TWM610029U - Data security transmission and control system - Google Patents

Data security transmission and control system Download PDF

Info

Publication number
TWM610029U
TWM610029U TW109216501U TW109216501U TWM610029U TW M610029 U TWM610029 U TW M610029U TW 109216501 U TW109216501 U TW 109216501U TW 109216501 U TW109216501 U TW 109216501U TW M610029 U TWM610029 U TW M610029U
Authority
TW
Taiwan
Prior art keywords
computer
file
data
sent
end computer
Prior art date
Application number
TW109216501U
Other languages
Chinese (zh)
Inventor
簡孟茹
Original Assignee
國泰人壽保險股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 國泰人壽保險股份有限公司 filed Critical 國泰人壽保險股份有限公司
Priority to TW109216501U priority Critical patent/TWM610029U/en
Publication of TWM610029U publication Critical patent/TWM610029U/en

Links

Images

Landscapes

  • Storage Device Security (AREA)

Abstract

一種資料安全傳輸及控管系統,包括用以傳送一待傳送檔案至一接收端電腦的一傳輸端電腦,一覆核端電腦及一控管端電腦,其接收該傳輸端電腦送出的該待傳送檔案,並判斷該待傳送檔案內含有一需被保護的資料時,將該待傳送檔案傳送給該覆核端電腦進行審核,該控管端電腦將通過審核的該待傳送檔案加密成一加密後檔案,再將該加密後檔案傳送給該傳輸端電腦指定接收的該接收端電腦;且該控管端電腦另外傳送一解密密碼給接收該加密後檔案的該接收端電腦,使該接收端電腦能以該解密密碼將該加密後檔案解密以取得該待傳送檔案。A data secure transmission and control system, including a transmission end computer for transmitting a file to be transmitted to a receiving end computer, a review end computer, and a control end computer, which receive the standby computer sent by the transmission end computer When sending a file and judging that the file to be sent contains a data that needs to be protected, the file to be sent is sent to the reviewer computer for review, and the control computer encrypts the file to be sent that has passed the review into an encryption After the file, the encrypted file is sent to the receiving end computer designated by the transmitting end computer; and the control end computer additionally sends a decryption code to the receiving end computer that receives the encrypted file, so that the receiving end The computer can decrypt the encrypted file with the decryption password to obtain the file to be transmitted.

Description

資料安全傳輸及控管系統Data secure transmission and control system

本新型是有關於一種資料傳輸系統,特別是指一種資料安全傳輸及控管系統。This model relates to a data transmission system, in particular to a data secure transmission and control system.

保險業者每日需處理給付客戶理賠、年金、滿期金…等各類款項的給付交易。且因交付予銀行的保險給付檔案通常內含客戶姓名、身份證字號、銀行帳號等個資資料,因此,為因應個人資料保護法並確保客戶個資的傳輸安全,保險業者應提供完善的個人資料傳輸技術,以使保險給付責任之執行能更加完備。Insurers need to deal with the payment transactions of various types of payments to customers, such as claims, annuities, maturity... etc., every day. And because the insurance payment files delivered to the bank usually contain personal information such as the customer’s name, ID number, bank account number, etc. Therefore, in order to comply with the personal data protection law and ensure the safety of the transmission of customer’s personal information, insurance companies should provide comprehensive personal information. Data transmission technology to make the implementation of insurance payment obligations more complete.

現有做法是保險業者端之作業人員先從電腦系統中下載一保險給付資料於個人終端電腦後,再由作業人員根據該保險給付資料,依各銀行行庫的不同需求,人工合併或分拆該保險給付資料,以重新製作要交付予各行庫的該些保險給付檔案。然後,作業人員以人工將各該保險給付檔案分別加密後,藉由上傳至銀行網銀或以個人信箱寄送之方式將加密後的該等保險給付檔案交付給各銀行行庫以執行付款交易。The current practice is that the operator of the insurance company first downloads an insurance benefit information from the computer system to the personal terminal computer, and then the operator manually merges or splits the insurance benefit information according to the different needs of each bank's bank according to the insurance benefit information. Insurance benefit data to recreate the insurance benefit files to be delivered to each bank. Then, the operator manually encrypts the insurance payment files separately, and delivers the encrypted insurance payment files to the bank treasury of each bank by uploading them to the bank's online banking or sending them in a personal mailbox to execute the payment transaction.

然而上述做法存在以下風險:首先,於個人終端電腦執行合併或分拆該保險給付資料之作業時,因資料編輯工具較容易取得,易增加作業人員蓄意變更個資的舞弊風險。再者,以人工進行各該保險給付檔案之加密和寄送,可能發生寄錯行庫的情形。此外,以人工將加密後的該等保險給付檔案上傳網銀或寄送各行庫,存在竊取客戶個資之風險。However, the above approach has the following risks: First, when the operation of merging or splitting the insurance benefit data is executed on the personal terminal computer, because the data editing tool is easier to obtain, it is easy to increase the fraud risk of the operator deliberately changing the personal information. Furthermore, if the insurance payment files are encrypted and sent manually, it may happen that they are sent to the wrong bank. In addition, manually uploading the encrypted insurance payment files to online banking or sending them to various bank libraries poses the risk of stealing customers' personal information.

因此,本新型的目的,即在提供一種資料安全傳輸及控管系統,其至少能解決上述作業方式存在個資易被變更的風險以及客戶個資易被竊取的問題。Therefore, the purpose of the present invention is to provide a secure data transmission and control system, which can at least solve the above-mentioned operating method's risk of personal information being easily changed and the problem of customers' personal information being easily stolen.

於是,本新型一種資料安全傳輸及控管系統,用以傳輸資料至一接收端電腦,並包括一用以傳送一待傳送檔案至該接收端電腦的傳輸端電腦、一覆核端電腦及一控管端電腦,其與該傳輸端電腦、該覆核端電腦及該接收端電腦電耦接以通訊,且接收該傳輸端電腦送出的該待傳送檔案,並判斷該待傳送檔案內含有一需被保護的資料時,將該待傳送檔案傳送給該覆核端電腦;其中,該覆核端電腦對該待傳送檔案進行審核,並將通過審核的該待傳送檔案回傳給該控管端電腦;該控管端電腦接收通過審核的該待傳送檔案,並對通過審核的該待傳送檔案加密,使成為一加密後檔案,再將該加密後檔案傳送給該傳輸端電腦指定接收的該接收端電腦;且該控管端電腦另外傳送一解密密碼給接收該加密後檔案的該接收端電腦,使該接收端電腦能以該解密密碼將該加密後檔案解密以取得該待傳送檔案。Therefore, the present new type of data secure transmission and control system is used to transmit data to a receiving end computer, and includes a transmitting end computer for transmitting a file to be sent to the receiving end computer, a reviewing end computer, and a receiving end computer. The control end computer is electrically coupled to the transmitting end computer, the review end computer, and the receiving end computer for communication, and receives the file to be transmitted sent by the transmitting end computer, and determines that the file to be transmitted contains a When the data needs to be protected, the file to be sent is sent to the reviewer computer; wherein, the reviewer computer reviews the file to be sent, and returns the file to be sent that has passed the review to the controller The end computer; the control end computer receives the file to be sent that has passed the audit, encrypts the file to be sent that has passed the audit, and turns it into an encrypted file, and then sends the encrypted file to the sending end computer designated to receive The receiving end computer; and the control end computer additionally sends a decryption code to the receiving end computer that receives the encrypted file, so that the receiving end computer can decrypt the encrypted file with the decryption code to obtain the file to be sent .

在本新型的一些實施態樣中,該需被保護的資料包含個人資料。In some implementation aspects of the present invention, the data to be protected includes personal data.

在本新型的一些實施態樣中,該資料安全傳輸及控管系統還包括與該覆核端電腦電耦接以通訊的一資料庫伺服器及一編輯端電腦,該編輯端電腦向該資料庫伺服器要求下載內含有該需被保護的資料的一待編輯資料時,該資料庫伺服器將該待編輯資料傳送給該覆核端電腦,該覆核端電腦對該待編輯資料進行審核,再將通過審核的該待編輯資料傳送給該編輯端電腦,且該編輯端電腦根據通過審核的該待編輯資料產製該待傳送檔案。In some implementation aspects of the present invention, the data secure transmission and control system further includes a database server and an editing terminal computer that are electrically coupled to the review terminal computer to communicate with the data. When the library server requests to download a piece of data to be edited containing the data to be protected, the database server sends the data to be edited to the reviewer computer, and the reviewer computer reviews the data to be edited , And then send the reviewed data to be edited to the editing side computer, and the editing side computer produces the file to be sent based on the reviewed data to be edited.

在本新型的一些實施態樣中,該編輯端電腦要傳送該待傳送檔案至該傳輸端電腦時,該編輯端電腦判斷該待傳送檔案內容曾經過修改時,該編輯端電腦會先將該待傳送檔案傳送給該覆核端電腦,該覆核端電腦確認該待傳送檔案的內容無誤後,再將經確認的該待傳送檔案傳送至該傳輸端電腦。In some implementation aspects of the present invention, when the editing computer wants to send the file to be sent to the transmitting computer, when the editing computer determines that the content of the file to be sent has been modified, the editing computer will first The file to be sent is sent to the reviewing end computer, and the reviewing end computer confirms that the content of the file to be sent is correct, and then sends the confirmed file to be sent to the sending end computer.

在本新型的一些實施態樣中,該待傳送檔案是一保險給付檔案,且該需被保護的資料包含個人資料。In some implementation aspects of the present invention, the file to be transmitted is an insurance benefit file, and the data to be protected includes personal data.

在本新型的一些實施態樣中,該傳輸端電腦具有固定的網際網路協定位址,並配備獨立網段和防火牆,且禁止外接儲存裝置之存取。In some implementation aspects of the present invention, the transmitting end computer has a fixed Internet protocol address, is equipped with an independent network segment and a firewall, and prohibits access to external storage devices.

在本新型的一些實施態樣中,該控管端電腦判斷該待傳送檔案並未內含該需被保護的資料時,該控管端電腦將該待傳送檔案傳送給該傳輸端電腦指定的該接收端電腦。In some implementation aspects of the present invention, when the control computer determines that the file to be transmitted does not contain the data to be protected, the control computer transmits the file to be transmitted to the designated computer of the transmitting end The receiving computer.

在本新型的一些實施態樣中,該控管端電腦還根據一包含複數收件者的寄送清單,判斷該傳輸端電腦指定接收的該接收端電腦為該寄送清單中包含的該等收件者之一時,才將該加密後檔案傳送給該接收端電腦。In some implementation aspects of the present invention, the controlling end computer further determines that the receiving end computer designated by the transmitting end computer to receive is the one included in the sending list based on a mailing list that includes a plurality of recipients. Only when one of the recipients sends the encrypted file to the receiving computer.

本新型之功效在於:藉由該控管端電腦判斷該傳輸端電腦送出的該待傳送檔案內含需被保護的資料時,將該待傳送檔案傳送給該覆核端電腦進行審核,再將通過審核的該待傳送檔案加密成加密後檔案,將加密後檔案傳送給該傳輸端電腦指定的該接收端電腦,並另外傳送一解密密碼供該接收端電腦用以對該加密後檔案解密,藉此防止該待傳送檔案中包含的該需被保護的資料外洩;藉由該覆核端電腦審核要下載至該編輯端電腦之內含有該需被保護的資料的待編輯資料和審核曾經過修改的該保險給付檔案,確保客戶個資使用和修改之正當性;藉由該控管端電腦根據寄送清單判斷該傳輸端電腦指定接收該待傳送檔案的該接收端電腦是否為該寄送清單中包含的該等收件者,確保該待傳送檔案被正確地傳輸。The effect of the present invention is that when the control end computer determines that the file to be sent from the transmitting end computer contains data that needs to be protected, the file to be sent is sent to the review end computer for review, and then the file to be sent is sent to the reviewing end computer for review. The audited file to be transmitted is encrypted into an encrypted file, and the encrypted file is sent to the receiving computer designated by the transmitting computer, and a decryption password is also sent to the receiving computer to decrypt the encrypted file. In this way, the data to be protected contained in the file to be sent is prevented from being leaked; the data to be edited and the review history that contain the data to be protected are reviewed by the reviewing end computer to be downloaded to the editing end computer The modified insurance benefit file ensures the legitimacy of the customer’s personal information use and modification; the controlling computer determines whether the receiving computer designated by the transmitting computer to receive the file to be transmitted is the mailing device according to the mailing list. Send the recipients included in the list to ensure that the file to be sent is correctly transmitted.

在本新型被詳細描述之前,應當注意在以下的說明內容中,類似的元件是以相同的編號來表示。Before the present invention is described in detail, it should be noted that in the following description, similar elements are represented by the same numbers.

參閱圖1,是本新型資料安全傳輸及控管系統的一實施例,其主要但不限於應用於一保險業者端,用以安全地傳輸資料至一接收端電腦1,該接收端電腦1可以是但不限銀行端架設於網路的網路銀行伺服器或者是銀行端設於各行庫的個人終端電腦。本實施例主要包括設於該保險業者端的一傳輸端電腦2、一覆核端電腦3及一控管端電腦4。其中,該傳輸端電腦2通常供操作以傳送一待傳送檔案給該接收端電腦1;該覆核端電腦3通常指由一具有權限的覆核人員操作,以決定該待傳送檔案放行與否的電腦;該控管端電腦4設有一網路型(Network-based)資料外洩防護(Data Leak Prevention)(或稱資料遺失防護(Data Loss Prevention)系統(以下簡稱為NDLP系統),並與該傳輸端電腦2及該覆核端電腦3電耦接(例如透過內部網路)以通訊,且與該接收端電腦4電耦接(例如透過網際網路)以通訊。而且,該控管端電腦4設在該傳輸端電腦2與該接收端電腦1之間,亦即該傳輸端電腦2要傳送給該接收端電腦1的資料或檔案皆會經過該控制端電腦4並受到該控管端電腦4的監控和管制。Refer to Figure 1, which is an embodiment of the new data secure transmission and control system, which is mainly but not limited to being applied to an insurance company to securely transmit data to a receiving end computer 1, which can Yes, but not limited to an online banking server set up on the Internet at the bank end or a personal terminal computer set up at each bank bank at the bank end. This embodiment mainly includes a transmission end computer 2, a review end computer 3, and a control end computer 4 at the end of the insurer. Wherein, the transmitting end computer 2 is usually used for operation to transmit a file to be transmitted to the receiving end computer 1; the reviewing end computer 3 is usually operated by a reviewer with authority to determine whether the file to be transmitted is allowed or not Computer; the control end computer 4 is equipped with a Network-based Data Leak Prevention (or Data Loss Prevention) system (hereinafter referred to as the NDLP system), and is in conjunction with The transmitting end computer 2 and the reviewing end computer 3 are electrically coupled (for example, through an internal network) for communication, and are electrically coupled (for example, through the Internet) for communication with the receiving end computer 4. Moreover, the control The end computer 4 is set between the transmitting end computer 2 and the receiving end computer 1. That is, the data or files that the transmitting end computer 2 wants to send to the receiving end computer 1 will pass through the control end computer 4 and be controlled by the Monitoring and control of pipe end computer 4.

因此,當該控管端電腦4接收到該傳輸端電腦2送出的該待傳送檔案時,會透過上述NDLP系統的一偵測模組41判斷該待傳送檔案是否內含有一需被保護的資料,若是,則攔阻該等傳送檔案,並將該待傳送檔案傳送給該覆核端電腦3。反之,該控管端電腦4的該偵測模組41判斷該待傳送檔案並未內含該需被保護的資料時,該控管端電腦4則直接將該待傳送檔案傳送給該傳輸端電腦2指定的該接收端電腦1。其中,該需被保護的資料可以是但不限於個人資料或機密資料。Therefore, when the control end computer 4 receives the file to be sent from the transmitting end computer 2, it will determine whether the file to be sent contains a data that needs to be protected through a detection module 41 of the NDLP system. , If yes, block the files to be sent, and send the files to be sent to the reviewer computer 3. Conversely, when the detection module 41 of the control end computer 4 determines that the file to be sent does not contain the data to be protected, the control end computer 4 directly sends the file to be sent to the transmission end The receiving end computer 1 designated by computer 2. Among them, the information that needs to be protected can be, but is not limited to, personal information or confidential information.

該覆核端電腦3收到該控管端電腦4傳來的該待傳送檔案後,具有使用該覆核端電腦3的權限的覆核人員會透過該覆核端電腦3對該待傳送檔案進行審核,並於判定該待傳送檔案內含的該需被保護的資料正確且無資安疑慮後,令該覆核端電腦3將通過審核的該待傳送檔案回傳給該控管端電腦4。藉此,確保該待傳送檔案內含的該需被保護的資料被正確地使用及傳輸。After the reviewing end computer 3 receives the file to be sent from the controlling end computer 4, the reviewer who has the authority to use the reviewing end computer 3 will send the file to be sent through the reviewing end computer 3 After reviewing, and after determining that the data to be protected contained in the file to be sent is correct and without information security concerns, the reviewer computer 3 will send the file to be sent that has passed the review back to the control computer 4. In this way, it is ensured that the data to be protected contained in the file to be transmitted is used and transmitted correctly.

該控管端電腦4收到該覆核端電腦3回傳之完成審核的該待傳送檔案後,會以其中的一加密模組42對通過審核的該待傳送檔案加密,使成為一加密後檔案,再將該加密後檔案傳送給該傳輸端電腦2指定接收的該接收端電腦1;且該加密模組42還產生能將該加密後檔案解密的一解密密碼,因此,該控管端電腦4傳送該加密後檔案給該接收端電腦1後,會再另外傳送該解密密碼給接收該加密後檔案的該接收端電腦1,使該接收端電腦1能以該解密密碼將該加密後檔案解密以取得該待傳送檔案。舉例來說,該解密密碼與對通過審核的該待傳送檔案加密的密碼可以是同一個密碼,且該密碼是由該加密組模42隨機亂數產生,例如使用MD5訊息摘要演算法(MD5 Message-Digest Algorithm)產生加(解)密密碼。因此,即使是固定的該接收端電腦1(即固定的收件者),傳送給該接收端電腦1的每一個加密後檔案的解密密碼也都不相同。藉此,防止該待傳送檔案中包含的該需被保護的資料外洩。此外,該控管端電腦4也會同步記錄寄送出之包含有該需被保護的資料的該等加密後檔案。After the control terminal computer 4 receives the file to be sent that has been reviewed and returned from the review computer 3, it encrypts the file to be sent that has passed the review with one of the encryption modules 42 to make it an encrypted file The encrypted file is then sent to the receiving computer 1 designated by the transmitting computer 2; and the encryption module 42 also generates a decryption password that can decrypt the encrypted file. Therefore, the control terminal After the computer 4 sends the encrypted file to the receiving computer 1, it will additionally send the decryption password to the receiving computer 1 that receives the encrypted file, so that the receiving computer 1 can use the decryption password to encrypt the encrypted file. Decrypt the file to obtain the file to be sent. For example, the decryption password and the password for encrypting the file to be transmitted that have passed the audit may be the same password, and the password is generated by the encryption module 42 random random number, for example, using MD5 Message Digest Algorithm (MD5 Message Digest Algorithm). -Digest Algorithm) generates encryption (decryption) encryption. Therefore, even if the receiving computer 1 is fixed (ie, the fixed recipient), the decryption password of each encrypted file sent to the receiving computer 1 is different. In this way, the data to be protected contained in the file to be transmitted is prevented from leaking. In addition, the control terminal computer 4 will also synchronously record the sent encrypted files containing the data to be protected.

且在本實施例中,該傳輸端電腦2可以是設在保險業者之作業人員辦公處的個人電腦,而該待傳送檔案只是內含例如被保險人或投保人之個人資料的一般檔案。Moreover, in this embodiment, the transmitting end computer 2 may be a personal computer located in an office of an operator of an insurance company, and the file to be transmitted is only a general file containing the personal data of the insured or the insured, for example.

或者,該待傳送檔案也可以是要提供給指定的銀行行庫的一保險給付檔案(以下稱保險給付檔案),以使銀行行庫根據該保險給付檔案內容執行保險給付,該保險給付檔案中主要包含客戶姓名、身份證字號、銀行帳號等個資資料(即上述該需被保護的資料)。在此應用情境下,該傳輸端電腦2會被設在保險業者之一獨立交易室中的個人電腦,以控管接觸客戶個資的作業人員;且該傳輸端電腦2具有固定的網際網路協定(IP)位址,並配備獨立網段和防火牆,以杜絕個資外洩且留存檔案傳送記錄;且該傳輸端電腦2禁止外接儲存裝置(例如USB隨身碟)之存取,以杜絕個資外洩,並且僅供用以傳送該保險給付檔案,亦即該傳輸端電腦2不具有編輯功能而不能修改或變更該保險給付檔案的內容,藉此避免產生作業人員舞弊風險以及個資(或資料)遭竄改、誤植的風險。Alternatively, the file to be transmitted can also be an insurance benefit file (hereinafter referred to as the insurance benefit file) to be provided to the designated bank treasury, so that the bank treasury executes the insurance benefit according to the content of the insurance benefit file. It mainly contains personal information such as customer name, ID number, bank account number, etc. (that is, the information that needs to be protected above). In this application scenario, the transmission terminal computer 2 will be set up in a personal computer in an independent trading room of an insurance company to control the operators who contact the customer’s personal information; and the transmission terminal computer 2 has a fixed Internet Protocol (IP) address, and equipped with independent network segment and firewall to prevent personal data leakage and keep file transfer records; and the transmission end computer 2 prohibits access to external storage devices (such as USB flash drives) to prevent personal information The information is leaked, and it is only used to transmit the insurance benefit file, that is, the transmission terminal computer 2 does not have the editing function and cannot modify or change the content of the insurance benefit file, thereby avoiding the risk of operator fraud and personal information (or Data) is the risk of tampering and misplanting.

因此,為了產製提供給各家銀行行庫的該保險給付檔案,如圖2所示,本實施例還可包括與該覆核端電腦3電耦接(例如透過內部網路)以通訊的一資料庫伺服器5和一編輯端電腦6,該編輯端電腦6通常設在作業人員辦公位置,且當要產製該保險給付檔案,作業人員透過該編輯端電腦6向該資料庫伺服器5要求下載內含有該需被保護的資料且與保險給付有關的一待編輯資料,例如要交付予各銀行行庫的一保險給付資料時,該資料庫伺服器6會先將該編輯端電腦6要下載的該待編輯資料傳送給該覆核端電腦3,覆核人員透過該覆核端電腦3對該待編輯資料進行審核,並傳送核准該編輯端電腦6下載該待編輯資料的通知給該資料庫伺服器5後,該資料庫伺服器5才會將通過審核的該待編輯資料傳送給該編輯端電腦6,然後,該編輯端電腦6才能根據通過審核的該待編輯資料(要交付予各銀行行庫的該保險給付資料)產製要提供給各銀行行庫的該保險給付檔案,例如作業人員根據各行庫的不同需求,藉由該編輯端電腦6合併或分拆該保險給付資料,而製作成要交付予各行庫的該些保險給付檔案。藉此,確保客戶個資使用之正當性。Therefore, in order to produce the insurance benefit file provided to the bank treasury of various banks, as shown in FIG. 2, this embodiment may further include a computer that is electrically coupled to the review terminal computer 3 (for example, through an internal network) for communication. A database server 5 and an editing terminal computer 6. The editing terminal computer 6 is usually set in the office of the operator, and when the insurance benefit file is to be produced, the operator sends the data to the database server through the editing terminal computer 6 5 Request to download a data to be edited that contains the data that needs to be protected and is related to insurance benefits. For example, when an insurance benefit data is to be delivered to the bank of each bank, the database server 6 will first edit the computer 6 The data to be edited is sent to the reviewing computer 3, and the reviewer reviews the data to be edited through the reviewing computer 3, and sends a notification to approve the editing computer 6 to download the data to be edited After it is given to the database server 5, the database server 5 will send the reviewed data to be edited to the editing side computer 6, and then the editing side computer 6 can be based on the reviewed data to be edited ( The insurance benefit information to be delivered to the bank treasury) The insurance benefit file to be provided to each bank’s bank treasury is produced. For example, the operator uses the editing terminal computer 6 to merge or split the insurance benefit file according to the different needs of each bank. Insurance benefit information, and made into these insurance benefit files to be delivered to each bank. In this way, to ensure the legitimacy of the customer's personal information use.

且為防止作業人員在產製該保險給付檔案的過程中,任意或蓄意修改或變更該保險給付檔案的內容,當作業人員完成該保險給付檔案的製作且欲將該保險給付檔案傳送至設於交易室的該傳輸端電腦2,以透過該傳輸端電腦2傳送給指定的銀行行庫的該接收端電腦1時,該編輯端電腦6會根據作業人員的編修記錄,判斷該保險給付檔案內容是否有被修改或曾經過修改,若是,該編輯端電腦6會先將該保險給付檔案傳送給該覆核端電腦3,並經由覆核人員透過該覆核端電腦3確認該保險給付檔案的修改內容無誤後,該覆核端電腦3才會將經確認的該保險給付檔案傳送至該傳輸端電腦2;藉此,確保該保險給付檔案修改之正當性。此外,當該編輯端電腦6判斷該保險給付檔案內容並未遭到修改,則直接傳送該保險給付檔案至該傳輸端電腦2。And in order to prevent the operator from arbitrarily or deliberately modifying or changing the content of the insurance payment file in the process of producing the insurance payment file, when the operator has completed the preparation of the insurance payment file and wants to send the insurance payment file to When the transmitting end computer 2 in the transaction room transmits to the receiving end computer 1 of the designated bank bank through the transmitting end computer 2, the editing end computer 6 will determine the content of the insurance benefit file based on the editing records of the operator Whether it has been modified or has been modified before, if so, the editing computer 6 will first send the insurance benefit file to the reviewing computer 3, and the reviewer will confirm the insurance benefit file through the reviewing computer 3 After the modification content is correct, the reviewing end computer 3 will send the confirmed insurance benefit file to the transmitting end computer 2; thereby, the legitimacy of the insurance benefit file modification can be ensured. In addition, when the editing terminal computer 6 determines that the content of the insurance benefit file has not been modified, it directly transmits the insurance benefit file to the transmitting terminal computer 2.

再者,該控管端電腦4還根據一包含各銀行行庫之收件者的寄送清單,且當該保險給付檔案通過該覆核端電腦3之審核後,該控管端電腦4還會判斷該傳輸端電腦2指定接收該保險給付檔案的該接收端電腦1是否為該寄送清單中包含的該等收件者之一,若是,才將該保險給付檔案加密後傳送給該接收端電腦1,藉此,確保該保險給付檔案被正確地傳輸。Furthermore, the control-end computer 4 is also based on a mailing list that includes the recipients of each bank's bank, and when the insurance benefit file passes the review by the review-end computer 3, the control-end computer 4 returns It will determine whether the receiving computer 1 designated by the transmitting end computer 2 to receive the insurance benefit file is one of the recipients included in the mailing list, and if so, the insurance benefit file will be encrypted and sent to the receiving end. The end computer 1, thereby ensuring that the insurance payment file is correctly transmitted.

值得一提的是,當該寄送清單中要新增既存的某一行庫的收件者或者新增要收件的一新銀行行庫時,都需要先經過該覆核端電腦3的審核(覆核)後,才能新增於該寄送清單中,藉此,確保該保險給付檔案能被正確的傳輸和接收。It is worth mentioning that when adding a recipient of an existing bank library or adding a new bank bank library to be received in the mailing list, it needs to be reviewed by the reviewing terminal computer 3 first. (Review) can be added to the mailing list to ensure that the insurance payment file can be correctly transmitted and received.

綜上所述,本實施例藉由該控管端電腦4判斷該傳輸端電腦2送出的該待傳送檔案內含需被保護的資料時,將該待傳送檔案傳送給該覆核端電腦進行覆核(審核),再將通過審核的該待傳送檔案加密成加密後檔案,將加密後檔案傳送給該傳輸端電腦2指定的該接收端電腦1,並另外傳送一解密密碼供該接收端電腦1用以對該加密後檔案解密,藉此防止該待傳送檔案中包含的該需被保護的資料外洩;並且藉由該覆核端電腦3審核要下載至該編輯端電腦6之與保險給付有關的待編輯資料和審核曾經過修改的該保險給付檔案,確保客戶個資使用和修改之正當性;以及藉由該控管端電腦4藉由寄送清單判斷該傳輸端電腦2指定接收該保險給付檔案的該接收端電腦1是否為該寄送清單中包含的該等收件者,確保該保險給付檔案被正確地傳輸,而確實達到本新型的功效與目的。To sum up, in this embodiment, when the control terminal computer 4 determines that the file to be transmitted sent by the transmitting terminal computer 2 contains data that needs to be protected, the file to be transmitted is sent to the review terminal computer for processing. Review (audit), then encrypt the file to be sent that has passed the audit into an encrypted file, send the encrypted file to the receiving computer 1 designated by the transmitting computer 2, and send a decryption password to the receiving end The computer 1 is used to decrypt the encrypted file, thereby preventing the data to be protected contained in the file to be transmitted from leaking; and the reviewing end computer 3 verifies the data to be downloaded to the editing end computer 6 The data to be edited related to the insurance payment and the review of the insurance payment file that has been modified to ensure the legitimacy of the use and modification of the customer’s personal information; and the control terminal computer 4 judges the transmission terminal computer 2 designation by the sending list Whether the receiving end computer 1 that receives the insurance benefit file is the recipient included in the mailing list ensures that the insurance benefit file is transmitted correctly, and the effect and purpose of the present invention are indeed achieved.

惟以上所述者,僅為本新型的實施例而已,當不能以此限定本新型實施的範圍,凡是依本新型申請專利範圍及專利說明書內容所作的簡單的等效變化與修飾,皆仍屬本新型專利涵蓋的範圍內。However, the above are only examples of the present model. When the scope of implementation of the present model cannot be limited by this, all simple equivalent changes and modifications made in accordance with the patent scope of the present model application and the contents of the patent specification still belong to This new patent covers the scope.

1:接收端電腦 2:傳輸端電腦 3:覆核端電腦 4:控管端電腦 41:偵測模組 42:加密模組 5:資料庫伺服器 6:編輯端電腦 1: The receiving computer 2: Transmission terminal computer 3: Review end computer 4: Control computer 41: Detection module 42: Encryption module 5: Database server 6: Editing computer

本新型的其他的特徵及功效,將於參照圖式的實施方式中清楚地呈現,其中: 圖1是本新型資料安全傳輸及控管系統的一實施例主要包含的電子裝置示意圖;及 圖2說明本實施例還包含一資料庫伺服器和一編輯端電腦。 Other features and effects of the present invention will be clearly presented in the embodiments with reference to the drawings, among which: Figure 1 is a schematic diagram of electronic devices mainly included in an embodiment of the new data secure transmission and control system; and Figure 2 illustrates that this embodiment also includes a database server and an editing computer.

1:接收端電腦 1: The receiving computer

2:傳輸端電腦 2: Transmission terminal computer

3:覆核端電腦 3: Review end computer

4:控管端電腦 4: Control computer

41:偵測模組 41: Detection module

42:加密模組 42: Encryption module

Claims (8)

一種資料安全傳輸及控管系統,用以傳輸資料至一接收端電腦,並包括: 一傳輸端電腦,用以傳送一待傳送檔案至該接收端電腦; 一覆核端電腦;及 一控管端電腦,與該傳輸端電腦、該覆核端電腦及該接收端電腦電耦接以通訊,且接收該傳輸端電腦送出的該待傳送檔案,並判斷該待傳送檔案內含有一需被保護的資料時,將該待傳送檔案傳送給該覆核端電腦;其中 該覆核端電腦對該待傳送檔案進行審核,並將通過審核的該待傳送檔案回傳給該控管端電腦; 該控管端電腦接收通過審核的該待傳送檔案,並對通過審核的該待傳送檔案加密,使成為一加密後檔案,再將該加密後檔案傳送給該傳輸端電腦指定接收的該接收端電腦;且該控管端電腦另外傳送一解密密碼給接收該加密後檔案的該接收端電腦,使該接收端電腦能以該解密密碼將該加密後檔案解密以取得該待傳送檔案。 A secure data transmission and control system for transmitting data to a receiving computer, and includes: A transmitting end computer for transmitting a file to be transmitted to the receiving end computer; A review computer; and A control end computer is electrically coupled to the transmitting end computer, the reviewing end computer, and the receiving end computer for communication, and receives the file to be transmitted from the transmitting end computer, and determines that the file to be transmitted contains a When the data needs to be protected, the file to be sent is sent to the reviewer computer; The reviewer computer reviews the file to be sent, and returns the file to be sent that has passed the review to the control computer; The control end computer receives the file to be sent that has passed the audit, encrypts the file to be sent that has passed the audit, and turns it into an encrypted file, and then sends the encrypted file to the receiving end designated by the transmitting end computer Computer; and the control end computer additionally sends a decryption code to the receiving end computer that receives the encrypted file, so that the receiving end computer can decrypt the encrypted file with the decryption code to obtain the file to be transmitted. 如請求項1所述的資料安全傳輸及控管系統,其中,該需被保護的資料包含個人資料。The data secure transmission and control system described in claim 1, wherein the data to be protected includes personal data. 如請求項1所述的資料安全傳輸及控管系統,還包括與該覆核端電腦電耦接以通訊的一資料庫伺服器及一編輯端電腦,該編輯端電腦向該資料庫伺服器要求下載內含有該需被保護的資料的一待編輯資料時,該資料庫伺服器將該待編輯資料傳送給該覆核端電腦,該覆核端電腦對該待編輯資料進行審核,再將通過審核的該待編輯資料傳送給該編輯端電腦,且該編輯端電腦根據通過審核的該待編輯資料產製該待傳送檔案。The data secure transmission and control system as described in claim 1, further comprising a database server and an editing terminal computer which are electrically coupled to the review terminal computer for communication, and the editing terminal computer communicates with the database server When requesting to download a data to be edited containing the data to be protected, the database server sends the data to be edited to the reviewer computer, the reviewer computer reviews the data to be edited, and then The data to be edited that has passed the review is sent to the editing side computer, and the editing side computer produces the file to be sent based on the data to be edited that has passed the review. 如請求項3所述的資料安全傳輸及控管系統,其中該編輯端電腦要傳送該待傳送檔案至該傳輸端電腦時,該編輯端電腦判斷該待傳送檔案內容曾經過修改時,該編輯端電腦會先將該待傳送檔案傳送給該覆核端電腦,該覆核端電腦確認該待傳送檔案的內容無誤後,再將經確認的該待傳送檔案傳送至該傳輸端電腦。For example, in the data secure transmission and control system described in claim 3, when the editor computer wants to transmit the file to be transmitted to the transmitting computer, when the editor computer determines that the content of the file to be transmitted has been modified, the editor The end computer first sends the file to be sent to the reviewing end computer, and the reviewing end computer confirms that the content of the file to be sent is correct, and then sends the confirmed file to be sent to the sending end computer. 如請求項3或4所述的資料安全傳輸及控管系統,其中該待傳送檔案是一保險給付檔案,且該需被保護的資料包含個人資料。For example, in the data secure transmission and control system described in claim 3 or 4, the file to be transmitted is an insurance benefit file, and the data to be protected includes personal data. 如請求項5所述的資料安全傳輸及控管系統,其中該傳輸端電腦具有固定的網際網路協定位址,並配備獨立網段和防火牆,且禁止外接儲存裝置之存取。The data secure transmission and control system according to claim 5, wherein the transmission end computer has a fixed Internet protocol address, is equipped with an independent network segment and a firewall, and prohibits access to external storage devices. 如請求項1所述的資料安全傳輸及控管系統,其中該控管端電腦判斷該待傳送檔案並未內含該需被保護的資料時,該控管端電腦將該待傳送檔案傳送給該傳輸端電腦指定的該接收端電腦。For example, the data secure transmission and control system described in claim 1, wherein when the control computer determines that the file to be transmitted does not contain the data to be protected, the control computer transmits the file to be transmitted to The receiving computer designated by the transmitting computer. 如請求項5所述的資料安全傳輸及控管系統,其中該控管端電腦還根據一包含複數收件者的寄送清單,判斷該傳輸端電腦指定接收的該接收端電腦為該寄送清單中包含的該等收件者之一時,才將該加密後檔案傳送給該接收端電腦。The data secure transmission and control system according to claim 5, wherein the control end computer also judges that the receiving end computer designated to receive by the transmitting end computer is the sending based on a mailing list containing plural recipients Only when one of the recipients is included in the list, the encrypted file is sent to the receiving computer.
TW109216501U 2020-12-14 2020-12-14 Data security transmission and control system TWM610029U (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW109216501U TWM610029U (en) 2020-12-14 2020-12-14 Data security transmission and control system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW109216501U TWM610029U (en) 2020-12-14 2020-12-14 Data security transmission and control system

Publications (1)

Publication Number Publication Date
TWM610029U true TWM610029U (en) 2021-04-01

Family

ID=76605625

Family Applications (1)

Application Number Title Priority Date Filing Date
TW109216501U TWM610029U (en) 2020-12-14 2020-12-14 Data security transmission and control system

Country Status (1)

Country Link
TW (1) TWM610029U (en)

Similar Documents

Publication Publication Date Title
JP6524347B2 (en) Information sharing system
US6918038B1 (en) System and method for installing an auditable secure network
US6532543B1 (en) System and method for installing an auditable secure network
US6741991B2 (en) Data management system
US6002772A (en) Data management system
US7299502B2 (en) System and method for providing customized secure access to shared documents
US8595502B2 (en) Data management system
CA2766491C (en) A method and system for securely and automatically downloading a master key in a bank card payment system
CN111444273B (en) Data authorization method and device based on block chain
CN109412812B (en) Data security processing system, method, device and storage medium
EP0864959A2 (en) Data management system
US7370199B2 (en) System and method for n-way authentication in a network
CN112699353B (en) Financial information transmission method and financial information transmission system
WO2021169767A1 (en) Data processing method and apparatus, device and medium
CN101118634B (en) Process for generating licenses and system thereof
CN111461731A (en) Block chain monitoring system and method applied to financial transactions
US10664612B2 (en) System and method for controlling operations performed on personal information
KR102453918B1 (en) Automation system for import-export procedure
CN112702158A (en) Digital product safe transaction system and method based on block chain technology
TWM610029U (en) Data security transmission and control system
US20230124498A1 (en) Systems And Methods For Whitebox Device Binding
TWI766171B (en) Account data processing method and account data processing system
AU776222B2 (en) System and method for installing an auditable secure network
US20070192589A1 (en) System and method for encrypting webpage logs
CN115964692A (en) Cross-system electronic bill one-way docking and information authentication system and method