CN117313133A

CN117313133A - Data desensitization method, device, equipment and storage medium

Info

Publication number: CN117313133A
Application number: CN202311362785.2A
Authority: CN
Inventors: 胡泽霖; 赵敏; 谭迅飞; 何湘; 胡帅; 管家保; 向子成; 樊文成
Original assignee: Wangqi Technology Beijing Co ltd
Current assignee: Wangqi Technology Beijing Co ltd
Priority date: 2023-10-20
Filing date: 2023-10-20
Publication date: 2023-12-29

Abstract

The invention discloses a data desensitization method, a device, equipment and a storage medium, which comprise the following steps: receiving a query request of a target user for a database; determining a model according to the identification of the target user and the pre-trained data demand, and determining the target data demand of the target user; determining a target data level corresponding to the data type to be queried according to the target data requirement and the data type to be queried; tracing the target data level corresponding to the data type to be queried to obtain target encryption sensitive information of all data levels before the target data level of the data type to be queried; and (3) desensitizing the target encryption sensitive information to obtain target sensitive information, and displaying the target sensitive information. The data desensitization method improves user experience, improves data utilization efficiency, improves data desensitization efficiency and reduces data leakage risk.

Description

Data desensitization method, device, equipment and storage medium

Technical Field

The present invention relates to the field of big data technologies, and in particular, to a data desensitizing method, device, equipment and storage medium.

Background

With the continuous evolution of internet big data technology, more and more data are in enterprises. In order to protect important data, the important data is generally encrypted and stored. In such a scenario, it is important how to desensitize the encrypted data according to the user's query request.

At present, different access rights can be set for different users. The types of data that users of different access rights can query are different. When a query request of a certain user is received (the query request comprises the data type to be queried in the access authority of the user), the encrypted data corresponding to the data type to be queried is desensitized and displayed.

However, in some scenarios, a user only wants to query part of the data in the data type to be queried within his access rights, and does not need to query all encrypted data of the data type to be queried. At this time, according to the above data desensitization method, the fine demands of the user cannot be satisfied, resulting in desensitization of data that will not require desensitization, thereby resulting in lower data desensitization efficiency and increasing the risk of data leakage.

Disclosure of Invention

The invention provides a data desensitization method, a device, equipment and a storage medium, which are used for solving the technical problems of low data desensitization efficiency and high data leakage risk in the prior art.

According to an aspect of the present invention, there is provided a data desensitizing method applied to a data server, the data server including a database, the method comprising:

Receiving a query request of a target user for the database; the query request comprises an identification of the target user and a data type to be queried, and the database comprises encrypted sensitive information, wherein the encrypted sensitive information is information formed by encrypting the sensitive information according to the characteristics of the sensitive information;

determining a target data requirement of the target user according to the identification of the target user and a pre-trained data requirement determining model; the data demand determining model is a model which is obtained by training a machine learning algorithm according to a historical query request and a historical query result of a user, wherein the target data demand is used for indicating a target data level corresponding to a data type which can be queried by the target user, each data type comprises a plurality of data levels, and one piece of encryption sensitive information of the last data level corresponds to a plurality of pieces of encryption sensitive information of the next data level;

determining a target data level corresponding to the data type to be queried according to the target data requirement and the data type to be queried;

tracing the target data level corresponding to the data type to be queried to obtain target encryption sensitive information of all data levels before the target data level of the data type to be queried;

And obtaining the target sensitive information after desensitizing the target encrypted sensitive information, and displaying the target sensitive information.

According to another aspect of the present invention, there is provided a data desensitizing apparatus provided in a data server, the data server including a database, the apparatus comprising:

the receiving module is used for receiving a query request of a target user for the database; the query request comprises an identification of the target user and a data type to be queried, and the database comprises encrypted sensitive information, wherein the encrypted sensitive information is information formed by encrypting the sensitive information according to the characteristics of the sensitive information;

the first determining module is used for determining a target data requirement of the target user according to the identification of the target user and a pre-trained data requirement determining model; the data demand determining model is a model which is obtained by training a machine learning algorithm according to a historical query request and a historical query result of a user, wherein the target data demand is used for indicating a target data level corresponding to a data type which can be queried by the target user, each data type comprises a plurality of data levels, and one piece of encryption sensitive information of the last data level corresponds to a plurality of pieces of encryption sensitive information of the next data level;

The second determining module is used for determining a target data level corresponding to the data type to be queried according to the target data requirement and the data type to be queried;

the third determining module is used for tracing the target data level corresponding to the data type to be queried to obtain target encryption sensitive information of all data levels before the target data level of the data type to be queried;

the desensitization module is used for obtaining the target sensitive information after desensitizing the target encrypted sensitive information and displaying the target sensitive information.

According to another aspect of the present invention, there is provided an electronic apparatus including:

at least one processor; and

a memory communicatively coupled to the at least one processor; wherein,

the memory stores a computer program executable by the at least one processor to enable the at least one processor to perform the data desensitization method according to any of the embodiments of the invention.

According to another aspect of the present invention, there is provided a computer readable storage medium storing computer instructions for causing a processor to perform a data desensitization method according to any embodiment of the present invention.

According to the technical scheme, the data desensitization strategy can be dynamically adjusted according to the data demands of different users, on one hand, the desensitized target sensitive information is more in line with the actual demands of the users, the fine demands of the users are met, the user experience is improved, and the utilization efficiency of the data is improved, on the other hand, the desensitization is not needed for all data of the data type to be queried, but only the target encryption sensitive information required by the target users is needed, the data volume of the desensitization process is reduced, so that the data desensitization efficiency is improved, and the encryption is carried out according to the characteristics of the sensitive information, so that the efficiency of the desensitization process of the target encryption sensitive information is further improved, on the other hand, only the target sensitive information required by the target users is displayed, the displayed information volume is reduced, the data security is guaranteed, and the risk of data leakage is reduced.

It should be understood that the description in this section is not intended to identify key or critical features of the embodiments of the invention or to delineate the scope of the invention. Other features of the present invention will become apparent from the description that follows.

Drawings

In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required for the description of the embodiments will be briefly described below, and it is apparent that the drawings in the following description are only some embodiments of the present invention, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.

Fig. 1 is a schematic diagram of an application scenario of a data desensitizing method provided by an embodiment of the present invention;

FIG. 2 is a flow chart of a method for desensitizing data according to an embodiment of the present invention;

FIG. 3A is a schematic diagram illustrating a tracing of a target data hierarchy in a data desensitizing method according to an embodiment of the present invention;

FIG. 3B is a schematic diagram of target sensitive information displayed in a data desensitizing method according to an embodiment of the present invention;

FIG. 4 is a flow chart of a method for desensitizing data according to another embodiment of the present invention;

FIG. 5 is a schematic diagram of target sensitive information displayed in a data desensitization method according to another embodiment of the present invention;

FIG. 6 is a schematic diagram of a target encryption algorithm in a data desensitization method according to another embodiment of the present invention;

FIG. 7 is a flow chart of a method for desensitizing data according to yet another embodiment of the present invention;

FIG. 8 is a schematic diagram of a target encryption algorithm determined in a data decryption method according to another embodiment of the present invention;

FIG. 9 is a flow chart of a method for desensitizing data according to yet another embodiment of the present invention;

FIG. 10 is a schematic diagram of information displayed in a data desensitization method according to a further embodiment of the present invention;

FIG. 11 is a schematic diagram of a data demand determination model in a data desensitizing method according to another embodiment of the present invention;

FIG. 12 is a schematic diagram of a data desensitizing apparatus according to an embodiment of the present invention;

fig. 13 is a schematic structural diagram of an electronic device implementing a data desensitizing method according to an embodiment of the present invention.

Detailed Description

In order that those skilled in the art will better understand the present invention, a technical solution in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in which it is apparent that the described embodiments are only some embodiments of the present invention, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the present invention without making any inventive effort, shall fall within the scope of the present invention.

It should be noted that the terms "first," "second," "target," and "candidate" in the description and claims of the present invention and the above figures are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that the embodiments of the invention described herein may be implemented in sequences other than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus. The data acquisition, storage, use, processing and the like in the technical scheme meet the relevant regulations of national laws and regulations.

Fig. 1 is a schematic diagram of an application scenario of a data desensitizing method according to an embodiment of the present invention. As shown in fig. 1, the data desensitizing method provided in the present embodiment can be applied to a data server 21. The user queries the data server 21 for data via the user device 22. The data server 21 in the present embodiment stores therein a database. The database includes encryption sensitive information. The encrypted sensitive information in this embodiment is information formed by encrypting the sensitive information according to the characteristics of the sensitive information.

In the data desensitizing method provided in this embodiment, the target user sends a query request for the database to the data server 21 through the user device 22. The data server 21 in this embodiment may determine the target data requirement of the target user according to the identification of the target user and the data requirement determining module. And then, determining a target data level corresponding to the data type to be queried according to the target data requirement and the data type to be queried in the query request. And tracing the target data level corresponding to the data type to be queried to obtain target encryption sensitive information of all data levels before the target data level of the data type to be queried. And (3) desensitizing the target encryption sensitive information to obtain target sensitive information, and displaying the target sensitive information. According to the data desensitization method, the data desensitization strategy can be dynamically adjusted according to the data demands of different users, on one hand, the desensitized target sensitive information is more in line with the actual demands of the users, the fine demands of the users are met, the user experience is improved, and the utilization efficiency of the data is improved, on the other hand, the desensitization is not needed to be carried out on all data of the data type to be queried, but only the target encryption sensitive information required by the target users is needed to be desensitized, the data volume of the desensitization process is reduced, so that the data desensitization efficiency is improved, and the encryption is carried out according to the characteristics of the sensitive information, so that the efficiency of the desensitization process on the target encryption sensitive information is further improved.

The data desensitization method provided in this embodiment is described in detail below by way of several examples.

Fig. 2 is a flow chart of a data desensitization method according to an embodiment of the present invention. The embodiment is applicable to the case of desensitizing data in a data server according to a query request of a user. The data server includes a database therein. The method may be performed by a data desensitizing device, which may be implemented in hardware and/or software, which may be configured in a data server. As shown in fig. 2, the method includes the following steps.

Step 201: a query request of a target user for a database is received.

Wherein the query request includes an identification of the target user and a type of data to be queried. The database comprises encrypted sensitive information, wherein the encrypted sensitive information is information formed by encrypting the sensitive information according to the characteristics of the sensitive information.

For convenience of description, the user currently performing the data query is referred to as a target user in this embodiment. In step 201, the data server may be a server that receives a query request for a database sent by a target user through a user device. The user device in this embodiment may be, for example, a computer, a mobile phone, a personal digital assistant, or the like of the target user. The identification of the target user refers to information that can uniquely identify the target user. Such as an identification of the user device of the target user, an identification of the target user, etc.

The encrypted sensitive information stored in the database of the data server in this embodiment is information formed by encrypting the sensitive information according to the characteristics of the sensitive information. The sensitive information in this embodiment may be information that needs to be encrypted in different services. Illustratively, the sensitive information in the present embodiment may be sensitive information in a bidding service, such as a quotation table, organization information, etc. in a bidding document. Of course, the sensitive information in the embodiment may also be sensitive information in financial services, for example, financial data of the user. This embodiment is not limited thereto.

In this embodiment, the encrypted sensitive information may be formed after the sensitive information is encrypted according to the characteristics of the sensitive information. The characteristics of the sensitive information in this embodiment may be, for example, the type, data amount, discrete degree, concentration degree, repetition degree, and the like of the sensitive information. According to the embodiment, the encryption algorithm suitable for the sensitive information can be matched according to the characteristics of the sensitive information, and the sensitive information is encrypted to form encrypted sensitive information. This implementation will be described in detail in the following embodiments. The sensitive information is encrypted according to the characteristics of the sensitive information to form encrypted sensitive information, so that the efficiency of the subsequent data desensitization is higher. And, make the security of encrypting sensitive information higher.

The data type to be queried in this embodiment refers to the data type to be queried. The data type in the present embodiment refers to a type of data such as date of birth data, address data, price data, and the like.

Step 202: and determining the target data requirement of the target user according to the identification of the target user and the pre-trained data requirement determination model.

The data demand determining model is a model which is obtained by training a machine learning algorithm according to a historical query request and a historical query result of a user. The target data requirements are used for indicating target data levels corresponding to the data types that can be queried by the target user. Each data type includes a plurality of data levels, with one encryption sensitive information of a previous data level corresponding to the encryption sensitive information of a next data level.

The data demand determination model in this embodiment is a model trained according to the historical query request and the historical query result of the user. The data demand model may be a model trained by a deep learning method, for example, a neural network model, a convolutional neural network model, a deep reinforcement learning model, and the like. The present embodiment is not limited thereto. The training process of the data demand determination model is similar to that of the model in the prior art, and will not be repeated here. It can be appreciated that the identification of the user may also be utilized in the training process of the data demand determination model, i.e., the data demand determination model may be obtained by training based on the identification of the user, the historical query request of the user, and the historical query result.

The data requirement determining module in this embodiment may output the target data requirement of the target user according to the identifier of the target user. For example, it may be inferred that a user is more concerned about year data in age data based on the fact that the user frequently queries for age-related statistics, but rarely looks at specific personal age information.

The target data requirement in this embodiment is used to indicate the target data hierarchy corresponding to the data type that the target user can query. The data type in this embodiment includes a plurality of data levels, and one encryption sensitive information of a previous data level corresponds to the encryption sensitive information of a plurality of next data levels. For example, for date of birth data, the root data level is year, the next data level is month, and the next data level is day. The encryption sensitive information corresponding to a certain year corresponds to a plurality of months of encryption sensitive information, for example, 2 months, 3 months, 8 months, etc. can be corresponding to 1995. For address data, the root data level is country, the next data level is province, the next data level is city, the next data level is district (county), and the next data level is street (town). The root data level in this embodiment refers to the data level with the largest range among data types.

The data types that the target user can query in this embodiment refer to all the data types that the target user can query in the database, that is, all the data types that the target user has authority to query. The target data hierarchy corresponding to the data type in this embodiment refers to the lowest data hierarchy required by the target user in the data type. For example, for date of birth data, if the target user is only interested in month data, then the target data hierarchy is month. For address data, the target data hierarchy is the city if the target user is only interested in the city level data.

Because the data demand determining module is a model determined according to big data, the data demand determining module can accurately reflect the real demand of a target user.

Step 203: and determining a target data level corresponding to the data type to be queried according to the target data requirement and the data type to be queried.

In step 203, a target data hierarchy corresponding to the type of data to be queried that the target user wants to query at this time is selected from the target data requirements.

Step 204: tracing the target data level corresponding to the data type to be queried to obtain target encryption sensitive information of all data levels before the target data level of the data type to be queried.

The tracing in this embodiment refers to determining all data levels from a target data level of a data type to be queried to a root data level of the data type to be queried.

Optionally, the implementation procedure of step 204 may include: tracing the source of the target data level corresponding to the data type to be queried to obtain all data levels from the target data level of the data type to be queried to the root data level of the data type to be queried; and acquiring encryption sensitive information between all data levels from a target data level of the data type to be queried to a root data level of the data type to be queried from the database, and taking the encryption sensitive information as target encryption sensitive information.

Fig. 3A is a schematic diagram illustrating tracing a target data hierarchy in a data desensitizing method according to an embodiment of the present invention. As shown in fig. 3A, taking the type of data to be queried as the address data as an example, assume that the address data includes 5 levels of country, province, city, district (county) and street (town), and the data level is the country. Assuming that the determined target data level of the data type to be queried is a region (county), all data levels from the target data level of the data type to the root data level of the data type to be queried are: country, province, city, and district (county).

After all data levels before the target data level of the data type to be queried are determined, encryption sensitive information between the target data level of the data type to be queried and all data levels between the root data level of the data type to be queried is obtained from a database and is used as target encryption sensitive information. Based on the example in fig. 3A, for example, assume that the plaintext of a certain piece of address data is: since the target data level is the district (county), the target encryption sensitive information obtained in this embodiment is: ciphertext of the Yanta region of western An city of Shaanxi province in China. That is, only the encryption sensitive information between the root data level of the data type to be checked to the target data level is acquired.

Step 205: and (3) desensitizing the target encryption sensitive information to obtain target sensitive information, and displaying the target sensitive information.

After obtaining the target encrypted sensitive information, in step 205, the target encrypted sensitive information is desensitized to obtain the target sensitive information. In this embodiment, the desensitization process of encrypting the sensitive information of the target is the inverse process of the encryption process, that is, the sensitive information of the target is decrypted by using the key (symmetric key or asymmetric key) in the encryption process, so as to obtain the sensitive information of the target. The encryption process takes advantage of the characteristics of sensitive information, and thus the desensitization process is more efficient.

After the target sensitive information is obtained, the target sensitive information may be displayed in this embodiment. In one implementation, the data server may display the target sensitive information directly. In another implementation, the data server may send the target sensitive information to the user device. And the user equipment receives the target sensitive information and displays the target sensitive information.

Fig. 3B is a schematic diagram of target sensitive information displayed in a data desensitizing method according to an embodiment of the present invention. The description will be made taking the type of data to be queried as address data and the target data level as district (county) as an example. As shown in fig. 3B, it can be seen that the target sensitive information displayed in this embodiment is a part of data meeting the requirements of the target user in the data type to be queried.

It can be seen that the data desensitization method not only ensures the privacy of the data, but also maintains the original structure and meaning thereof.

According to the data desensitization method, the data desensitization strategy can be dynamically adjusted according to the data demands of different users, on one hand, the desensitized target sensitive information is more in line with the actual demands of the users, the fine demands of the users are met, the user experience is improved, and the utilization efficiency of the data is improved, on the other hand, the desensitization is not needed to be carried out on all data of the data type to be queried, but only the target encryption sensitive information required by the target users is needed to be desensitized, the data volume of the desensitization process is reduced, so that the data desensitization efficiency is improved, and the encryption is carried out according to the characteristics of the sensitive information, so that the efficiency of the desensitization process on the target encryption sensitive information is further improved.

Fig. 4 is a flow chart of a data desensitization method according to another embodiment of the present invention. This embodiment describes in detail how the source data is encrypted to form encryption sensitive information based on the embodiment shown in fig. 2 and various alternative implementations. As shown in fig. 4, the data desensitizing method provided in this embodiment includes the following steps.

Step 401: and determining the sensitive information in the source data according to the source data and a pre-trained sensitive information determination model.

The sensitive information determination model in this embodiment may be a model determined using natural language processing (Natural Language Processing, abbreviated as NLP) and pattern matching techniques. The model may determine sensitive information in the source data from the source data.

For example, for a bid file, the sensitive information may include: bid unit information, bid content, bid evaluation conditions, and the like.

Step 402: features of sensitive information are acquired.

Step 403: and determining a target encryption algorithm matched with the sensitive information according to the characteristics of the sensitive information.

In this embodiment, dynamic encryption may be implemented according to different sensitive information, so as to improve efficiency of an encryption process and security of encrypted data.

In step 402, in one implementation, features of sensitive information may be determined according to a predetermined information feature extraction model. In another implementation, the characteristics of the sensitive information may be determined based on the type of sensitive information, e.g., whether digital, textual, image, or video information. In yet another implementation, the characteristics of the sensitive information may be determined based on statistical properties of the sensitive information. For example, characteristics such as the degree of dispersion, the degree of concentration, the degree of repetition, and the like of the sensitive information are determined. In yet another implementation, the sensitivity level of the sensitive information may be determined according to the sensitive information and a predetermined mapping relationship between the information and the sensitivity level.

After determining the characteristics of the sensitive information, a target encryption algorithm that matches the sensitive information may be determined. The performance of different encryption algorithms varies. Thus, in step 403, a target encryption algorithm that is compatible with the characteristics of the sensitive information may be determined. For example, assuming that the sensitivity level of the sensitive information is the highest level, an encryption algorithm with higher security is selected as the target encryption algorithm. For example, an asymmetric encryption algorithm (e.g., RSA) may be determined as the target encryption algorithm. For another example, if the data size of the sensitive information is large, an encryption algorithm with high encryption efficiency is selected as the target encryption algorithm. For example, a symmetric encryption algorithm such as advanced encryption standard (Advanced Encryption Standard, abbreviated as AES) may be used as the target encryption algorithm.

In an embodiment, the implementation procedure of step 403 may include the following step 4031 and step 4032.

Step 4031: and determining a candidate encryption algorithm matched with the current operation parameters according to the current operation parameters of the data server.

Alternatively, the current operating parameters of the data server may include: processor parameters and storage parameters. Based on this, the implementation procedure of step 4031 may include the following steps 40311 to 40314.

Step 40311: and when the processing capacity of the processor of the data server is determined to not meet the preset processing capacity condition according to the processor parameters, and the storage space of the data server is determined to meet the preset storage space condition according to the storage parameters, determining the first type of encryption algorithm as a candidate encryption algorithm matched with the current operation parameters.

The preset processing capability condition in this embodiment refers to a condition that the processing capability of the processor of the data server is greater than the processing threshold, that is, a condition that the processing capability of the processor is sufficient. For example, assuming that the number of currently remaining processor cores is 3, the processing capability of the processor is considered to be sufficient, the preset processing capability condition is that the number of currently remaining processor cores is 3.

The preset storage space condition in this embodiment refers to a condition that the storage space of the data server is larger than the storage space threshold, that is, a condition that the storage space of the processor is sufficient. For example, assuming that the current remaining storage space is two-thirds of the total storage space, the storage space is considered to be sufficient, the preset storage space condition is that the current remaining storage space is two-thirds of the total storage space.

Step 40312: and determining the second type of encryption algorithm as a candidate encryption algorithm matched with the current operation parameter when the processing capacity of the processor of the data server is determined to meet the preset processing capacity condition according to the processor parameter and the storage space of the data server is determined not to meet the preset storage space condition according to the storage parameter.

Step 40313: and when the processing capacity of the processor of the data server meets the preset processing capacity condition according to the processor parameters and the storage space of the data server meets the preset storage space condition according to the storage parameters, determining the first type of encryption algorithm and the second type of encryption algorithm as candidate encryption algorithms matched with the current operation parameters.

Wherein the consumption of the processing performance of the processor by the running process of the first type of encryption algorithm is smaller than the consumption of the processing performance of the processor by the running process of the second type of encryption algorithm. The storage space occupied by the encrypted sensitive information encrypted by the second type of encryption algorithm is smaller than the storage space occupied by the encrypted sensitive information encrypted by the first type of encryption algorithm.

The scene characterized by step 40311 is: the processor performance of the data server is insufficient, and the storage space is more. The scene characterized by step 40312 is: and the processor performance of the data server is sufficient, and the storage space is insufficient. The scene characterized by step 40313 is: the processor performance of the data server is sufficient, and the storage space is more.

Based on different scenarios, the candidate encryption algorithm that matches the current operating parameters is different. In this embodiment, each encryption algorithm and the characteristics corresponding to the encryption algorithm may be stored in advance in the data server. For example, the encryption algorithm can be divided into: processor performance friendly encryption algorithms (i.e., a first type of encryption algorithm) and storage space friendly encryption algorithms (i.e., a second type of encryption algorithm). The number of encryption algorithms of the first type may be plural and the number of encryption algorithms of the second type may be plural. And then determining a candidate encryption algorithm matched with the current operation parameters according to the current operation parameters of the data server.

Step 40314: when the processing capacity of the processor of the data server is determined to not meet the preset processing capacity condition according to the processor parameters, and the storage space of the data server is determined to not meet the preset storage space condition according to the storage parameters, the sensitive information is stored in the memory protection area in the data server until the processing capacity of the processor of the data server is determined to meet the preset processing capacity condition, or the storage space of the data server is determined to meet the preset storage space condition.

The memory protection area is an area which can be accessed only by the system authority.

The scene characterized by step 40314 is: a scenario where the processor performance of the data server is inadequate, and the storage space is inadequate. In this scenario, sensitive information may be stored in a memory protection area in the data server first in order not to affect other processing of the data server. Until it is determined that the processing capacity of the processor of the data server meets a preset processing capacity condition, or it is determined that the storage space of the data server meets a preset storage space condition. The memory protection area in this embodiment is an area that needs system permission to access. The implementation method can improve the security of the sensitive information on the premise of not affecting other processing procedures of the data server.

Step 4032: and determining a target encryption algorithm matched with the sensitive information from the candidate encryption algorithms according to the characteristics of the sensitive information.

In step 4032, after determining the candidate encryption algorithm, a target encryption algorithm matching the sensitive information may be determined from the candidate encryption algorithms according to the characteristics of the sensitive information. The target encryption algorithm determined by step 4031 and step 4032 may be matched not only to the characteristics of the sensitive information, but also to the current operating parameters of the data server. The encryption process is realized without affecting other processing processes of the data server and matching with the characteristics of the sensitive information.

Fig. 6 is a schematic diagram of a target encryption algorithm determined in a data desensitizing method according to another embodiment of the present invention. As shown in fig. 6, a candidate encryption algorithm may be determined based on current operating parameters of the server; and determining a target encryption algorithm from the candidate encryption algorithms according to the characteristics of the sensitive information. In fig. 6, there are four scenarios based on different current operating parameters: scenes with insufficient processor performance and more storage space of the data server; a scenario where the processor performance of the data server is sufficient and the storage space is insufficient; the processor performance of the data server is sufficient, and the memory space is more; a scenario where the processor performance of the data server is inadequate, and the storage space is inadequate. There are different candidate encryption algorithm determination policies for each scenario.

Step 404: and encrypting the sensitive information according to the target encryption algorithm to obtain encrypted sensitive information, and storing the encrypted sensitive information in a database.

In this embodiment, after determining the target encryption algorithm, the sensitive information is encrypted according to the target encryption algorithm to obtain encrypted sensitive information, and the encrypted sensitive information is stored in the database.

Optionally, after step 401, the following steps 405 and 406 are further included.

Step 405: and determining non-sensitive information in the source data according to the sensitive information in the source data and the source data.

Step 406: storing the non-sensitive information in the source data in a database, and establishing an information mapping relation between the non-sensitive information in the source data and the encrypted sensitive information.

In steps 405 and 406, storing non-sensitive information in a data source corresponding to encrypted sensitive information may be implemented.

Step 407: a query request of a target user for a database is received.

Step 407 is similar to the implementation process and technical principle of step 201, and will not be described here again.

Step 408: and determining the target data requirement of the target user according to the identification of the target user and the pre-trained data requirement determination model.

Step 408 is similar to the implementation process and technical principle of step 202, and will not be described again here.

Step 409: and determining a target data level corresponding to the data type to be queried according to the target data requirement and the data type to be queried.

Step 409 is similar to the implementation process and technical principle of step 203, and will not be described here again.

Step 410: tracing the target data level corresponding to the data type to be queried to obtain target encryption sensitive information of all data levels before the target data level of the data type to be queried.

Step 410 is similar to the implementation process and technical principle of step 204, and will not be described again here.

Step 411: and (3) desensitizing the target encryption sensitive information to obtain target sensitive information, and displaying the target sensitive information.

Step 411 is similar to the implementation process and technical principle of step 205, and will not be described again here.

Optionally, the data desensitizing method provided in this embodiment further includes the following steps 412 and 413.

Step 412: and determining target non-sensitive information corresponding to the target encryption sensitive information according to the information mapping relation and the target encryption sensitive information.

Step 413: displaying the target non-sensitive information.

In steps 412 and 413, target non-sensitive information corresponding to the target encrypted sensitive information may be displayed to enhance the user experience.

Fig. 5 is a schematic diagram of target sensitive information displayed in a data desensitizing method according to another embodiment of the present invention. As shown in fig. 5, in the present embodiment, target non-sensitive information 52 mapped with target sensitive information may be displayed in addition to target sensitive information 51. Illustratively, the target sensitive information 51 may be the date of birth of a person (only shown to the level of "year" of the target user's demand), and the target non-sensitive information 52 may be the gender of the person.

According to the data desensitization method provided by the embodiment, on one hand, the sensitive information in the source data can be determined according to the source data and the pre-trained sensitive information determination model, the efficiency of determining the sensitive information and the accuracy of the determined sensitive information are improved, and the data safety is further improved; on the other hand, a target encryption algorithm matched with the sensitive information can be determined according to the characteristics of the sensitive information, namely, dynamic encryption is carried out according to different sensitive information, so that the efficiency of an encryption process and the safety of encrypted data are improved; in still another aspect, target non-sensitive information corresponding to the target encrypted sensitive information can be displayed, and user experience is improved on the premise of ensuring data security.

Fig. 7 is a flow chart of a data desensitization method according to a further embodiment of the present invention. This embodiment describes in detail another implementation of how the target encryption algorithm is determined in the embodiments shown in fig. 2 to 4 and in various alternative implementations. For brevity, only the steps of how to determine the target encryption algorithm are described in this embodiment, and other steps may be referred to in the embodiments of fig. 2 to 4. The data desensitizing method provided in this embodiment includes the following steps.

Step 701: and determining the sensitive information in the source data according to the source data and a pre-trained sensitive information determination model.

Step 701 is similar to the implementation process and technical principle of step 401, and will not be described herein.

Step 702: features of sensitive information are acquired.

Step 702 is similar to the implementation process and technical principle of step 402, and will not be described herein.

Step 703: and determining a candidate encryption algorithm matched with the current operation parameters according to the current operation parameters of the data server.

Step 703 is similar to the implementation process and technical principle of step 4031, and will not be described here again.

Step 704: and acquiring a current network attack risk value of the network where the data server is located.

In this embodiment, the target encryption algorithm may be determined based on the current state of the network in which the data server is located. In step 704, a current cyber attack risk value for the network in which the data server is located may be obtained.

Optionally, acquiring the current network behavior of the network in which the data server is located; and determining a current network attack risk value according to the current network behavior. The current network behavior in this embodiment may be the network behavior of all users, servers, and other computer devices in the network where the data server is located. The network behavior in this embodiment includes: query behavior, data feedback behavior, and the like. After determining the current network behavior, the current network attack risk value may be determined based on a pre-trained network attack detection model. The network attack detection model in this embodiment is a model trained according to historical network behaviors.

The larger the current network attack risk value in the embodiment is, the larger the risk that the network where the data server is located is under network attack is; the smaller the current network attack risk value in this embodiment, the lower the risk of the network in which the data server is located from a network attack.

Step 705: and determining a target encryption algorithm matched with the sensitive information from the candidate encryption algorithms according to the characteristics of the sensitive information and the current network attack risk value.

In step 705, a target encryption algorithm matching the sensitive information may be determined from the candidate encryption algorithms in combination with the characteristics of the sensitive information and the current network attack risk value.

One possible implementation may be: when the current network attack risk value is larger than a preset network attack risk threshold value, determining a candidate encryption algorithm meeting a preset security condition as a secondary candidate encryption algorithm; and determining a target encryption algorithm from the secondary candidate encryption algorithms according to the characteristics of the sensitive information. When the current network attack risk value is smaller than or equal to a preset network attack risk threshold value, determining other candidate encryption algorithms except the candidate encryption algorithm meeting the preset security condition as secondary candidate encryption algorithms; and determining a target encryption algorithm from the secondary candidate encryption algorithms according to the characteristics of the sensitive information.

Step 706: and encrypting the sensitive information according to the target encryption algorithm to obtain encrypted sensitive information, and storing the encrypted sensitive information in a database.

Step 706 is similar to the technical principle and implementation procedure of step 404, and will not be described here again.

Fig. 8 is a schematic diagram of a target encryption algorithm determined in a data decryption method according to another embodiment of the present invention. Fig. 8 differs from fig. 6 in that the current network attack risk value of the network in which the data server is located is also taken into account in determining the target encryption algorithm.

Optionally, the data desensitizing method provided in this embodiment may further include steps 405 to 413 in the embodiment shown in fig. 4.

In the data desensitization method provided by the embodiment, when the target encryption algorithm is determined, the current network attack risk value of the network where the data server is located is further considered, and the security of the encrypted sensitive information is further improved.

Fig. 9 is a flow chart of a data desensitization method according to a further embodiment of the invention. This embodiment provides a detailed description of the implementation of the data desensitization method including other steps and how to determine the user's data needs based on the embodiments shown in fig. 2-7 and various alternative implementations. As shown in fig. 9, the data desensitizing method provided in this embodiment includes the following steps.

Step 901: a query request of a target user for a database is received.

Step 901 is similar to the technical principle and implementation procedure of step 201, and will not be described herein.

Step 902: and determining whether the target user is an abnormal user according to the historical access parameters of the target user.

Step 903: and triggering an alarm when the target user is determined to be an abnormal user.

Step 904: when it is determined that the target user is a normal user, a step of executing step 905 is determined.

In steps 902-904, real-time monitoring of query behavior against a database of a data server may be implemented. And only when the target user is determined to be a normal user, the subsequent operation is executed, so that the data security of the database is improved.

In step 902, when it is determined that the historical access parameters of the target user satisfy at least one of the following conditions: the access time length of the target user exceeds a preset time length threshold, the access frequency of the target user exceeds a preset frequency threshold, the access data volume of the target user exceeds a preset data volume threshold, and the target user is determined to be an abnormal user.

In step 903, triggering an alarm may be accomplished by sending pre-warning information to a user terminal of a maintenance person of the data server.

Step 905: and determining the target data requirement of the target user according to the identification of the target user and the pre-trained data requirement determination model.

Optionally, in this embodiment, the data requirement determining model includes a plurality of data requirement determining submodules, and different data requirement determining submodules correspond to different user rights.

The implementation of step 905 is as follows: determining the user authority of the target user according to the identification of the target user, the predetermined mapping relation between the identification of the user and the user authority; determining a data demand determination submodule corresponding to the target user according to the user authority of the target user; and determining the target data requirement of the target user according to the data requirement determination submodule corresponding to the target user and the identification of the target user.

In this embodiment, the user rights of the target user are taken into account when determining the target data requirements of the target user. It can be appreciated that the user's data requirements may be affected by the user rights, so that when the data requirement determination model is trained, the user rights are considered, so that the determined data requirement determination model includes a plurality of data requirement determination sub-modules, and different data requirement determination sub-modules correspond to different user rights, so that the accuracy of the determined target data requirement of the target user can be further improved.

The user rights in this embodiment are used to characterize the range of data that the user can query in the database and the type of data.

Fig. 11 is a schematic structural diagram of a data demand determining model in a data desensitizing method according to another embodiment of the present invention. Illustratively, as shown in FIG. 11, the data demand determination model includes 3 data demand determination submodules: the first data demand determining sub-module, the second data demand determining sub-module and the third data demand determining sub-module correspond to the user rights respectively as follows: high user rights, medium user rights, and low user rights.

Step 906: and determining a target data level corresponding to the data type to be queried according to the target data requirement and the data type to be queried.

Step 907: tracing the target data level corresponding to the data type to be queried to obtain target encryption sensitive information of all data levels before the target data level of the data type to be queried.

Step 908: and (3) desensitizing the target encryption sensitive information to obtain target sensitive information, and displaying the target sensitive information.

The implementation process and technical principle of step 906 and step 203, step 907 and step 204, and step 908 and step 205 are similar, and will not be described herein.

Optionally, in this embodiment, after step 906, the following steps 909 and 910 are further included.

Step 909: non-target encryption sensitive information is determined for all data levels subsequent to the target data level.

Step 910: and displaying non-target encryption sensitive information of the data levels after the target data level according to the fuzzy display strategy corresponding to the data levels after the target data level aiming at each data level after the target data level.

Wherein the closer to the target data level the greater the amount of display information indicated by the fuzzy display policy for the data level.

In steps 909 and 910, display of non-target encrypted sensitive information of a data hierarchy subsequent to the target data hierarchy may be implemented. In addition, in the display process, different fuzzy display strategies can be adopted for displaying aiming at different data levels. In order to avoid data leakage, the closer to the target data hierarchy the greater the amount of display information indicated by the fuzzy display policy of the data hierarchy.

Alternatively, the amount of display information in the present embodiment may be characterized by the amount of data displayed, for example, the larger the amount of data displayed, the larger the amount of display information. For example, in a data hierarchy next to the target data hierarchy, N bits of data may be randomly selected for desensitization and display for non-target encryption sensitive information for that data hierarchy. In a next data level of the target data level, M-bit data may be randomly selected for desensitization and display for non-target encryption sensitive information for that data level. And so on. Wherein N is greater than M, and N and M are integers greater than zero.

Fig. 10 is a schematic diagram of information displayed in a data desensitizing method according to still another embodiment of the present invention. Taking the type of data to be queried as address data and the target data level as city as an example for illustration. As shown in fig. 10, after displaying the data of the data level of the city, the data of the data level of 3 areas (counties) and the data of the data level of 1 street (town) may be displayed. Other data of the data hierarchy of the city and other data of the data hierarchy of the street (town) are displayed in ciphertext form.

According to the data desensitization method provided by the embodiment, on one hand, when the data demand determination model is trained, the authority of the user is considered, so that the determined data demand determination model comprises a plurality of data demand determination submodules, and different data demand determination submodules correspond to different user authorities, so that the accuracy of the target data demand of the determined target user can be further improved; on the other hand, the non-target encryption sensitive information of the data hierarchy behind the target data hierarchy is displayed, different fuzzy display strategies can be adopted for displaying different data hierarchies in the display process, and the display information quantity indicated by the fuzzy display strategy of the data hierarchy which is closer to the target data hierarchy is larger, so that the requirement of a target user can be properly exceeded when the data is displayed on the premise of ensuring the data security, and the user experience is improved.

Fig. 12 is a schematic structural diagram of a data desensitizing apparatus according to an embodiment of the present invention. The data desensitizing device is arranged in the data server. The data server includes a database. The data desensitizing device provided in this embodiment includes the following modules: a receiving module 121, a first determining module 122, a second determining module 123, a third determining module 124, and a desensitizing module 125.

And the receiving module 121 is used for receiving the query request of the target user for the database.

Wherein the query request includes an identification of the target user and a type of data to be queried. The database includes cryptographically sensitive information. The encrypted sensitive information is information formed by encrypting the sensitive information according to the characteristics of the sensitive information.

A first determining module 122 is configured to determine a target data requirement of the target user according to the identification of the target user and a pre-trained data requirement determining model.

The data demand determining model is a model which is obtained by training by adopting a machine learning algorithm according to a historical query request and a historical query result of a user. The target data requirement is used for indicating a target data level corresponding to the data type which can be queried by the target user. Each data type comprises a plurality of data levels, and one piece of encryption sensitive information of the last data level corresponds to the encryption sensitive information of the next data level.

And a second determining module 123, configured to determine, according to the target data requirement and the data type to be queried, a target data level corresponding to the data type to be queried.

And a third determining module 124, configured to trace the source of the target data hierarchy corresponding to the data type to be queried, so as to obtain target encryption sensitive information of all data hierarchies before the target data hierarchy of the data type to be queried.

The desensitization module 125 is configured to desensitize the target encrypted sensitive information to obtain target sensitive information, and display the target sensitive information.

In one embodiment, the apparatus further comprises: the device comprises a fourth determining module, a first acquiring module, a fifth determining module and an encrypting module.

And the fourth determining module is used for determining the sensitive information in the source data according to the source data and a pre-trained sensitive information determining model. And the first acquisition module is used for acquiring the characteristics of the sensitive information. And a fifth determining module, configured to determine, according to the characteristics of the sensitive information, a target encryption algorithm that matches the sensitive information. And the encryption module is used for encrypting the sensitive information according to the target encryption algorithm to obtain encrypted sensitive information, and storing the encrypted sensitive information in the database.

In one embodiment, the fifth determining module is specifically configured to: according to the current operation parameters of the data server, determining candidate encryption algorithms matched with the current operation parameters; and determining a target encryption algorithm matched with the sensitive information from the candidate encryption algorithms according to the characteristics of the sensitive information.

In one embodiment, the current operating parameters include: processor parameters and storage parameters. In the aspect of determining the candidate encryption algorithm matched with the current operation parameter according to the current operation parameter of the data server, the fifth determining module is specifically configured to: when the processing capacity of the processor of the data server is determined to not meet the preset processing capacity condition according to the processor parameters, and the storage space of the data server is determined to meet the preset storage space condition according to the storage parameters, determining a first type of encryption algorithm as a candidate encryption algorithm matched with the current operation parameters; determining a second type of encryption algorithm as a candidate encryption algorithm matched with the current operation parameter when the processing capacity of the processor of the data server meets a preset processing capacity condition according to the processor parameter and the storage space of the data server does not meet the preset storage space condition according to the storage parameter; and when the processing capacity of the processor of the data server meets the preset processing capacity condition according to the processor parameters, and the storage space of the data server meets the preset storage space condition according to the storage parameters, determining the first type encryption algorithm and the second type encryption algorithm as candidate encryption algorithms matched with the current operation parameters.

In one embodiment, in the aspect of determining the candidate encryption algorithm matching the current operation parameter according to the current operation parameter of the data server, the fifth determining module is specifically further configured to: and when the processing capacity of the processor of the data server is determined to not meet the preset processing capacity condition according to the processor parameters, and the storage space of the data server is determined to not meet the preset storage space condition according to the storage parameters, storing the sensitive information in a memory protection area in the data server until the processing capacity of the processor of the data server is determined to meet the preset processing capacity condition, or determining that the storage space of the data server meets the preset storage space condition. The memory protection area is an area which can be accessed only by the system authority.

In one embodiment, in the aspect of determining the target encryption algorithm matching the sensitive information from the candidate encryption algorithms according to the characteristics of the sensitive information, the fifth determining module is specifically configured to: acquiring a current network attack risk value of a network where the data server is located; and determining a target encryption algorithm matched with the sensitive information from the candidate encryption algorithms according to the characteristics of the sensitive information and the current network attack risk value.

In an embodiment, in the aspect of obtaining the current network attack risk value of the network where the data server is located, the fifth determining module is specifically configured to: acquiring the current network behavior of the network where the data server is located; and determining the current network attack risk value according to the current network behavior.

In one embodiment, the apparatus further comprises: and a sixth determining module and a building module.

And a sixth determining module, configured to determine non-sensitive information in the source data according to the sensitive information in the source data and the source data.

The establishing module is used for storing the non-sensitive information in the source data in the database and establishing an information mapping relation between the non-sensitive information in the source data and the encrypted sensitive information.

In one embodiment, the apparatus further comprises: and a seventh determination module. The seventh determination module is used for: determining target non-sensitive information corresponding to the target encryption sensitive information according to the information mapping relation and the target encryption sensitive information; displaying the target non-sensitive information.

In one embodiment, the apparatus further comprises: and an eighth determination module. The eighth determination module is configured to: determining non-target encryption sensitive information of all data levels after the target data level; and displaying non-target encryption sensitive information of the data levels after the target data level according to a fuzzy display strategy corresponding to the data levels after the target data level aiming at each data level after the target data level. Wherein the nearer the target data hierarchy is, the greater the amount of display information indicated by the fuzzy display policy for the data hierarchy.

In one embodiment, the data requirement determining model includes a plurality of data requirement determining sub-modules, and different data requirement determining sub-modules correspond to different user rights. The first determining module 122 is specifically configured to: determining the user authority of the target user according to the identification of the target user, the predetermined mapping relation between the identification of the user and the user authority; determining a data demand determination submodule corresponding to the target user according to the user authority of the target user; and determining the target data requirement of the target user according to the data requirement determining submodule corresponding to the target user and the identification of the target user.

In one embodiment, the third determining module 124 is specifically configured to: tracing the target data level corresponding to the data type to be queried to obtain all data levels from the target data level of the data type to be queried to the root data level of the data type to be queried; and acquiring encryption sensitive information between all data levels from the target data level of the data type to be queried to the root data level of the data type to be queried from the database, and taking the encryption sensitive information as the target encryption sensitive information.

In one embodiment, the apparatus further comprises: the system comprises a ninth determining module, a triggering alarm module and a tenth determining module.

And a ninth determining module, configured to determine, according to the historical access parameter of the target user, whether the target user is an abnormal user.

And the triggering alarm module is used for triggering an alarm when the target user is determined to be an abnormal user.

And a tenth determining module, configured to determine to perform the step of determining the target data requirement of the target user according to the identification of the target user and a pre-trained data requirement determining model when the target user is determined to be a normal user.

The data desensitizing device provided by the embodiment of the invention can execute the data desensitizing method provided by any embodiment of the invention, and has the corresponding functional modules and beneficial effects of the executing method.

Fig. 13 is a schematic structural diagram of an electronic device implementing a data desensitizing method according to an embodiment of the present invention. Electronic devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. Electronic equipment may also represent various forms of mobile devices, such as personal digital processing, cellular telephones, smartphones, wearable devices (e.g., helmets, glasses, watches, etc.), and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be exemplary only, and are not meant to limit implementations of the inventions described and/or claimed herein.

As shown in fig. 13, the electronic device 10 includes at least one processor 11, and a memory, such as a Read Only Memory (ROM) 12, a Random Access Memory (RAM) 13, etc., communicatively connected to the at least one processor 11, in which the memory stores a computer program executable by the at least one processor, and the processor 11 may perform various appropriate actions and processes according to the computer program stored in the Read Only Memory (ROM) 12 or the computer program loaded from the storage unit 18 into the Random Access Memory (RAM) 13. In the RAM 13, various programs and data required for the operation of the electronic device 10 may also be stored. The processor 11, the ROM 12 and the RAM 13 are connected to each other via a bus 14. An input/output (I/O) interface 15 is also connected to bus 14.

Various components in the electronic device 10 are connected to the I/O interface 15, including: an input unit 16 such as a keyboard, a mouse, etc.; an output unit 17 such as various types of displays, speakers, and the like; a storage unit 18 such as a magnetic disk, an optical disk, or the like; and a communication unit 19 such as a network card, modem, wireless communication transceiver, etc. The communication unit 19 allows the electronic device 10 to exchange information/data with other devices via a computer network, such as the internet, and/or various telecommunication networks.

The processor 11 may be a variety of general and/or special purpose processing components having processing and computing capabilities. Some examples of processor 11 include, but are not limited to, a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), various specialized Artificial Intelligence (AI) computing chips, various processors running machine learning model algorithms, digital Signal Processors (DSPs), and any suitable processor, controller, microcontroller, etc. The processor 11 performs the various methods and processes described above, such as the data desensitization method.

In some embodiments, the data desensitization method may be implemented as a computer program tangibly embodied on a computer-readable storage medium, such as storage unit 18. In some embodiments, part or all of the computer program may be loaded and/or installed onto the electronic device 10 via the ROM 12 and/or the communication unit 19. One or more of the steps of the data desensitization method described above may be performed when the computer program is loaded into RAM 13 and executed by processor 11. Alternatively, in other embodiments, the processor 11 may be configured to perform the data desensitization method by any other suitable means (e.g., by means of firmware).

Various implementations of the systems and techniques described here above may be implemented in digital electronic circuitry, integrated circuit systems, field Programmable Gate Arrays (FPGAs), application Specific Integrated Circuits (ASICs), application Specific Standard Products (ASSPs), systems On Chip (SOCs), load programmable logic devices (CPLDs), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs, the one or more computer programs may be executed and/or interpreted on a programmable system including at least one programmable processor, which may be a special purpose or general-purpose programmable processor, that may receive data and instructions from, and transmit data and instructions to, a storage system, at least one input device, and at least one output device.

A computer program for carrying out methods of the present invention may be written in any combination of one or more programming languages. These computer programs may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus, such that the computer programs, when executed by the processor, cause the functions/acts specified in the flowchart and/or block diagram block or blocks to be implemented. The computer program may execute entirely on the machine, partly on the machine, as a stand-alone software package, partly on the machine and partly on a remote machine or entirely on the remote machine or server.

In the context of the present invention, a computer-readable storage medium may be a tangible medium that can contain, or store a computer program for use by or in connection with an instruction execution system, apparatus, or device. The computer readable storage medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. Alternatively, the computer readable storage medium may be a machine readable signal medium. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.

To provide for interaction with a user, the systems and techniques described here can be implemented on an electronic device having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and a pointing device (e.g., a mouse or a trackball) through which a user can provide input to the electronic device. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user may be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user may be received in any form, including acoustic input, speech input, or tactile input.

The systems and techniques described here can be implemented in a computing system that includes a background component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such background, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), wide Area Networks (WANs), blockchain networks, and the internet.

The computing system may include clients and servers. The client and server are typically remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other. The server can be a cloud server, also called a cloud computing server or a cloud host, and is a host product in a cloud computing service system, so that the defects of high management difficulty and weak service expansibility in the traditional physical hosts and VPS service are overcome.

It should be appreciated that various forms of the flows shown above may be used to reorder, add, or delete steps. For example, the steps described in the present invention may be performed in parallel, sequentially, or in a different order, so long as the desired results of the technical solution of the present invention are achieved, and the present invention is not limited herein.

The above embodiments do not limit the scope of the present invention. It will be apparent to those skilled in the art that various modifications, combinations, sub-combinations and alternatives are possible, depending on design requirements and other factors. Any modifications, equivalent substitutions and improvements made within the spirit and principles of the present invention should be included in the scope of the present invention.

Claims

1. A method of desensitizing data for use in a data server, the data server including a database, the method comprising:

2. The method according to claim 1, wherein the method further comprises:

Determining a model according to source data and pre-trained sensitive information, and determining the sensitive information in the source data;

acquiring characteristics of the sensitive information;

determining a target encryption algorithm matched with the sensitive information according to the characteristics of the sensitive information;

encrypting the sensitive information according to the target encryption algorithm to obtain encrypted sensitive information, and storing the encrypted sensitive information in the database.

3. The method of claim 2, wherein the determining a target encryption algorithm that matches the sensitive information based on the characteristics of the sensitive information comprises:

according to the current operation parameters of the data server, determining candidate encryption algorithms matched with the current operation parameters;

and determining a target encryption algorithm matched with the sensitive information from the candidate encryption algorithms according to the characteristics of the sensitive information.

4. A method according to claim 3, wherein the current operating parameters include: processor parameters and storage parameters;

the determining a candidate encryption algorithm matched with the current operation parameter according to the current operation parameter of the data server comprises the following steps:

When the processing capacity of the processor of the data server is determined to not meet the preset processing capacity condition according to the processor parameters, and the storage space of the data server is determined to meet the preset storage space condition according to the storage parameters, determining a first type of encryption algorithm as a candidate encryption algorithm matched with the current operation parameters;

determining a second type of encryption algorithm as a candidate encryption algorithm matched with the current operation parameter when the processing capacity of the processor of the data server meets a preset processing capacity condition according to the processor parameter and the storage space of the data server does not meet the preset storage space condition according to the storage parameter;

when the processing capacity of the processor of the data server is determined to meet the preset processing capacity condition according to the processor parameters, and the storage space of the data server is determined to meet the preset storage space condition according to the storage parameters, determining a first type encryption algorithm and a second type encryption algorithm as candidate encryption algorithms matched with the current operation parameters;

The consumption of the processing performance of the processor by the operation process of the first type encryption algorithm is smaller than that of the processing performance of the processor by the operation process of the second type encryption algorithm, and the storage space occupied by the encrypted sensitive information encrypted by the second type encryption algorithm is smaller than that occupied by the encrypted sensitive information encrypted by the first type encryption algorithm.

5. The method of claim 4, wherein said determining a candidate encryption algorithm that matches a current operating parameter of said data server based on said current operating parameter further comprises:

when the processing capacity of the processor of the data server is determined to not meet the preset processing capacity condition according to the processor parameter, and the storage space of the data server is determined to not meet the preset storage space condition according to the storage parameter, storing the sensitive information in a memory protection area in the data server until the processing capacity of the processor of the data server is determined to meet the preset processing capacity condition, or determining that the storage space of the data server meets the preset storage space condition; the memory protection area is an area which can be accessed only by the system authority.

6. A method according to claim 3, wherein said determining a target encryption algorithm from said candidate encryption algorithms that matches said sensitive information based on characteristics of said sensitive information comprises:

acquiring a current network attack risk value of a network where the data server is located;

and determining a target encryption algorithm matched with the sensitive information from the candidate encryption algorithms according to the characteristics of the sensitive information and the current network attack risk value.

7. The method of claim 6, wherein the obtaining the current cyber attack risk value for the network in which the data server is located comprises:

acquiring the current network behavior of the network where the data server is located;

and determining the current network attack risk value according to the current network behavior.

8. The method of claim 2, wherein after determining the sensitive information in the source data according to the source data and a pre-trained sensitive information determination model, the method further comprises:

determining non-sensitive information in the source data according to the sensitive information in the source data and the source data;

Storing the non-sensitive information in the source data in the database, and establishing an information mapping relation between the non-sensitive information in the source data and the encrypted sensitive information.

9. The method of claim 8, wherein after the obtaining the target encryption sensitive information for all data levels preceding the target data level for the data type to be queried, the method further comprises:

determining target non-sensitive information corresponding to the target encryption sensitive information according to the information mapping relation and the target encryption sensitive information;

displaying the target non-sensitive information.

10. The method of claim 1, wherein after the determining the target data hierarchy corresponding to the data type to be queried, the method further comprises:

determining non-target encryption sensitive information of all data levels after the target data level;

for each data level behind the target data level, displaying non-target encryption sensitive information of the data level behind the target data level according to a fuzzy display strategy corresponding to the data level behind the target data level; wherein the nearer the target data hierarchy is, the greater the amount of display information indicated by the fuzzy display policy for the data hierarchy.

11. The method of claim 1, wherein the data demand determination model includes a plurality of data demand determination submodules, different data demand determination submodules corresponding to different user rights;

the determining the target data requirement of the target user according to the identification of the target user and a pre-trained data requirement determining model comprises the following steps:

determining the user authority of the target user according to the identification of the target user, the predetermined mapping relation between the identification of the user and the user authority;

determining a data demand determination submodule corresponding to the target user according to the user authority of the target user;

and determining the target data requirement of the target user according to the data requirement determining submodule corresponding to the target user and the identification of the target user.

12. The method according to claim 1, wherein tracing the target data hierarchy corresponding to the data type to be queried to obtain target encryption sensitive information of all data hierarchies before the target data hierarchy of the data type to be queried, includes:

tracing the target data level corresponding to the data type to be queried to obtain all data levels from the target data level of the data type to be queried to the root data level of the data type to be queried;

And acquiring encryption sensitive information between all data levels from the target data level of the data type to be queried to the root data level of the data type to be queried from the database, and taking the encryption sensitive information as the target encryption sensitive information.

13. The method of claim 1, wherein prior to determining the target data requirements for the target user based on the identification of the target user and a pre-trained data requirements determination model, the method further comprises:

determining whether the target user is an abnormal user or not according to the historical access parameters of the target user;

triggering an alarm when the target user is determined to be an abnormal user;

and when the target user is determined to be a normal user, determining to execute the step of determining the target data requirement of the target user according to the identification of the target user and a pre-trained data requirement determination model.

14. A data desensitizing apparatus, wherein the data desensitizing apparatus is disposed in a data server, the data server including a database, the apparatus comprising:

15. An electronic device, the electronic device comprising:

at least one processor; and

a memory communicatively coupled to the at least one processor; wherein,

the memory stores a computer program executable by the at least one processor to enable the at least one processor to perform the data desensitization method according to any one of claims 1-13.

16. A computer readable storage medium storing computer instructions for causing a processor to perform the data desensitization method according to any one of claims 1-13.