CN115829410A - Method, device, equipment and storage medium for evaluating safety risk of service network point - Google Patents

Method, device, equipment and storage medium for evaluating safety risk of service network point Download PDF

Info

Publication number
CN115829410A
CN115829410A CN202211635668.4A CN202211635668A CN115829410A CN 115829410 A CN115829410 A CN 115829410A CN 202211635668 A CN202211635668 A CN 202211635668A CN 115829410 A CN115829410 A CN 115829410A
Authority
CN
China
Prior art keywords
risk
service
index
network point
service network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211635668.4A
Other languages
Chinese (zh)
Inventor
温延虎
徐强
史哲桢
范茜
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Weishirui Information Technology Co ltd
Original Assignee
Shanghai Weishirui Information Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Weishirui Information Technology Co ltd filed Critical Shanghai Weishirui Information Technology Co ltd
Priority to CN202211635668.4A priority Critical patent/CN115829410A/en
Publication of CN115829410A publication Critical patent/CN115829410A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The embodiment of the invention provides a method, a device, equipment and a storage medium for evaluating the security risk of a service network point, wherein the method comprises the following steps: acquiring at least one item of management working data of a service network point; determining the current service index of the service network point according to the management work data; and determining a safety risk evaluation result of the service network point according to the current service index and by combining a pre-constructed risk evaluation model. The method comprises the steps of firstly acquiring management work data of each service in a service network point, then processing the management work data, determining key service indexes of the service network point as current service indexes, and finally inputting the current service indexes into a risk evaluation model for risk evaluation according to a pre-constructed risk evaluation model to determine risk evaluation results of the service network point. According to the scheme, the service management is interconnected and intercommunicated on the information, the full-flow online determination of the service risk management and control is realized through the deep utilization of the data, and the efficiency is improved.

Description

Method, device, equipment and storage medium for evaluating safety risk of service network point
Technical Field
The present invention relates to the field of risk assessment technologies, and in particular, to a method, an apparatus, a device, and a storage medium for assessing security risk of a service node.
Background
With the acceleration of the service network safety management digital transformation footstep, the release of labor by building a safety management system becomes a trend of reducing burden and improving efficiency of the basic level and improving the safety management level. From the perspective of short-term website management, the method relates to the covering of daily safety management work through software business modules, and has the problems that each business module operates independently, and cross-organization data cannot be communicated between cross-business modules and cross-responsible persons. In the view of the middle and long term safety risk situation of the whole jurisdiction, the risk situation of the jurisdiction is also lack of evaluation and prediction.
Disclosure of Invention
The embodiment of the invention provides a method, a device, equipment and a storage medium for evaluating the safety risk of a service network point, which realize the on-line determination of the whole process of service risk control and improve the efficiency.
In a first aspect, an embodiment of the present invention provides a method for evaluating security risk of a service node, including:
acquiring at least one item of management working data of a service network point;
determining the current service index of the service network point according to the management work data;
and determining a safety risk evaluation result of the service network point according to the current service index and by combining a pre-constructed risk evaluation model.
In a second aspect, an embodiment of the present invention provides a security risk assessment apparatus for a service node, including:
the data acquisition module is used for acquiring at least one item of management working data of the service network;
the index determining module is used for determining the current service index of the service network point according to the management working data;
and the risk evaluation module is used for determining a safety risk evaluation result of the service network point according to the current service index and by combining a pre-constructed risk evaluation model.
In a third aspect, an embodiment of the present invention further provides an electronic device, including:
one or more processors;
a memory for storing one or more programs;
when executed by the one or more processors, the one or more programs cause the one or more processors to implement and execute the method for security risk assessment of a service node as provided in the embodiment of the first aspect.
In a fourth aspect, an embodiment of the present invention further provides a storage medium containing computer-executable instructions, where the computer-executable instructions are used to execute the method for security risk assessment of a service node according to the embodiment of the first aspect.
The embodiment of the invention provides a method, a device, equipment and a storage medium for evaluating the security risk of a service network point, wherein the method comprises the following steps: acquiring at least one item of management working data of a service network point; determining the current service index of the service network point according to the management work data; and determining a safety risk evaluation result of the service network point according to the current service index and by combining a pre-constructed risk evaluation model. The method comprises the steps of firstly acquiring management work data of each service in a service network, then processing the management work data to form a key service index of the service network as a current service index, and finally inputting the current service index into a risk evaluation model for risk evaluation according to a pre-constructed risk evaluation model to determine a safety risk evaluation result of the service network. Compared with the prior art that the risk assessment efficiency is low and the cost is high due to the fact that manual work is relied on and each business operates independently, and the problem that cross-business data cannot be communicated is solved, management work data related to each business is collected in the technical scheme, indexes related to each business are comprehensively input into a risk assessment model, information interconnection and intercommunication of each business management are achieved, full-process online determination of business risk management and control is achieved through deep utilization of data, and efficiency is improved.
It should be understood that the statements in this section are not intended to identify key or critical features of the embodiments of the present invention, nor are they intended to limit the scope of the invention. Other features of the present invention will become apparent from the following description.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a schematic flowchart of a security risk assessment method for a service node according to an embodiment of the present invention;
fig. 2 is a schematic flow chart of another method for evaluating security risk of a service node according to a second embodiment of the present invention;
fig. 3 is a schematic structural diagram of a security risk assessment apparatus for a service node according to a third embodiment of the present invention;
fig. 4 is a schematic structural diagram of an electronic device according to a fourth embodiment of the present invention.
Detailed Description
In order to make those skilled in the art better understand the technical solutions of the present invention, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that the terms "original", "target", and the like in the description and claims of the present invention and the drawings described above are used for distinguishing similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the invention described herein are capable of operation in sequences other than those illustrated or described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
Example one
Fig. 1 is a schematic flow chart of a service node security risk assessment method according to an embodiment of the present invention, where the method is applicable to a situation of risk assessment for a service node, and the method may be executed by a service node security risk assessment apparatus, and the apparatus may be implemented in a form of hardware and/or software, and may be configured in an electronic device. As shown in fig. 1, the method for evaluating security risk of a service node provided in this embodiment may specifically include the following steps:
s110, acquiring at least one item of management working data of the service network point.
The service network may be specifically understood as an offline business location where service processing is performed, such as an offline network of a bank, a security company, a financial company, and the like. In consideration of the fact that in the prior art, the management of service network points usually depends on manual paper recording, and different personnel are responsible for different services. For the condition that the upper manager can only clear the overall management of the service network only by regularly arranging the text information and paper records, the management mode has hysteresis and is difficult to manage, and can possibly cause that risk processing and early warning can not be carried out immediately. To solve this problem, in this embodiment, the risk management of the website service is performed in real time in an online manner.
In this embodiment, in order to ensure that the related data of each type of service in the service network point can be communicated, it is necessary to summarize various management work data of the service network point. Specifically, management work data of a business network point is collected, and deep risk assessment and the like are performed on the management work data. The management work data may include alarm management information, defense management information, safety employment information, safety education information, pre-arranged exercise information, maintenance service information, emergency information, periodic inspection information, and the like. It should be noted that, in this embodiment, the collected management work data is not specifically limited, and as long as the data relates to the security-related service of the service network point, the collected management work data may be regarded as the management work data.
It can be understood that, in this embodiment, the manner of obtaining the management working data of the service node may be to connect the execution main body of this embodiment with a background database of each service module in the service node, read the management working data of the service module from the background database, obtain the related data of the paper record, further obtain the management working data of each service module, and uniformly summarize each item of the management working data of each service module, which relates to security. The obtaining of the management work data of the service network point for a long time may be set according to an actual situation, for example, the management work data of approximately three months may be obtained, or the management work data of approximately one month may be obtained, which is not limited specifically here. The step is used for summarizing and processing the management work data generated by each service module, so that each service barrier is opened transversely, and data resources are interconnected and intercommunicated.
And S120, determining the current service index of the service network point according to the management work data.
In this embodiment, based on various items of management work data about security obtained in the above steps, the management work data is further processed to determine the current service index of the service network point. The current service index of the service network point can be specifically understood as a key data index for evaluating the safety management condition of each service. For example, assuming that the collected management work data specifically includes safety jobs, pre-planned drills, emergencies, key handover, external inspections, foreign person registration, safety education, and the like, the key evaluation service indicators may be task completion rate, task completion timeliness rate, task time consumption, abnormal records, abnormal modification rate, and the like.
It should be noted that, in this embodiment, a data index system is pre-constructed, and the data index system may include key evaluation service indexes corresponding to various services. The data index system can be determined according to actual conditions, for example, according to which indexes in the business are critical and important, and the indexes can be used as evaluation business indexes of the business and added into the data index system. It can be understood that the evaluation service indexes of each service may be the same or different, and may be determined according to the service content conditions of each service. The evaluation service indexes of each service jointly form a data index system, and the data index system is used for determining the current service index of the service network point according to the management work data.
The data index system comprises evaluation service indexes of various services, and the evaluation service indexes are associated with calculation formulas. For example, the task completion rate may be expressed as the number of completed tasks divided by the total number of tasks, and the task elapsed time may be expressed as the task end time minus the task start time. After various management work data are obtained, the management work data can be input into a business evaluation index system. The executive body can determine the current business indexes of all the businesses in the business network points according to the calculation mode of all the evaluation indexes in the business evaluation index system. Illustratively, according to the relevant management work data of the emergency, the relevant management work data is input into a business evaluation index system, and the current task completion rate, the current task completion timeliness rate, the current task time consumption, the current abnormal record, the current abnormal correction rate and the like of the emergency are obtained.
And S130, determining a safety risk evaluation result of the service network point according to the current service index and by combining a pre-constructed risk evaluation model.
The risk assessment model is pre-established and specifically comprises each business related to each risk and each business assessment index. Exemplarily, the risk assessment model can be constructed based on a tree structure, the risk category is used as a main node, each level node is composed of factors of the next level node, different factors influencing the same node can be set with different weights, and specific values of the weights can be set according to actual conditions. The risk categories include personnel risk, management risk, operation risk and the like. The risk level can be a plurality of levels such as A, B, C and the like, and different risk levels and risk degrees are different. The setting of the risk category and the risk level can be determined according to the risk condition possibly existing in the actual operation process of the service network point. The evaluation of each risk category is determined by the relevant data in the different item of business type, which in turn is determined by the different evaluation business indicators. The security risk assessment result of the service network point may include whether there is a security risk, if there is a security risk, determining a risk level, a security index of the service network point, and the like. For example, the security index of a service network point may be compared with the average security index of all service network points to determine the security level of the service network point.
For example, when constructing an evaluation model of a person risk, it is necessary to determine a related service that may generate the person risk, and an evaluation service index of the related service related to the person, for example, the person risk is related to a pre-plan drill, an emergency, a key handover, and a foreign person registration, where the evaluation service index of the person related to the pre-plan drill includes evaluation service indexes such as a pre-plan drill completion rate, a pre-plan drill completion time consumption, a pre-plan drill completion timeliness rate, and a pre-plan drill completion correctness rate, the evaluation service index of the person related to the emergency includes evaluation service indexes such as an emergency processing correctness rate, an emergency processing completion rate, and an emergency processing completion time consumption, and the evaluation service indexes of the person related to the key handover, the foreign person registration, and the like are not listed here.
In this embodiment, when a risk assessment model is built, besides determining the assessment business indexes associated with risks of each category, the weight occupied by each assessment business index needs to be set, and in addition, a set threshold corresponding to each assessment business index needs to be set, so as to determine whether a business index is within a threshold range, if the business index exceeds the threshold range, it indicates that the business index has a risk, and the risk assessment model includes a set algorithm, the weight of each assessment business index, and a set threshold corresponding to each assessment business index.
It can be understood that the risk assessment models corresponding to the risk categories may collectively form the risk assessment model in this embodiment, and are used to determine the security risk assessment result of the service network point. Specifically, each current business index determined in the above steps is input into a risk assessment model, and through calculation of the risk assessment model, whether a business network point has a safety risk at present, which type of safety risk exists, and what the safety index is.
The embodiment of the invention provides a safety risk assessment method for a service network point, which comprises the following steps: acquiring at least one item of management working data of a service network point; determining the current service index of a service network point according to the management work data; and determining a safety risk evaluation result of the service network point according to the current service index and by combining a pre-constructed risk evaluation model. The method comprises the steps of firstly acquiring management work data of each service in a service network, then processing the management work data to form a key service index of the service network as a current service index, and finally inputting the current service index into a risk evaluation model for risk evaluation according to a pre-constructed risk evaluation model to determine a safety risk evaluation result of the service network. Compared with the prior art that the risk assessment efficiency is low and the cost is high due to the fact that each business operates independently and the cross-business data cannot be communicated due to the fact that the existing technology depends on manpower, management work data related to each business are collected in the technical scheme, indexes related to each business are comprehensively input into a risk assessment model, interconnection and intercommunication of information can be achieved through management of each business, full-process online determination of business risk management and control is achieved through deep utilization of data, and efficiency is improved.
As an optional embodiment of the present invention, on the basis of the above embodiment, the step of constructing the risk assessment model includes:
a1, determining an evaluation business index, index weight and a corresponding set threshold value required by the evaluation of the risk category according to the risk category.
Wherein the risk category can be determined based on the possible risk category conditions of the business outlet. Illustratively, the risk categories may be personnel risks, administrative risks, operational risks, and the like. And determining various services related to the risk category and evaluation service indexes of the various services according to each risk category, determining the weight occupied by each evaluation service index associated with the risk category according to the actual condition, determining a set threshold corresponding to each evaluation service index, and comparing the service index with the set threshold to determine whether the service index meets the safety requirement.
Illustratively, continuing to the description of the above example, the personnel risk is related to a pre-arranged plan drill, an emergency, key handover and external personnel registration, wherein the evaluation service index of personnel involved in the pre-arranged plan drill includes a pre-arranged plan drill completion rate, the weight of the evaluation service index is set to be 15%, and the set threshold of the pre-arranged plan drill completion rate is 80%; setting the weight of the time-consuming plan exercise to be 10% and setting the threshold value of the time-consuming plan exercise to be half an hour when the time-consuming plan exercise is completed; the plan drilling completion timeliness rate is set to be 5% in weight, and the set threshold value of the plan drilling completion timeliness rate is 80%; setting the weight of the plan drilling completion accuracy rate to be 10%, and setting the threshold value of the plan drilling completion accuracy rate to be 90%; the evaluation business indexes of the personnel involved in the emergency comprise the emergency processing accuracy, the weight of the evaluation business indexes is set to be 17%, and the set threshold value of the emergency processing accuracy is 70%; setting the weight of the emergency processing completion rate to be 10%, and setting the threshold value of the emergency processing completion rate to be 80%; the weight of the time consumed for completing the emergency processing is set to be 10%, the threshold value of the time consumed for completing the emergency processing is set to be 20 minutes, and the like, which are not listed. The method can determine each evaluation business index related to the risk evaluation model of the personnel risk, the weight occupied by each evaluation business index and the set threshold corresponding to each evaluation business index.
And b1, constructing a risk assessment model based on the assessment business indexes, the index weights and the corresponding set thresholds.
Specifically, the evaluation service indexes, the index weights and the corresponding set thresholds of the risk categories jointly form a risk evaluation model for determining the safety risk evaluation result of the service network point.
As an alternative embodiment of the present invention, on the basis of the above embodiment, the method further includes: and when the safety risk evaluation result indicates that the service network point has risk, performing abnormal reminding of the risk, wherein the abnormal reminding comprises voice reminding and/or interface content reminding.
Specifically, when the security risk assessment result of the service network point indicates that a risk exists, an abnormal prompt of the current risk existing of the service network point is given to the user. The abnormal prompt may be a voice prompt set for a certain number of times, or may be an abnormal prompt prompting in the interface content of the device for the user of the current risk existing at the service network point, and either or both of the two modes may be selected arbitrarily, which is not limited herein. Illustratively, an alarm is issued to alert the user.
The optional embodiment is added with a risk reminding function, can determine whether a business network point has risks on line in real time, carries out risk reminding when the risks exist, and reminds a user to take corresponding measures so as to avoid heavy loss.
As an alternative embodiment of the present invention, on the basis of the above embodiment, the method further includes: and if the safety risk assessment result indicates that the service network point has risks, analyzing the safety risk assessment result to generate an optimization suggestion aiming at the safety risk assessment result.
Specifically, if the security risk assessment result of the service network point indicates that there is a risk, the security risk assessment result needs to be analyzed. In this embodiment, optimization suggestions for different situations may be set in the system in advance, and when there is a risk, what improvement measures and optimization suggestions need to be taken for the service network point are determined according to the risk category and the abnormal service index causing the risk. For example, for personnel risks, optimization suggestions are provided for strengthening personnel training and perfecting personnel management systems; for managing risks, optimizing and suggesting a perfect security performance assessment system and implementing the system to a front-line network; and for the operation risk, optimizing and proposing to establish a sound process control mechanism and supervising a service provider to ensure the stability of the service.
The optional embodiment is added with an optimization suggestion function, and a management improvement suggestion is automatically given through analyzing the safety risk assessment result, so that closed-loop risk improvement and management promotion are formed, and the digital transformation of the safety management of a service network point is promoted.
As an alternative embodiment of the present invention, on the basis of the above embodiment, the method further includes: and according to the current service index, combining historical risk data to predict the risk of the service network point.
Illustratively, the business indexes and the risk assessment conditions of the current three months are obtained, and the risk conditions of the next month of the business network are predicted by combining historical risk assessment data. The optional embodiment adds a prediction function, realizes risk prediction in advance, and adopts corresponding improvement measures according to the predicted risk, thereby reducing risk and loss.
As an alternative embodiment of the present invention, on the basis of the above embodiment, the method further includes: and providing a human-computer interaction interface to display relevant information in the security risk assessment of the service network point.
Specifically, a human-computer interaction interface is provided, and through the human-computer interaction interface, a user can perform relevant operations to acquire desired information, and the security risk assessment process of the service network point can be displayed through the human-computer interaction interface, so that the user can sense the service risk on line in the whole process.
Example two
Fig. 2 is a schematic flow chart of another method for evaluating security risk of a service node according to a second embodiment of the present invention, where this embodiment is a further optimization of the above embodiment, and in this embodiment, a calculation mode that "determining a current service index of the service node according to the management work data" is further defined and optimized to obtain each preset evaluation service index "is further included; extracting target working data associated with the calculation mode from various management working data; and processing the target working data according to a corresponding calculation mode, and determining the current service index of the service network point.
And further, defining and optimizing a safety risk evaluation result of the service network point according to the current service index and in combination with a pre-constructed risk evaluation model into an evaluation service index corresponding to the risk category according to the risk category and in combination with the risk evaluation model; and determining a safety risk evaluation result of the service network point according to the evaluation service index and the current service index aiming at each risk category.
As shown in fig. 2, the second embodiment provides a method for evaluating security risk of a service node, which specifically includes the following steps:
s210, acquiring at least one item of management working data of the service network point.
And S220, acquiring a preset calculation mode of each evaluation service index.
In the present embodiment, steps S220-S240 are used to determine the current service index of the service network point according to the management work data. When the current service index is determined, the calculation mode of the service index needs to be determined, and then the value of the current service index is determined according to the management working data and the calculation mode of the service index. It can be understood that each evaluation service index constitutes a data index system, and each evaluation service index has its definition and calculation mode. For example, assuming that the evaluation service index includes a task completion rate and a task consumption time, the task completion rate may be calculated by dividing the number of completed tasks by the total number of tasks, and the task consumption time may be calculated by subtracting the task start time from the task end time.
And S230, extracting target working data associated with the calculation mode from each item of management working data.
Specifically, after determining the calculation mode for evaluating the service index, the calculation mode is associated with the data type to be acquired, and the work data associated with the calculation mode is extracted from each item of management work data, which is denoted as target work data in this embodiment. Illustratively, the target work data for the task completion rate is a task completion condition, a task non-completion condition and a total task condition.
S240, processing the target working data according to a corresponding calculation mode, and determining the current service index of the service network point.
Specifically, the target working data is processed according to the corresponding calculation mode to determine the corresponding current service index, the current service index corresponding to each evaluation service index can be determined according to the calculation mode corresponding to each evaluation service index and the target working data, and each current service index jointly forms the current service index of the service network point.
And S250, determining an evaluation service index corresponding to the evaluation risk category according to the risk category and by combining a risk evaluation model.
Specifically, for each risk category, an evaluation business index which should be determined for evaluating the risk category is determined according to a pre-created risk evaluation model.
And S260, determining a safety risk evaluation result of the service network point according to the evaluation service index and the current service index aiming at each risk category.
Specifically, for each risk category, the current business index is corresponding to the evaluation business index corresponding to the risk category, the current business index is input into a risk evaluation model, and the safety risk evaluation result of the business network point is determined by combining the weight and the threshold value.
Further, for each risk category, the step of determining the security risk assessment result of the service network point according to the assessment service index and the current service index may be expressed as:
and a2, acquiring a target business index corresponding to the evaluation business index from the current business index aiming at each risk category.
Specifically, for each risk category, according to the evaluation service index contained in the risk evaluation model, a service index corresponding to the evaluation service index is obtained from the current service index and is used as a target service index.
And b2, inputting the target business indexes into a risk evaluation model, and determining the risk level of each risk category and the safety index of the website.
Specifically, the target service index is input into the risk assessment model, whether a service network point has a risk or not and the network point safety index of the service network point are determined according to a preset index weight of a service and a set threshold, and if the risk exists, the risk level is obtained.
And c2, taking the risk grade of each risk category and the safety index of the network point as a safety risk evaluation result of the service network point.
Specifically, in this embodiment, the risk level and the security index of the website corresponding to each risk category are used as the security risk assessment result of the service website.
The embodiment embodies the steps of determining the current service index of the service network point and the current service index, and combines a pre-constructed risk assessment model to determine the safety risk assessment result of the service network point. By using the method, various collected safety management work data are abstracted and processed, various service barriers are opened transversely, interconnection and intercommunication of data resources are realized, and key service data indexes are extracted through a data index system falling around a management target. And then analyzing and evaluating the extracted key business indexes through the established risk evaluation model to obtain a site safety index and a risk level. The technical scheme and the service management realize interconnection and intercommunication on information, realize deep utilization of data, form powerful data support for safety risk control of service network points, sense service risks on line in the whole process, automatically give management improvement suggestions, improve closed-loop risks and promote management, and promote digital transformation of safety management of the service network points.
EXAMPLE III
Fig. 3 is a schematic structural diagram of a security risk assessment apparatus for a service node according to a third embodiment of the present invention, where the apparatus is applicable to a situation of risk assessment for a service node, and the security risk assessment apparatus for a service node may be configured in an electronic device, as shown in fig. 3, the apparatus includes: a data acquisition module 31, an index determination module 32 and a risk assessment module 33; wherein the content of the first and second substances,
a data obtaining module 31, configured to obtain at least one item of management working data of a service node;
the index determining module 32 is used for determining the current service index of the service network point according to the management work data;
and the risk evaluation module 33 is configured to determine a security risk evaluation result of the service network point according to the current service index and by combining a pre-constructed risk evaluation model.
The embodiment of the invention provides a safety risk assessment device for a service network point, which comprises the steps of firstly obtaining management work data of each service in the service network point, then processing the management work data to form a key service index of the service network point as a current service index, and finally inputting the current service index into a risk assessment model for risk assessment according to a pre-constructed risk assessment model to determine a safety risk assessment result of the service network point. Compared with the prior art that the risk assessment efficiency is low and the cost is high due to the fact that each business operates independently and the cross-business data cannot be communicated due to the fact that the existing technology depends on manpower, management work data related to each business are collected in the technical scheme, indexes related to each business are comprehensively input into a risk assessment model, interconnection and intercommunication of information can be achieved through management of each business, full-process online determination of business risk management and control is achieved through deep utilization of data, and efficiency is improved.
Optionally, the index determining module 32 is specifically configured to:
acquiring a preset calculation mode of each evaluation service index;
extracting target working data associated with a calculation mode from various management working data;
and processing the target working data according to a corresponding calculation mode, and determining the current service index of the service network point.
Optionally, the risk assessment module 33 may include:
the evaluation determining unit is used for determining an evaluation service index corresponding to the evaluation risk category by combining a risk evaluation model according to the risk category;
and the result determining unit is used for determining the safety risk evaluation result of the service network point according to the evaluation service index and the current service index aiming at each risk category.
Optionally, the result determining unit may be specifically configured to:
aiming at each risk category, acquiring a target service index corresponding to the evaluation service index from the current service index;
inputting the target business indexes into a risk evaluation model, and determining the risk level of each risk category and the safety index of a network point;
and taking the risk grade of each risk category and the safety index of the network point as a safety risk evaluation result of the service network point.
Optionally, the apparatus further includes a model building module, specifically configured to:
determining an evaluation service index, index weight and a corresponding set threshold value required by the evaluation of the risk category according to the risk category;
and constructing a risk assessment model based on the assessment business indexes, the index weights and the corresponding set thresholds.
Optionally, the apparatus further includes a reminder module, specifically configured to:
and when the safety risk evaluation result indicates that the service network point has risk, performing abnormal reminding of the risk, wherein the abnormal reminding comprises voice reminding and/or interface content reminding.
Optionally, the apparatus should include an optimization module, specifically configured to:
and if the safety risk assessment result indicates that the service network point has risks, analyzing the safety risk assessment result to generate an optimization suggestion aiming at the safety risk assessment result.
Optionally, the apparatus further includes a prediction module, specifically configured to:
and according to the current service index, combining historical risk data to predict the risk of the service network point.
Optionally, the apparatus further includes a display module, specifically configured to:
and providing a human-computer interaction interface to display relevant information in the security risk assessment of the service network point.
The service network point safety risk assessment device provided by the embodiment of the invention can execute the service network point safety risk assessment method provided by any embodiment of the invention, and has the corresponding functional modules and beneficial effects of the execution method.
Example four
Fig. 4 is a schematic structural diagram of an electronic device according to a fourth embodiment of the present invention. Electronic devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. The electronic device may also represent various forms of mobile devices, such as personal digital assistants, cellular phones, smart phones, wearable devices (e.g., helmets, glasses, watches, etc.), and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be exemplary only, and are not meant to limit implementations of the inventions described and/or claimed herein.
As shown in fig. 4, the electronic device 40 includes at least one processor 41, and a memory communicatively connected to the at least one processor 41, such as a Read Only Memory (ROM) 42, a Random Access Memory (RAM) 43, and the like, wherein the memory stores a computer program executable by the at least one processor, and the processor 41 may perform various suitable actions and processes according to the computer program stored in the Read Only Memory (ROM) 42 or the computer program loaded from a storage unit 48 into the Random Access Memory (RAM) 43. In the RAM 43, various programs and data necessary for the operation of the electronic apparatus 40 can also be stored. The processor 41, the ROM 42, and the RAM 43 are connected to each other via a bus 44. An input/output (I/O) interface 45 is also connected to bus 44.
A number of components in the electronic device 40 are connected to the I/O interface 45, including: an input unit 46 such as a keyboard, a mouse, etc.; an output unit 47 such as various types of displays, speakers, and the like; a storage unit 48 such as a magnetic disk, an optical disk, or the like; and a communication unit 49 such as a network card, modem, wireless communication transceiver, etc. The communication unit 49 allows the electronic device 40 to exchange information/data with other devices via a computer network such as the internet and/or various telecommunication networks.
Processor 41 may be a variety of general and/or special purpose processing components having processing and computing capabilities. Some examples of processor 41 include, but are not limited to, a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), various specialized Artificial Intelligence (AI) computing chips, various processors running machine learning model algorithms, a Digital Signal Processor (DSP), and any suitable processor, controller, microcontroller, or the like. Processor 41 performs the various methods and processes described above, such as the service network point security risk assessment methods.
In some embodiments, the service network point security risk assessment method may be implemented as a computer program tangibly embodied in a computer-readable storage medium, such as storage unit 48. In some embodiments, part or all of the computer program may be loaded and/or installed onto the electronic device 40 via the ROM 42 and/or the communication unit 49. When loaded into RAM 43 and executed by processor 41, the computer program may perform one or more of the steps of the above-described method for security risk assessment of a service outlet. Alternatively, in other embodiments, processor 41 may be configured to perform the business site security risk assessment method by any other suitable means (e.g., by way of firmware).
Various implementations of the systems and techniques described here above may be implemented in digital electronic circuitry, integrated circuitry, field Programmable Gate Arrays (FPGAs), application Specific Integrated Circuits (ASICs), application Specific Standard Products (ASSPs), system on a chip (SOCs), load programmable logic devices (CPLDs), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs that are executable and/or interpretable on a programmable system including at least one programmable processor, which may be special or general purpose, receiving data and instructions from, and transmitting data and instructions to, a storage system, at least one input device, and at least one output device.
Computer programs for implementing the methods of the present invention can be written in any combination of one or more programming languages. These computer programs may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus, such that the computer programs, when executed by the processor, cause the functions/acts specified in the flowchart and/or block diagram block or blocks to be performed. A computer program can execute entirely on a machine, partly on a machine, as a stand-alone software package partly on a machine and partly on a remote machine or entirely on a remote machine or server.
In the context of the present invention, a computer-readable storage medium may be a tangible medium that can contain, or store a computer program for use by or in connection with an instruction execution system, apparatus, or device. A computer readable storage medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. Alternatively, the computer readable storage medium may be a machine readable signal medium. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
To provide for interaction with a user, the systems and techniques described here can be implemented on an electronic device having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and a pointing device (e.g., a mouse or a trackball) by which a user can provide input to the electronic device. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user can be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user may be received in any form, including acoustic, speech, or tactile input.
The systems and techniques described here can be implemented in a computing system that includes a back-end component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such back-end, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), wide Area Networks (WANs), blockchain networks, and the internet.
The computing system may include clients and servers. A client and server are generally remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other. The server can be a cloud server, also called a cloud computing server or a cloud host, and is a host product in a cloud computing service system, so that the defects of high management difficulty and weak service expansibility in the traditional physical host and VPS service are overcome.
It should be understood that various forms of the flows shown above may be used, with steps reordered, added, or deleted. For example, the steps described in the present invention may be executed in parallel, sequentially, or in different orders, and are not limited herein as long as the desired results of the technical solution of the present invention can be achieved.
The above-described embodiments should not be construed as limiting the scope of the invention. It should be understood by those skilled in the art that various modifications, combinations, sub-combinations and substitutions may be made in accordance with design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims (12)

1. A method for evaluating security risk of a service network point is characterized by comprising the following steps:
acquiring at least one item of management working data of a service network point;
determining the current service index of the service network point according to the management work data;
and determining a safety risk evaluation result of the service network point according to the current service index and by combining a pre-constructed risk evaluation model.
2. The method of claim 1, wherein said determining a current traffic index of said traffic node based on said management effort data comprises:
acquiring a preset calculation mode of each evaluation service index;
extracting target working data associated with the calculation mode from various management working data;
and processing the target working data according to a corresponding calculation mode, and determining the current service index of the service network point.
3. The method according to claim 1, wherein the determining a security risk assessment result of the service network point according to the current service index and in combination with a pre-constructed risk assessment model comprises:
determining an evaluation service index corresponding to the risk category by combining the risk evaluation model according to the risk category;
and determining a safety risk evaluation result of the service network point according to the evaluation service index and the current service index aiming at each risk category.
4. The method of claim 3, wherein the determining, for each risk category, a security risk assessment result of the service network point according to the assessment service index and the current service index comprises:
aiming at each risk category, acquiring a target business index corresponding to the evaluation business index from the current business index;
inputting the target business indexes into the risk assessment model, and determining the risk level of each risk category and the safety index of a website;
and taking the risk grade of each risk category and the safety index of the network point as a safety risk evaluation result of the service network point.
5. The method of claim 1, wherein the step of constructing the risk assessment model comprises:
determining an evaluation business index, index weight and a corresponding set threshold value required by evaluating the risk category according to the risk category;
and constructing the risk assessment model based on the assessment business index, the index weight and the set threshold.
6. The method of claim 1, further comprising:
and when the safety risk assessment result indicates that the service network point has a risk, performing abnormal reminding of the risk, wherein the abnormal reminding comprises voice reminding and/or interface content reminding.
7. The method of claim 1, further comprising:
and if the safety risk assessment result indicates that the service network point has a risk, analyzing the safety risk assessment result and generating an optimization suggestion aiming at the safety risk assessment result.
8. The method of claim 1, further comprising:
and according to the current service index, combining historical risk data to predict the risk of the service network point.
9. The method of claim 1, further comprising:
and providing a human-computer interaction interface to display relevant information in the security risk assessment of the service network point.
10. A service outlet security risk assessment device, comprising:
the data acquisition module is used for acquiring at least one item of management working data of the service network;
the index determining module is used for determining the current service index of the service network point according to the management working data;
and the risk evaluation module is used for determining a safety risk evaluation result of the service network point according to the current service index and by combining a pre-constructed risk evaluation model.
11. An electronic device, comprising:
one or more processors;
storage means for storing one or more programs;
the one or more programs are executable by the one or more processors to cause the one or more processors to perform the method for a business network point security risk assessment of any of claims 1-9.
12. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out a method for security risk assessment of a service network point according to any one of claims 1 to 9.
CN202211635668.4A 2022-12-19 2022-12-19 Method, device, equipment and storage medium for evaluating safety risk of service network point Pending CN115829410A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211635668.4A CN115829410A (en) 2022-12-19 2022-12-19 Method, device, equipment and storage medium for evaluating safety risk of service network point

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211635668.4A CN115829410A (en) 2022-12-19 2022-12-19 Method, device, equipment and storage medium for evaluating safety risk of service network point

Publications (1)

Publication Number Publication Date
CN115829410A true CN115829410A (en) 2023-03-21

Family

ID=85516768

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211635668.4A Pending CN115829410A (en) 2022-12-19 2022-12-19 Method, device, equipment and storage medium for evaluating safety risk of service network point

Country Status (1)

Country Link
CN (1) CN115829410A (en)

Similar Documents

Publication Publication Date Title
US20150088595A1 (en) Systems and Methods for Evaluating Risks Associated with a Contractual Service Agreement
CN110135689A (en) Enterprise business risk method for early warning, device and computer readable storage medium
CN117786131B (en) Industrial chain safety monitoring analysis method, medium and equipment
CN112950344A (en) Data evaluation method and device, electronic equipment and storage medium
CN114997263B (en) Method, device, equipment and storage medium for analyzing training rate based on machine learning
CN114841598A (en) Decision method, device, equipment and program product for operation risk
CN115471200A (en) Cloud computing-based human resource data management system, method and device
CN112818028B (en) Data index screening method and device, computer equipment and storage medium
CN110599041A (en) Enterprise target management method, cloud and system based on artificial intelligence technology
CN108496196A (en) To assets putting maintenance into practice activity
CN107480703B (en) Transaction fault detection method and device
CN113313304A (en) Power grid accident abnormity analysis method and system based on big data decision tree
CN117252420A (en) Job risk assessment method, device, equipment and storage medium
CN115829410A (en) Method, device, equipment and storage medium for evaluating safety risk of service network point
CN116993221A (en) Digital employee supervision method, device, equipment and medium
CN116386813A (en) Method, device, equipment and storage medium for balancing load between operations
Kamyabniya et al. Risk-based earned value management: a novel perspective in software engineering
CN115759751A (en) Enterprise risk prediction method and device, storage medium, electronic equipment and product
CN115330216A (en) Supervision data management system, method, equipment and medium
CN115630078A (en) User data processing method, device, equipment and medium based on digital twin
CN115471277A (en) Method and device for accounting cost of work order of nuclear power plant, electronic equipment and storage medium
CN115471215A (en) Business process processing method and device
CN111429257B (en) Transaction monitoring method and device
CN114298847A (en) Prediction method, device, equipment and storage medium for employee medical insurance fund balance
CN116843479A (en) Risk prediction method, apparatus, device and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination