CN116579012A - Enterprise safety information management system based on big data - Google Patents

Enterprise safety information management system based on big data Download PDF

Info

Publication number
CN116579012A
CN116579012A CN202310442012.9A CN202310442012A CN116579012A CN 116579012 A CN116579012 A CN 116579012A CN 202310442012 A CN202310442012 A CN 202310442012A CN 116579012 A CN116579012 A CN 116579012A
Authority
CN
China
Prior art keywords
space
account
enterprise
storage
login
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310442012.9A
Other languages
Chinese (zh)
Inventor
唐文丽
刘刚
张晓娟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhongke Yunce Shenzhen Scientific And Technological Achievement Transformation Information Technology Co ltd
Original Assignee
Zhongke Yunce Shenzhen Scientific And Technological Achievement Transformation Information Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhongke Yunce Shenzhen Scientific And Technological Achievement Transformation Information Technology Co ltd filed Critical Zhongke Yunce Shenzhen Scientific And Technological Achievement Transformation Information Technology Co ltd
Priority to CN202310442012.9A priority Critical patent/CN116579012A/en
Publication of CN116579012A publication Critical patent/CN116579012A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6227Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02PCLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
    • Y02P90/00Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
    • Y02P90/30Computing systems specially adapted for manufacturing

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to the field of digital information, which is used for solving the problems that the existing enterprise information management system is low in safety, so that the data information of an enterprise is easy to leak, huge loss is caused to the enterprise, the data information of the enterprise is easy to damage in the storage process, the stored information is useless, and the operation of the enterprise is seriously influenced; the system realizes verification and management and control of the registered account, improves the security of the system, avoids data information leakage of enterprises, ensures the storage security of the data information by using a block linking technology, ensures the storage integrity of the data information due to sufficient selected space, and improves the utilization rate of the storage space.

Description

Enterprise safety information management system based on big data
Technical Field
The invention relates to the field of digital information, in particular to an enterprise security information management system based on big data.
Background
The enterprise information management system uses modern management thought and method, uses computer as medium, and uses computer software and network communication technology to make system help enterprise process daily business in the processes of production, management and enterprise decision-making, information collection, storage, processing and analysis. A complete enterprise information management system plays a good supporting and protecting role for enterprise production and business activities, and particularly plays roles in definite responsibility and division of multiple departments of the enterprise, so that paperless office is achieved, and internal departments are regulated and optimized to develop accurate predictions for market development.
In enterprise management, scientific and effective management is an important foundation for survival and contending development of modern enterprises. With the continuous development of information technology and the continuous penetration of enterprise reform in China, enterprise management modes are being changed to innovation management and knowledge management. In order to adapt to the change of enterprise management modes in new period, enterprises must strengthen informatization construction, improve enterprise management level, promote management modernization, change operation mechanism, establish modern enterprise management system, effectively reduce cost, accelerate technical progress, and enhance market competitiveness.
The private key is a key which is created by a user who carries out transactions and is only used by the private key, if the user forgets the password or the password of the user is stolen, the private key corresponding to the password is easily broken according to an encryption algorithm, so that the data information of enterprises is easy to leak, the security is low, huge loss is caused to the enterprises, the data information of the enterprises is easy to damage in the storage process, the stored information is useless, and the operation of the enterprises is seriously influenced.
How to improve the security of the enterprise information management system and the security of the enterprise data information storage is the key of the present invention, and therefore, an enterprise security information management system based on big data is needed to solve the above problems.
Disclosure of Invention
In order to overcome the technical problems, the invention aims to provide an enterprise security information management system based on big data.
The aim of the invention can be achieved by the following technical scheme:
the enterprise security information management system based on big data comprises a registration login module, an access right module, an information management platform and an access detection module;
the registration login module is used for inputting user information by a user for registration and sending the user information, a login password and an account number to the information management platform in a registration manner;
the access authority module is used for acquiring a user name and a user position from the information management platform, comparing the user position with the authority level preset in the access authority module, acquiring a corresponding authority level, marking a login account of the user name, and sending the authority level to the information management platform;
the information management platform is used for sending the user information, the login password, the account registration place and the authority level to the access detection module, limiting the login of the login account according to the feedback result of the access detection module and sending the enterprise information file j to the storage module;
the access detection module is used for carrying out classification judgment on the login account and sending the classification judgment result to the information management platform.
As a further scheme of the invention: the working process of the registration login module is specifically as follows:
registering by inputting user information, wherein the user information comprises a user name, a user telephone number and a user position, a login password is input, the user name is used as a login account after the registration is successful, the login account and the login password are in one-to-one correspondence, the position of the login account when the registration is successful is obtained, and the position is marked as an account registration place;
and transmitting the user information, the login password and the account number registry to the information management platform.
As a further scheme of the invention: the working process of the access right module is specifically as follows:
acquiring a user name and a user position from an information management platform, comparing the user position with a preset authority level in an access authority module, acquiring a corresponding authority level, marking a login account of the user name, and transmitting the authority level to the information management platform; the permission level comprises a zero-level permission level, a first-level permission level, a second-level permission level and a third-level permission level;
according to different executable operations of the authority levels, the zero-level authority level cannot be registered, the first-level authority level can be registered and referred, the second-level authority level can be registered and referred and downloaded, and the third-level authority level can be registered and referred, downloaded, uploaded, deleted and transmitted.
As a further scheme of the invention: the working process of the information management platform is specifically as follows:
the passing account is received, the passing account is successfully logged in, and the passing account has the corresponding authority level obtained according to the position of the user;
receiving a passable account number and a downshift signal, enabling the passable account number to successfully log in, and obtaining corresponding permission levels according to a user position and the downshift signal through the account number, for example, if the passable account number obtains corresponding three-level permission levels according to the user position, then the passable account number is reduced to two-level permission levels according to the downshift signal, if the passable account number obtains corresponding two-level permission levels according to the user position, then the passable account number is reduced to one-level permission levels according to the downshift signal, and then the zero-level permission levels are maintained according to the downshift signal;
receiving an failed account, and enabling the failed account to be unable to log in successfully;
the method comprises the steps that information uploaded by a login account with three-level authority level is marked as enterprise information files j according to uploading time, j=1, … … and m are natural numbers, and the enterprise information files j are sent to a storage module;
the file occupation space of the enterprise-letter file j is collected, marked as enterprise-letter space K, and sent to a data collection module.
As a further scheme of the invention: the working process of the access detection module is specifically as follows:
marking a user name in the user information as a registered account, and marking a login password corresponding to the registered account as a verification password;
acquiring all account registration places, and marking the registration places as registration points i, i=1, … … and n in sequence, wherein n is a natural number;
connecting the registration points i by line segments, marking the largest area formed by connecting the line segments of the registration points i as a registration area, obtaining the central position of the registration area, marking the central position as a region center point, amplifying the registration area by a preset multiple by taking the region center point as the central position, and marking the registration area amplified by the preset multiple as a standard registration area;
obtaining a login account number, a login password and a login place when a user logs in, and comparing the login account number with a registered account number:
if the registered account number which is the same as the login account number exists, and the login password is the same as the verification password, marking the user as a pre-passing account number;
if the registered account number which is the same as the login account number does not exist, or the login password is the same as the verification password, marking the user as a failed account number, and sending the failed account number to the information management platform;
connecting a logging site passing through the account with a regional center line segment, and marking a line segment connecting the logging site with the regional center as a judgment line;
acquiring the intersection condition of the judgment line and the outline of the standard login area, if no intersection point exists between the judgment line and the outline of the standard login area, marking the pre-passing account corresponding to the judgment line as a passing account, and sending the passing account to an information management platform;
if there is an intersection between the determination line and the contour of the standard registration area, the intersection is marked as a determination point, the distance between the registration place and the determination point is marked as a deviation distance PL, the length of the determination line is marked as a determination distance PD, and the deviation distance PL and the determination distance PD are substituted into the formulaObtaining a deviation coefficient PX, wherein alpha is a preset error factor, and alpha is more than 1;
comparing the deviation coefficient PX with the deviation threshold PY:
if the deviation coefficient PX is smaller than the deviation threshold PY, a downshift signal is generated, a pre-passing account corresponding to the deviation coefficient PX is marked as a passing account, and the passing account and the downshift signal are sent to an information management platform;
if the deviation coefficient PX is more than or equal to the deviation threshold PY, marking the pre-passing account corresponding to the deviation coefficient PX as the failed account, and sending the failed account to the information management platform.
As a further scheme of the invention: the system also comprises a storage module, wherein the storage module is used for dividing the storage space into a shared space and a mirror space, the shared space is used for login access of all login account users, the mirror space is only used for login access of an uploading user of the enterprise-letter file j, the mirror space is also used for selecting a selected space from the mirror space, and the enterprise-letter file j is stored in the shared space and the selected space, and the system specifically comprises the following steps:
dividing the storage space into a shared space and a mirror space, dividing the mirror space into a plurality of sub-mirror spaces, collecting the used space and the total capacity of the sub-mirror spaces, respectively marking the used space and the total capacity as a usage value YL and a total value ZL, and substituting the usage value YL and the total value ZL into a formulaThe total ratio YL is obtained, and all sub-mirror image spaces are orderly sequenced from the small to the large of the total ratio YL;
marking the sub-mirror space positioned at the first position as a selected space, and marking the sub-mirror space positioned at the next position after the selected space as a preselected space;
comparing the enterprise information space K with the usage value YL and the total value ZL of the selected space:
if the enterprise space K is less than beta× (total value ZL-usage value YL), wherein beta is a preset regulating factor, beta is taken as 0.915, the enterprise space K, the usage value YL and the total valueZL substitution formula A storage coefficient CX is obtained, wherein q1, q2 are both preset scaling coefficients, wherein q1+q2=1,
q1>q2;
the storage factor CX is compared with a storage threshold CY:
if the storage coefficient CX is smaller than the storage threshold CY, storing the enterprise file j in the shared space and the selected space;
if the storage coefficient CX is greater than or equal to the storage threshold CY, carrying out block linking on the selected space and the preselected space, marking the selected space and the preselected space of the block linking as the selected space, comparing the storage coefficient CX of the selected space with the storage threshold CY again until the storage coefficient CX is less than the storage threshold CY, and storing enterprise file j in the shared space and the selected space;
if the enterprise information space K is more than or equal to beta× (total value ZL-consumption value YL), carrying out block linking on the selected space and the preselected space, marking the selected space and the preselected space of the block linking as the selected space, comparing the storage coefficient CX of the selected space with the storage threshold CY again until the storage coefficient CX is less than the storage threshold CY, and storing the enterprise information file j in the shared space and the selected space;
and the enterprise information file j stores and completes to generate a storage completion instruction, and the storage completion instruction is sent to the information protection module.
As a further scheme of the invention: the system also comprises an information protection module, a storage module and a control module, wherein the information protection module is used for collecting a deficiency value QZ, a deficiency rate QL, a change value GZ and a change rate GL of a shared space, obtaining a dangerous coefficient WX according to the deficiency value QZ, the deficiency rate QL, the change value GZ and the change rate GL, and sending a re-storage signal generated by comparing the dangerous coefficient WX with a dangerous threshold WY to the storage module, and specifically comprises the following steps:
collecting the data missing times, the data missing frequency and the data falsification times of enterprise and letter files j in a shared spaceAnd the data tampering frequency, and marked as a deficiency value QZ, a deficiency rate QL, a change value GZ and a change rate GL, respectively, and substituting the deficiency value QZ, the deficiency rate QL, the change value GZ and the change rate GL into the formulaObtaining a risk coefficient WX, wherein d1, d2 and d3 are preset weight coefficients, and d2 > d4 > d1 > d3 > 1;
comparing the risk coefficient WX with a risk threshold WY:
if the risk coefficient WX is greater than the risk threshold WY, a re-storage signal is generated and sent to the storage module.
The invention has the beneficial effects that:
according to the enterprise security information management system based on big data, the registration and the login of the account are carried out through the registration login module, the first verification is carried out through the registration account and the registration password, the failed verification is the failed account, the second verification is carried out on the failed account, the standard login area is obtained according to the account registration area when the account is registered, if the registration is located in the standard login area, the registration account is safe, if the deviation of the registration area from the standard login area is small, the registration account is safe, if the deviation of the registration area from the standard login area is large, the registration account is unsafe, and the registration account obtains different authorities, so that the verification and the management of the registration account are realized, the security of the system is improved, and the data information leakage of an enterprise is avoided;
the storage space is divided into the shared space and the mirror image space, the shared space is used for login access of all login account users, the mirror image space is only used for login access of enterprise information file uploaders, the data information in the shared space is updated through the data information in the mirror image space, the safety of accessing the enterprise by the login account and the accuracy of the data information are guaranteed, the normal processing of the data information of the enterprise is guaranteed, the operation of the enterprise is maintained, the storage safety of the data information is guaranteed by utilizing the block linking technology in the process of storing the data information in the mirror image space, the storage integrity of the data information is guaranteed due to the fact that the selected space is sufficient, the space utilization rate is improved, and the condition that the stored data information of the enterprise is damaged in the storage process and useless information is caused is avoided.
Drawings
The invention is further described below with reference to the accompanying drawings.
FIG. 1 is a schematic block diagram of an enterprise security information management system based on big data in the present invention;
FIG. 2 is a schematic block diagram of embodiment 2 of the present invention;
fig. 3 is a schematic block diagram of embodiment 3 in the present invention.
Detailed Description
The technical solutions of the embodiments of the present invention will be clearly and completely described below in conjunction with the embodiments of the present invention, and it is apparent that the described embodiments are only some embodiments of the present invention, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Example 1:
referring to fig. 1-3, the present embodiment is an enterprise security information management system based on big data, including:
the registration login module is used for inputting user information by a user for registration and sending the user information, a login password and an account number to the information management platform in a registration manner;
the access authority module is used for acquiring a user name and a user position from the information management platform, comparing the user position with the authority level preset in the access authority module, acquiring a corresponding authority level, marking a login account of the user name, and sending the authority level to the information management platform;
the information management platform is used for sending the user information, the login password, the account registration place and the authority level to the access detection module, limiting the login of the login account according to the feedback result of the access detection module and sending the enterprise information file j to the storage module;
the access detection module is used for carrying out classification judgment on the login account and sending the classification judgment result to the information management platform;
the storage module is used for dividing the storage space into a shared space and a mirror image space, wherein the shared space is used for login access of all login account users, the mirror image space is only used for login access of an uploading user of the enterprise information file j, and the storage module is also used for selecting a selected space from the mirror image space and storing the enterprise information file j in the shared space and the selected space;
the information protection module is used for collecting the number deficiency value QZ, the number deficiency rate QL, the number change value GZ and the number change rate GL of the shared space, obtaining a dangerous coefficient WX according to the number deficiency value QZ, the number deficiency rate QL, the number change value GZ and the number change rate GL, and sending a re-storage signal generated by comparing the dangerous coefficient WX with a dangerous threshold WY to the storage module.
Example 2:
referring to fig. 1 and 2, the present embodiment is an enterprise security information management system based on big data, and the working process of the system verification login is specifically as follows:
step one: the registration login module registers by inputting user information, wherein the user information comprises a user name, a user telephone number and a user position, a login password is input, the user name is used as a login account after the registration is successful, the login account and the login password are in one-to-one correspondence, the position of the login account when the registration is successful is obtained, and the position is marked as an account registration place;
step two: the registration login module sends the user information, the login password and the account number to the information management platform in a registration manner;
step three: the access authority module obtains a user name and a user position from the information management platform, compares the user position with preset authority levels in the access authority module to obtain corresponding authority levels, marks a login account of the user name, and sends the authority levels to the information management platform;
step four: the information management platform sends the user information, the login password, the account registration place and the permission level to the access detection module;
step five: the access detection module marks the user name in the user information as a registered account number, and marks the login password corresponding to the registered account number as a verification password;
step six: the access detection module acquires all account registration places and marks the registration places as registration points i, i=1, … … and n in sequence, wherein n is a natural number;
step seven: the access detection module connects the registration points i by line segments, marks the largest area formed by connecting the line segments of the registration points i as a registration area, acquires the central position of the registration area, marks the central position as a regional center point, amplifies the registration area by a preset multiple by taking the regional center point as the central position, and marks the registration area amplified by the preset multiple as a standard registration area;
step eight: the access detection module acquires a login account number, a login password and a login place when a user logs in, and compares the login account number with a registered account number:
if the registered account number which is the same as the login account number exists, and the login password is the same as the verification password, marking the user as a pre-passing account number;
if the registered account number which is the same as the login account number does not exist, or the login password is the same as the verification password, marking the user as a failed account number, and sending the failed account number to the information management platform;
step nine: the access detection module connects the login place of the pre-passing account with the regional center point line segment, and marks the line segment connecting the login place with the regional center point as a judgment line;
step ten: the access detection module obtains the intersecting condition of the judgment line and the profile of the standard login area:
if no intersection point exists between the judging line and the outline of the standard login area, marking the pre-passing account corresponding to the judging line as a passing account, and sending the passing account to the information management platform;
if there is an intersection point between the determination line and the contour of the standard login area, marking the intersection point as the determinationThe point is marked with a distance between the login place and the judgment point as a deviation distance PL, the length of the judgment line as a judgment distance PD, and the deviation distance PL and the judgment distance PD are substituted into the formulaObtaining a deviation coefficient PX, wherein alpha is a preset error factor, and alpha is more than 1;
step eleven: the access detection module compares the deviation coefficient PX with a deviation threshold PY:
if the deviation coefficient PX is smaller than the deviation threshold PY, a downshift signal is generated, a pre-passing account corresponding to the deviation coefficient PX is marked as a passing account, and the passing account and the downshift signal are sent to an information management platform;
if the deviation coefficient PX is more than or equal to the deviation threshold PY, marking the pre-passing account corresponding to the deviation coefficient PX as a failed account, and sending the failed account to an information management platform;
step twelve: the information management platform receives the passing account number, so that the passing account number is successfully logged in, and the passing account number has the corresponding authority level obtained according to the position of the user;
step thirteen: the information management platform receives the passable account number and the downshift signal, so that the passable account number can be successfully logged in, and the corresponding authority level can be obtained according to the position of the user and the downshift signal through the account number;
step fourteen: and the information management platform receives the failed account, so that the failed account cannot be successfully logged in.
Example 3:
referring to fig. 1 and 3, the present embodiment is an enterprise security information management system based on big data, and the working process of the system information storage is specifically as follows:
step one: the information management platform marks the information uploaded by the login account with the three-level authority level as enterprise information files j according to the uploading time, j=1, … … and m are natural numbers, and sends the enterprise information files j to the storage module;
step two: the information management platform collects the file occupation space of the enterprise-letter file j, marks the file occupation space as an enterprise-letter space K, and sends the enterprise-letter space K to the data acquisition module;
step three: the storage module divides the storage space into a shared space and a mirror space, divides the mirror space into a plurality of sub-mirror spaces, collects the used space and the total capacity of the sub-mirror spaces, marks the used space and the total capacity as a usage value YL and a total value ZL respectively, and substitutes the usage value YL and the total value ZL into a formulaThe total ratio YL is obtained, and all sub-mirror image spaces are orderly sequenced from the small to the large of the total ratio YL;
step four: the storage module marks the sub-mirror image space positioned at the first position as a selected space, and marks the sub-mirror image space positioned at the last position of the selected space as a preselected space;
step five: the storage module compares the enterprise information space K with the consumption value YL and the total value ZL of the selected space:
if the enterprise space K is less than beta× (total value ZL-usage value YL), wherein beta is a preset adjustment factor, beta is taken to be 0.915, and the enterprise space K, the usage value YL and the total value ZL are substituted into the formula Obtaining a storage coefficient CX, wherein q1 and q2 are preset proportionality coefficients, wherein q1+q2=1 and q1 is more than q2;
the storage factor CX is compared with a storage threshold CY:
if the storage coefficient CX is smaller than the storage threshold CY, storing the enterprise file j in the shared space and the selected space;
if the storage coefficient CX is greater than or equal to the storage threshold CY, carrying out block linking on the selected space and the preselected space, marking the selected space and the preselected space of the block linking as the selected space, comparing the storage coefficient CX of the selected space with the storage threshold CY again until the storage coefficient CX is less than the storage threshold CY, and storing enterprise file j in the shared space and the selected space;
if the enterprise information space K is more than or equal to beta× (total value ZL-consumption value YL), carrying out block linking on the selected space and the preselected space, marking the selected space and the preselected space of the block linking as the selected space, comparing the storage coefficient CX of the selected space with the storage threshold CY again until the storage coefficient CX is less than the storage threshold CY, and storing the enterprise information file j in the shared space and the selected space;
step six: the enterprise information file j of the storage module is stored to finish generating a storage finishing instruction, and the storage finishing instruction is sent to the information protection module;
step seven: the information protection module collects the data missing times, the data missing frequency, the data tampering times and the data tampering frequency of the enterprise file j in the shared space, marks the data missing values QZ, the data missing rates QL, the data modifying values GZ and the data modifying rates GL respectively, and substitutes the data missing values QZ, the data missing rates QL, the data modifying values GZ and the data modifying rates GL into a formulaObtaining a risk coefficient WX, wherein d1, d2 and d3 are preset weight coefficients, and d2 > d4 > d1 > d3 > 1;
step eight: the information protection module compares the risk coefficient WX with a risk threshold WY:
if the risk coefficient WX is greater than the risk threshold WY, generating a re-storage signal and sending the re-storage signal to a storage module;
step nine: after receiving the re-broussion signal, the storage module formats the shared space, and copies and pastes the enterprise-letter file j in the mirror image space into the shared space after the formatting is completed.
In the description of the present specification, the descriptions of the terms "one embodiment," "example," "specific example," and the like, mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the present invention. In this specification, schematic representations of the above terms do not necessarily refer to the same embodiments or examples. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
The foregoing is merely illustrative and explanatory of the invention, as various modifications and additions may be made to the particular embodiments described, or in a similar manner, by those skilled in the art, without departing from the scope of the invention or exceeding the scope of the invention as defined in the claims.

Claims (6)

1. The utility model provides an enterprise security information management system based on big data, includes registration login module, access right module, information management platform and visit detection module, its characterized in that:
the registration login module is used for inputting user information by a user for registration and sending the user information, a login password and an account number to the information management platform in a registration manner;
the access authority module is used for acquiring a user name and a user position from the information management platform, comparing the user position with the authority level preset in the access authority module, acquiring a corresponding authority level, marking a login account of the user name, and sending the authority level to the information management platform;
the information management platform is used for sending the user information, the login password, the account registration place and the authority level to the access detection module, limiting the login of the login account according to the feedback result of the access detection module and sending the enterprise information file to the storage module;
the access detection module is used for carrying out classification judgment on the login account and sending the classification judgment result to the information management platform.
2. The enterprise security information management system based on big data of claim 1, wherein the working process of the access right module is specifically as follows:
and acquiring a user name and a user position from the information management platform, comparing the user position with a preset authority level in the access authority module, acquiring a corresponding authority level, marking a login account of the user name, and sending the authority level to the information management platform.
3. The enterprise security information management system based on big data of claim 1, wherein the working process of the information management platform is specifically as follows:
the passing account is received, the passing account is successfully logged in, and the passing account has the corresponding authority level obtained according to the position of the user;
receiving a passable account number and a downshift signal, enabling the passable account number to successfully log in, and obtaining a corresponding permission level according to the position of the user and the downshift signal by the passable account number;
receiving an failed account, and enabling the failed account to be unable to log in successfully;
marking the information uploaded by the login account as an enterprise-letter file according to the uploading time, and sending the enterprise-letter file to a storage module;
the method comprises the steps of collecting the file occupation space of enterprise-letter files, marking the file occupation space as enterprise-letter space, and sending the enterprise-letter space to a data collection module.
4. The enterprise security information management system based on big data of claim 1, wherein the access detection module works as follows:
marking a user name in the user information as a registered account, and marking a login password corresponding to the registered account as a verification password;
acquiring all account registration places and marking the account registration places as registration points in sequence;
connecting the registration points with each other by line segments, marking the largest area formed by connecting the line segments of the registration points as a registration area, obtaining the central position of the registration area, marking the central position as a region center point, amplifying the registration area by a preset multiple by taking the region center point as the central position, and marking the registration area amplified by the preset multiple as a standard registration area;
obtaining a login account number, a login password and a login place when a user logs in, and comparing the login account number with a registered account number:
if the registered account number which is the same as the login account number exists, and the login password is the same as the verification password, marking the user as a pre-passing account number;
if the registered account number which is the same as the login account number does not exist, or the login password is the same as the verification password, marking the user as a failed account number, and sending the failed account number to the information management platform;
connecting a logging site passing through the account with a regional center line segment, and marking a line segment connecting the logging site with the regional center as a judgment line;
acquiring the intersection condition of the judgment line and the outline of the standard login area, if no intersection point exists between the judgment line and the outline of the standard login area, marking the pre-passing account corresponding to the judgment line as a passing account, and sending the passing account to an information management platform;
if an intersection point exists between the judgment line and the outline of the standard login area, marking the intersection point as a judgment point, marking the distance between the login place and the judgment point as a deviation distance, marking the length of the judgment line as a judgment distance, and analyzing the deviation distance and the judgment distance to obtain a deviation coefficient;
comparing the deviation coefficient with a deviation threshold value:
if the deviation coefficient is smaller than the deviation threshold value, a downshift signal is generated, a pre-passing account corresponding to the deviation coefficient is marked as a passing account, and the passing account and the downshift signal are sent to an information management platform;
if the deviation coefficient is more than or equal to the deviation threshold, marking the pre-passing account corresponding to the deviation coefficient as a failed account, and sending the failed account to the information management platform.
5. The enterprise security information management system of claim 4, further comprising a storage module for dividing the storage space into a shared space and a mirrored space, selecting a selected space from the mirrored space, and storing the enterprise information file in the shared space and the selected space, wherein the enterprise information file is as follows:
dividing a storage space into a shared space and a mirror image space, dividing the mirror image space into a plurality of sub-mirror image spaces, collecting the used space and the total capacity of the sub-mirror image spaces, respectively marking the used space and the total capacity as a used value and a total value, analyzing the used value and the total value to obtain a used total ratio, and sequencing all the sub-mirror image spaces according to the used total ratio from small to large;
marking the sub-mirror space positioned at the first position as a selected space, and marking the sub-mirror space positioned at the next position after the selected space as a preselected space;
comparing the enterprise information space with the usage value and the total value of the selected space:
if the enterprise information space is less than beta× (total amount value-consumption value), wherein beta is a preset regulating factor, analyzing the enterprise information space, the consumption value and the total amount value to obtain a storage coefficient;
comparing the storage coefficient to a storage threshold:
if the storage coefficient is less than the storage threshold value, storing the enterprise and letter file in the shared space and the selected space;
if the storage coefficient is more than or equal to the storage threshold, carrying out block linking on the selected space and the preselected space, marking the selected space and the preselected space of the block linking as the selected space, comparing the storage coefficient of the selected space with the storage threshold again until the storage coefficient is less than the storage threshold, and storing the enterprise information file in the shared space and the selected space;
if the enterprise letter space is more than or equal to beta× (total value-consumption value), carrying out block linking on the selected space and the preselected space, marking the selected space and the preselected space linked by the block as the selected space, comparing the storage coefficient of the selected space with the storage threshold again until the storage coefficient is less than the storage threshold, and storing enterprise letter files in the shared space and the selected space;
and the enterprise information file storage completion generates a storage completion instruction, and the storage completion instruction is sent to the information protection module.
6. The enterprise safety information management system according to claim 5, further comprising an information protection module for collecting a deficiency value, a deficiency rate, a change value and a change rate of the shared space, obtaining a risk coefficient according to the deficiency value, the deficiency rate, the change value and the change rate, and transmitting a restored signal generated by comparing the risk coefficient with a risk threshold to the storage module, wherein the steps of:
collecting the data missing times, the data missing frequency, the data tampering times and the data tampering frequency of enterprise and letter files in a shared space, marking the data missing values, the data missing rates, the data modifying values and the data modifying rates respectively, and analyzing the data missing values, the data missing rates, the data modifying values and the data modifying rates to obtain dangerous coefficients;
comparing the risk factor to a risk threshold:
if the risk coefficient is greater than the risk threshold, a re-storage signal is generated and sent to the storage module.
CN202310442012.9A 2023-04-23 2023-04-23 Enterprise safety information management system based on big data Pending CN116579012A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310442012.9A CN116579012A (en) 2023-04-23 2023-04-23 Enterprise safety information management system based on big data

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310442012.9A CN116579012A (en) 2023-04-23 2023-04-23 Enterprise safety information management system based on big data

Publications (1)

Publication Number Publication Date
CN116579012A true CN116579012A (en) 2023-08-11

Family

ID=87535101

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310442012.9A Pending CN116579012A (en) 2023-04-23 2023-04-23 Enterprise safety information management system based on big data

Country Status (1)

Country Link
CN (1) CN116579012A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117370957A (en) * 2023-12-06 2024-01-09 吉林省东启铭网络科技有限公司 Data security access system based on big data

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117370957A (en) * 2023-12-06 2024-01-09 吉林省东启铭网络科技有限公司 Data security access system based on big data

Similar Documents

Publication Publication Date Title
US11663364B2 (en) Whole-lifecycle encrypted big data analysis method and system for the data from the different sources
CN112737825B (en) Log-based network device association method, system, device and storage medium
CN104156804B (en) Provincial company teams and groups are to mark data handling system and data processing method
CN104424613A (en) Value added tax invoice monitoring method and system thereof
CN112231333A (en) Ecological environment data sharing and exchanging method and system
CN116579012A (en) Enterprise safety information management system based on big data
CN111198878B (en) Basic information investigation system and method
CN115659369B (en) User unified management system based on user operation habit
CN115409466A (en) Data acquisition management system based on big data
CN116644825A (en) Big data-based outpatient information inquiry reservation management system
US11373130B1 (en) Policy exception risk determination engine with visual awareness guide
CN105915632A (en) Building engineering monitoring system based on 3D virtual reality technology
CN112347523A (en) Information safety system based on cloud computing
Jean The harmonic mean and other necessary conditions for stochastic dominance
CN115577983B (en) Enterprise task matching method based on block chain, server and storage medium
CN113824739B (en) User authority management method and system of cloud management platform
RU2736851C1 (en) Enterprise information system control method
CN114416814A (en) Data processing method and device, electronic equipment and storage medium
CN111723351A (en) Archive management system
CN111026763A (en) Data processing method, device, equipment and storage medium
CN118229032A (en) Self-adaptive enterprise data management method and system based on business dynamic change
CN109871720A (en) A kind of outdoor scene meter reading behavior management system
RU2801374C1 (en) System with role-based access control to the organization of the operational maintenance of buildings and structures
CN109885543A (en) Log processing method and device based on big data cluster
CN116992496B (en) Data resource safety supervision system for enterprise service management

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination