CN115438360A - Data security platform system with data encryption structure - Google Patents
Data security platform system with data encryption structure Download PDFInfo
- Publication number
- CN115438360A CN115438360A CN202211170718.6A CN202211170718A CN115438360A CN 115438360 A CN115438360 A CN 115438360A CN 202211170718 A CN202211170718 A CN 202211170718A CN 115438360 A CN115438360 A CN 115438360A
- Authority
- CN
- China
- Prior art keywords
- data
- module
- user
- encryption
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Automation & Control Theory (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a data security platform system with a data encryption structure, which comprises a data acquisition module, a data encryption module, a data analysis module, a situation perception module and a message notification module, wherein the data acquisition module, the data encryption module, the data analysis module, the situation perception module and the message notification module are integrated with various data security protection capabilities to realize multi-azimuth protection and multi-platform adaptation for application, and effective analysis and visual display are formed by processing daily reported data to help application management operators with different roles, so that all application security problems can be mastered in detail, the problems can be effectively processed in time, even the security problems can be eliminated in a germination stage, and the prevention is really realized and more than the management is realized.
Description
Technical Field
The invention relates to the technical field of data processing, in particular to a data security platform system with a data encryption structure.
Background
The existing data security system on the market can provide single functions, such as data desensitization, data encryption and the like, enterprises often adopt a stacking mode to complete the protection of data security, so that the security system is difficult to maintain, and various complex data use scenes cannot be faced.
The main defects are as follows:
1. single capability and incapability of covering data safety protection requirements under various scenes
Generally, only a certain safety protection capability is provided, such as data encryption, and data storage cannot adapt to the changing requirements under multiple scenes, such as increasing organization mechanisms and huge data volume.
2. Lack of unified scheduling management and timely and effective linkage
Because in the existing scheme, all modules are independent, effective data linkage and uniform allocation cannot be formed.
3. Cannot form a statistic and assessment of the overall security risk
In the prior art, data can not be communicated, so that a unified data processing module and overall situation perception are not provided.
Disclosure of Invention
Aiming at the defects in the prior art, the invention aims to provide a data security platform system with a data encryption structure, and aims to solve the problems in the prior art.
The technical purpose of the invention is realized by the following technical scheme:
a data security platform system with a data encryption structure comprises a data acquisition module, a data encryption module, a data analysis module, a situation perception module and a message notification module, and specifically comprises the following components:
and the data acquisition module captures abnormal data and user behavior data in the process through a buried point tool of the application end, classifies and cleans the abnormal data and the user behavior data to obtain pure data, and then writes the pure data into the data security application end.
And the data encryption module is connected with the data acquisition module and the database, encrypts the pure data to generate a data key, the data key corresponds to the role authority of the user one by one, and the user can operate and process the corresponding data according to the authority of the user.
And the data analysis module is connected with the database, carries out multi-dimensional slicing and classification on the offline data, counts the data at different time, different ends and different scenes, analyzes to obtain abnormal data, then stores the normal data into the database, and hands the abnormal data to the situation perception module for problem judgment.
Furthermore, the data analysis module performs operations such as predictive analysis and data mining on data with low real-time requirements, predicts the trend of the data to obtain expected normal data, and judges the data deviating from the expected data as abnormal data; and processing the real-time dynamic data in real time through the algorithm model of the previous data, analyzing the received data in real time, and judging whether the data is abnormal or not.
The situation awareness module is connected with the data analysis module, establishes a problem judgment model through machine learning, adopts the problem judgment model to detect abnormal data according to the analysis result of the data analysis module on the data, intelligently judges the problem which is possibly caused by the abnormal data, and continuously optimizes the problem judgment model according to a large amount of daily data to prevent the problem in the bud.
And the message notification module is connected with the data analysis module, integrates a mainstream message push channel, groups related responsible persons through address book management, distributes different roles, deduces possible problems from the abnormal data information and situation perception module, sends the abnormal data information and the situation perception module to the related responsible persons for processing, timely responds, and sends a processing result to the situation perception module for learning after the processing is completed.
The data encryption module comprises the following encryption management steps:
step S1: user identity authentication, namely, after a user logs in, allocating a role for the user, binding the role with a user account, and setting the control authority of the user account based on the role;
step S2: data encryption, namely encrypting the pure data information content to obtain encrypted data;
and step S3: generating and managing a key, respectively generating a user key and a data key according to a user role and encrypted data, respectively storing the user key and the data key, and facilitating management and analysis, wherein the user key can be used for identity authentication when a user logs in, opening corresponding authority according to the user role, the data key can decrypt the encrypted data, and can call the corresponding data key according to the authority of the user, so that the corresponding encrypted data can be operated;
and step S4: connecting a database, storing the encrypted data into the database according to data types and data subjects in a classified manner, and facilitating retrieval when the data is taken;
step S5: the encryption dictionary management program exists in the form of configuration files or database tables, and manages, controls and inquires various encryption files by using the index relation.
An electronic device, comprising: the data security platform system comprises a processor and a memory, wherein a computer program is stored in the memory, and the computer program is loaded by the processor and executed to realize the data security platform system with the data encryption structure.
A computer readable storage medium having stored therein a computer program for loading and execution by a processor to implement a data security platform system having a data encryption structure.
In summary, compared with the prior art, the beneficial effects of the invention are as follows: through the integration to multiple data safety protection ability, realized diversified protection and the multi-platform adaptation to the application, through the processing to daily report data, form effectual analysis and audio-visual show, the application management operation personnel of the different roles of help has more detailed grasp to all application safety problems, and the timely effective processing of problem has even eliminated safety problem at the stage of sprouting, has really realized, takes precautions against and is greater than administering.
Drawings
The above and other objects, features and advantages of exemplary embodiments of the present invention will become readily apparent from the following detailed description read in conjunction with the accompanying drawings. Several embodiments of the invention are illustrated by way of example, and not by way of limitation, in the figures of the accompanying drawings and in which:
fig. 1 is a diagram of a data security platform system having a data encryption structure.
Detailed Description
The principles and spirit of the present invention will be described with reference to a number of exemplary embodiments. It is understood that these embodiments are given solely for the purpose of enabling those skilled in the art to better understand and to practice the invention, and are not intended to limit the scope of the invention in any way. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art. Reference in the specification to "an embodiment" or "an implementation" may mean either one embodiment or one implementation or some instances of embodiments or implementations.
As will be appreciated by one skilled in the art, embodiments of the present invention may be embodied as a system, apparatus, device, method, or computer program product. Accordingly, the present disclosure may be embodied in the form of: entirely hardware, entirely software (including firmware, resident software, micro-code, etc.), or a combination of hardware and software.
It is to be noted that any number of elements in the figures are provided by way of example and not limitation, and any nomenclature is used for distinction only and not in any limiting sense.
Technical terms involved in the present invention will be briefly described below so that the related art can better understand the present scheme.
According to an embodiment of the present invention, a data security platform system with a data encryption structure is provided, which includes a data acquisition module, a data encryption module, a data analysis module, a situation awareness module, and a message notification module, and specifically includes:
the data acquisition module captures abnormal data and user behavior data in a process through a point burying tool of the application end, classifies and cleans the abnormal data and the user behavior data to obtain pure data, and then writes the pure data into a data safety application end, wherein different application ends have different SDKs and support parallelization writing of multiple development languages.
The data encryption module is connected with the data acquisition module and the database, encrypts and manages the pure data, and comprises the following steps:
step S1: user identity authentication, namely, after a user logs in, allocating a role for the user, binding the role with a user account, and setting the control authority of the user account based on the role;
step S2: data encryption, namely encrypting the pure data information content to obtain encrypted data;
and step S3: generating and managing keys, respectively generating a user key and a data key according to a user role and encrypted data, respectively storing the user key and the data key, and facilitating management and analysis, wherein the user key can be used for identity authentication when a user logs in, opening corresponding authority according to the user role, the data key can decrypt the encrypted data, and calling the corresponding data key according to the authority possessed by the user, so that the corresponding encrypted data can be operated, and the data security is improved to a greater extent through data encryption, user authority encryption and data operation encryption by the user;
and step S4: connecting a database, storing the encrypted data into the database according to data types and data subjects in a classified manner, and facilitating retrieval when the data is taken;
step S5: the encryption dictionary management program exists in the form of configuration files or database tables, and manages, controls and inquires various encryption files by using the index relation.
The data analysis module is connected with the database, carries out multi-dimensional slicing and classification on the offline data, carries out statistics on the data at different time, different ends and different scenes, carries out operations such as predictive analysis, data mining and the like on the data with low real-time requirement, predicts the trend of the data to obtain expected normal data, and judges the data deviating from the expected data as abnormal data; the real-time dynamic data is processed in real time through the previous data algorithm model, the received data is analyzed in real time, whether the data is abnormal or not is judged, after the data is analyzed, normal data is stored in a database, and the abnormal data is handed to a situation sensing module for problem judgment.
The situation perception module is connected with the data analysis module, a problem judgment model is established through machine learning, abnormal data are detected through the problem judgment model according to the analysis result of the data analysis module on the data, the problem which possibly occurs to the abnormal data is intelligently judged, the problem judgment model is continuously optimized according to a large amount of daily data, and the problem prevention is achieved.
And the message notification module is connected with the data analysis module, integrates a mainstream message pushing channel comprising a mailbox, a nail, enterprise WeChat and a short message, groups related responsible persons through address book management, distributes different roles, deduces possible problems from the abnormal data information and situation perception module, sends the abnormal data information and the situation perception module to the related responsible persons for processing, achieves timely response, and sends a processing result to the situation perception module for learning after the processing is completed.
According to still another embodiment of the present invention, an electronic device is provided, and the electronic device includes a processor and a memory, where the memory stores a computer program, and the computer program is loaded by the processor and executed to implement the above data security platform system with a data encryption structure.
According to still another embodiment of the present invention, there is provided a computer-readable storage medium having a computer program stored therein, the computer program being loaded and executed by a processor to implement the above-mentioned data security platform system having a data encryption structure.
The above description is intended to be illustrative of the present invention and not to limit the scope of the invention, which is defined by the claims appended hereto.
Claims (5)
1. A data security platform system with a data encryption structure comprises a data acquisition module, a data encryption module, a data analysis module, a situation awareness module and a message notification module, and is characterized in that:
the data acquisition module captures abnormal data and user behavior data in a process through a buried point tool of the application end, classifies and cleans the abnormal data and the user behavior data to obtain pure data, and then writes the pure data into the data security application end;
the data encryption module is connected with the data acquisition module and the database, encrypts the pure data, generates and stores a user key and a data key, the user key is used for verifying the role authority of the user, the data key corresponds to the role authority of the user one by one, and the user can use the data key to operate and process corresponding data according to the role authority of the user;
the data analysis module is connected with the database, carries out multi-dimensional slicing and classification on the offline data, counts the data at different time, different ends and different scenes, analyzes to obtain abnormal data, then stores the normal data into the database, and sends the abnormal data to the situation perception module for problem judgment;
the situation perception module is connected with the data analysis module, a problem judgment model is established through machine learning, abnormal data are detected through the problem judgment model according to the analysis result of the data analysis module on the data, problems possibly occurring in the abnormal data are intelligently judged, and the problem judgment model is continuously optimized according to a large amount of daily data;
and the message notification module is connected with the data analysis module, integrates a mainstream message pushing channel, groups related responsible persons through address book management, allocates different roles, deduces possible problems from the abnormal data information and situation perception module, sends the abnormal data information and the situation perception module to the related responsible persons for processing, timely responds, and sends a processing result to the situation perception module for learning after the processing is completed.
2. The data security platform system with the data encryption structure as claimed in claim 1, wherein the data encryption module, encryption management steps are as follows:
step S1: user identity authentication, namely, after a user logs in, allocating a role for the user, binding the role with a user account, and setting the control authority of the user account based on the role;
step S2: data encryption, namely encrypting the pure data to obtain encrypted data;
and step S3: generating and managing keys, respectively generating a user key and a data key according to a user role and encrypted data, respectively storing the user key and the data key, wherein the user key can be used for identity authentication when a user logs in, opening corresponding authority according to the user role, the data key can decrypt the encrypted data, and calling the corresponding data key according to the authority of the user so as to operate the corresponding encrypted data;
and step S4: connecting a database, storing the encrypted data into the database according to data types and data subjects in a classified manner, and facilitating retrieval when the data is taken;
step S5: the encryption dictionary management program exists in the form of configuration files or database tables, and manages, controls and inquires various encryption files by using index relations.
3. The data security platform system with the data encryption structure as claimed in claim 1, wherein the data analysis module performs operations such as predictive analysis, data mining and the like on data with low real-time requirement, predicts data trend to obtain expected normal data, and judges the data deviating from the expected data as abnormal data; and processing the real-time dynamic data in real time through the algorithm model of the previous data, analyzing the received data in real time, and judging whether the data is abnormal or not.
4. An electronic device, comprising: comprising a processor and a memory, wherein a computer program is stored in the memory, and the computer program is loaded by the processor and executed to realize the data security platform system with the data encryption structure as claimed in any one of claims 1 to 3.
5. A computer-readable storage medium, in which a computer program is stored, the computer program being loaded and executed by a processor to implement the data security platform system with data encryption structure of any one of claims 1 to 3.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211170718.6A CN115438360A (en) | 2022-09-26 | 2022-09-26 | Data security platform system with data encryption structure |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211170718.6A CN115438360A (en) | 2022-09-26 | 2022-09-26 | Data security platform system with data encryption structure |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115438360A true CN115438360A (en) | 2022-12-06 |
Family
ID=84248230
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211170718.6A Pending CN115438360A (en) | 2022-09-26 | 2022-09-26 | Data security platform system with data encryption structure |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115438360A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117153419A (en) * | 2023-10-31 | 2023-12-01 | 湖北福鑫科创信息技术有限公司 | Data integration tool for medical institutions |
| CN117271648A (en) * | 2023-11-23 | 2023-12-22 | 北京邮电大学 | Adaptation method of bottom data model and storage medium |
-
2022
- 2022-09-26 CN CN202211170718.6A patent/CN115438360A/en active Pending
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117153419A (en) * | 2023-10-31 | 2023-12-01 | 湖北福鑫科创信息技术有限公司 | Data integration tool for medical institutions |
| CN117153419B (en) * | 2023-10-31 | 2024-01-26 | 湖北福鑫科创信息技术有限公司 | Data integration tool for medical institutions |
| CN117271648A (en) * | 2023-11-23 | 2023-12-22 | 北京邮电大学 | Adaptation method of bottom data model and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN115438360A (en) | Data security platform system with data encryption structure | |
| WO2020233219A1 (en) | Abnormal problem locating method and device, apparatus and computer readable storage medium | |
| CN109284269B (en) | Abnormal log analysis method and device, storage medium and server | |
| CN107038107B (en) | Method and device for acquiring application blocking information | |
| CN107577594A (en) | The abnormal method of record test, intelligent terminal and the device with store function | |
| CN107992398A (en) | The monitoring method and monitoring system of a kind of operation system | |
| US20050210056A1 (en) | Workstation information-flow capture and characterization for auditing and data mining | |
| CN108734201B (en) | Classification method and system for experience feedback events of nuclear power plant based on hierarchical reason analysis method | |
| US10652255B2 (en) | Forensic analysis | |
| CN111444072A (en) | Client abnormality identification method and device, computer equipment and storage medium | |
| CN112287067A (en) | Sensitive event visualization application implementation method, system and terminal based on semantic analysis | |
| CN112580100B (en) | ODBC (optical distribution bus) driving agent based structured data fine-grained encryption and decryption method and system | |
| CN106844185A (en) | The storage method and device of a kind of journal file | |
| CN111914300A (en) | Document encryption device and method for preventing file leakage | |
| CN109684863A (en) | Data leakage prevention method, device, equipment and storage medium | |
| CN116049859A (en) | Data security management method, system, terminal equipment and storage medium | |
| WO2023108833A1 (en) | Terminal anomalous behavior detection method and apparatus, device, and storage medium | |
| CN109657490B (en) | Transparent encryption and decryption method and system for office files | |
| CN108111328B (en) | Exception handling method and device | |
| CN111488601B (en) | Method and device for processing secret divulgence | |
| CN112910728A (en) | Data security monitoring method and device | |
| CN112511360B (en) | Multi-source service platform data security component monitoring method and system | |
| CN111092883B (en) | Method and device for automatically generating user access record, network equipment and storage medium | |
| CN103034815A (en) | Detection method and device for portable document format (PDF) file | |
| CN112733054A (en) | High-performance code dynamic analysis-based system and method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |