The method and apparatus for realizing data automatic classification cascade protectionTechnical field
The present invention relates to technical field of network security, more particularly, to the method for realizing data automatic classification cascade protection andDevice.
Background technique
In big data era, protect the importance of userspersonal information self-evident.ISP is in order to promoteInto transmission via net, it is desirable to a large number of users personal information is obtained, and user then wishes to avoid open personal information, userspersonal informationOverprotection, then will affect the transmission via net of internet.
Summary of the invention
In view of this, the purpose of the present invention is to provide the method and apparatus for realizing data automatic classification cascade protection, it canTo classify to userspersonal information and be classified, to carry out different degrees of protection.
In a first aspect, the embodiment of the invention provides the method for realizing data automatic classification cascade protection, the method packetIt includes:
Obtain at least one information storage system;
At least one described information storage system is scanned, information storage system inventory is obtained;
Obtain the account number of each information storage system in the information storage system inventory of user's input;
The information storage system is scanned according to the account number of each information storage system, is obtained described eachThe data information inventory of information storage system;
Establish data information classification cascade protection dictionary;
By the data information inventory of each information storage system according to data information classification cascade protection dictionaryCarry out classification and classification processing, the data information inventory handled.
With reference to first aspect, the embodiment of the invention provides the first possible embodiments of first aspect, wherein instituteIt states and is divided the data information inventory of each information storage system according to data information classification cascade protection dictionaryClass and classification processing, the data information inventory handled, comprising:
By the data information inventory of each information storage system according to data information classification cascade protection dictionaryThe privacy level of middle information is classified, and the data information inventory of the corresponding classification of each information storage system is obtained;
The data information inventory of the corresponding classification of each information storage system is classified according to protection class, is obtainedTo the data information inventory of the processing.
With reference to first aspect, the embodiment of the invention provides second of possible embodiments of first aspect, wherein instituteState method further include:
The data information inventory of the processing is protected according to classification and classification.
With reference to first aspect, the embodiment of the invention provides the third possible embodiments of first aspect, wherein instituteStating information storage system includes database, file server and/or big data platform.
The third possible embodiment with reference to first aspect, the embodiment of the invention provides the 4th kind of first aspectPossible embodiment, wherein it is described that at least one described information storage system is scanned, it is clear to obtain information storage systemIt is single, comprising:
The database, the file server and/or the big data platform are scanned, the information is obtained and depositsStorage system inventory.
Second aspect, the embodiment of the invention provides the device for realizing data automatic classification cascade protection, described device packetsIt includes:
First obtains module, for obtaining at least one information storage system;
First scan module obtains information storage system for being scanned at least one described information storage systemInventory;
Second obtains module, obtains the account of each information storage system in the information storage system inventory of user's inputNumber;
Second scan module sweeps the information storage system according to the account number of each information storage systemIt retouches, obtains the data information inventory of each information storage system;
Module is established, for establishing data information classification cascade protection dictionary;
Processing module, for the data information inventory of each information storage system to be classified according to the data informationCascade protection dictionary carries out classification and classification processing, the data information inventory handled.
In conjunction with second aspect, the embodiment of the invention provides the first possible embodiments of second aspect, wherein instituteStating processing module includes:
Taxon, for the data information inventory of each information storage system to be classified according to the data informationThe privacy level of information is classified in cascade protection dictionary, obtains the data of the corresponding classification of each information storage systemInformation inventory;
Stage unit, for by the data information inventory of the corresponding classification of each information storage system according to protection etc.Grade is classified, and the data information inventory of the processing is obtained.
In conjunction with second aspect, the embodiment of the invention provides second of possible embodiments of second aspect, wherein instituteState device further include:
Protective module, for protecting the data information inventory of the processing according to classification and classification.
In conjunction with second aspect, the embodiment of the invention provides the third possible embodiments of second aspect, wherein instituteStating information storage system includes database, file server and/or big data platform.
In conjunction with the third possible embodiment of second aspect, the embodiment of the invention provides the 4th kind of second aspectPossible embodiment, wherein first scan module includes:
The database, the file server and/or the big data platform are scanned, the information is obtained and depositsStorage system inventory.
The embodiment of the invention provides the method and apparatus for realizing data automatic classification cascade protection, comprising: obtains at leastOne information storage system;At least one information storage system is scanned, information storage system inventory is obtained;Obtain userThe account number of each information storage system in the information storage system inventory of input;According to the account number of each information storage system to letterBreath storage system is scanned, and obtains the data information inventory of each information storage system;Data information classification classification is established to protectProtect dictionary;By the data information inventory of each information storage system according to data information classify cascade protection dictionary carry out classification andClassification processing, the data information inventory handled can classify and be classified to userspersonal information, to carry out differenceThe protection of degree.
Other features and advantages of the present invention will illustrate in the following description, also, partly become from specificationIt obtains it is clear that understand through the implementation of the invention.The objectives and other advantages of the invention are in specification, claimsAnd specifically noted structure is achieved and obtained in attached drawing.
To enable the above objects, features and advantages of the present invention to be clearer and more comprehensible, preferred embodiment is cited below particularly, and cooperateAppended attached drawing, is described in detail below.
Detailed description of the invention
It, below will be to specific in order to illustrate more clearly of the specific embodiment of the invention or technical solution in the prior artEmbodiment or attached drawing needed to be used in the description of the prior art be briefly described, it should be apparent that, it is described belowAttached drawing is some embodiments of the present invention, for those of ordinary skill in the art, before not making the creative laborIt puts, is also possible to obtain other drawings based on these drawings.
Fig. 1 is the method flow diagram for the realization data automatic classification cascade protection that the embodiment of the present invention one provides;
Fig. 2 is the stream of step S106 in the method for the realization data automatic classification cascade protection that the embodiment of the present invention one providesCheng Tu;
Fig. 3 is the schematic device provided by Embodiment 2 of the present invention for realizing data automatic classification cascade protection;
Fig. 4 is processing module schematic diagram provided by Embodiment 2 of the present invention.
Icon:
10- first obtains module;The first scan module of 20-;30- second obtains module;The second scan module of 40-;50- is builtFormwork erection block;60- processing module;61- taxon;62- stage unit.
Specific embodiment
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with attached drawing to the present inventionTechnical solution be clearly and completely described, it is clear that described embodiments are some of the embodiments of the present invention, rather thanWhole embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art are not making creative work premiseUnder every other embodiment obtained, shall fall within the protection scope of the present invention.
To be described in detail to the embodiment of the present invention below convenient for understanding the present embodiment.
Embodiment one:
Fig. 1 is the method flow diagram for the realization data automatic classification cascade protection that the embodiment of the present invention one provides.
Referring to Fig.1, method includes the following steps:
Step S101 obtains at least one information storage system;
Step S102 is scanned at least one information storage system, obtains information storage system inventory;
Here, information storage system is scanned, can use scanning tools and be scanned, but scanning tools includesBut it is not limited to, specially nmap, nmap is network sweep kit.Scanning mode can be swept in a manner of IP and portIt retouches, but is not limited to above-mentioned scanning mode.
After the completion of scanning at least one information storage system, information storage system inventory, information storage system are obtainedInventory includes sequence number, IP and information storage system.For example, in information storage system inventory, sequence number 1: database;SequenceNumbers 2: file server;Sequence number 3: big data platform.
Step S103 obtains the account number of each information storage system in the information storage system inventory of user's input;
Step S104 is scanned information storage system according to the account number of each information storage system, obtains each letterCease the data information inventory of storage system;
Here, the data information inventory of each information storage system include sequence number, information storage system, data information,Information category and protection class.Wherein, information category includes but is not limited to, specially top-secret, secret, secret and openly.ProtectionGrade includes but is not limited to, specially level-one, second level and three-level.When information storage system is database, the data of databaseInformation inventory includes: sequence number 1: user name, openly, three-level;Sequence number 2: cell-phone number, secret, level-one.
Step S105 establishes data information classification cascade protection dictionary;
Step S106, by the data information inventory of each information storage system according to data information classification cascade protection dictionaryCarry out classification and classification processing, the data information inventory handled.
Further, referring to Fig. 2, the data information inventory of each information storage system is classified according to data information and is classifiedProtection dictionary carries out classification and classification processing, the data information inventory handled, comprising the following steps:
Step S201, by the data information inventory of each information storage system according to data information classification cascade protection dictionaryThe privacy level of middle information is classified, and the data information inventory of the corresponding classification of each information storage system is obtained;
Step S202 is divided the data information inventory of the corresponding classification of each information storage system according to protection classGrade, the data information inventory handled.
Specifically, classify according to protection class, it can operative combination is carried out according to the demand of client, including but notIt is limited to, specially authorizes and operate.
Operation can be to increase, delete, check and modify.For example, level-one is to authorize, increase, delete, check and modify;Second level is to authorize, increase, delete and check;Three-level is authorization, increases and delete.
Further, this method further includes:
The data information inventory of processing is protected according to classification and classification.
Further, information storage system includes database, file server and/or big data platform.
Further, at least one information storage system is scanned, obtains information storage system inventory, comprising:
Database, file server and/or big data platform are scanned, information storage system inventory is obtained.
The embodiment of the invention provides the methods for realizing data automatic classification cascade protection, comprising: obtains at least one letterCease storage system;At least one information storage system is scanned, information storage system inventory is obtained;Obtain user's inputThe account number of each information storage system in information storage system inventory;Information is stored according to the account number of each information storage systemSystem is scanned, and obtains the data information inventory of each information storage system;Establish data information classification cascade protection dictionary;The data information inventory of each information storage system is carried out at classification and classification according to data information classification cascade protection dictionaryReason, the data information inventory handled can classify and be classified to userspersonal information, to carry out in various degreeProtection.
Embodiment two:
Fig. 3 is the schematic device provided by Embodiment 2 of the present invention for realizing data automatic classification cascade protection.
Referring to Fig. 3, which includes:
First obtains module 10, for obtaining at least one information storage system;
It is clear to obtain information storage system for being scanned at least one information storage system for first scan module 20It is single;
Second obtains module 30, obtains the account of each information storage system in the information storage system inventory of user's inputNumber;
Second scan module 40, is scanned information storage system according to the account number of each information storage system, obtainsThe data information inventory of each information storage system;
Module 50 is established, for establishing data information classification cascade protection dictionary;
Processing module 60 is protected for the data information inventory of each information storage system to classify to be classified according to data informationShield dictionary carries out classification and classification processing, the data information inventory handled.
Further, referring to Fig. 4, processing module 60 includes:
Taxon 61 is protected for the data information inventory of each information storage system to classify to be classified according to data informationThe privacy level of information is classified in shield dictionary, obtains the data information inventory of the corresponding classification of each information storage system;
Stage unit 62 carries out the data information inventory of the corresponding classification of each information storage system according to protection classClassification, the data information inventory handled.
Further, the device further include:
Protective module (not shown), for protecting the data information inventory of processing according to classification and classification.
Further, information storage system includes database, file server and/or big data platform.
Further, the first scan module 20 includes:
Database, file server and/or big data platform are scanned, information storage system inventory is obtained.
The embodiment of the invention provides the devices for realizing data automatic classification cascade protection, comprising: obtains at least one letterCease storage system;At least one information storage system is scanned, information storage system inventory is obtained;Obtain user's inputThe account number of each information storage system in information storage system inventory;Information is stored according to the account number of each information storage systemSystem is scanned, and obtains the data information inventory of each information storage system;Establish data information classification cascade protection dictionary;The data information inventory of each information storage system is carried out at classification and classification according to data information classification cascade protection dictionaryReason, the data information inventory handled can classify and be classified to userspersonal information, to carry out in various degreeProtection.
The embodiment of the present invention also provides a kind of electronic equipment, including memory, processor and storage are on a memory and canThe computer program run on a processor, processor realize realization data provided by the above embodiment when executing computer programThe step of method of automatic classification cascade protection.
The embodiment of the present invention also provides a kind of computer readable storage medium, and meter is stored on computer readable storage mediumCalculation machine program executes the side of the realization data automatic classification cascade protection of above-described embodiment when computer program is run by processorThe step of method.
Computer program product provided by the embodiment of the present invention, the computer-readable storage including storing program codeMedium, the instruction that said program code includes can be used for executing previous methods method as described in the examples, and specific implementation can be joinedSee embodiment of the method, details are not described herein.
It is apparent to those skilled in the art that for convenience and simplicity of description, the system of foregoing descriptionIt with the specific work process of device, can refer to corresponding processes in the foregoing method embodiment, details are not described herein.
In addition, in the description of the embodiment of the present invention unless specifically defined or limited otherwise, term " installation ", " phaseEven ", " connection " shall be understood in a broad sense, for example, it may be being fixedly connected, may be a detachable connection, or be integrally connected;It canTo be mechanical connection, it is also possible to be electrically connected;It can be directly connected, can also can be indirectly connected through an intermediaryConnection inside two elements.For the ordinary skill in the art, above-mentioned term can be understood at this with concrete conditionConcrete meaning in invention.
It, can be with if the function is realized in the form of SFU software functional unit and when sold or used as an independent productIt is stored in a computer readable storage medium.Based on this understanding, technical solution of the present invention is substantially in other wordsThe part of the part that contributes to existing technology or the technical solution can be embodied in the form of software products, the meterCalculation machine software product is stored in a storage medium, including some instructions are used so that a computer equipment (can be aPeople's computer, server or network equipment etc.) it performs all or part of the steps of the method described in the various embodiments of the present invention.And storage medium above-mentioned includes: that USB flash disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), arbitrary access are depositedThe various media that can store program code such as reservoir (RAM, Random Access Memory), magnetic or disk.
In the description of the present invention, it should be noted that term " center ", "upper", "lower", "left", "right", "vertical",The orientation or positional relationship of the instructions such as "horizontal", "inner", "outside" be based on the orientation or positional relationship shown in the drawings, merely toConvenient for description the present invention and simplify description, rather than the device or element of indication or suggestion meaning must have a particular orientation,It is constructed and operated in a specific orientation, therefore is not considered as limiting the invention.In addition, term " first ", " second "," third " is used for descriptive purposes only and cannot be understood as indicating or suggesting relative importance.
Finally, it should be noted that embodiment described above, only a specific embodiment of the invention, to illustrate the present inventionTechnical solution, rather than its limitations, scope of protection of the present invention is not limited thereto, although with reference to the foregoing embodiments to this hairIt is bright to be described in detail, those skilled in the art should understand that: anyone skilled in the artIn the technical scope disclosed by the present invention, it can still modify to technical solution documented by previous embodiment or can be lightIt is readily conceivable that variation or equivalent replacement of some of the technical features;And these modifications, variation or replacement, do not makeThe essence of corresponding technical solution is detached from the spirit and scope of technical solution of the embodiment of the present invention, should all cover in protection of the inventionWithin the scope of.Therefore, protection scope of the present invention should be based on the protection scope of the described claims.