications, therefore, the invention realizes the monitoring of all the operation behaviors of the user account in the whole life cycle through the unified identity authentication platform, thereby improving the operation and maintenance management level of the information system.
In practical application, the invention mainly has two modes of establishing the user account related information on the front-end unified identity authentication platform, wherein the first mode is synchronous user account related information, and the second mode is directly establishing the user account related information on the unified identity authentication platform.
Therefore, the information creating unit 201 may specifically include:
and the first information creating subunit is used for synchronizing the related information of the existing user account from the active directory AD domain or the office automation OA system to the unified identity authentication platform through a synchronization engine, a transaction mechanism and a preset communication protocol, so as to create the related information of the user account.
In the synchronization process, the synchronization success information and the synchronization failure information of the user account related information can be recorded in a multi-dimensional manner. The synchronization success information can be output in a report form so as to be convenient for a system administrator to check, and the synchronization failure information can trigger the synchronization process again through a timer mechanism until the synchronization is successful.
Therefore, the information creating unit may further include:
and the information recording subunit is used for carrying out multi-dimensional recording on the synchronization success information and the synchronization failure information of the user account related information.
When the information related to the user account is directly created on the unified identity authentication platform, the information creating unit 201 further includes:
the second information creating subunit is used for creating a user account on the unified identity authentication platform by adopting a preset unified account naming standard;
and the permission distribution subunit is used for adding corresponding user account attribute information to the newly-built user account and distributing corresponding access operation permission.
It should be noted that the newly created user account is the only information for determining the user identity, so that the same account naming specification is defined for the user account in order to prevent the occurrence of duplicate names.
Thus, the second information creating subunit is specifically configured to:
arranging and combining initial consonants and final consonants in pinyin of the user name, and meanwhile, combining a unified code coding table to obtain an initial user account;
the initial user account is sent to a server side, and the server side verifies the uniqueness and the legality of the initial user account;
and receiving a verification passing instruction fed back by the server side, and determining the initial user account as a user account newly established on the unified identity authentication platform.
It should be noted that, when the server detects that there is a duplicate user account in the initial user account, in order to ensure the uniqueness of the user account, the server may superimpose a random number with uniqueness behind the initial user account to modify the initial user account, and feed back the modified initial user account to the front end.
The random number may be any random number with uniqueness, such as a random number with uniqueness within 100, which is determined by actual needs, and the present invention is not limited herein.
Therefore, the second information creating subunit is further specifically configured to:
and receiving a modified user account fed back by the server, and determining the modified user account as a newly-established user account on the unified identity authentication platform, wherein the modified user account is generated by superimposing a unique random number behind the initial user account when the server determines that the initial user account is repeated.
After the user account related information is created on the unified identity authentication platform, the user account related information can be maintained through the unified identity authentication platform, the user account, the name and the like can be used for determining the uniqueness and the irredifilability of the user identity information, and the unified identity authentication platform can perform custom expansion on other user information, such as information of a mailbox, a mobile phone number, a position, an address and the like, so that the user account information is perfected. The system administrator has the highest operation authority for the unified identity authentication platform, and in practical application, the system administrator can expand the attribute information of the user account on the unified identity authentication platform according to actual requirements.
Therefore, to further optimize the above embodiment, the monitoring device may further include:
the extended information receiving unit is used for receiving extended information of the user account attribute information sent by the system administrator account after the system administrator account logs in the unified identity authentication platform;
and the extended information adding unit is used for adding the extended information into the user account attribute information and synchronizing the user account attribute information added with the extended information into all the applications in the butt joint with the unified identity authentication platform.
In practical application, the user account full life cycle management can be realized through the unified identity authentication platform, organization establishment or synchronous work can be carried out according to the existing personnel department, group information and category, an organization is selected, all member lists of the organization are obtained, and company department information, personnel information and synchronous personnel information can be added, modified and deleted to all applications which are connected with the unified identity authentication platform on a member list interface.
After the system administrator defines the attribute information (attribute field) of the user account on the unified identity authentication platform, the system administrator can not only maintain the attribute information through the related information of the existing user account, but also independently modify all information except the user account, name and the like which uniquely determine the user identity information, such as the position, the address and the like, by the user through a PC terminal and a mobile terminal. After other information such as the position, the address, etc. changes, the user can not inform the system administrator to modify, the user modifies after logging in the unified identity authentication platform, the modification information is sent to the system administrator to be audited, and the auditing content can include: whether the modified content is valid, whether the modified format is correct, whether the job information invocation is correct, and the like. And when the user passes the content modification audit, the content modification audit is immediately effective. And if the modified content is associated with all the applications docked by the unified identity authentication platform, the unified identity authentication platform synchronizes the modified related information of the user account to all the docked applications.
Therefore, to further optimize the above embodiment, the monitoring device may further include:
a modified content receiving unit, configured to receive modified content for the information related to the user account sent by the user account that has logged in the unified identity authentication platform;
and the modified content auditing unit is used for sending the modified content to a system administrator terminal for validity auditing, wherein the validity auditing content at least comprises: whether the modified content is information except the unique identity of the user account in the related information of the user account or not is judged;
and the modified content synchronization unit is used for receiving a validity verification passing instruction fed back by the system administrator, modifying the related information of the user account according to the modified content, and synchronizing the modified related information of the user account to all applications in the interface with the unified identity authentication platform.
It should be noted that, if the system administrator finds that the modified content is incorrect or incorrect, the modified content will not be approved, at this time, the system administrator sends an email to the user through the unified identity authentication platform to inform that the audit is not approved, and the reason for the audit not being approved is described. And after the user modifies the content, submitting the content again, and performing auditing again by a system administrator until the modified content is approved or the user gives up modifying. Aiming at the modified content, the system can provide complete modified records and user operation behavior information.
Finally, it should also be noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The embodiments in the present description are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims (10)
1. A method for monitoring a full life cycle of a user account is characterized by comprising the following steps:
creating user account related information on a front-end unified identity authentication platform, wherein the user account related information comprises: the method comprises the steps that a user account, corresponding user account attribute information and access operation authority are obtained;
when the user account attribute information is monitored to be changed and/or abnormal operation is monitored through the unified identity authentication platform, modifying the access operation authority of the target user account with the changed user account attribute information and/or the abnormal operation;
synchronizing the target user account related information modified by the access operation authority into all applications interfaced with the unified identity authentication platform, wherein the target user account related information comprises: and the target user account, corresponding target user account attribute information and target user account access operation authority.
2. The monitoring method according to claim 1, wherein the creating of the user account related information on the unified identity authentication platform at the front end specifically comprises:
and synchronizing the existing user account related information in the active directory domain and/or the office automation system to the unified identity authentication platform so as to complete the creation of the user account related information.
3. The monitoring method according to claim 2, further comprising, after synchronizing the information related to the user account existing in the active directory domain and/or the office automation system to the unified identity authentication platform:
and carrying out multi-dimensional recording on the synchronization success information and/or the synchronization failure information of the user account related information.
4. The monitoring method according to claim 1, wherein the creating of the user account related information on the unified identity authentication platform at the front end specifically comprises:
establishing a user account on the unified identity authentication platform by adopting a preset unified account naming standard;
and adding corresponding user account attribute information for the newly-built user account, and distributing corresponding access operation permission.
5. The monitoring method according to claim 4, wherein the creating of the user account on the unified identity authentication platform by using the preset unified account naming specification specifically comprises:
arranging and combining initial consonants and vowels in pinyin of user names, and simultaneously combining a uniform code coding table to obtain an initial user account;
the initial user account is sent to a server side, and the server side verifies the uniqueness and the legality of the initial user account;
and receiving a verification passing instruction fed back by the server side, and determining the initial user account as a user account newly established on the unified identity authentication platform.
6. The monitoring method according to claim 4, wherein the creating of the user account on the unified identity authentication platform by using the preset unified account naming specification specifically comprises:
arranging and combining initial consonants and vowels in pinyin of user names, and simultaneously combining a uniform code coding table to obtain an initial user account;
the initial user account is sent to a server side, and the server side verifies the uniqueness and the legality of the initial user account;
and receiving a modified user account fed back by the server, and determining the modified user account as a newly-established user account on the unified identity authentication platform, wherein the modified user account is generated by superimposing a unique random number behind the initial user account when the server determines that the initial user account is repeated.
7. The monitoring method of claim 1, further comprising:
when a system administrator account logs in the unified identity authentication platform, receiving extension information of the user account attribute information sent by the system administrator account;
and adding the extended information into the attribute information of the user account, and synchronizing the attribute information of the user account added with the extended information into all the applications in the butt joint with the unified identity authentication platform.
8. The monitoring method of claim 1, further comprising:
receiving modified content aiming at the related information of the user account sent by the user account which has logged in the unified identity authentication platform;
and sending the modified content to a system administrator terminal for validity check, wherein the validity check content at least comprises: whether the modified content is information except the unique identity of the user account in the related information of the user account or not;
and receiving a validity verification passing instruction fed back by the system administrator, modifying the related information of the user account according to the modification content, and synchronizing the modified related information of the user account to all applications in the joint with the unified identity authentication platform.
9. A monitoring device for a full life cycle of a user account is characterized by comprising:
an information creating unit, configured to create user account related information on a front-end unified identity authentication platform, where the user account related information includes: the method comprises the steps that a user account, corresponding user account attribute information and access operation authority are obtained;
the authority modification unit is used for modifying the access operation authority of the target user account with the changed user account attribute information and/or the abnormal operation when the user account attribute information is monitored to be changed and/or the abnormal operation is monitored on the unified identity authentication platform;
an information synchronization unit, configured to synchronize information related to a target user account with access operation permission modified to all applications docked with the unified identity authentication platform, where the information related to the target user account includes: and the target user account, corresponding target user account attribute information and target user account access operation authority.
10. The monitoring device according to claim 9, wherein the information creating unit specifically includes:
and the first information creating subunit is used for synchronizing the existing user account related information in the active directory domain and/or the office automation system to the unified identity authentication platform so as to complete the creation of the user account related information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210516515.1A CN114745203A (en) | 2022-05-13 | 2022-05-13 | Method and device for monitoring full life cycle of user account |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210516515.1A CN114745203A (en) | 2022-05-13 | 2022-05-13 | Method and device for monitoring full life cycle of user account |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114745203A true CN114745203A (en) | 2022-07-12 |
Family
ID=82286675
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210516515.1A Withdrawn CN114745203A (en) | 2022-05-13 | 2022-05-13 | Method and device for monitoring full life cycle of user account |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114745203A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117453816A (en) * | 2023-10-24 | 2024-01-26 | 上海宁盾信息科技有限公司 | User data unifying method, system, computer and storage medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110334489A (en) * | 2019-07-12 | 2019-10-15 | 广州大白互联网科技有限公司 | A kind of unified single sign-on system and method |
| WO2021003751A1 (en) * | 2019-07-11 | 2021-01-14 | 深圳市鹰硕技术有限公司 | Single-account multi-identity login method and apparatus, server, and storage medium |
| CN114297598A (en) * | 2022-02-23 | 2022-04-08 | 阿里云计算有限公司 | User permission processing method and device |
| CN114662084A (en) * | 2020-12-23 | 2022-06-24 | 息象(北京)科技发展有限公司 | Method and device for monitoring full life cycle of user account |
-
2022
- 2022-05-13 CN CN202210516515.1A patent/CN114745203A/en not_active Withdrawn
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2021003751A1 (en) * | 2019-07-11 | 2021-01-14 | 深圳市鹰硕技术有限公司 | Single-account multi-identity login method and apparatus, server, and storage medium |
| CN110334489A (en) * | 2019-07-12 | 2019-10-15 | 广州大白互联网科技有限公司 | A kind of unified single sign-on system and method |
| CN114662084A (en) * | 2020-12-23 | 2022-06-24 | 息象(北京)科技发展有限公司 | Method and device for monitoring full life cycle of user account |
| CN114297598A (en) * | 2022-02-23 | 2022-04-08 | 阿里云计算有限公司 | User permission processing method and device |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117453816A (en) * | 2023-10-24 | 2024-01-26 | 上海宁盾信息科技有限公司 | User data unifying method, system, computer and storage medium |
| CN117453816B (en) * | 2023-10-24 | 2024-05-07 | 上海宁盾信息科技有限公司 | User data unifying method, system, computer and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11310262B1 (en) | Real-time vulnerability monitoring | |
| EP3369232B1 (en) | Detection of cyber threats against cloud-based applications | |
| EP2866411A1 (en) | Method and system for detecting unauthorized access to and use of network resources with targeted analytics | |
| CN102090019B (en) | Automatically distributed network protection | |
| US9069885B1 (en) | Systems and methods for automated retrieval, monitoring, and storage of online content | |
| US9712536B2 (en) | Access control device, access control method, and program | |
| US20160323292A1 (en) | Systems and methods for profiling client devices | |
| US20080183603A1 (en) | Policy enforcement over heterogeneous assets | |
| KR100788256B1 (en) | System for monitoring web server fablication using network and method thereof | |
| CN114003943B (en) | Safe double-control management platform for computer room trusteeship management | |
| CN110880146A (en) | Block chain chaining method, device, electronic equipment and storage medium | |
| CN101447113A (en) | Method for building Internet browser-based self-service client terminals | |
| US20150207705A1 (en) | Method for file activity monitoring | |
| US20170124073A1 (en) | Code migration tool using distributed file system directories | |
| CN111711631A (en) | Network access control method, device, equipment and storage medium | |
| CN104135483A (en) | Automatic configuration management system for network security | |
| CN114745203A (en) | Method and device for monitoring full life cycle of user account | |
| JP6636605B1 (en) | History monitoring method, monitoring processing device, and monitoring processing program | |
| CN114662084A (en) | Method and device for monitoring full life cycle of user account | |
| CN111030997A (en) | Method and device for monitoring and filtering internal and external network flow, electronic equipment and storage medium | |
| US20210012022A1 (en) | Data distribution-type integrated management system | |
| CN113239349B (en) | Network security testing method for power monitoring system | |
| CN109257213B (en) | Method and device for judging computer terminal access verification failure | |
| US11489852B2 (en) | Method for protecting a private computer network | |
| CN114070856B (en) | Data processing method, device, system, operation and maintenance auditing equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WW01 | Invention patent application withdrawn after publication | ||
| WW01 | Invention patent application withdrawn after publication |
Application publication date: 20220712 |