CN114780977A - File processing method, device, equipment and storage medium - Google Patents

File processing method, device, equipment and storage medium Download PDF

Info

Publication number
CN114780977A
CN114780977A CN202210402751.0A CN202210402751A CN114780977A CN 114780977 A CN114780977 A CN 114780977A CN 202210402751 A CN202210402751 A CN 202210402751A CN 114780977 A CN114780977 A CN 114780977A
Authority
CN
China
Prior art keywords
file
processed
path
target
operation type
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210402751.0A
Other languages
Chinese (zh)
Inventor
王国彬
牟锟伦
杨行榜
杨博伦
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tubatu Group Co Ltd
Original Assignee
Tubatu Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tubatu Group Co Ltd filed Critical Tubatu Group Co Ltd
Priority to CN202210402751.0A priority Critical patent/CN114780977A/en
Publication of CN114780977A publication Critical patent/CN114780977A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption

Abstract

The application relates to the technical field of file processing, and discloses a file processing method, a file processing device, file processing equipment and a storage medium, wherein a corresponding file operation type and file key information corresponding to a file to be processed are determined according to an acquired file operation request related to a cloud database; performing security processing on the key information of the file corresponding to the file to be processed by adopting a security processing flow corresponding to the file operation type so as to determine a target file path of the safely processed file to be processed in the cloud database, thereby ensuring the security of the file to be processed; and performing corresponding operation processing on the file to be processed by adopting the file operation type and the target file path, and operating the file to be processed by utilizing the safely processed target file path so as to ensure the safety of the file to be processed.

Description

File processing method, device, equipment and storage medium
Technical Field
The present application relates to the field of file processing technologies, and in particular, to a file processing method and apparatus, a computer device, and a storage medium.
Background
In the internet data transmission process, an OSS storage system provided by the Aliskian cloud can serve as a stable and convenient cloud database warehouse, an administrator can set the configuration of different file buckets to be used for storing information of different types of doors, OSS buckets to be pointed at in different scenes of actual business are really different, and if the targeted uploading of different types of files is required, the file intention is collected in the uploading stage, and special configuration is carried out on OSS.
In the prior art, a user needs to access different types of files in corresponding file buckets according to the types of the files, and the user can easily perform misoperation on the files in an operation mode, so that the files are exposed at risk, and the access safety of the cloud files is reduced.
Disclosure of Invention
The application provides a file processing method and device, computer equipment and a storage medium, and solves the problem of safety in file operation in an existing cloud database.
An embodiment of the present application provides a file processing method, including:
acquiring a file operation request related to a cloud database;
acquiring a file operation type and file key information corresponding to a file to be processed according to the file operation request;
performing security processing on the key information of the file corresponding to the file to be processed by adopting a security processing flow corresponding to the file operation type, and acquiring a target file path of the file to be processed in the cloud database;
and operating and processing the file to be processed by adopting the file operation type and the target file path.
An embodiment of the present application further provides a file processing apparatus, including:
the file operation request acquisition module is used for acquiring a file operation request related to the cloud database;
the file key information acquisition module is used for acquiring the file operation type and the file key information corresponding to the file to be processed according to the file operation request;
the target file path acquisition module is used for carrying out security processing on the key file information corresponding to the file to be processed by adopting a security processing flow corresponding to the file operation type to acquire a target file path of the file to be processed in the cloud database;
and the file to be processed processing module is used for carrying out operation processing on the file to be processed by adopting the file operation type and the target file path.
The embodiment of the present application further provides a computer device, which includes a memory, a processor, and a computer program stored in the memory and executable on the processor, where the processor implements the steps of the above-mentioned file processing method when executing the computer program.
An embodiment of the present application further provides a computer-readable storage medium, where a computer program is stored, and when the computer program is executed by a processor, the steps of implementing the file processing method are implemented.
According to the file processing method, the file processing device, the computer equipment and the storage medium, the corresponding file operation type and the file key information corresponding to the file to be processed are determined according to the acquired file operation request related to the cloud database; performing security processing on the key information of the file corresponding to the file to be processed by adopting a security processing flow corresponding to the file operation type so as to determine a target file path of the safely processed file to be processed in the cloud database, thereby ensuring the security of the file to be processed; and performing corresponding operation processing on the file to be processed by adopting the file operation type and the target file path, and operating the file to be processed by utilizing the safely processed target file path so as to ensure the safety of the file to be processed.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings needed to be used in the description of the embodiments of the present application will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art that other drawings can be obtained according to these drawings without inventive exercise.
FIG. 1 is a diagram illustrating an application environment of a document processing method according to an embodiment of the present invention;
FIG. 2 is a flowchart of a document processing method according to an embodiment of the present invention;
FIG. 3 is another flow chart of a file processing method according to an embodiment of the invention;
FIG. 4 is another flow chart of a method of processing documents in accordance with an embodiment of the present invention;
FIG. 5 is another flow chart of a file processing method according to an embodiment of the present invention;
FIG. 6 is another flow chart of a method of file processing according to an embodiment of the invention;
FIG. 7 is a schematic diagram of a document processing apparatus according to an embodiment of the present invention;
FIG. 8 is a schematic diagram of a computer device according to an embodiment of the invention.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some, but not all, embodiments of the present application. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments in the present application without making any creative effort belong to the protection scope of the present application.
The file processing method provided by the embodiment of the application can be applied to the application environment shown in fig. 1. As shown in fig. 1, a client (computer device) communicates with a server through a network. The client (computer device) includes, but is not limited to, various personal computers, notebook computers, smart phones, tablet computers, cameras, and portable wearable devices. The server may be an independent server, or may be a cloud server that provides basic cloud computing services such as a cloud service, a cloud database, cloud computing, a cloud function, cloud storage, a web service, cloud communication, a middleware service, a domain name service, a security service, a Content Delivery Network (CDN), and a big data and artificial intelligence platform.
The file processing method provided by the embodiment of the invention can be applied to an application environment shown in fig. 1. Specifically, the file processing method is applied to a file processing system, where the file processing system includes a client and a server as shown in fig. 1, and the client and the server communicate with each other through a network and are used to implement secure processing on a file to be processed, so as to improve the security of file processing.
In an embodiment, as shown in fig. 2, a file processing method is provided, which is described by taking the application of the method to the server in fig. 1 as an example, and includes the following steps:
s201: acquiring a file operation request related to a cloud database;
s202: acquiring a file operation type and file key information corresponding to a file to be processed according to the file operation request;
s203: performing security processing on the key information of the file corresponding to the file to be processed by adopting a security processing flow corresponding to the file operation type, and acquiring a target file path of the file to be processed in a cloud database;
s204: and operating and processing the file to be processed by adopting the file operation type and the target file path.
The file operation request is used for triggering operation processing on the cloud database, and the file to be processed refers to a file needing to be processed.
As an example, in step S201, the server may receive a file operation request triggered by a user through the client, and determine a to-be-processed file that needs to be operated based on the file operation request, where the to-be-processed file may be file data in a local database or file data in a cloud database. The file data includes, but is not limited to, common text files, table files, configuration files, and the like.
In this example, the OSS storage system is used as the cloud database, and the OSS storage system may store different file data in different storage areas according to the different file data.
As an example, in step S202, after acquiring the file operation request, the server parses the file operation request to acquire the file operation type and the file key information corresponding to the file to be processed.
The file operation type refers to a type that needs to operate a file, and includes, but is not limited to, an upload operation, a download operation, and an online editing operation of a file to be processed.
The key information of the file includes, but is not limited to, a file name, a file type, a file attribute, and file author information. The name of the file name can be set according to specific requirements, and the file type refers to the development environment to which the file belongs. The file attribute refers to the attribute of a file, such as a txt file, an XML file or a word file. The document author information is information of a document creator.
As an example, in step S203, after obtaining the file operation type and the file key information corresponding to the file to be processed, the server performs security processing on the file key information corresponding to the file to be processed according to the file operation type by using a corresponding security processing flow, and obtains a target file path corresponding to the file to be processed. In this example, by using different security processing flows to perform security processing on the key information of the file corresponding to the file to be processed according to different file operation types, a target file path with higher security is finally obtained.
The target file path is a safe operation path for the file to be processed to perform operation corresponding to the file operation type.
As an example, in step S204, the server performs, according to the generated target file path and according to the file operation type corresponding to the file operation request, higher-security operation processing on the to-be-processed file through a safer target file path. In this example, if the file operation type is a downloading operation of a to-be-processed file corresponding to the cloud database, that is, a file extraction type, a downloading operation with higher security is performed through a target file path; and if the file operation type is the uploading operation of the file to be processed corresponding to the local database, namely the file storage type, uploading operation with higher safety is carried out through the target file path.
In the example, the file operation request related to the cloud database is obtained, the file to be processed is safely processed according to the file operation type corresponding to the file operation request and the file key information corresponding to the file to be processed by adopting the corresponding safety processing flow, so that the target file path after the safety processing is obtained, and the file to be processed is operated by utilizing the target file path.
In an embodiment, as shown in fig. 3, in S202, obtaining a file operation type and file key information corresponding to a file to be processed according to a file operation request includes:
s301: acquiring current request data according to the file operation request, wherein the current request data carries a data identifier;
s302: determining the file operation type according to the data identifier;
s303: and determining the key information of the file corresponding to the file to be processed according to the file operation type.
The data identification refers to a data identification corresponding to the file to be processed, the data identification is used for the unique data identification of the file to be processed, and the contained data identification information includes but is not limited to the development environment of the file to be processed, the service scene of the file to be processed and the storage position of the file to be processed.
As an example, in step S301, according to a received file operation request triggered by a user, in order to ensure uniqueness of a file to be processed in the file operation request, a server sets a unique data identifier of the file to be processed in current request data, analyzes the current request data in subsequent operations, and obtains a data identifier of the file to be processed carried in the current request data. In this example, the data identifies the operation commands, development environment, business scenario, and storage location with the files to be processed. The operation command of the file to be processed is a command for triggering the file to be processed to operate according to the operation requirement of a user on the file to be processed; the development environment and the service scene of the file to be processed are used for judging the sensitivity of the file to be processed; and the storage position of the file to be processed is used for acquiring the key information of the file corresponding to the file to be processed.
As an example, in step S302, the server determines a file operation type according to the data identifier, where the file operation type includes, but is not limited to, a file storage type corresponding to an upload operation of the file to be processed, a file extraction type corresponding to a download operation of the file to be processed, and a file extraction type corresponding to an online editing operation of the file to be processed. In this example, the file operation type may be determined according to an operation command triggered by a user in the data identifier, and the file operation type may also be determined according to a storage location in the data identifier.
As an example, in step S303, the server determines the file key information corresponding to the file to be processed according to different file operation types, and because of the different file operation types, the obtaining manner of the file key information has certain differences. In this example, when the file operation type is a file extraction type, the file to be processed is located in the cloud database, and the key information of the file is obtained from the cloud database; and when the file operation type is a file storage type, the file to be processed is located in the local database, and the key information of the file is directly acquired from the local database.
In a specific embodiment, the file key information in step S303 may be extracted from the file to be processed by using an intelligent verification recognition system, such as an OCR intelligent verification recognition system. For example, the to-be-processed file is judged to be file key information such as an identity card or company information through OCR, so as to determine the file key information of the to-be-processed file.
In this example, when a file operation request is triggered by a user, a data identifier and a file operation type are determined, key information of the file is acquired in different manners according to different file operation types, and the file to be processed is safely processed according to the file operation type and the key information of the file, so that the safety of the operation of the cloud database is ensured.
In an embodiment, in step S303, determining key information of a file to be processed according to the file operation type, where the key information includes:
s3031: if the file operation type is a file extraction type, performing request analysis according to the file operation request to obtain a target extraction position corresponding to the file to be extracted;
s3032: if the target extraction position is a high-risk storage area, performing user authentication processing to obtain a user authentication result, and when the user authentication result is that the user authentication is passed, obtaining the file key information of the file to be extracted from the high-risk storage area;
s3033: and if the target extraction position is a low-risk storage area, acquiring the key information of the file to be extracted from the low-risk storage area.
As an example, in step S3031, when the file operation type received by the server is the file extraction type, because different files are placed in different areas by the cloud database, in order to obtain the file to be processed, the file to be processed in the cloud database needs to be requested and analyzed according to the file operation request, so as to obtain the target extraction position corresponding to the file to be extracted. In this example, to ensure security, files in the cloud database are different in type and storage position in the cloud database, and a target extraction position corresponding to a file to be extracted is determined according to a file operation type, so as to ensure that key information of the file to be extracted is obtained.
When the file operation type is a file storage type, the key information of the file can be directly acquired through the data identifier of the file to be processed due to the key information of the file of the local database.
As an example, in step S3032, when the target extraction position corresponding to the file to be extracted, which is to be processed by the server, is the high-risk storage area, the user is required to perform user authentication processing, and a user authentication result is obtained, so as to ensure the security of the file to be extracted. In this example, the authority of the user is acquired through the authentication interface to perform user authentication processing, and the authority of the user can be acquired through biometric authentication identification to obtain a corresponding user authentication result.
In this example, the server obtains the user authentication result after the user authentication processing, and when the user authentication result is that the authentication is passed, obtains the file key information of the file to be extracted from the high-risk storage area. In this example, the file key information of the file to be extracted may be the file key information extracted when the file operation request is of a file storage type; and extracting key information of the file to be extracted through an intelligent verification and identification system.
As an example, in step S3033, when the target extraction position corresponding to the file to be extracted is the low-risk storage area, the server may directly acquire the file key information of the file to be extracted from the low-risk storage area without performing user authentication processing on the file to be extracted. In this example, the file key information of the file to be extracted may be the file key information extracted when the file operation request is a file storage type; and extracting key information of the file to be extracted by an intelligent verification identification system.
In this example, when the file operation type of the file to be processed is a file extraction type, and when the target extraction position of the file to be extracted in the cloud database is a high-risk storage area, the key file information of the file to be extracted is further acquired according to a user authentication result through user authentication processing; and when the target extraction position of the file to be extracted in the cloud database is a low-risk storage area, the key information of the file to be extracted is directly acquired, so that the security of the file to be extracted in the high-risk storage area is ensured.
In an embodiment, as shown in fig. 4, in step S204, according to the security processing procedure corresponding to the file operation type, performing security processing on the key file information corresponding to the file to be processed, and acquiring a target file path of the file to be processed in the cloud database, the method includes:
s401: carrying out sensitivity analysis on the key information of the file corresponding to the file to be processed to obtain a sensitivity analysis result;
s402: and generating a path according to the file operation type and the sensitivity analysis result to acquire a target file path.
As an example, in step S401, the server performs sensitivity analysis according to the file key information corresponding to the file to be processed, and performs analysis processing by using the file key information to obtain a sensitivity analysis result corresponding to the file to be processed. In this example, the sensitivity of the file to be processed may be determined by detecting the sensitive vocabulary in the key information of the file, for example, when the key information of the file includes the "bill" vocabulary, a high-sensitivity analysis result is obtained; and performing comprehensive analysis processing on each file characteristic item in the file key information, for example, performing weighting processing on the sensitivity scores of all file characteristic items, thereby obtaining a sensitivity analysis result.
As an example, in step S402, the server performs path generation processing on the file operation type and the sensitivity analysis result to generate a corresponding target file path for the to-be-processed file corresponding to the different sensitivity analysis results, so as to improve the convenience of the file processing operation of the user and improve the security of the file processing.
In this example, sensitivity analysis is performed on the key file information corresponding to the file to be processed, and according to the sensitivity analysis result and the file operation type, a corresponding target file path generated by the file to be processed is determined, so that convenience in file processing operation of a user is improved, and safety in file processing is improved.
In an embodiment, S401, performing sensitivity analysis on the file key information corresponding to the file to be processed, and acquiring a sensitivity analysis result, includes:
s4011: extracting the characteristics of the key information of the file corresponding to the file to be processed to obtain at least two file characteristic items;
s4012: and analyzing and processing at least two file characteristic items by adopting a target sensitivity analysis model to obtain a sensitivity analysis result.
As an example, in step S4011, after extracting the file key information, the server performs feature extraction on each file feature item in the file key information to obtain at least two file feature items, and discretizes the file feature items for sensitivity analysis of the file to be processed. In this example, the file name, the file type, the file attribute, the file author information, and the like in the file key information may be discretized through a preset comparison table to obtain corresponding file feature items.
As an example, in step S4012, the server analyzes and processes the extracted at least two file feature items by using a target sensitivity analysis model, and obtains a sensitivity analysis result. For example, the server may perform classification processing on at least two file feature items through a classification algorithm, determine sensitivity scores corresponding to the at least two file feature items, perform weighting processing on the sensitivity scores corresponding to the at least two file feature items, and obtain a sensitivity analysis result of a file to be processed, so as to be used for subsequent target file path generation.
The target sensitivity analysis model is obtained by training the key information of the files of at least two training files, and is a model for determining the file sensitivity by analyzing through a classification algorithm including but not limited to a Bayesian classification method, a decision tree algorithm or a KNN classification algorithm.
In this example, the key information of the file is used for feature extraction, and the file feature items for classification processing are obtained, so that the sensitivity analysis result of the file to be processed is determined, and then the sensitivity analysis result is used for subsequent target file path generation, and the safety of the file to be processed operation is improved.
In an embodiment, as shown in fig. 5, in S402, performing path generation according to the file operation type and the sensitivity analysis result, and acquiring a target file path includes:
s501: if the file operation type is a file storage type, acquiring idle storage areas in a cloud database, and acquiring a security level and a storage path corresponding to each idle storage area;
s502: if the sensitivity analysis result is a high-sensitivity file, determining a storage path of an idle storage area corresponding to the high security level as a target file path;
s503: and if the sensitivity analysis result is a low-sensitivity file, determining the storage path of the idle storage area corresponding to the low security level as a target file path.
The file storage type refers to a file operation type for uploading a file to be processed of a local database to a cloud database.
As an example, in step S501, when the server determines that the file operation type is a file storage type, a plurality of free storage areas are provided in the cloud database for the file to be processed, so that the file to be processed is uploaded to the cloud database, and a security level and a storage path corresponding to each free storage area are obtained at the same time. In this example, the OSS storage system is used as the cloud database, and each idle storage area in the OSS storage system is divided into storage areas with different security levels, so as to ensure classified storage of files with different sensitivities.
As an example, in step S502, when the server determines that the sensitivity analysis result of the file to be processed is a high-sensitivity file, the file to be processed is allocated to the storage path of the free storage area corresponding to the high security level, and a corresponding upload path is generated as a target file path corresponding to the file to be processed. In this example, when the sensitivity analysis result of the file to be processed is a high-sensitivity file, after the user authentication processing is performed by using the authentication interface, a corresponding target file path is generated, where the target file path includes a storage location corresponding to the file to be processed, a storage path of an idle storage area corresponding to a high security level, and a key of the idle storage area corresponding to the high security level.
The free storage area is encrypted to serve as a free storage area with a high security level, and the encryption method includes but is not limited to HMacSHA1 encryption, symmetric encryption and asymmetric encryption.
As an example, in step S503, when the server determines that the sensitivity analysis result of the file to be processed is a low-sensitivity file, the file to be processed is allocated to a storage path of a free storage area corresponding to a low security level, and a corresponding upload path is generated as a target file path corresponding to the file to be processed.
The idle storage area corresponding to the low security level is usually a public area in the cloud database, the security is low, and different idle storage areas are selected according to different application scenes and files to be processed.
In this example, when the file operation type is the file storage type, according to the sensitivity analysis result of the file to be processed, a free storage area corresponding to the security level is allocated in the cloud database, and a corresponding target file path is generated, so that when the original file storage type is reduced, the operation difficulty of the user in performing the cloud database operation according to the sensitivity of the file is reduced, and meanwhile, the file processing security is improved.
In another embodiment, as shown in fig. 6, in S402, performing path generation according to the file operation type and the sensitivity analysis result, and acquiring a target file path includes:
s601: if the file operation type is a file extraction type and the sensitivity analysis result is a low-sensitivity file, acquiring a target file path through a gateway request;
s602: and if the file operation type is a file extraction type and the sensitivity analysis result is a high-sensitivity file, generating a file temporary URL, and determining the file temporary URL as a target file path.
The file extraction type refers to a file operation type of downloading a file to be processed of the cloud database to the local database.
As an example, in step S601, when the server determines that the file operation type is the file extraction type, if the sensitivity analysis result of the file to be extracted is the low-sensitivity file, the server may request to determine a target file path for downloading the file to be extracted through the gateway according to the target extraction location corresponding to the file to be extracted.
As an example, in step S602, when the server determines that the sensitivity analysis result of the file to be extracted is a high-sensitivity file, a file temporary URL is generated according to a target extraction position corresponding to the file to be extracted, the file temporary URL is determined as a target file path, and the security of the file extraction operation in the file to be extracted is ensured by using the file temporary URL.
In a specific embodiment, in step S602, generating the file temporary URL specifically includes: calling an authentication interface to perform secondary authentication according to the key information of the file corresponding to the file to be extracted, and acquiring a second authentication result; and if the second authentication result is that the authentication is passed, generating a temporary file URL for downloading the file to be extracted from the cloud database. And setting a corresponding signature or watermark when the file to be extracted is subjected to extraction operation in a point burying mode so as to improve the safety of the file to be extracted.
In this example, a target file path corresponding to downloading of the file to be extracted is set in the cloud database according to the sensitivity analysis result of the file to be extracted, and when the sensitivity analysis result is a high-sensitivity file, the temporary URL is used as the target file path, so that the security of the file to be extracted is improved.
In an embodiment, a document processing apparatus is provided, and the document processing apparatus corresponds to the document processing methods in the above embodiments one to one. As shown in fig. 7, the file processing apparatus includes a file operation request obtaining module 801, a file key information obtaining module 802, a target file path obtaining module 803, and a to-be-processed file processing module 804. The detailed description of each functional module is as follows:
a file operation request obtaining module 801, which obtains a file operation request related to a cloud database;
a file key information obtaining module 802, which obtains a file operation type and file key information corresponding to a file to be processed according to the file operation request;
the target file path obtaining module 803 performs security processing on the file key information corresponding to the file to be processed by using the security processing flow corresponding to the file operation type, and obtains a target file path of the file to be processed in the cloud database;
the to-be-processed file processing module 804 performs operation processing on the to-be-processed file by using the file operation type and the target file path.
In an embodiment, the file key information obtaining module 802 includes:
the target extraction position acquisition unit is used for performing request analysis according to the file operation request and acquiring a target extraction position corresponding to the file to be extracted if the file operation type is the file extraction type;
the file key information acquisition unit is used for carrying out user authentication processing to acquire a user authentication result if the target extraction position is a high-risk storage area, and acquiring the file key information of the file to be extracted from the high-risk storage area when the user authentication result is that the user authentication is passed;
and if the target extraction position is a low-risk storage area, acquiring the key information of the file to be extracted from the low-risk storage area.
In an embodiment, the target file path obtaining module 803 includes:
the sensitivity analysis result acquisition unit is used for carrying out sensitivity analysis on the key information of the file corresponding to the file to be processed to acquire a sensitivity analysis result;
and the target file path acquisition unit is used for generating a path according to the file operation type and the sensitivity analysis result and acquiring a target file path.
In one embodiment, the sensitivity analysis result obtaining unit includes:
the file feature item acquisition subunit is used for extracting the features of the key information of the file corresponding to the file to be processed to acquire at least two file feature items;
and the sensitivity analysis result acquisition subunit analyzes and processes at least two file characteristic items by adopting a target sensitivity analysis model to acquire a sensitivity analysis result.
In one embodiment, the target file path obtaining unit includes:
the idle storage area acquisition subunit is used for acquiring idle storage areas in the cloud database and the security level and the storage path corresponding to each idle storage area if the file operation type is a file storage type;
the target file path obtaining subunit determines a storage path of an idle storage area corresponding to a high security level as a target file path if the sensitivity analysis result is a high sensitivity file; and if the sensitivity analysis result is a low-sensitivity file, determining the storage path of the idle storage area corresponding to the low security level as a target file path.
In another embodiment, the target file path obtaining unit further includes:
a target file path obtaining subunit, configured to obtain a target file path through a gateway request if the file operation type is the file extraction type and the sensitivity analysis result is the low-sensitivity file;
and if the file operation type is a file extraction type and the sensitivity analysis result is a high-sensitivity file, generating a file temporary URL, and determining the file temporary URL as a target file path.
For the specific definition of the document processing device, the above definition of the document processing method can be referred to, and is not repeated herein. The respective modules in the above-described document processing apparatus may be wholly or partially implemented by software, hardware, and a combination thereof. The modules can be embedded in a hardware form or independent from a processor in the computer device, and can also be stored in a memory in the computer device in a software form, so that the processor can call and execute operations corresponding to the modules.
In one embodiment, a computer device is provided, which may be a server, and the internal structure thereof may be as shown in fig. 8. The computer device includes a processor, a memory, a network interface, and a database connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, a computer program, and a database. The internal memory provides an environment for the operating system and the computer program to run on the non-volatile storage medium. The database of the computer device is used for executing data adopted or generated in the file processing method process. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program is executed by a processor to implement a file processing method.
In an embodiment, a computer device is provided, which includes a memory, a processor, and a computer program stored in the memory and capable of running on the processor, and when the processor executes the computer program, the file processing method in the foregoing embodiments is implemented, for example, S201 to S204 shown in fig. 2, or as shown in fig. 3 to fig. 6, which is not described herein again to avoid repetition. Alternatively, when the processor executes the computer program, the functions of the modules/units in the embodiment of the file processing apparatus, such as the functions of the file operation request obtaining module 801, the file key information obtaining module 802, the target file path obtaining module 803, and the to-be-processed file processing module 804 shown in fig. 7, are implemented, and are not described herein again to avoid repetition.
In an embodiment, a computer-readable storage medium is provided, where a computer program is stored on the computer-readable storage medium, and when the computer program is executed by a processor, the file processing method in the foregoing embodiments is implemented, for example, S201 to S204 shown in fig. 2, or shown in fig. 3 to fig. 6, which are not described herein again to avoid repetition. Alternatively, when being executed by a processor, the computer program implements functions of each module/unit in the embodiment of the file processing apparatus, for example, functions of the file operation request obtaining module 801, the file key information obtaining module 802, the target file path obtaining module 803, and the to-be-processed file processing module 804 shown in fig. 7, which are not described herein again to avoid repetition.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above may be implemented by hardware instructions of a computer program, which may be stored in a non-volatile computer-readable storage medium, and when executed, the computer program may include the processes of the embodiments of the methods described above. Any reference to memory, storage, database or other medium used in the embodiments provided herein can include non-volatile and/or volatile memory. Non-volatile memory can include read-only memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), Double Data Rate SDRAM (DDRSDRAM), Enhanced SDRAM (ESDRAM), synchronous Link (Synchlink) DRAM (SLDRAM), Rambus (Rambus) direct RAM (RDRAM), direct bused dynamic RAM (DRDRAM), and bused dynamic RAM (RDRAM).
It should be clear to those skilled in the art that, for convenience and simplicity of description, the foregoing division of the functional units and modules is only used for illustration, and in practical applications, the above function distribution may be performed by different functional units and modules as needed, that is, the internal structure of the device is divided into different functional units or modules, so as to perform all or part of the above described functions.
The above examples are only intended to illustrate the technical solution of the present invention, and not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; such modifications and substitutions do not substantially depart from the spirit and scope of the embodiments of the present invention, and are intended to be included within the scope of the present invention.

Claims (10)

1. A file processing method, comprising:
acquiring a file operation request related to a cloud database;
acquiring a file operation type and file key information corresponding to a file to be processed according to the file operation request;
performing security processing on the key information of the file corresponding to the file to be processed by adopting a security processing flow corresponding to the file operation type, and acquiring a target file path of the file to be processed in the cloud database;
and operating and processing the file to be processed by adopting the file operation type and the target file path.
2. The file processing method according to claim 1, wherein the obtaining a file operation type and a file to be processed according to the file operation request comprises:
acquiring current request data according to the file operation request, wherein the current request data carries a data identifier;
determining the file operation type according to the data identification;
and determining the key information of the file corresponding to the file to be processed according to the file operation type.
3. The file processing method according to claim 2, wherein determining key information of the file to be processed according to the file operation type comprises:
if the file operation type is a file extraction type, performing request analysis according to the file operation request to obtain a target extraction position corresponding to a file to be extracted;
if the target extraction position is a high-risk storage area, performing user authentication processing to obtain a user authentication result, and when the user authentication result is authentication passing, obtaining file key information of the file to be extracted from the high-risk storage area;
and if the target extraction position is a low-risk storage area, acquiring the key information of the file to be extracted from the low-risk storage area.
4. The file processing method according to claim 1, wherein performing security processing on the key file information corresponding to the file to be processed by using the security processing procedure corresponding to the file operation type to obtain a target file path of the file to be processed in the cloud database includes:
carrying out sensitivity analysis on the key file information corresponding to the file to be processed to obtain a sensitivity analysis result;
and generating a path according to the file operation type and the sensitivity analysis result to obtain a target file path.
5. The document processing method according to claim 4, wherein said performing sensitivity analysis on the key information of the document corresponding to the document to be processed to obtain a sensitivity analysis result comprises:
extracting the characteristics of the key information of the file corresponding to the file to be processed to obtain at least two file characteristic items;
and analyzing and processing at least two file characteristic items by adopting a target sensitivity analysis model to obtain a sensitivity analysis result.
6. The file processing method according to claim 4, wherein the performing path generation according to the file operation type and the sensitivity analysis result to obtain a target file path comprises:
if the file operation type is a file storage type, acquiring an idle storage area in the cloud database, and determining a security level and a storage path corresponding to the idle storage area;
if the sensitivity analysis result is a high-sensitivity file, determining a storage path of an idle storage area corresponding to a high security level as a target file path;
and if the sensitivity analysis result is a low-sensitivity file, determining the storage path of the idle storage area corresponding to the low security level as a target file path.
7. The file processing method according to claim 4, wherein the performing path generation according to the file operation type and the sensitivity analysis result to obtain a target file path comprises:
if the file operation type is a file extraction type and the sensitivity analysis result is a low-sensitivity file, acquiring a target file path through a gateway request;
and if the file operation type is a file extraction type and the sensitivity analysis result is a high-sensitivity file, generating a file temporary URL, and determining the file temporary URL as a target file path.
8. A document processing apparatus, characterized by comprising:
the file operation request acquisition module is used for acquiring a file operation request related to the cloud database;
the file key information acquisition module is used for acquiring the file operation type and the file key information corresponding to the file to be processed according to the file operation request;
the target file path acquisition module is used for performing security processing on the key file information corresponding to the file to be processed by adopting a security processing flow corresponding to the file operation type to acquire a target file path of the file to be processed in the cloud database;
and the to-be-processed file processing module is used for operating and processing the to-be-processed file by adopting the file operation type and the target file path.
9. A computer device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, characterized in that the processor implements the file processing method according to any one of claims 1 to 7 when executing the computer program.
10. A computer-readable storage medium storing a computer program, wherein the computer program is executed by a processor to implement the file processing method according to any one of claims 1 to 7.
CN202210402751.0A 2022-04-18 2022-04-18 File processing method, device, equipment and storage medium Pending CN114780977A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210402751.0A CN114780977A (en) 2022-04-18 2022-04-18 File processing method, device, equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210402751.0A CN114780977A (en) 2022-04-18 2022-04-18 File processing method, device, equipment and storage medium

Publications (1)

Publication Number Publication Date
CN114780977A true CN114780977A (en) 2022-07-22

Family

ID=82430083

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210402751.0A Pending CN114780977A (en) 2022-04-18 2022-04-18 File processing method, device, equipment and storage medium

Country Status (1)

Country Link
CN (1) CN114780977A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116226886A (en) * 2023-03-22 2023-06-06 中国移动通信集团广东有限公司 Information security management method and system for software information system

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116226886A (en) * 2023-03-22 2023-06-06 中国移动通信集团广东有限公司 Information security management method and system for software information system
CN116226886B (en) * 2023-03-22 2024-02-09 中国移动通信集团广东有限公司 Information security management method and system for software information system

Similar Documents

Publication Publication Date Title
CN109842611B (en) Identity authentication method, identity authentication device, computer equipment and storage medium
CN109684873B (en) Data access control method and device, computer equipment and storage medium
CN111275448A (en) Face data processing method and device and computer equipment
CN109766072B (en) Information verification input method and device, computer equipment and storage medium
CN110490594B (en) Service data processing method and device, computer equipment and storage medium
CN108429745B (en) Login authentication method and system, and webpage login method and system
CN110782277A (en) Resource processing method, resource processing device, computer equipment and storage medium
CN111835756B (en) APP privacy compliance detection method and device, computer equipment and storage medium
CN110099047B (en) Registration information processing method and device, computer equipment and storage medium
CN109547426B (en) Service response method and server
CN112464117A (en) Request processing method and device, computer equipment and storage medium
CN110597709B (en) Interactive debugging method and device for mixed-mode mobile application and computer equipment
CN110083384B (en) Application programming interface creating method and device
CN112165448B (en) Service processing method, device, system, computer equipment and storage medium
CN114780977A (en) File processing method, device, equipment and storage medium
CN111125748A (en) Judgment method and device for unauthorized query, computer equipment and storage medium
CN110223075B (en) Identity authentication method and device, computer equipment and storage medium
WO2021169469A1 (en) Voiceprint data processing method and apparatus, computer device, and storage medium
CN113949579A (en) Website attack defense method and device, computer equipment and storage medium
CN111652720B (en) Cloud evidence obtaining method and device, computer equipment and storage medium
US20220058278A1 (en) Using machine learning to bypass activities of a secure document workflow based on recipient profile
CN110533381B (en) Case jurisdiction auditing method, device, computer equipment and storage medium
CN111787108A (en) Content sharing method and device, computer equipment and storage medium
CN112632504B (en) Webpage access method, device, system, computer equipment and storage medium
CN112100604A (en) Terminal equipment information processing method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination