CN115150189B - Method for automatically intercepting file outgoing based on enterprise private cloud disk - Google Patents
Method for automatically intercepting file outgoing based on enterprise private cloud disk Download PDFInfo
- Publication number
- CN115150189B CN115150189B CN202210900632.8A CN202210900632A CN115150189B CN 115150189 B CN115150189 B CN 115150189B CN 202210900632 A CN202210900632 A CN 202210900632A CN 115150189 B CN115150189 B CN 115150189B
- Authority
- CN
- China
- Prior art keywords
- file
- interception
- interception condition
- information
- sent out
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 23
- 238000012946 outsourcing Methods 0.000 claims 1
- 230000009286 beneficial effect Effects 0.000 description 2
- 238000007726 management method Methods 0.000 description 2
- 230000007547 defect Effects 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0236—Filtering by address, protocol, port number or service, e.g. IP-address or URL
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0263—Rule management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/06—Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- General Business, Economics & Management (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a method for automatically intercepting file outgoing based on an enterprise private cloud disk, which comprises the following steps: setting interception condition information of file outgoing in a cloud disk system, and setting priority order of interception condition judgment in the interception condition information; the method comprises the steps that a user terminal sends a request of an outgoing file to a cloud disk system, and the cloud disk system packs the file to be sent of the user terminal and obtains file pack information of the file to be sent; and the cloud disk system judges whether the file to be sent out meets the interception condition information according to the set interception condition information and the priority order judged by the interception condition after acquiring the file package information, if not, the file to be sent out is intercepted, and if so, the file to be sent out is sent out. The invention can realize step-by-step judgment of interception conditions, effectively improve the accuracy of outgoing of the file to be sent out, effectively ensure the security of outgoing of the file to be sent out, and effectively improve the experience of users.
Description
Technical Field
The invention relates to the field of file sending interception, in particular to a method for automatically intercepting file outgoing based on an enterprise private cloud disk.
Background
Automatic interception of cloud disk file outgoing of enterprises: after the private cloud disk is deployed by the enterprise, enterprise internal staff want to send files to the external network through the enterprise cloud disk, and automatically trigger an outgoing file detection mechanism through an outgoing spring strategy preset in the cloud disk system, and intelligent interception is performed according to the preset outgoing interception strategy. However, in the current enterprise private cloud disk software, there is no good interception management scheme for file security delivery, especially in a complex use environment, the user needs are difficult to meet when they are changeable, so that accurate and effective interception of file delivery cannot be realized, resulting in low security of file delivery.
Accordingly, the prior art has drawbacks and needs improvement.
Disclosure of Invention
The invention aims to overcome the defects of the prior art, and provides a method for automatically intercepting file outgoing based on an enterprise private cloud disk, which solves the problem that in the prior art, the file outgoing is low in safety because the file outgoing cannot be accurately and effectively intercepted.
The technical scheme of the invention is as follows: an enterprise private cloud disk file outgoing automatic interception method comprises the following steps:
s1: setting interception condition information of file outgoing in the cloud disk system, and setting priority order of interception condition judgment in the interception condition information.
The interception condition in the interception condition information includes: user account interception conditions and/or user IP interception conditions and/or file information interception conditions.
S2: the method comprises the steps that a user terminal sends a request of an outgoing file to a cloud disk system, and the cloud disk system packs the file to be sent of the user terminal and obtains file pack information of the file to be sent.
The package information includes: the IP address and account information of the user terminal, the size and the number of the files to be sent out and the types of the files to be sent out.
S3: and the cloud disk system judges whether the file to be sent out meets the interception condition information according to the set interception condition information and the priority order judged by the interception condition after acquiring the file package information, if not, the file to be sent out is intercepted, and if so, the file to be sent out is sent out.
Further, the step S3 further includes:
s4: if the file to be sent out is intercepted, the cloud disk system sends a file interception notice to the user terminal, and the intercepted file to be sent out is stored in the file interception area.
Further, the user account interception condition is whether the user account interception condition belongs to a user account in appointed user account information, wherein the appointed user account information comprises at least one appointed user account; the user IP interception condition is whether the IP address of the user terminal belongs to the IP address in the blacklist.
Further, the file information interception condition is whether the file type and/or the file size and/or the number of files respectively meet the requirements of the corresponding preset file type, file size threshold and file number threshold.
Further, the priority order of the interception condition judgment is as follows: a user account interception condition, a user IP interception condition, a file information interception condition or a user account interception condition, a file information interception condition, a user IP interception condition or a user IP interception condition, a user account interception condition, a file information interception condition or a user IP interception condition, a file information interception condition, a user account interception condition or a file information interception condition, a user account interception condition, a user IP interception condition or a file information interception condition, a user IP interception condition, a user account interception condition.
Further, the step S3 is: and the cloud disk system sequentially judges whether the file to be sent out meets the interception condition information according to the set interception condition information and the priority order judged by the interception condition after acquiring the file package information, intercepts the file to be sent out if not meeting all the interception conditions in the interception condition information, stops the judging process if meeting one interception condition in the interception condition information, and sends the file to be sent out.
By adopting the scheme, the invention provides the method for automatically intercepting the file outgoing based on the enterprise private cloud disk, which has the following beneficial effects: according to the method, whether the file to be sent out meets the set interception condition or not can be judged according to the interception condition information set in the cloud disk system and the priority order of interception condition judgment in the interception condition information, if so, the file to be sent out is directly sent out, and if not, judgment operation can be sequentially carried out according to the priority order of interception condition judgment, and when not meeting all the interception conditions, the file to be sent out is indicated to be unable to carry out the sending out operation, so that the file to be sent out is directly intercepted, the safety of the file to be sent out is ensured, meanwhile, step-by-step judgment of the interception condition can be realized, the accuracy of the file to be sent out is effectively improved, meanwhile, the safety after the file to be sent out is effectively ensured, and the experience of a user is effectively improved.
Drawings
FIG. 1 is a flow chart of the present invention.
Detailed Description
The invention will be described in detail below with reference to the drawings and the specific embodiments.
Referring to fig. 1, the invention provides a method for automatically intercepting file outgoing based on an enterprise private cloud disk, which comprises the following steps:
s1: setting interception condition information of file outgoing in the cloud disk system, and setting priority order of interception condition judgment in the interception condition information.
Specifically, the interception condition in the interception condition information includes: user account interception conditions and/or user IP interception conditions and/or file information interception conditions. Therefore, there may be a plurality of interception conditions or only one interception condition, and when there are a plurality of interception conditions, the priority order of the corresponding interception conditions is set for judgment, so that the judgment is sequentially performed according to the set priority order when the judgment is performed. Specifically, in this embodiment, the interception condition information is set with a user account interception condition, a user IP interception condition, and a file information interception condition at the same time, and the priority order of interception condition judgment is the user IP interception condition, the user account interception condition, and the file information interception condition.
S2: the method comprises the steps that a user terminal sends a request of an outgoing file to a cloud disk system, the cloud disk system packs the file to be outgoing of the user terminal, detects the file to be outgoing, and obtains file package information of the file to be outgoing.
Specifically, in this embodiment, the package information includes: the IP address and account information of the user terminal, the size and the number of the files to be sent out and the types of the files to be sent out. Specifically, the type of the file to be sent out may be set according to the actual requirement, for example, the file to be sent out is in exe or txt format.
S3: and the cloud disk system judges whether the file to be sent out meets the interception condition information according to the set interception condition information and the priority order judged by the interception condition after acquiring the file package information, if not, the file to be sent out is intercepted, and if so, the file to be sent out is sent out. In this embodiment, when judging, it is firstly judged whether the IP address of the user terminal meets the requirement of the user account interception condition, if yes, the file to be sent out is directly sent out, if not, it is further judged whether the user account of the user terminal meets the user account interception condition, if yes, the file to be sent out is directly sent out, if not, it is further judged whether the size and number of the file to be sent out and the type of the file to be sent out meet the requirement of the file information interception condition, if yes, the file to be sent out is sent out, and if not, the file to be sent out is intercepted.
According to the method for automatically intercepting the file outgoing based on the enterprise private cloud disk, before the user terminal sends the file, file package information of the file to be sent is required to be acquired, whether the file to be sent meets the set interception condition or not is judged according to interception condition information set in a cloud disk system and the priority order judged by the interception condition information, if the file to be sent meets the set interception condition, the file to be sent is directly sent out, if the file to be sent out does not meet the set interception condition, judgment operation is sequentially carried out according to the priority order judged by the set interception condition, and when the file to be sent out does not meet all the interception conditions, the file to be sent out cannot be sent out, so that the file to be sent out is intercepted directly, and the security of the file to be sent out is ensured; the invention can realize step-by-step judgment of interception conditions, can improve the accuracy of the outgoing of the file to be sent out, effectively ensure the safety of the file to be sent out, and effectively improve the experience of users.
Specifically, in this embodiment, the step S3 further includes:
s4: if the file to be sent out is intercepted, the cloud disk system sends a file interception notice to the user terminal, and the intercepted file to be sent out is stored in the file interception area. Meanwhile, the cloud disk system can record interception information (the number of intercepted files, the names, the sizes, the types and the like of the intercepted files) in the intercepted files, and the interception information is used for being checked by an administrator of the cloud disk system to realize management and control of the intercepted files.
Specifically, in this embodiment, the user account interception condition is whether the user account interception condition belongs to a user account in specified user account information, where the specified user account information includes at least one specified user account, and a name and an ID number of the specified user account are determined and are preset information; the user IP interception condition is whether the IP address of the user terminal belongs to the IP address in the blacklist; the file information interception condition is whether the file type and/or the file size and/or the number of files respectively meet the requirements of corresponding preset file types, file size thresholds and file number thresholds. The preset file types comprise exe, txt and other formats, and can be specifically set according to the requirements of users; the file size threshold value, the file quantity threshold value and the like are determined according to actual requirements. Specifically, when judging, judging whether the IP address of the user terminal belongs to the IP address in the outgoing blacklist, if not, judging whether the user account of the user terminal belongs to the user account in the appointed user account information, if so, directly outgoing the outgoing file, if not, judging whether the size and the number of the outgoing file meet the requirements of a file size threshold and a file number threshold, and if so, judging whether the type of the outgoing file belongs to the preset file type, and if so, outgoing the outgoing file.
Specifically, in this embodiment, the step S3 is: and the cloud disk system sequentially judges whether the file to be sent out meets the interception condition information according to the set interception condition information and the priority order of interception condition judgment after acquiring the file package information, intercepts the file to be sent out if not meeting all the interception conditions in the interception condition information, stops the judgment process if meeting one interception condition in the interception condition information, and sends the file to be sent out.
In summary, the method for automatically intercepting the file outgoing based on the enterprise private cloud disk has the following beneficial effects: according to the method, whether the file to be sent out meets the set interception condition or not can be judged according to the interception condition information set in the cloud disk system and the priority order of interception condition judgment in the interception condition information, if so, the file to be sent out is directly sent out, and if not, judgment operation can be sequentially carried out according to the priority order of interception condition judgment, and when not meeting all the interception conditions, the file to be sent out is indicated to be unable to carry out the sending out operation, so that the file to be sent out is directly intercepted, the safety of the file to be sent out is ensured, meanwhile, step-by-step judgment of the interception condition can be realized, the accuracy of the file to be sent out is effectively improved, meanwhile, the safety after the file to be sent out is effectively ensured, and the experience of a user is effectively improved.
The foregoing description of the preferred embodiment of the invention is not intended to be limiting, but rather is intended to cover all modifications, equivalents, and alternatives falling within the spirit and principles of the invention.
Claims (4)
1. The method for automatically intercepting the file outgoing based on the enterprise private cloud disk is characterized by comprising the following steps of:
s1: setting interception condition information of file outgoing in a cloud disk system, and setting priority order of interception condition judgment in the interception condition information;
the interception condition in the interception condition information includes: user account interception conditions and/or user IP interception conditions and/or file information interception conditions;
s2: the method comprises the steps that a user terminal sends a request of an outgoing file to a cloud disk system, and the cloud disk system packs the file to be sent of the user terminal and obtains file pack information of the file to be sent;
the package information includes: the IP address and account information of the user terminal, the size and the number of the files to be sent out and the types of the files to be sent out;
s3: after acquiring the file package information, the cloud disk system judges whether the file to be sent out meets the interception condition information according to the set interception condition information and the priority order judged by the interception condition, if not, the file to be sent out is intercepted, and if so, the file to be sent out is sent out;
the user account interception condition is whether the user account interception condition belongs to a user account in appointed user account information, wherein the appointed user account information comprises at least one appointed user account; the user IP interception condition is whether the IP address of the user terminal belongs to the IP address in the blacklist;
the priority order of the interception condition judgment is as follows: a user account interception condition, a user IP interception condition, a file information interception condition or a user account interception condition, a file information interception condition, a user IP interception condition or a user IP interception condition, a user account interception condition, a file information interception condition or a user IP interception condition, a file information interception condition, a user account interception condition or a file information interception condition, a user account interception condition, a user IP interception condition or a file information interception condition, a user IP interception condition, a user account interception condition.
2. The method for automatically intercepting file outgoing based on enterprise private cloud disk according to claim 1, wherein the step S3 further comprises:
s4: if the file to be sent out is intercepted, the cloud disk system sends a file interception notice to the user terminal, and the intercepted file to be sent out is stored in the file interception area.
3. The method for automatically intercepting file outsourcing based on the enterprise private cloud disk according to claim 1, wherein the file information intercepting condition is whether the file type and/or the file size and/or the file number respectively meet the requirements of a corresponding preset file type, file size threshold and file number threshold.
4. The method for automatically intercepting file outgoing based on enterprise private cloud disk according to claim 1, wherein the step S3 is as follows: and the cloud disk system sequentially judges whether the file to be sent out meets the interception condition information according to the set interception condition information and the priority order judged by the interception condition after acquiring the file package information, intercepts the file to be sent out if not meeting all the interception conditions in the interception condition information, stops the judging process if meeting one interception condition in the interception condition information, and sends the file to be sent out.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210900632.8A CN115150189B (en) | 2022-07-28 | 2022-07-28 | Method for automatically intercepting file outgoing based on enterprise private cloud disk |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210900632.8A CN115150189B (en) | 2022-07-28 | 2022-07-28 | Method for automatically intercepting file outgoing based on enterprise private cloud disk |
Publications (2)
Publication Number | Publication Date |
---|---|
CN115150189A CN115150189A (en) | 2022-10-04 |
CN115150189B true CN115150189B (en) | 2023-11-07 |
Family
ID=83414180
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202210900632.8A Active CN115150189B (en) | 2022-07-28 | 2022-07-28 | Method for automatically intercepting file outgoing based on enterprise private cloud disk |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN115150189B (en) |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104320409A (en) * | 2014-11-10 | 2015-01-28 | 成都卫士通信息产业股份有限公司 | Method for controlling access to cloud disk on basis of Hook technology |
CN105550593A (en) * | 2015-12-11 | 2016-05-04 | 北京奇虎科技有限公司 | Cloud disk file monitoring method and device based on local area network |
CN106446707A (en) * | 2016-08-31 | 2017-02-22 | 北京明朝万达科技股份有限公司 | Dynamic data leakage prevention system and method |
CN108052833A (en) * | 2017-12-11 | 2018-05-18 | 北京明朝万达科技股份有限公司 | A kind of executable file anti-data-leakage scan method, system and gateway |
CN109587074A (en) * | 2017-09-29 | 2019-04-05 | 中兴通讯股份有限公司 | Message processing method, device, storage medium and processor |
CN111310205A (en) * | 2020-02-11 | 2020-06-19 | 平安科技(深圳)有限公司 | Sensitive information detection method and device, computer equipment and storage medium |
CN111385238A (en) * | 2018-12-27 | 2020-07-07 | 中兴通讯股份有限公司 | Data transmission method and device |
CN112671781A (en) * | 2020-12-24 | 2021-04-16 | 北京华顺信安信息技术有限公司 | RASP-based firewall system |
CN113935068A (en) * | 2021-10-21 | 2022-01-14 | 深圳市瑞云科技有限公司 | Data desensitization method for mass file transmission system |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10148493B1 (en) * | 2015-06-08 | 2018-12-04 | Infoblox Inc. | API gateway for network policy and configuration management with public cloud |
-
2022
- 2022-07-28 CN CN202210900632.8A patent/CN115150189B/en active Active
Patent Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104320409A (en) * | 2014-11-10 | 2015-01-28 | 成都卫士通信息产业股份有限公司 | Method for controlling access to cloud disk on basis of Hook technology |
CN105550593A (en) * | 2015-12-11 | 2016-05-04 | 北京奇虎科技有限公司 | Cloud disk file monitoring method and device based on local area network |
CN106446707A (en) * | 2016-08-31 | 2017-02-22 | 北京明朝万达科技股份有限公司 | Dynamic data leakage prevention system and method |
CN109587074A (en) * | 2017-09-29 | 2019-04-05 | 中兴通讯股份有限公司 | Message processing method, device, storage medium and processor |
CN108052833A (en) * | 2017-12-11 | 2018-05-18 | 北京明朝万达科技股份有限公司 | A kind of executable file anti-data-leakage scan method, system and gateway |
CN111385238A (en) * | 2018-12-27 | 2020-07-07 | 中兴通讯股份有限公司 | Data transmission method and device |
CN111310205A (en) * | 2020-02-11 | 2020-06-19 | 平安科技(深圳)有限公司 | Sensitive information detection method and device, computer equipment and storage medium |
CN112671781A (en) * | 2020-12-24 | 2021-04-16 | 北京华顺信安信息技术有限公司 | RASP-based firewall system |
CN113935068A (en) * | 2021-10-21 | 2022-01-14 | 深圳市瑞云科技有限公司 | Data desensitization method for mass file transmission system |
Non-Patent Citations (1)
Title |
---|
"私有云安全文件交换系统在涉密信息系统中的应用研究";熊明俊;《信息与电脑(理论版)》;第32卷(第22期);第199-201页 * |
Also Published As
Publication number | Publication date |
---|---|
CN115150189A (en) | 2022-10-04 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110225109B (en) | Multi-queue data transmission method based on 'industrial and commercial connection' platform | |
CN108337296A (en) | Message push processing method, device, computer equipment and storage medium | |
US9798680B2 (en) | Policy control method and apparatus for terminal peripheral | |
US20170339001A1 (en) | Methods and apparatuses for pushing a message | |
WO2011069438A1 (en) | Working method and system for self-learning intellectualized short message firewall of mobile terminal | |
US20050182697A1 (en) | Device management network that facilitates selective billing | |
CA2578602A1 (en) | Rule based data collection and management in a wireless communications network | |
JP5638000B2 (en) | Adaptive system for lawful interception in various communication networks | |
CN112016030B (en) | Message pushing method, device, server and computer storage medium | |
US20090318130A1 (en) | Method and apparatus for monitoring outbound communications at a communication device | |
CN110324407B (en) | Access control method and device for background server and storage medium | |
CN110399149A (en) | A kind of remote upgrade method under low-power consumption scene | |
CN112688922B (en) | Data transmission method, system, equipment and medium | |
US20100216427A1 (en) | Tracking mobile communication devices | |
US9160865B2 (en) | Mobile platform as a delivery mechanism for security capabilities | |
CN115309498A (en) | Container state adjusting method, device, equipment and storage medium for K8s cluster | |
EP2930995A1 (en) | Terminal peripheral management method and m2m gateway | |
CN115150189B (en) | Method for automatically intercepting file outgoing based on enterprise private cloud disk | |
CN107404580A (en) | A kind of method, storage medium and equipment for intercepting harassing call number and short message | |
CN101917679A (en) | Service shunting method, device and system | |
US7860972B2 (en) | Duplicate mobile device PIN detection and elimination | |
US20160261476A1 (en) | Message system for avoiding processing-performance decline | |
CN109508356B (en) | Data abnormality early warning method, device, computer equipment and storage medium | |
EP2819438A1 (en) | Spam message processing method and system | |
CN107968893B (en) | Communication method and device, electronic equipment and computer readable storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |