CN115114641A - Data mask method and system based on background management interface - Google Patents

Data mask method and system based on background management interface Download PDF

Info

Publication number
CN115114641A
CN115114641A CN202210744858.3A CN202210744858A CN115114641A CN 115114641 A CN115114641 A CN 115114641A CN 202210744858 A CN202210744858 A CN 202210744858A CN 115114641 A CN115114641 A CN 115114641A
Authority
CN
China
Prior art keywords
data information
information
page data
page
background management
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210744858.3A
Other languages
Chinese (zh)
Inventor
易旺
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ping An Bank Co Ltd
Original Assignee
Ping An Bank Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ping An Bank Co Ltd filed Critical Ping An Bank Co Ltd
Priority to CN202210744858.3A priority Critical patent/CN115114641A/en
Publication of CN115114641A publication Critical patent/CN115114641A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/95Retrieval from the web
    • G06F16/955Retrieval from the web using information identifiers, e.g. uniform resource locators [URL]
    • G06F16/9566URL specific, e.g. using aliases, detecting broken or misspelled links
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • G06F21/6254Protecting personal data, e.g. for financial or medical purposes by anonymising data, e.g. decorrelating personal data from the owner's identification
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/02Banking, e.g. interest calculation or account maintenance

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Business, Economics & Management (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Accounting & Taxation (AREA)
  • Finance (AREA)
  • Marketing (AREA)
  • Economics (AREA)
  • Development Economics (AREA)
  • Strategic Management (AREA)
  • Technology Law (AREA)
  • General Business, Economics & Management (AREA)
  • Automation & Control Theory (AREA)
  • Data Mining & Analysis (AREA)
  • Medical Informatics (AREA)
  • Storage Device Security (AREA)

Abstract

The embodiment of the application provides a data mask method and a data mask system based on a background management interface, and relates to the technical field of data processing. The method comprises the following steps: acquiring page data information and role coding information of the background management interface; configuring the field attribute of the page data information to generate configured page data information; traversing all the data information of the configured pages of the background management interface, and executing the following processing on the data information of the configured pages traversed: judging whether the configured page data information comprises page URL information or not, if so, associating the page URL information with the corresponding field attribute; matching the role coding information and the configured page data information to generate a matching result; and performing data mask operation on the page data information according to the matching result. The method can realize the data mask of the page and improve the technical effect of data security.

Description

Data mask method and system based on background management interface
Technical Field
The present application relates to the field of data processing technologies, and in particular, to a data mask method and system based on a background management interface, an electronic device, and a computer-readable storage medium.
Background
At present, with the coming of more regulations on data security, some business data related to the core may not be seen by internal ordinary employees along with the enhancement of financial supervision in the banking industry, and only relevant leaders may be allowed to have authority to see the corresponding data. Such as some important account information of the customer, personal identification information, etc.
In the prior art, business personnel need to troubleshoot problems or need to see some data capable of being marked aiming at a client call, and log in an internal background management system to display the data; however, if the system is only logged in with authority, all people can see the corresponding data, so that information leakage is possible, and data security is low.
Disclosure of Invention
The embodiment of the application aims to provide a data mask method, a data mask system, an electronic device and a computer-readable storage medium based on a background management interface, which can achieve the technical effects of realizing data mask of a page and improving data security.
In a first aspect, an embodiment of the present application provides a data masking method based on a background management interface, including:
acquiring page data information and role coding information of the background management interface;
configuring the field attribute of the page data information to generate configured page data information;
traversing all the data information of the configured pages of the background management interface, and executing the following processing on the data information of the configured pages traversed:
judging whether the configured page data information comprises page URL information or not, if so, associating the page URL information with the corresponding field attribute;
matching the role coding information and the configuration page data information to generate a matching result;
and performing data mask operation on the page data information according to the matching result.
In the implementation process, the data mask method based on the background management interface is used for associating the page URL information with the corresponding field attribute by configuring the field attribute of the page data information, and the background management interface necessarily has the corresponding page URL information, so that more effective data mask operation can be realized; meanwhile, matching the role coding information and the configuration page data information to realize data mask based on role authority, if only high-level administrators can see some information; by the method, the field attribute configuration of the security is not adjusted along with the change of the service, secondary development is not needed, the development cost is reduced, the data mask of the page can be realized, and the technical effect of improving the data security is achieved.
Further, before the step of matching the role coding information and the configured page data information to generate a matching result, the method includes:
and marking the data information of the configured page to generate data marking information, wherein the data marking information is used for marking whether the data information of the configured page is subjected to data transformation.
In the implementation process, whether the configured page data information is subjected to data transformation is marked by marking the configured page data information, so that the repeated processing of the same page data information is avoided.
Further, after the step of performing a data masking operation on the page data information according to the matching result, the method further includes:
and performing data masking operation on the page data information according to a preset masking rule table, wherein the preset masking rule table comprises one or more of a front mask, a rear mask and a middle segment bit mask.
In the implementation process, by means of the preset mask rule table, what field attributes are specifically configured and what desensitization rules are correspondingly adopted, mask display can be carried out on any field of the page data information of all resources, and data mask efficiency is further improved.
Further, the preset mask rule table includes a plurality of mask rule tables, the mask rule tables respectively correspond to different rule service names, and the rule service names are used for correspondingly configuring the configured page data information.
Further, the step of configuring the field attribute of the page data information and generating configured page data information includes:
and performing central structure configuration on the field attribute of the page data information to generate the configured page data information.
Further, the step of configuring the field attribute of the page data information and generating configured page data information includes:
and performing table structure configuration on the field attribute of the page data information to generate the configured page data information.
Further, before the step of configuring the field attribute of the page data information and generating configured page data information, the method further includes:
and increasing or decreasing the mark for the field attribute pairing of the page data information.
In the implementation process, since the field attribute of the page data information needs to be adjusted and increased or decreased in the subsequent service, the corresponding field attribute also needs to be matched with an increased or decreased mark, and the table name indicates whether the field is in use.
In a second aspect, an embodiment of the present application provides a data mask system based on a background management interface, including:
the acquisition module is used for acquiring page data information and role coding information of the background management interface;
the configuration module is used for configuring the field attribute of the page data information to generate configured page data information;
the traversing module is used for traversing all the configuration page data information of the background management interface and executing the following processing on the configuration page data information traversed: judging whether the configured page data information comprises page URL information or not, if so, associating the page URL information with the corresponding field attribute;
the matching module is used for matching the role coding information and the configured page data information to generate a matching result;
and the mask module is used for performing data mask operation on the page data information according to the matching result.
Further, the data mask system based on the background management interface further includes a marking module, where the marking module is configured to:
and marking the data information of the configured page to generate data marking information, wherein the data marking information is used for marking whether the data information of the configured page is subjected to data transformation.
Further, the masking module is further configured to:
and performing data masking operation on the page data information according to a preset masking rule table, wherein the preset masking rule table comprises one or more of a front mask, a rear mask and a middle segment bit mask.
Further, the configuration module is specifically configured to:
and carrying out central structure configuration on the field attribute of the page data information to generate the configured page data information.
Further, the configuration module is specifically configured to: and performing table structure configuration on the field attribute of the page data information to generate the configured page data information.
Further, the tagging module is to: and increasing or decreasing the marks for the field attribute pairing of the page data information.
In a third aspect, an electronic device provided in an embodiment of the present application includes: memory, a processor and a computer program stored in the memory and executable on the processor, the processor implementing the steps of the method according to any of the first aspect when executing the computer program.
In a fourth aspect, an embodiment of the present application provides a computer-readable storage medium having instructions stored thereon, which, when executed on a computer, cause the computer to perform the method according to any one of the first aspect.
In a fifth aspect, embodiments of the present application provide a computer program product, which when run on a computer, causes the computer to perform the method according to any one of the first aspect.
Additional features and advantages of the disclosure will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by the practice of the above-described techniques.
In order to make the aforementioned objects, features and advantages of the present application more comprehensible, preferred embodiments accompanied with figures are described in detail below.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are required to be used in the embodiments of the present application will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present application and therefore should not be considered as limiting the scope, and that those skilled in the art can also obtain other related drawings based on the drawings without inventive efforts.
Fig. 1 is a schematic flowchart of a data masking method based on a background management interface according to an embodiment of the present disclosure;
fig. 2 is a schematic flowchart of another data masking method based on a background management interface according to an embodiment of the present disclosure;
fig. 3 is a block diagram of a data mask system based on a background management interface according to an embodiment of the present disclosure;
fig. 4 is a block diagram of an electronic device according to an embodiment of the present disclosure.
Detailed Description
The technical solutions in the embodiments of the present application will be described below with reference to the drawings in the embodiments of the present application.
It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined or explained in subsequent figures. Meanwhile, in the description of the present application, the terms "first", "second", and the like are used only for distinguishing the description, and are not construed as indicating or implying relative importance.
The embodiment of the application provides a data mask method, a data mask system, electronic equipment and a computer-readable storage medium based on a background management interface, which can be applied to page-level data mask operation; the data mask method based on the background management interface is characterized in that the field attribute of the page data information is configured, and the background management interface must have corresponding page URL information, so that the page URL information is associated with the corresponding field attribute, and more effective data mask operation can be realized; meanwhile, matching the role coding information and the configured page data information to realize a data mask based on role authority, wherein if only a high-level administrator can see some information; by the method, the field attribute configuration of the security is not adjusted along with the change of the service, secondary development is not needed, the development cost is reduced, the data mask of the page can be realized, and the technical effect of improving the data security is achieved.
Referring to fig. 1, fig. 1 is a schematic flowchart of a data masking method based on a background management interface according to an embodiment of the present application, where the data masking method based on the background management interface includes the following steps:
s100: and acquiring page data information and role coding information of the background management interface.
Illustratively, a background management interface, i.e. a page that business personnel see when logging in to a background management system; most of data of the page data information are inquired and displayed in the background management interface, and the page data information editing and modifying function is provided for the result data in the page.
Exemplarily, the role coding information, namely the account coding information of the service personnel logging in the background management system, is matched with the authority level; the role coding information with different authority levels has different data display authorities, so that corresponding data mask operation is performed on different authority levels, and the data security can be effectively improved.
S200: and configuring the field attribute of the page data information to generate configured page data information.
For example, each piece of data in the page data information generally corresponds to a field attribute, so that each field attribute of the page data information is configured to generate configured page data information, and the configured page data information can be conveniently subjected to data masking operation.
S300: traversing all the data information of the configured pages of the background management interface, and executing the following processing on the data information of the configured pages traversed:
s301: judging whether the configured page data information comprises page URL information or not;
if yes, S302: and associating the page URL information with the corresponding field attribute.
For example, in the background management system, there are many menu type data in the page data information, and each menu corresponds to a specific individual subset page, and a page URL information corresponds to one of the subset pages, so that the page URL information needs to be associated with the corresponding field attribute.
In some embodiments, if an entire page of one page data information is controlled, the field attributes in a particular page are not considered in a more detailed manner; therefore, the whole page of the data information of one page can be marked, and whether the safety data reconstruction is carried out or not can be marked.
Illustratively, on the World Wide Web (WWW), each information Resource has a Uniform and unique address on the Web, namely a Uniform Resource Locator (URL), which is a Uniform Resource Locator of the World Wide Web and refers to a network address.
Illustratively, the page URL information includes three parts: resource type, host domain name storing resource, resource file name. In some embodiments, the page URL information may also be considered to consist of 4 parts: protocol, host, port, path.
S400: and matching the role coding information and the configured page data information to generate a matching result.
For example, after each service person logs in the background management system, the login relates to a right role corresponding to the login account, for example: only high-level business personnel or administrators can see certain information, so the role code and field attributes may be matched and tied together.
Exemplarily, by the method, a hierarchical linkage safety mode for designing roles, resources and attributes is realized, and data mask operation is facilitated.
S500: and performing data mask operation on the page data information according to the matching result.
In some embodiments, the data masking method based on the background management interface can perform more effective data masking operation by configuring the field attribute of the page data information, and associating the page URL information with the corresponding field attribute by the background management interface necessarily having the corresponding page URL information; meanwhile, matching the role coding information and the configured page data information to realize a data mask based on role authority, wherein if only a high-level administrator can see some information; by the method, the field attribute configuration of the security is not adjusted along with the change of the service, secondary development is not needed, the development cost is reduced, the data mask of the page can be realized, and the technical effect of improving the data security is achieved.
Referring to fig. 2, fig. 2 is a schematic flowchart of another background management interface-based data masking method according to an embodiment of the present disclosure.
Exemplarily, at S400: before the step of matching the role coding information and the configured page data information to generate a matching result, the method includes:
s310: and marking the data information of the configured page to generate data marking information, wherein the data marking information is used for marking whether the data information of the configured page is subjected to data transformation.
In some embodiments, configured page data information is marked to mark whether data transformation of the configured page data information is completed or not, so that repeated processing of the same page data information is avoided.
Exemplarily, at S500: after the step of performing data masking operation on the page data information according to the matching result, the method further includes:
s600: and performing data masking operation on the page data information according to a preset masking rule table, wherein the preset masking rule table comprises one or more of a front mask, a rear mask and a middle segment bit mask.
In some embodiments, by means of a preset mask rule table, what field attributes are specifically configured and what desensitization rules are correspondingly adopted, mask display can be performed on any field of page data information of all resources, and data mask efficiency is further improved.
In some implementation scenarios, an attribute mask rule table may be added, and what desensitization rule is used for what attribute is specifically configured, such as different identity cards, account numbers, addresses, names, and the like, and front and back masks, middle segment masks, and the like may be used, or a certain bit is designated for masking; for example, the last 5 bits can be masked corresponding to the driving license information, so that any field of all resource pages can be supported to be masked.
Illustratively, the preset mask rule table includes a plurality of mask rule tables, the mask rule tables respectively correspond to different rule service names, and the rule service names are used for correspondingly configuring the configured page data information.
Exemplarily, S200: the step of configuring the field attribute of the page data information and generating configured page data information includes:
and carrying out central structure configuration on the field attribute of the page data information to generate the configured page data information.
Exemplarily, S200: the step of configuring the field attribute of the page data information and generating configured page data information includes:
and performing table structure configuration on the field attribute of the page data information to generate the configured page data information.
In some embodiments, when performing the configuration processing, a processing manner of configuring a table structure or configuring a center structure may be adopted according to actual needs, which is only an example and is not limited herein.
Exemplarily, at S200: before the step of configuring the field attribute of the page data information and generating configured page data information, the method further includes:
s110: and increasing or decreasing the mark for the field attribute pairing of the page data information.
In some embodiments, since the field attribute of the page data information needs to be adjusted and increased or decreased in subsequent services, the corresponding field attribute also needs to be paired with an increase or decrease flag, and the table name indicates whether the field is in use.
In some implementation scenarios, according to the data masking method based on the background management interface provided by the embodiment of the present application, a set of masking codes may be developed (for example, the masking codes may be packaged into jar), or the masking codes may be directly embedded into each background management system; the mask code has the following functions:
1) most of data which is logged in and seen by business personnel in a background management system is inquired and displayed in a page, and the editing and modifying functions are carried out on result data in the page;
data generally corresponds to field attributes one by one, so that the field attributes in the pages are configured, and the configuration can be a configuration center structure or a table structure;
meanwhile, considering that the field attribute may need to be adjusted and increased or decreased in the subsequent service, the corresponding field attribute is also matched with an increased or decreased mark at the same time, and the table names whether the field is in use or not;
2) a plurality of menus are arranged in the background management system, each menu corresponds to a specific page, and the page necessarily has corresponding page URL information, so that the page URL information is associated with the field;
optionally, from the upper-level page to the lower-level page, if the whole page of the upper-level page is controlled, the field attribute in the specific lower-level page is not considered in a subdivision manner; for example, a whole page may also be marked to indicate whether a secure data transformation has been made.
3) Each service person/manager logs in and relates to the authority role; for example, only a high-level administrator can see certain information, so that role codes and field attributes of business personnel/administrators during login are bound;
4) adding a preset attribute mask rule table, specifically configuring what field attribute adopts what desensitization rule, such as identity card, account number, address, name, and the like, and performing front and back mask, middle segment mask, and the like, or designating a certain bit for mask; by way of example, the last 5 bits, etc. may be masked, such as with driver's license data, which may support masking any fields of all resource pages.
5) Considering that different mask rules may exist in field attributes of the same general class, the subdivision configuration may be performed, and a rule service name is designed, for example, address information may define a set of mask rules that uses ruleAddress, 1 rule service name contracts, and different configurations may be performed. As an example, various address information such as an existing residence address, a household address, a company address, a recipient address, etc. is displayed on the page data information, and a same set of address rules may be configured to perform mask display on all data on the page.
Exemplarily, the data mask method based on the background management interface provided by the embodiment of the application conforms to the supervision requirements of relevant organizations on financial data, the configuration of the security field is not adjusted along with the change of business, secondary development is not needed, and the development cost is reduced, so that the data mask of the page is realized, and the technical effect of data security is improved.
Referring to fig. 3, fig. 3 is a block diagram of a data mask system based on a background management interface according to an embodiment of the present application, where the data mask system based on the background management interface includes:
an obtaining module 100, configured to obtain page data information and role code information of the background management interface;
the configuration module 200 is configured to configure the field attribute of the page data information, and generate configured page data information;
the traversing module 300 is configured to traverse all the configured page data information of the background management interface, and perform the following processing on the configured page data information that is traversed: judging whether the configured page data information comprises page URL information or not, if so, associating the page URL information with the corresponding field attribute;
the matching module 400 is configured to perform matching processing on the role coding information and the configured page data information to generate a matching result;
and a mask module 500, configured to perform a data mask operation on the page data information according to the matching result.
Illustratively, the data masking system based on the background management interface further comprises a marking module, and the marking module is configured to:
and marking the data information of the configured page to generate data marking information, wherein the data marking information is used for marking whether the data information of the configured page is subjected to data transformation.
Illustratively, the masking module 500 is further configured to:
and performing data masking operation on the page data information according to a preset masking rule table, wherein the preset masking rule table comprises one or more of a front mask, a rear mask and a middle segment bit mask.
Illustratively, the configuration module 200 is specifically configured to:
and carrying out central structure configuration on the field attribute of the page data information to generate the configured page data information.
Illustratively, the configuration module 200 is specifically configured to: and performing table structure configuration on the field attribute of the page data information to generate the configured page data information.
Illustratively, the tagging module is to: and increasing or decreasing the mark for the field attribute pairing of the page data information.
Exemplarily, the data mask system based on the background management interface shown in fig. 3 corresponds to the method embodiments shown in fig. 1 and fig. 2, and is not described herein again to avoid repetition.
Fig. 4 shows a block diagram of an electronic device according to an embodiment of the present disclosure, where fig. 4 is a block diagram of the electronic device. The electronic device may include a processor 510, a communication interface 520, a memory 530, and at least one communication bus 540. Wherein the communication bus 540 is used for realizing direct connection communication of the components. In this embodiment, the communication interface 520 of the electronic device is used for performing signaling or data communication with other node devices. Processor 510 may be an integrated circuit chip having signal processing capabilities.
The Processor 510 may be a general-purpose Processor including a Central Processing Unit (CPU), a Network Processor (NP), and the like; but may also be a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), an off-the-shelf programmable gate array (FPGA) or other programmable logic device, discrete gate or transistor logic, discrete hardware components. The various methods, steps, and logic blocks disclosed in the embodiments of the present application may be implemented or performed. A general purpose processor may be a microprocessor or the processor 510 may be any conventional processor or the like.
The Memory 530 may be, but is not limited to, a Random Access Memory (RAM), a Read Only Memory (ROM), a Programmable Read Only Memory (PROM), an Erasable Read Only Memory (EPROM), an electrically Erasable Read Only Memory (EEPROM), and the like. The memory 530 stores computer readable instructions, which when executed by the processor 510, enable the electronic device to perform the steps involved in the method embodiments of fig. 1-2 described above.
Optionally, the electronic device may further include a memory controller, an input output unit.
The memory 530, the memory controller, the processor 510, the peripheral interface, and the input/output unit are electrically connected to each other directly or indirectly, so as to implement data transmission or interaction. For example, these elements may be electrically coupled to each other via one or more communication buses 540. The processor 510 is used to execute executable modules stored in the memory 530, such as software functional modules or computer programs included in the electronic device.
The input and output unit is used for providing a task for a user to create and start an optional time period or preset execution time for the task creation so as to realize the interaction between the user and the server. The input/output unit may be, but is not limited to, a mouse, a keyboard, and the like.
It will be appreciated that the configuration shown in fig. 4 is merely illustrative and that the electronic device may include more or fewer components than shown in fig. 4 or may have a different configuration than shown in fig. 4. The components shown in fig. 4 may be implemented in hardware, software, or a combination thereof.
The embodiment of the present application further provides a storage medium, where the storage medium stores instructions, and when the instructions are run on a computer, when the computer program is executed by a processor, the method in the method embodiment is implemented, and in order to avoid repetition, details are not repeated here.
The present application also provides a computer program product which, when run on a computer, causes the computer to perform the method of the method embodiments.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus and method can be implemented in other ways. The apparatus embodiments described above are merely illustrative and, for example, the flowcharts and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of apparatus, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
In addition, functional modules in the embodiments of the present application may be integrated together to form an independent part, or each module may exist separately, or two or more modules may be integrated to form an independent part.
The functions, if implemented in the form of software functional modules and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application or portions thereof that substantially contribute to the prior art may be embodied in the form of a software product stored in a storage medium and including instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
The above description is only an example of the present application and is not intended to limit the scope of the present application, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present application shall be included in the protection scope of the present application. It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined or explained in subsequent figures.
The above description is only for the specific embodiments of the present application, but the scope of the present application is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present application, and shall be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.

Claims (10)

1. A data mask method based on a background management interface is characterized by comprising the following steps:
acquiring page data information and role coding information of the background management interface;
configuring the field attribute of the page data information to generate configured page data information;
traversing all the data information of the configured pages of the background management interface, and executing the following processing on the data information of the configured pages traversed:
judging whether the configured page data information comprises page URL information or not, if so, associating the page URL information with the corresponding field attribute;
matching the role coding information and the configured page data information to generate a matching result;
and performing data mask operation on the page data information according to the matching result.
2. The background management interface-based data masking method according to claim 1, wherein before the step of performing matching processing on the role coding information and the configured page data information to generate a matching result, the method includes:
and marking the data information of the configured page to generate data marking information, wherein the data marking information is used for marking whether the data information of the configured page is subjected to data transformation.
3. The background management interface-based data masking method according to claim 1, wherein after the step of performing a data masking operation on the page data information according to the matching result, the method further comprises:
and performing data masking operation on the page data information according to a preset masking rule table, wherein the preset masking rule table comprises one or more of a front mask, a rear mask and a middle segment bit mask.
4. The background management interface-based data masking method according to claim 3, wherein the preset masking rule table includes a plurality of masking rule tables, the masking rule tables respectively correspond to different rule service names, and the rule service names are used for correspondingly configuring the configured page data information.
5. The background management interface-based data masking method according to claim 1, wherein the step of configuring the field attribute of the page data information and generating configured page data information includes:
and carrying out central structure configuration on the field attribute of the page data information to generate the configured page data information.
6. The background management interface-based data masking method according to claim 1, wherein the step of configuring the field attribute of the page data information and generating configured page data information includes:
and performing table structure configuration on the field attribute of the page data information to generate the configured page data information.
7. The background management interface-based data masking method according to claim 6, wherein before the step of configuring the field attribute of the page data information and generating configured page data information, the method further comprises:
and increasing or decreasing the mark for the field attribute pairing of the page data information.
8. A data mask system based on a background management interface is characterized by comprising:
the acquisition module is used for acquiring page data information and role coding information of the background management interface;
the configuration module is used for configuring the field attribute of the page data information to generate configured page data information;
the traversing module is used for traversing all the configuration page data information of the background management interface and executing the following processing on the configuration page data information traversed: judging whether the configured page data information comprises page URL information or not, if so, associating the page URL information with the corresponding field attribute;
the matching module is used for matching the role coding information and the configured page data information to generate a matching result;
and the mask module is used for performing data mask operation on the page data information according to the matching result.
9. An electronic device, comprising: a memory, a processor, and a computer program stored in the memory and executable on the processor, the processor implementing the steps of the background management interface-based data masking method according to any one of claims 1 to 7 when executing the computer program.
10. A computer-readable storage medium having stored thereon instructions which, when executed on a computer, cause the computer to perform the background management interface-based data masking method of any one of claims 1 to 7.
CN202210744858.3A 2022-06-27 2022-06-27 Data mask method and system based on background management interface Pending CN115114641A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210744858.3A CN115114641A (en) 2022-06-27 2022-06-27 Data mask method and system based on background management interface

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210744858.3A CN115114641A (en) 2022-06-27 2022-06-27 Data mask method and system based on background management interface

Publications (1)

Publication Number Publication Date
CN115114641A true CN115114641A (en) 2022-09-27

Family

ID=83329779

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210744858.3A Pending CN115114641A (en) 2022-06-27 2022-06-27 Data mask method and system based on background management interface

Country Status (1)

Country Link
CN (1) CN115114641A (en)

Similar Documents

Publication Publication Date Title
US11349873B2 (en) User model-based data loss prevention
CN107111702B (en) Access blocking for data loss prevention in a collaborative environment
Gisladottir et al. Resilience of cyber systems with over‐and underregulation
KR20190129877A (en) Obfuscation of User Content in Structured User Data Files
US9892263B2 (en) System, method and apparatus to visually configure an analysis of a program
US20230153447A1 (en) Automatic generation of security labels to apply encryption
US10891357B2 (en) Managing the display of hidden proprietary software code to authorized licensed users
CN112580093A (en) Page display method and device based on user permission
DE102019209349A1 (en) Investigate web threats using advanced web crawling
DE10110316B4 (en) Secure password entry
US11729157B2 (en) Bootstrapping trust in decentralized identifiers
Saito et al. A case-based management system for secure software development using software security knowledge
US20120023480A1 (en) Scripting language processing engine in data leak prevention application
CN115114641A (en) Data mask method and system based on background management interface
CN113656795B (en) Window operation behavior auditing method and system
CN111985902B (en) Cross-system information collaborative management method, device, equipment and storage medium
CN113297622A (en) Log desensitization method, system, electronic equipment and storage medium
Thompson CISOs should work closely with their ITAM colleagues
CN114362979B (en) Method and system for managing application
US20220255962A1 (en) Systems and methods for creation, management, and storage of honeyrecords
US20230237197A1 (en) Systems, methods, and devices for implementing security platforms
US9934496B1 (en) Data masking using a proxy server
US20210049304A1 (en) Character fingerprinting in text compositions
Kabay et al. Security policy guidelines
CN115017119A (en) Log mask method and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination