CN117056882B - Automatic approval method and system for security access management - Google Patents

Automatic approval method and system for security access management Download PDF

Info

Publication number
CN117056882B
CN117056882B CN202311314085.6A CN202311314085A CN117056882B CN 117056882 B CN117056882 B CN 117056882B CN 202311314085 A CN202311314085 A CN 202311314085A CN 117056882 B CN117056882 B CN 117056882B
Authority
CN
China
Prior art keywords
access
risk
operation behavior
behavior
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202311314085.6A
Other languages
Chinese (zh)
Other versions
CN117056882A (en
Inventor
刘丽
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Affiliated Hospital of Jiangnan University
Original Assignee
Affiliated Hospital of Jiangnan University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Affiliated Hospital of Jiangnan University filed Critical Affiliated Hospital of Jiangnan University
Priority to CN202311314085.6A priority Critical patent/CN117056882B/en
Publication of CN117056882A publication Critical patent/CN117056882A/en
Application granted granted Critical
Publication of CN117056882B publication Critical patent/CN117056882B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/06Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
    • G06Q10/063Operations research, analysis or management
    • G06Q10/0635Risk analysis of enterprise or organisation activities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/10Office automation; Time management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Systems or methods specially adapted for specific business sectors, e.g. utilities or tourism
    • G06Q50/10Services
    • G06Q50/22Social work

Abstract

The application discloses a method and a system for automatic approval of security access management, wherein the method comprises the following steps: acquiring characteristic data in an access application form; inputting the characteristic data into a risk assessment model for risk assessment to obtain an assessment grade; creating a login account and a login password according to the evaluation grade, and sending the login account and the login password to the access equipment or sending refused access information to the access equipment; acquiring real-time operation behavior information after the applicant logs in an account, and performing risk assessment on the real-time operation behavior according to the operation authority of the applicant to acquire an assessment result; and approving the current operation behavior or recovering the login account according to the evaluation result and sending the current operation behavior violation warning information to the access equipment. The access behavior automatic approval method and the access behavior automatic approval system can realize automatic approval of the access behavior, ensure the safety of the accessed hospital information system and finish closed-loop management of the access process.

Description

Automatic approval method and system for security access management
Technical Field
The application relates to the technical field of computers, in particular to a method and a system for automatically approving security access management.
Background
The hospital information system integrates data and information of various departments and business processes of the hospital, and realizes information sharing and collaborative work in the hospital. The access management of the hospital information system ensures that the visitor can acquire the information in time so as to improve the quality and efficiency of medical service, and also prevents events such as data leakage and damage and ensures the safety of system data.
The important point in realizing the safe access management is that the user access application is approved, the manual approval efficiency is low, mistakes are easy to occur, the existing automatic approval system is a single approval mechanism set according to the authority, after judging that the applicant has the access authority, the access behavior of the applicant after logging in is not limited, and a plurality of users break through the current access authority by utilizing the technical means after logging in the system, so that the potential safety hazard of system data is caused. And the approval flow of a single approval mechanism is relatively fixed, and when an emergency occurs, the adaptation adjustment cannot be performed.
Disclosure of Invention
In order to realize automatic approval of access behaviors, ensure the safety of an accessed hospital information system and complete closed-loop management of an access process, the application provides a method and a system for automatic approval of safety access management.
In a first aspect, the present application provides a method for automatically approving security access management, where an access object is a hospital information system, including:
acquiring characteristic data in an access application form; the feature data includes: applicant identity information, request access resource type, access time, access location, access device type, operation type, user behavior score;
Inputting the characteristic data into a risk assessment model for risk assessment to obtain an assessment grade; the risk assessment model is a trained neural network model or a trained SVM model or a risk scoring model; the evaluation level includes: low risk level, medium risk level, and high risk level;
if the evaluation level is a low risk level or a medium risk level, a login account and a login password are created and sent to the access equipment; otherwise, sending the refused access information to the access equipment;
acquiring operation behavior information and operation authority of an applicant after logging in an account of the applicant in real time; performing risk assessment on the operation type, the operation position and the operation content in the operation behavior information according to the operation authority of the applicant to obtain an assessment result; the evaluation result includes: low risk operational behavior, medium risk operational behavior, and high risk operational behavior;
if the evaluation result is low-risk operation behavior, approving the current operation behavior; if the evaluation result is the risk operation behavior, sending prompt information of risk of the current operation content and prompt information for filling operation behavior explanation to the access equipment; acquiring an operation behavior interpretation returned by the access equipment, and forwarding the operation behavior information and the operation behavior interpretation to the manual auditing terminal; acquiring a rationality judgment result returned by the manual auditing terminal, if the judgment result is reasonable, approving the current operation behavior, otherwise, recovering the current login account and sending current operation behavior violation warning information to the access equipment; and if the evaluation result is the high-risk operation behavior, recovering the current login account and sending the current operation behavior violation warning information to the access equipment.
By adopting the scheme, the characteristic data in the access application form are acquired in real time and preliminary risk assessment is carried out, the login account and the login password are directly refused to be provided for the high-risk access application, the high-risk applicant is prevented from entering the system on the basis of access, and the access safety of the system is ensured; by acquiring real-time operation behaviors to perform operation risk assessment and approving or warning the operation type, the operation position and the operation content of the applicant according to the assessment result, the automatic approval of the whole process of the applicant access is realized, and the safety of the whole process system access is ensured.
Preferably, the risk assessment model is a trained neural network model or a trained SVM model or a risk scoring model, and specifically includes:
when the risk assessment model selects a neural network model or an SVM model, acquiring a historical access application form, extracting feature data, marking the extracted feature data with an assessment grade to generate training data, and carrying out model training on the selected neural network model or SVM model by using the training data to obtain a risk assessment model;
when the risk assessment model is a risk scoring model, the risk scoring model specifically includes: S= wU+wR+wT+wL+wA+wD+wB Wherein S is a risk score; u represents user role weight; r represents request access resource type weight; t represents an access time weight; l represents an access location weight; a represents operation type weight; d represents an access device type weight; b represents a user behavior score; />All are normal numbers and are added with->,/>Is 0 or a normal number; w1 is the adjustment parameter of U, w2 is the adjustment parameter of R, w3 is the adjustment parameter of T, w4 is the adjustment parameter of L, w5 is the adjustment parameter of A, w6 is the adjustment parameter of D, and w7 is the adjustment parameter of B.
By adopting the scheme, the neural network or the SVM model after model training can carry out risk assessment on the access application form comprising various characteristic data, and the assessment accuracy is high; the risk scoring model carries out weight setting in consideration of the correspondence of multiple accessed influence factors, the risk score is obtained by calculating the comprehensive influence weights, and finally the judged risk level is accurate and visual.
Preferably, performing risk assessment on the operation type, the operation position and the operation content in the operation behavior information according to the operation authority of the applicant, and obtaining an assessment result specifically includes:
acquiring the operation type authority of the applicant in real time, and judging whether the current operation type exceeds the authority; if the authority is exceeded, the operation behavior is determined to be high-risk operation behavior;
Otherwise, acquiring the authority of the operation position of the applicant in real time, continuously judging whether the current operation position exceeds the authority, and if so, determining the operation position to be a high-risk behavior;
otherwise, continuing to judge whether the current operation content is sensitive data or not; if the data is not sensitive, the data is identified as low-risk operation behavior; otherwise, continuing to acquire the historical operation content or the related operation content corresponding to the current operation content, and calculating the similarity between the current operation content and the historical operation content or the related operation content; if the similarity is lower than the expected value, the risk operation behavior is determined; otherwise, a low risk operational behavior is identified.
By adopting the scheme, the operation behavior of the applicant after logging in the account is monitored in real time, and when the conditions that the operation type exceeds the authority, the operation position exceeds the authority and the operation content is sensitive data and the similarity with the historical operation content and the related operation content is low, the account is directly recovered, so that the real-time identification of abnormal or malicious behavior in the whole access process is realized, and the safety of the system is improved.
Preferably, the method further comprises: an emergency access option is arranged in the access application form, and when the acquired characteristic data of the access application form comprise emergency access data, whether the applicant belongs to personnel in a hospital or not and whether the access equipment belongs to equipment in the hospital or not are determined according to the acquired characteristic data;
If the access equipment belongs to the specific area of the hospital, continuously determining whether the physical position of the current access equipment is located in the specific area of the hospital; the hospital specific area comprises an operating room area and an emergency room area; if the operation behavior information is in a specific area of a hospital, directly judging that the operation behavior information is low-risk operation behavior, approving the current operation behavior, packaging the characteristic data of an access list, the created login account, the login password and the operation behavior information to generate an emergency access file, and transmitting the emergency access file to a manual auditing terminal; acquiring an authenticity judgment result returned by the manual auditing terminal, and if the judgment result is true, maintaining the current evaluation grade and the evaluation result; if the judgment result is false, modifying the evaluation level into a high risk level;
otherwise, the emergency access data is rejected.
By adopting the scheme, when the access equipment in the specific area of the hospital is used for sending the emergency access requirement, the access activity of the personnel in the hospital is directly approved, so that the adaptability adjustment of the emergency access approval is realized; meanwhile, the generated emergency access file is forwarded to the manual auditing terminal, and the approval of the emergency access is further adjusted by combining the reply forwarded to the manual auditing terminal, so that potential safety hazards caused by malicious emergency access requests are avoided.
Preferably, the method further comprises:
when the risk assessment model is selected as the risk assessment model, acquiring the assessment grade of the access application form of the applicant within a period of time, and correspondingly reducing the user behavior score to improve the probability of acquiring the login account and the login password by the applicant if the continuous N times of assessment grades are low risk grades; if the continuous M times of evaluation grades are the risk grade or the high risk grade, correspondingly improving the user behavior grade so as to reduce the probability of obtaining the login account and the login password by the applicant; the N, M numbers are normal numbers.
By adopting the scheme, the user behavior scores of the applicant with the multiple risk assessment grades being fixed are correspondingly adjusted, so that the dynamic adjustment of the risk score model is realized, and the accuracy of risk grade assessment is improved.
Preferably, the method further comprises: different evaluation grades and different evaluation results are provided with corresponding catalogues;
the method comprises the steps that a distributed accounting technology is adopted to store approval associated information corresponding to each access application form under a corresponding directory according to an evaluation grade or an evaluation result; the approval related information comprises characteristic data of an access application form, a created login account number and login password, operation behavior information, operation behavior explanation and current operation behavior violation warning information.
By adopting the scheme, the approval related information of the whole process of accessing the applicant is stored in the corresponding catalogue by using the distributed accounting technology, so that the subsequent inquiry of the whole approval process is facilitated.
Preferably, when the created login account is monitored to be actively released, or when access information or current operation behavior violation warning information is refused to be sent to the access equipment, an approval decision feedback table is sent to the access equipment; and calculating the approval satisfaction degree according to an approval decision feedback table returned by the access equipment at regular intervals, and optimizing the risk assessment model if the approval satisfaction degree is lower than a preset satisfaction degree value.
By adopting the scheme, a feedback mechanism is designed, feedback information about automatic approval is collected, and approval optimization is completed according to the feedback information.
In a second aspect, the present application provides a secure access management automatic approval system, comprising:
the characteristic data extraction module is used for acquiring characteristic data in the access application form; the feature data includes: applicant identity information, request access resource type, access time, access location, access device type, operation type, user behavior score;
the login risk assessment module is used for inputting the characteristic data into the risk assessment model to carry out risk assessment and obtain an assessment grade; the risk assessment model is a trained neural network model or a trained SVM model or a risk scoring model; the evaluation level includes: low risk level, medium risk level, and high risk level;
The first batch checking module is used for acquiring the evaluation grade output by the login risk evaluation module, and if the evaluation grade is a low risk grade or a medium risk grade, a login account and a login password are created and sent to the access equipment; otherwise, sending the refused access information to the access equipment;
the operation behavior and authority acquisition module is used for acquiring operation behavior information and operation authority of the applicant after the applicant logs in the account in real time;
the operation risk assessment module is used for performing risk assessment on the operation type, the operation position and the operation content in the operation behavior information according to the operation authority of the applicant to obtain an assessment result; the evaluation result includes: low risk operational behavior, medium risk operational behavior, and high risk operational behavior;
the second batch examination module is used for acquiring an evaluation result output by the operation risk evaluation module, and approving the current operation behavior if the evaluation result is a low-risk operation behavior; if the evaluation result is the risk operation behavior, sending prompt information of risk of the current operation content and prompt information for filling operation behavior explanation to the access equipment; acquiring an operation behavior interpretation instruction returned by the access equipment, and forwarding current operation behavior information and the operation behavior interpretation instruction to the manual auditing terminal; acquiring a rationality judgment result returned by the manual auditing terminal, if the judgment result is reasonable, approving the current operation behavior, otherwise, recovering the current login account and sending current operation behavior violation warning information to the access equipment; and if the evaluation result is the high-risk operation behavior, recovering the current login account and sending the current operation behavior violation warning information to the access equipment.
By adopting the scheme, the first examination and approval module completes examination and approval of the access application with low risk according to the login risk assessment module and grants the applicant preliminary access qualification, and screens out the access application with high risk; the second examination and approval module completes examination and approval on the low-risk operation behaviors according to the operation risk assessment module, and timely recovers the account for the low-risk operation behaviors; the security of the whole process of accessing the system by the applicant is ensured through multiple risk evaluations and multiple approvals.
In a third aspect, the present application provides a computer readable storage medium, where the computer readable storage medium includes a stored computer program, where the computer program when executed controls a device in which the computer readable storage medium is located to perform a method as described above.
In a fourth aspect, the present application provides a computer device comprising a memory, a processor and a program stored and executable on said memory, said program implementing the steps of the method as described above when executed by the processor.
In summary, the application has the following beneficial effects:
1. for the access application of the system, performing risk assessment from two aspects, wherein the first aspect is to perform risk level assessment of system login according to the access application form, complete preliminary approval according to the assessment level, and screen out the access application with high risk; the risk assessment of the real-time operation behavior (access behavior) after the user logs in the system is performed, the operation behavior is examined and approved in real time according to the assessment result, and once the high-risk operation behavior appears, the account is timely recovered, so that the safety of the access system is ensured;
2. And setting an emergency access option for specific situations, and completing automatic approval of the emergency access.
Drawings
FIG. 1 is a flow chart of a method for secure access management automatic approval in accordance with one embodiment;
FIG. 2 is a schematic diagram of a security access management automatic approval system according to an embodiment;
FIG. 3 is a schematic flow chart of an approval process of the security access management automatic approval system according to an embodiment;
fig. 4 is a schematic flow chart of a security access management automatic approval system for approval of risk operation behavior in a specific embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application will be further described in detail with reference to the accompanying drawings and examples. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the present application.
As shown in fig. 1, an embodiment of the present application discloses a method for automatically approving security access management, where an access management object is a hospital information system, and specifically includes:
s1, acquiring an access application form and extracting characteristic data in the access application form.
Specifically, an access application form submitted by an applicant is obtained, and characteristic data is extracted from the submitted access application form; the feature data includes: the identity information (such as name, title, contact information and the like) of the applicant, the type of the requested access resource (such as database, file server and the like), the access time (such as working time, non-working time and the like), the access position (such as intranet, extranet and the like) and the access equipment information: including access device IP address, access device type (e.g., corporate device, personal device, etc.), operation type (e.g., read, write, delete, etc.), user behavior score, and other data information, etc. (e.g., emergency access data, maintenance access data, preamble password, which is a partial password recorded on the access application form).
S2, inputting the characteristic data in the access application form into a risk assessment model for risk assessment, and obtaining an assessment grade.
Specifically, a risk assessment model is built, wherein the risk assessment model adopts a neural network model or an SVM model or a risk scoring model; the evaluation level includes: low risk level, medium risk level, and high risk level.
When the risk assessment model selects a neural network model or an SVM model, acquiring a historical access application form and extracting characteristic data of the historical access application form; performing data processing on the characteristic data of the historical access application form, wherein the data processing comprises performing single-heat coding, standardized numerical variables and the like on the characteristic data; performing risk grade marking on the feature data of the processed historical access application form to generate training data and verification data; performing iterative training on the selected neural network model or SVM model by using training data to obtain a risk assessment model; in addition, performance evaluation is performed on the risk evaluation model by using verification data, evaluation indexes comprise accuracy, recall, F1 score and the like, and the risk evaluation model is optimized according to the evaluation result, wherein cross verification is used for selecting the optimal super parameters.
When the risk assessment model is a risk scoring model, the risk scoring model is specifically:S= wU+wR+wT+wL+wA+wD+wB wherein S is a risk score; u represents user role weight; r represents request access resource type weight; t represents an access time weight; l represents an access location weight; a represents operation type weight; d represents an access device type weight; b represents a user behavior score;all are normal numbers and are added with->,/>Is 0 or a normal number; w1, w2, & gt..w 7 are adjustment parameters of each weight, and can be set according to business requirements and expert knowledge.
Specifically, in this embodiment, the user roles include an ordinary user, a hospital employee, a maintainer of a hospital information system, and the like; the general user and the hospital staff determine the user roles according to the identity information of the applicant; setting role weights corresponding to different user roles, wherein the common user weight value is higher than that of maintenance personnel of hospital staff and a hospital information system; the weights of the hospital staff are correspondingly set according to the position size, for example: the higher the job position, the more accessible resources the yard length, the primary physician, the secondary physician, the primary physician, the lower the weight value setting;
the maintenance personnel of the hospital information system determines a user role according to the identity information of the applicant and the maintenance access data, namely, the maintenance access items are arranged in the access application form, and the maintenance access data can be correspondingly extracted when the applicant fills the maintenance access items; when the identity information of the applicant confirms as a maintainer and simultaneously acquires maintenance access data, confirming the user role of the applicant as the maintainer, otherwise, confirming the user role as a common user; the maintainer of the hospital information system can set weights according to the technical grade of the maintainer, the confidentiality degree or complexity degree of the corresponding maintenance content, for example: the maintenance personnel technical grade comprises a primary maintenance engineer, a medium-grade maintenance engineer and a high-grade maintenance engineer; the higher the technical grade of the maintainer is, the wider the maintainer can maintain the content, the wider the content can be accessed, and the lower the weight setting is; or the higher the confidentiality of the content correspondingly maintained by the maintainer, the higher the risk of access and the higher the weight setting.
The weight of the database in the request resource type weight is higher than that of the file server, and the weight of the database of each department can be set according to the actual access frequency or the confidentiality degree of the database of each department, for example: the access frequency is high, the weight is high, and the confidentiality degree is high.
The weight of the working time is lower than that of the non-working time in the access time weight setting; the weight of the internal network of the hospital in the access position weight setting is lower than that of the external network of the hospital; the weight of the internal equipment of the hospital is lower than that of the external equipment of the hospital in the access equipment type weight setting; the user behavior score is a behavior score calculated from historical user access behaviors, ranging from 0-1.
And S3, finishing the preliminary approval of the access application according to the risk assessment grade.
Specifically, if the evaluation level is a low risk level or a medium risk level, a login account and a login password are created and sent to the access equipment, and the preliminary approval is ended; if the risk level is high, sending refused access information to the access equipment, and ending the preliminary approval; wherein, the login password creating process comprises the following steps: generating a subsequent password according to the association of the previous password, and splicing the previous password and the subsequent password to generate a login password.
In addition, when the evaluation grade is the risk grade, triggering a secondary authentication, creating a login account and a login password after the secondary authentication, and sending the login account and the login password to the access equipment, otherwise, sending refused access information to the access equipment; the secondary authentication may be identity authentication, for example: sending a face recognition request to the access equipment, receiving a face image acquired by the access equipment, extracting the face features, inquiring the face features corresponding to the identity information in the access application form from a preset application face feature database, and judging whether the face features acquired by the received access equipment are the same as the face features associated with the identity information; if the evaluation grades are the same, finishing the secondary authentication, and if the evaluation grades are different, adjusting the evaluation grades to be high risk grades; or sending the verification code to the access equipment, receiving the verification code input by the access equipment, and confirming whether the verification code is the same as the sent verification code; if the two risk levels are the same, finishing the secondary authentication, and if the two risk levels are different, adjusting the evaluation level to a high risk level.
In addition, in order to improve accuracy of preliminary approval, performance of the risk assessment model needs to be further improved, and specific improving means include: when the risk assessment model is selected as the risk assessment model, continuously acquiring the assessment grade of the access application form of each applicant within a period of time, and if the continuous N times of assessment grades are low risk grades, reducing the user behavior score of the applicant so as to improve the probability of acquiring the login account and the login password of the applicant; if the continuous M times of evaluation grades are the risk grade or the high risk grade, the user behavior score of the applicant is increased so as to reduce the probability of obtaining the login account and the login password by the applicant; the N, M are all normal numbers; in this embodiment, n=4, m=2.
S4, acquiring real-time operation behavior information after the applicant logs in the account, and performing risk assessment on the real-time operation behavior information according to the operation authority of the applicant to acquire an assessment result.
Specifically, after the applicant logs in the hospital information system through the created account, any operation behavior completed in the system is equivalent to one access behavior, so that real-time risk assessment is required to be performed on each operation behavior after logging in the system, and approval of the corresponding operation behavior is completed according to a risk assessment result; the evaluation result includes: low risk operation behavior, medium risk operation behavior, and high risk operation behavior.
Acquiring real-time operation behavior information after an applicant logs in an account, wherein the real-time operation behavior information comprises an operation type, an operation position and specific operation content; for example: the current operation behavior is to modify XX medicine dosage information of XX users in the internal medicine database, the operation type is modification, the operation position is the internal medicine database, and the operation content is XX medicine dosage of XX users.
Acquiring operation rights of the current applicant in real time, wherein the operation rights comprise operation type rights and operation position rights; the operation authorities are associated according to the roles of the applicant, each hospital information system is provided with a specific access operation authority aiming at an access user, and when the roles of the applicant user are changed, the corresponding operation authorities are correspondingly changed; for example: the general user can only inquire about the relevant treatment information of himself, and the main doctor of the brain has the information for modifying his own treatment of the patient stored in the brain database.
The specific evaluation process comprises the following steps: judging whether the current operation type exceeds the authority, and if so, determining the operation type as high-risk operation behavior; if not, continuing to judge whether the current operation position exceeds the authority, and if so, determining the current operation position as a high-risk behavior; otherwise, continuing to judge whether the current operation content is sensitive data or not; if the data are not sensitive data, the low-risk operation behavior is determined, otherwise, the historical operation content corresponding to the current operation content is continuously acquired, the current operation content and the historical operation content are calculated, if the similarity is lower than an expected value, the medium-risk operation behavior is determined, and if the similarity is not lower than the expected value, the low-risk operation behavior is determined;
if the current operation content has no related historical operation content, inquiring the related operation content matched with the current operation content by using the keywords to calculate the similarity, for example: the current operation position specifies the content of the operation.
For example: the applicant only has the read operation authority at present, and when the applicant carries out modification, screenshot and other operations, the operations are directly judged to be high-risk behaviors; the applicant only has the right to access the medical database currently, and the applicant directly judges the high-risk behavior when entering the surgical database; in order to ensure the security of the access system, the operation content still needs to be evaluated when the applicant has the authority to modify the recorded content of a certain database. If the current operation content is the modified medicine dosage, the modified medicine dosage is sensitive data, the similarity between the current modified medicine dosage and the historical dosage or the specified medicine dosage is continuously judged, if the similarity difference is too large, the current modification is indicated to have error operation possibly, and the current modification is judged to be dangerous operation behavior. The determination of whether the operation content is sensitive data can be determined through a sensitive data table or a sensitive data classification model generated by historical operation content training.
In addition, before the sensitive data of the operation content is judged, the influence degree of the operation content is judged, and the specific judging process comprises the following steps:
inputting the operation content into a trained influence evaluation model to obtain influence degree grades corresponding to the operation content, wherein the influence degree grades are from one level to five levels; if the influence degree level is lower than the second level, the low-risk operation behavior is determined; otherwise, continuing to judge the sensitive data of the current operation content; the influence evaluation model is a neural network model, semantic feature extraction is carried out on historical operation contents, influence level labeling is carried out to generate a historical operation content training set, the influence evaluation model is trained, and a trained influence evaluation model is generated.
And S5, finishing approval of the real-time operation behaviors according to the evaluation result.
Specifically, when the evaluation result is a low-risk operation behavior, approving the current operation behavior; when the evaluation result is a risk operation behavior, sending prompt information of risk of the current operation content and prompt information for filling operation behavior explanation to the access equipment; acquiring an operation behavior interpretation instruction returned by the access equipment, and forwarding current operation behavior information and the operation behavior interpretation instruction to the manual auditing terminal; acquiring a rationality judgment result returned by the manual auditing terminal, if the judgment result is reasonable, approving the current operation behavior, otherwise, recovering the current login account and sending current operation behavior violation warning information to the access equipment; and if the evaluation result is the high-risk operation behavior, recovering the current login account and sending the current operation behavior violation warning information to the access equipment.
In addition, for some special reasons, emergency access needs to be performed to a hospital security information system, in order to ensure approval of emergency access and simultaneously protect security of an access system, the embodiment of the application discloses an automatic approval method for security access management, which further includes:
the access application form is provided with an emergency access option, and when the emergency access option in the access application form is checked, the characteristic data acquired aiming at the access application form comprises emergency access data;
when the acquired characteristic data of the access application form comprises emergency access data, determining whether the applicant belongs to personnel in a hospital and whether the access equipment belongs to equipment in the hospital;
if the applicant belongs to the hospital internal personnel and the access equipment belongs to the hospital internal equipment, continuously inquiring whether the physical position of the current access equipment is in a specific area of the hospital according to the assembly information data table inquiry or the IP address inquiry of the hospital internal equipment; the hospital specific area comprises an operating room area and an emergency room area;
if the operation behavior information is in a specific area of a hospital, directly judging that the operation behavior information is low-risk operation behavior according to the acquired operation behavior information after the applicant logs in the account, directly judging that the operation behavior information is low-risk operation behavior, approving the current operation behavior, packaging the characteristic data of an access list, the created login account, the login password and the operation behavior information to generate an emergency access file, and transmitting the emergency access file to a manual auditing terminal; obtaining an authenticity judgment result returned by the manual auditing terminal, if the judgment result is true, maintaining the current evaluation level and the evaluation result, and if the judgment result is false, modifying the evaluation level into a high risk level;
Otherwise, the emergency access data are removed, the characteristic data with the emergency access data removed are input into a first evaluation model to evaluate the risk level, and the initial approval and the operation behavior approval are completed according to the steps of the uploading method.
In addition, in order to further ensure the authenticity of the judgment of the physical position of the current access equipment, the user is prevented from modifying the IP address of the access equipment by adopting a technical means, and the potential safety hazard of an access system is avoided. According to the assembly information data table inquiry or the IP address inquiry of the internal equipment of the hospital, after whether the physical position of the current access equipment is in a specific area of the hospital or not and before the created login account and login password are sent, the secondary physical position confirmation is completed, and the method specifically comprises the following steps:
inquiring whether the physical location of the current access device is in a specific area of a hospital or not according to the assembly information data table inquiry or the IP address of the internal equipment of the hospital, if so, primarily judging that the physical location of the current access device is in the specific area of the hospital, and continuously sending a specific location identifier acquisition request to the access device, wherein the specific location identifier is a specific identifier arranged in the specific area of the hospital; and receiving the shot image data returned by the access equipment, identifying the specific position identification in the image data, and finally confirming that the physical position of the current access equipment is in the specific area of the hospital if the specific position identification is identified.
In order to increase transparency and security in an approval process and facilitate subsequent inquiry of approval information, access application information and operation behaviors, the embodiment of the application discloses an automatic approval method for security access management, which further comprises the following steps:
setting corresponding catalogues for different evaluation grades and different evaluation results;
determining an evaluation level of each access application form;
if the access application form evaluation level is a high risk level, carrying out log record on the characteristic data of the access application form and the corresponding refused access information to generate a log record file, and storing the log record file in a high risk level directory;
if the access application form evaluation level is a medium risk level or a low risk level, continuously determining whether to acquire operation behavior information of the applicant corresponding to the access application form and an evaluation result of the operation behavior information; if the operation behavior information of the applicant corresponding to the access application form is not acquired, carrying out log record on the characteristic data of the access application form, the created login account and the login password to generate a log record file, and correspondingly storing the log record file in a risk grade catalog or a low risk grade catalog;
if the operation behavior information of the applicant and the evaluation result of the operation behavior information in the access application form are obtained, the evaluation result is a low-risk operation behavior; corresponding log records are carried out on the characteristic data of the access application form, the created login account, the login password and the operation behavior information, log record files are generated and stored under the low-risk operation behavior directory;
If the operation behavior information of the applicant and the evaluation result of the operation behavior information in the access application form are obtained, the evaluation result is a risk operation behavior; corresponding log record is carried out on the characteristic data of the access application form, the created login account, the login password, the operation behavior information and the operation behavior explanation, a log record file is generated, and the log record file is stored under the risk operation behavior directory;
if the operation behavior information of the applicant and the evaluation result of the operation behavior information in the access application form are obtained, the evaluation result is a high-risk operation behavior; and correspondingly carrying out log record on the characteristic data of the access application form, the created login account, the login password, the operation behavior information and the current operation behavior violation warning information, generating a log record file, and storing the log record file in a high-risk operation behavior directory.
In order to perfect the approval method, the embodiment of the application discloses an automatic approval method for security access management, which further comprises the following steps:
when the created login account is monitored to be actively released, or when access information or current operation behavior violation warning information is refused to the access equipment, an approval decision feedback table is sent to the access equipment;
Acquiring an approval decision feedback table returned by the access equipment;
periodically calculating approval satisfaction according to the acquired approval decision feedback table, and optimizing a risk assessment model or an operation behavior approval process if the approval satisfaction is lower than a preset satisfaction value; otherwise, the optimization operation is not performed.
As shown in fig. 2, the embodiment of the present application further discloses a secure access management automatic approval system, including:
a feature data extraction module 101, configured to obtain feature data in an access application form; the feature data includes: applicant identity information, request access resource type, access time, access location, access device type, operation type, user behavior score;
the login risk assessment module 102 is configured to input the feature data into a risk assessment model for risk assessment, and obtain an assessment level; the risk assessment model is a trained neural network model or a trained SVM model or a risk scoring model; the evaluation level includes: low risk level, medium risk level, and high risk level;
the first batch checking module 103 is configured to obtain the evaluation level output by the login risk evaluation module, and if the evaluation level is a low risk level or a medium risk level, create a login account and a login password and send the login account and the login password to the access device; otherwise, sending the refused access information to the access equipment;
The operation behavior and authority acquisition module 104 is configured to acquire operation behavior information and operation authority of the applicant after the applicant logs in the account in real time;
the operation risk assessment module 105 is configured to perform risk assessment on an operation type, an operation position and an operation content in the operation behavior information according to the operation authority, so as to obtain an assessment result; the evaluation result includes: low risk operation behavior, medium risk operation behavior, and high risk operation behavior;
the second batch examination module 106 is configured to obtain an evaluation result output by the operation risk evaluation module, and approve the current operation behavior if the evaluation result is a low-risk operation behavior; if the evaluation result is the risk action, sending prompt information of risk of the current operation content and prompt information for filling in operation action explanation to the access equipment; acquiring an operation behavior interpretation instruction returned by the access equipment, and forwarding current operation behavior information and the operation behavior interpretation instruction to the manual auditing terminal; acquiring a rationality judgment result returned by the manual auditing terminal, if the judgment result is reasonable, approving the current operation behavior, otherwise, recovering the current login account and sending current operation behavior violation warning information to the access equipment; and if the evaluation result is the high-risk operation behavior, recovering the current login account and sending the current operation behavior violation warning information to the access equipment.
The approval associated information storage module 107 is used for setting corresponding catalogues for different evaluation grades and different evaluation results; the method comprises the steps that a distributed accounting technology is adopted to store approval associated information corresponding to each access application form under a corresponding directory according to an evaluation grade or an evaluation result; the approval related information comprises characteristic data of an access application form, a created login account number and login password, operation behavior information, operation behavior explanation and current operation behavior violation warning information.
The approval decision feedback module 108 is configured to send an approval decision feedback table to the access device when it is monitored that the created login account is actively released, or when it is sent to the access device to reject access information or current operation behavior violation warning information; and periodically acquiring an approval decision feedback table returned by the access equipment, calculating approval satisfaction, and optimizing the risk assessment model if the approval satisfaction is lower than a preset satisfaction value.
In summary, according to the automatic approval system for the security access management disclosed by the embodiment of the application, the automatic approval of the whole process of the security access hospital information system is completed through the first approval module and the second approval module. As shown in fig. 3, acquiring feature data of an access application form, performing risk level assessment on the feature data, and completing preliminary approval according to the assessment level; and acquiring the operation behavior information, performing risk assessment, and completing approval of the operation behavior according to the assessment result. As shown in fig. 4, when the evaluation result is the risk operation behavior, the current operation behavior information and the operation behavior explanation are forwarded to the manual auditing terminal for manual auditing, and the approval of the operation behavior is completed according to the feedback result of the manual auditing terminal.
The embodiment of the application also discloses a computer readable storage medium.
Specifically, the computer-readable storage medium stores a computer program that can be loaded by a processor and that executes the secure access management automatic approval method as described above, the computer-readable storage medium including, for example: a usb disk, a removable hard disk, a read-only memory (ROM), a random-access memory (RAM), a magnetic disk, or an optical disk, etc.
The embodiment of the application also discloses a computer device.
In particular, the computer device comprises a memory and a processor, the memory having stored thereon a computer program capable of being loaded by the processor and executing the above-described secure access management automatic approval method.

Claims (8)

1. An automatic approval method for security access management, wherein an access object is a hospital information system, and the method is characterized by comprising the following steps:
acquiring characteristic data in an access application form; the feature data includes: applicant identity information, request access resource type, access time, access location, access device type, operation type, user behavior score;
inputting the characteristic data into a risk assessment model for risk assessment to obtain an assessment grade; the risk assessment model is a trained neural network model or a trained SVM model or a risk scoring model; the evaluation level includes: low risk level, medium risk level, and high risk level;
If the evaluation level is a low risk level or a medium risk level, a login account and a login password are created and sent to the access equipment; otherwise, sending the refused access information to the access equipment;
acquiring operation behavior information and operation authority of an applicant after logging in an account of the applicant in real time; performing risk assessment on the operation type, the operation position and the operation content in the operation behavior information according to the operation authority of the applicant to obtain an assessment result; the evaluation result includes: low risk operational behavior, medium risk operational behavior, and high risk operational behavior;
if the evaluation result is low-risk operation behavior, approving the current operation behavior; if the evaluation result is the risk operation behavior, sending prompt information of risk of the current operation content and prompt information for filling operation behavior explanation to the access equipment; acquiring an operation behavior interpretation returned by the access equipment, and forwarding the operation behavior information and the operation behavior interpretation to the manual auditing terminal; acquiring a rationality judgment result returned by the manual auditing terminal, if the judgment result is reasonable, approving the current operation behavior, otherwise, recovering the current login account and sending current operation behavior violation warning information to the access equipment; if the evaluation result is high-risk operation behavior, recovering the current login account and sending current operation behavior violation warning information to the access equipment;
Performing risk assessment on the operation type, the operation position and the operation content in the operation behavior information according to the operation authority of the applicant, wherein the obtaining of the assessment result specifically comprises the following steps:
acquiring the operation type authority of the applicant in real time, and judging whether the current operation type exceeds the authority; if the authority is exceeded, the operation behavior is determined to be high-risk operation behavior;
otherwise, acquiring the authority of the operation position of the applicant in real time, continuously judging whether the current operation position exceeds the authority, and if so, determining the operation position to be a high-risk behavior;
otherwise, continuing to judge whether the current operation content is sensitive data or not; if the data is not sensitive, the data is identified as low-risk operation behavior; otherwise, continuing to acquire the historical operation content or the related operation content corresponding to the current operation content, and calculating the similarity between the current operation content and the historical operation content or the related operation content; if the similarity is lower than the expected value, the risk operation behavior is determined; otherwise, recognizing as low risk operation behavior;
before sensitive data judgment is carried out on the operation content, influence degree judgment is carried out on the operation content, and the specific judgment process comprises the following steps: inputting the operation content into a trained influence evaluation model to obtain influence degree grades corresponding to the operation content, wherein the influence degree grades are from one level to five levels; if the influence degree level is lower than the second level, the low-risk operation behavior is determined; otherwise, continuing to judge the sensitive data of the current operation content; the influence evaluation model is a neural network model, semantic feature extraction is carried out on historical operation contents, influence level labeling is carried out to generate a historical operation content training set, the influence evaluation model is trained, and a trained influence evaluation model is generated;
Further comprises: an emergency access option is arranged in the access application form, and when the acquired characteristic data of the access application form comprise emergency access data, whether the applicant belongs to personnel in a hospital or not and whether the access equipment belongs to equipment in the hospital or not are determined according to the acquired characteristic data; if the access equipment belongs to the specific area of the hospital, continuously determining whether the physical position of the current access equipment is located in the specific area of the hospital; the hospital specific area comprises an operating room area and an emergency room area; if the operation behavior information is in a specific area of a hospital, directly judging that the operation behavior information is low-risk operation behavior according to the acquired operation behavior information after the applicant logs in the account, directly judging that the operation behavior information is low-risk operation behavior, approving the current operation behavior, packaging the characteristic data of an access list, the created login account, the login password and the operation behavior information to generate an emergency access file, and transmitting the emergency access file to a manual auditing terminal; acquiring an authenticity judgment result returned by the manual auditing terminal, and if the judgment result is true, maintaining the current evaluation grade and the evaluation result; if the judgment result is false, modifying the evaluation level into a high risk level; otherwise, eliminating the emergency access data;
After determining whether the physical location of the access equipment is in a specific area of a hospital or not and before sending the created login account and login password, finishing secondary physical location confirmation; the secondary physical location confirmation specifically includes: if the physical location of the current access device is found in the specific area of the hospital, the physical location of the current access device is initially determined to be in the specific area of the hospital, and a specific location identifier acquisition request is continuously sent to the access device, wherein the specific location identifier is a specific identifier arranged in the specific area of the hospital; and receiving the shot image data returned by the access equipment, identifying the specific position identification in the image data, and finally confirming that the physical position of the current access equipment is in the specific area of the hospital if the specific position identification is identified.
2. The method for automatic approval of security access management according to claim 1, wherein the risk assessment model is a trained neural network model or a trained SVM model or a risk scoring model, specifically comprising:
when the risk assessment model selects a neural network model or an SVM model, acquiring a historical access application form, extracting feature data, marking the extracted feature data with an assessment grade to generate training data, and carrying out model training on the selected neural network model or SVM model by using the training data to obtain a risk assessment model;
When the risk assessment model is a risk scoring model, the risk scoring model specifically includes:S= wU+wR+wT+wL+wA+wD+wB wherein S is a risk score; u represents user role weight; r represents request access resource type weight; t represents an access time weight; l represents an access location weight; a represents operation type weight; d represents an access device type weight; b represents a user behavior score; />All are normal numbers and are added with->,/>Is 0 or a normal number; w1 is the adjustment parameter of U, w2 is the adjustment parameter of R, w3 is the adjustment parameter of T, w4 is the adjustment parameter of L, w5 is the adjustment parameter of A, w6 is the adjustment parameter of D, and w7 is the adjustment parameter of B.
3. The method for automatic approval of security access management of claim 2, further comprising: when the risk assessment model is selected as the risk assessment model, acquiring the assessment grade of the access application form of the applicant within a period of time, and correspondingly reducing the user behavior score to improve the probability of acquiring the login account and the login password by the applicant if the continuous N times of assessment grades are low risk grades; if the continuous M times of evaluation grades are the risk grade or the high risk grade, correspondingly improving the user behavior grade so as to reduce the probability of obtaining the login account and the login password by the applicant; the N, M numbers are normal numbers.
4. The method for secure access management automatic approval of claim 1, further comprising: different evaluation grades and different evaluation results are provided with corresponding catalogues;
the method comprises the steps that a distributed accounting technology is adopted to store approval associated information corresponding to each access application form under a corresponding directory according to an evaluation grade or an evaluation result; the approval related information comprises characteristic data of an access application form, a created login account number and login password, operation behavior information, operation behavior explanation and current operation behavior violation warning information.
5. The method for automated approval of secure access management of claim 1, further comprising;
when the created login account is monitored to be actively released, or when access information or current operation behavior violation warning information is refused to the access equipment, an approval decision feedback table is sent to the access equipment;
and calculating the approval satisfaction degree according to an approval decision feedback table returned by the access equipment at regular intervals, and optimizing the risk assessment model if the approval satisfaction degree is lower than a preset satisfaction degree value.
6. A secure access management automatic approval system, comprising:
the characteristic data extraction module is used for acquiring characteristic data in the access application form; the feature data includes: applicant identity information, request access resource type, access time, access location, access device type, operation type, user behavior score;
The login risk assessment module is used for inputting the characteristic data into the risk assessment model to carry out risk assessment and obtain an assessment grade; the risk assessment model is a trained neural network model or a trained SVM model or a risk scoring model; the evaluation level includes: low risk level, medium risk level, and high risk level;
the first batch checking module is used for acquiring the evaluation grade output by the login risk evaluation module, and if the evaluation grade is a low risk grade or a medium risk grade, a login account and a login password are created and sent to the access equipment; otherwise, sending the refused access information to the access equipment;
the operation behavior and authority acquisition module is used for acquiring operation behavior information and operation authority of the applicant after the applicant logs in the account in real time;
the operation risk assessment module is used for performing risk assessment on the operation type, the operation position and the operation content in the operation behavior information according to the operation authority of the applicant to obtain an assessment result; the evaluation result includes: low risk operational behavior, medium risk operational behavior, and high risk operational behavior;
performing risk assessment on the operation type, the operation position and the operation content in the operation behavior information according to the operation authority of the applicant, wherein the obtaining of the assessment result specifically comprises the following steps: acquiring the operation type authority of the applicant in real time, and judging whether the current operation type exceeds the authority; if the authority is exceeded, the operation behavior is determined to be high-risk operation behavior; otherwise, acquiring the authority of the operation position of the applicant in real time, continuously judging whether the current operation position exceeds the authority, and if so, determining the operation position to be a high-risk behavior; otherwise, continuing to judge whether the current operation content is sensitive data or not; if the data is not sensitive, the data is identified as low-risk operation behavior; otherwise, continuing to acquire the historical operation content or the related operation content corresponding to the current operation content, and calculating the similarity between the current operation content and the historical operation content or the related operation content; if the similarity is lower than the expected value, the risk operation behavior is determined; otherwise, recognizing as low risk operation behavior; before sensitive data judgment is carried out on the operation content, influence degree judgment is carried out on the operation content, and the specific judgment process comprises the following steps: inputting the operation content into a trained influence evaluation model to obtain influence degree grades corresponding to the operation content, wherein the influence degree grades are from one level to five levels; if the influence degree level is lower than the second level, the low-risk operation behavior is determined; otherwise, continuing to judge the sensitive data of the current operation content; the influence evaluation model is a neural network model, semantic feature extraction is carried out on historical operation contents, influence level labeling is carried out to generate a historical operation content training set, the influence evaluation model is trained, and a trained influence evaluation model is generated;
The access application form is also used for setting an emergency access option, and when the acquired characteristic data of the access application form comprises the emergency access data, determining whether the applicant belongs to personnel in a hospital and whether the access equipment belongs to equipment in the hospital according to the acquired characteristic data; if the access equipment belongs to the specific area of the hospital, continuously determining whether the physical position of the current access equipment is located in the specific area of the hospital; the hospital specific area comprises an operating room area and an emergency room area; if the operation behavior information is in a specific area of a hospital, directly judging that the operation behavior information is low-risk operation behavior according to the acquired operation behavior information after the applicant logs in the account, directly judging that the operation behavior information is low-risk operation behavior, approving the current operation behavior, packaging the characteristic data of an access list, the created login account, the login password and the operation behavior information to generate an emergency access file, and transmitting the emergency access file to a manual auditing terminal; acquiring an authenticity judgment result returned by the manual auditing terminal, and if the judgment result is true, maintaining the current evaluation grade and the evaluation result; if the judgment result is false, modifying the evaluation level into a high risk level; otherwise, eliminating the emergency access data;
The method is also used for determining whether the physical location of the access equipment is in a specific area of a hospital or not and completing secondary physical location confirmation before the created login account and login password are sent; the secondary physical location confirmation specifically includes: if the physical location of the current access device is found in the specific area of the hospital, the physical location of the current access device is initially determined to be in the specific area of the hospital, and a specific location identifier acquisition request is continuously sent to the access device, wherein the specific location identifier is a specific identifier arranged in the specific area of the hospital; receiving shot image data returned by the access equipment, and identifying a specific position identifier in the image data, and if the specific position identifier is identified, finally confirming that the physical position of the current access equipment is located in a specific area of a hospital;
the second batch examination module is used for acquiring an evaluation result output by the operation risk evaluation module, and approving the current operation behavior if the evaluation result is a low-risk operation behavior; if the evaluation result is the risk operation behavior, sending prompt information of risk of the current operation content and prompt information for filling operation behavior explanation to the access equipment; acquiring an operation behavior interpretation instruction returned by the access equipment, and forwarding current operation behavior information and the operation behavior interpretation instruction to the manual auditing terminal; acquiring a rationality judgment result returned by the manual auditing terminal, if the judgment result is reasonable, approving the current operation behavior, otherwise, recovering the current login account and sending current operation behavior violation warning information to the access equipment; and if the evaluation result is the high-risk operation behavior, recovering the current login account and sending the current operation behavior violation warning information to the access equipment.
7. A computer readable storage medium, characterized in that the computer readable storage medium comprises a stored computer program, wherein the computer program, when run, controls a device in which the computer readable storage medium is located to perform the method according to any one of claims 1 to 5.
8. A computer device comprising a memory, a processor and a program stored and executable on said memory, said program when executed by the processor implementing the steps of the method according to any one of claims 1 to 5.
CN202311314085.6A 2023-10-11 2023-10-11 Automatic approval method and system for security access management Active CN117056882B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311314085.6A CN117056882B (en) 2023-10-11 2023-10-11 Automatic approval method and system for security access management

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311314085.6A CN117056882B (en) 2023-10-11 2023-10-11 Automatic approval method and system for security access management

Publications (2)

Publication Number Publication Date
CN117056882A CN117056882A (en) 2023-11-14
CN117056882B true CN117056882B (en) 2023-12-19

Family

ID=88659473

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311314085.6A Active CN117056882B (en) 2023-10-11 2023-10-11 Automatic approval method and system for security access management

Country Status (1)

Country Link
CN (1) CN117056882B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117692258A (en) * 2024-02-02 2024-03-12 新亿成科技(江苏)有限公司 Security access control method, system and readable storage medium

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112685711A (en) * 2021-02-02 2021-04-20 杭州宁达科技有限公司 Novel information security access control system and method based on user risk assessment
CN116633615A (en) * 2023-05-23 2023-08-22 之江实验室 Access control method based on blockchain and risk assessment

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112685711A (en) * 2021-02-02 2021-04-20 杭州宁达科技有限公司 Novel information security access control system and method based on user risk assessment
CN116633615A (en) * 2023-05-23 2023-08-22 之江实验室 Access control method based on blockchain and risk assessment

Also Published As

Publication number Publication date
CN117056882A (en) 2023-11-14

Similar Documents

Publication Publication Date Title
CN117056882B (en) Automatic approval method and system for security access management
CN104486346B (en) A kind of springboard machine system
CN110852894A (en) Insurance underwriting method and device, computer storage medium and electronic equipment
CN107358122A (en) The access management method and system of a kind of data storage
CN116151626B (en) Risk management and control capability evaluating method, system, electronic equipment and storage medium
CN116050840B (en) Information security risk discovery method and discovery system
CN115146598B (en) File collaborative editing method and device, network disk and storage medium
CN115239315A (en) Data flow compliance auditing system and compliance auditing method
Ozkaya Ethics is a software design concern
US20130325731A1 (en) Systems and methods for providing organizational compliance monitoring
CN116861446A (en) Data security assessment method and system
CN110334535A (en) A kind of financial management control system
KR102516819B1 (en) Method for allowing threat events to be analyzed and handled based on big data and server using the same
Sukri et al. Risk Management Analysison Administration System Using Octave Allegro Framework
KR102574220B1 (en) Customer consultation system, method and program using chatbot
CN112685389B (en) Data management method, data management device, electronic device, and storage medium
CN114757556A (en) Automobile industry information security system credibility assessment method and assessment system
CN114866351A (en) Regional medical prescription supervision method and platform based on block chain
CN106326769A (en) Field monitoring information processing device
KR100435193B1 (en) System For Risk Based Audit on On-Line
CN113657849B (en) Iso-insurance assessment information processing method, device and system
CN116090986A (en) Contractor safety management method and platform
McCartney et al. Written evidence submitted by the Science and Justice Research Interest Group, University of Northumbria to the Science and Technology Committee (Commons) inquiry on the work of the Biometrics Commissioner and Forensic Science Regulator (WBC0004)
Liu et al. Intelligent early warning of on-site safety of infrastructure projects based on dynamic risk factor identification
CN117745452A (en) Health risk assessment-based underwriting system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CP03 Change of name, title or address
CP03 Change of name, title or address

Address after: 214000 1000 Hefeng Road, Binhu District, Wuxi City, Jiangsu Province

Patentee after: AFFILIATED HOSPITAL OF JIANGNAN University

Address before: No. 1-2202-8, Financial 8th Street, Wuxi Economic Development Zone, Jiangsu Province, 214000

Patentee before: AFFILIATED HOSPITAL OF JIANGNAN University