CN118041652A - Cross-domain data security audit method for key information infrastructure - Google Patents
Cross-domain data security audit method for key information infrastructure Download PDFInfo
- Publication number
- CN118041652A CN118041652A CN202410234598.4A CN202410234598A CN118041652A CN 118041652 A CN118041652 A CN 118041652A CN 202410234598 A CN202410234598 A CN 202410234598A CN 118041652 A CN118041652 A CN 118041652A
- Authority
- CN
- China
- Prior art keywords
- cross
- domain data
- receiver
- data
- audit
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000012550 audit Methods 0.000 title claims abstract description 43
- 238000000034 method Methods 0.000 title claims abstract description 19
- 239000003999 initiator Substances 0.000 claims abstract description 10
- 230000005540 biological transmission Effects 0.000 claims abstract description 8
- 238000012986 modification Methods 0.000 claims description 10
- 230000004048 modification Effects 0.000 claims description 10
- 238000007792 addition Methods 0.000 claims description 3
- 238000006243 chemical reaction Methods 0.000 claims description 3
- 238000012217 deletion Methods 0.000 claims description 3
- 230000037430 deletion Effects 0.000 claims description 3
- 238000012163 sequencing technique Methods 0.000 claims description 3
- 230000000694 effects Effects 0.000 description 2
- 238000012544 monitoring process Methods 0.000 description 2
- 238000012216 screening Methods 0.000 description 2
- 230000006399 behavior Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 238000001914 filtration Methods 0.000 description 1
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a key information infrastructure cross-domain data security audit method, which comprises the following steps: respectively recording IP addresses of an initiator and a receiver of the cross-domain data, and if a plurality of receivers are provided, respectively recording the IP addresses of the plurality of receivers; when an initiator initiates, encrypting and transmitting the cross-domain data, each receiver carries out secure decryption on the cross-domain data, and if a certain receiver does not carry out secure decryption, the receiver of the IP address is alarmed; after the secure decryption is completed, recording the operation record of each receiver on the cross-domain data; performing security audit on the operation records of each receiver, storing the data if the audit is qualified, and alarming the unqualified operation records if the audit is unqualified to prevent the data from being tampered maliciously; and storing all data of the whole cross-domain transmission process in an audit database, and carrying out classified numbering on each cross-domain data. The invention prevents the cross-domain data from being tampered maliciously and improves the safety of the cross-domain data transmission.
Description
Technical Field
The invention relates to the technical field of cross-domain data security audit, in particular to a cross-domain data security audit method of key information infrastructure.
Background
In recent years, a data security audit system is increasingly important, and is mainly used for monitoring and recording various operation behaviors of a data server, analyzing various operations of the data server in real time and intelligently through analysis of network data, and recording the operations in an audit database for inquiring, analyzing and filtering in the future, so that monitoring and audit of user operation of a target data audit system are realized, and particularly when public data resources of various industries are integrated and utilized, the data security audit system is urgently needed to provide guarantee for security application, sharing exchange and opening of data.
In the existing data circulation use process of the key information infrastructure, the condition screening is carried out by means of a large number of manual operations in the inquiring mode aiming at the security event in the working process, the condition screening is carried out in a large number of cross-domain databases, the auditing efficiency is low, the result is greatly interfered by human factors, the problems of untimely auditing, insufficient auditing strength and the like exist, the data security auditing requirements cannot be met, the security risk exists in the data circulation use process, the traditional big data calculation method is limited by the relevant constraint of the disk reading and writing performance and the network performance, the real-time data inquiring, the real-time data storing and the like are not high-efficiency, and therefore the cross-domain data security auditing method of the key information infrastructure is designed according to the problems, and the actual use requirement of the key information infrastructure is met.
Therefore, a key information infrastructure cross-domain data security audit method is provided for the problems.
Disclosure of Invention
The invention aims to provide a key information infrastructure cross-domain data security audit method, which comprises the following steps:
step 1: respectively recording IP addresses of an initiator and a receiver of the cross-domain data, and if a plurality of receivers are provided, respectively recording the IP addresses of the plurality of receivers;
Step 2: when an initiator initiates, encrypting and transmitting the cross-domain data, each receiver carries out secure decryption on the cross-domain data, and if a certain receiver does not carry out secure decryption, the receiver of the IP address is alarmed;
step 3: after the secure decryption is completed, recording the operation record of each receiver on the cross-domain data;
Step 4: performing security audit on the operation records of each receiver, storing the data if the audit is qualified, and alarming the unqualified operation records if the audit is unqualified to prevent the data from being tampered maliciously;
step 5: and the data of the whole cross-domain transmission process are all stored in an audit database, and each cross-domain data is classified and numbered, so that the data is convenient to search.
Preferably, the operation records include, but are not limited to, modification, deletion, addition, and format conversion of data.
Preferably, in step 4, security audit is performed on the operation record of each receiver, which specifically includes the steps of:
step 41: presetting an audit rule, and extracting an operation record of a receiver;
Step 42: and (3) performing modification on the operation records conforming to the auditing rules, and performing rejection and alarm on the operation records not conforming to the auditing rules.
Preferably, the step 5 of classifying and numbering each cross-domain data specifically includes:
step 51: each cross-domain data is recorded respectively, and the cross-domain data is classified;
Step 52: recording the starting place and the receiving place in each kind of cross-domain data, and sorting the cross-domain data according to the initial letter of the starting place;
step 53: and numbering the cross-domain data according to the sequencing result.
Compared with the prior art, the invention has the following beneficial effects: the invention can record IP addresses of a plurality of receivers respectively, can conveniently identify unsafe IP addresses of the receivers through safe decryption of cross-domain data by each receiver, prevent hacking, audit the operation records of each receiver respectively, pass the operation records conforming to the audit rule, reject the operation records not conforming to the audit rule, prevent the cross-domain data from being maliciously tampered, and improve the safety of cross-domain data transmission.
Drawings
Fig. 1 is a flow chart of the steps of the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
As shown in fig. 1, the method for cross-domain data security audit of key information infrastructure provided by the invention comprises the following steps:
step 1: respectively recording IP addresses of an initiator and a receiver of the cross-domain data, and if a plurality of receivers are provided, respectively recording the IP addresses of the plurality of receivers;
Step 2: when an initiator initiates, encrypting and transmitting the cross-domain data, each receiver carries out secure decryption on the cross-domain data, and if a certain receiver does not carry out secure decryption, the receiver of the IP address is alarmed;
Step 3: recording operation records of each receiver on cross-domain data after the secure decryption is completed, wherein the operation records comprise, but are not limited to, modification, deletion, addition and format conversion of the data;
Step 4: performing security audit on the operation records of each receiver, storing the data if the audit is qualified, and alarming the unqualified operation records if the audit is unqualified to prevent the data from being tampered maliciously;
The method comprises the following specific steps:
step 41: presetting an audit rule, and extracting an operation record of a receiver;
Step 42: and (3) performing modification on the operation records conforming to the auditing rules, and performing rejection and alarm on the operation records not conforming to the auditing rules.
Step 5: all data of the whole cross-domain transmission process are stored in an audit database, and each cross-domain data is classified and numbered, so that the data is convenient to find, and the method specifically comprises the following steps:
step 51: each cross-domain data is recorded respectively, and the cross-domain data is classified;
Step 52: recording the starting place and the receiving place in each kind of cross-domain data, and sorting the cross-domain data according to the initial letter of the starting place;
step 53: and numbering the cross-domain data according to the sequencing result.
Example 1:
Step 1: respectively recording IP addresses of an initiator and receivers of the cross-domain data, wherein the number of the receivers is 3, and respectively recording the IP addresses of the 3 receivers;
Step 2: the method comprises the steps that when an initiator initiates, encryption transmission is carried out on cross-domain data, after the first receiver carries out secure decryption on the cross-domain data, the cross-domain data is modified, and the modification accords with audit rules and passes through, and operation records and the first receiver IP address are saved;
Step 3: the second receiver receives the modified encrypted cross-domain data, if the data cannot be decrypted safely, the IP of the second receiver is recorded and alarmed, and the cross-domain data is transmitted to the third receiver;
Step 4: after the third receiver receives the cross-domain data and carries out secure decryption, carrying out secondary modification on the cross-domain data, and refusing the modification because the modification does not accord with the auditing rule, and storing an operation record and the IP address of the third receiver;
step 5: all data in the whole cross-domain transmission process are stored in an audit database, each cross-domain data is recorded respectively, the cross-domain data is classified, the starting place and the receiving place in each kind of cross-domain data are recorded, the cross-domain data are ordered according to the initial letters of the starting place, and the cross-domain data are numbered according to the ordering result.
Step 6: when a manager needs to search a certain cross-domain data, after selecting a corresponding category, inputting the initial of the starting place, and conveniently and quickly finding the cross-domain data according to the starting place and the target place.
By using the technical scheme of the invention or under the inspired by the technical scheme of the invention, a similar technical scheme is designed by a person skilled in the art, so that the technical effects are achieved, and the technical effects fall into the protection scope of the invention.
Claims (4)
1. A key information infrastructure cross-domain data security audit method is characterized in that: the method comprises the following steps:
step 1: respectively recording IP addresses of an initiator and a receiver of the cross-domain data, and if a plurality of receivers are provided, respectively recording the IP addresses of the plurality of receivers;
Step 2: when an initiator initiates, encrypting and transmitting the cross-domain data, each receiver carries out secure decryption on the cross-domain data, and if a certain receiver does not carry out secure decryption, the receiver of the IP address is alarmed;
step 3: after the secure decryption is completed, recording the operation record of each receiver on the cross-domain data;
Step 4: performing security audit on the operation records of each receiver, storing the data if the audit is qualified, and alarming the unqualified operation records if the audit is unqualified to prevent the data from being tampered maliciously;
step 5: and the data of the whole cross-domain transmission process are all stored in an audit database, and each cross-domain data is classified and numbered, so that the data is convenient to search.
2. A critical information infrastructure cross-domain data security audit method according to claim 1 characterized by: the operation records include, but are not limited to, modification, deletion, addition, and format conversion of data.
3. A critical information infrastructure cross-domain data security audit method according to claim 1 characterized by: in the step 4, security audit is carried out on the operation record of each receiver, and the specific steps are as follows:
step 41: presetting an audit rule, and extracting an operation record of a receiver;
Step 42: and (3) performing modification on the operation records conforming to the auditing rules, and performing rejection and alarm on the operation records not conforming to the auditing rules.
4. A critical information infrastructure cross-domain data security audit method according to claim 1 characterized by: the step 5 of classifying and numbering each cross-domain data specifically includes:
step 51: each cross-domain data is recorded respectively, and the cross-domain data is classified;
Step 52: recording the starting place and the receiving place in each kind of cross-domain data, and sorting the cross-domain data according to the initial letter of the starting place;
step 53: and numbering the cross-domain data according to the sequencing result.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410234598.4A CN118041652A (en) | 2024-03-01 | 2024-03-01 | Cross-domain data security audit method for key information infrastructure |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410234598.4A CN118041652A (en) | 2024-03-01 | 2024-03-01 | Cross-domain data security audit method for key information infrastructure |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN118041652A true CN118041652A (en) | 2024-05-14 |
Family
ID=91003904
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202410234598.4A Pending CN118041652A (en) | 2024-03-01 | 2024-03-01 | Cross-domain data security audit method for key information infrastructure |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN118041652A (en) |
-
2024
- 2024-03-01 CN CN202410234598.4A patent/CN118041652A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN115733681A (en) | Data security management platform for preventing data loss | |
| US20130227604A1 (en) | Automated forensic document signatures | |
| MXPA04006390A (en) | Real time data warehousing. | |
| US10574658B2 (en) | Information security apparatus and methods for credential dump authenticity verification | |
| CN113111951B (en) | Data processing method and device | |
| CN109409849A (en) | A kind of audit trail method and system of MES system | |
| CN115174205B (en) | Network space safety real-time monitoring method, system and computer storage medium | |
| CN111915331A (en) | Enterprise credit investigation data management method and system based on block chain | |
| JP3705439B1 (en) | Personal information search program, personal information management system, and information processing apparatus with personal information management function | |
| CN114579636A (en) | Data security risk prediction method, device, computer equipment and medium | |
| CN112528325B (en) | Data information security processing method and system | |
| CN111614638A (en) | Face recognition data distribution system and method based on big data platform | |
| CN118041652A (en) | Cross-domain data security audit method for key information infrastructure | |
| CN113297583B (en) | Vulnerability risk analysis method, device, equipment and storage medium | |
| CN115632821A (en) | Transformer substation threat safety detection and protection method and device based on multiple technologies | |
| CN114722383A (en) | Weak password monitoring method, device, equipment and storage medium | |
| CN115964256B (en) | Alarm method and system in asset management scene | |
| CN116010465B (en) | Financial business management system and method | |
| US11886229B1 (en) | System and method for generating a global dictionary and performing similarity search queries in a network | |
| CN117726435B (en) | Image data management method and system | |
| CN116527303B (en) | Industrial control equipment information extraction method and device based on marked flow comparison | |
| CN111913864B (en) | Method and device for discovering abnormal operation behavior based on business operation combination | |
| CN114139189A (en) | Data security processing method and device based on mutual simulation equivalence | |
| CN117910010A (en) | Distributed secure storage method and system | |
| CN117539940A (en) | SPD data automatic generation system and method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication |