CN117745080A - Multi-factor authentication-based data access control and security supervision method and system - Google Patents

Multi-factor authentication-based data access control and security supervision method and system Download PDF

Info

Publication number
CN117745080A
CN117745080A CN202410182266.6A CN202410182266A CN117745080A CN 117745080 A CN117745080 A CN 117745080A CN 202410182266 A CN202410182266 A CN 202410182266A CN 117745080 A CN117745080 A CN 117745080A
Authority
CN
China
Prior art keywords
dimension reduction
distribution
access
access time
historical
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202410182266.6A
Other languages
Chinese (zh)
Other versions
CN117745080B (en
Inventor
赵琉涛
孟凡银
杨爱静
李自钦
施云
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Beike Rongzhi Cloud Computing Technology Co ltd
Original Assignee
Beijing Beike Rongzhi Cloud Computing Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Beike Rongzhi Cloud Computing Technology Co ltd filed Critical Beijing Beike Rongzhi Cloud Computing Technology Co ltd
Priority to CN202410182266.6A priority Critical patent/CN117745080B/en
Publication of CN117745080A publication Critical patent/CN117745080A/en
Application granted granted Critical
Publication of CN117745080B publication Critical patent/CN117745080B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The application provides a data access control and security supervision method and system based on multi-factor authentication, which relate to the technical field of data access control, and the method comprises the following steps: collecting historical access time distribution of a target user; optimizing the dimension reduction to obtain dimension reduction access time distribution; according to access records of a plurality of users, reducing the dimension to obtain standard dimension-reduced access time distribution, and calculating a first security supervision degree; collecting historical retrieval feature distribution, and optimizing dimension reduction to obtain dimension reduction retrieval feature distribution; obtaining standard retrieval feature distribution, and calculating a second safety supervision degree; and combining the first security supervision and the second security supervision, and calculating the comprehensive supervision to perform access control processing. The method can solve the technical problems of low accuracy and reliability of data access security supervision caused by low accuracy and efficiency of data access risk assessment due to the fact that the data analysis amount is large and the risk assessment method is single, and can improve the accuracy and reliability of the data access security supervision.

Description

Multi-factor authentication-based data access control and security supervision method and system
Technical Field
The present application relates to the field of data access control technology, and more particularly, to a multi-factor authentication-based data access control and security supervision method and system.
Background
The data access control and the security supervision are important means for protecting the data security, are used for limiting the sensitive data access, and can effectively reduce the unauthorized data access and use by setting reasonable access control and security supervision measures, and ensure the confidentiality, the integrity and the availability of the data.
The existing data access security supervision method generally performs comparison and analysis according to access information and historical access information of target data accessed by a user, and then performs abnormality judgment of current access according to analysis results.
The existing data access security supervision method has the following defects: because the data analysis amount is large and the data access risk assessment method is single, the accuracy and the assessment efficiency of the data access risk assessment are low, and the accuracy and the reliability of the data access security supervision are low.
Disclosure of Invention
Therefore, in order to solve the above technical problems, the technical solutions adopted in the embodiments of the present application are as follows:
the data access control and security supervision method based on multi-factor authentication comprises the following steps: responding to a real-time access request received by target data, determining a target user accessing the target data, and acquiring the historical access time distribution of the target user according to the historical access record of the target user to the target data; performing optimization dimension reduction processing on the historical access time distribution to obtain dimension reduction access time distribution, wherein dimension reduction is performed on the historical access time distribution by calculating time probability distribution of the historical access time distribution according to access time spans in the historical access time distribution; according to access records of the target data accessed by a plurality of users, calculating and performing dimension reduction processing to obtain standard dimension reduction access time distribution, and calculating to obtain a first security supervision degree of the real-time access request by combining the dimension reduction access time distribution; according to the historical access record of the target user to the target data, acquiring the historical retrieval feature distribution of the target user accessing the target data, and optimizing the dimension reduction processing to obtain dimension reduction retrieval feature distribution; according to access records of the target data accessed by a plurality of users, standard retrieval feature distribution is obtained, and the second security supervision degree of the real-time access request is obtained through calculation by combining the dimension reduction retrieval feature distribution; and combining the first security supervision degree and the second security supervision degree, calculating and obtaining the comprehensive supervision degree of the real-time access request, and performing access control processing on the real-time access request.
A multi-factor authentication based data access control and security supervision system comprising: the historical access time distribution acquisition module is used for responding to a real-time access request received by target data, determining a target user accessing the target data and acquiring the historical access time distribution of the target user according to the historical access record of the target user to the target data; the dimension reduction access time distribution obtaining module is used for carrying out optimization dimension reduction processing on the historical access time distribution to obtain dimension reduction access time distribution, wherein the dimension reduction is carried out on the historical access time distribution by calculating the time probability distribution of the historical access time distribution according to the access time span in the historical access time distribution; the first security supervision degree calculation module is used for calculating and dimension-reducing processing to obtain standard dimension-reducing access time distribution according to access records of the target data accessed by a plurality of users, and calculating to obtain the first security supervision degree of the real-time access request by combining the dimension-reducing access time distribution; the dimension reduction search feature distribution obtaining module is used for collecting the history search feature distribution of the target user accessing the target data according to the history access record of the target user to the target data, and optimizing dimension reduction processing to obtain dimension reduction search feature distribution; the second security supervision degree calculation module is used for obtaining standard retrieval feature distribution according to access records of the target data accessed by a plurality of users, and calculating to obtain the second security supervision degree of the real-time access request by combining the dimension reduction retrieval feature distribution; and the access control processing module is used for combining the first security supervision degree and the second security supervision degree, calculating and obtaining the comprehensive supervision degree of the real-time access request, and performing access control processing on the real-time access request.
By adopting the technical method, compared with the prior art, the technical progress of the application has the following points:
the method can solve the technical problems of low accuracy and reliability of data access security supervision caused by low accuracy and efficiency of data access risk assessment due to the fact that the data analysis amount is large and the data access risk assessment method is single in the existing data access security supervision method. Firstly, responding to a real-time access request received by target data, determining a target user accessing the target data, and acquiring historical access time distribution of the target user according to a historical access record of the target user to the target data; then optimizing and dimension-reducing the historical access time distribution to obtain dimension-reducing access time distribution, wherein the dimension of the historical access time distribution is reduced by calculating the time probability distribution of the historical access time distribution according to the access time span in the historical access time distribution; further according to access records of the target data accessed by a plurality of users, calculating and performing dimension reduction processing to obtain standard dimension reduction access time distribution, and combining the dimension reduction access time distribution, calculating and obtaining a first security supervision degree of the real-time access request; on the other hand, according to the historical access record of the target user to the target data, acquiring the historical retrieval feature distribution of the target user accessing the target data, and optimizing the dimension reduction process to obtain the dimension reduction retrieval feature distribution; then, according to access records of the target data accessed by a plurality of users, standard retrieval feature distribution is obtained, and the second security supervision degree of the real-time access request is calculated and obtained by combining the dimension reduction retrieval feature distribution; and finally, combining the first security supervision degree and the second security supervision degree, calculating and obtaining the comprehensive supervision degree of the real-time access request, and performing access control processing on the real-time access request. The data is subjected to dimension reduction processing, and comprehensive evaluation of the data access risk is carried out from multiple dimensions, so that the accuracy and evaluation efficiency of the data access risk evaluation can be improved, the accuracy and reliability of data access safety supervision are improved, and the safety and integrity of the access data are ensured.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are used in the description of the embodiments will be briefly described below.
FIG. 1 is a flow chart of a method of data access control and security supervision based on multi-factor authentication provided herein;
FIG. 2 is a schematic flow chart of obtaining dimension-reduced access time distribution in a multi-factor authentication-based data access control and security supervision method;
fig. 3 is a schematic structural diagram of a data access control and security supervision system based on multi-factor authentication provided in the present application.
Reference numerals illustrate: the system comprises a history access time distribution acquisition module 01, a dimension reduction access time distribution acquisition module 02, a first safety supervision degree calculation module 03, a dimension reduction retrieval characteristic distribution acquisition module 04, a second safety supervision degree calculation module 05 and an access control processing module 06.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly described below with reference to the drawings in the embodiments of the present application. All other embodiments, which can be made by one of ordinary skill in the art without undue burden from the present disclosure, are within the scope of the present disclosure.
Example 1
Based on the above description, as shown in fig. 1, the present application provides a data access control and security supervision method based on multi-factor authentication, including:
the method is used for carrying out data access anomaly analysis through multiple dimensions and carrying out access risk comprehensive assessment according to multiple access anomaly analysis results when data is accessed, and further carrying out data access control and safety supervision according to the access risk comprehensive assessment results, so that accuracy and assessment efficiency of data access risk assessment are improved, accuracy and reliability of data access safety supervision are improved, and technical effects of safety and integrity of access data are ensured.
Responding to a real-time access request received by target data, determining a target user accessing the target data, and acquiring the historical access time distribution of the target user according to the historical access record of the target user to the target data;
in the embodiment of the present application, first, a real-time access request of target data is received, where the target data may be set according to an actual access scenario, for example: customer data in the enterprise customer information management database; determining a target user accessing the target data according to the real-time access request, wherein the target user is identified by a user ID, for example: a login account number, a cell phone number, etc. Then, extracting a historical access record of the target user to the target data according to the user ID of the target user, wherein the historical access record comprises a plurality of pieces of historical access record data, the historical access record data comprises data such as access time, access stay time and the like, and then extracting a historical access time distribution of the target user according to the historical access record, wherein the historical access time distribution refers to a time node record of the target user accessing the target data in a preset time period, and comprises a plurality of access time nodes, wherein the preset time period is a longer time period, and can be set by a person skilled in the art according to practical situations, for example: 6 months, 12 months, etc.
By acquiring the historical access time distribution of the target user, the historical access state of the target user can be intuitively acquired, and meanwhile, data support is provided for carrying out abnormal analysis of access time dimension.
Performing optimization dimension reduction processing on the historical access time distribution to obtain dimension reduction access time distribution, wherein dimension reduction is performed on the historical access time distribution by calculating time probability distribution of the historical access time distribution according to access time spans in the historical access time distribution;
in the embodiment of the application, the historical access time distribution is subjected to optimization dimension reduction processing, wherein the purpose of the optimization dimension reduction processing is to reduce analysis data volume and extract key information, and firstly, time spans of each historical access time node and each central access time node in the historical access time distribution are calculated respectively to obtain a plurality of access time spans, wherein the access time spans refer to time distances between the historical access time nodes and the central access time nodes, and the access time spans and the historical access time nodes are in one-to-one correspondence; then respectively calculating the time distribution probability of each historical access time node in the historical access time distribution according to a plurality of access time spans to obtain a plurality of time distribution probabilities; and finally, reducing the dimension of the historical access time distribution according to the multiple time distribution probabilities to obtain the dimension-reduced access time distribution after the dimension reduction treatment.
As shown in fig. 2, in one embodiment, the method further comprises:
according to the time spans of a plurality of historical access times and central access time in the historical access time distribution, distributing and calculating to obtain historical time probability distribution, wherein the time probability of each historical access time is proportional to the time span;
acquiring the number of access times in the dimension-reduced access time distribution after dimension reduction as a preset dimension-reduced number;
randomly selecting the historical access time of the preset dimension reduction quantity and the center access time in the historical access time distribution, and constructing a first dimension reduction access time distribution;
according to the time span of each first dimension reduction access time and center access time in the first dimension reduction access time distribution, distributing and calculating to obtain first dimension reduction time probability distribution;
calculating to obtain a first dimension reduction similarity according to the first dimension reduction time probability distribution and the historical time probability distribution;
and continuing to perform random dimension reduction processing and optimization on the historical access time distribution until the dimension reduction convergence requirement is met, and obtaining the dimension reduction access time distribution.
In this embodiment of the present application, the method for performing an optimization dimension reduction process on the historical access time distribution to obtain a dimension reduction access time distribution includes first sequentially calculating time spans of a plurality of historical access times and a central access time in the historical access time distribution, where the central access time refers to a central time node of the plurality of historical access times in the historical access time distribution, assuming that the plurality of historical access times are odd numbers, the central access time is a central time node, assuming that the plurality of historical access times are even numbers, and the central access time is any one of two central time nodes; the time span refers to a time interval distance, and a plurality of time spans corresponding to a plurality of historical access times are obtained.
And then respectively calculating the historical time probability corresponding to each historical access time according to the time span, wherein the time probability of each historical access time is in direct proportion to the time span, namely, the larger the time span is, the larger the difference between the historical access time and the central time is, the larger the time probability is, a plurality of time probabilities corresponding to a plurality of historical access times are obtained, and the historical time probability distribution is built according to the plurality of time probabilities, so that the historical time probability distribution is obtained.
Obtaining the number of access times in the dimension-reduced access time distribution after dimension reduction, wherein the number of access times refers to the number of target times after dimension reduction processing, and the number of access times can be set by a person skilled in the art according to actual requirements, for example: the required data amount is 100, and the access time amount can be set to be 100; and taking the access time quantity as a preset dimension reduction quantity.
Randomly selecting the historical access time of the preset dimension reduction quantity and the center access time in the historical access time distribution, and constructing a first dimension reduction access time distribution according to the historical access time of the preset dimension reduction quantity and the center access time. And then according to the time spans of each first dimension reduction access time and the center access time in the first dimension reduction access time distribution, obtaining a plurality of first time spans corresponding to the plurality of first dimension reduction access times, and according to the plurality of first time spans, calculating a plurality of first dimension reduction time probabilities, wherein the larger the first time span is, the larger the corresponding first dimension reduction time probability is, obtaining a plurality of first dimension reduction time probabilities, and according to the plurality of first dimension reduction time probabilities, constructing a first dimension reduction time probability distribution.
And performing similarity calculation on the first dimension reduction time probability distribution and the historical time probability distribution, wherein common similarity calculation methods comprise Euclidean distance, cosine similarity, jaccard similarity coefficient and the like, and a person skilled in the art can select an adaptive similarity calculation method according to actual conditions to obtain the first dimension reduction similarity. And then, continuing to perform random dimension reduction processing and optimization on the historical access time distribution by using the same method until the dimension reduction convergence requirement is met, and obtaining the dimension reduction access time distribution according to the current similarity calculation result. The dimension reduction convergence requirement refers to preset dimension reduction processing times, and the dimension reduction convergence requirement can be set according to actual dimension reduction requirements, wherein the higher the dimension reduction requirement quality is, the larger the preset dimension reduction processing times are.
In one embodiment, the method further comprises:
taking the first dimension reduction access time distribution as a stage dimension reduction result;
randomly selecting the historical access time of the preset dimension reduction quantity and the central access time in the historical access time distribution again, and constructing a second dimension reduction access time distribution;
according to the time span of each second dimension reduction access time and center access time in the second dimension reduction access time distribution, distributing and calculating to obtain second dimension reduction time probability distribution, and combining the historical time probability distribution, calculating to obtain second dimension reduction similarity;
Carrying out probability discrimination according to the first dimension reduction similarity and the second dimension reduction similarity, and updating the stage dimension reduction result, wherein the probability of probability discrimination is in direct proportion to the magnitudes of the first dimension reduction similarity and the second dimension reduction similarity;
and continuing to perform random dimension reduction processing and optimization on the historical access time distribution until reaching convergence dimension reduction times, and outputting a final dimension reduction result in a stage to obtain the dimension reduction access time distribution.
In the embodiment of the present application, the method for continuing to perform random dimension reduction processing and optimization on the historical access time distribution is as follows, first, the first dimension reduction access time distribution is used as a step dimension reduction result; and then randomly selecting the historical access time of the preset dimension reduction quantity and the center access time in the historical access time distribution again, and constructing a second dimension reduction access time distribution according to the historical access time of the preset dimension reduction quantity and the center access time.
And sequentially calculating the time span of each second dimension reduction access time and the center access time in the second dimension reduction access time distribution to obtain a plurality of second time spans, and obtaining second dimension reduction time probability distribution according to the distribution calculation of the plurality of second time spans. And carrying out similarity calculation on the second dimension reduction time probability distribution and the historical time probability distribution to obtain second dimension reduction similarity.
And carrying out probability discrimination according to the first dimension reduction similarity and the second dimension reduction similarity, wherein the probability of the probability discrimination is in direct proportion to the magnitudes of the first dimension reduction similarity and the second dimension reduction similarity, namely, the larger the dimension reduction similarity is, the larger the corresponding probability in the probability discrimination is, so as to obtain the first dimension reduction probability and the second dimension reduction probability. Then updating the step-down dimension result according to a first dimension-down probability and a second dimension-down probability, namely setting a first dimension-down access time distribution corresponding to the first dimension-down probability as a step-down dimension result when the first dimension-down probability is larger than the second dimension-down probability; and when the first dimension reduction probability is smaller than or equal to the second dimension reduction probability, setting second dimension reduction access time distribution corresponding to the second dimension reduction probability as a stage dimension reduction result.
And continuing to perform random dimension reduction processing and optimization on the historical access time distribution by using the method until reaching convergence dimension reduction times, and outputting a dimension reduction result at the current stage as dimension reduction access time distribution to obtain the dimension reduction access time distribution.
By utilizing the method to optimize the dimension reduction processing on the historical access time distribution, the accuracy of obtaining the dimension reduction access time distribution can be improved, and the accuracy of calculating the first safety supervision degree can be indirectly improved.
According to access records of the target data accessed by a plurality of users, calculating and performing dimension reduction processing to obtain standard dimension reduction access time distribution, and calculating to obtain a first security supervision degree of the real-time access request by combining the dimension reduction access time distribution;
in the embodiment of the application, firstly, access records of the target data accessed by a plurality of users are obtained, wherein the access records comprise a plurality of historical access time nodes; calculating and performing dimension reduction processing according to access records accessed by a plurality of users to obtain standard dimension reduction access time distribution; and then, performing first security supervision calculation of the real-time access request according to the standard dimension reduction access time distribution and the dimension reduction access time distribution to obtain a first security supervision.
In one embodiment, the method further comprises:
acquiring historical access time distribution of a plurality of users;
clustering the historical access time in the historical access time distribution of the plurality of users according to the number of the users, wherein the historical access time cluster of the number of the users nearby is calculated as one historical access time, and the standard historical access time distribution is obtained;
Performing optimization dimension reduction processing on the standard historical access time distribution to obtain the standard dimension reduction access time distribution;
and calculating and obtaining the first security supervision degree of the real-time access request according to the standard dimension reduction access time distribution and the dimension reduction access time distribution.
In this embodiment of the present application, the method for obtaining the first security supervision degree of the real-time access request includes first obtaining access records of the target data accessed by multiple users, and sequentially constructing multiple user historical access time distributions of the multiple users according to the access records.
Then clustering the historical access time in the historical access time distribution of the plurality of users according to the number of users of the plurality of users, firstly, obtaining the number of users and a preset clustering unit interval, wherein the number of users represents the number of most users in the plurality of users, is more than half of the total number of users and less than the total number of users, and can be set according to practical situations, for example: assuming that the plurality of users is 100 users, the number of users can be set to 60; the preset clustering unit interval is an access time interval, which is a smaller time period, and may be set according to practical situations, for example: the preset cluster unit interval is set to 30 minutes.
Clustering the historical access time in the historical access time distribution of the plurality of users according to the number of users and the preset clustering unit interval, namely calculating the historical access time cluster which is in the preset clustering unit interval and has the user number larger than or equal to the number of users as one historical access time, and marking the historical access time as a standard historical access time, wherein the standard historical access time is a central node of a plurality of historical access time nodes covered by the corresponding preset clustering unit interval, so as to obtain a plurality of standard historical access times, and constructing the standard historical access time distribution according to the plurality of standard historical access times.
And carrying out optimization dimension reduction processing on the standard historical access time distribution, wherein the optimization dimension reduction processing method is the same as the dimension reduction method for obtaining the dimension reduction access time distribution, and is not described herein, so as to obtain the standard dimension reduction access time distribution. And finally, calculating a first security supervision degree of the real-time access request according to the standard dimension reduction access time distribution and the dimension reduction access time distribution, and obtaining the first security supervision degree.
In one embodiment, the method further comprises:
Constructing a standard dimension reduction access time sequence and a dimension reduction access time sequence according to the standard dimension reduction access time distribution and the dimension reduction access time distribution;
calculating the correlation between the standard dimension reduction access time sequence and the dimension reduction access time sequence to obtain a first safety correlation;
and calculating and obtaining the first safety supervision degree according to the first safety correlation.
In this embodiment of the present application, a method for obtaining, by calculation, a first security supervision degree of the real-time access request according to the standard dimension-reduction access time distribution and the dimension-reduction access time distribution is as follows, first, a standard dimension-reduction access time sequence is constructed according to the standard dimension-reduction access time distribution, where the standard dimension-reduction access time sequence is generated by arranging a plurality of standard dimension-reduction access time nodes in the standard dimension-reduction access time distribution according to a time sequence; and constructing a dimension-reduction access time sequence according to the dimension-reduction access time distribution.
Performing similarity calculation on the standard dimension reduction access time sequence and the dimension reduction access time sequence, wherein the similarity calculation method comprises Euclidean distance, cosine similarity, jaccard similarity coefficient and the like, the similarity calculation result can be obtained by selecting according to actual conditions, and a first safety correlation is set according to the similarity calculation result, wherein the larger the similarity calculation result is, the larger the first safety correlation is, and the higher the matching degree of access time distribution of a target user and most users is represented, the higher the safety is; and then calculating the first safety supervision according to the first safety correlation, wherein the sum of the first safety supervision and the first safety correlation is 1, namely the first safety supervision is a difference value between 1 and the first safety correlation, and obtaining the first safety supervision, wherein the larger the first safety supervision is, the higher the access anomaly is represented.
The first safety supervision degree is obtained through calculation, so that the abnormality degree analysis of the real-time access request of the target user from the access time dimension can be realized, and meanwhile, support is provided for the next step of comprehensive supervision degree calculation.
According to the historical access record of the target user to the target data, acquiring the historical retrieval feature distribution of the target user accessing the target data, and optimizing the dimension reduction processing to obtain dimension reduction retrieval feature distribution;
in this embodiment of the present application, first, in a history access record of the target user to the target data, a history retrieval feature of the target user accessing the target data is extracted, where the history retrieval feature refers to a retrieval keyword used when the user accesses the target data, and may be set according to a target data type, for example: and assuming that the target data is a patent document, the search keywords comprise information such as patent numbers, patent names, class numbers, application company names and the like, a plurality of history search features are obtained, history search feature distribution is constructed according to the plurality of history search features, and then the history search feature distribution is subjected to optimization dimension reduction processing to obtain dimension reduction search feature distribution.
In one embodiment, the method further comprises:
acquiring the historical retrieval characteristic distribution of the target user accessing the target data according to the historical access record of the target user to the target data;
acquiring a sample retrieval feature set and a sample correlation probability set, wherein each sample retrieval feature set comprises two sample retrieval features;
constructing a retrieval feature correlation probability analyzer by adopting the sample retrieval feature group set and the sample correlation probability set;
acquiring central retrieval features in the historical retrieval feature distribution, analyzing and acquiring the correlation probabilities of other historical retrieval features and the central retrieval features by adopting the retrieval feature correlation probability analyzer, and constructing and acquiring the historical retrieval feature probability distribution;
and carrying out optimization dimension reduction processing on the historical retrieval feature distribution according to the historical retrieval feature probability distribution to obtain the dimension reduction retrieval feature distribution.
In the embodiment of the application, the method for obtaining the dimension reduction retrieval feature distribution is as follows, firstly, according to the history access record of the target user to the target data, the history retrieval feature of the target user accessing the target data is collected, and the history retrieval feature distribution is constructed.
And acquiring a sample retrieval feature set, wherein each sample retrieval feature set comprises two sample retrieval features, and acquiring a sample correlation probability set, wherein the sample retrieval feature set and the sample correlation probability have a corresponding relationship.
The method comprises the steps of constructing a search feature correlation probability analyzer based on a BP neural network, wherein the search feature correlation probability analyzer is a neural network model which can be subjected to iterative optimization in machine learning, and is obtained through supervised training of a training data set, and comprises an input layer, a probability analysis layer and an output layer, wherein the input data of the input layer are search feature groups, and the output data of the output layer are correlation probabilities. And taking the sample retrieval feature set and the sample correlation probability set as sample training data sets of the retrieval feature correlation probability analyzer, and performing supervision training on the retrieval feature correlation probability analyzer to obtain the retrieval feature correlation probability analyzer conforming to expected training constraint.
The training method of the retrieval feature correlation probability analyzer comprises the following steps of dividing the training data set into a sample training set and a sample verification set, wherein the common data dividing proportion is that the sample training set accounts for 85%, the sample verification set accounts for 15%, and the training data set can be automatically divided according to actual conditions by a person skilled in the art; firstly, randomly selecting first sample training data in the sample training set, and then performing supervision training on the retrieval feature correlation probability analyzer through the first sample training data to obtain a first output result; comparing the first output result with a first sample related probability in the first sample training data; when the two are consistent, randomly selecting second sample training data to carry out supervision training on the retrieval feature related probability analyzer; when the two parameters are inconsistent, optimizing the weight parameters of the retrieval feature correlation probability analyzer, and randomly selecting second sample training data to perform supervision training on the retrieval feature correlation probability analyzer; and performing iterative training continuously until the output result of the retrieval feature correlation probability analyzer tends to be in a convergence state, then performing verification training on the retrieval feature correlation probability analyzer through the sample verification set until the accuracy of the output result is greater than a preset accuracy index, and obtaining the retrieval feature correlation probability analyzer after training is completed, wherein the preset accuracy index can be set according to actual requirements, and the higher the required accuracy is, the larger the preset accuracy index is, for example: the preset accuracy index is set to be 95% of accuracy.
Firstly, acquiring central retrieval features in the history retrieval feature distribution, wherein the central retrieval features refer to retrieval features of central positions in a plurality of history retrieval features in the history retrieval feature distribution; and then outputting the other historical retrieval characteristics except the central retrieval characteristic and the central retrieval characteristic in the plurality of historical retrieval characteristics in sequence to a retrieval characteristic correlation probability analyzer which is completed by training for correlation probability analysis, outputting a plurality of correlation probabilities, and constructing a historical retrieval characteristic probability distribution according to the plurality of correlation probabilities.
By constructing a search feature correlation probability analyzer based on the BP neural network to perform correlation probability analysis of historical search features, the accuracy and efficiency of correlation probability analysis can be improved.
And carrying out optimization dimension reduction processing on the historical retrieval feature distribution according to the historical retrieval feature probability distribution, wherein the optimization dimension reduction processing method and the obtained dimension reduction access time distribution are not described herein, and a person skilled in the art can parameter the optimization dimension reduction processing method to obtain the dimension reduction retrieval feature distribution.
According to access records of the target data accessed by a plurality of users, standard retrieval feature distribution is obtained, and the second security supervision degree of the real-time access request is obtained through calculation by combining the dimension reduction retrieval feature distribution;
In the embodiment of the application, according to the access records of the target data accessed by a plurality of users, the historical retrieval feature distribution of the plurality of users is generated according to the access records, and the standard retrieval feature distribution is calculated and obtained based on the historical retrieval feature distribution of the plurality of users. And then, according to the standard retrieval feature distribution and the dimension reduction retrieval feature distribution, calculating and obtaining a second security supervision degree of the real-time access request.
In one embodiment, the method further comprises:
extracting and obtaining a history retrieval feature set according to access records of the target data accessed by a plurality of users;
extracting a plurality of historical retrieval features with highest occurrence probability in the historical retrieval feature set to obtain the standard retrieval feature distribution;
and calculating to obtain the second safety supervision degree according to the coincidence degree of the dimension reduction retrieval feature distribution in the standard retrieval feature distribution.
In the embodiment of the present application, the method for calculating the second security supervision is as follows, first, retrieval feature extraction is performed on access records of the target data accessed by a plurality of users,
a plurality of historical search feature sets are obtained, wherein each user corresponds to one historical feature set. And extracting the historical retrieval features with highest occurrence probability in a preset unit interval in the historical retrieval feature set, and setting the historical retrieval features as standard retrieval features, wherein the occurrence probability is the occurrence frequency, the more the occurrence frequency is, the higher the occurrence probability is, the preset unit interval can be set according to actual conditions to obtain a plurality of standard retrieval features, and standard retrieval feature distribution is constructed according to the plurality of standard retrieval features.
Calculating the coincidence degree of the dimension reduction retrieval feature distribution in the standard retrieval feature distribution, wherein the coincidence degree calculation method is similar to the similarity calculation method, the common calculation method comprises Manhattan distance, cosine similarity and the like, the selection can be carried out according to actual conditions, and the larger the coincidence degree is, the better the safety of the dimension reduction retrieval feature distribution is represented, and the second coincidence degree is obtained. And then obtaining a second security supervision according to the second degree of coincidence, wherein the sum of the second supervision and the second degree of coincidence is 1, and the larger the second security supervision is, the higher the access anomaly degree of the real-time access request is represented.
The second supervision degree is obtained through calculation, so that the abnormality degree analysis of the real-time access request of the target user from the access characteristic dimension can be realized, and meanwhile, support is provided for the next step of comprehensive supervision degree calculation.
And combining the first security supervision degree and the second security supervision degree, calculating and obtaining the comprehensive supervision degree of the real-time access request, and performing access control processing on the real-time access request.
In this embodiment of the present application, a weighted calculation is performed according to the first security supervision and the second security supervision, and a comprehensive supervision of the real-time access request is obtained according to a weighted calculation result, and then access control processing is performed on the real-time access request according to the comprehensive supervision.
In one embodiment, the method further comprises:
performing weighted calculation on the first safety supervision and the second safety supervision to obtain the comprehensive supervision;
and carrying out decision control processing on the real-time access request and the target user according to the comprehensive supervision degree.
In this embodiment of the present application, first, the first security supervision and the second security supervision are assigned with a weight ratio, and the degree of influence of the first security supervision and the second security supervision on the overall security supervision of the real-time access request may be set according to the degree of influence of the first security supervision and the second security supervision, where the greater the degree of influence is, the greater the corresponding weight ratio is, the weight ratio may be set by a coefficient of variation method, where the coefficient of variation method is a common weighting method for those skilled in the art, and no expansion description is given here. And then carrying out weighted calculation on the first safety supervision and the second safety supervision according to the weight ratio, and taking a weighted calculation result as a comprehensive supervision to obtain the comprehensive supervision.
In the embodiment of the application, only comprehensive risk assessment is shown for the real-time access request from two aspects of the access time dimension and the retrieval feature dimension, in addition, the access anomaly analysis can be carried out from the access path dimension, the third supervision degree is calculated, meanwhile, the comprehensive supervision degree is obtained according to the weighted calculation of the first supervision degree, the second supervision degree and the third supervision degree, and the accuracy and the rationality of obtaining the comprehensive supervision degree can be further improved.
And acquiring a preset supervision threshold, wherein the preset supervision threshold can be set according to actual supervision intensity, and the larger the supervision intensity is, the smaller the preset supervision threshold is. And judging the comprehensive supervision degree according to the preset supervision threshold, and carrying out decision control processing on the real-time access request and the target user according to a judgment result. For example: when the comprehensive supervision degree is larger than the preset supervision degree threshold, the risk representing the real-time access request is overlarge, and the access request is terminated; and when the comprehensive supervision degree is smaller than or equal to the preset supervision degree threshold, representing that the risk of the real-time access request is in a normal range, allowing the access request, and setting the risk monitoring strength in the data access process according to the supervision degree deviation of the comprehensive supervision degree and the preset supervision degree threshold, wherein the larger the deviation is, the larger the monitoring strength is.
The method can solve the technical problems of low accuracy and reliability of data access security supervision caused by low accuracy and evaluation efficiency of data access risk evaluation due to the fact that the data analysis amount is large and the data access risk evaluation method is single in the existing data access security supervision method, and can improve the accuracy and evaluation efficiency of data access risk evaluation by performing dimension reduction processing on data and comprehensively evaluating the data access risk from multiple dimensions, so that the accuracy and reliability of data access security supervision are improved, and the safety and integrity of access data are ensured.
Example 2
Based on the same inventive concept as the data access control and security supervision method based on multi-factor authentication in the first embodiment, as shown in fig. 3, the present application further provides a data access control and security supervision system based on multi-factor authentication, including: the system comprises a history access time distribution acquisition module 01, a dimension reduction access time distribution acquisition module 02, a first safety supervision degree calculation module 03, a dimension reduction retrieval characteristic distribution acquisition module 04, a second safety supervision degree calculation module 05 and an access control processing module 06, wherein:
the historical access time distribution acquisition module 01 is used for responding to a real-time access request received by target data, determining a target user accessing the target data and acquiring the historical access time distribution of the target user according to the historical access record of the target user to the target data;
the dimension-reduction access time distribution obtaining module 02 is configured to optimize dimension-reduction processing on the historical access time distribution to obtain dimension-reduction access time distribution, where dimension reduction is performed on the historical access time distribution by calculating a time probability distribution of the historical access time distribution according to an access time span in the historical access time distribution;
The first security supervision degree calculation module 03 is configured to calculate and dimension-reduce the access time distribution according to the access records of the target data accessed by the multiple users, and calculate and obtain the first security supervision degree of the real-time access request by combining the dimension-reduced access time distribution;
the dimension reduction search feature distribution obtaining module 04 is used for collecting the history search feature distribution of the target user accessing the target data according to the history access record of the target user to the target data, and optimizing dimension reduction processing to obtain dimension reduction search feature distribution;
the second security supervision degree calculation module 05 is configured to obtain standard retrieval feature distribution according to access records of the target data accessed by a plurality of users, and calculate and obtain a second security supervision degree of the real-time access request in combination with the dimension reduction retrieval feature distribution;
and the access control processing module 06 is used for combining the first security supervision and the second security supervision, calculating and obtaining the comprehensive supervision of the real-time access request, and performing access control processing on the real-time access request.
In one embodiment, the system further comprises:
the historical time probability distribution obtaining module is used for obtaining historical time probability distribution through distribution calculation according to time spans of a plurality of historical access times and central access times in the historical access time distribution, wherein the size of the time probability of each historical access time is in direct proportion to the size of the time span;
the system comprises a preset dimension reduction quantity setting module, a dimension reduction quantity setting module and a dimension reduction control module, wherein the preset dimension reduction quantity setting module is used for acquiring the number of access times in dimension reduction access time distribution after dimension reduction as a preset dimension reduction quantity;
the first dimension reduction access time distribution construction module is used for randomly selecting the historical access time and the center access time of the preset dimension reduction quantity in the historical access time distribution to construct first dimension reduction access time distribution;
the first dimension reduction time probability distribution calculation module is used for obtaining first dimension reduction time probability distribution through distribution calculation according to the time span of each first dimension reduction access time and center access time in the first dimension reduction access time distribution;
The first dimension reduction similarity calculation module is used for calculating and obtaining first dimension reduction similarity according to the first dimension reduction time probability distribution and the historical time probability distribution;
the dimension reduction access time distribution obtaining module is used for continuing to conduct random dimension reduction processing and optimization on the historical access time distribution until the dimension reduction convergence requirement is met, and the dimension reduction access time distribution is obtained.
In one embodiment, the system further comprises:
the step-down dimension result setting module is used for taking the first dimension-down access time distribution as a step-down dimension result;
the second dimension reduction access time distribution construction module is used for randomly selecting the historical access time and the center access time of the preset dimension reduction quantity in the historical access time distribution again to construct second dimension reduction access time distribution;
the second dimension reduction similarity calculation module is used for obtaining second dimension reduction time probability distribution through distribution calculation according to the time span of each second dimension reduction access time and center access time in the second dimension reduction access time distribution, and obtaining second dimension reduction similarity through calculation by combining the historical time probability distribution;
The step-by-step dimension reduction result updating module is used for carrying out probability judgment according to the first dimension reduction similarity and the second dimension reduction similarity and updating the step-by-step dimension reduction result, wherein the probability of probability judgment is in direct proportion to the first dimension reduction similarity and the second dimension reduction similarity;
the dimension reduction access time distribution obtaining module is used for continuing to perform random dimension reduction processing and optimization on the historical access time distribution until reaching convergence dimension reduction times, and outputting a final dimension reduction result in a stage to obtain the dimension reduction access time distribution.
In one embodiment, the system further comprises:
the system comprises a user historical access time distribution acquisition module, a user historical access time distribution acquisition module and a user data processing module, wherein the user historical access time distribution acquisition module is used for acquiring a plurality of user historical access time distributions of a plurality of users;
the standard historical access time distribution obtaining module is used for clustering historical access times in the historical access time distribution of the plurality of users according to the number of the users of the plurality of users, wherein the historical access time cluster of the number of the users nearby is calculated as one historical access time, and the standard historical access time distribution is obtained;
The optimal dimension reduction processing module is used for performing optimal dimension reduction processing on the standard historical access time distribution to obtain the standard dimension reduction access time distribution;
the first security supervision degree calculation module is used for calculating and obtaining the first security supervision degree of the real-time access request according to the standard dimension reduction access time distribution and the dimension reduction access time distribution.
In one embodiment, the system further comprises:
the access time sequence construction module is used for constructing a standard dimension reduction access time sequence and a dimension reduction access time sequence according to the standard dimension reduction access time distribution and the dimension reduction access time distribution;
the first security correlation calculation module is used for calculating the correlation between the standard dimension reduction access time sequence and the dimension reduction access time sequence to obtain a first security correlation;
the first safety supervision acquiring module is used for acquiring the first safety supervision through calculation according to the first safety correlation.
In one embodiment, the system further comprises:
The historical retrieval feature distribution acquisition module is used for acquiring the historical retrieval feature distribution of the target user accessing the target data according to the historical access record of the target user to the target data;
the sample correlation probability set acquisition module is used for acquiring a sample retrieval feature set and acquiring a sample correlation probability set, wherein each sample retrieval feature set comprises two sample retrieval features;
the search feature correlation probability analyzer construction module is used for constructing a search feature correlation probability analyzer by adopting the sample search feature group set and the sample correlation probability set;
the historical retrieval feature probability distribution obtaining module is used for obtaining central retrieval features in the historical retrieval feature distribution, analyzing and obtaining the relevant probabilities of other historical retrieval features and the central retrieval features by adopting the retrieval feature relevant probability analyzer, and constructing and obtaining the historical retrieval feature probability distribution;
the dimension reduction search feature distribution obtaining module is used for carrying out optimization dimension reduction processing on the historical search feature distribution according to the historical search feature probability distribution to obtain the dimension reduction search feature distribution.
In one embodiment, the system further comprises:
the historical retrieval feature set extraction module is used for extracting and obtaining a historical retrieval feature set according to access records of the target data accessed by a plurality of users;
the standard retrieval feature distribution obtaining module is used for extracting a plurality of historical retrieval features with highest occurrence probability in the historical retrieval feature set to obtain the standard retrieval feature distribution;
and the second safety supervision degree calculation module is used for calculating and obtaining the second safety supervision degree according to the coincidence degree of the dimension reduction retrieval feature distribution in the standard retrieval feature distribution.
In one embodiment, the system further comprises:
the comprehensive supervision degree obtaining module is used for carrying out weighted calculation on the first safety supervision degree and the second safety supervision degree to obtain the comprehensive supervision degree;
and the decision control processing module is used for carrying out decision control processing on the real-time access request and the target user according to the comprehensive supervision degree.
In summary, compared with the prior art, the embodiment of the present application has the following technical effects:
the data is subjected to dimension reduction processing by utilizing an optimized dimension reduction processing method, so that the original data characteristics can be maintained, the accuracy of the data after dimension reduction is improved, the data analysis time can be saved, and the data analysis efficiency is improved; the accuracy and the rationality of data access risk assessment can be improved through comprehensive assessment of data access risks from three dimensions of data access time, retrieval characteristics and access paths, so that the accuracy and the reliability of data access security supervision can be further improved, and the security and the integrity of access data are ensured.
The above examples merely represent a few embodiments of the present application and are not to be construed as limiting the scope of the invention. Accordingly, various alterations, modifications and variations may be made by those having ordinary skill in the art without departing from the scope of the present application as defined by the following claims, and all such alterations, modifications and variations are intended to be included within the scope of the present application.

Claims (9)

1. A method for data access control and security supervision based on multi-factor authentication, the method comprising:
Responding to a real-time access request received by target data, determining a target user accessing the target data, and acquiring the historical access time distribution of the target user according to the historical access record of the target user to the target data;
performing optimization dimension reduction processing on the historical access time distribution to obtain dimension reduction access time distribution, wherein dimension reduction is performed on the historical access time distribution by calculating time probability distribution of the historical access time distribution according to access time spans in the historical access time distribution;
according to access records of the target data accessed by a plurality of users, calculating and performing dimension reduction processing to obtain standard dimension reduction access time distribution, and calculating to obtain a first security supervision degree of the real-time access request by combining the dimension reduction access time distribution;
according to the historical access record of the target user to the target data, acquiring the historical retrieval feature distribution of the target user accessing the target data, and optimizing the dimension reduction processing to obtain dimension reduction retrieval feature distribution;
according to access records of the target data accessed by a plurality of users, standard retrieval feature distribution is obtained, and the second security supervision degree of the real-time access request is obtained through calculation by combining the dimension reduction retrieval feature distribution;
And combining the first security supervision degree and the second security supervision degree, calculating and obtaining the comprehensive supervision degree of the real-time access request, and performing access control processing on the real-time access request.
2. The method of claim 1, wherein optimizing the reduced dimension process on the historical access time profile to obtain a reduced dimension access time profile comprises:
according to the time spans of a plurality of historical access times and central access time in the historical access time distribution, distributing and calculating to obtain historical time probability distribution, wherein the time probability of each historical access time is proportional to the time span;
acquiring the number of access times in the dimension-reduced access time distribution after dimension reduction as a preset dimension-reduced number;
randomly selecting the historical access time of the preset dimension reduction quantity and the center access time in the historical access time distribution, and constructing a first dimension reduction access time distribution;
according to the time span of each first dimension reduction access time and center access time in the first dimension reduction access time distribution, distributing and calculating to obtain first dimension reduction time probability distribution;
calculating to obtain a first dimension reduction similarity according to the first dimension reduction time probability distribution and the historical time probability distribution;
And continuing to perform random dimension reduction processing and optimization on the historical access time distribution until the dimension reduction convergence requirement is met, and obtaining the dimension reduction access time distribution.
3. The method of claim 2, wherein continuing to randomly dimension down process and optimize the historical access time distribution comprises:
taking the first dimension reduction access time distribution as a stage dimension reduction result;
randomly selecting the historical access time of the preset dimension reduction quantity and the central access time in the historical access time distribution again, and constructing a second dimension reduction access time distribution;
according to the time span of each second dimension reduction access time and center access time in the second dimension reduction access time distribution, distributing and calculating to obtain second dimension reduction time probability distribution, and combining the historical time probability distribution, calculating to obtain second dimension reduction similarity;
carrying out probability discrimination according to the first dimension reduction similarity and the second dimension reduction similarity, and updating the stage dimension reduction result, wherein the probability of probability discrimination is in direct proportion to the magnitudes of the first dimension reduction similarity and the second dimension reduction similarity;
and continuing to perform random dimension reduction processing and optimization on the historical access time distribution until reaching convergence dimension reduction times, and outputting a final dimension reduction result in a stage to obtain the dimension reduction access time distribution.
4. The method of claim 1, wherein calculating and dimension-reducing processing to obtain a standard dimension-reduced access time distribution based on access records of the target data accessed by a plurality of users, and wherein calculating to obtain the first security supervision of the real-time access request in combination with the dimension-reduced access time distribution comprises:
acquiring historical access time distribution of a plurality of users;
clustering the historical access time in the historical access time distribution of the plurality of users according to the number of the users, wherein the historical access time cluster of the number of the users nearby is calculated as one historical access time, and the standard historical access time distribution is obtained;
performing optimization dimension reduction processing on the standard historical access time distribution to obtain the standard dimension reduction access time distribution;
and calculating and obtaining the first security supervision degree of the real-time access request according to the standard dimension reduction access time distribution and the dimension reduction access time distribution.
5. The method of claim 4, wherein computing a first degree of security supervision for the real-time access request based on the standard reduced-dimension access time distribution and the reduced-dimension access time distribution comprises:
Constructing a standard dimension reduction access time sequence and a dimension reduction access time sequence according to the standard dimension reduction access time distribution and the dimension reduction access time distribution;
calculating the correlation between the standard dimension reduction access time sequence and the dimension reduction access time sequence to obtain a first safety correlation;
and calculating and obtaining the first safety supervision degree according to the first safety correlation.
6. The method of claim 1, wherein collecting a historical search feature distribution of the target user accessing the target data according to a historical access record of the target user to the target data, and optimizing a dimension reduction process to obtain a dimension reduction search feature distribution comprises:
acquiring the historical retrieval characteristic distribution of the target user accessing the target data according to the historical access record of the target user to the target data;
acquiring a sample retrieval feature set and a sample correlation probability set, wherein each sample retrieval feature set comprises two sample retrieval features;
constructing a retrieval feature correlation probability analyzer by adopting the sample retrieval feature group set and the sample correlation probability set;
acquiring central retrieval features in the historical retrieval feature distribution, analyzing and acquiring the correlation probabilities of other historical retrieval features and the central retrieval features by adopting the retrieval feature correlation probability analyzer, and constructing and acquiring the historical retrieval feature probability distribution;
And carrying out optimization dimension reduction processing on the historical retrieval feature distribution according to the historical retrieval feature probability distribution to obtain the dimension reduction retrieval feature distribution.
7. The method of claim 6, wherein obtaining a standard retrieval feature distribution from access records of the target data accessed by a plurality of users, in combination with the reduced-dimension retrieval feature distribution, calculates a second security supervision of the real-time access request, comprises:
extracting and obtaining a history retrieval feature set according to access records of the target data accessed by a plurality of users;
extracting a plurality of historical retrieval features with highest occurrence probability in the historical retrieval feature set to obtain the standard retrieval feature distribution;
and calculating to obtain the second safety supervision degree according to the coincidence degree of the dimension reduction retrieval feature distribution in the standard retrieval feature distribution.
8. The method of claim 1, wherein computing the aggregate level of supervision for the real-time access request in combination with the first and second levels of security supervision comprises:
performing weighted calculation on the first safety supervision and the second safety supervision to obtain the comprehensive supervision;
And carrying out decision control processing on the real-time access request and the target user according to the comprehensive supervision degree.
9. A multi-factor authentication based data access control and security supervision system, the system comprising:
the historical access time distribution acquisition module is used for responding to a real-time access request received by target data, determining a target user accessing the target data and acquiring the historical access time distribution of the target user according to the historical access record of the target user to the target data;
the dimension reduction access time distribution obtaining module is used for carrying out optimization dimension reduction processing on the historical access time distribution to obtain dimension reduction access time distribution, wherein the dimension reduction is carried out on the historical access time distribution by calculating the time probability distribution of the historical access time distribution according to the access time span in the historical access time distribution;
the first security supervision degree calculation module is used for calculating and dimension-reducing processing to obtain standard dimension-reducing access time distribution according to access records of the target data accessed by a plurality of users, and calculating to obtain the first security supervision degree of the real-time access request by combining the dimension-reducing access time distribution;
The dimension reduction search feature distribution obtaining module is used for collecting the history search feature distribution of the target user accessing the target data according to the history access record of the target user to the target data, and optimizing dimension reduction processing to obtain dimension reduction search feature distribution;
the second security supervision degree calculation module is used for obtaining standard retrieval feature distribution according to access records of the target data accessed by a plurality of users, and calculating to obtain the second security supervision degree of the real-time access request by combining the dimension reduction retrieval feature distribution;
and the access control processing module is used for combining the first security supervision degree and the second security supervision degree, calculating and obtaining the comprehensive supervision degree of the real-time access request, and performing access control processing on the real-time access request.
CN202410182266.6A 2024-02-19 2024-02-19 Multi-factor authentication-based data access control and security supervision method and system Active CN117745080B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202410182266.6A CN117745080B (en) 2024-02-19 2024-02-19 Multi-factor authentication-based data access control and security supervision method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202410182266.6A CN117745080B (en) 2024-02-19 2024-02-19 Multi-factor authentication-based data access control and security supervision method and system

Publications (2)

Publication Number Publication Date
CN117745080A true CN117745080A (en) 2024-03-22
CN117745080B CN117745080B (en) 2024-04-26

Family

ID=90254884

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202410182266.6A Active CN117745080B (en) 2024-02-19 2024-02-19 Multi-factor authentication-based data access control and security supervision method and system

Country Status (1)

Country Link
CN (1) CN117745080B (en)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112101452A (en) * 2020-09-14 2020-12-18 中国人民解放军战略支援部队信息工程大学 Access right control method and device
CN112259210A (en) * 2020-11-18 2021-01-22 云南财经大学 Medical big data access control method and device and computer readable storage medium
CN112966245A (en) * 2021-04-07 2021-06-15 中国南方电网有限责任公司 Power grid information system access control method and system based on information measurement
US20220345460A1 (en) * 2019-09-30 2022-10-27 Equifax Inc. Third-party access-control support using role history analysis
CN115391670A (en) * 2022-11-01 2022-11-25 南京嘉安网络技术有限公司 Knowledge graph-based internet behavior analysis method and system
CN116647389A (en) * 2023-06-01 2023-08-25 山西伊拉娜科技有限公司 Network access security early warning system and method for industrial control system
CN116956250A (en) * 2023-07-13 2023-10-27 中国银行股份有限公司 Abnormality detection method, device, equipment and medium for user behavior
CN117236699A (en) * 2023-10-24 2023-12-15 学森灵境(北京)科技有限公司 Network risk identification method and system based on big data analysis

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20220345460A1 (en) * 2019-09-30 2022-10-27 Equifax Inc. Third-party access-control support using role history analysis
CN112101452A (en) * 2020-09-14 2020-12-18 中国人民解放军战略支援部队信息工程大学 Access right control method and device
CN112259210A (en) * 2020-11-18 2021-01-22 云南财经大学 Medical big data access control method and device and computer readable storage medium
CN112966245A (en) * 2021-04-07 2021-06-15 中国南方电网有限责任公司 Power grid information system access control method and system based on information measurement
CN115391670A (en) * 2022-11-01 2022-11-25 南京嘉安网络技术有限公司 Knowledge graph-based internet behavior analysis method and system
CN116647389A (en) * 2023-06-01 2023-08-25 山西伊拉娜科技有限公司 Network access security early warning system and method for industrial control system
CN116956250A (en) * 2023-07-13 2023-10-27 中国银行股份有限公司 Abnormality detection method, device, equipment and medium for user behavior
CN117236699A (en) * 2023-10-24 2023-12-15 学森灵境(北京)科技有限公司 Network risk identification method and system based on big data analysis

Also Published As

Publication number Publication date
CN117745080B (en) 2024-04-26

Similar Documents

Publication Publication Date Title
CN112766550B (en) Random forest-based power failure sensitive user prediction method, system, storage medium and computer equipment
CN110837963A (en) Risk control platform construction method based on data, model and strategy
CN106067088A (en) E-bank accesses detection method and the device of behavior
CN111614491A (en) Power monitoring system oriented safety situation assessment index selection method and system
CN105373894A (en) Inspection data-based power marketing service diagnosis model establishing method and system
CN111723367B (en) Method and system for evaluating service scene treatment risk of power monitoring system
CN115577152B (en) Online book borrowing management system based on data analysis
CN113239087A (en) Anti-electricity-stealing inspection monitoring method and system
CN110544047A (en) Bad data identification method
CN117078048A (en) Digital twinning-based intelligent city resource management method and system
CN113516336A (en) Method and system for determining electricity stealing suspected user
WO2018036402A1 (en) Method and device for determining key variable in model
CN117094184B (en) Modeling method, system and medium of risk prediction model based on intranet platform
CN117745080B (en) Multi-factor authentication-based data access control and security supervision method and system
CN115905319B (en) Automatic identification method and system for abnormal electricity fees of massive users
CN117827593A (en) Method and system for determining abnormality cause based on abnormality recognition result
CN115883182A (en) Method and system for improving network security situation element identification efficiency
CN115907461A (en) Electric power engineering method based on mechanism derivation equation
CN114039837A (en) Alarm data processing method, device, system, equipment and storage medium
CN113792114A (en) Credible evaluation method and system for urban field knowledge graph
CN117195292B (en) Power business evaluation method based on data fusion and edge calculation
CN116451190B (en) Data authority setting method based on Internet medical service system
CN111626586B (en) Data quality detection method, device, computer equipment and storage medium
CN115270140B (en) Software security vulnerability management method and system
CN116720662B (en) Distributed energy system applicability evaluation method based on set pair analysis

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant