[go: up one dir, main page]

CN119622752A - Data asset security assessment method and assessment system - Google Patents

Data asset security assessment method and assessment system Download PDF

Info

Publication number
CN119622752A
CN119622752A CN202510166212.5A CN202510166212A CN119622752A CN 119622752 A CN119622752 A CN 119622752A CN 202510166212 A CN202510166212 A CN 202510166212A CN 119622752 A CN119622752 A CN 119622752A
Authority
CN
China
Prior art keywords
access
user
data
security
behavior
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202510166212.5A
Other languages
Chinese (zh)
Inventor
程利
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chengdu Jincheng College
Original Assignee
Chengdu Jincheng College
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chengdu Jincheng College filed Critical Chengdu Jincheng College
Priority to CN202510166212.5A priority Critical patent/CN119622752A/en
Publication of CN119622752A publication Critical patent/CN119622752A/en
Pending legal-status Critical Current

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

The invention relates to the field of data processing and discloses a data asset security assessment method and system, wherein the security assessment module receives a data asset access request, extracts access characteristics according to the access request, acquires an access request authorization state based on the access characteristics, determines user permission according to user identity information in the access characteristics if the access request authorization state is the authorization state, acquires known user access behavior data if the user is a known user, verifies the known user access behavior data with a corresponding user behavior mode stored in a cloud data server, and judges the data asset access security if the verification is successful; and finishing the data asset security assessment. The invention can realize comprehensive and accurate security assessment of the data asset access request.

Description

Data asset security assessment method and assessment system
Technical Field
The invention relates to the field of data processing, in particular to a data asset security assessment method and an assessment system.
Background
With the rapid development of information technology, data has become an indispensable asset for enterprises, organizations, and even individuals. The value of data is that it can provide information, guide decisions, optimize flows, etc., but at the same time, the security problem of data is increasingly prominent. Security events such as data leakage, illegal access, tampering or destruction are frequent, and great economic loss and legal risks are brought to owners of data assets. Therefore, how to effectively evaluate and manage the security of data assets is a current challenge.
Traditional data security protection means, such as firewalls, intrusion Detection Systems (IDS), antivirus software, etc., while capable of protecting against external threats to some extent, are confronted with malicious behavior or misoperations of internal personnel, and increasingly complex network attack means, which are struggling. In addition, traditional methods often focus on post-hoc defenses and remedies, lacking active assessment and early warning mechanisms for data asset security.
In the prior art, although some data security evaluation methods exist, most of the problems are that firstly, the evaluation dimension is single, only single factors such as user identity or access instructions are considered, complexity and diversity of access behaviors are ignored, secondly, the evaluation process is not intelligent, the evaluation strategy cannot be automatically adjusted according to historical access behaviors of users, accuracy and efficiency of an evaluation result are limited, thirdly, effective integration with a cloud data server is lacking, and cloud resources cannot be fully utilized to enhance real-time performance and accuracy of evaluation.
Disclosure of Invention
The invention aims to overcome the defects of the prior art and provides a data asset security assessment method, which comprises the following steps:
The method comprises the steps that firstly, a security evaluation module receives a data asset access request, access characteristics are extracted according to the access request, and based on the access characteristics, the security evaluation module obtains an access request authorization state, if the access request authorization state is the authorization state, the step two is entered;
Step two, determining user permission according to user identity information in the access characteristics, if the user is a known user, entering step three, otherwise, entering step four if the user is an unknown user;
Step three, the security assessment module acquires known user access behavior data, verifies the known user access behavior data with a corresponding user behavior mode stored in a cloud data server, and judges the security of data asset access if verification is successful, and enters step six;
Step four, the security assessment module obtains the access behavior data of the unknown user, obtains the primary access characteristics according to the obtained access behavior data of the unknown user, obtains the data asset security access policy matching the primary access characteristics at the cloud data server, generates a security policy corresponding to the primary access characteristics, sends the security policy to the security assessment module, and enters step five;
Step five, the security assessment module carries out consistency check on the access behavior data of the user according to the security policy corresponding to the primary access characteristic sent by the cloud data server, if so, judges the access security of the data asset until the access of the data asset is completed, and enters step six;
And step six, completing data asset security assessment.
Further, the security evaluation module receives a data asset access request, extracts access characteristics according to the access request, and obtains an access request authorization state based on the access characteristics, including:
the access characteristics comprise access user identity information and an authorized access instruction, wherein the access user identity information comprises a user account and identity verification information;
The authorized access instruction comprises a data query instruction, a data downloading instruction, a data modifying instruction and a data uploading instruction;
The security evaluation module verifies the authorization verification information, if the authorization user identity information in the authorization verification information is consistent with the access user identity information, the security evaluation module responds, and if not, the security evaluation module does not respond.
Further, the determining the user authority according to the user identity information in the access feature includes:
If the user account is the user registered and authenticated in the cloud data server for the first time, the user account is an unknown user, and if the user account is not the user registered and authenticated in the cloud data server for the first time, the user account is a known user.
Further, the security evaluation module obtains user access behavior data, and verifies the user access behavior data with a corresponding known user behavior mode stored in the cloud data server, including:
The cloud data server generates a behavior mode of a corresponding user according to historical access behavior data of the known user, compares the access behavior data of the known user with the behavior mode of the corresponding user to obtain the deviation degree of the access behavior of the known user, and performs data asset access risk early warning if the deviation degree of the access behavior of the known user is larger than an early warning deviation degree threshold value, wherein the behavior mode comprises access characteristic items including access time, access data asset types and access instructions.
Further, the deviation degree of the user access behavior is as follows:
If the access characteristic items obtained according to the known user access behavior data are identical to the access characteristic items in the behavior mode of the corresponding user, the known user access behavior is not deviated, otherwise, the user access behavior is deviated, and the known user access behavior deviation degree is obtained according to the sum of the early warning deviation values corresponding to the inconsistent access characteristic items.
Further, the security evaluation module obtains the access behavior data of the unknown user, obtains the primary access characteristic according to the obtained access behavior data of the unknown user, and obtains the data asset security access policy matching the primary access characteristic at the cloud data server, including:
the primary access feature is that the type of the data asset accessed in the access behavior data is obtained, the type of the data asset accessed and the authorized access instruction form the primary access feature, and the data asset security access strategy corresponding to the type of the data asset accessed is matched in the cloud data server according to the primary access feature.
Further, the security evaluation module performs consistency check with the unknown user access behavior data according to the security policy corresponding to the primary access feature sent by the cloud data server, and the security evaluation module includes:
And acquiring an accessible instruction of the data asset in the security policy corresponding to the primary access characteristic, if the access instruction in the user access behavior data is not known to be consistent with the accessible instruction of the data asset in the security policy, passing the consistency check, otherwise, failing the consistency check.
The data asset security assessment system comprises a cloud data server, a security assessment module, a data acquisition module, a communication module, a data processing module and user equipment, wherein the cloud data server is used for receiving data from a user;
The safety evaluation module, the data acquisition module and the communication module are respectively connected with the data processing module; the cloud data server and the user terminal device are respectively in communication connection with the communication module.
The method has the beneficial effects that the accuracy and the efficiency of the security assessment are improved, and the comprehensive and accurate security assessment of the data asset access request can be realized by comprehensively considering the source of the access request, the identity and the authority of the user, the characteristics of the access behavior, the sensitivity of the data asset and other factors. Meanwhile, by means of the strong computing capacity and the storage capacity of the cloud data server, the method and the device can complete the evaluation process in real time and rapidly, and the evaluation efficiency is improved.
The invention can automatically generate the behavior patterns of the corresponding user according to the historical access behaviors of the user, and intelligently evaluate the current access behaviors according to the behavior patterns. The intelligent evaluation mode can automatically adjust the evaluation strategy, and adapt to the behavior habits and safety requirements of different users, so that the accuracy and the flexibility of evaluation are improved.
The invention not only can effectively intercept illegal accesses from outside, but also can monitor and early warn malicious behaviors or misoperation of internal personnel in real time. By triggering the safety alarm, the invention can timely discover and treat potential safety risks, and effectively ensure the safety of the data asset.
Drawings
FIG. 1 is a flow diagram of a data asset security assessment method based on deep learning;
FIG. 2 is a schematic diagram of a data asset security assessment system based on deep learning;
Fig. 3 is a schematic diagram of a security evaluation module.
Detailed Description
The technical solution of the present invention will be described in further detail with reference to the accompanying drawings, but the scope of the present invention is not limited to the following description.
The features and capabilities of the present invention are described in further detail below in connection with the examples.
As shown in fig. 1, a data asset security assessment method includes the steps of:
The method comprises the steps that firstly, a security evaluation module receives a data asset access request, access characteristics are extracted according to the access request, and based on the access characteristics, the security evaluation module obtains an access request authorization state, if the access request authorization state is the authorization state, the step two is entered;
Step two, determining user permission according to user identity information in the access characteristics, if the user is a known user, entering step three, otherwise, entering step four if the user is an unknown user;
Step three, the security assessment module acquires known user access behavior data, verifies the known user access behavior data with a corresponding user behavior mode stored in a cloud data server, and judges the security of data asset access if verification is successful, and enters step six;
Step four, the security assessment module obtains the access behavior data of the unknown user, obtains the primary access characteristics according to the obtained access behavior data of the unknown user, obtains the data asset security access policy matching the primary access characteristics at the cloud data server, generates a security policy corresponding to the primary access characteristics, sends the security policy to the security assessment module, and enters step five;
Step five, the security assessment module carries out consistency check on the access behavior data of the user according to the security policy corresponding to the primary access characteristic sent by the cloud data server, if so, judges the access security of the data asset until the access of the data asset is completed, and enters step six;
And step six, completing data asset security assessment.
The security evaluation module receives a data asset access request, extracts access characteristics according to the access request, and obtains an access request authorization state based on the access characteristics, and the security evaluation module comprises:
the access characteristics comprise access user identity information and an authorized access instruction, wherein the access user identity information comprises a user account and identity verification information;
The authorized access instruction comprises a data query instruction, a data downloading instruction, a data modifying instruction and a data uploading instruction;
The security evaluation module verifies the authorization verification information, if the authorization user identity information in the authorization verification information is consistent with the access user identity information, the security evaluation module responds, and if not, the security evaluation module does not respond.
The determining the user authority according to the user identity information in the access characteristic comprises the following steps:
If the user account is the user registered and authenticated in the cloud data server for the first time, the user account is an unknown user, and if the user account is not the user registered and authenticated in the cloud data server for the first time, the user account is a known user.
The security evaluation module acquires user access behavior data and verifies the user access behavior data with a corresponding known user behavior mode stored in a cloud data server, and the security evaluation module comprises:
The cloud data server generates a behavior mode of a corresponding user according to historical access behavior data of the known user, compares the access behavior data of the known user with the behavior mode of the corresponding user to obtain the deviation degree of the access behavior of the known user, and performs data asset access risk early warning if the deviation degree of the access behavior of the known user is larger than an early warning deviation degree threshold value, wherein the behavior mode comprises access characteristic items including access time, access data asset types and access instructions.
The deviation degree of the user access behavior is as follows:
If the access characteristic items obtained according to the known user access behavior data are identical to the access characteristic items in the behavior mode of the corresponding user, the known user access behavior is not deviated, otherwise, the user access behavior is deviated, and the known user access behavior deviation degree is obtained according to the sum of the early warning deviation values corresponding to the inconsistent access characteristic items.
The security evaluation module obtains the access behavior data of the unknown user, obtains the primary access characteristic according to the obtained access behavior data of the unknown user, and obtains a data asset security access strategy matched with the primary access characteristic at the cloud data server, and comprises the following steps:
the primary access feature is that the type of the data asset accessed in the access behavior data is obtained, the type of the data asset accessed and the authorized access instruction form the primary access feature, and the data asset security access strategy corresponding to the type of the data asset accessed is matched in the cloud data server according to the primary access feature.
The security evaluation module performs consistency check with unknown user access behavior data according to a security policy corresponding to the primary access characteristic sent by the cloud data server, and the security evaluation module comprises:
And acquiring an accessible instruction of the data asset in the security policy corresponding to the primary access characteristic, if the access instruction in the user access behavior data is not known to be consistent with the accessible instruction of the data asset in the security policy, passing the consistency check, otherwise, failing the consistency check.
As shown in FIG. 2, the data asset security assessment system, to which the data asset security assessment method is applied, comprises a cloud data server, a security assessment module, a data acquisition module, a communication module, a data processing module and user equipment;
The safety evaluation module, the data acquisition module and the communication module are respectively connected with the data processing module; the cloud data server and the user terminal device are respectively in communication connection with the communication module.
The security evaluation module shown in fig. 3 comprises a security verification module and an access characteristic extraction module, wherein the security verification module and the access characteristic extraction module are respectively connected with the data processing module.
Specifically, the invention provides a data asset security assessment method, which comprises the following steps:
And step one, after the security evaluation module receives the data asset access request, firstly extracting access characteristics according to the access request. These access features include, but are not limited to, accessing user identity information and authorizing access instructions. The access user identity information comprises a user account number, identity verification information and the like, and is used for confirming the identity of a visitor, and the authorized access instruction comprises authorized verification information and specific access instructions, such as a data query instruction, a data downloading instruction, a data modifying instruction, a data uploading instruction and the like, and is used for defining the operation intention of the visitor. Based on these access characteristics, the security assessment module may further obtain the authorization status of the access request. If the state is authorized, namely the identity and the operation of the visitor are authorized, the step II is entered, and if the state is unauthorized, the received data asset access request is directly ignored, so that the illegal access is effectively intercepted.
And step two, after confirming that the access request is in an authorized state, the security evaluation module determines the authority of the user according to the user identity information in the access characteristic. This step is mainly to determine whether the visitor is a known user or an unknown user. If the user account is the user registered and authenticated in the cloud data server for the first time, the user account is regarded as an unknown user, the step four is entered into further security evaluation, and if not, the user account is regarded as a known user, the step three is entered into.
And thirdly, for the known user, the security evaluation module acquires access behavior data of the known user and verifies the data with corresponding user behavior modes stored in the cloud data server. The cloud data server generates behavior patterns of the corresponding user according to the historical access behavior data of the known user, wherein the behavior patterns comprise access characteristic items such as access time, access data asset types and access instructions. By comparing the current access behavior data with the behavior pattern, the degree of deviation of the known user access behavior can be calculated. If the deviation degree is larger than the early warning deviation degree threshold value, the user behavior is abnormal, the data asset access risk possibly exists, the security evaluation module triggers a security alarm at the moment, and if verification is successful, namely the user behavior accords with the behavior mode, the data asset access security is judged, and the step six is entered.
And step four, for an unknown user, the security evaluation module acquires access behavior data of the unknown user and obtains primary access characteristics according to the data. The primary access characteristics primarily include the type of data asset being accessed and the authorized access instructions. The security assessment module then matches the data asset security access policy in the cloud data server to the corresponding accessed data asset type. These policies are formulated based on the sensitivity and security requirements of different types of data assets to guide how access requests are securely evaluated.
And fifthly, the security assessment module performs consistency check on the access behavior data of the unknown user according to the security policy corresponding to the primary access characteristic sent by the cloud data server. Specifically, the accessible instructions for the data asset in the security policy are obtained and compared to the access instructions in the unknown user access behavior data. If the data asset access security risk is consistent with the data asset access security risk, the consistency check is passed, the data asset access security is judged, otherwise, the consistency check is not passed, the data asset access risk is regarded as the data asset access risk, and the security assessment module triggers a security alarm.
And step six, whether the access behavior of the known user or the unknown user is judged to be safe, the data asset security assessment can be completed, and the access operation of the data asset is allowed.
Further, the invention also provides specific implementation details of the method:
in the first step, when the security evaluation module verifies the authorization verification information, the identity information of the authorized user is strictly compared with the identity information of the access user, so that only the authorized user can access the data asset.
In the third step, when the deviation degree of the known user access behaviors is calculated, early warning deviation values corresponding to the inconsistent access characteristic items are comprehensively considered, so that a more comprehensive and accurate deviation degree evaluation result is obtained.
In the fourth step, when the data asset security access policy is matched, the sensitivity and security requirements of the data asset are fully considered, so that the formulated policy can be ensured to effectively prevent security risks, and normal access requirements of users are not excessively limited.
In addition, the invention also provides a data asset security assessment system which applies the data asset security assessment method and comprises a cloud data server, a security assessment module, a data acquisition module, a data processing module and a communication module. The cloud data server is connected with the communication module in a communication way, is used for storing key information such as user behavior patterns, data asset security access strategies and the like, and provides necessary support for security assessment. The security evaluation module also comprises a security verification module and an access characteristic extraction module which are respectively used for realizing security verification of the access request and extraction of the access characteristic.
Example 1
A financial company uses the data asset security assessment method provided by the invention to protect the data assets stored in the cloud, and the data assets comprise sensitive data such as customer transaction records, personal identity information and the like. Companies want to ensure that only authorized employees can access these data and that the access behavior complies with normal business operation patterns.
The specific implementation steps are as follows:
step one, a staff submits a data query request through a company internal system, and the staff intends to query the transaction records of a specific client. After receiving the request, the security assessment module first extracts access features including an account number (e.g., job number) of the employee, authentication information (e.g., password or biometric information), and a specific query instruction. And (3) verifying the information to confirm that the employee is an authorized user, and entering a step two.
And secondly, the security assessment module judges that the employee is a known user according to the account number of the employee, because the account number is registered and authenticated in the cloud data server. Step three is then entered.
And thirdly, the security evaluation module acquires historical access behavior data of the staff from the cloud data server, and generates a behavior mode of the staff, wherein the behavior mode comprises common access time, access data types (such as transaction records and client information) and common query instructions. And (3) comparing the current access behavior with the behavior mode, finding that the access time, the data type and the instruction are consistent with the history mode, and entering a step (six) after the verification success, wherein the deviation degree is lower than the early warning deviation degree threshold value.
And step six, since the access behavior of the staff is judged to be safe, the security assessment module allows the staff to access the request, and the staff successfully inquires the transaction records of the required clients.
In the first step, the security evaluation module uses a multi-factor authentication technology to strictly verify the identity information of the staff, including the password and the biological identification information, so as to ensure the authenticity of the identity. In step three, the calculation of the degree of deviation takes into account the access time (whether at work time), the type of data accessed (whether related to employee responsibilities) and the complexity of the query instructions to ensure the comprehensiveness and accuracy of the assessment.
Example two
A medical institution employs the present invention to manage its medical database, including highly sensitive data such as patient medical record information, diagnostic reports, etc. The organization wishes to ensure that external collaborative researchers can securely access a particular data set while preventing unauthorized access and internal data leakage.
The specific implementation steps are as follows:
An external partner researcher submits a data download request through a special interface provided by a medical institution to request to download a research data set of a specific disease. After the security assessment module receives the request, access features are extracted, including the account number of the researcher (issued in advance by the institution), authentication information (such as a one-time authentication code) and a data downloading instruction. After the verification is passed, the step two is entered.
And step two, the account number of the researcher is registered in the cloud data server for the first time, and the security evaluation module regards the account number of the researcher as an unknown user and enters the step four.
And step four, the security assessment module acquires access behavior data of researchers, and mainly focuses on the type of data asset requested by the researchers (namely, research data set of specific diseases) and data downloading instructions. Then, a secure access policy for the corresponding data type is matched in the cloud data server, the policy specifying which data sets are accessible to external researchers and the type of access instructions allowed.
And fifthly, the security evaluation module performs consistency check on the access behavior data of the researchers according to the matched security policy. And (3) confirming that the data set and the downloading instruction requested by the researcher meet the policy requirements, passing the consistency check, and entering a step (six).
And step six, the access behavior of the researcher is judged to be safe, the security evaluation module allows the access behavior to download requests, and the researcher successfully acquires the required research data set.
In the first step, in order to ensure the identity authenticity of the external researchers, the security evaluation module adopts double-factor authentication, including account numbers and passwords and a one-time verification code sent through mails or short messages. In the fourth step, when the data asset security access strategy is formulated, the medical institution fully considers the sensitivity and research requirements of different types of data sets, ensures that the strategy is strict and reasonable, protects the privacy of patients and supports scientific research.

Claims (8)

1. A method of evaluating the security of a data asset, comprising the steps of:
The method comprises the steps that firstly, a security evaluation module receives a data asset access request, access characteristics are extracted according to the access request, and based on the access characteristics, the security evaluation module obtains an access request authorization state, if the access request authorization state is the authorization state, the step two is entered;
Step two, determining user permission according to user identity information in the access characteristics, if the user is a known user, entering step three, otherwise, entering step four if the user is an unknown user;
step three, the security assessment module acquires known user access behavior data, verifies the known user access behavior data with a corresponding known user behavior mode stored in a cloud data server, and judges the security of data asset access if verification is successful, and enters step six;
Step four, the security assessment module obtains the access behavior data of the unknown user, obtains the primary access characteristics according to the obtained access behavior data of the unknown user, obtains the data asset security access policy matching the primary access characteristics at the cloud data server, generates a security policy corresponding to the primary access characteristics, sends the security policy to the security assessment module, and enters step five;
Step five, the security assessment module carries out consistency check on the access behavior data of the user according to the security policy corresponding to the primary access characteristic sent by the cloud data server, if so, judges the access security of the data asset until the access of the data asset is completed, and enters step six;
And step six, completing data asset security assessment.
2. The method of claim 1, wherein the security assessment module receives a data asset access request, extracts access characteristics according to the access request, and based on the access characteristics, the security assessment module obtains an access request authorization status, and comprises:
the access characteristics comprise access user identity information and an authorized access instruction, wherein the access user identity information comprises a user account and identity verification information;
The authorized access instruction comprises a data query instruction, a data downloading instruction, a data modifying instruction and a data uploading instruction;
The security evaluation module verifies the authorization verification information, if the authorization user identity information in the authorization verification information is consistent with the access user identity information, the security evaluation module responds, and if not, the security evaluation module does not respond.
3. The method of claim 2, wherein determining the user rights based on the user identity information in the access profile comprises:
If the user account is the user registered and authenticated in the cloud data server for the first time, the user account is an unknown user, and if the user account is not the user registered and authenticated in the cloud data server for the first time, the user account is a known user.
4. A method of evaluating security of a data asset according to claim 3, wherein the security assessment module obtains user access behavior data and verifies the user access behavior data with a corresponding known user behavior pattern stored in the cloud data server, comprising:
The cloud data server generates a behavior mode of a corresponding user according to historical access behavior data of the known user, compares the access behavior data of the known user with the behavior mode of the corresponding user to obtain the deviation degree of the access behavior of the known user, and performs data asset access risk early warning if the deviation degree of the access behavior of the known user is larger than an early warning deviation degree threshold value, wherein the behavior mode comprises access characteristic items including access time, access data asset types and access instructions.
5. The method of claim 4, wherein the user access behavior deviates from the following:
If the access characteristic items obtained according to the known user access behavior data are identical to the access characteristic items in the behavior mode of the corresponding user, the known user access behavior is not deviated, otherwise, the user access behavior is deviated, and the known user access behavior deviation degree is obtained according to the sum of the early warning deviation values corresponding to the inconsistent access characteristic items.
6. A method for evaluating security of a data asset according to claim 3, wherein the security evaluation module obtains the access behavior data of the unknown user, obtains the primary access characteristic according to the obtained access behavior data of the unknown user, and obtains the security access policy of the data asset matching the primary access characteristic at the cloud data server, comprising:
the primary access feature is that the type of the data asset accessed in the access behavior data is obtained, the type of the data asset accessed and the authorized access instruction form the primary access feature, and the data asset security access strategy corresponding to the type of the data asset accessed is matched in the cloud data server according to the primary access feature.
7. The method for evaluating the security of a data asset according to claim 6, wherein the security evaluation module performs a consistency check with the unknown user access behavior data according to the security policy corresponding to the primary access feature sent by the cloud data server, and the method comprises:
And acquiring an accessible instruction of the data asset in the security policy corresponding to the primary access characteristic, if the access instruction in the user access behavior data is not known to be consistent with the accessible instruction of the data asset in the security policy, passing the consistency check, otherwise, failing the consistency check.
8. The data asset security assessment system is characterized by applying the data asset security assessment method according to any one of claims 1-7, and comprises a cloud data server, a security assessment module, a data acquisition module, a communication module, a data processing module and user equipment;
The safety evaluation module, the data acquisition module and the communication module are respectively connected with the data processing module; the cloud data server and the user terminal device are respectively in communication connection with the communication module.
CN202510166212.5A 2025-02-14 2025-02-14 Data asset security assessment method and assessment system Pending CN119622752A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202510166212.5A CN119622752A (en) 2025-02-14 2025-02-14 Data asset security assessment method and assessment system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202510166212.5A CN119622752A (en) 2025-02-14 2025-02-14 Data asset security assessment method and assessment system

Publications (1)

Publication Number Publication Date
CN119622752A true CN119622752A (en) 2025-03-14

Family

ID=94908841

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202510166212.5A Pending CN119622752A (en) 2025-02-14 2025-02-14 Data asset security assessment method and assessment system

Country Status (1)

Country Link
CN (1) CN119622752A (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115203712A (en) * 2021-04-12 2022-10-18 腾讯科技(深圳)有限公司 Database auditing method and device based on cloud access security agent
CN118368083A (en) * 2024-03-08 2024-07-19 广州远通智能科技有限公司 Digital resource sharing and access control method

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115203712A (en) * 2021-04-12 2022-10-18 腾讯科技(深圳)有限公司 Database auditing method and device based on cloud access security agent
CN118368083A (en) * 2024-03-08 2024-07-19 广州远通智能科技有限公司 Digital resource sharing and access control method

Similar Documents

Publication Publication Date Title
US7779457B2 (en) Identity verification system
US12120143B2 (en) Monitoring and preventing remote user automated cyber attacks
Andress The basics of information security: understanding the fundamentals of InfoSec in theory and practice
JP5207736B2 (en) Network security and fraud detection system and method
US20080189776A1 (en) Method and System for Dynamically Controlling Access to a Network
US20040083394A1 (en) Dynamic user authentication
US20140223578A1 (en) Secure data delivery system
JPH0695947A (en) Method for detecting alias on computer system, decentralized computer system and operating method thereof and decentralized computer system for detecting alias
WO2015099607A1 (en) An integrated access control and identity management system
CN114297708A (en) Access control method, apparatus, device and storage medium
Gordon et al. The Official (ISC) 2 guide to the SSCP CBK
US8978150B1 (en) Data recovery service with automated identification and response to compromised user credentials
US20190132312A1 (en) Universal Identity Validation System and Method
CN117332452A (en) Big data-based privacy data management method and system
US20200210611A1 (en) Hardware safe for protecting sensitive data with controlled external access
CN118153097B (en) Anti-theft management system and method for key data of clinical test of medicine
JP4843546B2 (en) Information leakage monitoring system and information leakage monitoring method
CN1492375A (en) Method for using finger print identification technology in bank teller management
CN119622752A (en) Data asset security assessment method and assessment system
Laas-Mikko et al. Promises, social, and ethical challenges with biometrics in remote identity onboarding
CN111898886B (en) Collective asset production and nuclear resource clearing system
CN115063910A (en) Online locking and unlocking method, dynamic coded lock, system and storage medium
Nanda et al. Oracle Privacy Security Auditing: Includes Federal Law Compliance with HIPAA, Sarbanes Oxley and the Gramm Leach Bliley Act GLB
CN108600178A (en) A kind of method for protecting and system, reference platform of collage-credit data
Wen et al. Privacy and security in E-healthcare information management

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination