CN115150189B - Method for automatically intercepting file outgoing based on enterprise private cloud disk - Google Patents

Method for automatically intercepting file outgoing based on enterprise private cloud disk Download PDF

Info

Publication number
CN115150189B
CN115150189B CN202210900632.8A CN202210900632A CN115150189B CN 115150189 B CN115150189 B CN 115150189B CN 202210900632 A CN202210900632 A CN 202210900632A CN 115150189 B CN115150189 B CN 115150189B
Authority
CN
China
Prior art keywords
file
interception
interception condition
information
sent out
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210900632.8A
Other languages
Chinese (zh)
Other versions
CN115150189A (en
Inventor
林勇杰
邹琼
周双全
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Rayvision Technology Co ltd
Original Assignee
Shenzhen Rayvision Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Rayvision Technology Co ltd filed Critical Shenzhen Rayvision Technology Co ltd
Priority to CN202210900632.8A priority Critical patent/CN115150189B/en
Publication of CN115150189A publication Critical patent/CN115150189A/en
Application granted granted Critical
Publication of CN115150189B publication Critical patent/CN115150189B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0236Filtering by address, protocol, port number or service, e.g. IP-address or URL
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0263Rule management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • General Business, Economics & Management (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a method for automatically intercepting file outgoing based on an enterprise private cloud disk, which comprises the following steps: setting interception condition information of file outgoing in a cloud disk system, and setting priority order of interception condition judgment in the interception condition information; the method comprises the steps that a user terminal sends a request of an outgoing file to a cloud disk system, and the cloud disk system packs the file to be sent of the user terminal and obtains file pack information of the file to be sent; and the cloud disk system judges whether the file to be sent out meets the interception condition information according to the set interception condition information and the priority order judged by the interception condition after acquiring the file package information, if not, the file to be sent out is intercepted, and if so, the file to be sent out is sent out. The invention can realize step-by-step judgment of interception conditions, effectively improve the accuracy of outgoing of the file to be sent out, effectively ensure the security of outgoing of the file to be sent out, and effectively improve the experience of users.

Description

Method for automatically intercepting file outgoing based on enterprise private cloud disk
Technical Field
The invention relates to the field of file sending interception, in particular to a method for automatically intercepting file outgoing based on an enterprise private cloud disk.
Background
Automatic interception of cloud disk file outgoing of enterprises: after the private cloud disk is deployed by the enterprise, enterprise internal staff want to send files to the external network through the enterprise cloud disk, and automatically trigger an outgoing file detection mechanism through an outgoing spring strategy preset in the cloud disk system, and intelligent interception is performed according to the preset outgoing interception strategy. However, in the current enterprise private cloud disk software, there is no good interception management scheme for file security delivery, especially in a complex use environment, the user needs are difficult to meet when they are changeable, so that accurate and effective interception of file delivery cannot be realized, resulting in low security of file delivery.
Accordingly, the prior art has drawbacks and needs improvement.
Disclosure of Invention
The invention aims to overcome the defects of the prior art, and provides a method for automatically intercepting file outgoing based on an enterprise private cloud disk, which solves the problem that in the prior art, the file outgoing is low in safety because the file outgoing cannot be accurately and effectively intercepted.
The technical scheme of the invention is as follows: an enterprise private cloud disk file outgoing automatic interception method comprises the following steps:
s1: setting interception condition information of file outgoing in the cloud disk system, and setting priority order of interception condition judgment in the interception condition information.
The interception condition in the interception condition information includes: user account interception conditions and/or user IP interception conditions and/or file information interception conditions.
S2: the method comprises the steps that a user terminal sends a request of an outgoing file to a cloud disk system, and the cloud disk system packs the file to be sent of the user terminal and obtains file pack information of the file to be sent.
The package information includes: the IP address and account information of the user terminal, the size and the number of the files to be sent out and the types of the files to be sent out.
S3: and the cloud disk system judges whether the file to be sent out meets the interception condition information according to the set interception condition information and the priority order judged by the interception condition after acquiring the file package information, if not, the file to be sent out is intercepted, and if so, the file to be sent out is sent out.
Further, the step S3 further includes:
s4: if the file to be sent out is intercepted, the cloud disk system sends a file interception notice to the user terminal, and the intercepted file to be sent out is stored in the file interception area.
Further, the user account interception condition is whether the user account interception condition belongs to a user account in appointed user account information, wherein the appointed user account information comprises at least one appointed user account; the user IP interception condition is whether the IP address of the user terminal belongs to the IP address in the blacklist.
Further, the file information interception condition is whether the file type and/or the file size and/or the number of files respectively meet the requirements of the corresponding preset file type, file size threshold and file number threshold.
Further, the priority order of the interception condition judgment is as follows: a user account interception condition, a user IP interception condition, a file information interception condition or a user account interception condition, a file information interception condition, a user IP interception condition or a user IP interception condition, a user account interception condition, a file information interception condition or a user IP interception condition, a file information interception condition, a user account interception condition or a file information interception condition, a user account interception condition, a user IP interception condition or a file information interception condition, a user IP interception condition, a user account interception condition.
Further, the step S3 is: and the cloud disk system sequentially judges whether the file to be sent out meets the interception condition information according to the set interception condition information and the priority order judged by the interception condition after acquiring the file package information, intercepts the file to be sent out if not meeting all the interception conditions in the interception condition information, stops the judging process if meeting one interception condition in the interception condition information, and sends the file to be sent out.
By adopting the scheme, the invention provides the method for automatically intercepting the file outgoing based on the enterprise private cloud disk, which has the following beneficial effects: according to the method, whether the file to be sent out meets the set interception condition or not can be judged according to the interception condition information set in the cloud disk system and the priority order of interception condition judgment in the interception condition information, if so, the file to be sent out is directly sent out, and if not, judgment operation can be sequentially carried out according to the priority order of interception condition judgment, and when not meeting all the interception conditions, the file to be sent out is indicated to be unable to carry out the sending out operation, so that the file to be sent out is directly intercepted, the safety of the file to be sent out is ensured, meanwhile, step-by-step judgment of the interception condition can be realized, the accuracy of the file to be sent out is effectively improved, meanwhile, the safety after the file to be sent out is effectively ensured, and the experience of a user is effectively improved.
Drawings
FIG. 1 is a flow chart of the present invention.
Detailed Description
The invention will be described in detail below with reference to the drawings and the specific embodiments.
Referring to fig. 1, the invention provides a method for automatically intercepting file outgoing based on an enterprise private cloud disk, which comprises the following steps:
s1: setting interception condition information of file outgoing in the cloud disk system, and setting priority order of interception condition judgment in the interception condition information.
Specifically, the interception condition in the interception condition information includes: user account interception conditions and/or user IP interception conditions and/or file information interception conditions. Therefore, there may be a plurality of interception conditions or only one interception condition, and when there are a plurality of interception conditions, the priority order of the corresponding interception conditions is set for judgment, so that the judgment is sequentially performed according to the set priority order when the judgment is performed. Specifically, in this embodiment, the interception condition information is set with a user account interception condition, a user IP interception condition, and a file information interception condition at the same time, and the priority order of interception condition judgment is the user IP interception condition, the user account interception condition, and the file information interception condition.
S2: the method comprises the steps that a user terminal sends a request of an outgoing file to a cloud disk system, the cloud disk system packs the file to be outgoing of the user terminal, detects the file to be outgoing, and obtains file package information of the file to be outgoing.
Specifically, in this embodiment, the package information includes: the IP address and account information of the user terminal, the size and the number of the files to be sent out and the types of the files to be sent out. Specifically, the type of the file to be sent out may be set according to the actual requirement, for example, the file to be sent out is in exe or txt format.
S3: and the cloud disk system judges whether the file to be sent out meets the interception condition information according to the set interception condition information and the priority order judged by the interception condition after acquiring the file package information, if not, the file to be sent out is intercepted, and if so, the file to be sent out is sent out. In this embodiment, when judging, it is firstly judged whether the IP address of the user terminal meets the requirement of the user account interception condition, if yes, the file to be sent out is directly sent out, if not, it is further judged whether the user account of the user terminal meets the user account interception condition, if yes, the file to be sent out is directly sent out, if not, it is further judged whether the size and number of the file to be sent out and the type of the file to be sent out meet the requirement of the file information interception condition, if yes, the file to be sent out is sent out, and if not, the file to be sent out is intercepted.
According to the method for automatically intercepting the file outgoing based on the enterprise private cloud disk, before the user terminal sends the file, file package information of the file to be sent is required to be acquired, whether the file to be sent meets the set interception condition or not is judged according to interception condition information set in a cloud disk system and the priority order judged by the interception condition information, if the file to be sent meets the set interception condition, the file to be sent is directly sent out, if the file to be sent out does not meet the set interception condition, judgment operation is sequentially carried out according to the priority order judged by the set interception condition, and when the file to be sent out does not meet all the interception conditions, the file to be sent out cannot be sent out, so that the file to be sent out is intercepted directly, and the security of the file to be sent out is ensured; the invention can realize step-by-step judgment of interception conditions, can improve the accuracy of the outgoing of the file to be sent out, effectively ensure the safety of the file to be sent out, and effectively improve the experience of users.
Specifically, in this embodiment, the step S3 further includes:
s4: if the file to be sent out is intercepted, the cloud disk system sends a file interception notice to the user terminal, and the intercepted file to be sent out is stored in the file interception area. Meanwhile, the cloud disk system can record interception information (the number of intercepted files, the names, the sizes, the types and the like of the intercepted files) in the intercepted files, and the interception information is used for being checked by an administrator of the cloud disk system to realize management and control of the intercepted files.
Specifically, in this embodiment, the user account interception condition is whether the user account interception condition belongs to a user account in specified user account information, where the specified user account information includes at least one specified user account, and a name and an ID number of the specified user account are determined and are preset information; the user IP interception condition is whether the IP address of the user terminal belongs to the IP address in the blacklist; the file information interception condition is whether the file type and/or the file size and/or the number of files respectively meet the requirements of corresponding preset file types, file size thresholds and file number thresholds. The preset file types comprise exe, txt and other formats, and can be specifically set according to the requirements of users; the file size threshold value, the file quantity threshold value and the like are determined according to actual requirements. Specifically, when judging, judging whether the IP address of the user terminal belongs to the IP address in the outgoing blacklist, if not, judging whether the user account of the user terminal belongs to the user account in the appointed user account information, if so, directly outgoing the outgoing file, if not, judging whether the size and the number of the outgoing file meet the requirements of a file size threshold and a file number threshold, and if so, judging whether the type of the outgoing file belongs to the preset file type, and if so, outgoing the outgoing file.
Specifically, in this embodiment, the step S3 is: and the cloud disk system sequentially judges whether the file to be sent out meets the interception condition information according to the set interception condition information and the priority order of interception condition judgment after acquiring the file package information, intercepts the file to be sent out if not meeting all the interception conditions in the interception condition information, stops the judgment process if meeting one interception condition in the interception condition information, and sends the file to be sent out.
In summary, the method for automatically intercepting the file outgoing based on the enterprise private cloud disk has the following beneficial effects: according to the method, whether the file to be sent out meets the set interception condition or not can be judged according to the interception condition information set in the cloud disk system and the priority order of interception condition judgment in the interception condition information, if so, the file to be sent out is directly sent out, and if not, judgment operation can be sequentially carried out according to the priority order of interception condition judgment, and when not meeting all the interception conditions, the file to be sent out is indicated to be unable to carry out the sending out operation, so that the file to be sent out is directly intercepted, the safety of the file to be sent out is ensured, meanwhile, step-by-step judgment of the interception condition can be realized, the accuracy of the file to be sent out is effectively improved, meanwhile, the safety after the file to be sent out is effectively ensured, and the experience of a user is effectively improved.
The foregoing description of the preferred embodiment of the invention is not intended to be limiting, but rather is intended to cover all modifications, equivalents, and alternatives falling within the spirit and principles of the invention.

Claims (4)

1. The method for automatically intercepting the file outgoing based on the enterprise private cloud disk is characterized by comprising the following steps of:
s1: setting interception condition information of file outgoing in a cloud disk system, and setting priority order of interception condition judgment in the interception condition information;
the interception condition in the interception condition information includes: user account interception conditions and/or user IP interception conditions and/or file information interception conditions;
s2: the method comprises the steps that a user terminal sends a request of an outgoing file to a cloud disk system, and the cloud disk system packs the file to be sent of the user terminal and obtains file pack information of the file to be sent;
the package information includes: the IP address and account information of the user terminal, the size and the number of the files to be sent out and the types of the files to be sent out;
s3: after acquiring the file package information, the cloud disk system judges whether the file to be sent out meets the interception condition information according to the set interception condition information and the priority order judged by the interception condition, if not, the file to be sent out is intercepted, and if so, the file to be sent out is sent out;
the user account interception condition is whether the user account interception condition belongs to a user account in appointed user account information, wherein the appointed user account information comprises at least one appointed user account; the user IP interception condition is whether the IP address of the user terminal belongs to the IP address in the blacklist;
the priority order of the interception condition judgment is as follows: a user account interception condition, a user IP interception condition, a file information interception condition or a user account interception condition, a file information interception condition, a user IP interception condition or a user IP interception condition, a user account interception condition, a file information interception condition or a user IP interception condition, a file information interception condition, a user account interception condition or a file information interception condition, a user account interception condition, a user IP interception condition or a file information interception condition, a user IP interception condition, a user account interception condition.
2. The method for automatically intercepting file outgoing based on enterprise private cloud disk according to claim 1, wherein the step S3 further comprises:
s4: if the file to be sent out is intercepted, the cloud disk system sends a file interception notice to the user terminal, and the intercepted file to be sent out is stored in the file interception area.
3. The method for automatically intercepting file outsourcing based on the enterprise private cloud disk according to claim 1, wherein the file information intercepting condition is whether the file type and/or the file size and/or the file number respectively meet the requirements of a corresponding preset file type, file size threshold and file number threshold.
4. The method for automatically intercepting file outgoing based on enterprise private cloud disk according to claim 1, wherein the step S3 is as follows: and the cloud disk system sequentially judges whether the file to be sent out meets the interception condition information according to the set interception condition information and the priority order judged by the interception condition after acquiring the file package information, intercepts the file to be sent out if not meeting all the interception conditions in the interception condition information, stops the judging process if meeting one interception condition in the interception condition information, and sends the file to be sent out.
CN202210900632.8A 2022-07-28 2022-07-28 Method for automatically intercepting file outgoing based on enterprise private cloud disk Active CN115150189B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210900632.8A CN115150189B (en) 2022-07-28 2022-07-28 Method for automatically intercepting file outgoing based on enterprise private cloud disk

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210900632.8A CN115150189B (en) 2022-07-28 2022-07-28 Method for automatically intercepting file outgoing based on enterprise private cloud disk

Publications (2)

Publication Number Publication Date
CN115150189A CN115150189A (en) 2022-10-04
CN115150189B true CN115150189B (en) 2023-11-07

Family

ID=83414180

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210900632.8A Active CN115150189B (en) 2022-07-28 2022-07-28 Method for automatically intercepting file outgoing based on enterprise private cloud disk

Country Status (1)

Country Link
CN (1) CN115150189B (en)

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104320409A (en) * 2014-11-10 2015-01-28 成都卫士通信息产业股份有限公司 Method for controlling access to cloud disk on basis of Hook technology
CN105550593A (en) * 2015-12-11 2016-05-04 北京奇虎科技有限公司 Cloud disk file monitoring method and device based on local area network
CN106446707A (en) * 2016-08-31 2017-02-22 北京明朝万达科技股份有限公司 Dynamic data leakage prevention system and method
CN108052833A (en) * 2017-12-11 2018-05-18 北京明朝万达科技股份有限公司 A kind of executable file anti-data-leakage scan method, system and gateway
CN109587074A (en) * 2017-09-29 2019-04-05 中兴通讯股份有限公司 Message processing method, device, storage medium and processor
CN111310205A (en) * 2020-02-11 2020-06-19 平安科技(深圳)有限公司 Sensitive information detection method and device, computer equipment and storage medium
CN111385238A (en) * 2018-12-27 2020-07-07 中兴通讯股份有限公司 Data transmission method and device
CN112671781A (en) * 2020-12-24 2021-04-16 北京华顺信安信息技术有限公司 RASP-based firewall system
CN113935068A (en) * 2021-10-21 2022-01-14 深圳市瑞云科技有限公司 Data desensitization method for mass file transmission system

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10148493B1 (en) * 2015-06-08 2018-12-04 Infoblox Inc. API gateway for network policy and configuration management with public cloud

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104320409A (en) * 2014-11-10 2015-01-28 成都卫士通信息产业股份有限公司 Method for controlling access to cloud disk on basis of Hook technology
CN105550593A (en) * 2015-12-11 2016-05-04 北京奇虎科技有限公司 Cloud disk file monitoring method and device based on local area network
CN106446707A (en) * 2016-08-31 2017-02-22 北京明朝万达科技股份有限公司 Dynamic data leakage prevention system and method
CN109587074A (en) * 2017-09-29 2019-04-05 中兴通讯股份有限公司 Message processing method, device, storage medium and processor
CN108052833A (en) * 2017-12-11 2018-05-18 北京明朝万达科技股份有限公司 A kind of executable file anti-data-leakage scan method, system and gateway
CN111385238A (en) * 2018-12-27 2020-07-07 中兴通讯股份有限公司 Data transmission method and device
CN111310205A (en) * 2020-02-11 2020-06-19 平安科技(深圳)有限公司 Sensitive information detection method and device, computer equipment and storage medium
CN112671781A (en) * 2020-12-24 2021-04-16 北京华顺信安信息技术有限公司 RASP-based firewall system
CN113935068A (en) * 2021-10-21 2022-01-14 深圳市瑞云科技有限公司 Data desensitization method for mass file transmission system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
"私有云安全文件交换系统在涉密信息系统中的应用研究";熊明俊;《信息与电脑(理论版)》;第32卷(第22期);第199-201页 *

Also Published As

Publication number Publication date
CN115150189A (en) 2022-10-04

Similar Documents

Publication Publication Date Title
CN110225109B (en) Multi-queue data transmission method based on 'industrial and commercial connection' platform
CN108337296A (en) Message push processing method, device, computer equipment and storage medium
US9798680B2 (en) Policy control method and apparatus for terminal peripheral
US20170339001A1 (en) Methods and apparatuses for pushing a message
WO2011069438A1 (en) Working method and system for self-learning intellectualized short message firewall of mobile terminal
US20050182697A1 (en) Device management network that facilitates selective billing
CA2578602A1 (en) Rule based data collection and management in a wireless communications network
JP5638000B2 (en) Adaptive system for lawful interception in various communication networks
CN112016030B (en) Message pushing method, device, server and computer storage medium
US20090318130A1 (en) Method and apparatus for monitoring outbound communications at a communication device
CN110324407B (en) Access control method and device for background server and storage medium
CN110399149A (en) A kind of remote upgrade method under low-power consumption scene
CN112688922B (en) Data transmission method, system, equipment and medium
US20100216427A1 (en) Tracking mobile communication devices
US9160865B2 (en) Mobile platform as a delivery mechanism for security capabilities
CN115309498A (en) Container state adjusting method, device, equipment and storage medium for K8s cluster
EP2930995A1 (en) Terminal peripheral management method and m2m gateway
CN115150189B (en) Method for automatically intercepting file outgoing based on enterprise private cloud disk
CN107404580A (en) A kind of method, storage medium and equipment for intercepting harassing call number and short message
CN101917679A (en) Service shunting method, device and system
US7860972B2 (en) Duplicate mobile device PIN detection and elimination
US20160261476A1 (en) Message system for avoiding processing-performance decline
CN109508356B (en) Data abnormality early warning method, device, computer equipment and storage medium
EP2819438A1 (en) Spam message processing method and system
CN107968893B (en) Communication method and device, electronic equipment and computer readable storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant