CN116305324A

CN116305324A - Host safety protection method, device, equipment and storage medium

Info

Publication number: CN116305324A
Application number: CN202310232475.2A
Authority: CN
Inventors: 张中超; 邹晓明; 韩斌; 翟献超; 钟宝华; 唐彬彬; 危乐; 叶丹; 张小花; 程梦成; 缪雨薏; 程晔
Original assignee: Guangdong Power Grid Co Ltd; Heyuan Power Supply Bureau of Guangdong Power Grid Co Ltd
Current assignee: Guangdong Power Grid Co Ltd; Heyuan Power Supply Bureau of Guangdong Power Grid Co Ltd
Priority date: 2023-03-10
Filing date: 2023-03-10
Publication date: 2023-06-23

Abstract

The invention discloses a host safety protection method based on an intelligent operation and maintenance mode, which is executed by host safety protection equipment, and when the host based on the intelligent operation and maintenance mode is subjected to safety protection, the host safety protection equipment is connected with the host, and the method comprises the following steps: acquiring host information; analyzing the host information according to standard information to determine a security reinforcement parameter item; based on the security reinforcement parameter item, the security parameters of the host system are updated to obtain the security parameters of the host system, so that the host is protected safely according to the security parameters of the host system, and the security parameters of the host system are reinforced by providing host security protection equipment which can be connected with the host, so that a user can use the equipment to any host conveniently, the complexity of host security protection is simplified, and the security of host operation is improved.

Description

Host safety protection method, device, equipment and storage medium

Technical Field

The present invention relates to the field of computer technologies, and in particular, to a method, an apparatus, a device, and a storage medium for protecting host security.

Background

The intelligent operation and maintenance, also called AIOps (Artficial Intelligence for Operations), is a platform for enabling big data, artificial intelligence or machine learning technology to traditional IT operation and maintenance management. With the development of computer network technology, network security issues are receiving increasing attention. Various intelligent technologies such as Internet, internet of things and the like are also continuously perfected, for example, the security protection of a server host is gradually transferred from the local to a management platform, the operating systems of the hosts can be managed in batches through the management platform, and the operating systems of the hosts are safely reinforced.

In the process of realizing the invention, the prior art is found to have at least the following technical problems: with the continuous perfection of intelligent technologies, the requirements for management and maintenance of these intelligent technologies are also increasing. The host is used as a network terminal node, has the characteristics of wide distribution, huge quantity, multiple related services and the like, and has potential safety hazards such as weak passwords, redundant accounts, unclosed high-risk ports and the like, and the potential safety hazards are that a 'hacker' invades to open a 'green channel', so that information leakage of normal users can be caused, and great social influence is caused; meanwhile, most users have less knowledge on a computer network, few people are willing to spend effort to learn network knowledge deeply and master various inquiry commands, the application is different, the operation and maintenance commands to be remembered are different, each application center is provided with a respective user authority management center, and the access modes are different, so that the operation and maintenance management is very complicated, the problem of centralized statistics and analysis cannot be solved, and the development and application of increasingly strong intelligent technology cannot be met by conventional operation and maintenance.

Disclosure of Invention

The invention provides a host safety protection method, device, equipment and storage medium, which are used for solving the technical problem that intelligent operation and maintenance host safety protection is difficult, simplifying the complexity of host safety protection and improving the safety of host operation.

According to an aspect of the present invention, there is provided a host security protection method based on an intelligent operation and maintenance mode, which is executed by a host security protection device, and is connected to a host when the host based on the intelligent operation and maintenance mode is secured, the method comprising:

acquiring host information;

analyzing the host information according to standard information to determine a security reinforcement parameter item;

and updating the security parameters of the host system based on the security reinforcement parameter item to obtain the reinforcement parameters of the host system so as to carry out security protection on the host according to the reinforcement parameters of the host system.

On the basis of the above scheme, optionally, the determining the security reinforcement parameter item according to the host information and the standard information includes:

and comparing the host information with the standard information, and determining the security reinforcement parameter item according to the comparison.

On the basis of the above scheme, optionally, the updating the security parameters of the host system based on the security reinforcement parameter item to obtain the security parameters of the host system includes:

determining a safety reinforcement parameter value corresponding to the safety reinforcement parameter item;

and updating the security reinforcement parameter value in the security parameters of the host system based on the security reinforcement parameter value to obtain the reinforcement parameters of the host system.

On the basis of the scheme, optionally, the method further comprises the following steps:

and sending the security reinforcement parameter item to a host computer so that the security reinforcement parameter is displayed at the host computer side.

On the basis of the above scheme, optionally, the sending the security reinforcement parameter item to the host includes:

and converting the security reinforcement parameters into host system communication format information, and sending the host system communication format information to a host.

and comparing the host system reinforcement parameters with the host information to generate and display a security reinforcement result.

On the basis of the above scheme, optionally, the host information includes: at least one of a host name, an IP address, an operating system version, a CPU model, a memory capacity, a hard disk capacity, a file system, a system load, and a system log.

According to another aspect of the present invention, there is provided a host security protection apparatus based on an intelligent operation and maintenance mode, configured on a host security protection device, the host security protection device being connected to a host based on the intelligent operation and maintenance mode when performing security protection on the host, the apparatus comprising:

the simulation running system construction module is used for acquiring service running information and a target service set and constructing a simulation running system according to the service running information and the target service set;

the candidate host safety protection scheme generation module is used for generating a candidate host safety protection scheme according to the host safety protection period of the target service set;

and the target host safety protection scheme determining module is used for evaluating the candidate host safety protection scheme based on the simulation running system and determining the target host safety protection scheme based on an evaluation result.

According to another aspect of the present invention, there is provided a host security device including:

at least one processor; and

a memory communicatively coupled to the at least one processor; wherein,,

the memory stores a computer program executable by the at least one processor to enable the at least one processor to perform the intelligent operation and maintenance mode-based host security method according to any of the embodiments of the present invention.

According to another aspect of the present invention, there is provided a computer readable storage medium storing computer instructions for causing a processor to implement the host security protection method based on the intelligent operation and maintenance mode according to any one of the embodiments of the present invention when executed.

According to the technical scheme, when the host based on the intelligent operation and maintenance mode is subjected to safety protection, the host safety protection equipment is connected with the host, and host information is acquired through the host safety protection equipment; analyzing the host information according to standard information to determine a security reinforcement parameter item; based on the security reinforcement parameter item, the security parameters of the host system are updated to obtain the security parameters of the host system, so that the host is protected safely according to the security parameters of the host system, and the security parameters of the host system are reinforced by providing host security protection equipment which can be connected with the host, so that a user can use the equipment to any host conveniently, the complexity of host security protection is simplified, and the security of host operation is improved.

It should be understood that the description in this section is not intended to identify key or critical features of the embodiments of the invention or to delineate the scope of the invention. Other features of the present invention will become apparent from the description that follows.

Drawings

In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required for the description of the embodiments will be briefly described below, and it is apparent that the drawings in the following description are only some embodiments of the present invention, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.

FIG. 1 is a flowchart of a host security protection method based on an intelligent operation and maintenance mode according to an embodiment of the present invention;

fig. 2 is a schematic structural diagram of a host security device according to a second embodiment of the present invention;

fig. 3 is a schematic structural diagram of a host security device based on an intelligent operation and maintenance mode according to a third embodiment of the present invention;

fig. 4 is a schematic structural diagram of a host security device according to a fourth embodiment of the present invention.

Detailed Description

In order that those skilled in the art will better understand the present invention, a technical solution in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in which it is apparent that the described embodiments are only some embodiments of the present invention, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the present invention without making any inventive effort, shall fall within the scope of the present invention.

It should be noted that the terms "first," "second," and the like in the description and the claims of the present invention and the above figures are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that the embodiments of the invention described herein may be implemented in sequences other than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.

Example 1

Fig. 1 is a flowchart of a host security protection method based on an intelligent operation and maintenance mode according to an embodiment of the present invention, where the method may be performed by a host security protection device, and the host security protection device may be implemented in hardware and/or software, and the host security protection device may be configured in a host security protection device. As shown in fig. 1, the method includes:

s110, acquiring host information.

The method provided in this embodiment is executed by a host security protection device, and the host security protection device is connected to a host when performing security protection on the host based on the intelligent operation and maintenance mode.

In order to simplify the security protection difficulty of the host, a user can realize the security protection of the host without deep learning of network knowledge and grasping information such as query commands, operation and maintenance commands, access modes and the like of different applications, in this embodiment, a host security protection method is provided, and the security protection method is packaged in a portable security protection terminal (host security protection equipment), and when the user needs to perform security protection on a host, the security protection of the host can be realized only by connecting the terminal with the host (such as through USB connection, through data line connection and the like). That is, the method provided in this embodiment can be applied to any host.

The host security protection device may be any mobile terminal device, for convenience in carrying, and may be a usb disk, a hard disk, a mobile phone, or other devices, which is not limited herein.

Optionally, the host information includes: at least one of a host name, an IP address, an operating system version, a CPU model, a memory capacity, a hard disk capacity, a file system, a system load, and a system log. Generally, security protection of a host is usually protected by parameters such as device information, network information, and device operation information. Based on this, at least one of a host name, an IP address, an operating system version, a CPU model, a memory capacity, a hard disk capacity, a file system, a system load, and a system log may be acquired as host information. It should be noted that, other host related information besides the above parameter items may also be acquired as host information. It can be understood that the more the obtained host information parameter items, the better the security protection effect based on the host information.

S120, analyzing the host information according to the standard information to determine a security reinforcement parameter item.

In this embodiment, standard information for performing security protection may be stored in advance, which is used to set standard parameter items for security protection of the host, and when security protection reinforcement of the host is required, the parameter items for security reinforcement are determined by the standard information.

Alternatively, the standard information may be set manually, or information of a plurality of reference hosts may be acquired as the reference information, and the standard information may be determined based on the plurality of reference information. The standard information may be determined by other methods than the above, as long as the standard information can be determined to cover the parameter items requiring safety protection, which is not limited herein.

In one embodiment of the present invention, the determining a security reinforcement parameter item according to the host information and the standard information includes: and comparing the host information with the standard information, and determining the security reinforcement parameter item according to the comparison.

It can be understood that the standard information includes a plurality of parameter items to be secured, which are regarded as standard parameter items, the host information includes a plurality of secured parameter items, which are regarded as host parameter items, and the standard parameter items and the host parameter items can be compared, and the parameter items not included in the host parameter items in the standard parameter items are regarded as security reinforcement parameter items.

Optionally, the identification of the standard parameter item may be compared with the identification of the host parameter item to determine the security reinforcement parameter item. The identification of the standard parameter item may be a name, an ID, etc. of the standard parameter item, and correspondingly, the identification of the host parameter item may be a name, an ID, etc. of the host parameter item.

On the basis of the scheme, the method further comprises the following steps:

In order to facilitate the user to know the security parameters of the host to be secured, the security reinforcement parameter item can be sent to the host display screen for display so as to facilitate the user to clearly know the loopholes in the host.

On the basis of the above, the host information can be sent to the host display screen for display, so that the user can clearly know the running state of the host.

Optionally, the sending the security reinforcement parameter item to the host includes:

In order to enable the host to identify the security reinforcement parameter item sent by the host security guard, the security reinforcement parameter item needs to be converted into host system communication format information which can be identified by the host to send. The host system communication format may be determined based on a host system, and the host system may be a Linux system, a Window system, or the like.

On the basis of the scheme, when error information exists in the host information, alarm information can be sent out and sent to a host display, so that a user can know the error information of the host parameters clearly.

S130, updating the security parameters of the host system based on the security reinforcement parameter item to obtain the reinforcement parameters of the host system so as to carry out security protection on the host according to the reinforcement parameters of the host system.

After the security reinforcement parameter item is determined, setting and updating the security parameters of the host system based on the security reinforcement parameter item, and applying the updated host system reinforcement parameters to the host after updating, so that the host operates with the updated host system reinforcement parameters, thereby completing security reinforcement of the host. The security parameters are mainly parameters related to user management, payment systems, file systems, ports, vulnerabilities, operating systems and the like.

Optionally, the updating the security parameters of the host system based on the security reinforcement parameter item to obtain the security parameters of the host system includes:

The security reinforcement parameter value corresponding to the security reinforcement parameter item can be determined according to the host information, and then the security reinforcement parameter value corresponding to the security reinforcement parameter item is added to the host system security parameter to obtain the host system reinforcement parameter.

On the basis of the above scheme, the method provided in this embodiment further includes:

In order to facilitate the user to understand the security protection reinforcement condition of the host, after determining the host system reinforcement parameters, the host system reinforcement parameters and the initial host information can be compared and analyzed, and the security reinforcement result is output and sent to the host display end for display.

Example two

This embodiment provides a preferred embodiment on the basis of the above-described embodiments. The host security protection method based on the intelligent operation and maintenance mode provided by the embodiment is executed by host security protection equipment. Fig. 2 is a schematic structural diagram of a host security device according to a second embodiment of the present invention. As shown in fig. 2, the host security protection apparatus provided in this embodiment includes: the operation and maintenance information inspection module 210, the operation and maintenance security reinforcement module 220 and the operation and maintenance execution inspection module 230; the operation and maintenance information inspection module 210, the operation and maintenance security reinforcement module 220 and the operation and maintenance execution inspection module 230 are in communication connection with each other.

The operation and maintenance information inspection module 210 obtains host information, analyzes and stores the host information; the host information includes, but is not limited to, host name, IP address, operating system version, CPU model, memory capacity, hard disk capacity, file system, system load, and system log.

Specifically, the operation and maintenance information inspection module 210 includes a scanning module 211, an inspection storage module 212 and an analysis module 213, where the scanning module 211, the inspection storage module 212 and the analysis module 213 are connected in communication with each other; the scanning module 211 performs full-disk scanning on a host, acquires the host information, and sends the host information to the inspection storage module 212; after the inspection storage module 212 receives the host information sent by the scanning module 211, the host information is stored, in addition, information such as host standard data is stored in the inspection storage module 212, so that security parameters of the host to be reinforced can be analyzed in a comparison manner; the analysis module 213 analyzes information in the operation and maintenance storage module (i.e. host information and host standard data information obtained by scanning), and formats and stores the analysis result, where the formatting refers to converting the analysis result into an information mode that a system in the host can communicate, and the system may be a Linux system or a Window system.

In order to facilitate the user to understand the operation state of the host and the security parameters of the host to be secured, the operation and maintenance information inspection module 210 further includes a viewing display module 214, where the display module 214 may be electrically connected to the display screen of the host; through the view display module 214, when a user needs to view the formatted and stored information, the formatted and stored information can be displayed on the display screen, so that the user can clearly know the running state of the host. In order to facilitate the user to know the "vulnerability" existing in the host, the operation and maintenance information inspection module 210 further includes an alarm module 215, where the alarm module 215 is communicatively connected to the display module 214; when there is an error message in the host information, the alarm module 215 sends out an alarm message, and sends the alarm message to the display module 214, so that the user can more conveniently and clearly know which parameters of the host need security reinforcement.

The operation and maintenance security reinforcement module 2220 sets security parameters of the host system, performs security reinforcement on the host, and sends the security parameters of the host system to the operation and maintenance execution inspection module 230; specifically, the operation and maintenance security reinforcement module 2220 includes a setting module 221 and a security reinforcement module 222; the setting module 221 mainly sets security parameters of the host system, where the security parameters mainly relate to user management, payment system, file system, port, vulnerability, and operating system; the security reinforcement module 222 is configured to apply the host system security parameters to the host, update the host system security parameters, and enable the host to run with the updated host system security parameters, so as to complete reinforcement of the host, and it should be noted that the host system security parameters are very numerous, and the host system security parameters can be selectively updated according to the analysis result, so as to improve the update efficiency.

After the host is securely reinforced, the operation and maintenance execution checking module 230 derives host system security parameters to be reinforced of the host, performs comparative analysis according to the host system security parameters and host information, and outputs a security reinforcement result, and specifically, the operation and maintenance execution checking module 230 includes a deriving module 231 and a reinforcement analysis module 232; the export module 231 is configured to export the security parameters that the host needs to consolidate, and send the exported security parameters to the consolidation analysis module 232; the reinforcement analysis module 232 is configured to analyze the security parameters, and send the security reinforcement result obtained by the analysis to the display module 214, so that a user can clearly understand the difference between the host and the host before and after the security reinforcement, and confirm that the operation of security reinforcement of the host is in a successful state.

Based on the above structure, the method provided in this embodiment includes:

(1) And the operation and maintenance information inspection module acquires the host information, analyzes and stores the host information.

(2) The operation and maintenance security reinforcement module sets security parameters of a host system, reinforces the security of the host, and sends the security parameters of the host system to the operation and maintenance execution inspection module.

(3) And the operation and maintenance execution checking module derives the security parameters of the host system which need to be reinforced by the host, performs comparison analysis according to the security parameters of the host system and the host information, and outputs a security reinforcing result.

According to the embodiment, the host is scanned to obtain the host information, the host system security parameters are set, and the host is reinforced safely by applying the host system security parameters to the host, so that the host operates with the updated host system security parameters, the operation security of the host is further improved, and the economic loss caused by network security is reduced.

Example III

Fig. 3 is a schematic structural diagram of a host security device based on an intelligent operation and maintenance mode according to a third embodiment of the present invention. The device is configured in host safety protection equipment, when carrying out safety protection to the host computer based on intelligent operation and maintenance mode, host safety protection equipment with the host computer is connected, as shown in fig. 3, the device includes host computer information acquisition module 310, safety reinforcement parameter item determination module 320 and host computer safety reinforcement module 330, wherein:

a host information acquisition module 310, configured to acquire host information;

the security reinforcement parameter item determining module 320 is configured to analyze the host information according to standard information, and determine a security reinforcement parameter item;

and the host security reinforcement module 330 is configured to update the host system security parameters based on the security reinforcement parameter item to obtain host system reinforcement parameters, so as to secure the host according to the host system reinforcement parameters.

According to the technical scheme, when the host based on the intelligent operation and maintenance mode is subjected to safety protection, the host safety protection equipment is connected with the host, and host information is acquired through a host information acquisition module in the host safety protection equipment; the security reinforcement parameter item determining module analyzes the host information according to the standard information to determine a security reinforcement parameter item; the host safety strengthening module updates the host system safety parameters based on the safety strengthening parameter items to obtain host system strengthening parameters, so that the host is safely protected according to the host system strengthening parameters, and the host safety protecting equipment capable of being connected with the host is provided to strengthen the host system safety parameters, so that a user can conveniently use the equipment on any host, the complexity of host safety protection is simplified, and the safety of host operation is improved.

Based on the above embodiments, optionally, the security reinforcement parameter item determining module 320 is specifically configured to:

Based on the above embodiments, the host security reinforcement module 330 is specifically configured to:

On the basis of the foregoing embodiment, optionally, the apparatus further includes a reinforcement parameter display module, configured to:

On the basis of the above embodiment, optionally, the reinforcement parameter display module is specifically configured to:

On the basis of the above embodiment, optionally, the apparatus further includes a reinforcement result display module, configured to:

On the basis of the above embodiment, optionally, the host information includes: at least one of a host name, an IP address, an operating system version, a CPU model, a memory capacity, a hard disk capacity, a file system, a system load, and a system log.

The host safety protection device provided by the embodiment of the invention can execute the host safety protection method provided by any embodiment of the invention, and has the corresponding functional modules and beneficial effects of the execution method.

Example IV

Fig. 4 is a schematic structural diagram of a fourth embodiment of the present invention. Host security device 10 is intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. The host security device may also represent various forms of mobile devices, such as personal digital assistants, cellular telephones, smartphones, wearable devices (e.g., helmets, glasses, watches, etc.), and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be exemplary only, and are not meant to limit implementations of the inventions described and/or claimed herein.

As shown in fig. 4, the host security device 10 includes at least one processor 11, and a memory, such as a Read Only Memory (ROM) 12, a Random Access Memory (RAM) 13, etc., communicatively connected to the at least one processor 11, in which the memory stores a computer program executable by the at least one processor, and the processor 11 may perform various appropriate actions and processes according to the computer program stored in the Read Only Memory (ROM) 12 or the computer program loaded from the storage unit 18 into the Random Access Memory (RAM) 13. In RAM 13, various programs and data required for operation of host safety shield apparatus 10 may also be stored. The processor 11, the ROM 12 and the RAM 13 are connected to each other via a bus 14. An input/output (I/O) interface 15 is also connected to bus 14.

Various components in host safety shield apparatus 10 are connected to I/O interface 15, including: an input unit 16 such as a keyboard, a mouse, etc.; an output unit 17 such as various types of displays, speakers, and the like; a storage unit 18 such as a magnetic disk, an optical disk, or the like; and a communication unit 19 such as a network card, modem, wireless communication transceiver, etc. Communication unit 19 allows host security guard 10 to exchange information/data with other devices via a computer network, such as the internet, and/or various telecommunications networks.

The processor 11 may be a variety of general and/or special purpose processing components having processing and computing capabilities. Some examples of processor 11 include, but are not limited to, a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), various specialized Artificial Intelligence (AI) computing chips, various processors running machine learning model algorithms, digital Signal Processors (DSPs), and any suitable processor, controller, microcontroller, etc. The processor 11 performs the various methods and processes described above, such as the host security method.

In some embodiments, the host security protection method may be implemented as a computer program tangibly embodied on a computer-readable storage medium, such as storage unit 18. In some embodiments, part or all of the computer program may be loaded and/or installed onto host safety shield apparatus 10 via ROM 12 and/or communication unit 19. One or more of the steps of the host security method described above may be performed when the computer program is loaded into RAM 13 and executed by processor 11. Alternatively, in other embodiments, processor 11 may be configured to perform the host security method in any other suitable manner (e.g., by means of firmware).

Various implementations of the systems and techniques described here above may be implemented in digital electronic circuitry, integrated circuit systems, field Programmable Gate Arrays (FPGAs), application Specific Integrated Circuits (ASICs), application Specific Standard Products (ASSPs), systems On Chip (SOCs), load programmable logic devices (CPLDs), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs, the one or more computer programs may be executed and/or interpreted on a programmable system including at least one programmable processor, which may be a special purpose or general-purpose programmable processor, that may receive data and instructions from, and transmit data and instructions to, a storage system, at least one input device, and at least one output device.

A computer program for implementing the host security method of the present invention may be written in any combination of one or more programming languages. These computer programs may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus, such that the computer programs, when executed by the processor, cause the functions/acts specified in the flowchart and/or block diagram block or blocks to be implemented. The computer program may execute entirely on the machine, partly on the machine, as a stand-alone software package, partly on the machine and partly on a remote machine or entirely on the remote machine or server.

Example five

The fifth embodiment of the present invention further provides a computer readable storage medium, where computer instructions are stored in the computer readable storage medium, where the computer instructions are configured to cause a processor to execute a host security protection method, where the method includes:

acquiring host information;

In the context of the present invention, a computer-readable storage medium may be a tangible medium that can contain, or store a computer program for use by or in connection with an instruction execution system, apparatus, or device. The computer readable storage medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. Alternatively, the computer readable storage medium may be a machine readable signal medium. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.

To provide for interaction with a user, the systems and techniques described here can be implemented on a host security device having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and pointing device (e.g., a mouse or trackball) through which a user can provide input to the host security device. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user may be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user may be received in any form, including acoustic input, speech input, or tactile input.

The systems and techniques described here can be implemented in a computing system that includes a background component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such background, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), wide Area Networks (WANs), blockchain networks, and the internet.

The computing system may include clients and servers. The client and server are typically remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other. The server can be a cloud server, also called a cloud computing server or a cloud host, and is a host product in a cloud computing service system, so that the defects of high management difficulty and weak service expansibility in the traditional physical hosts and VPS service are overcome.

It should be appreciated that various forms of the flows shown above may be used to reorder, add, or delete steps. For example, the steps described in the present invention may be performed in parallel, sequentially, or in a different order, so long as the desired results of the technical solution of the present invention are achieved, and the present invention is not limited herein.

The above embodiments do not limit the scope of the present invention. It will be apparent to those skilled in the art that various modifications, combinations, sub-combinations and alternatives are possible, depending on design requirements and other factors. Any modifications, equivalent substitutions and improvements made within the spirit and principles of the present invention should be included in the scope of the present invention.

Claims

1. A host security protection method based on an intelligent operation and maintenance mode, which is characterized in that the method is executed by a host security protection device, and when a host based on the intelligent operation and maintenance mode is secured, the host security protection device is connected with the host, the method comprising:

acquiring host information;

2. The method of claim 1, wherein said determining a security reinforcement parameter item from said host information and standard information comprises:

3. The method of claim 1, wherein updating the host system security parameters based on the security reinforcement parameter item to obtain host system reinforcement parameters comprises:

4. The method as recited in claim 1, further comprising:

5. The method of claim 4, wherein said sending the security reinforcement parameter item to a host comprises:

6. The method as recited in claim 1, further comprising:

7. The method of claim 1, wherein the host information comprises: at least one of a host name, an IP address, an operating system version, a CPU model, a memory capacity, a hard disk capacity, a file system, a system load, and a system log.

8. A host safety device based on an intelligent operation and maintenance mode, configured on a host safety device, wherein the host safety device is connected with a host when the host based on the intelligent operation and maintenance mode is safeguarded, the device comprising:

the host information acquisition module is used for acquiring host information;

the security reinforcement parameter item determining module is used for analyzing the host information according to the standard information to determine a security reinforcement parameter item;

and the host security reinforcement module is used for updating the security parameters of the host system based on the security reinforcement parameter items to obtain host system reinforcement parameters so as to carry out security protection on the host according to the host system reinforcement parameters.

9. A host security device, the host security device comprising:

at least one processor; and

a memory communicatively coupled to the at least one processor; wherein,,

the memory stores a computer program executable by the at least one processor to enable the at least one processor to perform the smart operation and maintenance mode-based host security method of any one of claims 1-7.

10. A computer readable storage medium storing computer instructions for causing a processor to implement the intelligent operation and maintenance mode-based host security protection method of any one of claims 1-7 when executed.