CN117633319B - Database automation response method, device, computer equipment and storage medium - Google Patents

Database automation response method, device, computer equipment and storage medium Download PDF

Info

Publication number
CN117633319B
CN117633319B CN202410109802.XA CN202410109802A CN117633319B CN 117633319 B CN117633319 B CN 117633319B CN 202410109802 A CN202410109802 A CN 202410109802A CN 117633319 B CN117633319 B CN 117633319B
Authority
CN
China
Prior art keywords
data
result
action
response
security arrangement
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202410109802.XA
Other languages
Chinese (zh)
Other versions
CN117633319A (en
Inventor
柳遵梁
王月兵
毛菲
周杰
闻建霞
刘聪
覃锦端
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou Meichuang Technology Co ltd
Original Assignee
Hangzhou Meichuang Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou Meichuang Technology Co ltd filed Critical Hangzhou Meichuang Technology Co ltd
Priority to CN202410109802.XA priority Critical patent/CN117633319B/en
Publication of CN117633319A publication Critical patent/CN117633319A/en
Application granted granted Critical
Publication of CN117633319B publication Critical patent/CN117633319B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Abstract

The embodiment of the invention discloses a database automation response method, a database automation response device, computer equipment and a storage medium. The method comprises the following steps: acquiring data in a database; classifying the data to obtain a classification result; classifying the data by combining the classification result to obtain a classification result; defining a data risk action; defining a data risk response action; generating security arrangement information of each data according to the classification result, the grading result, the data risk action and the data risk response action; counting the security arrangement information of each data to generate a security arrangement library; monitoring the flow of the database to obtain SQL sentences to be executed; analyzing the SQL sentence to be executed to obtain an analysis result; and determining a response result according to the analysis result and the security arrangement library. By implementing the method of the embodiment of the invention, the database data can be safely arranged, and the database safety response can be automatically realized, so that the response efficiency is improved.

Description

Database automation response method, device, computer equipment and storage medium
Technical Field
The present invention relates to databases, and more particularly, to a database automated response method, apparatus, computer device, and storage medium.
Background
The traditional database security protection mode needs to adapt to different attack modes by means of adjustment rules, complex attack modes are difficult to process, the limitation that unknown or novel attacks cannot be captured is faced, when the data security situation is getting more severe and complex, whether emergency response is timely and effective or not is critical to reducing the loss of data security events, the database security protection can be started from the data arrangement of the database, at present, no mode can realize the security arrangement of database data, and the automation of database security response is realized, so that the response efficiency is improved.
Therefore, it is necessary to design a new method to implement secure arrangement of database data and automation of secure database response, so as to improve response efficiency.
Disclosure of Invention
The invention aims to overcome the defects of the prior art and provides a database automation response method, a database automation response device, computer equipment and a storage medium.
In order to achieve the above purpose, the present invention adopts the following technical scheme: a database automation response method, comprising:
acquiring data in a database;
classifying the data to obtain a classification result;
Classifying the data by combining the classification result to obtain a classification result;
Defining a data risk action;
Defining a data risk response action;
generating security arrangement information of each data according to the classification result, the grading result, the data risk action and the data risk response action;
counting the security arrangement information of each data to generate a security arrangement library;
monitoring the flow of the database to obtain SQL sentences to be executed;
analyzing the SQL sentence to be executed to obtain an analysis result;
And determining a response result according to the analysis result and the security arrangement library.
The further technical scheme is as follows: the classifying the data to obtain a classification result comprises the following steps:
analyzing the data, and classifying according to the user data, the service data and the company data to obtain a classification result.
The further technical scheme is as follows: and grading the data by combining the classification result to obtain a grading result, wherein the grading step comprises the following steps of:
And carrying out classification on the data at an absolute secret level, a secret level, an internal public level and an external public level according to the classification result to obtain a classification result.
The further technical scheme is as follows: the data risk actions are defined according to operation action types, and the data risk actions comprise data query, data operation, data definition, transaction control and data control; the data risk response actions include allowing command execution, prohibiting command execution and blocking a connection session, prohibiting command execution, returning null data, returning a defined number of lines, returning a data desensitization result.
The further technical scheme is as follows: the parsing the SQL sentence to be executed to obtain a parsing result includes:
Analyzing the SQL sentence to be executed to extract target data, operation type and operation action, and determining the data level and the data type of the target data to obtain an analysis result.
The further technical scheme is as follows: the determining a response result according to the analysis result and the security arrangement library comprises the following steps:
and matching the analysis result with the security arrangement library in terms of data category and level, data risk action type and data risk action to obtain a response result.
The further technical scheme is as follows: the step of matching the analysis result with the security arrangement library in terms of data category and level, data risk action type and data risk action to obtain a response result comprises the following steps:
Matching the data category and the data level of the target data with the data category and the data level in the security arrangement library to obtain a first matching result;
Judging whether the first matching result is zero or not;
if the first matching result is zero, allowing the SQL statement to be executed to obtain a response result;
if the first matching result is not zero, matching an operation type with a data risk action type in the security arrangement library to obtain a second matching result;
Judging whether the second matching result is that the operation type is not in an action type list in a security arrangement library;
If the second matching result is that the operation type is not in the action type list in the security arrangement library, intercepting and alarming the SQL sentence to be executed to obtain a response result;
If the second matching result is that the operation type is in an action type list in the security arrangement library, matching the operation action with a data risk action in the security arrangement library to obtain a third matching result;
If the third matching result is that the operation action is not in the action list in the security arrangement library, executing the interception and alarming the SQL sentence to be executed to obtain a response result;
And if the third matching result is that the operation action is in an action list in the security arrangement library, acquiring a data risk response action corresponding to the operation action from the security arrangement library to obtain a response result.
The invention also provides an automatic response device of the database, which comprises the following steps:
the acquisition unit is used for acquiring the data in the database;
The classifying unit is used for classifying the data to obtain a classifying result;
the grading unit is used for grading the data by combining the classification results so as to obtain grading results;
a first defining unit for defining a data risk action;
a second definition unit for defining a data risk response action;
the information generation unit is used for generating safety arrangement information of each data according to the classification result, the data risk action and the data risk response action;
the statistics unit is used for counting the security arrangement information of each data to generate a security arrangement library;
the monitoring unit is used for monitoring the flow of the database to acquire SQL sentences to be executed;
the analysis unit is used for analyzing the SQL statement to be executed to obtain an analysis result;
And the response unit is used for determining a response result according to the analysis result and the security arrangement library.
The invention also provides a computer device which comprises a memory and a processor, wherein the memory stores a computer program, and the processor realizes the method when executing the computer program.
The present invention also provides a storage medium storing a computer program which, when executed by a processor, implements the above method.
Compared with the prior art, the invention has the beneficial effects that: according to the method, the data in the database are classified and graded, the corresponding data risk actions and the data risk response actions are combined, the safety arrangement library is built, the SQL sentences to be executed, which are obtained in the flow monitoring process of the database, are analyzed, and the SQL sentences to be executed are matched with the information in the safety arrangement library, so that the corresponding response result is determined, the safety arrangement of the database data is realized, the safety response of the database is automated, and the response efficiency is improved.
The invention is further described below with reference to the drawings and specific embodiments.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required for the description of the embodiments will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a schematic diagram of an application scenario of an automatic response method of a database according to an embodiment of the present invention;
FIG. 2 is a flow chart of an automated database response method according to an embodiment of the present invention;
FIG. 3 is a schematic block diagram of a database automation response device provided by an embodiment of the present invention;
Fig. 4 is a schematic block diagram of a computer device according to an embodiment of the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and fully with reference to the accompanying drawings, in which it is evident that the embodiments described are some, but not all embodiments of the invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
It should be understood that the terms "comprises" and "comprising," when used in this specification and the appended claims, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
It is also to be understood that the terminology used in the description of the invention herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used in this specification and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise.
It should be further understood that the term "and/or" as used in the present specification and the appended claims refers to any and all possible combinations of one or more of the associated listed items, and includes such combinations.
Referring to fig. 1 and fig. 2, fig. 1 is a schematic view of an application scenario of a database automation response method according to an embodiment of the present invention. Fig. 2 is a schematic flow chart of a database automation response method provided by an embodiment of the present invention. The automatic response method of the database is applied to a server, the server performs data interaction with a terminal, and the terminal is used for sending out SQL sentences; the data classification and grading strategy is utilized, the security arrangement library is used as a basis, and the data risk actions are accurately judged and the response is automated.
Fig. 2 is a flow chart of a database automation response method according to an embodiment of the present invention. As shown in fig. 2, the method includes the following steps S110 to S200.
S110, acquiring data in a database.
In this embodiment, the database may be a database of enterprise data.
S120, classifying the data to obtain a classification result.
In this embodiment, the classification result includes three categories of user data, business data, and company data.
Analyzing the data, and classifying according to the user data, the service data and the company data to obtain a classification result.
Specifically, the data { T 1,T2,……,Tn } in the database T is parsed, and the data { T 1,T2,……,Tn } is classified according to user data, service data, and company data, wherein the user data is denoted as a 1, the service data is denoted as a 2, and the company data is denoted as a 3. Taking data T n in database T as an example, data T n is classified, and if data T n is user data, the data type of data T n is a 1Tn.
S130, grading the data by combining the classification result to obtain a grading result.
In the present embodiment, the classification result refers to one of the confidential level, the secret level, the internal disclosure level, and the external disclosure level corresponding to the data.
Specifically, the data is classified by an encryption level, a confidentiality level, an internal disclosure level, and an external disclosure level in combination with the classification result, so as to obtain a classification result.
Data { T 1,T2,……,Tn } in the database T is classified according to the imperfection, confidentiality, internal disclosure and external disclosure by combining the data types, wherein the imperfection is denoted as B 1, the confidentiality is denoted as B 2, the confidentiality is denoted as B 3, the internal disclosure is denoted as B 4, and the external disclosure is denoted as B 5. Taking data T n in database T as an example, data T n is classified, and if data T n is a secret level, the data level of data T n is B 3Tn.
S140, defining a data risk action.
In this embodiment, the data risk actions are defined according to operation action types, and the data risk actions include data query, data operation, data definition, transaction control and data control.
Specifically, for data { T 1,T2,……,Tn } in database T, in combination with its data type and data level, risk actions for the data are predefined by the operation action type, such as Data Query (DQL), data operation (DML), data Definition (DDL), transaction Control (TCL), data Control (DCL). Taking data T n in database T as an example, a Data Query (DQL) operation for data T n is defined as a risk action, denoted { DQL: C 1Tn }; defining a data operation (DML) for data T n, an add operation, as a risk action, denoted { DML: C 2Tn }; defining a data operation (DML) for data Tn, a delete operation, as a risk action, denoted { DML: C 3Tn }; defining a data operation (DML) for data Tn, a modification operation, as a risk action, denoted { DML: C 4Tn }; a Data Definition (DDL) for data T n is defined as a risk action, denoted { DDL: C 5Tn }.
S150, defining a data risk response action.
In this embodiment, the data risk response actions include allowing command execution, prohibiting command execution and blocking a connection session, prohibiting command execution, returning null data, returning a defined number of lines, returning a data desensitization result.
Specifically, for data { T 1,T2,……,Tn } in database T, in combination with its data type, data level, data risk actions, a risk response action for the data in database T is predefined in terms of allowing command execution, prohibiting command execution and blocking connection session, prohibiting command execution, returning null data, returning a defined number of rows, returning a data desensitization result, where allowing command execution is denoted as D 1, prohibiting command execution and blocking connection session is denoted as D 2, prohibiting command execution is denoted as D 3, returning null data is denoted as D 4, returning a defined number of rows is denoted as D 5, and returning a data desensitization result is denoted as D 6. Taking data T n in the database T as an example, if a Data Query (DQL) operation is allowed for data T n, but a data desensitization result needs to be returned, its corresponding risk response action is { (DQL: C 1Tn):D6Tn }, if a data operation (DML) is allowed for data T n, which is an add operation, its corresponding risk response action is { (DML: C 2Tn):D1Tn }, if a data operation (DML) is not allowed for data T n, which is a delete operation, and the session needs to be blocked, its corresponding risk response action is { (DML: C 3Tn):D2Tn }, if a data operation (DML) is not allowed for data T n, which is a modification operation, its corresponding risk response action is { (DML: C 4Tn):D3Tn }, if a Data Definition (DDL) operation is not allowed for data T n, its corresponding risk response action is { (DDL: C 5Tn):D3Tn }).
S160, generating safety arrangement information of each data according to the classification result, the grading result, the data risk action and the data risk response action.
In this embodiment, the security arrangement information includes a data type, a data level, a data risk action, and a data risk response action corresponding to the data.
In this embodiment, the data type, data level, data risk action, data risk response action of the data T n in the statistics database T generates the security arrangement information RTn{R1Tn,R2Tn,R3Tn,R4Tn,R5Tn}, of the data T n, wherein R 1Tn is {A1Tn:B3Tn:(DQL:C1Tn):D6Tn},R2Tn and {A1Tn:B3Tn:(DML:C2Tn):D1Tn},R3Tn is {A1Tn:B3Tn:(DML:C3Tn):D2Tn},R4Tn and {A1Tn:B3Tn:(DML:C4Tn):D3Tn},R5Tn is { a 1Tn:B3Tn:(DDL:C5Tn):D3Tn }.
S170, counting the security arrangement information of each data to generate a security arrangement library.
In this embodiment, the security arrangement library refers to a collection of security arrangement information including all data in the database.
Specifically, all security arrangement information of data { T 1,T2,……,Tn } in the database T is counted, and a security arrangement library RT { RT 1,RT2,……,RTn } is generated.
The steps S110 to S170 generate a security arrangement library, which contains security arrangement information of all data in the database. The benefits of this security orchestration library are as follows:
data classification and ranking: by classifying and ranking the data, the type and level of each data can be clearly understood. This helps the organization manager to better understand and master the data situation in the database.
Risk action definition: by defining data risk actions, the risk and possible modes of operation that each data is exposed to can be clarified. This helps the organisation manager to formulate corresponding security policies and control measures to reduce the risk of data leakage and abuse.
Risk response action definition: by defining data risk response actions, specific response actions to be taken in different risk situations can be determined. This helps the organization manager to quickly and accurately handle security events that may occur and minimize losses.
Generating the security arrangement information: and generating the security arrangement information of each data according to the classification result, the grading result, the data risk action and the data risk response action. This information provides important security attributes for each piece of data, providing basis for proper use and security protection of the data.
Statistics and management of security orchestration libraries: a security arrangement library is generated by counting security arrangement information of each data. This library can be used as a reference for data security management and decision making by the organization manager, helping them to better understand and control the data security problems in the database.
In a word, by establishing the security arrangement library, the data security can be improved, the risk is reduced, and an important decision basis is provided for an organization manager, so that the core data and benefits of enterprises are protected.
S180, monitoring the flow of the database to obtain SQL sentences to be executed.
In this embodiment, the database is monitored in real time, all the execution conditions of the SQL statement are recorded, and the SQL statement S to be executed is obtained from the monitoring.
S190, analyzing the SQL statement to be executed to obtain an analysis result.
In this embodiment, the parsing result includes target data, operation type, operation action, data level of the target data, and data type.
Analyzing the SQL sentence to be executed to extract target data, operation type and operation action, and determining the data level and the data type of the target data to obtain an analysis result.
Specifically, the database traffic is monitored, the SQL statement S to be executed is obtained, the SQL statement S to be executed is analyzed, the target data S T, the executed operation type S PT and the executed operation action S KT of the SQL statement S to be executed are collected, the data type of the target data S T is represented as S NT, and the data level is represented as S GT.
For determining the data class and the data level, the data level S GT may be determined according to factors such as the security level, the sensitivity level, and the like of the target data S T, for example, external disclosure, internal disclosure, secret, confidentiality, and the like. The data category S NT is determined based on factors such as business attributes, data types, etc. of the target data S T, such as finance, medical, government, business, etc.
S200, determining a response result according to the analysis result and the security arrangement library.
In this embodiment, the response result refers to a processing result for the SQL statement to be executed.
Specifically, the analysis result is matched with the security arrangement library in terms of data category and level, data risk action type and data risk action to obtain a response result.
In one embodiment, the step S200 may include steps S201 to S207.
S201, matching the data type and the data level of the target data with the data type and the data level in the security arrangement library to obtain a first matching result;
S202, judging whether the first matching result is zero or not;
and S203, if the first matching result is zero, allowing the SQL sentence to be executed to obtain a response result.
Specifically, there is an algorithm f1{ (S NT:SGT), RT (2) }, which matches the data class S NT and the data level S GT of the target data S T for which the SQL statement S is to be executed with the first two elements of each piece of security arrangement information in the security arrangement library RT { RT 1,RT2,……,RTn }, i.e., matches the data class S NT and the data level S GT of the target data S T for which the SQL statement S is to be executed with the data class and the data level of the corresponding data in the security arrangement library RT, and judges whether the data level S GT of the target data S T is "externally disclosed".
When f1{ (S NT:SGT), RT (2) } =0, the data level S GT of the target data S T for which the SQL statement S is to be executed is considered to be "externally public", and execution of the SQL statement is permitted;
When f1{ (S NT:SGT), RT (2) } =1, the data level S GT of the target data S T for which the SQL statement S is to be executed is considered to be "other", that is, the data level is either confidential or secret or internally public, and the algorithm F2 is entered to perform matching of the data risk action type.
S204, if the first matching result is not zero, matching an operation type with a data risk action type in the security arrangement library to obtain a second matching result;
s205, judging whether the second matching result is that the operation type is not in an action type list in a security arrangement library;
S206, if the second matching result is that the operation type is not in the action type list in the security arrangement library, intercepting and alarming the SQL sentence to be executed to obtain a response result.
In this embodiment, there is an algorithm F2{ S PT, RT (3 (1)) } that matches the operation type S PT of the target data S T for which the SQL statement S is to be executed with the first element of the third element of each piece of security arrangement information in the security arrangement library RT { RT 1,RT2,……,RTn }, that is, matches the operation type S PT of the target data S T for which the SQL statement S is to be executed with the data risk action type in the security arrangement library R T.
When S is PT When RT (3 (1)), F2{ S PT, RT (3 (1)) } =0, regarding that the operation type S PT of the target data S T for which the SQL statement S is to be executed is not matched with the data risk action type in the security arrangement library RT, performing exception handling, intercepting and alarming the SQL statement;
When S PT e RT (3 (1)), F2{ S PT, RT (3 (1)) } =1, consider that the operation type S PT of the target data S T for which the SQL statement S is to be executed matches the data risk action type in the security orchestration library RT, and enter the algorithm F3 to perform matching of the data risk actions.
S207, if the second matching result is that the operation type is in an action type list in the security arrangement library, matching the operation action with a data risk action in the security arrangement library to obtain a third matching result;
If the third matching result is that the operation action is not in the action list in the security arrangement library, executing the step S206;
s207, if the third matching result is that the operation action is in an action list in the security arrangement library, acquiring a data risk response action corresponding to the operation action from the security arrangement library to obtain a response result.
In this embodiment, there is an algorithm F3{ S KT, RT (3 (2)) } that matches the operation action S KT of the target data S T for the SQL statement S to be executed with the second element of the third element of each piece of security arrangement information in the security arrangement library RT { RT 1,RT2,……,RTn }, that is, matches the operation action S KT of the target data S T for the SQL statement S to be executed with the data risk action in the security arrangement library RT.
When S is KT When RT (3 (2)), F3{ S KT, RT (3 (2)) } =0, regarding that the operation action S KT of the target data S T for the SQL statement S to be executed is not matched with the data risk action in the security orchestration library RT, performing exception handling, intercepting and alerting the SQL statement;
When S KT e RT (3 (2)), F3{ S KT, RT (3 (2)) } =1, and the operation action S KT of the target data S T for which the SQL statement S is to be executed is considered to be matched with the data risk action in the security orchestration library RT, the corresponding fourth element is obtained from the security orchestration library RT, that is, the corresponding data risk response action is obtained from the security orchestration library RT, and the response is performed.
The steps S180 to S200 can obtain the analysis results of the target data, the operation type, the operation action, the data level and the data type by monitoring the database flow and analyzing the SQL statement to be executed. And then, matching the analysis result with the security arrangement library to determine a response result. Benefits of doing so include:
And (3) real-time monitoring: the flow of the database can be monitored in real time, all SQL statement execution conditions are recorded, and the visual management and monitoring capability of the database is improved.
Data security protection: by analyzing the SQL sentences to be executed, the data level and the data type of the target data can be determined, so that the SQL sentences to be executed can be verified and screened according to the security requirement and the rule of the arrangement library, and the security of the data is protected.
Exception handling and alerting: for SQL sentences which do not accord with the rules of the security arrangement library, exception handling can be carried out, including interception and alarming, and potential security risks can be found and handled in time.
Data risk action matching: by matching with the security arrangement library, whether the operation type and the operation action of the SQL sentence to be executed are matched with the specified data risk action or not can be determined, so that corresponding data risk response actions are adopted, and the security of the data is further improved.
In summary, by implementing the method, the security of the database can be improved, potential data security risks can be prevented and handled, confidentiality and integrity of sensitive data are protected, and compliance of the data is ensured.
For example: taking data T 1 in database T as an example, data T 1 is classified, and if data T 1 is user data, the data type of data T 1 is a 1T1. Data T 1 is classified in combination with the data type of data T 1, and if data T 1 is a secret level, the data level of data T 1 is B 3T1. Defining a Data Query (DQL) operation for data T 1 as a risk action, denoted { DQL: C 1T1 }; defining a data operation (DML) -delete operation for data T 1 as a risk action, denoted as { DML: C 2T1 }; a Data Definition (DDL) for data T 1 is defined as a risk action, denoted { DDL: C 3T1 }. Data Query (DQL) operations are allowed for data T 1, but data desensitization results need to be returned, the corresponding risk response actions are { (DQL: C 1T1):D6Tn }, data operations (DML) are not allowed for data T 1 -delete operations are not allowed for data T 1, and the session needs to be blocked, the corresponding risk response actions are { (DML: C 2T1):D2T1 }, data Definition (DDL) operations are not allowed for data T 1, the corresponding risk response actions are { (DDL: C 3T1):D3T1 }. Data type, data level, data risk actions, data risk response actions of data T 1 in the statistics database T are generated, and security arrangement information RT 1{R1T1,R2T1,R3T1 of data T 1 is generated, wherein R 1T1 is {A1T1:B3T1:(DQL:C1T1):D6T1},R2Tn is {A1T1:B3T1:(DML:C2T1):D2T1},R3T1 and { A 1T1:B3T1:(DDL:C3T1):D3T1 }.
2 SQL statements S 1 and S 2 to be executed are obtained. Analyzing the SQL sentence S 1 to be executed, collecting target data S T1, executed operation type S PT1 and executed operation action S KT1 aimed at by the SQL sentence S 1 to be executed, and representing the data type of the target data S T1 as S NT1 and the data level as S GT1; the method comprises the steps of analyzing the SQL sentence S 2 to be executed, collecting target data S T2, an executed operation type S PT2 and an executed operation action S KT2 aiming at the SQL sentence S 2 to be executed, and representing the data type of the target data S T2 as S NT2 and the data level as S GT2.
In this example:
F1{ (S NT1:SGT1), RT (2) } =0, and if the data level S GT1 of the target data S T1 for which the SQL statement S 1 is to be executed is considered as "external disclosure", execution of the SQL statement S 1 is permitted;
F1{ (S NT2:SGT2), RT (2) } =1, consider that the data level S GT2 of the target data S T2 for which the SQL statement S 2 is to be executed is "other", that is, the data level is either confidential or secret or internally public, and will enter the algorithm F2 to perform matching of the data risk action type.
S PT2 e RT (3 (1)), F2{ S PT, RT (3 (1)) } =1, consider that the operation type S PT2 of the target data S T2 for which the SQL statement S 2 is to be executed matches the data risk action type in the security orchestration library RT, and enter the algorithm F3 to perform matching of the data risk actions.
When S KT2 e RT (3 (2)), F3{ S KT, RT (3 (2)) } =1, and if the operation action S KT of the target data S T for which the SQL statement S is to be executed is considered to be matched with the data risk action in the security orchestration library RT, the corresponding fourth element is obtained from the security orchestration library RT, that is, the corresponding data risk response action is obtained from the security orchestration library RT to respond.
According to the automatic response method for the database, the data in the database is classified and graded, the corresponding data risk actions and the data risk response actions are combined, the safety arrangement library is built, the SQL sentences to be executed, which are acquired in the flow monitoring process of the database, are analyzed, and the SQL sentences to be executed are matched with the information in the safety arrangement library, so that the corresponding response result is determined, the safe arrangement of the database data is realized, the safety response of the database is automated, and the response efficiency is improved.
Fig. 3 is a schematic block diagram of a database automation response device 300 according to an embodiment of the present invention. As shown in fig. 3, the present invention further provides a database automation response device 300 corresponding to the above database automation response method. The database automation response device 300 includes a unit for performing the database automation response method described above, and the device may be configured in a server. Specifically, referring to fig. 3, the database automation response device 300 includes an acquisition unit 301, a classification unit 302, a classification unit 303, a first defining unit 304, a second defining unit 305, an information generating unit 306, a statistics unit 307, a monitoring unit 308, an parsing unit 309, and a response unit 310.
An acquiring unit 301, configured to acquire data in a database; a classification unit 302, configured to classify the data to obtain a classification result; a grading unit 303, configured to grade the data in combination with the classification result, so as to obtain a grading result; a first defining unit 304, configured to define a data risk action; a second definition unit 305 for defining a data risk response action; an information generating unit 306, configured to generate security arrangement information of each data according to the classification result, the data risk action, and the data risk response action; a statistics unit 307 for counting security arrangement information of each data to generate a security arrangement library; the monitoring unit 308 is configured to monitor the flow of the database to obtain an SQL statement to be executed; the parsing unit 309 is configured to parse the SQL statement to be executed to obtain a parsing result; and a response unit 310, configured to determine a response result according to the parsing result and the security arrangement library.
In an embodiment, the classifying unit 302 is configured to parse the data and classify the data according to user data, service data, and company data to obtain a classification result.
In an embodiment, the grading unit 303 is configured to perform grading on the data at an encryption level, a confidentiality level, a secret level, an internal disclosure level, and an external disclosure level in combination with the classification result, so as to obtain a grading result.
In an embodiment, the parsing unit 309 is configured to parse the SQL statement to be executed to extract target data, an operation type, and an operation action, and determine a data level and a data type of the target data, so as to obtain a parsing result.
In an embodiment, the response unit 310 is configured to match the analysis result with the security arrangement library in terms of data category and level, data risk action type, and data risk action to obtain a response result.
In one embodiment, the response unit 310 includes a first matching subunit, a first determining subunit, an executing subunit, a second matching subunit, a second determining subunit, an intercepting subunit, a third matching subunit, and an action response subunit.
The first matching subunit is used for matching the data category and the data level of the target data with the data category and the level in the security arrangement library to obtain a first matching result; a first judging subunit, configured to judge whether the first matching result is zero; an execution subunit, configured to allow execution of the SQL statement to be executed if the first matching result is zero, so as to obtain a response result; the second matching subunit is used for matching the operation type with the data risk action type in the security arrangement library if the first matching result is not zero so as to obtain a second matching result; a second judging subunit, configured to judge whether the second matching result is that the operation type is not in the action type list in the security arrangement library; the interception subunit is used for intercepting and alarming the SQL sentence to be executed if the second matching result is that the operation type is not in the action type list in the security arrangement library so as to obtain a response result; a third matching subunit, configured to match the operation action with a data risk action in the security arrangement library if the second matching result is that the operation type is in the action type list in the security arrangement library, so as to obtain a third matching result; if the third matching result is that the operation action is not in the action list in the security arrangement library, executing the interception and alarming the SQL sentence to be executed to obtain a response result; and the action response subunit is used for acquiring the data risk response action corresponding to the operation action from the security arrangement library if the third matching result is that the operation action is in the action list in the security arrangement library, so as to obtain a response result.
It should be noted that, as will be clearly understood by those skilled in the art, the specific implementation process of the database automation response device 300 and each unit may refer to the corresponding description in the foregoing method embodiment, and for convenience and brevity of description, the description is omitted here.
The database automation response device 300 described above may be implemented in the form of a computer program that is executable on a computer device as shown in fig. 4.
Referring to fig. 4, fig. 4 is a schematic block diagram of a computer device according to an embodiment of the present application. The computer device 500 may be a server, where the server may be a stand-alone server or may be a server cluster formed by a plurality of servers.
With reference to FIG. 4, the computer device 500 includes a processor 502, memory, and a network interface 505, connected by a system bus 501, where the memory may include a non-volatile storage medium 503 and an internal memory 504.
The non-volatile storage medium 503 may store an operating system 5031 and a computer program 5032. The computer program 5032 includes program instructions that, when executed, cause the processor 502 to perform a database automation response method.
The processor 502 is used to provide computing and control capabilities to support the operation of the overall computer device 500.
The internal memory 504 provides an environment for the execution of a computer program 5032 in the non-volatile storage medium 503, which computer program 5032, when executed by the processor 502, causes the processor 502 to perform a database automation response method.
The network interface 505 is used for network communication with other devices. It will be appreciated by those skilled in the art that the architecture shown in fig. 4 is merely a block diagram of some of the architecture relevant to the present inventive arrangements and is not limiting of the computer device 500 to which the present inventive arrangements may be implemented, and that a particular computer device 500 may include more or fewer components than shown, or may combine some of the components, or have a different arrangement of components.
Wherein the processor 502 is configured to execute a computer program 5032 stored in a memory to implement the steps of:
Acquiring data in a database; classifying the data to obtain a classification result; classifying the data by combining the classification result to obtain a classification result; defining a data risk action; defining a data risk response action; generating security arrangement information of each data according to the classification result, the grading result, the data risk action and the data risk response action; counting the security arrangement information of each data to generate a security arrangement library; monitoring the flow of the database to obtain SQL sentences to be executed; analyzing the SQL sentence to be executed to obtain an analysis result; and determining a response result according to the analysis result and the security arrangement library.
The data risk actions are defined according to operation action types, and comprise data query, data operation, data definition, transaction control and data control; the data risk response actions include allowing command execution, prohibiting command execution and blocking a connection session, prohibiting command execution, returning null data, returning a defined number of lines, returning a data desensitization result.
In one embodiment, when the step of classifying the data to obtain the classification result is implemented by the processor 502, the following steps are specifically implemented:
analyzing the data, and classifying according to the user data, the service data and the company data to obtain a classification result.
In one embodiment, when the processor 502 performs the step of grading the data to obtain the grading result by combining the grading result, the following steps are specifically implemented:
And carrying out classification on the data at an absolute secret level, a secret level, an internal public level and an external public level according to the classification result to obtain a classification result.
In an embodiment, when the processor 502 performs the step of parsing the SQL statement to be executed to obtain a parsing result, the following steps are specifically implemented:
Analyzing the SQL sentence to be executed to extract target data, operation type and operation action, and determining the data level and the data type of the target data to obtain an analysis result.
In one embodiment, when the step of determining the response result according to the parsing result and the security arrangement library is implemented by the processor 502, the following steps are specifically implemented:
and matching the analysis result with the security arrangement library in terms of data category and level, data risk action type and data risk action to obtain a response result.
In an embodiment, when the step of matching the data category and the level, the data risk action type and the data risk action match are performed by the processor 502 to obtain the response result, the following steps are specifically implemented:
Matching the data category and the data level of the target data with the data category and the data level in the security arrangement library to obtain a first matching result; judging whether the first matching result is zero or not; if the first matching result is zero, allowing the SQL statement to be executed to obtain a response result; if the first matching result is not zero, matching an operation type with a data risk action type in the security arrangement library to obtain a second matching result; judging whether the second matching result is that the operation type is not in an action type list in a security arrangement library; if the second matching result is that the operation type is not in the action type list in the security arrangement library, intercepting and alarming the SQL sentence to be executed to obtain a response result; if the second matching result is that the operation type is in an action type list in the security arrangement library, matching the operation action with a data risk action in the security arrangement library to obtain a third matching result; if the third matching result is that the operation action is not in the action list in the security arrangement library, executing the interception and alarming the SQL sentence to be executed to obtain a response result; and if the third matching result is that the operation action is in an action list in the security arrangement library, acquiring a data risk response action corresponding to the operation action from the security arrangement library to obtain a response result.
It should be appreciated that in embodiments of the present application, the Processor 502 may be a central processing unit (Central Processing Unit, CPU), the Processor 502 may also be other general purpose processors, digital signal processors (DIGITAL SIGNAL processors, DSPs), application SPECIFIC INTEGRATED Circuits (ASICs), off-the-shelf Programmable gate arrays (Field-Programmable GATE ARRAY, FPGA) or other Programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, or the like. Wherein the general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
Those skilled in the art will appreciate that all or part of the flow in a method embodying the above described embodiments may be accomplished by computer programs instructing the relevant hardware. The computer program comprises program instructions, and the computer program can be stored in a storage medium, which is a computer readable storage medium. The program instructions are executed by at least one processor in the computer system to implement the flow steps of the embodiments of the method described above.
Accordingly, the present invention also provides a storage medium. The storage medium may be a computer readable storage medium. The storage medium stores a computer program which, when executed by a processor, causes the processor to perform the steps of:
Acquiring data in a database; classifying the data to obtain a classification result; classifying the data by combining the classification result to obtain a classification result; defining a data risk action; defining a data risk response action; generating security arrangement information of each data according to the classification result, the grading result, the data risk action and the data risk response action; counting the security arrangement information of each data to generate a security arrangement library; monitoring the flow of the database to obtain SQL sentences to be executed; analyzing the SQL sentence to be executed to obtain an analysis result; and determining a response result according to the analysis result and the security arrangement library.
The data risk actions are defined according to operation action types, and comprise data query, data operation, data definition, transaction control and data control; the data risk response actions include allowing command execution, prohibiting command execution and blocking a connection session, prohibiting command execution, returning null data, returning a defined number of lines, returning a data desensitization result.
In one embodiment, when the processor executes the computer program to implement the step of classifying the data to obtain a classification result, the following steps are specifically implemented:
analyzing the data, and classifying according to the user data, the service data and the company data to obtain a classification result.
In one embodiment, when the processor executes the computer program to implement the step of grading the data in combination with the classification result to obtain a grading result, the steps are specifically implemented as follows:
And carrying out classification on the data at an absolute secret level, a secret level, an internal public level and an external public level according to the classification result to obtain a classification result.
In one embodiment, when the processor executes the computer program to parse the SQL statement to obtain a parsing result, the processor specifically implements the following steps:
Analyzing the SQL sentence to be executed to extract target data, operation type and operation action, and determining the data level and the data type of the target data to obtain an analysis result.
In one embodiment, when the processor executes the computer program to implement the step of determining a response result according to the analysis result and the security arrangement library, the method specifically includes the following steps:
and matching the analysis result with the security arrangement library in terms of data category and level, data risk action type and data risk action to obtain a response result.
In one embodiment, when the processor executes the computer program to implement the steps of matching the data category and the level, matching the data risk action type, and matching the data risk action with the security arrangement library to obtain a response result, the steps are specifically implemented as follows:
Matching the data category and the data level of the target data with the data category and the data level in the security arrangement library to obtain a first matching result; judging whether the first matching result is zero or not; if the first matching result is zero, allowing the SQL statement to be executed to obtain a response result; if the first matching result is not zero, matching an operation type with a data risk action type in the security arrangement library to obtain a second matching result; judging whether the second matching result is that the operation type is not in an action type list in a security arrangement library; if the second matching result is that the operation type is not in the action type list in the security arrangement library, intercepting and alarming the SQL sentence to be executed to obtain a response result; if the second matching result is that the operation type is in an action type list in the security arrangement library, matching the operation action with a data risk action in the security arrangement library to obtain a third matching result; if the third matching result is that the operation action is not in the action list in the security arrangement library, executing the interception and alarming the SQL sentence to be executed to obtain a response result; and if the third matching result is that the operation action is in an action list in the security arrangement library, acquiring a data risk response action corresponding to the operation action from the security arrangement library to obtain a response result.
The storage medium may be a U-disk, a removable hard disk, a Read-Only Memory (ROM), a magnetic disk, or an optical disk, or other various computer-readable storage media that can store program codes.
Those of ordinary skill in the art will appreciate that the elements and algorithm steps described in connection with the embodiments disclosed herein may be embodied in electronic hardware, in computer software, or in a combination of the two, and that the elements and steps of the examples have been generally described in terms of function in the foregoing description to clearly illustrate the interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
In the several embodiments provided by the present invention, it should be understood that the disclosed apparatus and method may be implemented in other manners. For example, the device embodiments described above are merely illustrative. For example, the division of each unit is only one logic function division, and there may be another division manner in actual implementation. For example, multiple units or components may be combined or may be integrated into another system, or some features may be omitted, or not performed.
The steps in the method of the embodiment of the invention can be sequentially adjusted, combined and deleted according to actual needs. The units in the device of the embodiment of the invention can be combined, divided and deleted according to actual needs. In addition, each functional unit in the embodiments of the present invention may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit.
The integrated unit may be stored in a storage medium if implemented in the form of a software functional unit and sold or used as a stand-alone product. Based on such understanding, the technical solution of the present invention is essentially or a part contributing to the prior art, or all or part of the technical solution may be embodied in the form of a software product stored in a storage medium, comprising several instructions for causing a computer device (which may be a personal computer, a terminal, a network device, etc.) to perform all or part of the steps of the method according to the embodiments of the present invention.
While the invention has been described with reference to certain preferred embodiments, it will be understood by those skilled in the art that various changes and substitutions of equivalents may be made and equivalents will be apparent to those skilled in the art without departing from the scope of the invention. Therefore, the protection scope of the invention is subject to the protection scope of the claims.

Claims (6)

1. A database automation response method, comprising:
acquiring data in a database;
classifying the data to obtain a classification result;
Classifying the data by combining the classification result to obtain a classification result;
Defining a data risk action;
Defining a data risk response action;
generating security arrangement information of each data according to the classification result, the grading result, the data risk action and the data risk response action;
counting the security arrangement information of each data to generate a security arrangement library;
monitoring the flow of the database to obtain SQL sentences to be executed;
analyzing the SQL sentence to be executed to obtain an analysis result;
determining a response result according to the analysis result and the security arrangement library;
The data risk actions are defined according to operation action types, and comprise data query, data operation, data definition, transaction control and data control; the data risk response actions include allowing command execution, prohibiting command execution and blocking a connection session, prohibiting command execution, returning null data, returning a defined number of lines, returning a data desensitization result;
the parsing the SQL sentence to be executed to obtain a parsing result includes:
Analyzing the SQL sentence to be executed to extract target data, operation type and operation action, and determining the data level and the data type of the target data to obtain an analysis result;
The determining a response result according to the analysis result and the security arrangement library comprises the following steps:
Matching the data category and the data level of the target data with the data category and the data level in the security arrangement library to obtain a first matching result;
Judging whether the first matching result is zero or not;
if the first matching result is zero, allowing the SQL statement to be executed to obtain a response result;
if the first matching result is not zero, matching an operation type with a data risk action type in the security arrangement library to obtain a second matching result;
Judging whether the second matching result is that the operation type is not in an action type list in a security arrangement library;
If the second matching result is that the operation type is not in the action type list in the security arrangement library, intercepting and alarming the SQL sentence to be executed to obtain a response result;
If the second matching result is that the operation type is in an action type list in the security arrangement library, matching the operation action with a data risk action in the security arrangement library to obtain a third matching result;
If the third matching result is that the operation action is not in the action list in the security arrangement library, executing the interception and alarming the SQL sentence to be executed to obtain a response result;
And if the third matching result is that the operation action is in an action list in the security arrangement library, acquiring a data risk response action corresponding to the operation action from the security arrangement library to obtain a response result.
2. The automated response method of claim 1, wherein classifying the data to obtain a classification result comprises:
analyzing the data, and classifying according to the user data, the service data and the company data to obtain a classification result.
3. The automated response method of claim 1, wherein the ranking the data in combination with the classification result to obtain a ranking result comprises:
And carrying out classification on the data at an absolute secret level, a secret level, an internal public level and an external public level according to the classification result to obtain a classification result.
4. A database automation response device, comprising:
the acquisition unit is used for acquiring the data in the database;
The classifying unit is used for classifying the data to obtain a classifying result;
the grading unit is used for grading the data by combining the classification results so as to obtain grading results;
a first defining unit for defining a data risk action;
a second definition unit for defining a data risk response action;
the information generation unit is used for generating safety arrangement information of each data according to the classification result, the data risk action and the data risk response action;
the statistics unit is used for counting the security arrangement information of each data to generate a security arrangement library;
the monitoring unit is used for monitoring the flow of the database to acquire SQL sentences to be executed;
the analysis unit is used for analyzing the SQL statement to be executed to obtain an analysis result;
The response unit is used for determining a response result according to the analysis result and the security arrangement library;
The data risk actions are defined according to operation action types, and comprise data query, data operation, data definition, transaction control and data control; the data risk response actions include allowing command execution, prohibiting command execution and blocking a connection session, prohibiting command execution, returning null data, returning a defined number of lines, returning a data desensitization result;
the parsing the SQL sentence to be executed to obtain a parsing result includes:
Analyzing the SQL sentence to be executed to extract target data, operation type and operation action, and determining the data level and the data type of the target data to obtain an analysis result;
The determining a response result according to the analysis result and the security arrangement library comprises the following steps:
Matching the data category and the data level of the target data with the data category and the data level in the security arrangement library to obtain a first matching result;
Judging whether the first matching result is zero or not;
if the first matching result is zero, allowing the SQL statement to be executed to obtain a response result;
if the first matching result is not zero, matching an operation type with a data risk action type in the security arrangement library to obtain a second matching result;
Judging whether the second matching result is that the operation type is not in an action type list in a security arrangement library;
If the second matching result is that the operation type is not in the action type list in the security arrangement library, intercepting and alarming the SQL sentence to be executed to obtain a response result;
If the second matching result is that the operation type is in an action type list in the security arrangement library, matching the operation action with a data risk action in the security arrangement library to obtain a third matching result;
If the third matching result is that the operation action is not in the action list in the security arrangement library, executing the interception and alarming the SQL sentence to be executed to obtain a response result;
And if the third matching result is that the operation action is in an action list in the security arrangement library, acquiring a data risk response action corresponding to the operation action from the security arrangement library to obtain a response result.
5. A computer device, characterized in that it comprises a memory on which a computer program is stored and a processor which, when executing the computer program, implements the method according to any of claims 1-3.
6. A storage medium storing a computer program which, when executed by a processor, implements the method of any one of claims 1 to 3.
CN202410109802.XA 2024-01-26 2024-01-26 Database automation response method, device, computer equipment and storage medium Active CN117633319B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202410109802.XA CN117633319B (en) 2024-01-26 2024-01-26 Database automation response method, device, computer equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202410109802.XA CN117633319B (en) 2024-01-26 2024-01-26 Database automation response method, device, computer equipment and storage medium

Publications (2)

Publication Number Publication Date
CN117633319A CN117633319A (en) 2024-03-01
CN117633319B true CN117633319B (en) 2024-04-30

Family

ID=90016733

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202410109802.XA Active CN117633319B (en) 2024-01-26 2024-01-26 Database automation response method, device, computer equipment and storage medium

Country Status (1)

Country Link
CN (1) CN117633319B (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6212511B1 (en) * 1997-10-31 2001-04-03 Sun Microsystems, Inc. Distributed system and method for providing SQL access to management information in a secure distributed network
CN107657174A (en) * 2016-07-26 2018-02-02 北京计算机技术及应用研究所 A kind of Database Intrusion Detection method based on agreement fingerprint
CN110716955A (en) * 2019-09-16 2020-01-21 苏宁云计算有限公司 Method and system for quickly responding to data query request
CN116471125A (en) * 2023-06-19 2023-07-21 杭州美创科技股份有限公司 Encryption database flow auditing method, device, computer equipment and storage medium
CN117195263A (en) * 2023-09-11 2023-12-08 京东科技信息技术有限公司 Database encryption method and device
CN117278241A (en) * 2023-06-25 2023-12-22 杭州美创科技股份有限公司 Database security management and control method and device, computer equipment and storage medium

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6212511B1 (en) * 1997-10-31 2001-04-03 Sun Microsystems, Inc. Distributed system and method for providing SQL access to management information in a secure distributed network
CN107657174A (en) * 2016-07-26 2018-02-02 北京计算机技术及应用研究所 A kind of Database Intrusion Detection method based on agreement fingerprint
CN110716955A (en) * 2019-09-16 2020-01-21 苏宁云计算有限公司 Method and system for quickly responding to data query request
CN116471125A (en) * 2023-06-19 2023-07-21 杭州美创科技股份有限公司 Encryption database flow auditing method, device, computer equipment and storage medium
CN117278241A (en) * 2023-06-25 2023-12-22 杭州美创科技股份有限公司 Database security management and control method and device, computer equipment and storage medium
CN117195263A (en) * 2023-09-11 2023-12-08 京东科技信息技术有限公司 Database encryption method and device

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
面向数据库性能的SQL语句解析与翻译;崔娜;;现代电子技术;20160601(11);全文 *

Also Published As

Publication number Publication date
CN117633319A (en) 2024-03-01

Similar Documents

Publication Publication Date Title
KR100732789B1 (en) Method and apparatus for monitoring a database system
CN107577939B (en) Data leakage prevention method based on keyword technology
KR20210030361A (en) Systems and methods for reporting computer security incidents
RU148692U1 (en) COMPUTER SECURITY EVENTS MONITORING SYSTEM
Ravikumar Towards Enhancement of Machine Learning Techniques Using CSE-CIC-IDS2018 Cybersecurity Dataset
KR20210083607A (en) System and method for exponentiation of security element to analyze danger
Ghiasvand et al. Assessing data usefulness for failure analysis in anonymized system logs
RU2481633C2 (en) System and method for automatic investigation of safety incidents
Datta et al. Real-time threat detection in ueba using unsupervised learning algorithms
CN117633319B (en) Database automation response method, device, computer equipment and storage medium
Wen et al. Detecting and predicting APT based on the study of cyber kill chain with hierarchical knowledge reasoning
Sahin et al. An efficient firewall for web applications (EFWA)
CN114205146A (en) Processing method and device for multi-source heterogeneous security log
Bertino et al. High-assurance integrity techniques for databases
CN116432208B (en) Security management method, device, server and system for industrial Internet data
US20220272111A1 (en) Cloud-platform push for known data breaches
Acquesta et al. Detailed Statistical Models of Host-Based Data for Detection of Malicious Activity.
Shibahara et al. Cross-vendor knowledge transfer for managed security services with triplet network
US11856019B2 (en) Methods and systems for injection detection to secure against an injection attack
CN115567274A (en) List dividing method and device, computer equipment, storage medium and product
CN117670023A (en) Customer service center call platform data security risk assessment method based on artificial intelligence
Azeroual et al. Apache Spark and MLlib-Based Intrusion Detection System or How the Big Data Technologies Can Secure the Data. Information 2022, 13, 58
CN117725575A (en) Asset management method based on middleware access log
Martins Anomaly Detection in Cybersecurity
CN116094830A (en) Risk assessment method, risk assessment device and readable storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant