CN110020550B - Assessment method, device and equipment for verification platform - Google Patents

Assessment method, device and equipment for verification platform Download PDF

Info

Publication number
CN110020550B
CN110020550B CN201910130759.4A CN201910130759A CN110020550B CN 110020550 B CN110020550 B CN 110020550B CN 201910130759 A CN201910130759 A CN 201910130759A CN 110020550 B CN110020550 B CN 110020550B
Authority
CN
China
Prior art keywords
content information
fault injection
data record
rule
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910130759.4A
Other languages
Chinese (zh)
Other versions
CN110020550A (en
Inventor
姜楠
吴坤
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Advanced New Technologies Co Ltd
Advantageous New Technologies Co Ltd
Original Assignee
Advanced New Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Advanced New Technologies Co Ltd filed Critical Advanced New Technologies Co Ltd
Priority to CN201910130759.4A priority Critical patent/CN110020550B/en
Publication of CN110020550A publication Critical patent/CN110020550A/en
Application granted granted Critical
Publication of CN110020550B publication Critical patent/CN110020550B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)
  • Debugging And Monitoring (AREA)

Abstract

In the method for evaluating the verification platform, the verification platform receives content information of a data record which is currently changed in a database and is sent by a data replication center. The content information of the data record is obtained by analyzing the change log of the database by the data replication center. And obtaining a corresponding fault injection rule. And tampering the content information of the data record according to the fault injection rule. And according to a preset checking rule, checking the tampered content information to obtain a checking result. The collation results are used to evaluate the data difference discovery capability of the collation platform.

Description

Assessment method, device and equipment for verification platform
Technical Field
One or more embodiments of the present disclosure relate to the field of computer technologies, and in particular, to a method, an apparatus, and a device for evaluating a verification platform.
Background
The checking platform is used for checking the data in the real database. In order to evaluate the data difference discovery capability of the collation platform, conventionally, data in the collated true database is tampered with by exercise, and then it is seen whether the collation platform can detect the data difference. However, manipulation of the data in the real database requires rollback after the exercise is completed. In addition, during the exercise, erroneous data may be read downstream where it is relied upon, resulting in contamination of downstream data.
Accordingly, there is a need to provide a method of evaluating a collation platform more reliably.
Disclosure of Invention
One or more embodiments of the present disclosure describe a method, an apparatus, and a device for evaluating a verification platform, which can implement the evaluation of the verification platform without tampering with data in a real database, thereby ensuring the security of the real data.
In a first aspect, there is provided an evaluation method of a collation platform, including:
the checking platform receives content information of a data record which is currently changed in a database and sent by the data replication center;
the content information of the data record is obtained by analyzing the change log of the database by a data replication center;
acquiring a corresponding fault injection rule;
tampering is carried out on the content information of the data record according to the fault injection rule;
according to a preset checking rule, checking the tampered content information to obtain a checking result; the collation results are used to evaluate the data difference discovery capability of the collation platform.
In a second aspect, there is provided an evaluation method of a collation platform, comprising:
acquiring a change log of a database;
analyzing the change log to obtain content information of the current changed data record in the database;
Transmitting the content information of the data record to a verification platform; the verification platform acquires a corresponding fault injection rule, and tampering is carried out on the content information of the data record according to the fault injection rule; the verification platform is further enabled to verify the tampered content information according to a preset verification rule, so that a verification result is obtained; the collation results are used to evaluate the data difference discovery capability of the collation platform.
In a third aspect, there is provided an evaluation apparatus of a collation platform, comprising:
the receiving unit is used for receiving the content information of the data record which is currently changed in the database and is sent by the data replication center;
the content information of the data record is obtained by analyzing the change log of the database by a data replication center;
the acquisition unit is used for acquiring the corresponding fault injection rule;
a falsifying unit, configured to falsify content information of the data record according to the fault injection rule acquired by the acquiring unit;
the checking unit is used for checking the content information tampered by the tampering unit according to a preset checking rule so as to obtain a checking result; the verification result is used for evaluating the data difference discovery capability of the verification platform.
In a fourth aspect, there is provided an evaluation apparatus of a collation platform, comprising:
an acquisition unit configured to acquire a change log of a database;
the analysis unit is used for analyzing the change log acquired by the acquisition unit to acquire the content information of the data record of the current change in the database;
a transmitting unit for transmitting the content information of the data record to a collation platform; the verification platform acquires a corresponding fault injection rule, and tampering is carried out on the content information of the data record according to the fault injection rule; the verification platform is further enabled to verify the tampered content information according to a preset verification rule, so that a verification result is obtained; the collation results are used to evaluate the data difference discovery capability of the collation platform.
In a fifth aspect, there is provided an evaluation apparatus of a collation platform, comprising:
a memory;
one or more processors; and
one or more programs, wherein the one or more programs are stored in the memory and configured to be executed by the one or more processors, which when executed by the processors implement the steps of:
Receiving content information of a data record which is currently changed in a database and sent by a data replication center;
the content information of the data record is obtained by analyzing the change log of the database by a data replication center;
acquiring a corresponding fault injection rule;
tampering is carried out on the content information of the data record according to the fault injection rule;
according to a preset checking rule, checking the tampered content information to obtain a checking result; the verification result is used for evaluating the data difference discovery capability of the verification platform.
In a sixth aspect, there is provided an evaluation apparatus of a collation platform, comprising:
a memory;
one or more processors; and
one or more programs, wherein the one or more programs are stored in the memory and configured to be executed by the one or more processors, which when executed by the processors implement the steps of:
acquiring a change log of a database;
analyzing the change log to obtain content information of the current changed data record in the database;
transmitting the content information of the data record to a verification platform; the verification platform acquires a corresponding fault injection rule, and tampering is carried out on the content information of the data record according to the fault injection rule; the verification platform is further enabled to verify the tampered content information according to a preset verification rule, so that a verification result is obtained; the collation results are used to evaluate the data difference discovery capability of the collation platform.
According to the assessment method, the assessment device and the assessment equipment for the verification platform, which are provided by one or more embodiments of the present disclosure, the verification platform receives content information of a data record currently changed in a database sent by a data replication center. The content information of the data record is obtained by analyzing the change log of the database by the data replication center. And obtaining a corresponding fault injection rule. And tampering the content information of the data record according to the fault injection rule. And according to a preset checking rule, checking the tampered content information to obtain a checking result. The collation results are used to evaluate the data difference discovery capability of the collation platform. That is, in the solution provided in the present specification, the content information of the data record is obtained by parsing the change log, which can reduce the access pressure of the database. The verification platform can tamper and verify the content information, so that the verification platform can be evaluated under the condition that the data in the real database is not tampered, and the safety of the real data is ensured.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present description, the drawings that are needed in the description of the embodiments will be briefly described below, it being obvious that the drawings in the following description are only some embodiments of the present description, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a schematic diagram of an evaluation method application scenario of a verification platform provided in the present specification;
FIG. 2 is a flowchart of a method for evaluating a verification platform according to one embodiment of the present disclosure;
FIG. 3 is a flowchart of a method for evaluating a verification platform according to another embodiment of the present disclosure;
FIG. 4 is a schematic diagram of an evaluation device of the verification platform according to an embodiment of the present disclosure;
FIG. 5 is a schematic view of an evaluation device of a verification platform according to another embodiment of the present disclosure;
FIG. 6 is a schematic diagram of an evaluation device of the verification platform according to one embodiment of the present disclosure;
fig. 7 is a schematic diagram of an evaluation apparatus of a verification platform according to another embodiment of the present disclosure.
Detailed Description
The following describes the scheme provided in the present specification with reference to the drawings.
Before describing the solution provided in the present specification, the following description is made on the inventive concept of the present solution.
As can be seen from the background, in the conventional technology, in order to evaluate the data difference discovery capability of the verification platform, the data in the real database is often tampered with. However, modifying the data in the real database is often a risky operation, and after the exercise is finished, the modified data needs to be restored again. In addition, typically one data is modified, and all downstream depending on the data may be inaccurate due to the fact that the erroneous data is read, which is difficult to recover.
In order to ensure the security of the real data, it is considered to read out the data in the real database and then tamper with respect to the read-out data. However, reading the real database increases the access pressure of the real database. In order to reduce the access pressure of the real database, it is considered to acquire data in the real database by parsing a change log of the real database. The change log of a database typically records details of the operations performed on each line of data (also referred to as a data record) in the database and the modification details of that line of data. Therefore, based on the change log, each line of data in the real database can be accurately acquired.
The above is an inventive concept of the present invention, and the solution provided in the present specification can be obtained based on the inventive concept.
Fig. 1 is a schematic diagram of an evaluation method application scenario of the verification platform provided in the present specification. In fig. 1, the reconciliation platform can subscribe to a change log of at least one database. After the subscription operation is completed, the data replication center may monitor the change log of the database. When a new change log is generated, the data replication center can acquire the change log. Of course, in practical applications, the data replication center may also periodically acquire the change log. It should be noted that, due to different types of databases, the log format and log content of the corresponding change log are generally different. To mask this variability, the data replication center may parse the acquired change log to convert it to a change log in a common format, which may also be referred to as a standardized message. The standardized message includes at least content information of the data record currently being changed in the database. In addition, the database may also include a database name, a table name of the data table, a Primary Key (PK), a correlation identifier (such as a transaction serial number, etc.), and the like.
The data replication center may then send the standardized message to the reconciliation platform. The verification platform is pre-stored with fault injection rules pushed by the exercise platform. In one example, the exercise platform may push different fault injection rules for different data tables in different databases. In another example, a unified fault injection rule may be set without distinguishing between the database and the data table. Taking the above example as an example, after receiving the standardized message, the corresponding fault injection rule may be obtained by an awatch-drc component in the verification platform based on the library name and the table name. And tampering the content information of the data record according to the fault injection rule. And storing the content information of the tampered data record into a storage unit.
After the interval is specified for a long time, the verification platform can read the stored content information of the tampered data record from the storage unit and verify the content information based on a preset verification rule to obtain a verification result. Based on the collation result, it is possible to realize evaluation of the data difference discovery capability of the collation platform. For example, when the verification result is different for data, the verification platform has better data difference discovery capability. When the checking result is that the data is not different, the data difference discovery capability of the checking platform is poor.
The foregoing is a general overview of an assessment method for a verification platform, which is described in detail below.
Fig. 2 is a flowchart of an evaluation method of the verification platform according to an embodiment of the present disclosure. The subject of execution of the method may be a device with processing capabilities: the server or system or platform, for example, may be the collation platform of figure 1. As shown in fig. 2, the method specifically may include:
step 202, the verification platform receives the content information of the data record currently changed in the database sent by the data replication center.
The content information of the data record may be obtained by analyzing the change log of the database by the data replication center. Specifically, the collation platform may subscribe to the change log of the database in advance. After the subscription operation is completed, the data replication center may monitor the change log of the database. When a new change log is generated, the data replication center can acquire the change log. Of course, in practical applications, the data replication center may also periodically acquire the change log.
It should be noted that, due to different types of databases, the log format and log content of the corresponding change log are generally different. To mask this variability, the data replication center may parse the acquired change log to convert it to a change log in a common format, which may also be referred to as a standardized message. The standardized message may include at least content information of the data record currently being changed in the database. In addition, the database may also include a database name, a table name of the data table, an operation type, and the like. In this specification, content information of a data record may include a plurality of fields and corresponding field values. The field values herein may include values before the change as well as values after the change. Taking an add operation as an example, the value before modification can be understood as null, and the value after modification is the field value newly added.
After conversion to the standardized message described above, the data replication center may send the standardized message to the reconciliation platform. So that the collation platform can acquire the content information of the data record.
Step 204, obtaining a corresponding fault injection rule.
The fault injection rules here may be pre-pushed by the exercise platform. In one example, the exercise platform may push different fault injection rules for different data tables in different databases. In this example, the correspondence of the database, the data table, and the fault injection rule may be as shown in table 1.
TABLE 1
In practical applications, in order to ensure the accuracy of fault injection, the above correspondence may further include a fault injection field, which may be specifically shown in table 2.
TABLE 2
When the above correspondence relationship does not include the fault injection field, the fault injection field may be determined by analyzing the fault injection rule in the subsequent tampering process, which is not limited in this specification.
The fault injection rule may be set uniformly, that is, all databases and data tables may be set uniformly, which is not limited in this specification.
When different fault injection rules are set for different data tables in different databases, the database name of the database to which the currently changed data record belongs and the table name of the data table may also be read from the standardized message. And then, based on the corresponding relation among the database, the data table and the fault injection rules, acquiring the fault injection rules corresponding to the names of the database and the table. Taking table 1 as an example, when the library names are: library x, table name: in table a, the obtained fault injection rule may be: rule 1.
And 206, tampering the content information of the data record according to the fault injection rule.
The fault injection rules in this specification may have corresponding rule matching conditions. The rule matching condition includes at least a condition that field values of some or all of the fields in the data record are required to satisfy. Only when the rule matching condition is satisfied, the content information of the data record is tampered.
For example, assume that the content information of the data record is as follows: field a=1; field b=2; field c=3. The rule matching conditions of the obtained fault injection rule are as follows: if the field a=1 and the field b=2, the content information of the data record satisfies the rule matching condition, so that the content information of the data record can be tampered according to the fault injection rule.
Of course, in practical applications, the rule matching condition may not be set. And when the rule matching condition is not set, directly tampering the content information of the data record according to the fault injection rule.
Regarding the fault injection rule, it may be a tamper mode set by a pointer to a fault injection field, for example, a field value of the fault injection field may be increased by 1; alternatively, the field value of the fault injection field may be modified to an arbitrary value, or the like.
When the correspondence relationship further includes a fault injection field, step 206 may specifically be: based on the correspondence, a fault injection field is determined. For example, the fault injection field may be determined from table 2 according to the obtained fault injection rule. And selecting matched fields from a plurality of fields in the content information of the data record according to the fault injection fields. And tampering the field values corresponding to the matched fields according to the fault injection rule. Also taking the foregoing example as an example, assume that the fault injection field recorded in the correspondence relationship is: field C, and the fault injection rule is: and adding 1 to the field value, namely adding 1 to the field value of the field C in the content information of the data record to obtain a tampered field value: 4. namely, the content information of the tampered data record is as follows: field a=1; field b=2; field c=4.
Alternatively, after the content information of the tampered data record is obtained, the content information of the tampered data record may be stored locally. Specifically, the content information of the tampered data record may be stored in the corresponding storage unit in the form of key_value. The key value may include PK of the data record, and the value may include content information of the data record. Of course, in practical application, the key value may also include a library name, a table name, a correlation identifier, and the like of the data record.
And step 208, checking the tampered content information according to a preset checking rule to obtain a checking result.
The preset collation rules here may be used to compare the tampered content information with the content information of the corresponding data record in the target data table. The target data table herein may have a correlation with the data table to which the currently changed data record belongs. For example, when user A transfers to user B, the database generates two data records: an outgoing record for a and an incoming record for B, and the two data records are recorded into two data tables: data table a and data table B. If the current data record is the outgoing record of A, then data table B is the target data table.
When the collation platform further stores the content information of the tampered data record in the storage unit, the content information of the tampered data record may be read from the storage unit after the specified period of time. Of course, in practical application, the content information of the tampered data record may be directly read without the specified time interval, which is not limited in this specification.
After the content information of a certain tampered data record is read, the checking process may specifically be: and obtaining the correlation identifier of the current changed data record. And searching corresponding data records from all data records of the locally stored target data table according to the correlation identifier. If the content information is found, the content information of the corresponding data record is read. And comparing the tampered content information with the content information recorded by the corresponding data to obtain a checking result.
It will be appreciated that for the above comparison process, it is possible to compare some fields in the content information. As an example of the foregoing transfer of the user a to the user B, the field value of the transfer amount related field in the outgoing record of the data table a may be compared with the field value of the transfer amount related field in the incoming record of the data table B.
The obtained collation results can be used to evaluate the data difference discovery capability of the collation platform. If the data of the checking result is different, the data difference discovery capability of the checking platform is better. When the checking result is that the data is not different, the data difference discovery capability of the checking platform is poor.
Of course, in order to ensure accuracy of the evaluation, the data difference discovery capability of the collation platform may be evaluated based on the collation results of a plurality of times, which is not limited in this specification.
In summary, according to the evaluation method of the verification platform provided in one embodiment of the present disclosure, the data replication center analyzes the change log of the database to obtain the content information of the data record of the current change in the database. Then, the data copying center sends the content information of the data record to the checking platform, and the checking platform falsifies the content information and stores the content information in the storage unit, so that a series of problems caused by falsifying the data in the real database can be avoided. In addition, the collation platform can directly read data from the storage unit without accessing the genuine database during collation of the data, whereby the access pressure of the genuine database can be reduced.
Fig. 3 is a flowchart of an evaluation method of the verification platform according to another embodiment of the present disclosure. The subject of execution of the method may be a device with processing capabilities: the server or system or platform, for example, may be the data replication center of fig. 1. As shown in fig. 3, the method specifically may include:
step 302, a change log of a database is obtained.
Specifically, the collation platform may subscribe to the change log of the database in advance. After the subscription operation is completed, the data replication center may monitor the change log of the database. When a new change log is generated, the data replication center can acquire the change log. Of course, in practical applications, the data replication center may also periodically acquire the change log.
And step 304, analyzing the change log to obtain the content information of the data record of the current change in the database.
The log format and log content of their corresponding change logs are typically different due to the different types of databases. To mask this variability, the data replication center may parse the acquired change log to convert it to a change log in a common format, which may also be referred to as a standardized message. The standardized message may include at least content information of the data record currently being changed in the database. In addition, the database may also include a database name, a table name of the data table, an operation type, and the like. In this specification, content information of a data record may include a plurality of fields and corresponding field values. The field values herein may include values before the change as well as values after the change. Taking an add operation as an example, the value before modification can be understood as null, and the value after modification is the field value newly added.
And step 306, sending the content information of the data record to the verification platform.
After receiving the content information of the data record, the verification platform can acquire the corresponding fault injection rule. The fault injection rules may be pre-pushed by the exercise platform. In one example, the exercise platform may push different fault injection rules for different data tables in different databases. In this example, the correspondence of the database, the data table, and the fault injection rule may be as shown in table 1. Naturally, in practical application, the fault injection rule may be set uniformly, which is not limited in this specification.
When different fault injection rules are set for different data tables in different databases, the verification platform may also receive, from the data replication center, a library name of the database to which the currently changed data record belongs and a table name of the data table to which the currently changed data record belongs. And then, based on the corresponding relation among the database, the data table and the fault injection rules, acquiring the fault injection rules corresponding to the names of the database and the table. Taking table 1 as an example, when the library names are: library x, table name: in table a, the obtained fault injection rule may be: rule 1.
After the fault injection rule is obtained, the verification platform can tamper the content information of the data record according to the fault injection rule. The fault injection rules in this specification may have corresponding rule matching conditions. The rule matching condition includes at least a condition that field values of some or all of the fields in the data record are required to satisfy. Only when the rule matching condition is satisfied, the content information of the data record is tampered.
Of course, in practical applications, the rule matching condition may not be set. And when the rule matching condition is not set, directly tampering the content information of the data record according to the fault injection rule.
Regarding the fault injection rule, it may be a tamper mode set by a pointer to a fault injection field, for example, a field value of the fault injection field may be increased by 1; alternatively, the field value of the fault injection field may be modified to an arbitrary value, or the like.
The above-mentioned tampering process may specifically be: based on the correspondence, a fault injection field is determined. And selecting matched fields from a plurality of fields in the content information of the data record according to the fault injection fields. And tampering the field values corresponding to the matched fields according to the fault injection rule.
Alternatively, after the content information of the tampered data record is obtained, the content information of the tampered data record may be stored locally. Specifically, the content information of the tampered data record may be stored in the corresponding storage unit in the form of key_value. The key value may include PK of the data record, and the value may include content information of the data record. Of course, in practical application, the key value may also include a library name, a table name, a correlation identifier, and the like of the data record.
After the above-mentioned tampering process is completed, the verification platform can verify the tampered content information according to a preset verification rule so as to obtain a verification result.
The preset collation rules here may be used to compare the tampered content information with the content information of the corresponding data record in the target data table. The target data table herein may have a correlation with the data table to which the currently changed data record belongs. When the collation platform further stores the content information of the tampered data record in the storage unit, the content information of the tampered data record may be read from the storage unit after the specified period of time. Of course, in practical application, the content information of the tampered data record may be directly read without the specified time interval, which is not limited in this specification.
After the content information of a certain tampered data record is read, the checking process may specifically be: and obtaining the correlation identifier of the current changed data record. And searching corresponding data records from all data records of the locally stored target data table according to the correlation identifier. If the content information is found, the content information of the corresponding data record is read. And comparing the tampered content information with the content information recorded by the corresponding data to obtain a checking result.
It will be appreciated that for the above comparison process, it is possible to compare some fields in the content information.
The obtained collation results can be used to evaluate the data difference discovery capability of the collation platform. If the data of the checking result is different, the data difference discovery capability of the checking platform is better. When the checking result is that the data is not different, the data difference discovery capability of the checking platform is poor.
Of course, in order to ensure accuracy of the evaluation, the data difference discovery capability of the collation platform may be evaluated based on the collation results of a plurality of times, which is not limited in this specification.
In summary, the evaluation method of the verification platform provided by the embodiment of the specification can realize the evaluation of the verification platform under the condition that the data in the real database is not tampered, thereby ensuring the security of the real data.
Corresponding to the above evaluation method of the verification platform, an embodiment of the present disclosure further provides an evaluation apparatus of the verification platform, as shown in fig. 4, the apparatus may include:
and the receiving unit 402 is configured to receive content information of a data record currently changed in the database sent by the data replication center.
The content information of the data record is obtained by analyzing the change log of the database by the data replication center.
An obtaining unit 404, configured to obtain a corresponding fault injection rule.
And a tampering unit 406, configured to tamper the content information of the data record according to the fault injection rule acquired by the acquisition unit 404.
And a checking unit 408, configured to check the content information tampered by the tampering unit 406 according to a preset checking rule, so as to obtain a checking result. The collation results are used to evaluate the data difference discovery capability of the collation platform.
Optionally, the obtaining unit 404 is further configured to obtain a library name of the database and a table name of a data table to which the data record belongs.
The acquisition unit 404 may specifically be configured to:
based on the corresponding relation of the database, the data table and the fault injection rule, the fault injection rule corresponding to the name of the database and the name of the table is obtained.
Optionally, the fault injection rule has a corresponding rule matching condition.
Tampering unit 406 may be specifically used to:
and judging whether the content information of the data record meets the rule matching condition.
And if so, falsifying the content information of the data record according to the fault injection rule.
Optionally, the correspondence may further include a fault injection field, and the content information of the data record may include a plurality of fields and corresponding field values.
Tampering unit 406 may be specifically used to:
based on the correspondence, a fault injection field is determined.
And selecting matched fields from a plurality of fields in the content information of the data record according to the fault injection fields.
And tampering the field values corresponding to the matched fields according to the fault injection rule.
Optionally, the apparatus may further include:
and a storage unit 410 for locally storing the content information of the tampered data record.
The collation unit 408 may be specifically configured to:
after the interval is specified for a period of time, the content information of the locally stored tampered data record is read.
And according to a preset checking rule, checking the read content information of the tampered data record to obtain a checking result.
Optionally, the preset checking rule is used for comparing the tampered content information with the content information recorded in the corresponding data in the target data table.
The collation unit 408 may also be specifically configured to:
and obtaining the correlation identifier of the data record.
And searching corresponding data records from all data records of the locally stored target data table according to the correlation identifier.
If the content information is found, the content information of the corresponding data record is read.
And comparing the tampered content information with the content information recorded by the corresponding data to obtain a checking result.
The functions of the functional modules of the apparatus in the foregoing embodiments of the present disclosure may be implemented by the steps of the foregoing method embodiments, so that the specific working process of the apparatus provided in one embodiment of the present disclosure is not repeated herein.
In the evaluation device of the verification platform provided in one embodiment of the present disclosure, the receiving unit 402 receives content information of a data record currently changed in the database sent by the data replication center. The content information of the data record is obtained by analyzing the change log of the database by the data replication center. The acquisition unit 404 acquires the corresponding fault injection rule. The falsification unit 406 falsifies the content information of the data record according to the fault injection rule. The collation unit 408 collates the tampered content information according to a preset collation rule to obtain a collation result. The collation results are used to evaluate the data difference discovery capability of the collation platform. Thereby, the security of the real data is ensured.
The evaluation device of the verification platform provided in one embodiment of the present disclosure may be a module or unit of the verification platform in fig. 1.
Corresponding to the above evaluation method of the verification platform, an embodiment of the present disclosure further provides an evaluation apparatus of the verification platform, as shown in fig. 5, the apparatus may include:
an obtaining unit 502, configured to obtain a change log of the database.
And the parsing unit 504 is configured to parse the change log acquired by the acquiring unit 502 to obtain content information of the data record of the current change in the database.
And a transmitting unit 506 for transmitting the content information of the data record to the collation platform. The verification platform acquires the corresponding fault injection rule, and tampering is carried out on the content information of the data record according to the fault injection rule. And the verification platform is further enabled to verify the tampered content information according to a preset verification rule so as to obtain a verification result. The collation results are used to evaluate the data difference discovery capability of the collation platform.
The functions of the functional modules of the apparatus in the foregoing embodiments of the present disclosure may be implemented by the steps of the foregoing method embodiments, so that the specific working process of the apparatus provided in one embodiment of the present disclosure is not repeated herein.
The evaluation device of the verification platform provided by one embodiment of the specification can ensure the security of real data.
The evaluation device of the verification platform provided in one embodiment of the present disclosure may be a module or unit of the data replication center in fig. 1.
In correspondence with the above-described evaluation method of the collation platform, the embodiment of the present specification also provides an evaluation apparatus of the collation platform, as shown in fig. 6, which may include: memory 602, one or more processors 604, and one or more programs. Wherein the one or more programs are stored in the memory 602 and configured to be executed by the one or more processors 604, the programs when executed by the processor 604 performing the steps of:
and receiving the content information of the current changed data record in the database sent by the data replication center.
The content information of the data record is obtained by analyzing the change log of the database by the data replication center.
And obtaining a corresponding fault injection rule.
And tampering the content information of the data record according to the fault injection rule.
And according to a preset checking rule, checking the tampered content information to obtain a checking result. The collation results are used to evaluate the data difference discovery capability of the collation platform.
The evaluation device of the verification platform provided by one embodiment of the present specification can ensure the security of real data.
In correspondence with the above-described evaluation method of the collation platform, the embodiment of the present specification also provides an evaluation apparatus of the collation platform, as shown in fig. 7, which may include: memory 702, one or more processors 704, and one or more programs. Wherein the one or more programs are stored in the memory 702 and configured to be executed by the one or more processors 704, the programs when executed by the processor 704 performing the steps of:
and obtaining a change log of the database.
And analyzing the change log to obtain the content information of the data record of the current change in the database.
And sending the content information of the data record to the verification platform. The verification platform acquires the corresponding fault injection rule, and tampering is carried out on the content information of the data record according to the fault injection rule. And the verification platform is further enabled to verify the tampered content information according to a preset verification rule so as to obtain a verification result. The collation results are used to evaluate the data difference discovery capability of the collation platform.
The evaluation device of the verification platform provided by one embodiment of the present specification can ensure the security of real data.
In this specification, each embodiment is described in a progressive manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment mainly describes differences from other embodiments. In particular, for the apparatus embodiments, since they are substantially similar to the method embodiments, the description is relatively simple, and reference is made to the description of the method embodiments in part.
The steps of a method or algorithm described in connection with the disclosure herein may be embodied in hardware, or may be embodied in software instructions executed by a processor. The software instructions may be comprised of corresponding software modules that may be stored in RAM memory, flash memory, ROM memory, EPROM memory, EEPROM memory, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art. An exemplary storage medium is coupled to the processor such the processor can read information from, and write information to, the storage medium. In the alternative, the storage medium may be integral to the processor. The processor and the storage medium may reside in an ASIC. In addition, the ASIC may reside in a server. The processor and the storage medium may reside as discrete components in a server.
Those skilled in the art will appreciate that in one or more of the examples described above, the functions described in the present invention may be implemented in hardware, software, firmware, or any combination thereof. When implemented in software, these functions may be stored on or transmitted over as one or more instructions or code on a computer-readable medium. Computer-readable media includes both computer storage media and communication media including any medium that facilitates transfer of a computer program from one place to another. A storage media may be any available media that can be accessed by a general purpose or special purpose computer.
The foregoing describes specific embodiments of the present disclosure. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims can be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing are also possible or may be advantageous.
The foregoing detailed description of the embodiments has further described the objects, technical solutions and advantages of the present specification, and it should be understood that the foregoing description is only a detailed description of the embodiments of the present specification, and is not intended to limit the scope of the present specification, but any modifications, equivalents, improvements, etc. made on the basis of the technical solutions of the present specification should be included in the scope of the present specification.

Claims (14)

1. An assessment method for a verification platform, comprising:
the checking platform receives content information of a data record which is currently changed in a database and sent by the data replication center;
the content information of the data record is obtained by analyzing the change log of the database by a data replication center; the content information includes a plurality of fields and corresponding field values;
acquiring a corresponding fault injection rule;
tampering is carried out on the content information of the data record according to the fault injection rule;
according to a preset checking rule, checking the tampered content information to obtain a checking result; the checking result is used for evaluating the data difference discovery capability of the checking platform;
The tampering of the content information of the data record comprises:
analyzing the fault injection rule to obtain a fault injection field;
selecting a field matched with the fault injection field from the plurality of fields;
and tampering the field value corresponding to the matched field according to the fault injection rule.
2. The method of claim 1, further comprising:
acquiring a database name of the database and a table name of a data table to which the data record belongs;
the obtaining the corresponding fault injection rule includes:
and obtaining the fault injection rule corresponding to the library name and the table name based on the corresponding relation among the database, the data table and the fault injection rule.
3. The method of claim 1, the fault injection rule having a corresponding rule matching condition;
the falsifying the content information of the data record according to the fault injection rule comprises the following steps:
judging whether the content information of the data record meets the rule matching condition or not;
and if so, tampering the content information of the data record according to the fault injection rule.
4. The method of claim 1, further comprising, after said tampering with said content information of said data record:
Storing the content information of the tampered data record locally;
and according to a preset checking rule, checking the tampered content information to obtain a checking result, wherein the checking result comprises the following steps:
after the interval is specified for a long time, reading the content information of the tampered data record stored locally;
and according to the preset checking rule, checking the read content information of the tampered data record to obtain a checking result.
5. The method according to claim 4, wherein the preset checking rule is used for comparing the tampered content information with the content information recorded in the corresponding data in the target data table;
and according to a preset checking rule, checking the tampered content information to obtain a checking result, wherein the checking result comprises the following steps:
acquiring a correlation identifier of the data record;
searching corresponding data records from all data records of a locally stored target data table according to the correlation identifier;
if the content information is found, the content information of the corresponding data record is read;
and comparing the tampered content information with the content information of the corresponding data record to obtain the checking result.
6. An assessment method for a verification platform, comprising:
acquiring a change log of a database;
analyzing the change log to obtain content information of the current changed data record in the database; the content information includes a plurality of fields and corresponding field values;
transmitting the content information of the data record to a verification platform; the verification platform acquires a corresponding fault injection rule, and tampering is carried out on the content information of the data record according to the fault injection rule; the verification platform is further enabled to verify the tampered content information according to a preset verification rule, so that a verification result is obtained; the checking result is used for evaluating the data difference discovery capability of the checking platform;
the tampering of the content information of the data record comprises:
analyzing the fault injection rule to obtain a fault injection field;
selecting a field matched with the fault injection field from the plurality of fields;
and tampering the field value corresponding to the matched field according to the fault injection rule.
7. An evaluation device of a collation platform, comprising:
the receiving unit is used for receiving the content information of the data record which is currently changed in the database and is sent by the data replication center;
The content information of the data record is obtained by analyzing the change log of the database by a data replication center; the content information includes a plurality of fields and corresponding field values;
the acquisition unit is used for acquiring the corresponding fault injection rule;
a falsifying unit, configured to falsify content information of the data record according to the fault injection rule acquired by the acquiring unit;
the checking unit is used for checking the content information tampered by the tampering unit according to a preset checking rule so as to obtain a checking result; the checking result is used for evaluating the data difference discovery capability of the checking platform;
the tampering unit is specifically for:
analyzing the fault injection rule to obtain a fault injection field;
selecting a field matched with the fault injection field from the plurality of fields;
and tampering the field value corresponding to the matched field according to the fault injection rule.
8. The device according to claim 7,
the acquisition unit is further used for acquiring the library name of the database and the table name of the data table to which the data record belongs;
the acquisition unit is specifically configured to:
And acquiring fault injection rules corresponding to the library names and the table names based on the corresponding relation among the database, the data table and the fault injection rules.
9. The apparatus of claim 7, the fault injection rules having corresponding rule matching conditions;
the tampering unit is specifically for:
judging whether the content information of the data record meets the rule matching condition or not;
and if so, tampering the content information of the data record according to the fault injection rule.
10. The apparatus of claim 7, further comprising:
the storage unit is used for locally storing the content information of the tampered data record;
the checking unit is specifically configured to:
after the interval is specified for a long time, reading the content information of the tampered data record stored locally;
and according to the preset checking rule, checking the read content information of the tampered data record to obtain a checking result.
11. The apparatus of claim 10, wherein the preset collation rule is used for comparing the tampered content information with content information recorded in corresponding data in the target data table;
The checking unit is also specifically configured to:
acquiring a correlation identifier of the data record;
searching corresponding data records from all data records of a locally stored target data table according to the correlation identifier;
if the content information is found, the content information of the corresponding data record is read;
and comparing the tampered content information with the content information of the corresponding data record to obtain the checking result.
12. An evaluation device of a collation platform, comprising:
an acquisition unit configured to acquire a change log of a database;
the analysis unit is used for analyzing the change log acquired by the acquisition unit to acquire the content information of the data record of the current change in the database; the content information includes a plurality of fields and corresponding field values;
a transmitting unit for transmitting the content information of the data record to a collation platform; the verification platform acquires a corresponding fault injection rule, and tampering is carried out on the content information of the data record according to the fault injection rule; the verification platform is further enabled to verify the tampered content information according to a preset verification rule, so that a verification result is obtained; the checking result is used for evaluating the data difference discovery capability of the checking platform;
The tampering of the content information of the data record comprises:
analyzing the fault injection rule to obtain a fault injection field;
selecting a field matched with the fault injection field from the plurality of fields;
and tampering the field value corresponding to the matched field according to the fault injection rule.
13. An evaluation apparatus of a collation platform, comprising:
a memory;
one or more processors; and
one or more programs, wherein the one or more programs are stored in the memory and configured to be executed by the one or more processors, which when executed by the processors implement the steps of:
receiving content information of a data record which is currently changed in a database and sent by a data replication center;
the content information of the data record is obtained by analyzing the change log of the database by a data replication center; the content information includes a plurality of fields and corresponding field values;
acquiring a corresponding fault injection rule;
tampering is carried out on the content information of the data record according to the fault injection rule;
according to a preset checking rule, checking the tampered content information to obtain a checking result; the checking result is used for evaluating the data difference discovery capability of the checking platform;
The tampering of the content information of the data record comprises:
analyzing the fault injection rule to obtain a fault injection field;
selecting a field matched with the fault injection field from the plurality of fields;
and tampering the field value corresponding to the matched field according to the fault injection rule.
14. An evaluation apparatus of a collation platform, comprising:
a memory;
one or more processors; and
one or more programs, wherein the one or more programs are stored in the memory and configured to be executed by the one or more processors, which when executed by the processors implement the steps of:
acquiring a change log of a database;
analyzing the change log to obtain content information of the current changed data record in the database; the content information includes a plurality of fields and corresponding field values;
transmitting the content information of the data record to a verification platform; the verification platform acquires a corresponding fault injection rule, and tampering is carried out on the content information of the data record according to the fault injection rule; the verification platform is further enabled to verify the tampered content information according to a preset verification rule, so that a verification result is obtained; the checking result is used for evaluating the data difference discovery capability of the checking platform;
The tampering of the content information of the data record comprises:
analyzing the fault injection rule to obtain a fault injection field;
selecting a field matched with the fault injection field from the plurality of fields;
and tampering the field value corresponding to the matched field according to the fault injection rule.
CN201910130759.4A 2019-02-21 2019-02-21 Assessment method, device and equipment for verification platform Active CN110020550B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910130759.4A CN110020550B (en) 2019-02-21 2019-02-21 Assessment method, device and equipment for verification platform

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910130759.4A CN110020550B (en) 2019-02-21 2019-02-21 Assessment method, device and equipment for verification platform

Publications (2)

Publication Number Publication Date
CN110020550A CN110020550A (en) 2019-07-16
CN110020550B true CN110020550B (en) 2023-09-05

Family

ID=67189061

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910130759.4A Active CN110020550B (en) 2019-02-21 2019-02-21 Assessment method, device and equipment for verification platform

Country Status (1)

Country Link
CN (1) CN110020550B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110673993B (en) * 2019-09-19 2023-05-05 聚好看科技股份有限公司 Fault injection method, platform and system
CN111339100B (en) * 2020-02-28 2023-05-26 中国工商银行股份有限公司 Data checking method and device
CN112148721B (en) * 2020-09-25 2022-08-19 新华三大数据技术有限公司 Data checking method and device, electronic equipment and storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101458705A (en) * 2008-12-29 2009-06-17 阿里巴巴集团控股有限公司 Data collating method between different utility systems, apparatus and system
CN105989059A (en) * 2015-02-09 2016-10-05 阿里巴巴集团控股有限公司 Data record checking method and device
CN106326219A (en) * 2015-06-16 2017-01-11 阿里巴巴集团控股有限公司 Business system data check method, apparatus and system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101458705A (en) * 2008-12-29 2009-06-17 阿里巴巴集团控股有限公司 Data collating method between different utility systems, apparatus and system
CN105989059A (en) * 2015-02-09 2016-10-05 阿里巴巴集团控股有限公司 Data record checking method and device
CN106326219A (en) * 2015-06-16 2017-01-11 阿里巴巴集团控股有限公司 Business system data check method, apparatus and system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
"同步数字体系网络管理双机冗余数据安全机制及离线操作的研究与应用";黄斌;《广东电力》;20091125;第58-61页 *

Also Published As

Publication number Publication date
CN110020550A (en) 2019-07-16

Similar Documents

Publication Publication Date Title
CN109474488B (en) Interface testing method and device and computer equipment
CN111177005B (en) Service application testing method, device, server and storage medium
CN106656536B (en) Method and equipment for processing service calling information
CN110020550B (en) Assessment method, device and equipment for verification platform
US10102108B2 (en) Injected instrumentation application monitoring and management
CN110222042B (en) Method, device, equipment and system architecture for determining checked business data
CN111092880B (en) Network traffic data extraction method and device
CN114116496A (en) Automatic testing method, device, equipment and medium
CN111427796A (en) System testing method and device and electronic equipment
CN114022151A (en) Block chain data visualization method and system, electronic device and storage medium
CN110046086B (en) Expected data generation method and device for test and electronic equipment
CN111913880A (en) Application software testing method and device
CN114595765A (en) Data processing method and device, electronic equipment and storage medium
CN116775620B (en) Multi-party data-based risk identification method, device, equipment and storage medium
CN110737650A (en) Data quality detection method and device
CN108763916B (en) Service interface security assessment method and device
CN111767213B (en) Database check point testing method and device, electronic equipment and storage medium
CN117499287A (en) Web testing method, device, storage medium and proxy server
CN112148574A (en) Performance data acquisition method, computer equipment and storage medium
CN115525575A (en) Data automation testing method and system based on Dataworks platform
CN113360363B (en) Method, device, equipment and computer storage medium for testing micro service system
CN115455059A (en) Method, device and related medium for analyzing user behavior based on underlying data
CN113868137A (en) Method, device and system for processing buried point data and server
CN112860722A (en) Data checking method and device, electronic equipment and readable storage medium
CN113220594A (en) Automatic testing method, device, equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right

Effective date of registration: 20201019

Address after: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands

Applicant after: Innovative advanced technology Co.,Ltd.

Address before: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands

Applicant before: Advanced innovation technology Co.,Ltd.

Effective date of registration: 20201019

Address after: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands

Applicant after: Advanced innovation technology Co.,Ltd.

Address before: A four-storey 847 mailbox in Grand Cayman Capital Building, British Cayman Islands

Applicant before: Alibaba Group Holding Ltd.

TA01 Transfer of patent application right
GR01 Patent grant
GR01 Patent grant