KR102395550B1 - Method and apparatus for analyzing confidential information - Google Patents

Abstract

The present invention relates to a method and apparatus for analyzing confidential information. The method for analyzing confidential information according to an embodiment of the present invention is performed by an electronic device capable of computing, and is a method for analyzing whether confidential information is stored in a table included in a database. estimating whether or not confidential information is stored and the type of stored confidential information for each column of the table using a machine learning model previously learned by a machine learning technique based on the method; and generating an index related to confidential information for the corresponding table based on the estimated information.

Description

Method and apparatus for analyzing confidential information

The present invention relates to a method and apparatus for analyzing confidential information, and more particularly, a method and apparatus for performing various analyzes related to whether confidential information is stored or not by using a machine learning technique on a database storing various information. is about

A database is a set of data that is systematically managed and integrated for the purpose of shared use by several people. In particular, confidential information that requires confidentiality, such as personal information, is stored in the database. Since special management is required for such confidential information, analysis such as detecting confidential information in a database is required. However, since a large amount of data is stored in the database, it is not easy to analyze which of them corresponds to confidential information.

Meanwhile, in the prior art, confidential information was detected in the database by an administrator finding a target to be detected and individually designating confidential information or performing pattern matching by sampling all actual data stored in all columns. However, in the case of this conventional method, it takes a lot of time to process due to the existence of large amounts of data and a large number of other databases, and it is not easy to deal with changes in tables and columns of the database.

In addition, in the case of the prior art, in order to select the priority of the security management target for tables including confidential information, the data detection quantity of confidential information or the level of confidential information risk of high and medium are simply set as the priority selection criteria. However, these criteria are inevitably insufficient in discriminating power to prioritize security management targets.

KR10- 2007-0039478 A

In order to solve the problems of the prior art as described above, the present invention provides a method and apparatus for performing an analysis related to whether confidential information is stored or not by using a machine learning technique on a database storing various information. Its purpose is to provide

However, the problems to be solved by the present invention are not limited to the problems mentioned above, and other problems not mentioned can be clearly understood by those of ordinary skill in the art to which the present invention belongs from the description below. There will be.

A method according to an embodiment of the present invention for solving the above problems is performed by an electronic device capable of computing, and is a method for analysis related to whether confidential information is stored in a table included in a database. estimating whether or not confidential information is stored and the type of stored confidential information for each column of a table using a machine learning model previously learned by a machine learning technique based on data (metadata); and generating an index related to confidential information for the corresponding table based on the estimated information.

The machine learning model may be trained using training data including a pair of input data and output data, the input data may include one or more metadata items selected from metadata, and the output data may include confidential information. It may include whether it is stored or not and the type of confidential information.

The metadata item may be at least one selected from a column name, a column type, a column length, and a stored column data length.

The metadata item may include a substitution value of stored column data, and the substitution value may be a specific number for a number or a specific character for a specific character in the stored column data.

The generating of the indicator may include: setting weights and grades of a plurality of classification items for a table; and calculating an index related to confidential information for the table based on the weight and grade of each set classification item.

The classification item may include: a first classification item in which a grade is set according to a corresponding risk level of a column having the highest risk among columns (confidential information columns) estimated to store confidential information; a second classification item whose grade is set according to the number of confidential information columns; a third classification item whose grade is set according to the number of records including the confidential information column; a fourth classification item whose grade is set according to the importance of the corresponding table; a fifth classification item whose rating is set according to whether it is disclosed to the public or a user of the corresponding table; and a sixth classification item whose grade is set according to a department using the corresponding table.

The method may further include providing information on a management priority of each table by using the confidential information related index generated for a plurality of tables.

An apparatus according to an embodiment of the present invention is an apparatus for performing analysis related to whether confidential information is stored in a table included in a database, and is a machine learning method based on metadata of the database. A storage unit for storing the machine learning model (machine learning model); and a control unit for estimating whether confidential information is stored and the type of stored confidential information for each column of the table by using a machine learning model, and controlling to generate confidential information-related indicators for the corresponding table based on the estimated information; do.

The present invention configured as described above has an advantage in that it is possible to perform an analysis related to whether or not confidential information is stored by using a machine learning technique on a database storing various information.

The present invention does not detect all actually stored data, but uses a machine learning technique according to metadata to perform an analysis related to whether confidential information is stored or not, so that the analysis can be performed more quickly and accurately.

In addition, the present invention provides an automated method for determining the type of confidential information storage for structured data, thereby reducing the burden of security management tasks and confidential information that an administrator can adjust for tables containing confidential information By presenting an algorithm that calculates related indicators, there is an advantage that it can be used as a criterion for prioritizing security management targets.

The effects obtainable in the present invention are not limited to the above-mentioned effects, and other effects not mentioned may be clearly understood by those of ordinary skill in the art to which the present invention belongs from the following description. will be.

1 shows a conceptual diagram of confidential information analysis according to an embodiment of the present invention.
2 shows a configuration diagram of a confidential information analysis apparatus 100 according to an embodiment of the present invention.
3 is a block diagram of the control unit 150 of the confidential information analysis apparatus 100 according to an embodiment of the present invention.
4 is a flowchart of a confidential information analysis method according to an embodiment of the present invention.

The above object and means of the present invention and its effects will become more apparent through the following detailed description in relation to the accompanying drawings, and accordingly, those of ordinary skill in the art to which the present invention pertains can easily understand the technical idea of the present invention. will be able to carry out In addition, in describing the present invention, if it is determined that a detailed description of a known technology related to the present invention may unnecessarily obscure the gist of the present invention, the detailed description thereof will be omitted.

The terminology used herein is for the purpose of describing the embodiments, and is not intended to limit the present invention. In the present specification, the singular form also includes the plural form as the case may be, unless otherwise specified in the phrase. In this specification, terms such as “include”, “provide”, “provide” or “have” do not exclude the presence or addition of one or more other components other than the mentioned components.

In this specification, terms such as “or” and “at least one” may indicate one of the words listed together, or a combination of two or more. For example, “or B” and “at least one of B” may include only one of A or B, or both A and B.

In the present specification, descriptions according to “for example” and the like may not exactly match the information presented, such as recited properties, variables, or values, tolerances, measurement errors, limits of measurement accuracy, and other commonly known factors The embodiments of the present invention according to various embodiments of the present invention should not be limited by effects such as modifications including .

In this specification, when it is described that a certain element is 'connected' or 'connected' to another element, it may be directly connected or connected to the other element, but other elements may exist in between. It should be understood that there may be On the other hand, when it is mentioned that a certain element is 'directly connected' or 'directly connected' to another element, it should be understood that the other element does not exist in the middle.

In this specification, when it is described that a certain element is 'on' or 'in contact with' another element, it may be directly in contact with or connected to the other element, but another element may exist in the middle. It should be understood that On the other hand, when it is described that a certain element is 'directly on' or 'directly' of another element, it may be understood that another element does not exist in the middle. Other expressions describing the relationship between the elements, for example, 'between' and 'directly between', etc. may be interpreted similarly.

In this specification, terms such as 'first' and 'second' may be used to describe various components, but the components should not be limited by the above terms. In addition, the above terms should not be construed as limiting the order of each component, and may be used for the purpose of distinguishing one component from another. For example, a 'first component' may be referred to as a 'second component', and similarly, a 'second component' may also be referred to as a 'first component'.

Unless otherwise defined, all terms used herein may be used with meanings commonly understood by those of ordinary skill in the art to which the present invention pertains. In addition, terms defined in a commonly used dictionary are not to be interpreted ideally or excessively unless specifically defined explicitly.

The present invention analyzes the confidential information scattered in the IT environment to identify the type of confidential information and determine the existence and quantity of confidential information to derive the current status of the confidential information so that a standard for performing appropriate security management can be prepared. . In particular, in the case of a database system that stores standardized data, we propose a method for determining the storage type of confidential information using machine learning metadata representing storage structure information. In addition, an algorithm for generating quantified confidential information-related indicators (or risk indicators) for the storage of detected confidential information is presented so that management tasks can be performed efficiently and effectively. That is, the present invention proposes an algorithm and a method that can be used for prioritizing security management targets.

On the other hand, “confidential information” means information that is permitted only to a specific person or organization and is not permitted to others. That is, confidential information may refer to information that is permitted only to specific departments, positions, tasks, or members of an organization and is not permitted to others. In this case, the information may broadly mean an electronic file such as a computer file or content included therein. Confidential information may include various types such as personal information, business information, customer information, and design drawings. By analyzing the form of the stored content of confidential information, it is possible to determine whether there is a certain pattern and to generate information related to the pattern. As a method of defining a pattern, regular expressions widely used in the computer industry can be used, and a wildcard indicating whether or not a specific string is included can be used simply. Leakage of confidential information refers to a case in which confidentiality is violated. For example, it may refer to an abnormal transmission or export of confidential information.

Data types in which confidential information is stored can be broadly divided into structured and unstructured types. Structured data checks the type and size of data to be stored like a database system so that only appropriate data can be stored. In this case, information defining the structure of structured data is called “metadata”. Unlike structured data, unstructured data stores various types of data in the same storage area. As an example of storing unstructured data, it refers to ordinary files such as general document files and text files. A region for storing unstructured data may be included in the structured data as well. However, in the present invention, the content of efficiently identifying the storage type of confidential information in the structured data is mainly dealt with.

In a database, a column refers to the smallest storage unit of data, and a record is a meaningful data set as a set of columns. Also, a table refers to a storage of records. In other words, a database is a repository of various tables. If the column, which is the most basic storage unit, contains confidential information, the record, which is the set, naturally contains confidential information. One column generally has one and the same type of structured data, but may have unstructured data. Unstructured columns may store several different data in one column, and for unstructured columns, it is necessary to search the actual contents to determine whether confidential information is included.

However, methods for detecting confidential information on data of unstructured columns have already been detected using various conventional techniques. The present invention mainly deals with the confidential information type analysis of structured data rather than the type of confidential information analysis of unstructured data.

Hereinafter, a preferred embodiment according to the present invention will be described in detail with reference to the accompanying drawings.

1 shows a conceptual diagram of confidential information analysis according to an embodiment of the present invention.

The confidential information analysis apparatus 100 (hereinafter referred to as "analysis apparatus") according to an embodiment of the present invention is a device for analyzing confidential information for a plurality of tables stored in a database (or its system) (database; DB) As such, it may be an electronic device, system, or computing network capable of computing. Such a database includes a plurality of tables, and there may be a plurality of tables, and as shown in FIG. 1 , it is stored in a separate database system (DBS), or as shown in FIG. 1 , the confidential information analysis apparatus 100 . It is stored in the internal storage.

That is, referring to FIG. 1 , the analysis apparatus 100 accesses a database system (DBS), receives metadata of a table included in the database, and uses the metadata to determine whether confidential information is stored in the table. Various analyzes can be performed. Alternatively, the analysis apparatus 100 may directly access the database stored in its storage unit and perform the corresponding analysis using the metadata of the table.

In particular, the analysis apparatus 100 may use a machine learning model for analyzing and processing confidential information included in a table of a database. Such a machine learning model may be learned by the analysis device 100 or may be stored in the analysis device 100 after being trained in another device.

In addition, the analysis apparatus 100 may operate as a server for processing confidential information analysis. That is, in the case of a server, the analysis apparatus 100 may receive an analysis request for the database from the terminal, process confidential information analysis on the database according to the received request, and transmit the result to the terminal or another terminal may work to do so. In this case, the terminal may be an electronic device storing a corresponding database or an electronic device capable of accessing a database system in which the corresponding database is stored.

For example, the electronic device includes a desktop personal computer (PC), a laptop personal computer (PC), a tablet personal computer (PC), a netbook computer, a workstation, and a personal digital assistant (PDA). , a smartphone (smartphone), a smart pad (smartpad), or a mobile phone (mobile phone), etc., but is not limited thereto

2 shows a configuration diagram of a confidential information analysis apparatus 100 according to an embodiment of the present invention.

Specifically, as shown in FIG. 2 , the analysis apparatus 100 may include an input unit 110 , a storage unit 120 , a communication unit 130 , a display unit 140 , a control unit 150 , and the like. .

The input unit 110 is configured to receive various types of information. That is, the input unit 110 generates input data in response to a user's input. The input unit 110 may include at least one input means. In particular, the input unit 110 may receive a selection for a database, a selection for a table, a selection for a classification item, a setting for the weight and grade of each selected classification item, and the like, from an administrator or the like.

For example, the input unit 110 may include a keyboard, a keypad, a dome switch, a touch panel, a touch key, a mouse, or a menu button. (menu button) and the like may be included, but is not limited thereto.

The storage unit 120 is configured to store various types of information. That is, the storage unit 120 may store various types of information and software required for the operation of the analysis apparatus 100 . In particular, the storage unit 120 includes various selection information input from the input unit 110, setting information about the weight and grade of each selected classification item, information for calculating confidential information related indicators (risk indicators), machine learning models, etc. can be saved.

When the machine learning model is learned by the analysis apparatus 100 , the storage unit 120 may store training data for learning the machine learning model. In addition, the storage unit 120 may store a database or may store connection information on a database system in which the corresponding database is stored.

For example, the storage unit 120 may be a hard disk type, a magnetic media type, a compact disc read only memory (CD-ROM), or an optical media type depending on the type. type), a Sagneto-optical media type, a multimedia card micro type, a flash memory type, a read only memory type, or a RAM type ( random access memory type), but is not limited thereto. In addition, the storage unit 120 may be a cache, a buffer, a main memory, an auxiliary memory, or a separately provided storage system according to its purpose/location, but is not limited thereto.

The communication unit 130 is configured to communicate with other electronic devices such as a server. In this case, the communication unit 130 may include wired/wireless communication modules of various communication methods. In particular, the communication unit 130 may receive a selection for a database, a selection for a table, a selection for a classification item, a setting for the weight and grade of each selected classification item, a machine learning model, and the like from another electronic device.

For example, the communication unit 130 is 5th generation communication (5G), long term evolution-advanced (LTE-A), long term evolution (LTE), Bluetooth, bluetooth low energe (BLE), or near field communication (NFC). It is possible to perform wireless communication such as cable communication, etc., and may perform wired communication such as cable communication, but is not limited thereto.

The display unit 140 is configured to display display data according to the operation of the analysis apparatus 100 . For example, the display unit 140 may include a liquid crystal display (LCD), a light emitting diode (LED) display, an organic light emitting diode (OLED) display, and a microelectromechanical system (MEMS). electro mechanical systems) display, or an electronic paper display, etc., but is not limited thereto. In addition, the display unit 140 may be implemented as a touch screen or the like in combination with the input unit 110 .

The controller 150 may control execution of a method for analyzing confidential information to be described later. That is, the controller 150 may estimate whether confidential information is stored and the type of stored confidential information for each column of the table by using the machine learning model. In addition, the controller 150 may control to generate a confidential information related indicator for the corresponding table based on the estimated information.

The controller 150 may control learning of the machine learning model. The learning of such a machine learning model will be described in more detail in the confidential information analysis method to be described later. Confidential information analysis processing or machine learning model learning processing of the control unit 150 may be performed through software (program) installed in the storage unit 120 .

The control unit 150 may control the input unit 110, the storage unit 120, the communication unit 130, the display unit 140, etc. For example, the control unit 150 may be a processor or a corresponding It may be software such as a process/program executed by a processor, but is not limited thereto.

3 is a block diagram of the control unit 150 of the confidential information analysis apparatus 100 according to an embodiment of the present invention.

Also, referring to FIG. 3 , the controller 150 may include an estimator 151 , a generator 152 , and a manager 153 . In addition, the control unit 150 may further include a learning unit 154 necessary for learning the machine learning model. For example, the estimator 151 , the generator 152 , the manager 153 , and the learner 152 may be hardware components included in the processor or software such as a process/program executed in the processor. , but is not limited thereto.

Hereinafter, a method for analyzing confidential information according to an embodiment of the present invention will be described.

4 is a flowchart of a confidential information analysis method according to an embodiment of the present invention.

The confidential information analysis method (hereinafter, referred to as “the present analysis method”) according to an embodiment of the present invention may include steps S201 to S203 as shown in FIG. 4 . In this case, S201 may be controlled by the estimator 151 , S202 by the generator 152 , and S203 by the manager 153 , respectively.

S201 estimates (or recommends) whether confidential information is stored and the type of stored confidential information for each column of the table by using a machine learning model of the database. In this case, the machine learning model is a pre-trained model using a machine learning technique based on metadata.

In this case, the machine learning model may be a model learned according to a machine learning technique of supervised learning through training data having a pair (data set) of input data and output data. In this case, in the learning data, input data includes one or more metadata items selected from metadata, and output data includes whether confidential information is stored and the type of confidential information.

Accordingly, the machine learning model has a function for the relationship between one or more metadata items as input data, whether to store confidential information as output data, and the type of confidential information, and expresses this using various parameters.

For example, the machine learning technique applied to the above-described machine learning model is Artificial neural network, Boosting, Bayesian statistics, Decision tree, Gaussian process regression, Nearest neighbor algorithm, Support vector machine, Random forests, Symbolic machine learning, Ensembles of classifiers , or deep learning, etc., but is not limited thereto. Also, for example, deep learning techniques include Deep Neural Network (DNN), Convolutional Neural Network (CNN), Recurrent Neural Network (RNN), Restricted Boltzmann Machine (RBM), Deep Belief Network (DBN), Deep Q-Networks, etc. may include, but is not limited thereto. However, in S201, since a machine learning technique for classification is used, a decision tree or random forests, etc. are used for accurate classification while reducing the capacity and computational amount of the machine learning model. It may be desirable to use, but is not limited thereto.

For example, the random forests technique is a kind of ensemble learning method used for classification and regression analysis, and operates by outputting a class (classification) or average prediction value (regression analysis) from a plurality of decision trees constructed in the training process. The type of confidential information can be estimated by inputting the collected basic information into this random forest.

On the other hand, the machine learning model is pre-trained according to the machine learning technique before S201. Such a machine learning model may be learned by the analysis device 100 before S201, or it may be learned from another device before S201 and transmitted (transmitted) to the analysis device 100 and stored in the storage unit 120 . In this case, when the machine learning model is learned by the analysis apparatus 100 , the learning unit 154 may control the corresponding learning.

Meanwhile, the metadata included in the input data of the learning data may include the following items (hereinafter referred to as “metadata items”).

<metadata item>

- database name : An entry for the name of a database, also referred to as a catalog.

- table name: Indicates an entry for the name of a table

- Column name: Indicates an entry for a column's name

- Column type : As an item against the type of column, there are various types depending on the database such as string, number, date, boolean, binary, etc.

- column length : Indicates the maximum length of data to be stored in the column.

- Stored values (substitutions) of normalized columns: By sampling and extracting one of the data actually stored in the column (that is, sampling and extracting the data of any one column if the actual data is stored in the same type of columns), the number included in the data is a specific numeric value (e.g. For example, '0') and characters included in the data are replaced with specific characters (eg, 'a') to indicate normalized data values (eg, extracted data is '123422') ', replace with '000000', and if the extracted data is 'example', replace with 'aaaaaa')

- Stored column data length : Indicates the actual data length of [stored value of normalized column]

That is, [database name], [name of table], [column name], [column type], [column length], [stored value of normalized column] and [stored column data length] are metadata items, and these At least one of them may be used for input data of the learning data. However, for efficient classification, [column name], [column type], [column length] and [stored column data length] are preferably included in the input data of the training data, but is not limited thereto.

In particular, [the stored value of the normalized column] is a metadata item that is normalized by substituting numbers or letters representing the actual data, so it can be added to the input data of the training data to reduce the false positive rate of classification. However, if the probability of false detection of classification is low even without [stored value of normalized column], it is okay to exclude it from the input data of the training data. That is, the present invention supplements simply using only the metadata itself, sampling the actual data through the item of [normalized column stored value] and normalizing the data to simple letters and numbers, resulting in learning and classification of the machine learning model The quality can be further improved.

In addition, [confidential information type] included in the result data of the learning data indicates the type of information classified as confidential, and may include personal information and the like. For example, [type of confidential information] is [non-confidential information], [resident registration number], [driver's license number], [passport number], [alien registration number], [corporation number], [phone number] or [e-mail] and the like. In this case, [Non-Confidential Information] indicates a case where there is no confidential information in the table. In other words, since [class of confidential information] includes the item of [non-confidential information], the machine learning model can show the classification result at once until whether or not confidential information is stored. That is, if there is no confidential information in the table, the machine learning model may output a result that is assumed to be [non-confidential information]. In addition, if there is no confidential information in the table, the machine learning model can use one of the remaining items of [Class of confidential information], for example, [Resident registration number], [Driver's license number], [Passport number], [Alien registration number], Outputs the result of estimating that [corporation number], [phone number], or [email] are included in the table.

By using the machine learning model according to S201, the type of confidential information can be estimated even for columns that the administrator has not yet grasped. As a result, there is an advantage that management efficiency can be increased because the administrator needs to first identify confidential information and appropriately manage the columns estimated to be confidential information.

That is, according to S201, in the present invention, it is possible to more easily understand the storage status of the entire confidential information by analyzing whether the columns contain confidential information using the metadata of the database. At this time, whether or not confidential information is stored for the column according to S201 and estimation (analysis) of the type of confidential information may be determined at the time of storage of the corresponding data or analyzed through periodic inspection. It aims to prevent leakage of confidential information or use personal information protection, and aims to comply with internal security regulations and to comply with the security guidelines of supervisory authorities.

In particular, the present invention does not detect all data actually stored, but analyzes whether columns contain confidential information using metadata, so that the analysis can be performed more quickly and accurately. At this time, the number of columns determined as confidential information columns becomes the number of confidential information when only the number of data is checked without the need to determine whether confidential information is confidential by applying the confidential pattern to stored individual data.

For example, since the resident registration number column usually stores only the resident registration number as its content, it is not necessary to perform pattern matching for detecting various types of confidential information for each actual content. Accordingly, in the present invention, the resident registration number column itself can be estimated as a confidential information column, and in this case, the number of data stored in the corresponding resident registration number column (the number of resident registration numbers) becomes the number of confidential information in the resident registration number column.

On the other hand, a large number of tables exist in one database, and there are many cases where tables and columns are added temporarily or arbitrarily by various users and developers. In such an environment, it is not easy for a small number of security administrators to keep up-to-date on the storage status of confidential information. Multiple databases exist in one company, and many tables and data are temporarily created. This also increases the difficulty in tracking and judging the security management target.

In order to cope with this, the present invention proposes a method that can be utilized for security management by automatically analyzing the metadata of a database to collect the latest information at the time of analysis, and determining the storage column of confidential information. That is, by applying the machine learning technique according to S201, automatic recommendation (analysis) of the confidential information storage column and the type of confidential information is possible.

Meanwhile, the flow of determining whether confidential information is included in an individual column of a table may be as follows.

(1) If the storage format of a column is set to be ignored by the administrator, such as date, Boolean, or number, set the column as not a confidential information storage column.

(2) If the storage format of a column includes unstructured data, save the column data as a separate file and follow the method of determining the type of confidential information from unstructured data. However, this is not the subject of the present invention, and the corresponding column reserves the judgment.

(3) According to S201, the method of estimating the type of storage of confidential information in a column proposed in the present invention is applied. However, if the administrator sets the type of confidential information in the corresponding column or sets it as non-confidential information, the corresponding setting is followed.

(4) For the type of confidential information estimated in (3) above, if the maximum storage length of the column is too small to contain confidential information, it is determined that it is not a confidential information storage column. If it is large enough, it is set as a confidential information storage column. .

Next, S202 generates confidential information related indicators for the table based on the information estimated in S201 (that is, whether confidential information is stored for each column of the table and the type of stored confidential information is estimated) do. Of course, in addition to the information set in (3) above, based on the information set according to (4) above, a corresponding confidential information related indicator may be generated.

At this time, the confidential information-related indicator is the level of danger ( Risk) (that is, the risk in case the table is leaked) is an index calculated in the form of a score. In this case, the higher the risk, the more it is necessary to maintain the confidentiality of the column, record, or table including the corresponding confidential information.

That is, S202 includes the steps of selecting a plurality of classification items for the table (hereinafter, referred to as “selection step”), and setting the weight and grade for each classification item selected in the selection step (hereinafter, “setting step”). ) and calculating the confidential information related index for the table based on the weight and grade of each classification item set in the setting step (hereinafter referred to as the “calculation step”), respectively. That is, through S202, an algorithm for generating confidential information-related indicators (risk indicators) of a table storing confidential information may be performed.

However, selection information according to the selection step or setting information according to the setting step is received from the manager through the input unit 110 (hereinafter referred to as “first example”) or received through the communication unit 130 (hereinafter, “second example”). “Yes”), and in addition, the controller 150 may arbitrarily select (hereinafter, referred to as “third example”) to apply the machine learning technique. However, an active expression or a passive expression for the selection step or setting step in the following description or claims may mean including at least one of the operations of the first to third examples. However, even if the operation of the third example is performed, it may be preferable that the selection information according to the initial selection step or the setting information according to the setting step is selected and set according to the operation of the first example or the second example.

The execution of the selection step or the calculation step may be controlled by the generator 152 of the controller 150 . In this case, the generator 152 may control the execution of the selection step or the calculation step by using a dedicated software (program) installed in the analysis apparatus 100 .

Hereinafter, the process of performing the selection step or the calculation step will be described in more detail.

First, in the case of generating an index related to confidential information for a table, a plurality of classification items may be selected in the selection step.

The classification item is an item for classifying the table in more detail according to the classification system for the table.

When a plurality of classification items are selected in the selection step, the weight and grade of each classification item are set and set in a subsequent setting step. In this case, the weight refers to the degree of importance (score) that the corresponding classification item occupies in comparison with other selected classification items. That is, the weight may be determined according to the degree of importance occupied by the plurality of selected first classification items. The grade refers to the degree (score) to which the corresponding classification item is applied in the table.

In this case, the specific gravity and grade may be set as a number (score), and the higher the specific gravity and grade, the higher the number (score) may be set. In particular, for ease of setting, the grades of each selected classification item may all be set within the same range. For example, the grade of each selected classification item may be set in a range of 1 to 10. However, if a specific classification item is selected in the selection stage, but the classification item is not related to the table or the setting of the rating is difficult or ambiguous, the rating is not specified in the setting stage and a value outside the range (for example, 0 etc.) may be set.

After selecting a plurality of classification items according to the selection step and setting step and setting the weight and grade for each selected classification item, in the calculation step, using the following [Equation 1] and [Equation 2], Individual classification scores may be calculated, and then, in the calculation step, confidential information-related indicators may be derived using the sum of the calculated individual classification scores.

[식1]

[Formula 1]

In [Equation 1], i is a natural number, G _i is the weight index of the i-th classification item, W _i is the weight of the i-th classification item, and W _S is the sum of weights (the grade of each classification item whose grade is set to a non-zero value) ), and C represents a constant, respectively.

[식2]

[Formula 2]

In [Equation 2], S _i represents the individual classification score of the i-th classification item, and R _i represents the set grade of the i-th classification item, respectively.

<Example of generation of confidential information related indicators>

For example, for the generation of indicators related to confidential information about organizational members, classification items that can be selected in the selection step are [column class], [column count class], [record count class], [table class], [exposure class] grade], [department grade], or [other grade], but is not limited thereto.

The classification item of [column grade] is an item whose grade is set according to the corresponding risk of the column with the highest risk among the columns estimated to store confidential information in S201 (hereinafter referred to as “confidential information column”). . That is, when there are a plurality of confidential information columns, it is an item for evaluating the risk of the confidential information column with the highest risk among them. Of course, the degree of risk for each confidential information column is preset by an administrator for each confidential information classification. For example, the risk value (grade) for each confidential information column may be set in the range of 0 to 10. In this case, the higher the risk of the individual confidential information column, the closer it may be set to 10. However, if not specified, 0 may be set. After the level of risk for a plurality of individual confidential information columns is set in this way, the highest level of risk among them may be set as the level of [column level]. That is, [Information Classification] is an item to reflect the influence of confidential information with the highest risk.

Classification items of [Column number grade] are items whose grade is set according to the number of confidential information columns. That is, the higher the number of confidential information columns, the higher the risk, so this trend is reflected. For example, [column number grade] may be set in the range of 0 to 10. In this case, as the number of confidential information columns increases, it may be set closer to 10. However, if not specified, 0 may be set. The grade can be set by multiplying the number of confidential information columns by a specific correction value.

The classification item of [Record number grade] is an item whose grade is set according to the number of records including the confidential information column. That is, the higher the number of records, the higher the risk, so this trend is reflected. For example, [record number grade] may be set in the range of 0 to 10. In this case, as the number of corresponding records increases, it may be set closer to 10. However, if not specified, 0 may be set. After taking log10 for the number of records, squaring and rounding up the decimal point, the value can be set to the grade.

Classification items of [Table Grade] are items whose grades are set according to the importance of the corresponding table. That is, it is an item whose grade is set according to the level of risk of the corresponding table. For example, [Table Grade] may be set in the range of 0 to 10. In this case, the higher the importance (risk) of the corresponding table, the closer it may be set to 10. However, if not specified, 0 may be set. After taking log10 for the number of records, squaring and rounding up the decimal point, the value can be set to the grade. However, since a table contains a lot of information in itself, [Table Grade] may correspond to a relatively important item among classification items, and accordingly, it may be desirable to give a relatively high weight relative to other classification items.

The classification item of [Exposure Level] is an item whose level is set depending on whether the table is publicly disclosed or the user of the table. That is, when the corresponding table is already publicly disclosed, the risk is low, and conversely, when the corresponding table is not publicly available, the risk tends to be high. In addition, when the table is used only by a specific user inside the organization, the risk is high, and when the table is used by a large number of users inside the organization, the risk tends to be low. [Exposure grade] reflects this trend. For example, [Exposure Level] may be set in the range of 1 to 10. In this case, the higher the risk according to the exposure class, the closer it may be set to 10. However, if not specified, 0 may be set.

[Department Rating] is an item whose classification is set according to the department using the table in the organization, etc. That is, it is an item that evaluates the degree of confidentiality according to the handling information of the department that manages and uses the table, or the degree of possibility of a security (leakage) risk accident of the relevant department. In other words, this item reflects the trend in which confidentiality or security risk accidents of handling information are inevitably different depending on the department. For example, [department grade] may be set within the range of 1 to 10. The higher the risk according to [Department Level], the closer it can be set to 10. However, if not specified, 0 may be set.

The category of [Other Contents] is an item that can be added in addition to the above-mentioned classification items, and is an item that may correspond to important information in determining the risk of leaking confidential information in the table. For example, when [Other content] is selected in the selection step, the grade is set in the range of 1 to 10 in the setting step, but may be set closer to 10 as the risk is higher. However, if it is not specified, the grade of [In-flight contents] may be set to 0.

When the grade is set to 0 in the above-described classification item, it may mean that the classification item is not related to the corresponding table. Through this, it is possible to select and use only the classification items related to the corresponding table from among the plurality of classification items.

Meanwhile, in the setting step, when the weight of the classification item is set, a guide for setting execution may be displayed on the display unit 140 .

The following [Table 1] shows each classification item of [column grade], [column count grade], [record count grade], [table grade], [exposure grade] and [department grade] selected in the selection step for a table (G _i ) and values of specific gravity (W _i ) and grade (R _i ) for each classification item set in the setting step are shown.

No
(i) Category item importance
(W _i ) ranking
(R _i ) Reference One column class 20 5 R ₁ : Unspecified 0, min 1 ~ max 10 2 number of columns class 15 5 R ₂ : Unspecified 0, min 1 ~ max 10 3 record count class 10 9 R ₃ : Unspecified 0, min 1 ~ max 10 4 table grade 5 10 R ₄ : Unspecified 0, min 1 ~ max 10 5 exposure class 5 0 R ₅ : Unspecified 0, min 1 ~ max 10 6 Department level 5 0 R ₆ : Unspecified 0, min 1 ~ max 10

The following [Table 2] shows the individual classification score for each first classification item calculated in the calculation step and the confidential information related index (risk index) using the settings of [Table 1].

No
(i) Settings for classification items calculated value Category item importance
(W _i ) ranking
(R _i )

specific gravity indicator
(G _i )

individual classification score
(S _i )

One column class 20 5 20 / 50 × 10 = 4 5 × 4 = 20 2 number of columns class 15 5 15 / 50 × 10 = 3 5 × 3 = 15 3 record count class 10 9 10 / 50 × 10 = 2 9 × 2 = 18 4 table grade 5 10 5 / 50 × 10 = 1 10 × 1 = 10 5 exposure class 5 0 - - 6 Department level 5 0 - - Sum 10 63
(risk indicator)

The contents of [Table 1] and [Table 2] are summarized as follows.

- Classification items selected in the selection step: Classification items that affect the risk of confidential information on the table

- Number of classification items selected in the selection step = 6

- Number of classification items (hereinafter referred to as “use classification items”) that are not graded in the setting stage = 4

- Sum of weights (W _S ): Sum of grades of all use classifications with non-zero grades = 20 + 15 + 10 + 5 = 50

- Setting the weight for use classification items: Compare with other use classification items, but give weight value considering the sum of weights (W _S )

- Gravity Indicator (G _i ) = Set Specific Gravity (W _i ) / Weight Sum (W _S ) × Constant (C) (for example, C can be a value such as 10)

- Individual classification score (S _i ) of each used classification item = established grade (R _i ) × specific gravity index (G _i ) = [20, 15, 18, 10]

- Risk indicator = Sum of individual classification scores (S _i ) (however, the value of the risk indicator can be unassigned 0, or a minimum of 1 to a maximum of 100) = 20 + 15 + 18 + 10 = 63

Thereafter, in S203, information on the management priority of each table may be provided by using the confidential information related index (risk index) generated for a plurality of tables. In other words, this risk indicator generation algorithm has a characteristic that managers can appropriately adjust and use meaningful items and weights.

For example, the confidential information related index calculated according to the execution of S202 may have a score of 1 to 100, and a larger value means that the risk of the corresponding table is high. Therefore, the task of managing and using confidential information, which takes a lot of time, can be improved more efficiently by using the relevant confidential information related index. That is, depending on the management capacity, the risk index can be used as a priority selection criterion for table management.

For example, by using the confidential information related index calculated in S202, it is possible to set the priority for the management target table. That is, by sequentially listing and presenting summary information for each table in the order of the highest confidential information related index, information on the management priority of each table can be provided.

In addition, when the index related to confidential information calculated in S202 deviates from the reference index, the table of the corresponding index may be selected and notified as a management target candidate to be managed preferentially. In this case, the reference indicator may be a specific value for the confidential information related indicator.

The present invention proposes a method for identifying types of confidential information by analyzing scattered confidential information of organizations in an IT environment. In particular, in the case of a database system that stores standardized data, we propose a method for determining the type of confidential information by applying a machine learning technique to the metadata, which is a storage structure. Also, by extracting one representative real data, normalizing it, and adding it to the input data of machine learning learning data, we propose an efficient method for discriminating the type of confidential information.

In addition, the present invention proposes an algorithm for generating a quantified risk indicator using the detected type of confidential information. In this way, it is possible to efficiently and effectively perform management tasks. That is, the present invention may belong to the fields of information security, leakage prevention, personal information protection, security management, and security audit.

The present invention generates confidential information-related indicators (risk indicators) based on the number of types of confidential information, the degree of risk of each type of confidential information, the number of confidential information, whether the information storage server is externally disclosed, group belonging to, management status, etc. and these indicators can be used to effectively select management targets. That is, the present invention proposes a method for detecting the type and quantity of confidential information by analyzing a system for storing information, and an algorithm for generating a risk index of a table. These algorithms can be used for confidentiality leak prevention and personal information protection, and can be used for compliance with internal security regulations and security guidelines of supervisory authorities.

In the detailed description of the present invention, although specific embodiments have been described, various modifications are possible without departing from the scope of the present invention. Therefore, the scope of the present invention is not limited to the described embodiments, and should be defined by the following claims and their equivalents.

100: confidential information analysis device 110: input unit
120: storage unit 130: communication unit
140: display unit 150: control unit
151: estimator 152: generator
153: management department 154: learning department

Claims (8)

A method for analysis related to whether confidential information is stored in a table included in a database and performed by an electronic device capable of computing, comprising:
Estimate whether confidential information is stored and the type of stored confidential information for each column of a table by using a machine learning model trained in machine learning based on the metadata of the database to do; and
Including, including; generating a confidential information related index for the table based on the estimated information;
The step of generating the indicator includes:
setting weights and grades of a plurality of classification items with respect to the table; and
Calculating the index related to confidential information for the table based on the weight and grade of each set classification item;
The classification items are
a first classification item in which a grade is set according to a corresponding risk of a column having the highest risk among columns estimated to store confidential information (confidential information column);
a second classification item in which a grade is set according to the number of confidential information columns;
a third classification item in which a grade is set according to the number of records including the confidential information column;
a fourth classification item in which a grade is set according to the importance of the corresponding table;
a fifth classification item whose rating is set according to whether it is disclosed to the public or a user of the corresponding table; and
a sixth classification item in which a grade is set according to a department using the table;
A method comprising at least one selected from the group comprising
According to claim 1,
The machine learning model is trained using training data including a pair of input data and output data, the input data includes one or more metadata items selected from metadata, and the output data determines whether confidential information is stored and confidential How to include information types.
3. The method of claim 2,
The metadata item includes at least one selected from a column name, a column type, a column length, and a stored column data length.
3. The method of claim 2,
The metadata item includes a substitution value,
The substitution value is a value in which each digit constituting the number is replaced with the same numerical value designated for one sample data extracted from data actually stored in the column, when the sample data includes a number, and the sample data A method in which each syllable character constituting a character is a value in which each character is substituted with the same specified character value when a character is included in the character.
delete delete According to claim 1,
The method further comprising the step of providing information on the management priority of each table by using the confidential information related index generated for the plurality of tables.
A device for performing analysis related to whether confidential information is stored in a table included in a database, comprising:
a storage unit for storing a machine learning model pre-trained by a machine learning technique based on metadata of a database; and
A control unit for estimating whether confidential information is stored and the type of stored confidential information for each column of the table using a machine learning model, and controlling to generate an index related to confidential information for the table based on the estimated information; and ,
When the control unit controls to generate the index, the weight and grade of a plurality of classification items are set for the table, and the confidential information related index for the table is calculated based on the weight and grade of each set classification item,
The classification items are
a first classification item in which a grade is set according to a corresponding risk of a column having the highest risk among columns estimated to store confidential information (confidential information column);
a second classification item in which a grade is set according to the number of confidential information columns;
a third classification item in which a grade is set according to the number of records including the confidential information column;
a fourth classification item in which a grade is set according to the importance of the corresponding table;
a fifth classification item whose rating is set according to whether it is disclosed to the public or a user of the corresponding table; and
a sixth classification item in which a grade is set according to a department using the table;
A device comprising at least one selected from the group comprising a.

Images