CN116432224A - Distributed data desensitizing method for multisource business data flow - Google Patents
Distributed data desensitizing method for multisource business data flow Download PDFInfo
- Publication number
- CN116432224A CN116432224A CN202310356526.2A CN202310356526A CN116432224A CN 116432224 A CN116432224 A CN 116432224A CN 202310356526 A CN202310356526 A CN 202310356526A CN 116432224 A CN116432224 A CN 116432224A
- Authority
- CN
- China
- Prior art keywords
- data
- node
- desensitization
- state
- node state
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/21—Design, administration or maintenance of databases
- G06F16/215—Improving data quality; Data cleansing, e.g. de-duplication, removing invalid entries or correcting typographical errors
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/27—Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02P—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
- Y02P90/00—Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
- Y02P90/30—Computing systems specially adapted for manufacturing
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Databases & Information Systems (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Data Mining & Analysis (AREA)
- Medical Informatics (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Quality & Reliability (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The utility model relates to a distributed data desensitization method under multisource business data stream, can carry out desensitization processing with the node status data of each father node on the production chain, carry out desensitization processing through DMS desensitization system to the node status data that reports, carry out desensitization processing with the production data who sends down the subordinate, namely child level node, realize the safe circulation of on-chain data, carry out timely sensitive information discovery and processing to on-chain multisource production data, avoid sensitive information circulation to circulate on-chain, avoid producing the high leakage risk of data that the production is even, father node data is desensitized step by step, the low-reaches child level node can not contact the sensitive data of superior, reach the green circulation of on-chain ecological security's commercial information.
Description
Technical Field
The disclosure relates to the technical field of data processing, and in particular relates to a distributed data desensitizing method, device and electronic equipment for multi-source service data flow.
Background
The data desensitization refers to the deformation of data of certain sensitive information through a desensitization rule, so that the reliable protection of sensitive privacy data is realized. Under the condition of involving client security data or some commercial sensitive data, under the condition of not violating system rules, the real data is modified and tested, and personal information such as an identity card number, a mobile phone number, a card number, a client number and the like needs to be subjected to data desensitization.
In the market of the existing production chain, the production data of each link is business secret data of a market main body, and the market main body is particularly heavy and protects the production data, so that business secrets such as production data, processing data and the like are prevented from being leaked, and business loss is caused.
In the upstream and downstream of the production supply chain, the user has multi-source production data which needs to be kept secret and is necessary to be desensitized, but the user does not have the capability of timely finding and processing the whole or most of multi-source production data, so that commercial data of the user main body such as production and the like can be leaked, and the loss of production profits is caused after the commercial data flows into the market.
Therefore, in the situation that the user cannot provide large data capacity, energy and the like to maintain the business data of the user, a scheme for realizing the desensitization processing of the data from the chain is needed to be provided for the production user, so that the user is helped to realize the safe and green circulation of the data.
Disclosure of Invention
In order to solve the problems, the application provides a distributed data desensitization method, a distributed data desensitization device and electronic equipment for multi-source service data flow.
In one aspect of the present application, a distributed data desensitization method under multi-source service data stream is provided, including the following steps:
acquiring and acquiring node state data of parent nodes on a production chain in real time;
the node state data of the parent node of the round is packed into a data stream state packet, and the data stream state packet is uploaded to a background server;
analyzing the data flow state packet in the background server, and classifying analysis data to obtain node state data of each data type;
analyzing and screening the node state data of each data type, reporting the node state data meeting preset desensitization conditions to a DMS desensitization system for desensitization, and sending the node state data to a corresponding parent node after the node state data is processed.
As an optional embodiment of the present application, optionally, collecting and acquiring node status data of parent nodes on a production chain in real time includes:
presetting a sampling frequency and determining a parent node for sampling on a production chain;
according to the sampling frequency, orderly acquiring node state data of each parent node on a production chain, and numbering the node state data of each parent node;
and orderly reporting the node state data of each numbered parent node according to the sampling frequency.
As an optional embodiment of the present application, optionally, packaging the node status data of the parent node of the round of the present application into a data stream status packet, and uploading the data stream status packet to the background server, including:
receiving node state data of each parent node reported by the current turn;
according to a preset data packaging format, packaging node state data of each parent node of the round to obtain a corresponding data stream state packet, and caching the data stream state packet in an Oricle database of a background server;
and sending the data flow state packet to a data application layer of a background server at fixed time based on a first clock mechanism configured by the background.
As an optional embodiment of the present application, optionally, analyzing the data flow state packet in the background server, and classifying the analyzed data to obtain node state data of each data type, including:
the data application layer of the background server receives the data flow state packet and forwards the data flow state packet to a data analysis platform;
analyzing the data stream state packet to obtain state analysis data of each parent node;
and classifying the state analysis data of each parent node according to the data type to obtain the node state data of each parent node under each data type.
As an optional embodiment of the present application, optionally, before performing the analysis and screening processing on the node status data of each data type, the method further includes:
preprocessing node state data corresponding to a data type conforming to a data sensitivity level according to the preset data sensitivity level;
and returning the node state data with the data sensitivity level smaller than the preset sensitivity value to the corresponding parent node through the background original path.
As an optional embodiment of the present application, optionally, before reporting the node status data meeting a preset desensitization condition to a DMS desensitization system for desensitization processing, the method further includes:
presetting a DMS desensitization system and setting desensitization parameters of the DMS desensitization system;
and deploying the DMS desensitization system on the background server, and configuring a corresponding desensitization database.
As an optional implementation manner of the present application, optionally, analyzing and screening node status data of each data type, reporting the node status data meeting a preset desensitization condition to a DMS desensitization system for desensitization, and sending the node status data to a corresponding parent node after processing, where the method includes:
according to the preset data sensitivity level, analyzing and screening the node state data of each father node under each data type according to the preset desensitization condition to obtain the node state data with the data sensitivity level not lower than the preset sensitivity value;
reporting the node state data meeting preset desensitization conditions to a DMS desensitization system, and carrying out desensitization processing based on a desensitization rule and desensitization processing parameters of the DMS desensitization system to obtain node state desensitization data of each parent node;
and returning the node state desensitization data to each parent node according to the node numbers, generating corresponding lower-level production data by the parent node based on the node state desensitization data, and sending the corresponding lower-level production data to the corresponding child nodes.
As an optional embodiment of the present application, optionally, when returning the node status desensitization data to each parent node, further includes:
and returning the node state desensitization data to the father level node corresponding to each node state desensitization data through a background original path at regular time based on a second clock mechanism configured by the background.
In another aspect of the present application, an apparatus for implementing the distributed data desensitization method under multi-source service data flow is provided, including:
the node state acquisition module is used for acquiring and acquiring node state data of the parent node on the production chain in real time;
the gateway module is used for packaging the node state data of the parent node of the round of secondary to a data stream state packet and uploading the data stream state packet to the background server;
the application analysis module is used for analyzing the data flow state packet in the background server and classifying analysis data to obtain node state data of each data type;
the desensitization processing module is used for analyzing and screening the node state data of each data type, reporting the node state data meeting the preset desensitization condition to the DMS desensitization system for carrying out desensitization processing, and sending the node state data to the corresponding parent node after processing.
In another aspect of the present application, an electronic device is further provided, including:
a processor;
a memory for storing processor-executable instructions;
wherein the processor is configured to implement the one distributed data desensitization method of multi-source traffic data streams when executing the executable instructions.
The invention has the technical effects that:
the method and the device acquire and acquire node state data of the parent node on the production chain in real time; the node state data of the parent node of the round is packed into a data stream state packet, and the data stream state packet is uploaded to a background server; analyzing the data flow state packet in the background server, and classifying analysis data to obtain node state data of each data type; analyzing and screening the node state data of each data type, reporting the node state data meeting preset desensitization conditions to a DMS desensitization system for desensitization, and sending the node state data to a corresponding parent node after the node state data is processed. The method has the advantages that the node state data of each parent node on the production chain can be subjected to desensitization, the reported node state data is subjected to desensitization through the DMS desensitization system, the production data sent to the lower level, namely the child level node, is subjected to desensitization processing, the safety circulation of the on-chain data is realized, the on-chain multi-source production data is subjected to timely sensitive information discovery and processing, the on-chain circulation of the sensitive information circulation is avoided, the high leakage risk of the on-chain production data is avoided, the parent node data is subjected to step-by-step desensitization, the lower child level node cannot contact with the upper level sensitive data, and the on-chain ecological safety commercial information green circulation is achieved.
Other features and aspects of the present disclosure will become apparent from the following detailed description of exemplary embodiments, which proceeds with reference to the accompanying drawings.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate exemplary embodiments, features and aspects of the present disclosure and together with the description, serve to explain the principles of the disclosure.
FIG. 1 shows a schematic flow chart of an implementation of the present invention;
FIG. 2 is a diagram of a messaging system for status data of various nodes in a chain according to the present invention;
FIG. 3 is a schematic diagram of a desensitization process for caching data according to the present invention;
FIG. 4 shows a schematic view of the structure of an application of the device of the present invention;
fig. 5 shows a schematic application diagram of the electronic device of the present invention.
Detailed Description
Various exemplary embodiments, features and aspects of the disclosure will be described in detail below with reference to the drawings. In the drawings, like reference numbers indicate identical or functionally similar elements. Although various aspects of the embodiments are illustrated in the accompanying drawings, the drawings are not necessarily drawn to scale unless specifically indicated.
The word "exemplary" is used herein to mean "serving as an example, embodiment, or illustration. Any embodiment described herein as "exemplary" is not necessarily to be construed as preferred or advantageous over other embodiments.
In addition, numerous specific details are set forth in the following detailed description in order to provide a better understanding of the present disclosure. It will be understood by those skilled in the art that the present disclosure may be practiced without some of these specific details. In some instances, well known means, elements, and circuits have not been described in detail so as not to obscure the present disclosure.
According to the method, the node state data of each parent node on the production chain can be subjected to desensitization, the reported node state data is subjected to desensitization through the DMS desensitization system, the production data sent to the lower level, namely the child level node, is subjected to desensitization processing, safe circulation of the on-chain data is realized, timely sensitive information discovery and processing are carried out on multi-source production data on the chain, the circulation of the sensitive information on the chain is avoided, the high leakage risk of the data on the production chain is avoided, the parent node data is subjected to step-by-step desensitization, the downstream child level node cannot contact with the upper level sensitive data, and the green circulation of the commercial information of the on-chain ecological safety is achieved.
Example 1
As shown in fig. 1, in one aspect, the present application proposes a distributed data desensitizing method under multi-source service data flow, including the following steps:
s1, acquiring and acquiring node state data of a parent node on a production chain in real time;
s2, packaging node state data of the parent node of the round of secondary to form a data stream state packet, and uploading the data stream state packet to a background server;
s3, analyzing the data flow state packet in the background server, and classifying analysis data to obtain node state data of each data type;
and S4, analyzing and screening the node state data of each data type, reporting the node state data meeting the preset desensitization condition to a DMS desensitization system for desensitization, and transmitting the node state data to a corresponding parent node after the processing.
The production chain is divided into upstream and downstream application nodes, such as a prior node is used as a parent node, and a node downstream from the parent node is used as a child node. Before the production data of each node is sent to the next node (sub-level node), the state data of each node needs to be reported to a production management background to carry out desensitization detection and desensitization treatment.
In this embodiment, a DMS desensitization system deployed in the background is used to analyze and screen desensitized data, identify and desensitize reported node data according to preset desensitization conditions, and send the processed node data to corresponding parent nodes. In this way, the information of each child level node on the current node issuing chain does not contain sensitive data of the parent level node.
The DMS desensitization system provides rich built-in desensitization algorithm and flexible and procedural strategy and proposal management capability, supports desensitization treatment on various data sources, helps enterprises to rapidly deploy and implement on the premise of not changing business procedures, effectively reduces the complexity and risk of desensitization, and controls the desensitization cost.
Through data desensitization, abuse of private data in enterprises can be effectively prevented, and the private data is prevented from flowing out of the enterprises under the condition of not being desensitized. The method meets the requirements of enterprises for protecting private data, maintains supervision compliance and meets the compliance of the enterprises.
In this embodiment, the DMS desensitizing system may be an application system of a third party, and the user only needs to perform desensitizing parameter configuration according to the node attribute of the production chain.
Except for the nodes at the tail end of the chain (without dividing buses and branch lines), other nodes can report their own state parameters, namely real-time node state data, in real time through terminals configured by the nodes. When a certain node needs to send data downwards, the desensitization processing condition of the application needs to be responded, namely when the data is sent downwards, the current parent node needs to report node state data to the background firstly, and data desensitization recognition and processing are carried out. And confirming that the sensitive data is not available, and then issuing the sub-level nodes.
In this embodiment, the parent node that needs to report and perform desensitization recognition and processing may be determined by an administrator in the background, and send corresponding desensitization indication information to the terminal device corresponding to the parent node through the background, where after the parent node receives the desensitization indication information, a desensitization tag of the current terminal is built in the background, and the background indicates that the terminal needs to perform a desensitization recognition task. This facilitates the management of the desensitized nodes on the chain by the background.
As shown in fig. 2, a schematic diagram of reporting data for each node is shown. Nodes on the chain of the embodiment forward information downwards and are called parent nodes; and the node for receiving the data sent by the upper node is the lower node. Thus, not only a straight production chain as shown in fig. 2, there may be crossover nodes. The present embodiment takes a linear service supply chain as an example.
As an optional embodiment of the present application, optionally, collecting and acquiring node status data of parent nodes on a production chain in real time includes:
presetting a sampling frequency and determining a parent node for sampling on a production chain;
according to the sampling frequency, orderly acquiring node state data of each parent node on a production chain, and numbering the node state data of each parent node;
and orderly reporting the node state data of each numbered parent node according to the sampling frequency.
And the nodes on the chain report the information by sampling at regular intervals. In this embodiment, the background determines and sets the sampling frequency for the parent node determined to need sampling and desensitizing recognition. And the determined parent node carries out the message according to the sampling frequency. When the message is sent, the node state data of each parent node is numbered, and the number of the parent node terminal or the equipment identification code can be marked on the corresponding node state data packet, so that the one-to-one identification is facilitated. The messages of each parent node are sequentially processed after sampling, for example, according to the direction of the data flow on the chain.
As an optional embodiment of the present application, optionally, packaging the node status data of the parent node of the round of the present application into a data stream status packet, and uploading the data stream status packet to the background server, including:
receiving node state data of each parent node reported by the current turn;
according to a preset data packaging format, packaging node state data of each parent node of the round to obtain a corresponding data stream state packet, and caching the data stream state packet in an Oricle database of a background server;
and sending the data flow state packet to a data application layer of a background server at fixed time based on a first clock mechanism configured by the background.
The background caches the node state data reported by each parent node, so that the occupation of data memory is avoided. In this embodiment, the Oricle database on the background caches the reported node status data.
Before reporting the background, the data of each node message is subjected to data packaging processing based on the same data packaging mechanism according to a uniform data packaging format to obtain a data stream state packet of the corresponding node, and the data stream state packet is reported and cached in an Oricle database of the background server. After buffering, the identity of each node terminal equipment is also provided.
And the first clock mechanism configured by the background is used for sending the buffer data in the Oricle database to the data application layer of the background at regular time to carry out message time rules of application processing, sending the buffer data according to the agreed message time, and sending each data stream state packet to the data application layer of the background server at regular time to carry out data packet analysis and desensitization identification. Node sampling and desensitization can be performed on time, and latency of the nodes is avoided.
As an optional embodiment of the present application, optionally, analyzing the data flow state packet in the background server, and classifying the analyzed data to obtain node state data of each data type, including:
the data application layer of the background server receives the data flow state packet and forwards the data flow state packet to a data analysis platform;
analyzing the data stream state packet to obtain state analysis data of each parent node;
and classifying the state analysis data of each parent node according to the data type to obtain the node state data of each parent node under each data type.
As shown in fig. 3, file analysis software is deployed in the data application layer of the background server, so that the received data stream state packet can be analyzed to obtain state analysis data of each parent node. And the state analysis data are classified according to data types such as supply data, processing data and the like, so that node state data of each parent node under each data type are obtained. By data type classification, the desensitization pretreatment is convenient to be carried out by referring to the desensitization condition of the unified data type.
As an optional embodiment of the present application, optionally, before performing the analysis and screening processing on the node status data of each data type, the method further includes:
preprocessing node state data corresponding to a data type conforming to a data sensitivity level according to the preset data sensitivity level;
and returning the node state data with the data sensitivity level smaller than the preset sensitivity value to the corresponding parent node through the background original path.
Before entering a DMS desensitization system, firstly, carrying out primary desensitization pretreatment, selecting less insensitive data by calculating the sensitivity level and the like of all node state data corresponding to each data type, returning the insensitive data for on-chain node information circulation, marking or withholding the excessively sensitive data, notifying a corresponding parent node, and paying attention to confidentiality. The data sensitivity level of the data can be determined by a background by a preset sensitivity level calculation rule of a user, or a background manager determines according to feedback of a node user, and when the data sensitivity level is smaller than a preset sensitivity value, the data is determined to be the data which does not need to be kept secret, and the data can be circulated in a chain. And the node state data exceeding the preset sensitive value waits for the feedback of the node user, and the background determines whether to return to the original node.
As an optional embodiment of the present application, optionally, before reporting the node status data meeting a preset desensitization condition to a DMS desensitization system for desensitization processing, the method further includes:
presetting a DMS desensitization system and setting desensitization parameters of the DMS desensitization system;
and deploying the DMS desensitization system on the background server, and configuring a corresponding desensitization database.
Background deployment and working parameter setting of the DMS desensitization system are not limited in this embodiment, and the background can set desensitization level for strictly screening node data needing desensitization processing.
The data after desensitization pretreatment is subjected to desensitization identification and treatment by a DMS desensitization system. The pre-processing is only to screen the data with small sensitivity once, so as to reduce the working pressure of the DMS desensitization system.
As an optional implementation manner of the present application, optionally, analyzing and screening node status data of each data type, reporting the node status data meeting a preset desensitization condition to a DMS desensitization system for desensitization, and sending the node status data to a corresponding parent node after processing, where the method includes:
according to the preset data sensitivity level, analyzing and screening the node state data of each father node under each data type according to the preset desensitization condition to obtain the node state data with the data sensitivity level not lower than the preset sensitivity value;
reporting the node state data meeting preset desensitization conditions to a DMS desensitization system, and carrying out desensitization processing based on a desensitization rule and desensitization processing parameters of the DMS desensitization system to obtain node state desensitization data of each parent node;
and returning the node state desensitization data to each parent node according to the node numbers, generating corresponding lower-level production data by the parent node based on the node state desensitization data, and sending the corresponding lower-level production data to the corresponding child nodes.
The DMS desensitization system provides rich built-in desensitization algorithm and flexible and procedural strategy and proposal management capability, supports desensitization treatment on various data sources, helps enterprises to rapidly deploy and implement on the premise of not changing business procedures, effectively reduces the complexity and risk of desensitization, and controls the desensitization cost.
The residual data after desensitization pretreatment is input into a DMS desensitization system, and is identified and screened through the desensitization rules and the desensitization parameters of the DMS desensitization system. The background can set corresponding desensitization conditions including desensitization rules and desensitization processing parameters in the DMS desensitization system, so as to analyze and screen the reported node state data.
The desensitization process of the DMS desensitization system is not described in this embodiment.
The data reported to the DMS desensitization system is the node state data with the data sensitivity level not lower than the preset sensitivity value, namely the highly sensitive data, the highly sensitive data is withheld and the low sensitive data is released after the desensitization processing of the DMS desensitization system, and the node state desensitization data of each parent node released by the DMS desensitization system is returned to each parent node through the original path. In this way, the node state data of each parent node, namely the node state desensitization data, is obtained, and can be sent down to the corresponding child node according to the direction of the service flow on the chain.
The data desensitized by the DMS desensitization system also has identification information such as the number of the corresponding parent node, so that the background can conveniently identify the node terminal and feed back information.
As an optional embodiment of the present application, optionally, when returning the node status desensitization data to each parent node, further includes:
and returning the node state desensitization data to the father level node corresponding to each node state desensitization data through a background original path at regular time based on a second clock mechanism configured by the background.
The method is also provided with a corresponding timing feedback time mechanism after desensitization, and the desensitized node state desensitized data is returned to each parent node at fixed time, so that the data delay is avoided.
It should be noted that although the above desensitization process is described by way of example with a DMS desensitization system, those skilled in the art will appreciate that the present disclosure should not be limited thereto. In fact, the user can flexibly set the desensitization platform according to the actual application scene, so long as the technical functions of the application can be realized according to the technology.
It should be apparent to those skilled in the art that implementing all or part of the above-described embodiments may be accomplished by computer programs to instruct related hardware, and the programs may be stored in a computer readable storage medium, which when executed may include the processes of the embodiments of the controls described above. It will be appreciated by those skilled in the art that implementing all or part of the above-described embodiments may be accomplished by computer programs to instruct related hardware, and the programs may be stored in a computer readable storage medium, which when executed may include the processes of the embodiments of the controls described above. The storage medium may be a magnetic disk, an optical disc, a Read-only memory (ROM), a random access memory (RandomAccessMemory, RAM), a flash memory (flash memory), a hard disk (HDD), or a Solid State Drive (SSD); the storage medium may also comprise a combination of memories of the kind described above.
Example 2
Based on the implementation principle of embodiment 1, another aspect of the present application proposes an apparatus for implementing the distributed data desensitization method of multi-source service data flow, including:
the node state acquisition module is used for acquiring and acquiring node state data of the parent node on the production chain in real time;
the gateway module is used for packaging the node state data of the parent node of the round of secondary to a data stream state packet and uploading the data stream state packet to the background server;
the application analysis module is used for analyzing the data flow state packet in the background server and classifying analysis data to obtain node state data of each data type;
the desensitization processing module is used for analyzing and screening the node state data of each data type, reporting the node state data meeting the preset desensitization condition to the DMS desensitization system for carrying out desensitization processing, and sending the node state data to the corresponding parent node after processing.
The function and interaction of the above-described individual modules are described with particular reference to example 1.
The modules or steps of the invention described above may be implemented in a general-purpose computing device, they may be centralized in a single computing device, or distributed across a network of computing devices, or they may alternatively be implemented in program code executable by a computing device, such that they may be stored in a memory device and executed by a computing device, or they may be separately fabricated into individual integrated circuit modules, or multiple modules or steps within them may be fabricated into a single integrated circuit module. Thus, the present invention is not limited to any specific combination of hardware and software.
Example 3
As shown in fig. 5, in another aspect, the present application further proposes an electronic device, including:
a processor;
a memory for storing processor-executable instructions;
wherein the processor is configured to implement the one distributed data desensitization method of multi-source traffic data streams when executing the executable instructions.
Embodiments of the present disclosure provide for an electronic device that includes a processor and a memory for storing processor-executable instructions. Wherein the processor is configured to implement a distributed data desensitization method of a multi-source traffic data stream as described in any of the preceding, when executing the executable instructions.
Here, it should be noted that the number of processors may be one or more. Meanwhile, in the electronic device of the embodiment of the disclosure, an input device and an output device may be further included. The processor, the memory, the input device, and the output device may be connected by a bus, or may be connected by other means, which is not specifically limited herein.
The memory is a computer-readable storage medium that can be used to store software programs, computer-executable programs, and various modules, such as: a program or module corresponding to a distributed data desensitization method under multi-source service data flow in an embodiment of the disclosure. The processor executes various functional applications and data processing of the electronic device by running software programs or modules stored in the memory.
The input device may be used to receive an input number or signal. Wherein the signal may be a key signal generated in connection with user settings of the device/terminal/server and function control. The output means may comprise a display device such as a display screen.
The foregoing description of the embodiments of the present disclosure has been presented for purposes of illustration and description, and is not intended to be exhaustive or limited to the embodiments disclosed. Many modifications and variations will be apparent to those of ordinary skill in the art without departing from the scope and spirit of the various embodiments described. The terminology used herein was chosen in order to best explain the principles of the embodiments, the practical application, or the technical improvement of the technology in the marketplace, or to enable others of ordinary skill in the art to understand the embodiments disclosed herein.
Claims (10)
1. A distributed data desensitization method for multi-source service data flow, comprising the steps of:
acquiring and acquiring node state data of parent nodes on a production chain in real time;
the node state data of the parent node of the round is packed into a data stream state packet, and the data stream state packet is uploaded to a background server;
analyzing the data flow state packet in the background server, and classifying analysis data to obtain node state data of each data type;
analyzing and screening the node state data of each data type, reporting the node state data meeting preset desensitization conditions to a DMS desensitization system for desensitization, and sending the node state data to a corresponding parent node after the node state data is processed.
2. The distributed data desensitization method under multi-source traffic data flow according to claim 1, wherein collecting and acquiring node status data of parent nodes on a production chain in real time comprises:
presetting a sampling frequency and determining a parent node for sampling on a production chain;
according to the sampling frequency, orderly acquiring node state data of each parent node on a production chain, and numbering the node state data of each parent node;
and orderly reporting the node state data of each numbered parent node according to the sampling frequency.
3. The method of claim 2, wherein packaging the node state data of the parent node of the round into a data stream state packet and uploading the data stream state packet to a background server, comprises:
receiving node state data of each parent node reported by the current turn;
according to a preset data packaging format, packaging node state data of each parent node of the round to obtain a corresponding data stream state packet, and caching the data stream state packet in an Oricle database of a background server;
and sending the data flow state packet to a data application layer of a background server at fixed time based on a first clock mechanism configured by the background.
4. A method for distributed data desensitization in a multi-source traffic data stream according to claim 3, wherein said analyzing said data stream state packet in said background server and classifying the analyzed data to obtain node state data of each data type comprises:
the data application layer of the background server receives the data flow state packet and forwards the data flow state packet to a data analysis platform;
analyzing the data stream state packet to obtain state analysis data of each parent node;
and classifying the state analysis data of each parent node according to the data type to obtain the node state data of each parent node under each data type.
5. The method for distributed data desensitization in a multi-source traffic data stream according to claim 4, further comprising, before analyzing and screening node status data of each data type:
preprocessing node state data corresponding to a data type conforming to a data sensitivity level according to the preset data sensitivity level;
and returning the node state data with the data sensitivity level smaller than the preset sensitivity value to the corresponding parent node through the background original path.
6. The method for desensitizing distributed data under multi-source traffic data according to claim 4, wherein before said node status data meeting preset desensitization conditions is reported to a DMS desensitization system for desensitization, further comprising:
presetting a DMS desensitization system and setting desensitization parameters of the DMS desensitization system;
and deploying the DMS desensitization system on the background server, and configuring a corresponding desensitization database.
7. The distributed data desensitization method under multi-source service data stream according to claim 4, wherein analyzing and screening node state data of each data type, reporting the node state data meeting preset desensitization conditions to a DMS desensitization system for desensitization, and sending to corresponding parent nodes after processing, including:
according to the preset data sensitivity level, analyzing and screening the node state data of each father node under each data type according to the preset desensitization condition to obtain the node state data with the data sensitivity level not lower than the preset sensitivity value;
reporting the node state data meeting preset desensitization conditions to a DMS desensitization system, and carrying out desensitization processing based on a desensitization rule and desensitization processing parameters of the DMS desensitization system to obtain node state desensitization data of each parent node;
and returning the node state desensitization data to each parent node according to the node numbers, generating corresponding lower-level production data by the parent node based on the node state desensitization data, and sending the corresponding lower-level production data to the corresponding child nodes.
8. The method of distributed data desensitization in a multi-source traffic data stream according to claim 7, wherein when returning said node state desensitization data to individual parent nodes, further comprising:
and returning the node state desensitization data to the father level node corresponding to each node state desensitization data through a background original path at regular time based on a second clock mechanism configured by the background.
9. An apparatus for implementing the distributed data desensitization method of the multi-source traffic data stream according to any one of claims 1-8, comprising:
the node state acquisition module is used for acquiring and acquiring node state data of the parent node on the production chain in real time;
the gateway module is used for packaging the node state data of the parent node of the round of secondary to a data stream state packet and uploading the data stream state packet to the background server;
the application analysis module is used for analyzing the data flow state packet in the background server and classifying analysis data to obtain node state data of each data type;
the desensitization processing module is used for analyzing and screening the node state data of each data type, reporting the node state data meeting the preset desensitization condition to the DMS desensitization system for carrying out desensitization processing, and sending the node state data to the corresponding parent node after processing.
10. An electronic device, comprising:
a processor;
a memory for storing processor-executable instructions;
wherein the processor is configured to implement the distributed data desensitization method of multi-source traffic data flow according to any one of claims 1-8 when executing the executable instructions.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310356526.2A CN116432224A (en) | 2023-04-06 | 2023-04-06 | Distributed data desensitizing method for multisource business data flow |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310356526.2A CN116432224A (en) | 2023-04-06 | 2023-04-06 | Distributed data desensitizing method for multisource business data flow |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116432224A true CN116432224A (en) | 2023-07-14 |
Family
ID=87090203
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310356526.2A Withdrawn CN116432224A (en) | 2023-04-06 | 2023-04-06 | Distributed data desensitizing method for multisource business data flow |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116432224A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN119691803A (en) * | 2024-12-04 | 2025-03-25 | 北京航空航天大学 | A vehicle image and video desensitization method based on task decomposition |
-
2023
- 2023-04-06 CN CN202310356526.2A patent/CN116432224A/en not_active Withdrawn
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN119691803A (en) * | 2024-12-04 | 2025-03-25 | 北京航空航天大学 | A vehicle image and video desensitization method based on task decomposition |
| CN119691803B (en) * | 2024-12-04 | 2025-11-04 | 北京航空航天大学 | A Vehicle Image and Video Desensitization Method Based on Task Decomposition |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111752799B (en) | Service link tracking method, device, equipment and storage medium | |
| EP3072260B1 (en) | Methods, systems, and computer readable media for a network function virtualization information concentrator | |
| CN112688822B (en) | Edge computing fault or security threat monitoring system and method based on multi-point cooperation | |
| CN108256118B (en) | Data processing method, device, system, computing equipment and storage medium | |
| CN113159145B (en) | A feature engineering arrangement method and device | |
| CN112311617A (en) | A configuration data monitoring and alarming method and system | |
| CN113347164A (en) | Block chain-based distributed consensus system, method, device and storage medium | |
| CN110198246B (en) | Method and system for monitoring flow | |
| CN107329853A (en) | Backup method, standby system and the electronic equipment of data-base cluster | |
| US10554701B1 (en) | Real-time call tracing in a service-oriented system | |
| CN104283643A (en) | Message speed limiting method and device | |
| CN116432224A (en) | Distributed data desensitizing method for multisource business data flow | |
| CN117544656B (en) | Communication command management method and system based on micro-service framework | |
| Wang et al. | An autonomous deployment mechanism for AI security services | |
| Qian et al. | Characterization of 3g data-plane traffic and application towards centralized control and management for software defined networking | |
| CN112948822A (en) | Big data audit scene analysis method and system applied to intelligent education system | |
| CN114553962B (en) | Mobile equipment data processing method and system based on message queue | |
| CN110351273B (en) | Method, device and system for network tracking long chain attack | |
| CN116599834B (en) | Early warning decision method, system, equipment and storage medium based on blockchain | |
| CN116962143B (en) | Network fault detection method, device, computer equipment and storage medium | |
| CN103812681A (en) | Processing method and communication system for EMS and LMT to access to network element | |
| CN112560089A (en) | Sensitive information early warning device and method of interface service | |
| CN112688818A (en) | Data transmission method and device, electronic equipment and readable storage medium | |
| CN117639222A (en) | Electrical information monitoring method and system for intelligent electrical equipment | |
| CN115643558B (en) | Data processing method and device, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| WW01 | Invention patent application withdrawn after publication | ||
| WW01 | Invention patent application withdrawn after publication |
Application publication date: 20230714 |