CN112269989A - Computer data safety system - Google Patents
Computer data safety system Download PDFInfo
- Publication number
- CN112269989A CN112269989A CN202011271967.5A CN202011271967A CN112269989A CN 112269989 A CN112269989 A CN 112269989A CN 202011271967 A CN202011271967 A CN 202011271967A CN 112269989 A CN112269989 A CN 112269989A
- Authority
- CN
- China
- Prior art keywords
- data
- monitoring
- module
- identity
- security system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000012544 monitoring process Methods 0.000 claims abstract description 47
- 230000002159 abnormal effect Effects 0.000 claims description 8
- 238000006243 chemical reaction Methods 0.000 claims description 3
- 238000011156 evaluation Methods 0.000 claims description 3
- 230000003068 static effect Effects 0.000 claims description 3
- 238000004806 packaging method and process Methods 0.000 claims 1
- 230000006399 behavior Effects 0.000 description 11
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000000034 method Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 239000012466 permeate Substances 0.000 description 1
- 238000012549 training Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Automation & Control Theory (AREA)
- Databases & Information Systems (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to the field of data security, in particular to a computer data security system, which comprises: the identity monitoring module is used for realizing dynamic monitoring of the identity of the user; the authority configuration module is used for configuring different data access, operation authority and internal and external network connection authority according to different user identity monitoring results; and the operation state monitoring module is used for realizing the real-time monitoring of the current user operation state in a script recording and real-time monitoring mode. The invention can realize the comprehensive supervision of the computer data and provides guarantee for the safety of computer information.
Description
Technical Field
The invention relates to the field of data security, in particular to a computer data security system.
Background
With the rapid development of computer technology and Internet and the frequent occurrence of network information security events in recent years, computer information security problems gradually permeate into various industry fields and become the focus of attention of people. In order to prevent the occurrence of computer information security events in advance and avoid loss, the supervision of computer data becomes a key link for guaranteeing the computer information security.
Disclosure of Invention
The invention aims to provide a computer data security system, which can realize the comprehensive supervision of computer data and provide guarantee for the security of computer information.
The invention is realized by the following technical scheme:
a computer data security system comprising:
the identity monitoring module is used for realizing dynamic monitoring of the identity of the user;
the authority configuration module is used for configuring different data access, operation authority and internal and external network connection authority according to different user identity monitoring results;
and the operation state monitoring module is used for realizing the real-time monitoring of the current user operation state in a script recording and real-time monitoring mode.
Further, the identity monitoring module requires a user to complete the identity recognition operation according to the indication in a mode of popping up an identity recognition dialog box at regular time.
Further, the data which does not fall into the data access authority is stored in an encryption and hiding mode.
Further, the operation state monitoring module is deployed on the computer in the form of a static jar package.
Furthermore, the authority configuration module carries a data conversion module for converting the data falling into the access and operation authority into an accessible and operable state.
Furthermore, an access authority cutting-off module is loaded in the authority configuration module, and is started when the dynamic identity monitoring is abnormal and/or the operation state monitoring result is abnormal, so that the locking and wrapping operation of the whole database data is realized in a random encryption mode.
Further, the operation state monitoring module realizes real-time identification and evaluation of the operation script data based on the operation state identification model.
Further, still include:
the data dynamic monitoring module is used for realizing dynamic monitoring of data loaded in a database, each data dynamic behavior triggers the short message editing and sending module, the short message editing and sending module is used for sending the generated data dynamic behavior to the corresponding manager terminal in a short message mode, and the manager terminal inputs the corresponding secret key to finish the storage operation of the corresponding data dynamic behavior.
The invention has the following beneficial effects:
1) by dynamic monitoring of the user identity, the situation that the computer is remotely controlled can be avoided, and therefore the safety of computer data can be remarkably improved.
2) Based on the monitoring of the user state operation behavior and the database data dynamic behavior, the abnormal operation behavior of the user in the data access operation process can be found in time; the access authority cutting-off module adopts the whole database locking and the package operation to stop the continuous operation of abnormal operation behavior in time, thereby further improving the security of computer data.
3) Data which do not fall into the data access authority are stored in an encryption and hiding mode, and exposure of data which are not in the authority can be avoided as far as possible.
Drawings
FIG. 1 is a system block diagram of a computer data security system of the present invention.
Detailed Description
In order to make the technical problems, technical solutions and advantages of the present invention more apparent, the following detailed description is given with reference to the accompanying drawings and specific embodiments.
As shown in fig. 1, an embodiment of the present invention provides a computer data security system, including:
the identity monitoring module is used for realizing dynamic monitoring of the identity of the user;
the authority configuration module is used for configuring different data access, operation authority and internal and external network connection authority according to different user identity monitoring results;
the operation state monitoring module is used for realizing the real-time monitoring of the current user operation state in a script recording and real-time monitoring mode;
the data dynamic monitoring module is used for realizing dynamic monitoring of data loaded in a database, each data dynamic behavior triggers the short message editing and sending module, the short message editing and sending module is used for sending the generated data dynamic behavior to the corresponding manager terminal in a short message mode, and the manager terminal inputs the corresponding secret key to finish the storage operation of the corresponding data dynamic behavior.
In this embodiment, the identity monitoring module requires a user to complete an identity recognition operation according to an instruction in a mode of popping up an identity recognition dialog box at regular time; the user needs to input corresponding identity information, such as a dynamic short message verification code, biological characteristics and the like, so that the user can judge that the identity identification fails and the access right cutting-off module is started by identity identification if the user does not input the identity information within a preset time.
In this embodiment, the data that does not fall into the data access right is stored in an encryption coding and hiding manner.
In this embodiment, the operation status monitoring module is deployed on the computer in the form of a static jar package. The operation state monitoring module realizes real-time identification and evaluation of operation script data based on the operation state identification model. The operation state identification module is obtained by training based on historical operation state script data and corresponding operation behaviors and safety indexes.
In this embodiment, the authority configuration module is loaded with a data conversion module, and is configured to convert data falling into the access and operation authority into an accessible and operable state.
In this embodiment, the right configuration module is internally loaded with an access right cutoff module, and is started when the dynamic identity monitoring is abnormal and/or the operation state monitoring result is abnormal, so as to realize the locking and wrapping operations of the whole database data in a random encryption manner.
While the foregoing is directed to the preferred embodiment of the present invention, it will be understood by those skilled in the art that various changes and modifications may be made without departing from the spirit and scope of the invention as defined in the appended claims.
Claims (8)
1. A computer data security system, comprising:
the identity monitoring module is used for realizing dynamic monitoring of the identity of the user;
the authority configuration module is used for configuring different data access, operation authority and internal and external network connection authority according to different user identity monitoring results;
and the operation state monitoring module is used for realizing the real-time monitoring of the current user operation state in a script recording and real-time monitoring mode.
2. The computer data security system of claim 1, wherein the identity monitoring module requires the user to perform the identity recognition operation as directed in a mode in which an identity recognition dialog box is timed to pop up.
3. A computer data security system as claimed in claim 1, wherein data not falling under data access rights is stored in an encrypted coded + hidden manner.
4. The computer data security system of claim 1, wherein the operational status monitoring module is deployed on the computer in the form of a static jar package.
5. A computer data security system as claimed in claim 1, wherein the rights configuration module carries a data conversion module for converting data falling within the access, operating rights into an accessible, operable state.
6. The computer data security system of claim 1, wherein the right configuration module carries an access right cut-off module, which is started when the dynamic identity monitoring is abnormal and/or the operation state monitoring result is abnormal, and realizes the locking and packaging operations of the whole database data in a random encryption manner.
7. The computer data security system of claim 1, wherein the operational state monitoring module implements real-time identification evaluation of operational script data based on an operational state identification model.
8. The computer data security system of claim 1, further comprising:
the data dynamic monitoring module is used for realizing dynamic monitoring of data loaded in a database, each data dynamic behavior triggers the short message editing and sending module, the short message editing and sending module is used for sending the generated data dynamic behavior to the corresponding manager terminal in a short message mode, and the manager terminal inputs the corresponding secret key to finish the storage operation of the corresponding data dynamic behavior.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011271967.5A CN112269989A (en) | 2020-11-13 | 2020-11-13 | Computer data safety system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011271967.5A CN112269989A (en) | 2020-11-13 | 2020-11-13 | Computer data safety system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN112269989A true CN112269989A (en) | 2021-01-26 |
Family
ID=74339354
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202011271967.5A Pending CN112269989A (en) | 2020-11-13 | 2020-11-13 | Computer data safety system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112269989A (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113065129A (en) * | 2021-04-09 | 2021-07-02 | 湖南汽车工程职业学院 | Computer information safety real-time monitoring system |
CN113158153A (en) * | 2021-05-19 | 2021-07-23 | 杭州市电力设计院有限公司余杭分公司 | Reading authentication management system based on intelligent power grid database |
CN113254994A (en) * | 2021-05-27 | 2021-08-13 | 平安普惠企业管理有限公司 | Database access method and device, storage medium and computer equipment |
CN114664028A (en) * | 2022-03-30 | 2022-06-24 | 龚奕 | Financial self-service equipment and management system |
CN114726641A (en) * | 2022-04-26 | 2022-07-08 | 王善侠 | Security authentication method and system based on computer |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040264697A1 (en) * | 2003-06-27 | 2004-12-30 | Microsoft Corporation | Group security |
CN103152560A (en) * | 2013-04-03 | 2013-06-12 | 北京瑞迅宏成数据通信技术有限公司 | Intelligent monitoring equipment for the 3rd generation telecommunication (3G) videos and short message remote activation method for intelligent monitoring equipment |
CN108092999A (en) * | 2018-02-08 | 2018-05-29 | 王振辉 | A kind of Computer Data Security shared platform |
CN110597691A (en) * | 2019-09-24 | 2019-12-20 | 河北环境工程学院 | Computer monitoring system |
-
2020
- 2020-11-13 CN CN202011271967.5A patent/CN112269989A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040264697A1 (en) * | 2003-06-27 | 2004-12-30 | Microsoft Corporation | Group security |
CN103152560A (en) * | 2013-04-03 | 2013-06-12 | 北京瑞迅宏成数据通信技术有限公司 | Intelligent monitoring equipment for the 3rd generation telecommunication (3G) videos and short message remote activation method for intelligent monitoring equipment |
CN108092999A (en) * | 2018-02-08 | 2018-05-29 | 王振辉 | A kind of Computer Data Security shared platform |
CN110597691A (en) * | 2019-09-24 | 2019-12-20 | 河北环境工程学院 | Computer monitoring system |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113065129A (en) * | 2021-04-09 | 2021-07-02 | 湖南汽车工程职业学院 | Computer information safety real-time monitoring system |
CN113158153A (en) * | 2021-05-19 | 2021-07-23 | 杭州市电力设计院有限公司余杭分公司 | Reading authentication management system based on intelligent power grid database |
CN113254994A (en) * | 2021-05-27 | 2021-08-13 | 平安普惠企业管理有限公司 | Database access method and device, storage medium and computer equipment |
CN114664028A (en) * | 2022-03-30 | 2022-06-24 | 龚奕 | Financial self-service equipment and management system |
CN114726641A (en) * | 2022-04-26 | 2022-07-08 | 王善侠 | Security authentication method and system based on computer |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN112269989A (en) | Computer data safety system | |
CN111801927B (en) | Method associated with industrial data verification and system that facilitates industrial data verification | |
CN102171652B (en) | The method providing trusted software for electronic installation | |
CN108540483A (en) | A kind of apparatus monitoring method and device based on block chain | |
Phillips et al. | An evaluation of machine learning-based anomaly detection in a SCADA system using the modbus protocol | |
CN111914274A (en) | Full-process block chain system based on multiple information sources | |
CN102542143A (en) | Method and device for acquiring and storing process data, and system for processing process data | |
CN111083153A (en) | Service access method, device and equipment between medical interfaces and readable storage medium | |
CN115964728A (en) | File encryption method and device based on consensus algorithm | |
CN111884814A (en) | Method and system for preventing counterfeiting of intelligent terminal | |
CN114817982A (en) | Multi-party computing control method, device and equipment for providing privacy protection | |
CN108737353A (en) | A kind of data ciphering method and device based on data analysis system | |
CN113672972A (en) | Important asset safety monitoring method based on middleboxes | |
CN112507386A (en) | Computer data full-intelligent safety management system | |
CN110941236A (en) | PLC safety monitoring and dynamic measuring method and system | |
CN116049905A (en) | Tamper-proof system based on detecting system file change | |
CN112905994B (en) | Remote vulnerability patch program protection method and system | |
CN111414341B (en) | Data normalization description method in Internet of things environment | |
CN107835243A (en) | A kind of data transmission method, system, electronic equipment and storage medium | |
Wang | Smart grid, automation, and scada systems security | |
CN113660205A (en) | Software authorization code encryption method | |
CN112926072A (en) | Real-time data transmission method and system and file access concurrency control method | |
CN114679324B (en) | Data exchange method, tool, system, equipment and medium | |
CN110717078A (en) | Beauty shop business data monitoring method, device, equipment and medium | |
CN115801695A (en) | License code entry method, device, equipment and storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210126 |