CN112559995A - Computer data safety intelligent management system - Google Patents
Computer data safety intelligent management system Download PDFInfo
- Publication number
- CN112559995A CN112559995A CN202110132245.XA CN202110132245A CN112559995A CN 112559995 A CN112559995 A CN 112559995A CN 202110132245 A CN202110132245 A CN 202110132245A CN 112559995 A CN112559995 A CN 112559995A
- Authority
- CN
- China
- Prior art keywords
- data
- module
- computer
- monitoring
- computer data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000012544 monitoring process Methods 0.000 claims abstract description 31
- 230000002265 prevention Effects 0.000 claims abstract description 18
- 238000007726 management method Methods 0.000 claims abstract description 14
- 238000013500 data storage Methods 0.000 claims abstract description 13
- 238000000034 method Methods 0.000 claims abstract description 10
- 238000013515 script Methods 0.000 claims description 12
- 230000005540 biological transmission Effects 0.000 claims description 4
- 238000012545 processing Methods 0.000 claims description 4
- 206010000117 Abnormal behaviour Diseases 0.000 claims description 3
- 238000011156 evaluation Methods 0.000 claims description 3
- 230000003068 static effect Effects 0.000 claims description 3
- 238000012549 training Methods 0.000 description 4
- 238000012795 verification Methods 0.000 description 4
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 239000012466 permeate Substances 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Automation & Control Theory (AREA)
- Alarm Systems (AREA)
Abstract
The invention relates to the field of data security, in particular to a computer data security intelligent management system, which comprises: the identity recognition module is used for realizing the dynamic recognition of the user identity; the intelligent data storage module is used for realizing the arrangement of computer data and realizing the partitioned storage of the computer data in a random encryption mode; the operation environment building module is used for building a corresponding computer data operation environment according to the identification result of the user identity; the operation process monitoring module is used for calling the corresponding operation habit model and the corresponding safety monitoring model according to the identification result of the user identity to realize the monitoring of the user operation process and driving the corresponding emergency prevention and control module according to the monitoring result; and the emergency prevention and control module is used for revising the data storage mode and the environment of the computer according to the monitoring result of the operation flow monitoring module. The invention can realize the intelligent supervision of the computer data, thereby ensuring the safety of the computer internal data.
Description
Technical Field
The invention relates to the field of data security, in particular to an intelligent management system for computer data security.
Background
With the rapid development of computer technology and Internet and the frequent occurrence of network information security events in recent years, computer information security problems gradually permeate into various industry fields and become the focus of attention of people. In order to prevent the occurrence of computer information security events in advance and avoid loss, the supervision of computer data becomes a key link for guaranteeing the computer information security.
Disclosure of Invention
The invention aims to provide a computer data safety intelligent management system which can realize intelligent supervision of computer data so as to ensure the safety of computer internal data.
The invention is realized by the following technical scheme:
computer data security intelligent management system includes:
the identity recognition module is used for realizing the dynamic recognition of the user identity;
the intelligent data storage module is used for realizing the arrangement of computer data and realizing the partitioned storage of the computer data in a random encryption mode;
the operation environment building module is used for building a corresponding computer data operation environment according to the identification result of the user identity;
the operation process monitoring module is used for calling the corresponding operation habit model and the corresponding safety monitoring model according to the identification result of the user identity to realize the monitoring of the user operation process and driving the corresponding emergency prevention and control module according to the monitoring result;
and the emergency prevention and control module is used for revising the data storage mode and the environment of the computer according to the monitoring result of the operation flow monitoring module.
Further, each time an abnormal behavior is found, namely the behavior does not conform to the operation habit model, the identity recognition module is started once, the user is guided to finish the corresponding identity verification operation according to the indication in a pop-up dialog box mode, and the identity verification indexes adopted by the identity recognition module are different every time.
Furthermore, the intelligent data storage module is used for finishing the classification and the arrangement of data according to a preset data processing rule, establishing an association relationship between the data and then realizing the partitioned storage of the data in a random encryption mode.
Furthermore, the operation environment building module is used for releasing the data in the operation authority according to the identification result of the user identity, releasing the control command execution code in the operation authority and releasing the data transmission channel in the operation authority.
Further, each time data access is completed, namely the data operation is completed by the user from the time when the user inputs authentication information to send out data request access to the user, and the data access is quitted, the random secret key is automatically updated once.
Furthermore, the operation flow monitoring module is deployed on a computer in a static jar package mode, the operation habit model is obtained by training based on historical operation script data of a user, and the safety monitoring model is obtained by training based on dangerous operation flow script data.
Furthermore, different operation flow evaluation results correspond to different emergency prevention and control execution scripts, and the emergency prevention and control module realizes revision of a computer data storage mode and an environment by running the corresponding emergency prevention and control execution scripts.
The invention has the following beneficial effects:
1) the construction of a user operation environment is realized by adopting a mode of locking/releasing data, control command execution codes and data transmission channels in the operation authority, and a safe environment is created for each data operation, so that the data security of the computer is ensured;
2) by monitoring the data operation process, the risk factors existing in the data operation process can be found in time, corresponding emergency prevention and control are carried out, and the safety of the computer internal data is further ensured;
3) when the data access is completed once, namely the data operation is completed by the user from the time when the user inputs the authentication information to send out the data request access, and the data access is quitted, the random secret key is automatically updated once, so that the difficulty of deciphering the secret key is greatly increased, and the safety of the data loaded in the computer is guaranteed.
Drawings
Fig. 1 is a system block diagram of a computer data security intelligent management system according to an embodiment of the present invention.
Detailed Description
In order to make the technical problems, technical solutions and advantages of the present invention more apparent, the following detailed description is given with reference to the accompanying drawings and specific embodiments.
As shown in fig. 1, an embodiment of the present invention provides a computer data security intelligent management system, including:
the identity recognition module is used for realizing the dynamic recognition of the user identity;
the intelligent data storage module is used for realizing the arrangement of computer data and realizing the partitioned storage of the computer data in a random encryption mode;
the operation environment building module is used for building a corresponding computer data operation environment according to the identification result of the user identity;
the operation process monitoring module is used for calling the corresponding operation habit model and the corresponding safety monitoring model according to the identification result of the user identity to realize the monitoring of the user operation process and driving the corresponding emergency prevention and control module according to the monitoring result;
the emergency prevention and control module is used for revising the data storage mode and the environment of the computer according to the monitoring result of the operation flow monitoring module;
and the central processing module is used for coordinating the work of the modules.
In this embodiment, each time an abnormal behavior is found, that is, a behavior that does not conform to the operation habit model, the identity recognition module is started once, and the user is guided to complete the corresponding identity verification operation according to the instruction in a pop-up dialog mode, and the identity verification indexes adopted by the identity recognition module are different each time.
In this embodiment, the intelligent data storage module is configured to complete classification and arrangement of data according to a preset data processing rule, establish an association relationship between data, and then implement partitioned storage of data in a random encryption manner.
In this embodiment, the operating environment building module is configured to release the data permission in the operating permission according to the identification result of the user identity, release the control command execution code in the operating permission, and release the data transmission channel in the operating permission.
In this embodiment, each time data access is completed, that is, after a user enters authentication information to send a data request access and finishes a data operation, and quits the data access, the random key is automatically updated once.
In this embodiment, the operation flow monitoring module is deployed on a computer in a form of a static jar package, the operation habit model is obtained by training based on user historical operation script data, and the safety monitoring model is obtained by training based on dangerous operation flow script data.
In this embodiment, different operation flow evaluation results correspond to different emergency prevention and control execution scripts, and the emergency prevention and control module revises the computer data storage mode and the environment by running the corresponding emergency prevention and control execution scripts.
While the foregoing is directed to the preferred embodiment of the present invention, it will be understood by those skilled in the art that various changes and modifications may be made without departing from the spirit and scope of the invention as defined in the appended claims.
Claims (7)
1. Computer data security intelligent management system, its characterized in that includes:
the identity recognition module is used for realizing the dynamic recognition of the user identity;
the intelligent data storage module is used for realizing the arrangement of computer data and realizing the partitioned storage of the computer data in a random encryption mode;
the operation environment building module is used for building a corresponding computer data operation environment according to the identification result of the user identity;
the operation process monitoring module is used for calling the corresponding operation habit model and the corresponding safety monitoring model according to the identification result of the user identity to realize the monitoring of the user operation process and driving the corresponding emergency prevention and control module according to the monitoring result;
and the emergency prevention and control module is used for revising the data storage mode and the environment of the computer according to the monitoring result of the operation flow monitoring module.
2. The computer data security intelligent management system of claim 1, wherein the identity recognition module is activated once every time an abnormal behavior is found, that is, a behavior that does not conform to the operation habit model, to guide the user to complete the corresponding authentication operation as instructed in a pop-up dialog mode, and the authentication indexes adopted by the identity recognition module are different every time.
3. The computer data security intelligent management system according to claim 1, wherein the data intelligent storage module is configured to complete classification and arrangement of data according to preset data processing rules, establish an association relationship between data, and then implement partitioned storage of data in a random encryption manner.
4. The computer data security intelligent management system of claim 1, wherein the operating environment building module is configured to release data in its operating right according to the identification result of the user identity, release the control command execution code in its operating right, and release the data transmission channel in its operating right.
5. The intelligent management system for computer data security as claimed in claim 1, wherein the random key is automatically updated once each time data access is completed, starting from when a user enters authentication information to send a data request access until the user completes data operation and quits data access.
6. The computer data security intelligent management system of claim 1, wherein the operation flow monitoring module is deployed on the computer in a static jar package, the operation habit model is trained based on user historical operation script data, and the security monitoring model is trained based on dangerous operation flow script data.
7. The computer data security intelligent management system of claim 1, wherein different operation flow evaluation results correspond to different emergency prevention and control execution scripts, and the emergency prevention and control module realizes revision of a computer data storage mode and an environment by running the corresponding emergency prevention and control execution scripts.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110132245.XA CN112559995A (en) | 2021-01-31 | 2021-01-31 | Computer data safety intelligent management system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110132245.XA CN112559995A (en) | 2021-01-31 | 2021-01-31 | Computer data safety intelligent management system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112559995A true CN112559995A (en) | 2021-03-26 |
Family
ID=75035876
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110132245.XA Pending CN112559995A (en) | 2021-01-31 | 2021-01-31 | Computer data safety intelligent management system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112559995A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113065129A (en) * | 2021-04-09 | 2021-07-02 | 湖南汽车工程职业学院 | Computer information safety real-time monitoring system |
| CN113158152A (en) * | 2021-05-13 | 2021-07-23 | 广西科技师范学院 | Computer intelligent auxiliary system based on behavior analysis |
| CN113542232A (en) * | 2021-06-23 | 2021-10-22 | 广州欢享网络科技有限公司 | Website data safety protection system based on big data |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107818261A (en) * | 2017-09-12 | 2018-03-20 | 王振铎 | A kind of computer information safe stocking system |
| CN108881327A (en) * | 2018-09-29 | 2018-11-23 | 德州职业技术学院(德州市技师学院) | A kind of computer internet information safety control system based on cloud computing |
| CN109858212A (en) * | 2019-01-21 | 2019-06-07 | 深圳市能信安科技股份有限公司 | Personal identification method, device and terminal for numerical ciphers soft keyboard |
| CN110308661A (en) * | 2019-06-06 | 2019-10-08 | 美的集团股份有限公司 | Smart machine control method and device based on machine learning |
-
2021
- 2021-01-31 CN CN202110132245.XA patent/CN112559995A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107818261A (en) * | 2017-09-12 | 2018-03-20 | 王振铎 | A kind of computer information safe stocking system |
| CN108881327A (en) * | 2018-09-29 | 2018-11-23 | 德州职业技术学院(德州市技师学院) | A kind of computer internet information safety control system based on cloud computing |
| CN109858212A (en) * | 2019-01-21 | 2019-06-07 | 深圳市能信安科技股份有限公司 | Personal identification method, device and terminal for numerical ciphers soft keyboard |
| CN110308661A (en) * | 2019-06-06 | 2019-10-08 | 美的集团股份有限公司 | Smart machine control method and device based on machine learning |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113065129A (en) * | 2021-04-09 | 2021-07-02 | 湖南汽车工程职业学院 | Computer information safety real-time monitoring system |
| CN113158152A (en) * | 2021-05-13 | 2021-07-23 | 广西科技师范学院 | Computer intelligent auxiliary system based on behavior analysis |
| CN113542232A (en) * | 2021-06-23 | 2021-10-22 | 广州欢享网络科技有限公司 | Website data safety protection system based on big data |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112559995A (en) | Computer data safety intelligent management system | |
| US7950044B2 (en) | Centrally managed proxy-based security for legacy automation systems | |
| CN100419737C (en) | Application authentication system, secure device, and terminal device | |
| CN102742243B (en) | Method and device for checking a configuration modification for an IED | |
| CN109617706B (en) | Industrial control system protection method and industrial control system protection device | |
| CN108227646B (en) | Operator identification system | |
| CN112269989A (en) | Computer data safety system | |
| CN103020495A (en) | Embedded-type software anti-piracy encryption method | |
| US9645566B2 (en) | Physical presence verification by an industrial control system controller | |
| CN113268716A (en) | Authorization verification system, method and device for application and storage medium | |
| EP3179323B1 (en) | Method and system for detecting a plc in a scada system that is sending false telemetry data | |
| US10867077B2 (en) | Method of accessing functions of an embedded device | |
| CN110611659B (en) | Method, device and system for protecting service essence of power monitoring system | |
| CN110322607B (en) | Access control system and control method | |
| US20190102541A1 (en) | Apparatus and method for defending against unauthorized modification of programs | |
| CN115102731A (en) | Safety interaction method based on identity authentication of industrial Internet of things equipment | |
| CN113225316B (en) | Network security defense method and system for security and stability control system | |
| CN112507386A (en) | Computer data full-intelligent safety management system | |
| KR102195758B1 (en) | Method and apparatus for executing authentication of nuclear digital controller based on one time password | |
| KR101576242B1 (en) | Security management system and method for server accessible by temporarily authorized worker | |
| CN106789929A (en) | A kind of industrial robot information security management method of facing cloud control platform | |
| CN114615075B (en) | Software tamper-proof system and method of controller and storage medium | |
| CN117540357B (en) | Data security management method based on machine learning | |
| CN116991778A (en) | DCS controller serial port safety access method, system, equipment and storage medium | |
| Dahl et al. | Type-based automated verification of authenticity in asymmetric cryptographic protocols |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210326 |
|
| RJ01 | Rejection of invention patent application after publication |