CN117290890B - Security risk management and control method and device, electronic equipment and storage medium - Google Patents
Security risk management and control method and device, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN117290890B CN117290890B CN202311588160.8A CN202311588160A CN117290890B CN 117290890 B CN117290890 B CN 117290890B CN 202311588160 A CN202311588160 A CN 202311588160A CN 117290890 B CN117290890 B CN 117290890B
- Authority
- CN
- China
- Prior art keywords
- security risk
- data
- submitted
- management
- control
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 53
- 238000011217 control strategy Methods 0.000 claims abstract description 202
- 238000001514 detection method Methods 0.000 claims abstract description 169
- 238000012545 processing Methods 0.000 claims abstract description 119
- 238000007726 management method Methods 0.000 claims description 576
- 238000000586 desensitisation Methods 0.000 claims description 24
- 238000012549 training Methods 0.000 claims description 16
- 238000012795 verification Methods 0.000 claims description 14
- 238000012360 testing method Methods 0.000 description 8
- 230000008569 process Effects 0.000 description 6
- 238000004891 communication Methods 0.000 description 4
- 238000013473 artificial intelligence Methods 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 238000010295 mobile communication Methods 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 238000003491 array Methods 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 238000010801 machine learning Methods 0.000 description 2
- 238000013507 mapping Methods 0.000 description 2
- 230000009471 action Effects 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 238000013528 artificial neural network Methods 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 230000000903 blocking effect Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 239000012634 fragment Substances 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000003672 processing method Methods 0.000 description 1
- 238000012502 risk assessment Methods 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 238000000638 solvent extraction Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F18/00—Pattern recognition
- G06F18/20—Analysing
- G06F18/21—Design or setup of recognition systems or techniques; Extraction of features in feature space; Blind source separation
- G06F18/214—Generating training patterns; Bootstrap methods, e.g. bagging or boosting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F18/00—Pattern recognition
- G06F18/20—Analysing
- G06F18/24—Classification techniques
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Data Mining & Analysis (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Databases & Information Systems (AREA)
- Life Sciences & Earth Sciences (AREA)
- Artificial Intelligence (AREA)
- Bioinformatics & Cheminformatics (AREA)
- Bioinformatics & Computational Biology (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Evolutionary Biology (AREA)
- Evolutionary Computation (AREA)
- Medical Informatics (AREA)
- Storage Device Security (AREA)
Abstract
The application discloses a security risk management and control method, a security risk management and control device, electronic equipment and a storage medium, and relates to the technical field of computers. The method comprises the following steps: obtaining data to be submitted, wherein the data to be submitted is data to be submitted to a large model to obtain large model service; according to a security risk management and control strategy, performing security risk detection processing on the data to be submitted to obtain a security risk detection result; if the security risk detection result indicates that the security risk is not found, submitting the data to be submitted to the large model; and if the security risk detection result indicates that the security risk exists, performing security risk management and control processing on the data to be submitted. The method can conduct risk management and control before data are submitted to the large model to obtain large model service, and information safety is ensured.
Description
Technical Field
The application relates to the technical field of computers, in particular to a security risk management and control method. The application also relates to a security risk management and control device, electronic equipment and a storage medium.
Background
Large models are often referred to as artificial intelligence models with huge scale parameters and computational power, which are capable of handling large scale data sets and complex tasks and are therefore widely used. Currently, in the process of developing program codes, a large model is also used to obtain corresponding services, for example, the large model is used to detect the program codes.
In the scenario that the program code is submitted to the large model to obtain the large model service, because the large model may be provided by a second party or a third party or other institutions, risks such as information leakage exist, and therefore, security risk management and control need to be performed before the program code is submitted to the large model to ensure information security.
Disclosure of Invention
The application provides a security risk management and control method for solving the problem that information leakage and other risks exist when a program code is submitted to a large model. The application further provides a security risk management and control device, electronic equipment and a storage medium.
The application provides a security risk management and control method, which comprises the following steps: obtaining data to be submitted, wherein the data to be submitted is data to be submitted to a large model to obtain large model service; according to a security risk management and control strategy, performing security risk detection processing on the data to be submitted to obtain a security risk detection result; if the security risk detection result indicates that the security risk is not found, submitting the data to be submitted to the large model; and if the security risk detection result indicates that the security risk exists, performing security risk management and control processing on the data to be submitted.
Optionally, the performing security risk detection processing on the data to be submitted according to a security risk management and control policy to obtain a security risk detection result includes: judging whether the data to be submitted is a management and control class file or not according to a management and control class file risk management and control strategy; and if the data to be submitted is the management and control class file, determining that the safety risk exists.
Optionally, the management and control class file includes an environment variable configuration file.
Optionally, the file name suffix of the management and control class file is a specified file name suffix.
Optionally, if the security risk detection result indicates that a security risk exists, performing security risk management processing on the data to be submitted, including: and if the security risk detection result indicates that the security risk exists, prohibiting the data to be submitted from being submitted to a large model.
Optionally, the method further comprises: and outputting prompt information for prompting that the data to be submitted is a management and control type file.
Optionally, the performing security risk detection processing on the data to be submitted according to a security risk management and control policy to obtain a security risk detection result includes: judging whether the data to be submitted comprises preset information or not according to an information risk management and control strategy; and if the data to be submitted comprises preset information, determining that a safety risk exists.
Optionally, the preset information includes key information and/or user information.
Optionally, the key information includes at least one of the following information: database connection identification, database account information, database password information, user identification information, user authentication key information, encryption key information and decryption key information.
Optionally, the user information includes at least one of the following information: user mobile communication number information, user identity information.
Optionally, if the security risk detection result indicates that a security risk exists, performing security risk management processing on the data to be submitted, including: if the security risk detection result indicates that the security risk exists, carrying out desensitization processing on preset information included in the data to be submitted, and submitting the desensitized data to the large model.
Optionally, the performing security risk detection processing on the data to be submitted according to a security risk management and control policy to obtain a security risk detection result includes: judging whether the data to be submitted is data applied to the management and control type terminal application and/or the management and control type service unit according to a management and control type terminal application and/or management and control type service unit risk management and control strategy; and if the data to be submitted is the data applied to the management and control type terminal application and/or the management and control type service unit, determining that the safety risk exists.
Optionally, if the security risk detection result indicates that a security risk exists, performing security risk management processing on the data to be submitted, including: and if the security risk detection result indicates that the security risk exists, prohibiting the data to be submitted from being submitted to a large model.
Optionally, the method further comprises: and outputting prompt information for prompting that the terminal application and/or the service unit to which the data to be submitted is applied is a management and control type terminal application and/or a management and control type service unit.
Optionally, the performing security risk detection processing on the data to be submitted according to a security risk management and control policy to obtain a security risk detection result includes: and if the data to be submitted does not hit any security risk management strategy, determining that the security risk is not found.
Optionally, the obtaining the data to be submitted includes: obtaining data to be submitted sent by a presenter terminal; the method further comprises the steps of: and obtaining the security risk management and control strategy sent by the strategy configuration terminal.
Optionally, the method further comprises: acquiring presenter identity information sent by the presenter terminal; verifying the presenter identity information sent by the presenter terminal to obtain a verification result used for indicating whether the data to be presented corresponding to the presenter identity information can be presented to a large model; the step of carrying out security risk detection processing on the data to be submitted according to a security risk management and control strategy to obtain a security risk detection result comprises the following steps: if the verification result shows that the data to be submitted corresponding to the identity information of the submitter can be submitted to a large model, carrying out security risk detection processing on the data to be submitted according to a security risk management and control strategy to obtain a security risk detection result; and if the verification result indicates that the data to be submitted corresponding to the identity information of the presenter cannot be submitted to the large model, returning prompt information for prompting that the data to be submitted corresponding to the identity information of the presenter cannot be submitted to the large model to the presenter terminal.
Optionally, the obtaining the data to be submitted includes: obtaining data to be submitted input by a submitter; the method further comprises the steps of: the security risk management and control strategy sent by a data server is obtained, the data server is a server for providing service for inputting data to be submitted for a submitter, and the security risk management and control strategy is obtained through a strategy configuration end; the submitting the data to be submitted to the large model includes: and submitting the data to be submitted to the large model through the data server.
Optionally, the data to be submitted is program code developed by a program code developer, and the obtaining the large model service includes obtaining a program code detection service provided by the large model.
Optionally, the method further comprises: inputting the program codes into a risk management strategy generation model corresponding to the large model to obtain a safety risk management strategy aiming at the program codes, wherein the risk management strategy generation model is used for generating the safety risk management strategy according to the program codes; the step of carrying out security risk detection processing on the data to be submitted according to a security risk management and control strategy to obtain a security risk detection result comprises the following steps: and carrying out security risk detection processing on the program codes according to a security risk management and control strategy aiming at the program codes to obtain security risk detection results.
Optionally, the risk management policy generation model is obtained by training in the following manner: obtaining a program code sample; submitting the program code sample to the large model; obtaining a program code detection result of the large model aiming at the program code sample; analyzing the program code detection result to obtain data of interest of the large model for the program code sample; generating a security risk management and control strategy for the program code sample according to the concerned data, and taking the security risk management and control strategy as a reference security risk management and control strategy; inputting the program code sample into an initial risk management and control strategy generation model to obtain a predicted safety risk management and control strategy for the program code sample; obtaining predicted loss data between the predicted security risk management and control strategy and the reference security risk management and control strategy; and if the predicted loss data meets a preset first predicted loss acceptable condition, determining the initial risk management and control strategy generation model as the risk management and control strategy generation model, otherwise, adjusting model parameters in the initial risk management and control strategy generation model until the predicted loss data between the predicted safety risk management and control strategy output by the adjusted risk management and control strategy generation model and the reference safety risk management and control strategy meets the preset first predicted loss acceptable condition, and determining the adjusted risk management and control strategy generation model corresponding to the first predicted loss acceptable condition as the risk management and control strategy generation model.
Optionally, the data of interest includes a code segment of the large model indicating that a problem exists for the program code sample as a problem code segment; the generating a security risk management policy for the program code sample according to the attention data comprises: extracting code parameters capable of setting true values from the problem code segments to serve as management and control code parameters; generating an information risk management and control strategy with the management and control code parameters; the information risk management and control strategy with the management and control code parameters is used for representing: if any one program code has the control code parameter, the true value of the control code parameter in any one program code is subjected to desensitization processing, and the any program code after the desensitization processing is submitted to the large model.
Optionally, the risk management policy generation model includes a program code classification sub-model for determining a terminal application and/or a service unit to which the program code belongs and a risk management policy generation sub-model for generating a security risk management policy; the step of inputting the program code into a risk management policy generation model corresponding to the large model to obtain a security risk management policy for the program code, including: inputting the program codes into the program code classification sub-model to determine terminal application and/or service units to which the program codes belong; acquiring characteristic information of a terminal application and/or characteristic information of a service unit to which the program code belongs; and inputting the characteristic information of the terminal application to which the program code belongs and/or the characteristic information of the service unit into the risk management and control strategy generation sub-model to obtain the security risk management and control strategy for the program code.
Optionally, the program code classification sub-model is trained to be obtained as follows: obtaining a program code sample; determining a terminal application and/or service unit to which the program code sample belongs as a reference terminal application and/or service unit; inputting a program code sample into an initial program code classification sub-model, and determining a prediction terminal application and/or service unit to which the program code sample belongs; and if the predicted loss data between the predicted terminal application and/or service unit and the reference terminal application and/or service unit meets a preset second predicted loss acceptable condition, determining the initial program code classification sub-model as the program code classification sub-model, otherwise, adjusting model parameters in the initial program code classification sub-model until the predicted loss data between the predicted reference terminal application and/or service unit and the reference terminal application and/or service unit determined by the adjusted program code classification sub-model meets the second predicted loss acceptable condition, and determining an adjusted program code classification sub-model corresponding to the second predicted loss acceptable condition as the program code classification sub-model.
Optionally, the risk management policy generation sub-model is obtained by training in the following manner: obtaining a characteristic information sample of a terminal application sample and/or a characteristic information sample of a service unit sample; obtaining feedback results of the large model on submitted data of the terminal application sample and/or submitted data of the service unit sample; extracting the data of interest of the large model aiming at the terminal application sample and/or the service unit sample from the feedback result; according to the attention data, generating a security risk management and control strategy aiming at the terminal application sample and/or the service unit sample as a reference security risk management and control strategy; inputting the characteristic information sample of the terminal application sample and/or the characteristic information sample of the service unit sample into an initial risk management and control strategy generation sub-model to obtain a predicted safety risk management and control strategy for the terminal application sample and/or the service unit sample; obtaining predicted loss data between the predicted security risk management and control strategy and the reference security risk management and control strategy; and if the predicted loss data meets a preset third predicted loss acceptable condition, determining the initial risk management and control strategy generation sub-model as the risk management and control strategy generation sub-model, otherwise, adjusting model parameters in the initial risk management and control strategy generation sub-model until the predicted loss data between the predicted safety risk management and control strategy output by the adjusted risk management and control strategy generation sub-model and the standard safety risk management and control strategy meets the preset third predicted loss acceptable condition, and determining the adjusted risk management and control strategy generation sub-model corresponding to the third predicted loss acceptable condition as the risk management and control strategy generation sub-model.
Optionally, the extracting the data of interest of the large model for the terminal application sample and/or the service unit sample from the feedback result includes: extracting information parameters capable of setting real data from the feedback result as control information parameters, and determining the control information parameters as concerned data of the large model aiming at the terminal application sample and/or the service unit sample; the generating a security risk management policy for the terminal application sample and/or the service unit sample according to the attention data includes: generating a security risk management and control strategy with the management and control information parameters, wherein the security risk management and control strategy with the management and control information parameters is used for representing: and if any one program code to be submitted to the large model belongs to the terminal application sample and/or the service unit sample and has the code parameter corresponding to the management information parameter, performing desensitization processing on the true value of the code parameter corresponding to the management information parameter, which is possessed by the any one program code, and submitting the any program code after the desensitization processing to the large model.
Optionally, if the feedback result includes a text feedback result, the control information parameter includes a text type control information parameter, and the code parameter corresponding to the control information parameter of any one program code refers to a code parameter in any one program code, where the text information parameter can be determined according to a corresponding relationship between the code parameter and the text information parameter, and the determined text information parameter is the text type control information parameter; if the feedback result comprises an audio feedback result and/or a video feedback result, converting the audio feedback result and/or the video feedback result into a text feedback result, wherein the control information parameters comprise text type control information parameters, the code parameters corresponding to the control information parameters of any one program code refer to code parameters which can determine text information parameters through the corresponding relation between the code parameters and the text information parameters in any one program code, and the determined text information parameters are the text type control information parameters; and if the feedback result comprises a program code feedback result, the control information parameter comprises a control code parameter, and the code parameter corresponding to the control information parameter of any one program code refers to the control code parameter of any one program code.
Optionally, the submitted data of the terminal application sample and/or the submitted data of the service unit sample comprises at least one of the following data: submitting test data for the terminal application sample and/or test data for the service unit sample to the large model in order to obtain the attention data of the large model for the terminal application sample and/or the service unit sample; it is desirable to obtain submitted data for the terminal application sample and/or submitted data for the service element sample for a large model service provided by the large model and for which the large model has output feedback results.
Optionally, the method further comprises: acquiring developer information of a program code developer of the program code; inquiring a security risk management and control strategy corresponding to the developer information; the step of carrying out security risk detection processing on the data to be submitted according to a security risk management and control strategy to obtain a security risk detection result comprises the following steps: and carrying out security risk detection processing on the program codes according to a security risk management and control strategy corresponding to the developer information to obtain a security risk detection result.
Optionally, the security risk management policy corresponding to the developer information is obtained in the following manner: obtaining a historical program code detection result of the large model for historical program codes which the program code developer has submitted to the large model; extracting attention data of the large model for the historical program codes from the historical program code detection results; and generating a security risk management and control strategy corresponding to the developer information according to the concerned data.
Optionally, the extracting the attention data of the large model for the historical program code from the historical program code detection result includes: extracting code parameters capable of setting true values from the historical program code detection results as control code parameters, and determining the control code parameters as concerned data of the large model for the historical program codes; the generating a security risk management policy corresponding to the developer information according to the attention data includes: generating a security risk management policy with the management code parameters, the security risk management policy with the management code parameters being used to represent: if any one of the program codes to be submitted to the large model has the management and control code parameter, the program code developer performs desensitization processing on the true value of the management and control code parameter in the any one of the program codes, and submits the any one of the program codes after the desensitization processing to the large model.
The application also provides a safety risk management and control device, which comprises: the system comprises an obtaining unit, a storage unit and a storage unit, wherein the obtaining unit is used for obtaining data to be submitted, and the data to be submitted is data to be submitted to a large model to obtain large model service; the detection unit is used for carrying out security risk detection processing on the data to be submitted according to a security risk management and control strategy to obtain a security risk detection result; the submitting unit is used for submitting the data to be submitted to the large model when the security risk detection result indicates that the security risk is not found; and the management and control unit is used for carrying out security risk management and control processing on the data to be submitted when the security risk detection result indicates that the security risk exists.
The application also provides an electronic device, which comprises a processor and a memory; the memory is used for storing programs and data, and the processor calls the programs stored in the memory to execute the safety risk management and control method.
The application also provides a storage medium storing a program and data, the program being executed by a processor for implementing the security risk management method.
Compared with the prior art, the application has the following advantages:
Before data to be submitted is submitted to a large model, safety risk management and control are carried out on the data to be submitted, safety risk detection processing is carried out on the data to be submitted according to a safety risk management and control strategy, a safety risk detection result is obtained, and if the safety risk detection result indicates that no safety risk is found, the data to be submitted is submitted to the large model; and if the security risk detection result indicates that the security risk exists, performing security risk management and control processing on the data to be submitted. The method can timely find the data to be submitted with safety risk and remove the risk, and avoid risks such as information leakage.
Drawings
Fig. 1 is a schematic diagram of an application system of a security risk management and control method provided by the present application.
Fig. 2 is a flowchart of a security risk management method according to a first embodiment of the present application.
Fig. 3 is a training flowchart of a risk management policy generation model in a security risk management method according to a second embodiment of the present application.
Fig. 4 is a training flowchart of a program code classification sub-model in a security risk management and control method according to a second embodiment of the present application.
Fig. 5 is a training flowchart of a risk management policy generation sub-model in a security risk management method according to a second embodiment of the present application.
Fig. 6 is a flowchart of a security risk management policy corresponding to the developer information obtained in a security risk management method according to a second embodiment of the present application.
Fig. 7 is a schematic diagram of a security risk management apparatus according to a third embodiment of the present application.
Fig. 8 is a schematic diagram of an electronic device according to a fourth embodiment of the present application.
Detailed Description
The application will be described in further detail with reference to the drawings and the detailed description, in order to make the objects, advantages and features of the application more apparent. In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present application. The present application may be embodied in many other forms than described herein and similarly generalized to the embodiments described herein may be made by those skilled in the art without departing from the spirit of the application and the application is therefore not limited to the specific embodiments disclosed below.
It should be noted that in the description of the present application, the terms "first," "second," and the like are used for descriptive purposes only and are not to be construed as indicating or implying any particular order or sequence. The specific meaning of the above terms in the present application will be understood in specific cases by those of ordinary skill in the art. Furthermore, in the description of the present application, the term "plurality" means two or more, unless otherwise indicated. The term "and/or" describes an association relationship of associated objects, meaning that there may be three relationships, e.g., a and/or B, which may represent: a exists alone, A and B exist together, and B exists alone. The character "/" generally indicates that the context-dependent object is an "or" relationship. The terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed or inherent to such process, method, article, or apparatus.
Large models generally refer to artificial intelligence models with huge scale parameters and computing power, such as a large language model (LLM, large Language Model, a language model, consisting of an artificial neural network of billions of weights or more, training a large number of unlabeled text using self-supervised learning or semi-supervised learning, can generate natural language text or understand meaning of language text, can handle multiple natural language tasks such as text classification, question-answering, dialogue, etc.). These models are capable of handling large-scale data sets and complex tasks and are therefore widely used. Currently, in the process of developing program codes, a large model is also used to obtain corresponding services, for example, the large model is used to detect the program codes.
In the scenario that the program code is submitted to the large model to obtain the large model service, because the large model may be provided by a second party or a third party or other institutions, risks such as information leakage exist, and therefore, security risk management and control need to be performed before the program code is submitted to the large model to ensure information security.
In view of the above problems, the present application provides a security risk management method, and an application system of the method is shown in fig. 1, and the application system of the method includes a submitter terminal 101 for developing program codes, a data service terminal 102 for providing services for developing the program codes, a policy configuration terminal 103 for providing security risk management policies, and a large model 104 to which the developed program codes are to be submitted.
Based on the application system, the security risk management and control method provided by the application carries out security risk detection processing on related data to be submitted before the program code is submitted to the large model, and carries out security risk management and control processing on the data with the detected security risk, thereby avoiding risks such as information leakage.
Specifically, the policy configuration end 103 issues a security risk management policy to the data service end 102, when the presenter terminal 101 sends data to be presented to the data service end 102, the data service end 102 performs security risk detection processing on the data to be presented according to the security risk management policy, and if the security risk detection processing does not find a security risk, the data to be presented is presented to the large model 104; and if the security risk detection processing finds that the security risk exists, performing security risk management and control processing on the data to be submitted.
In addition, the data server 102 may also issue the received security risk management policy to the presenter terminal 101, directly perform security risk detection processing on the presenter terminal 101, and if the security risk is not found by the security risk detection processing, submit the data to be submitted to the large model 104 through the data server 102; and if the security risk detection processing finds that the security risk exists, performing security risk management and control processing on the data to be submitted. Of course, the corresponding security risk detection processing work and security risk management processing work need to be performed according to the data processing capability of the presenter terminal 101.
The security risk in the application is the risk of information leakage and the like possibly existing after the data is obtained by the large model service provider.
The security risk management and control strategy mainly aims at security risks possibly existing in the three aspects of the file type of the data to be submitted, information contained in the data to be submitted and the application target of the data to be submitted.
Specifically, a management and control class file, such as an environment variable configuration file, is determined for a security risk that may exist for the file type to which the data to be submitted belongs. And if the data to be submitted is the management and control class file, determining that the safety risk exists. And directly intercepting the management and control class file.
And determining preset information such as key information and/or user information aiming at the security risk possibly existing in the information contained in the data to be submitted. And if the data to be submitted comprises preset information, determining that a safety risk exists. And desensitizing the preset information without blocking interception.
And determining the management and control type terminal application and/or the management and control type service unit aiming at the security risk possibly existing in the application target of the data to be submitted. And if the data to be submitted is the data applied to the management and control type terminal application and/or the management and control type service unit, determining that the safety risk exists. And prohibiting the data to be submitted from being submitted to the large model.
By the method, before the program codes are submitted to the large model, security risk detection processing is carried out on related data to be submitted at a data server or a presenter terminal, and security risk management and control processing is carried out on the detected data with security risk, so that risks such as information leakage are avoided.
The above is an introduction of an application scenario embodiment of the security risk management and control method provided by the present application, and the security risk management and control method, device, etc. related to the present application are described in detail below.
First embodiment
A first embodiment of the present application provides a security risk management and control method, as shown in fig. 2, including the following steps:
s201, obtaining data to be submitted, wherein the data to be submitted is data to be submitted to a large model to obtain large model service.
Large models generally refer to artificial intelligence models with large scale parameters and complex structures that are capable of handling large scale data sets and complex tasks.
The data to be submitted is data to be submitted to a large model to obtain a large model service, e.g., the data to be submitted is program code developed by a program code developer, the obtaining the large model service including obtaining a program code detection service provided by the large model.
After the data to be submitted is submitted to the large model, the data to be submitted can be processed to a certain extent through the large model, so that corresponding large model service is obtained. Since the large model may be provided by a second party or a third party, to ensure security, security risk management needs to be performed on the data to be submitted before the data to be submitted is submitted to the large model.
And carrying out security risk management and control on the data to be submitted, wherein the security risk management and control can be executed through a data server or a presenter terminal. The data service end is a service end for providing service for inputting data to be submitted for a presenter, and the presenter terminal is a terminal used by the presenter for inputting the data to be submitted.
Because the data processing capacities of the data service end and the presenter terminal are different, generally, the data processing method can be executed by the data service end for the work requiring larger data processing capacity and can be executed by the presenter terminal for the work requiring smaller data processing capacity, so that the data processing resources can be reasonably utilized, and the data processing efficiency can be improved. In addition, the data processing capacity of the presenter terminal can be allocated appropriately, and of course, all the related work of security risk management can be carried out by the data server.
For the case of security risk management and control performed by the data server, first, the data server needs to obtain data to be submitted, which is sent by the submitter terminal. For example, a program code developer develops program code using a client of IDEA (IntelliJ IDEA, an integrated environment developed by Java programming language), and then sends related data such as program code that needs large model detection to a server of IDEA, where the client of IDEA is a presenter terminal and the server of IDEA is a data server. And firstly carrying out security risk management and control on the data to be submitted by the server side of the IDEA, and then submitting the data to be submitted to the large model.
In addition, the data server side also obtains the security risk management and control strategy sent by the strategy configuration side. The policy configuration end can be a security wind control module or a security wind control gateway, and can perform configuration, management and the like of policies and management and control applications. After the policy configuration terminal issues the security risk management and control policy to the data server, the data server can perform security risk management and control on the obtained data to be submitted according to the security risk management and control policy.
For the case of performing security risk management by the presenter terminal, first, the presenter terminal needs to obtain data to be presented, which is input by the presenter. For example, the program code developer develops the program code by using the client of the IDEA, and the client of the IDEA can directly perform security risk management and control for relevant data such as the program code input by the presenter, then sends the data to be submitted to the server of the IDEA, and submits the data to the large model through the server of the IDEA.
In addition, the presenter terminal also obtains a security risk management and control policy sent by the data server, the data server obtains the security risk management and control policy through the policy configuration terminal, and then issues the obtained security risk management and control policy to the presenter terminal, and the presenter terminal can perform security risk management and control on the obtained data to be presented according to the security risk management and control policy.
So far, the data service end or the submitter terminal obtains a security risk management and control strategy and obtains data to be submitted, and the security risk management and control can be carried out on the data to be submitted through the following steps.
S202, carrying out security risk detection processing on the data to be submitted according to a security risk management and control strategy to obtain a security risk detection result.
The security risk management and control strategy mainly aims at security risks possibly existing in the three aspects of the file type of the data to be submitted, the information contained in the data to be submitted and the application target of the data to be submitted, and provides a corresponding risk detection strategy and risk processing strategy.
Specifically, the security risk management and control policy may include at least one of a management and control type file risk management and control policy, an information risk management and control policy, a management and control type terminal application, and/or a management and control type service unit risk management and control policy.
The management and control class file risk management and control strategy determines files with safety risks, namely, the files with safety risks are determined as management and control class files. The management and control class file may include an environment variable configuration file.
For the management and control class file, the judgment can be carried out according to the file name suffix, namely the file name suffix of the management and control class file is the appointed file name suffix. For example, the file name suffixes are determined to be the management and control type files by the configuration files such as xml, env and the like, and the data to be submitted can be determined to be the management and control type files as long as the file name suffixes of the data to be submitted hit any one of the file name suffixes.
Therefore, according to the management and control type file risk management and control strategy, whether the data to be submitted is the management and control type file is judged. And if the data to be submitted is the management and control class file, determining that the safety risk exists.
The information risk management policy determines information having a security risk, that is, determines information having a security risk as preset information. The preset information may include key information and/or user information.
Wherein the key information includes at least one of the following information: database connection identification, database account information, database password information, user identification information, user authentication key information, encryption key information and decryption key information. The user information includes at least one of the following information: user mobile communication number information (such as a mobile phone number), user identity information (such as an identity card number).
For the preset information, the judgment can be performed based on regular matching, and if the information, such as a character string, included in the data to be submitted hits at least one preset information, the data to be submitted is determined to include the preset information.
Therefore, according to the information risk management and control strategy, whether the data to be submitted comprises preset information or not is judged. And if the data to be submitted comprises preset information, determining that a safety risk exists.
And the management and control type terminal application and/or management and control type service unit risk management and control strategy determines a list of the management and control type terminal application and/or management and control type service unit. The terminal application can be a mobile phone APP, a website and the like, and the service unit can be a service module in the mobile phone APP, a service module in the website and the like, or can be a certain type of service. Of course, through security risk assessment, the management and control class terminal application and/or the management and control class service unit in the list can be adjusted.
If the data to be submitted is applied to the management and control type terminal application and/or the management and control type service unit, the data to be submitted is submitted to the large model, and risks such as information leakage and the like may exist, and the data to be submitted has security risks.
Therefore, according to the management and control type terminal application and/or management and control type service unit risk management and control strategy, whether the data to be submitted is the data applied to the management and control type terminal application and/or management and control type service unit is judged. And if the data to be submitted is the data applied to the management and control type terminal application and/or the management and control type service unit, determining that the safety risk exists.
If the data to be submitted is not in hit with any one of the management and control type file risk management and control strategy, the information risk management and control strategy, management and control type terminal application and/or management and control type service unit risk management and control strategy, determining that the safety risk is not found.
The above description is made of a specific manner of security risk management and control policy and security risk detection processing, and according to the security risk management and control policy, security risk detection processing is performed on the data to be submitted, so that a security risk detection result for indicating whether the data to be submitted has security risk or not can be obtained.
And S203, if the security risk detection result shows that the security risk is not found, submitting the data to be submitted to the large model.
If the data to be submitted does not hit any security risk management policy, determining that the security risk is not found, and submitting the data to be submitted to the large model.
Specifically, if the data to be submitted is subjected to security risk detection processing through the data server, and the security risk detection result indicates that no security risk is found, the data server directly submits the data to be submitted to the large model. If the safety risk detection processing is carried out on the data to be submitted through the presenter terminal, and the safety risk detection result indicates that the safety risk is not found, the presenter terminal submits the data to be submitted to the large model through the data server. Further, the data service end can also send prompt information for prompting that the data to be submitted is submitted to the large model to the presenter terminal, and the prompt information is displayed to the presenter through the presenter terminal.
S204, if the security risk detection result indicates that the security risk exists, security risk management and control processing is conducted on the data to be submitted.
If the data to be submitted is determined to be the management and control class file according to the management and control class file risk management and control strategy, the safety risk of the data to be submitted can be further determined. The security risk management and control processing is performed on the data to be submitted, which belongs to the management and control type file, specifically, the data to be submitted is forbidden to be submitted to a large model, namely, the data to be submitted is directly intercepted.
Further, a prompt message for prompting the data to be submitted to be a management and control file can be output. If the data to be submitted is subjected to security risk detection processing and security risk management and control processing through the data server, the data server returns the prompt information to the presenter terminal, and the presenter terminal displays the prompt information to the presenter. If the presenter terminal performs security risk detection processing and security risk management processing on the data to be presented, the presenter terminal can directly display the prompt information to the presenter, and can also send the prompt information to a data server for storage recording and the like.
If the data to be submitted is determined to comprise preset information according to the information risk management and control strategy, the data to be submitted can be further determined to have safety risk. The security risk management and control processing is performed on the data to be submitted including the preset information, specifically, the desensitization processing may be performed on the preset information included in the data to be submitted, for example, the preset information in the data to be submitted is hidden, and then the data after the desensitization processing is submitted to the large model.
Further, a prompt message for prompting that the data to be submitted includes preset information and/or the preset information is desensitized may be output.
If the data to be submitted is determined to be the data applied to the management and control type terminal application and/or the management and control type service unit according to the management and control type terminal application and/or the management and control type service unit risk management and control strategy, the safety risk of the data to be submitted can be further determined. And carrying out security risk management and control processing on the data to be submitted, which is applied to the management and control type terminal application and/or the management and control type service unit, wherein the data to be submitted can be forbidden to be submitted to the large model.
Further, a prompting message for prompting the terminal application and/or the service unit to which the data to be submitted is applied to be a management and control type terminal application and/or a management and control type service unit can be output.
So far, through the steps, the data to be submitted to the large model to obtain the large model service can be subjected to security risk management and control, so that the large model service provider is prevented from obtaining important information or preset information in the data to be submitted, and risks such as information leakage are prevented.
In addition, optionally, if security risk management is to be performed on the data to be submitted through the data server, the data server may also verify the identity information of the presenter.
Specifically, the data service end obtains the identity information of the presenter sent by the presenter terminal, the identity information may be the identity information of the presenter registered in advance by the presenter terminal, different presenter identity information may correspond to different authorities, for example, whether the data to be submitted corresponding to the presenter identity information may be submitted to a large model, whether the presenter terminal corresponding to the presenter identity information may obtain the service provided by the data service end, and so on. In this embodiment, the data server performs verification processing on the presenter identity information sent by the presenter terminal, and obtains a verification result for indicating whether the data to be presented corresponding to the presenter identity information can be presented to the large model.
If the verification result indicates that the data to be submitted corresponding to the identity information of the submitter can be submitted to a large model, carrying out security risk detection processing on the data to be submitted according to a security risk management and control strategy to obtain a security risk detection result. And if the verification result indicates that the data to be submitted corresponding to the identity information of the presenter cannot be submitted to the large model, returning prompt information for prompting that the data to be submitted corresponding to the identity information of the presenter cannot be submitted to the large model to the presenter terminal.
The above is a detailed description of a security risk management and control method according to the first embodiment of the present application.
Second embodiment
The second embodiment of the present application provides a security risk management method, and the specific implementation steps are the same as those of the first embodiment, and details are not repeated herein, but refer to the first embodiment in detail. The embodiment mainly aims at a security risk management and control strategy used in the implementation process of the security risk management and control method, and particularly, the generation process of the security risk management and control strategy is described.
According to the security risk management and control strategy, security risk detection processing can be performed on the data to be submitted, and corresponding security risk management and control processing can be performed on the detected risk. The security risk management and control policy can be set manually in advance, but along with the continuous change of data to be submitted and the continuous increase of data volume, the update frequency of the security risk management and control policy becomes higher and higher, and the current requirement cannot be met by a manual setting mode, so that the security risk management and control method provided by the embodiment is particularly described for the solution of the problem.
Taking an application scenario in which program codes are to be submitted to a large model for program code detection as an example, the data to be submitted is program codes developed by program code developers, and the obtaining of the large model service includes obtaining the program code detection service provided by the large model.
Optionally, the security risk management and control method further includes: and inputting the program codes into a risk management strategy generation model corresponding to the large model to obtain a security risk management strategy aiming at the program codes, wherein the risk management strategy generation model is used for generating the security risk management strategy according to the program codes. And carrying out security risk detection processing on the program codes according to a security risk management and control strategy aiming at the program codes, so that a security risk detection result can be obtained.
The first generation mode of the security risk management and control policy provided in this embodiment is to directly utilize a risk management and control policy generation model to generate a corresponding security risk management and control policy for the program code. The risk management and control strategy generation model is a machine learning model.
Specifically, the risk management and control strategy generating model may be multiple, and different risk management and control strategy generating models correspond to different large models. When the program code to be submitted is obtained, large model information to which the program code to be submitted is also obtained, and a target large model to which the program code is submitted can be determined according to the large model information. And selecting a corresponding risk management and control strategy generation model for generating a safety risk management and control strategy for the program code aiming at the target large model, and obtaining the safety risk management and control strategy aiming at the program code. Furthermore, the security risk detection processing can be performed on the program code according to the security risk management policy for the program code, so as to obtain a security risk detection result.
The risk management policy generation model is obtained by training in the following manner, please refer to the flowchart shown in fig. 3:
S301, obtaining a program code sample.
Here, the program code without security risk may be selected as a program code sample, for example, the preset information in the program code is replaced by imaginary information, and the replaced program code is used as a program code sample.
S302, submitting the program code sample to the large model.
S303, obtaining a program code detection result of the large model for the program code sample.
The program code detection result may include a location where the program code sample has a problem (such as bug, program error), concrete content of the problem, modification advice for the problem, and the like.
S304, analyzing the program code detection result to obtain the data of interest of the large model for the program code sample.
The data of interest includes code segments for which the large model indicates a problem for the program code sample as problem code segments. The problem code fragment may be a portion of program code in the program code sample that is problematic.
And S305, generating a security risk management policy for the program code sample according to the concerned data, and taking the security risk management policy as a reference security risk management policy.
Specifically, code parameters that can set true values are extracted from the problem code segments as management code parameters. A code parameter that can be set to a true value, that is, a code parameter defined by a program code developer that can be set to a true value, for example, a defined code parameter "name" can be set to a true name, "name=Zhang Sani", that is, a code parameter "name" is set to a true name "Zhang Sani". The code parameter "name" is taken as the management code parameter.
Then, an information risk management policy with the management code parameters is generated. The information risk management and control strategy with the management and control code parameters is used for representing: if any one program code has the control code parameter, the true value of the control code parameter in any one program code is subjected to desensitization processing, and the any program code after the desensitization processing is submitted to the large model. For example, the code parameter "name" is a management code parameter, and when it is detected that the management code parameter "name" is included in the program code, the true value "Zhang san" in "name=Zhang san" is subjected to desensitization processing, such as replacing "Zhang san" with a symbol having no meaning.
And taking the information risk management and control strategy with the management and control code parameters as a reference security risk management and control strategy.
S306, inputting the program code sample into an initial risk management and control strategy generation model, and obtaining a predicted safety risk management and control strategy for the program code sample.
Typically, the program code samples are input into an initial risk management policy generation model, which may output a predicted security risk management policy for the program code samples.
S307, obtaining the predicted loss data between the predicted safety risk management and control strategy and the reference safety risk management and control strategy.
And S308, if the predicted loss data meets a preset first predicted loss acceptable condition, determining the initial risk management and control strategy generation model as the risk management and control strategy generation model, otherwise, adjusting model parameters in the initial risk management and control strategy generation model until the predicted loss data between the predicted safety risk management and control strategy output by the adjusted risk management and control strategy generation model and the standard safety risk management and control strategy meets the preset first predicted loss acceptable condition, and determining the adjusted risk management and control strategy generation model corresponding to the first predicted loss acceptable condition as the risk management and control strategy generation model.
The initial risk management and control policy generation model may be an untrained risk management and control policy generation model, and the initial risk management and control policy generation model may be determined as the risk management and control policy generation model as long as prediction loss data between the predicted security risk management and control policy obtained by the initial risk management and control policy generation model and the reference security risk management and control policy meets a preset first prediction loss acceptable condition, that is, prediction accuracy of the initial risk management and control policy generation model meets a requirement.
And if the predicted loss data between the predicted safety risk management strategy obtained through the initial risk management strategy generation model and the reference safety risk management strategy does not meet the preset first predicted loss acceptable condition, that is, the prediction accuracy of the initial risk management strategy generation model does not meet the requirement, adjusting model parameters in the initial risk management strategy generation model. And then calculating prediction loss data between the prediction security risk management and control strategy obtained through the adjusted risk management and control strategy generation model and the reference security risk management and control strategy, and comparing the prediction loss data with a preset first prediction loss acceptable condition so as to measure whether the prediction accuracy of the adjusted risk management and control strategy generation model meets the requirement.
If the predicted loss data still does not meet the requirements, continuing to adjust the model parameters until the predicted loss data between the predicted safety risk management and control strategy output by the adjusted risk management and control strategy generation model and the reference safety risk management and control strategy meet the preset first predicted loss acceptable condition.
Thus, the risk management policy generation model is obtained, with which a security risk management policy for the program code can be obtained.
The second generation mode of the security risk management policy provided in this embodiment also uses a risk management policy generation model to generate a corresponding security risk management policy for a program code, where the difference is that the risk management policy generation model includes a program code classification sub-model for determining a terminal application and/or a service unit to which the program code belongs and a risk management policy generation sub-model for generating the security risk management policy. The program code classification sub-model and the risk management and control strategy generation sub-model are both machine learning models.
Inputting the program code into a risk management strategy generation model corresponding to the large model, and obtaining a security risk management strategy aiming at the program code, wherein the security risk management strategy comprises the following specific steps: inputting the program codes into the program code classification sub-model to determine terminal application and/or service units to which the program codes belong; acquiring characteristic information of a terminal application and/or characteristic information of a service unit to which the program code belongs; and then, inputting the characteristic information of the terminal application to which the program code belongs and/or the characteristic information of the service unit into the risk management and control strategy generation sub-model to obtain the security risk management and control strategy for the program code.
The feature information of the terminal application and/or the feature information of the service unit to which the program code belongs may include identification information of the terminal application and/or identification information of the service unit, such as a name, an ID, etc. of the terminal application and/or the service unit, and may further include service class information to which the terminal application belongs and/or service class information to which the service unit belongs, such as a life service class, a traffic navigation class, a shopping class, etc.
The program code classification sub-model is obtained by training in the following way, please refer to the flowchart shown in fig. 4:
s401, obtaining a program code sample.
And S402, determining a terminal application and/or service unit to which the program code sample belongs as a reference terminal application and/or service unit.
S403, inputting the program code sample into the initial program code classification sub-model, and determining a prediction terminal application and/or service unit to which the program code sample belongs.
Typically, the program code samples are input into an initial program code classification sub-model, which outputs the result of the predicted terminal application and/or service unit to which the program code samples belong.
S404, if the predicted loss data between the predicted terminal application and/or service unit and the reference terminal application and/or service unit meets a preset second predicted loss acceptable condition, determining the initial program code classification sub-model as the program code classification sub-model, otherwise, adjusting model parameters in the initial program code classification sub-model until the predicted loss data between the predicted terminal application and/or service unit and the reference terminal application and/or service unit determined by the adjusted program code classification sub-model meets the second predicted loss acceptable condition, and determining an adjusted program code classification sub-model corresponding to the second predicted loss acceptable condition as the program code classification sub-model.
Through the training, a program code classification sub-model meeting the requirement of prediction precision can be obtained, and a prediction terminal application and/or service unit to which the program code belongs can be obtained by using the model.
The risk management policy generation sub-model is obtained by training in the following manner, please refer to the flowchart shown in fig. 5:
s501, obtaining a characteristic information sample of a terminal application sample and/or a characteristic information sample of a service unit sample.
And determining terminal application and/or service units participating in the risk management and control strategy generation sub-model training as terminal application samples and/or service unit samples, and taking the characteristic information of the terminal application and/or the characteristic information of the service unit as characteristic information samples of the terminal application samples and/or the characteristic information samples of the service unit samples. Likewise, the feature information of the terminal application and/or the feature information of the service unit may include identification information of the terminal application and/or identification information of the service unit, such as a name, an ID, etc. of the terminal application and/or the service unit, and may further include service class information to which the terminal application belongs and/or service class information to which the service unit belongs, such as belonging to a living service class, a traffic navigation class, a shopping class, etc.
S502, obtaining feedback results of the large model on submitted data of the terminal application sample and/or submitted data of the service unit sample.
The submitted data may be any data related to the terminal application sample and/or the service unit sample that requires the large model to provide the corresponding service and submit to the large model.
For example, the terminal application sample is an a shopping application, a piece of text is submitted to the large model, and the text content is "is the a shopping application required to register an account? "or submit a message to the large model containing" is the shopping application a needs to register an account? "do a picture of a character graphic, or submit a piece of audio or video to a large model, the content of the audio or video is" is a shopping application required to register an account? "further or submit a section of program code applied to the shopping application a and used for registering account numbers to the large model, and the text, the picture, the audio, the video and the program code belong to submitted data of the terminal application sample. The submitted data of the service unit sample is the same.
The feedback result of the large model on the submitted data of the terminal application sample and/or the submitted data of the service unit sample can also be text, pictures, audio, video, program codes and the like. For example, do an account number need to be registered for text content for "a shopping application? The feedback result of the large model can be text 'need', a picture containing character graphics of 'need', or audio or video representing 'need'. The feedback result of the large model may be modified program code for program code that applies to the A shopping application.
The submitted data of the terminal application sample and/or the submitted data of the service unit sample comprises at least one of the following data:
One is test data for the terminal application sample and/or test data for the service unit sample submitted to the large model for obtaining data of interest of the large model for the terminal application sample and/or the service unit sample.
In the case that the submitted data obtained by the large model and the feedback result of the large model for the submitted data are not disclosed, or in the case that the submitted data obtained by the disclosed large model and the feedback result of the large model for the submitted data are insufficient, the test data may be submitted to the large model specifically for the terminal application sample and/or the service unit sample to obtain the feedback result, where the test data may be the submitted data.
Another is submitted data for the terminal application sample and/or submitted data for the service unit sample for which it is desired to obtain a large model service provided by the large model and for which the large model has output feedback results.
With respect to the terminal application sample and/or the service unit sample, the submitted data obtained by the disclosed large model and the feedback result of the large model for the submitted data may be obtained directly.
S503, extracting the attention data of the large model aiming at the terminal application sample and/or the service unit sample from the feedback result.
Specifically, information parameters that can set real data may be extracted from the feedback result as management information parameters, and the management information parameters are determined as data of interest of the large model for the terminal application sample and/or the service unit sample.
For example, the feedback result of the large model aiming at the submitted data is "account number needs to be registered, name, address and telephone need to be filled in when account number needs to be registered", so that information parameters of the name, address and telephone, which can set real data, can be extracted as management and control information parameters.
S504, according to the attention data, generating a security risk management policy for the terminal application sample and/or the service unit sample as a reference security risk management policy.
In particular, a security risk management policy with the management information parameters may be generated, the security risk management policy with the management information parameters being used to represent: and if any one program code to be submitted to the large model belongs to the terminal application sample and/or the service unit sample and has the code parameter corresponding to the management information parameter, performing desensitization processing on the true value of the code parameter corresponding to the management information parameter, which is possessed by the any one program code, and submitting the any program code after the desensitization processing to the large model.
And if the feedback result comprises a text feedback result, the management and control information parameter comprises a text type management and control information parameter. The code parameter corresponding to the management information parameter of any one program code refers to a code parameter in which a text information parameter can be determined according to a corresponding relation between the code parameter and the text information parameter, and the determined text information parameter is the text type management information parameter.
For example, a corresponding relationship exists between a code parameter "name" and a text information parameter "name" in the program code, and the text information parameter "name" is a text type management information parameter, and the code parameter "name" is a code parameter corresponding to the management information parameter.
And if the feedback result comprises an audio feedback result and/or a video feedback result, converting the audio feedback result and/or the video feedback result into a text feedback result, wherein the control information parameters comprise text control information parameters. The code parameter corresponding to the management information parameter of any one program code refers to a code parameter in which a text information parameter can be determined according to a corresponding relation between the code parameter and the text information parameter, and the determined text information parameter is the text type management information parameter.
And for the audio feedback result and/or the video feedback result, the voice content in the audio feedback result and/or the video feedback result can be converted into a text feedback result in a voice recognition mode. For the video feedback result, subtitles in the video can be directly obtained as a converted text feedback result, and image recognition can be carried out on video frames in the video feedback result to obtain a text feedback result for describing the content of the video feedback result.
And if the feedback result comprises a program code feedback result, the control information parameter comprises a control code parameter, and the code parameter corresponding to the control information parameter of any one program code refers to the control code parameter of any one program code.
S505, inputting the characteristic information sample of the terminal application sample and/or the characteristic information sample of the service unit sample into an initial risk management and control strategy generation sub-model to obtain a predicted safety risk management and control strategy for the terminal application sample and/or the service unit sample.
In general, the characteristic information sample of the terminal application sample and/or the characteristic information sample of the service unit sample are input into an initial risk management and control policy generation sub-model, and the initial risk management and control policy generation sub-model can output a predicted security risk management and control policy for the terminal application sample and/or the service unit sample.
S506, obtaining the predicted loss data between the predicted safety risk management and control strategy and the reference safety risk management and control strategy.
S507, if the predicted loss data meets a preset third predicted loss acceptable condition, determining the initial risk management and control strategy generation sub-model as the risk management and control strategy generation sub-model, otherwise, adjusting model parameters in the initial risk management and control strategy generation sub-model until the predicted loss data between the predicted safety risk management and control strategy output by the adjusted risk management and control strategy generation sub-model and the reference safety risk management and control strategy meets the preset third predicted loss acceptable condition, and determining the adjusted risk management and control strategy generation sub-model corresponding to the third predicted loss acceptable condition as the risk management and control strategy generation sub-model.
The risk management strategy generation sub-model meeting the prediction precision requirement can be obtained through the training, and the safety risk management strategy aiming at the program codes can be obtained by utilizing the model.
The third generation mode of the security risk management and control policy provided in this embodiment is a security risk management and control policy corresponding to the developer information obtained according to the historical program code submitted by the program code developer corresponding to the program code to be submitted.
The security risk management policy corresponding to the developer information is obtained in the following manner, please refer to the flowchart shown in fig. 6:
S601, obtaining a historical program code detection result of the large model for the historical program codes submitted to the large model by the program code developer.
The detection result of the historical program code can comprise the position where the problem exists in the historical program code, the concrete content of the problem exists, and modification suggestions for the problem exist.
S602, extracting attention data of the large model for the historical program codes from the historical program code detection results.
Specifically, a code parameter, which can set a true value, may be extracted from the historical program code detection result as a management code parameter, which is determined as the data of interest of the large model for the historical program code.
S603, generating a security risk management and control strategy corresponding to the developer information according to the concerned data.
Specifically, a security risk management policy with the management code parameters is generated, the security risk management policy with the management code parameters being used to represent: if any one of the program codes to be submitted to the large model has the management and control code parameter, the program code developer performs desensitization processing on the true value of the management and control code parameter in the any one of the program codes, and submits the any one of the program codes after the desensitization processing to the large model.
And generating corresponding security risk management and control strategies aiming at different program code developers, and then establishing a mapping relation between developer information of the program code developers and the corresponding security risk management and control strategies. When the program code to be submitted is obtained, developer information of a program code developer of the program code, such as account information registered by the program code developer, and the like, is also obtained. Inquiring a security risk management and control strategy corresponding to the developer information according to the mapping relation, and carrying out security risk detection processing on the program code according to the security risk management and control strategy corresponding to the developer information to obtain a security risk detection result.
The above description has been made of the manner in which the security risk management and control policy is generated and the specific manner of use. In practical application, the presenter terminal or the data server may send the program code or developer information to be presented to the policy configuration terminal to generate a corresponding security risk management and control policy, and then return the security risk management and control policy to the presenter terminal or the data server to implement security risk management and control on the program code to be presented, so as to prevent risk of information leakage.
Third embodiment
A third embodiment of the present application provides a security risk management apparatus, as shown in fig. 7. The device corresponds to the method for detecting dressing of distribution resources provided in the first embodiment and the second embodiment, and since the device embodiment is similar to the method embodiment, the description is relatively simple, and the relevant points are referred to the content of the first embodiment and the second embodiment.
The security risk management and control apparatus 700 provided in this embodiment includes:
an obtaining unit 701, configured to obtain data to be submitted, where the data to be submitted is data to be submitted to a large model to obtain a large model service;
the detection unit 702 is configured to perform security risk detection processing on the data to be submitted according to a security risk management and control policy, so as to obtain a security risk detection result;
A submitting unit 703, configured to submit the data to be submitted to the large model when the security risk detection result indicates that no security risk is found;
and a management and control unit 704, configured to perform security risk management and control processing on the data to be submitted when the security risk detection result indicates that a security risk exists.
Optionally, the performing security risk detection processing on the data to be submitted according to a security risk management and control policy to obtain a security risk detection result includes: judging whether the data to be submitted is a management and control class file or not according to a management and control class file risk management and control strategy; and if the data to be submitted is the management and control class file, determining that the safety risk exists.
Optionally, the management and control class file includes an environment variable configuration file.
Optionally, the file name suffix of the management and control class file is a specified file name suffix.
Optionally, if the security risk detection result indicates that a security risk exists, performing security risk management processing on the data to be submitted, including: and if the security risk detection result indicates that the security risk exists, prohibiting the data to be submitted from being submitted to a large model.
Optionally, the apparatus further comprises: the first output unit is used for outputting prompt information for prompting that the data to be submitted is a management and control type file.
Optionally, the performing security risk detection processing on the data to be submitted according to a security risk management and control policy to obtain a security risk detection result includes: judging whether the data to be submitted comprises preset information or not according to an information risk management and control strategy; and if the data to be submitted comprises preset information, determining that a safety risk exists.
Optionally, the preset information includes key information and/or user information.
Optionally, the key information includes at least one of the following information: database connection identification, database account information, database password information, user identification information, user authentication key information, encryption key information and decryption key information.
Optionally, the user information includes at least one of the following information: user mobile communication number information, user identity information.
Optionally, if the security risk detection result indicates that a security risk exists, performing security risk management processing on the data to be submitted, including: if the security risk detection result indicates that the security risk exists, carrying out desensitization processing on preset information included in the data to be submitted, and submitting the desensitized data to the large model.
Optionally, the performing security risk detection processing on the data to be submitted according to a security risk management and control policy to obtain a security risk detection result includes: judging whether the data to be submitted is data applied to the management and control type terminal application and/or the management and control type service unit according to a management and control type terminal application and/or management and control type service unit risk management and control strategy; and if the data to be submitted is the data applied to the management and control type terminal application and/or the management and control type service unit, determining that the safety risk exists.
Optionally, if the security risk detection result indicates that a security risk exists, performing security risk management processing on the data to be submitted, including: and if the security risk detection result indicates that the security risk exists, prohibiting the data to be submitted from being submitted to a large model.
Optionally, the apparatus further comprises: the second output unit is used for outputting prompt information for prompting the terminal application and/or the service unit to which the data to be submitted is applied to be a management and control type terminal application and/or a management and control type service unit.
Optionally, the performing security risk detection processing on the data to be submitted according to a security risk management and control policy to obtain a security risk detection result includes: and if the data to be submitted does not hit any security risk management strategy, determining that the security risk is not found.
Optionally, the obtaining the data to be submitted includes: obtaining data to be submitted sent by a presenter terminal; the apparatus further comprises: the first policy obtaining unit is used for obtaining the security risk management and control policy sent by the policy configuration terminal.
Optionally, the apparatus further comprises: the identity information verification unit is used for obtaining the identity information of the submitter sent by the submitter terminal; verifying the presenter identity information sent by the presenter terminal to obtain a verification result used for indicating whether the data to be presented corresponding to the presenter identity information can be presented to a large model; the step of carrying out security risk detection processing on the data to be submitted according to a security risk management and control strategy to obtain a security risk detection result comprises the following steps: if the verification result shows that the data to be submitted corresponding to the identity information of the submitter can be submitted to a large model, carrying out security risk detection processing on the data to be submitted according to a security risk management and control strategy to obtain a security risk detection result; and if the verification result indicates that the data to be submitted corresponding to the identity information of the presenter cannot be submitted to the large model, returning prompt information for prompting that the data to be submitted corresponding to the identity information of the presenter cannot be submitted to the large model to the presenter terminal.
Optionally, the obtaining the data to be submitted includes: obtaining data to be submitted input by a submitter; the apparatus further comprises: the second policy obtaining unit is used for obtaining the security risk management and control policy sent by the data server, wherein the data server obtains the security risk management and control policy through a policy configuration terminal, and the data server is a server for providing service for a submitter to input data to be submitted; the submitting the data to be submitted to the large model includes: and submitting the data to be submitted to the large model through the data server.
Optionally, the data to be submitted is program code developed by a program code developer, and the obtaining the large model service includes obtaining a program code detection service provided by the large model.
Optionally, the apparatus further comprises: the strategy generation unit is used for inputting the program codes into a risk management strategy generation model corresponding to the large model to obtain a safety risk management strategy for the program codes, and the risk management strategy generation model is used for generating the safety risk management strategy according to the program codes; the step of carrying out security risk detection processing on the data to be submitted according to a security risk management and control strategy to obtain a security risk detection result comprises the following steps: and carrying out security risk detection processing on the program codes according to a security risk management and control strategy aiming at the program codes to obtain security risk detection results.
Optionally, the risk management policy generation model is obtained by training in the following manner: obtaining a program code sample; submitting the program code sample to the large model; obtaining a program code detection result of the large model aiming at the program code sample; analyzing the program code detection result to obtain data of interest of the large model for the program code sample; generating a security risk management and control strategy for the program code sample according to the concerned data, and taking the security risk management and control strategy as a reference security risk management and control strategy; inputting the program code sample into an initial risk management and control strategy generation model to obtain a predicted safety risk management and control strategy for the program code sample; obtaining predicted loss data between the predicted security risk management and control strategy and the reference security risk management and control strategy; and if the predicted loss data meets a preset first predicted loss acceptable condition, determining the initial risk management and control strategy generation model as the risk management and control strategy generation model, otherwise, adjusting model parameters in the initial risk management and control strategy generation model until the predicted loss data between the predicted safety risk management and control strategy output by the adjusted risk management and control strategy generation model and the reference safety risk management and control strategy meets the preset first predicted loss acceptable condition, and determining the adjusted risk management and control strategy generation model corresponding to the first predicted loss acceptable condition as the risk management and control strategy generation model.
Optionally, the data of interest includes a code segment of the large model indicating that a problem exists for the program code sample as a problem code segment; the generating a security risk management policy for the program code sample according to the attention data comprises: extracting code parameters capable of setting true values from the problem code segments to serve as management and control code parameters; generating an information risk management and control strategy with the management and control code parameters; the information risk management and control strategy with the management and control code parameters is used for representing: if any one program code has the control code parameter, the true value of the control code parameter in any one program code is subjected to desensitization processing, and the any program code after the desensitization processing is submitted to the large model.
Optionally, the risk management policy generation model includes a program code classification sub-model for determining a terminal application and/or a service unit to which the program code belongs and a risk management policy generation sub-model for generating a security risk management policy; the step of inputting the program code into a risk management policy generation model corresponding to the large model to obtain a security risk management policy for the program code, including: inputting the program codes into the program code classification sub-model to determine terminal application and/or service units to which the program codes belong; acquiring characteristic information of a terminal application and/or characteristic information of a service unit to which the program code belongs; and inputting the characteristic information of the terminal application to which the program code belongs and/or the characteristic information of the service unit into the risk management and control strategy generation sub-model to obtain the security risk management and control strategy for the program code.
Optionally, the program code classification sub-model is trained to be obtained as follows: obtaining a program code sample; determining a terminal application and/or service unit to which the program code sample belongs as a reference terminal application and/or service unit; inputting a program code sample into an initial program code classification sub-model, and determining a prediction terminal application and/or service unit to which the program code sample belongs; and if the predicted loss data between the predicted terminal application and/or service unit and the reference terminal application and/or service unit meets a preset second predicted loss acceptable condition, determining the initial program code classification sub-model as the program code classification sub-model, otherwise, adjusting model parameters in the initial program code classification sub-model until the predicted loss data between the predicted reference terminal application and/or service unit and the reference terminal application and/or service unit determined by the adjusted program code classification sub-model meets the second predicted loss acceptable condition, and determining an adjusted program code classification sub-model corresponding to the second predicted loss acceptable condition as the program code classification sub-model.
Optionally, the risk management policy generation sub-model is obtained by training in the following manner: obtaining a characteristic information sample of a terminal application sample and/or a characteristic information sample of a service unit sample; obtaining feedback results of the large model on submitted data of the terminal application sample and/or submitted data of the service unit sample; extracting the data of interest of the large model aiming at the terminal application sample and/or the service unit sample from the feedback result; according to the attention data, generating a security risk management and control strategy aiming at the terminal application sample and/or the service unit sample as a reference security risk management and control strategy; inputting the characteristic information sample of the terminal application sample and/or the characteristic information sample of the service unit sample into an initial risk management and control strategy generation sub-model to obtain a predicted safety risk management and control strategy for the terminal application sample and/or the service unit sample; obtaining predicted loss data between the predicted security risk management and control strategy and the reference security risk management and control strategy; and if the predicted loss data meets a preset third predicted loss acceptable condition, determining the initial risk management and control strategy generation sub-model as the risk management and control strategy generation sub-model, otherwise, adjusting model parameters in the initial risk management and control strategy generation sub-model until the predicted loss data between the predicted safety risk management and control strategy output by the adjusted risk management and control strategy generation sub-model and the standard safety risk management and control strategy meets the preset third predicted loss acceptable condition, and determining the adjusted risk management and control strategy generation sub-model corresponding to the third predicted loss acceptable condition as the risk management and control strategy generation sub-model.
Optionally, the extracting the data of interest of the large model for the terminal application sample and/or the service unit sample from the feedback result includes: extracting information parameters capable of setting real data from the feedback result as control information parameters, and determining the control information parameters as concerned data of the large model aiming at the terminal application sample and/or the service unit sample; the generating a security risk management policy for the terminal application sample and/or the service unit sample according to the attention data includes: generating a security risk management and control strategy with the management and control information parameters, wherein the security risk management and control strategy with the management and control information parameters is used for representing: and if any one program code to be submitted to the large model belongs to the terminal application sample and/or the service unit sample and has the code parameter corresponding to the management information parameter, performing desensitization processing on the true value of the code parameter corresponding to the management information parameter, which is possessed by the any one program code, and submitting the any program code after the desensitization processing to the large model.
Optionally, if the feedback result includes a text feedback result, the control information parameter includes a text type control information parameter, and the code parameter corresponding to the control information parameter of any one program code refers to a code parameter in any one program code, where the text information parameter can be determined according to a corresponding relationship between the code parameter and the text information parameter, and the determined text information parameter is the text type control information parameter; if the feedback result comprises an audio feedback result and/or a video feedback result, converting the audio feedback result and/or the video feedback result into a text feedback result, wherein the control information parameters comprise text type control information parameters, the code parameters corresponding to the control information parameters of any one program code refer to code parameters which can determine text information parameters through the corresponding relation between the code parameters and the text information parameters in any one program code, and the determined text information parameters are the text type control information parameters; and if the feedback result comprises a program code feedback result, the control information parameter comprises a control code parameter, and the code parameter corresponding to the control information parameter of any one program code refers to the control code parameter of any one program code.
Optionally, the submitted data of the terminal application sample and/or the submitted data of the service unit sample comprises at least one of the following data: submitting test data for the terminal application sample and/or test data for the service unit sample to the large model in order to obtain the attention data of the large model for the terminal application sample and/or the service unit sample; it is desirable to obtain submitted data for the terminal application sample and/or submitted data for the service element sample for a large model service provided by the large model and for which the large model has output feedback results.
Optionally, the apparatus further comprises: the strategy query unit is used for obtaining developer information of program code developers of the program codes; inquiring a security risk management and control strategy corresponding to the developer information; the step of carrying out security risk detection processing on the data to be submitted according to a security risk management and control strategy to obtain a security risk detection result comprises the following steps: and carrying out security risk detection processing on the program codes according to a security risk management and control strategy corresponding to the developer information to obtain a security risk detection result.
Optionally, the security risk management policy corresponding to the developer information is obtained in the following manner: obtaining a historical program code detection result of the large model for historical program codes which the program code developer has submitted to the large model; extracting attention data of the large model for the historical program codes from the historical program code detection results; and generating a security risk management and control strategy corresponding to the developer information according to the concerned data.
Optionally, the extracting the attention data of the large model for the historical program code from the historical program code detection result includes: extracting code parameters capable of setting true values from the historical program code detection results as control code parameters, and determining the control code parameters as concerned data of the large model for the historical program codes; the generating a security risk management policy corresponding to the developer information according to the attention data includes: generating a security risk management policy with the management code parameters, the security risk management policy with the management code parameters being used to represent: if any one of the program codes to be submitted to the large model has the management and control code parameter, the program code developer performs desensitization processing on the true value of the management and control code parameter in the any one of the program codes, and submits the any one of the program codes after the desensitization processing to the large model.
The foregoing describes a security risk management and control apparatus according to a third embodiment of the present application.
Fourth embodiment
A fourth embodiment of the present application provides an electronic device as shown in fig. 8. The electronic device includes: at least one processor 801, at least one memory 802, at least one communication interface 803, and at least one communication bus 804. Alternatively, the processor 801 may be a processor CPU, or an Application-specific integrated Circuit ASIC (Application SPECIFIC INTEGRATED circuits), or one or more integrated circuits configured to implement embodiments of the present application. Memory 802 may comprise high-speed RAM memory or may also include non-volatile memory (non-volatile memory), such as at least one disk memory. The communication interface 803 may be an interface of a communication module, such as an interface of a GSM module. The memory 802 stores programs and data, and the processor 801 calls the programs stored in the memory 802 to execute the above-mentioned security risk management method.
Fifth embodiment
A fifth embodiment of the present application provides a storage medium storing a program and data, the program being executed by a processor for implementing the above-described security risk management method.
It should be noted that, the user information (including but not limited to user equipment information, user personal information, etc.) and the data (including but not limited to data for analysis, stored data, presented data, etc.) related to the present application are information and data authorized by the user or fully authorized by each party, and the collection, use and processing of the related data need to comply with the related laws and regulations and standards of the related country and region, and provide corresponding operation entries for the user to select authorization or rejection.
Although in the above detailed description several modules or units for action execution are mentioned, such partitioning is not mandatory. Indeed, the features and functions of two or more modules or units described above may be embodied in one module or unit, in accordance with embodiments of the present application. Conversely, the features and functions of one module or unit described above may be further divided into a plurality of modules or units to be embodied.
Furthermore, although the steps of the methods of the present application are depicted in the accompanying drawings in a particular order, this is not required to or suggested that the steps must be performed in this particular order or that all of the steps shown be performed in order to achieve desirable results. Additionally or alternatively, certain steps may be omitted, multiple steps combined into one step to perform, and/or one step decomposed into multiple steps to perform, etc.
It should be noted that the embodiments of the present application can be realized in hardware, software, or a combination of software and hardware. The hardware portion may be implemented using dedicated logic; the software portions may be stored in a memory and executed by a suitable instruction execution system, such as a microprocessor or special purpose design hardware. Those of ordinary skill in the art will appreciate that the apparatus and methods described above may be implemented using computer executable instructions and/or embodied in processor control code, such as provided on a carrier medium such as a magnetic disk, CD or DVD-ROM, a programmable memory such as read only memory (firmware), or a data carrier such as an optical or electronic signal carrier. The device of the present application and its modules may be implemented by hardware circuitry, such as very large scale integrated circuits or gate arrays, semiconductors such as logic chips, transistors, etc., or programmable hardware devices such as field programmable gate arrays, programmable logic devices, etc., as well as software executed by various types of processors, or by a combination of the above hardware circuitry and software, such as firmware.
The foregoing is merely illustrative of specific embodiments of the present application, and the scope of the application is not limited thereto, but any modifications, equivalents, improvements and alternatives falling within the spirit and principles of the present application will be apparent to those skilled in the art within the scope of the present application.
Claims (15)
1. A security risk management and control method, comprising:
Obtaining data to be submitted, wherein the data to be submitted is data to be submitted to a large model to obtain a large model service, the data to be submitted is program codes developed by program code developers, and the obtaining of the large model service comprises obtaining a program code detection service provided by the large model;
according to a security risk management and control strategy, performing security risk detection processing on the data to be submitted to obtain a security risk detection result;
If the security risk detection result indicates that the security risk is not found, submitting the data to be submitted to the large model; if the security risk detection result indicates that the security risk exists, security risk management and control processing is carried out on the data to be submitted;
Wherein the method further comprises: inputting the program codes into a risk management strategy generation model corresponding to the large model, and obtaining a security risk management strategy aiming at the program codes; the risk management and control strategy generation model is obtained through training in the following mode: submitting the obtained program code sample to the large model to obtain a program code detection result of the large model aiming at the program code sample; analyzing the program code detection result to obtain a code segment of the large model indicating that a problem exists for the program code sample as a problem code segment; extracting code parameters capable of setting true values from the problem code segments to serve as management and control code parameters; generating an information risk management and control strategy with the management and control code parameters as a reference security risk management and control strategy; the information risk management and control strategy with the management and control code parameters is used for representing: if any one program code has the control code parameter, desensitizing the true value of the control code parameter in the any one program code, and submitting the any one program code after desensitizing to the large model; inputting the program code sample into an initial risk management and control strategy generation model to obtain a predicted safety risk management and control strategy for the program code sample; obtaining predicted loss data between the predicted security risk management and control strategy and the reference security risk management and control strategy; and if the predicted loss data meets a preset first predicted loss acceptable condition, determining the initial risk management and control strategy generation model as the risk management and control strategy generation model.
2. The security risk management and control method according to claim 1, wherein the performing security risk detection processing on the data to be submitted according to the security risk management and control policy to obtain a security risk detection result includes:
judging whether the data to be submitted is a management and control class file or not according to a management and control class file risk management and control strategy;
and if the data to be submitted is the management and control class file, determining that the safety risk exists.
3. The method according to claim 2, wherein if the security risk detection result indicates that there is a security risk, performing security risk management processing on the data to be submitted, including:
And if the security risk detection result indicates that the security risk exists, prohibiting the data to be submitted from being submitted to a large model.
4. The security risk management and control method according to claim 1, wherein the performing security risk detection processing on the data to be submitted according to the security risk management and control policy to obtain a security risk detection result includes:
judging whether the data to be submitted comprises preset information or not according to an information risk management and control strategy;
and if the data to be submitted comprises preset information, determining that a safety risk exists.
5. The security risk management method according to claim 4, wherein the preset information includes key information and/or user information.
6. The method according to claim 4, wherein if the security risk detection result indicates that there is a security risk, performing security risk management processing on the data to be submitted, including:
If the security risk detection result indicates that the security risk exists, carrying out desensitization processing on preset information included in the data to be submitted, and submitting the desensitized data to the large model.
7. The security risk management and control method according to claim 1, wherein the performing security risk detection processing on the data to be submitted according to the security risk management and control policy to obtain a security risk detection result includes:
judging whether the data to be submitted is data applied to the management and control type terminal application and/or the management and control type service unit according to a management and control type terminal application and/or management and control type service unit risk management and control strategy;
And if the data to be submitted is the data applied to the management and control type terminal application and/or the management and control type service unit, determining that the safety risk exists.
8. The method for managing and controlling security risks according to claim 7, wherein if the security risk detection result indicates that there is a security risk, performing security risk management processing on the data to be submitted, includes:
And if the security risk detection result indicates that the security risk exists, prohibiting the data to be submitted from being submitted to a large model.
9. The security risk management and control method according to claim 1, wherein the performing security risk detection processing on the data to be submitted according to the security risk management and control policy to obtain a security risk detection result includes:
And if the data to be submitted does not hit any security risk management strategy, determining that the security risk is not found.
10. The security risk management method of claim 1, wherein the obtaining data to be submitted comprises: obtaining data to be submitted sent by a presenter terminal;
the method further comprises the steps of:
And obtaining the security risk management and control strategy sent by the strategy configuration terminal.
11. The security risk management method of claim 10, further comprising:
acquiring presenter identity information sent by the presenter terminal;
Verifying the presenter identity information sent by the presenter terminal to obtain a verification result used for indicating whether the data to be presented corresponding to the presenter identity information can be presented to a large model;
the step of carrying out security risk detection processing on the data to be submitted according to a security risk management and control strategy to obtain a security risk detection result comprises the following steps:
If the verification result shows that the data to be submitted corresponding to the identity information of the submitter can be submitted to a large model, carrying out security risk detection processing on the data to be submitted according to a security risk management and control strategy to obtain a security risk detection result;
And if the verification result indicates that the data to be submitted corresponding to the identity information of the presenter cannot be submitted to the large model, returning prompt information for prompting that the data to be submitted corresponding to the identity information of the presenter cannot be submitted to the large model to the presenter terminal.
12. The security risk management method of claim 1, wherein the obtaining data to be submitted comprises: obtaining data to be submitted input by a submitter;
the method further comprises the steps of:
The security risk management and control strategy sent by a data server is obtained, the data server is a server for providing service for inputting data to be submitted for a submitter, and the security risk management and control strategy is obtained through a strategy configuration end;
the submitting the data to be submitted to the large model includes:
And submitting the data to be submitted to the large model through the data server.
13. A security risk management and control apparatus, comprising:
The system comprises an obtaining unit, a storage unit and a storage unit, wherein the obtaining unit is used for obtaining data to be submitted, the data to be submitted is data to be submitted to a large model to obtain a large model service, the data to be submitted is program codes developed by program code developers, and the obtaining of the large model service comprises obtaining of a program code detection service provided by the large model;
The detection unit is used for carrying out security risk detection processing on the data to be submitted according to a security risk management and control strategy to obtain a security risk detection result, and comprises the following steps: according to a security risk management and control strategy aiming at the program codes, security risk detection processing is carried out on the program codes, and a security risk detection result is obtained;
The submitting unit is used for submitting the data to be submitted to the large model when the security risk detection result indicates that the security risk is not found;
The management and control unit is used for carrying out security risk management and control processing on the data to be submitted when the security risk detection result indicates that the security risk exists;
The step of carrying out security risk detection processing on the data to be submitted according to a security risk management and control strategy to obtain a security risk detection result comprises the following steps: judging whether the data to be submitted is a management and control class file or not according to a management and control class file risk management and control strategy; if the data to be submitted is a management and control type file, determining that a safety risk exists;
And if the security risk detection result indicates that the security risk exists, performing security risk management and control processing on the data to be submitted, including: if the data to be submitted is determined to have safety risk because the data to be submitted is a management and control class file, prohibiting the data to be submitted from being submitted to a large model;
Wherein the device is further for: inputting the program codes into a risk management strategy generation model corresponding to the large model, and obtaining a security risk management strategy aiming at the program codes; the risk management and control strategy generation model is obtained through training in the following mode: submitting the obtained program code sample to the large model to obtain a program code detection result of the large model aiming at the program code sample; analyzing the program code detection result to obtain a code segment of the large model indicating that a problem exists for the program code sample as a problem code segment; extracting code parameters capable of setting true values from the problem code segments to serve as management and control code parameters; generating an information risk management and control strategy with the management and control code parameters as a reference security risk management and control strategy; the information risk management and control strategy with the management and control code parameters is used for representing: if any one program code has the control code parameter, desensitizing the true value of the control code parameter in the any one program code, and submitting the any one program code after desensitizing to the large model; inputting the program code sample into an initial risk management and control strategy generation model to obtain a predicted safety risk management and control strategy for the program code sample; obtaining predicted loss data between the predicted security risk management and control strategy and the reference security risk management and control strategy; and if the predicted loss data meets a preset first predicted loss acceptable condition, determining the initial risk management and control strategy generation model as the risk management and control strategy generation model.
14. An electronic device comprising a processor and a memory;
the memory is used for storing programs and data, and the processor calls the programs stored in the memory to execute the security risk management method according to any one of claims 1 to 12.
15. A storage medium storing a program and data, the program being executed by a processor for implementing the security risk management method according to any one of claims 1 to 12.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202311588160.8A CN117290890B (en) | 2023-11-24 | 2023-11-24 | Security risk management and control method and device, electronic equipment and storage medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202311588160.8A CN117290890B (en) | 2023-11-24 | 2023-11-24 | Security risk management and control method and device, electronic equipment and storage medium |
Publications (2)
Publication Number | Publication Date |
---|---|
CN117290890A CN117290890A (en) | 2023-12-26 |
CN117290890B true CN117290890B (en) | 2024-05-10 |
Family
ID=89253885
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202311588160.8A Active CN117290890B (en) | 2023-11-24 | 2023-11-24 | Security risk management and control method and device, electronic equipment and storage medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN117290890B (en) |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105468974A (en) * | 2015-11-19 | 2016-04-06 | 广东欧珀移动通信有限公司 | File access method and device, and mobile terminal |
CN105550593A (en) * | 2015-12-11 | 2016-05-04 | 北京奇虎科技有限公司 | Cloud disk file monitoring method and device based on local area network |
CN110826071A (en) * | 2019-09-24 | 2020-02-21 | 平安科技(深圳)有限公司 | Software vulnerability risk prediction method, device, equipment and storage medium |
CN115964496A (en) * | 2023-02-13 | 2023-04-14 | 中国工商银行股份有限公司 | Intelligent detection method and device for sensitive text of communication platform |
CN116186771A (en) * | 2023-02-23 | 2023-05-30 | 腾讯云计算(北京)有限责任公司 | Text processing method, device and medium applied to artificial intelligence generated content |
CN116361807A (en) * | 2023-03-22 | 2023-06-30 | 中国工商银行股份有限公司 | Risk management and control method and device, storage medium and electronic equipment |
CN116451186A (en) * | 2023-04-21 | 2023-07-18 | 广州掌动智能科技有限公司 | Sensitive data security protection method and system |
CN116611074A (en) * | 2023-07-17 | 2023-08-18 | 北京奇虎科技有限公司 | Security information auditing method, device, storage medium and apparatus |
CN117008960A (en) * | 2023-07-03 | 2023-11-07 | 深圳派氪司科技有限公司 | API document generation method, device, storage medium and chip |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110351229B (en) * | 2018-04-04 | 2020-12-08 | 电信科学技术研究院有限公司 | Terminal UE (user equipment) management and control method and device |
-
2023
- 2023-11-24 CN CN202311588160.8A patent/CN117290890B/en active Active
Patent Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105468974A (en) * | 2015-11-19 | 2016-04-06 | 广东欧珀移动通信有限公司 | File access method and device, and mobile terminal |
CN105550593A (en) * | 2015-12-11 | 2016-05-04 | 北京奇虎科技有限公司 | Cloud disk file monitoring method and device based on local area network |
CN110826071A (en) * | 2019-09-24 | 2020-02-21 | 平安科技(深圳)有限公司 | Software vulnerability risk prediction method, device, equipment and storage medium |
CN115964496A (en) * | 2023-02-13 | 2023-04-14 | 中国工商银行股份有限公司 | Intelligent detection method and device for sensitive text of communication platform |
CN116186771A (en) * | 2023-02-23 | 2023-05-30 | 腾讯云计算(北京)有限责任公司 | Text processing method, device and medium applied to artificial intelligence generated content |
CN116361807A (en) * | 2023-03-22 | 2023-06-30 | 中国工商银行股份有限公司 | Risk management and control method and device, storage medium and electronic equipment |
CN116451186A (en) * | 2023-04-21 | 2023-07-18 | 广州掌动智能科技有限公司 | Sensitive data security protection method and system |
CN117008960A (en) * | 2023-07-03 | 2023-11-07 | 深圳派氪司科技有限公司 | API document generation method, device, storage medium and chip |
CN116611074A (en) * | 2023-07-17 | 2023-08-18 | 北京奇虎科技有限公司 | Security information auditing method, device, storage medium and apparatus |
Non-Patent Citations (2)
Title |
---|
Patient ADE Risk Prediction through Hierarchical Time-Aware Neural Network Using Claim Codes;Jinhe Shi等;2020 IEEE International Conference on Big Data (Big Data);20210319;全文 * |
浅淡经济合同风险管理控制探讨;陈哲;;科技创新与应用;20130718;第2013卷(第20期);全文 * |
Also Published As
Publication number | Publication date |
---|---|
CN117290890A (en) | 2023-12-26 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10740411B2 (en) | Determining repeat website users via browser uniqueness tracking | |
CN107391359B (en) | Service testing method and device | |
CN110084034B (en) | Password setting method based on weak password detection, storage medium and electronic equipment | |
CN107678935A (en) | Data creation method, terminal and computer-readable recording medium | |
US11749135B2 (en) | Secure computer-implemented execution and evaluation of programming assignments for on demand courses | |
WO2021196935A1 (en) | Data checking method and apparatus, electronic device, and storage medium | |
CN112016138A (en) | Method and device for automatic safe modeling of Internet of vehicles and electronic equipment | |
CN112711640A (en) | Method and device for configuring business handling process | |
CN111210109A (en) | Method and device for predicting user risk based on associated user and electronic equipment | |
CN110414197B (en) | Bank user identity verification method and device based on behavior characteristics | |
CN115936895A (en) | Risk assessment method, device and equipment based on artificial intelligence and storage medium | |
CN111260080A (en) | Process optimization method, device, terminal and storage medium based on machine learning | |
EP1422958B1 (en) | Permission token management system, permission token management method, program and recording medium | |
CN117725594A (en) | Multiple composite detection method, device, equipment and storage medium of intelligent contract | |
CN117290890B (en) | Security risk management and control method and device, electronic equipment and storage medium | |
CN110096868B (en) | Method, device and equipment for auditing operation codes and computer readable storage medium | |
CN111639903A (en) | Review processing method for architecture change and related equipment | |
CN112085469B (en) | Data approval method, device, equipment and storage medium based on vector machine model | |
CN114781368A (en) | Business requirement safety processing method and device | |
CN113192511B (en) | Information input method, information input device, electronic device, and storage medium | |
CN111080444B (en) | Information auditing method and device | |
CN114637672A (en) | Automatic data testing method and device, computer equipment and storage medium | |
CN114301713A (en) | Risk access detection model training method, risk access detection method and risk access detection device | |
CN111865726A (en) | Service message testing method, device, computer system and storage medium | |
CN110334815A (en) | Label complementing method, terminal, device and storage medium based on cross validation |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |