CN117688135A - Digital resource emergency management method and system - Google Patents
Digital resource emergency management method and system Download PDFInfo
- Publication number
- CN117688135A CN117688135A CN202410123673.XA CN202410123673A CN117688135A CN 117688135 A CN117688135 A CN 117688135A CN 202410123673 A CN202410123673 A CN 202410123673A CN 117688135 A CN117688135 A CN 117688135A
- Authority
- CN
- China
- Prior art keywords
- digital
- emergency
- digital resource
- access
- file
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000007726 management method Methods 0.000 title claims abstract description 54
- 230000004044 response Effects 0.000 claims abstract description 30
- 238000012216 screening Methods 0.000 claims abstract description 25
- 238000000034 method Methods 0.000 claims abstract description 24
- 230000006399 behavior Effects 0.000 claims abstract description 7
- 238000012544 monitoring process Methods 0.000 claims abstract description 7
- 238000005192 partition Methods 0.000 claims abstract description 7
- 238000000638 solvent extraction Methods 0.000 claims abstract description 7
- 230000011218 segmentation Effects 0.000 claims description 33
- 239000013598 vector Substances 0.000 claims description 30
- 238000012545 processing Methods 0.000 claims description 14
- 238000004364 calculation method Methods 0.000 claims description 9
- 230000007613 environmental effect Effects 0.000 claims description 8
- 230000008569 process Effects 0.000 claims description 6
- 238000010586 diagram Methods 0.000 claims description 5
- 230000008859 change Effects 0.000 claims description 3
- 238000000605 extraction Methods 0.000 claims description 3
- 238000003058 natural language processing Methods 0.000 claims description 3
- 238000004422 calculation algorithm Methods 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- 238000004458 analytical method Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000007774 longterm Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000012552 review Methods 0.000 description 1
- 238000007619 statistical method Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/30—Information retrieval; Database structures therefor; File system structures therefor of unstructured textual data
- G06F16/33—Querying
- G06F16/3331—Query processing
- G06F16/334—Query execution
- G06F16/3344—Query execution using natural language analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/30—Information retrieval; Database structures therefor; File system structures therefor of unstructured textual data
- G06F16/33—Querying
- G06F16/335—Filtering based on additional data, e.g. user or group profiles
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/30—Information retrieval; Database structures therefor; File system structures therefor of unstructured textual data
- G06F16/35—Clustering; Classification
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/30—Information retrieval; Database structures therefor; File system structures therefor of unstructured textual data
- G06F16/36—Creation of semantic tools, e.g. ontology or thesauri
- G06F16/367—Ontology
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F40/00—Handling natural language data
- G06F40/10—Text processing
- G06F40/194—Calculation of difference between files
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F40/00—Handling natural language data
- G06F40/20—Natural language analysis
- G06F40/279—Recognition of textual entities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F40/00—Handling natural language data
- G06F40/30—Semantic analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computational Linguistics (AREA)
- Artificial Intelligence (AREA)
- Databases & Information Systems (AREA)
- Health & Medical Sciences (AREA)
- Data Mining & Analysis (AREA)
- General Health & Medical Sciences (AREA)
- Audiology, Speech & Language Pathology (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Life Sciences & Earth Sciences (AREA)
- Animal Behavior & Ethology (AREA)
- Bioethics (AREA)
- Automation & Control Theory (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a digital resource emergency management method and a system, wherein the method determines an emergency digital resource range and an accessible IP range based on event response; screening out corresponding digital files from the digital resource library according to the emergency digital resource range, judging the opening level of the digital files based on the sensitive information judging model, partitioning the data of the digital files according to the opening level, and storing the data into an emergency digital resource access platform database; detecting the network environment of an emergency digital resource access platform database in real time, determining a user accessible time window based on an environment risk coefficient, matching different access rights to users within an accessible IP range, opening corresponding data partitions based on the different access rights, monitoring the access behaviors of the users within the accessible time window, and generating a user access log. The method can effectively improve the emergency response speed of the digital resource and the disaster emergency management level.
Description
Technical Field
The invention belongs to the technical field of resource emergency management, and particularly relates to a digital resource emergency management method and system.
Background
Digital resources refer to the sum of information resources which are distributed, accessed and utilized in a digital form, and the data information can be a multimedia file package formed by a plurality of files or a single file or database system. The digital resource has the advantages of small information storage space, difficult damage, long-term storage, convenient information review and retrieval, long-distance quick transmission, simultaneous use of the same information by multiple persons, and the like, so that the construction of a digital resource library and the sharing of the digital resource become research hotspots.
The digital resource emergency management is a test of the digital resource management level, and as a digital resource management department, the information requirement of a user needs to be accurately judged at the first time of occurrence of an event, and corresponding digital resource information is opened to support the smooth implementation of an emergency plan. In the prior art, CN116226908A discloses a data security emergency management analysis method and system based on big data, by classifying target emergency management data, further performing privacy part processing on confidential target emergency management data, and performing open group, access right and open time setting on the target emergency management data after processing, so as to realize targeted opening of the emergency management data.
Therefore, there is a need for a digital resource emergency management method and system, which can provide corresponding digital resources according to an emergency scheme when a disaster occurs.
Disclosure of Invention
The invention aims to provide a digital resource emergency management method and system, and the specific technical scheme is as follows:
in a first aspect, the present invention provides a digital resource emergency management method, the method comprising the steps of:
determining an emergency digital resource range and an accessible IP range based on the event response;
screening out corresponding digital files from a digital resource library according to the emergency digital resource range;
judging the opening level of the digital file based on the sensitive information judging model;
carrying out data partitioning on the digital file according to the opening grade and storing the digital file into an emergency digital resource access platform database;
detecting the network environment of the emergency digital resource access platform database in real time, and determining a user accessible time window based on an environmental risk coefficient;
matching different access rights to users within the accessible IP range, and opening corresponding data partitions based on the different access rights;
and monitoring the access behavior of the user in the accessible time window and generating a user access log.
Preferably, the event response is an emergency plan generated by a pointer for a specific event, and determining the emergency digital resource scope and the accessible IP scope based on the event response includes:
and analyzing the emergency plan to obtain a response area and knowledge elements of the emergency plan.
And obtaining a corresponding knowledge graph according to the knowledge elements, and determining an emergency digital resource range according to the knowledge graph.
And determining an administrative division in the response area according to the response area of the emergency plan, and determining an accessible IP range according to the administrative division, wherein the administrative division takes a county level division as a minimum unit.
Preferably, the step of screening the corresponding digital file from the digital resource library according to the emergency digital resource range specifically includes:
and determining an entity, relationship and attribute triplet in the knowledge graph according to the knowledge graph, and performing natural language processing on unstructured data in the triplet to convert the unstructured data into structured data.
And clustering the structured data to construct a knowledge set based on the knowledge graph.
And performing word segmentation extraction on the catalogue and/or abstract of each file in the digital resource library to obtain a word segmentation set.
And calculating the association degree of the word segmentation set and the knowledge set, and determining the digital file with the association degree higher than a threshold value as the file in the emergency digital resource range.
Preferably, the specific method for calculating the association degree between the word segmentation set and the knowledge set is as follows:
the word segmentation set is subjected to text vectorization processing to obtain TF-IDF vectors of the word segmentation set,
the calculation formula of the TF-IDF vector is as follows:wherein->Is a word->In the word segmentation set->Frequency of occurrence,/->Is a word segmentation +.>The total number of word segments in->Is the total number of digital files in the digital asset library, < >>Is the presence of the word +.>Is a digital file number of (a);
the TF-IDF vector of the knowledge set is calculated, and the association degree of the word segmentation set and the knowledge set is calculated according to vector information:
in the method, in the process of the invention,is a word segmentation +.>And knowledge set->Text similarity of (c); />Is a word segmentation +.>And knowledge set->Cosine similarity of (c); />,/>Vectors in the vocabulary and knowledge set, respectively, < ->Is the vector dimension.
Preferably, determining the opening level of the digital file based on the sensitive information determination model includes: if the digital file is marked with the opening grade during storage and warehousing, the opening grade is used;
if the digital file is not marked with the opening grade during storage and warehousing, the digital file content and the pre-built sensitive information base are stored
Carrying out semantic similarity calculation on the sensitive information; obtaining the opening level of the digital file according to the semantic similarity calculation result;
the opening level of the digital file is sequentially from low to high: public, restricted public, confidential and impersonative.
Preferably, the method for calculating the semantic similarity is to calculate the similarity between the semantic representation of the whole text and the sensitive information by using a cosine distance:
in the method, in the process of the invention,representing digital File +.>Feature vector of each dimension of>Representing sensitive information base->Feature vector of each dimension of>Representing a single vector dimension, +.>Representing vector dimensions>,/>Respectively representing a digital file and a sensitive information base;
the higher the semantic similarity calculated value is, the higher the confidentiality level of the file compared with the file is, and the lower the corresponding opening level is.
Preferably, the digital file is divided into four storage areas according to four opening grades of the digital file, wherein the opening grades are that the digital file with public and limited public can be accessed and acquired through a user network port;
the digital files with confidential and confidential opening levels cannot be directly accessed through the user network port, and the user access management module is only used for processing access approval of the confidential and confidential digital files.
Preferably, detecting the network environment of the emergency digital resource access platform database in real time includes:
selecting each index from the network performance indexes, and determining the dependency relationship among the indexes;
obtaining a time sequence diagram of a certain time period of a corresponding index according to threat information received by a network environment of the emergency digital resource access platform database;
the prior probability of each index and the posterior probability of each index are statistically analyzed and calculated, and the maximum allowable quantity of probability change of risk factors of each index is obtained;
and calculating the network risk rate to obtain an environmental risk coefficient at the current moment, and opening user access when the environmental risk coefficient is lower than a preset threshold value.
Preferably, the user access log at least comprises time of access request, user information and user verification information.
In a second aspect, the present invention provides a system of the digital resource emergency management method according to the first aspect, the system comprising:
the system comprises an emergency response processing module, a digital file screening and classifying module, an emergency digital resource access platform database and a user access management module.
Preferably, the emergency response processing module is respectively connected with the digital file screening and classifying module and the user access management module, and is used for determining an emergency digital resource range and an accessible IP range based on event response, sending the emergency digital resource range to the digital file screening and classifying module, and sending the accessible IP range to the user access management module;
preferably, the digital file screening and classifying module is connected with the emergency digital resource access platform database, and is used for screening out corresponding digital files in the digital resource library according to the emergency digital resource range, judging the opening grade of the digital files based on a sensitive information judging model, and carrying out data partitioning on the digital files according to the opening grade and storing the digital files in the emergency digital resource access platform database;
preferably, the user access management module is connected with the emergency digital resource access platform database and the user side, and is used for detecting the network environment of the emergency digital resource access platform database in real time, determining a user accessible time window based on an environment risk coefficient, matching different access authorities for users within an accessible IP range, opening corresponding data partitions based on the different access authorities, monitoring the access behaviors of the users within the accessible time window and generating user access logs;
preferably, the emergency digital resource access platform database is used for storing the digital files screened by the digital file screening and classifying module and access logs of users, and calling corresponding digital file resources according to the access request of the user access management module.
Compared with the prior art, the invention has the beneficial effects that:
the digital resource emergency management method and system can provide corresponding digital resources for the masses and professional rescue workers to refer according to the emergency scheme when disasters occur, effectively improve the emergency response speed of the digital resources, improve the disaster emergency management level and have high practical value.
Drawings
FIG. 1 is a flow chart of a digital resource emergency management method of the present invention.
Fig. 2 is a schematic diagram of a digital resource emergency management system according to the present invention.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the present invention more apparent, the technical solutions in the present invention will be clearly and completely described below, and it is apparent that the described embodiments are some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Example 1
In a first aspect, the present invention provides a digital resource emergency management method, as shown in fig. 1, which is a flowchart of the digital resource emergency management method of the present invention, the method includes the following steps:
step one, determining an emergency digital resource scope and an accessible IP scope based on the event response.
And step two, screening out corresponding digital files from the digital resource library according to the emergency digital resource range.
And step three, judging the opening level of the digital file based on the sensitive information judging model.
Step four, the digital file is subjected to data partitioning according to the opening grade and is stored in an emergency digital resource access platform database;
and fifthly, detecting the network environment of the emergency digital resource access platform database in real time, and determining a user accessible time window based on the environment risk coefficient.
Step six, matching different access rights to users in the accessible IP range, and opening corresponding data partitions based on the different access rights.
And step seven, monitoring the access behavior of the user in the accessible time window and generating a user access log.
The event response is an emergency plan generated by a pointer for a particular event, and determining an emergency digital resource scope and an accessible IP scope based on the event response includes:
and analyzing the emergency plan to obtain a response area and knowledge elements of the emergency plan.
And obtaining a corresponding knowledge graph according to the knowledge elements, and determining an emergency digital resource range according to the knowledge graph.
And determining an administrative division in the response area according to the response area of the emergency plan, and determining an accessible IP range according to the administrative division, wherein the administrative division takes a county level division as a minimum unit.
Preferably, the step of screening the corresponding digital file from the digital resource library according to the emergency digital resource range specifically includes:
and determining an entity, relationship and attribute triplet in the knowledge graph according to the knowledge graph, and performing natural language processing on unstructured data in the triplet to convert the unstructured data into structured data.
And clustering the structured data to construct a knowledge set based on the knowledge graph.
And performing word segmentation extraction on the catalogue and/or abstract of each file in the digital resource library to obtain a word segmentation set.
And calculating the association degree of the word segmentation set and the knowledge set, and determining the digital file with the association degree higher than a threshold value as the file in the emergency digital resource range.
The specific method for calculating the association degree between the word segmentation set and the knowledge set comprises the following steps:
the word segmentation set is subjected to text vectorization processing to obtain TF-IDF vectors of the word segmentation set,
the calculation formula of the TF-IDF vector is as follows:wherein->Is a word->In the word segmentation set->Frequency of occurrence,/->Is a word segmentation +.>The total number of word segments in->Is the total number of digital files in the digital asset library, < >>Is the presence of the word +.>Is a digital file number of (a);
the TF-IDF vector of the knowledge set is calculated, and the association degree of the word segmentation set and the knowledge set is calculated according to vector information:
in the method, in the process of the invention,is a word segmentation +.>And knowledge set->Text similarity of (c); />Is a word segmentation +.>And knowledge set->Cosine similarity of (c); />,/>Vectors in the vocabulary and knowledge set, respectively, < ->Is the vector dimension.
Judging the opening level of the digital file based on the sensitive information judging model, comprising: if the digital file is marked with the opening grade when being stored and warehoused, the opening grade is used.
If the digital file is not marked with the opening grade during storage and warehousing, the digital file content and the pre-built sensitive information base are stored
Carrying out semantic similarity calculation on the sensitive information; and obtaining the opening grade of the digital file according to the semantic similarity calculation result.
The opening level of the digital file is sequentially from low to high: public, restricted public, confidential and impersonative.
The semantic similarity calculating method is to calculate similarity between semantic representations of the whole text and sensitive information by using cosine distances:
in the method, in the process of the invention,representing digital File +.>Feature vector of each dimension of>Representing sensitive information base->Feature vector of each dimension of>Representing a single vector dimension, +.>Representing vector dimensions>,/>Representing a digital file and a sensitive information base, respectively.
The higher the semantic similarity calculated value is, the higher the confidentiality level of the file compared with the file is, and the lower the corresponding opening level is.
And dividing the digital file into four storage areas according to four opening grades of the digital file, wherein the opening grades are that the digital file with public and limited public can be accessed and acquired through a user network port.
The digital files with confidential and confidential opening levels cannot be directly accessed through the user network port, and the user access management module is only used for processing access approval of the confidential and confidential digital files.
The network environment for detecting the emergency digital resource access platform database in real time comprises the following steps:
and selecting each index from the network performance indexes, and determining the dependency relationship among the indexes.
And obtaining a time sequence diagram of a certain time period of the corresponding index according to threat information received by the network environment of the emergency digital resource access platform database.
And (3) carrying out statistical analysis and calculating the prior probability of each index and the posterior probability of each index to obtain the maximum allowable quantity of probability change of the risk factors of each index.
And calculating the network risk rate to obtain an environmental risk coefficient at the current moment, and opening user access when the environmental risk coefficient is lower than a preset threshold value.
The user access log at least comprises time of access request, user information and user verification information.
Example 2
The present embodiment provides a system of the digital resource emergency management method according to embodiment 1, as shown in fig. 2, which is a schematic diagram of a composition of the digital resource emergency management system, and includes:
the system comprises an emergency response processing module, a digital file screening and classifying module, an emergency digital resource access platform database and a user access management module.
The emergency response processing module is respectively connected with the digital file screening and classifying module and the user access management module and is used for determining an emergency digital resource range and an accessible IP range based on event response, sending the emergency digital resource range to the digital file screening and classifying module and sending the accessible IP range to the user access management module;
the digital file screening and classifying module is connected with the emergency digital resource access platform database and is used for screening out corresponding digital files in the digital resource library according to the emergency digital resource range, judging the opening grade of the digital files based on a sensitive information judging model, and carrying out data partitioning on the digital files according to the opening grade and storing the digital files in the emergency digital resource access platform database;
the user access management module is connected with the emergency digital resource access platform database and the user side, and is used for detecting the network environment of the emergency digital resource access platform database in real time, determining a user accessible time window based on an environment risk coefficient, matching different access authorities for users within an accessible IP range, opening corresponding data partitions based on the different access authorities, monitoring the access behaviors of the users within the accessible time window and generating user access logs;
the emergency digital resource access platform database is used for storing the digital files screened by the digital file screening and classifying module and access logs of users, and calling corresponding digital file resources according to the access requests of the user access management module.
It should be noted that the elements and algorithm steps of the examples described in connection with the embodiments disclosed herein may be embodied in electronic hardware, computer software, or a combination of the two, and to clearly illustrate the interchangeability of hardware and software, the components and steps of the examples have been described generally in terms of their functionality. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Different methods may be used to implement the described functionality for each particular application, but such implementation should not be considered to be beyond the scope of this application.
The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied in hardware, in a software module executed by a processor, or in a combination of the two. The software modules may be disposed in Random Access Memory (RAM), memory, read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.
The foregoing description of the embodiments has been provided for the purpose of illustrating the general principles of the invention, and is not meant to limit the scope of the invention, but to limit the invention to the particular embodiments, and any modifications, equivalents, improvements, etc. that fall within the spirit and principles of the invention are intended to be included within the scope of the invention.
Claims (10)
1. A digital resource emergency management method, comprising the steps of:
determining an emergency digital resource range and an accessible IP range based on the event response;
screening out corresponding digital files from a digital resource library according to the emergency digital resource range;
judging the opening level of the digital file based on the sensitive information judging model;
carrying out data partitioning on the digital file according to the opening grade and storing the digital file into an emergency digital resource access platform database;
detecting the network environment of the emergency digital resource access platform database in real time, and determining a user accessible time window based on an environmental risk coefficient;
matching different access rights to users within the accessible IP range, and opening corresponding data partitions based on the different access rights;
and monitoring the access behavior of the user in the accessible time window and generating a user access log.
2. The digital resource emergency management method of claim 1, wherein the event response is an emergency plan generated by a pointer for a particular event;
determining an emergency digital resource scope and an accessible IP scope based on the event response includes:
analyzing the emergency plan to obtain a response area and knowledge elements of the emergency plan;
obtaining a corresponding knowledge graph according to the knowledge elements, and determining an emergency digital resource range according to the knowledge graph;
and determining an administrative division in the response area according to the response area of the emergency plan, and determining an accessible IP range according to the administrative division, wherein the administrative division takes a county level division as a minimum unit.
3. The digital resource emergency management method according to claim 2, wherein the step of screening the digital resource library for the corresponding digital file according to the emergency digital resource range specifically comprises:
determining an entity, relationship and attribute triplet in the knowledge graph according to the knowledge graph, performing natural language processing on unstructured data in the triplet, and converting the unstructured data into structured data;
clustering the structured data to construct a knowledge set based on a knowledge graph;
performing word segmentation extraction on the catalogue and/or abstract of each file in the digital resource library to obtain a word segmentation set;
and calculating the association degree of the word segmentation set and the knowledge set, and determining the digital file with the association degree higher than a threshold value as the file in the emergency digital resource range.
4. The digital resource emergency management method according to claim 3, wherein the specific method for calculating the association degree between the word segmentation set and the knowledge set is as follows:
the word segmentation set is subjected to text vectorization processing to obtain TF-IDF vectors of the word segmentation set,
the calculation formula of the TF-IDF vector is as follows:wherein->Is a word->In the word segmentation set->Frequency of occurrence,/->Is a word segmentation +.>The total number of word segments in->Is the total number of digital files in the digital asset library, < >>Is the presence of the word +.>Is a digital file number of (a);
the TF-IDF vector of the knowledge set is calculated, and the association degree of the word segmentation set and the knowledge set is calculated according to vector information:
in the method, in the process of the invention,is a word segmentation +.>And knowledge set->Text similarity of (c); />Is a word segmentation +.>And knowledge set->Cosine similarity of (c); />,/>Vectors in the vocabulary and knowledge set, respectively, < ->Is the vector dimension.
5. The digital resource emergency management method according to claim 2, wherein determining the opening level of the digital file based on the sensitive information determination model includes: if the digital file is marked with the opening grade during storage and warehousing, the opening grade is used;
if the digital file is not marked with the opening grade during storage and warehousing, carrying out semantic similarity calculation on the digital file content and the sensitive information in the pre-constructed sensitive information base; obtaining the opening level of the digital file according to the semantic similarity calculation result;
the opening level of the digital file is sequentially from low to high: public, restricted public, confidential and impersonative.
6. According to claimThe digital resource emergency management method of claim 5, wherein the semantic similarity calculating method is to calculate similarity between semantic representations of the whole text and sensitive information by using cosine distances:
in the method, in the process of the invention,representing digital File +.>Feature vector of each dimension of>Representing sensitive information base->Feature vector of each dimension of>Representing a single vector dimension, +.>Representing vector dimensions>,/>Respectively representing a digital file and a sensitive information base;
the higher the semantic similarity calculated value is, the higher the confidentiality level of the file compared with the file is, and the lower the corresponding opening level is.
7. The digital resource emergency management method according to claim 5, wherein the digital file is divided into four storage areas according to four opening levels of the digital file, wherein the opening levels are that the digital file with public and limited public can be accessed and obtained through a user network port;
the digital files with confidential and confidential opening levels cannot be directly accessed through the user network port, and the user access management module is only used for processing access approval of the confidential and confidential digital files.
8. The digital resource emergency management method of claim 7, wherein detecting in real-time the network environment of the emergency digital resource access platform database comprises:
selecting each index from the network performance indexes, and determining the dependency relationship among the indexes;
obtaining a time sequence diagram of a certain time period of a corresponding index according to threat information received by a network environment of the emergency digital resource access platform database;
the prior probability of each index and the posterior probability of each index are statistically analyzed and calculated, and the maximum allowable quantity of probability change of risk factors of each index is obtained;
and calculating the network risk rate to obtain an environmental risk coefficient at the current moment, and opening user access when the environmental risk coefficient is lower than a preset threshold value.
9. The digital resource emergency management method of claim 7, wherein the user access log includes at least time of access request, user information, user authentication information.
10. A system of a digital resource emergency management method according to any of claims 1-9, characterized in that the system comprises:
the system comprises an emergency response processing module, a digital file screening and classifying module, an emergency digital resource access platform database and a user access management module;
the emergency response processing module is respectively connected with the digital file screening and classifying module and the user access management module and is used for determining an emergency digital resource range and an accessible IP range based on event response, sending the emergency digital resource range to the digital file screening and classifying module and sending the accessible IP range to the user access management module;
the digital file screening and classifying module is connected with the emergency digital resource access platform database and is used for screening out corresponding digital files in the digital resource library according to the emergency digital resource range, judging the opening grade of the digital files based on a sensitive information judging model, and carrying out data partitioning on the digital files according to the opening grade and storing the digital files in the emergency digital resource access platform database;
the user access management module is connected with the emergency digital resource access platform database and the user side, and is used for detecting the network environment of the emergency digital resource access platform database in real time, determining a user accessible time window based on an environment risk coefficient, matching different access authorities for users within an accessible IP range, opening corresponding data partitions based on the different access authorities, monitoring the access behaviors of the users within the accessible time window and generating user access logs;
the emergency digital resource access platform database is used for storing the digital files screened by the digital file screening and classifying module and access logs of users, and calling corresponding digital file resources according to the access requests of the user access management module.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410123673.XA CN117688135B (en) | 2024-01-30 | 2024-01-30 | Digital resource emergency management method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410123673.XA CN117688135B (en) | 2024-01-30 | 2024-01-30 | Digital resource emergency management method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN117688135A true CN117688135A (en) | 2024-03-12 |
| CN117688135B CN117688135B (en) | 2024-04-30 |
Family
ID=90126773
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202410123673.XA Active CN117688135B (en) | 2024-01-30 | 2024-01-30 | Digital resource emergency management method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117688135B (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20200334605A1 (en) * | 2018-11-21 | 2020-10-22 | Beijing Yutian Technology Co. Ltd | Emergency resource sharing and exchange system |
| CN113918511A (en) * | 2021-10-21 | 2022-01-11 | 上海威固信息技术股份有限公司 | Multi-factor data analysis processing method, system and storage medium |
| CN116226908A (en) * | 2022-12-27 | 2023-06-06 | 北京市大数据中心 | Data security emergency management analysis method and system based on big data |
| CN116545731A (en) * | 2023-05-29 | 2023-08-04 | 中科天御(苏州)科技有限公司 | Zero-trust network access control method and system based on time window dynamic switching |
| CN117112776A (en) * | 2023-09-23 | 2023-11-24 | 宏景科技股份有限公司 | Enterprise knowledge base management and retrieval platform and method based on large language model |
-
2024
- 2024-01-30 CN CN202410123673.XA patent/CN117688135B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20200334605A1 (en) * | 2018-11-21 | 2020-10-22 | Beijing Yutian Technology Co. Ltd | Emergency resource sharing and exchange system |
| CN113918511A (en) * | 2021-10-21 | 2022-01-11 | 上海威固信息技术股份有限公司 | Multi-factor data analysis processing method, system and storage medium |
| CN116226908A (en) * | 2022-12-27 | 2023-06-06 | 北京市大数据中心 | Data security emergency management analysis method and system based on big data |
| CN116545731A (en) * | 2023-05-29 | 2023-08-04 | 中科天御(苏州)科技有限公司 | Zero-trust network access control method and system based on time window dynamic switching |
| CN117112776A (en) * | 2023-09-23 | 2023-11-24 | 宏景科技股份有限公司 | Enterprise knowledge base management and retrieval platform and method based on large language model |
Also Published As
| Publication number | Publication date |
|---|---|
| CN117688135B (en) | 2024-04-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11983297B2 (en) | Efficient statistical techniques for detecting sensitive data | |
| CN110489558B (en) | Article aggregation method and device, medium and computing equipment | |
| JP2017091515A (en) | Computer-implemented system and method for automatically identifying attributes for anonymization | |
| CN107273752B (en) | Vulnerability automatic classification method based on word frequency statistics and naive Bayes fusion model | |
| CN109255000B (en) | Dimension management method and device for label data | |
| CN111586695B (en) | Short message identification method and related equipment | |
| CN115174250B (en) | Network asset security assessment method and device, electronic equipment and storage medium | |
| CN113553583A (en) | Information system asset security risk assessment method and device | |
| CN117675387B (en) | Network security risk prediction method and system based on user behavior analysis | |
| CN116701641B (en) | Hierarchical classification method and device for unstructured data | |
| Meryem et al. | A novel approach in detecting intrusions using NSLKDD database and MapReduce programming | |
| CN112099870B (en) | Document processing method, device, electronic equipment and computer readable storage medium | |
| CN113723514A (en) | Safe access log data balance processing method based on hybrid sampling | |
| CN116881687B (en) | Power grid sensitive data identification method and device based on feature extraction | |
| CN117688135B (en) | Digital resource emergency management method and system | |
| CN115809466B (en) | Security requirement generation method and device based on STRIDE model, electronic equipment and medium | |
| CN115374793B (en) | Voice data processing method based on service scene recognition and related device | |
| Jin | Network Data Detection for Information Security Using CNN-LSTM Model | |
| Paryani et al. | Entropy-based model for estimating veracity of topics from tweets | |
| CN112199585A (en) | Network public opinion emergent hotspot event discovery method based on data mining technology | |
| She et al. | WS-Sim: a web service simulation toolset with realistic data support | |
| CN118626597B (en) | Data management platform and data management method based on hierarchical data circulation | |
| JP7302668B2 (en) | Level estimation device, level estimation method, and level estimation program | |
| Sokolov | Applied Machine Learning for Cybersecurity in Spam Filtering and Malware Detection | |
| US12032908B1 (en) | Determining control tests for external services used by an organization based on natural language processing models |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |