Movatterモバイル変換

[0]ホーム
URL:

CN114398667A - Data security access system and method of computer storage system - Google Patents

Data security access system and method of computer storage systemDownload PDF

Info

Publication number
CN114398667A
CN114398667ACN202111528966.9ACN202111528966ACN114398667ACN 114398667 ACN114398667 ACN 114398667ACN 202111528966 ACN202111528966 ACN 202111528966ACN 114398667 ACN114398667 ACN 114398667A
Authority
CN
China
Prior art keywords
operation information
user
file
unit time
website
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111528966.9A
Other languages
Chinese (zh)
Inventor
张庆龙
刘娟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Telecom Construction 3rd Engineering Co Ltd
Original Assignee
China Telecom Construction 3rd Engineering Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Telecom Construction 3rd Engineering Co LtdfiledCriticalChina Telecom Construction 3rd Engineering Co Ltd
Priority to CN202111528966.9ApriorityCriticalpatent/CN114398667A/en
Publication of CN114398667ApublicationCriticalpatent/CN114398667A/en
Pendinglegal-statusCriticalCurrent

Links

Images

Classifications

Landscapes

Abstract

The invention discloses a data security access system and a data security access method of a computer storage system. When the operation information of the user is analyzed, the comprehensive evaluation of the operation behavior of the user is realized through the local operation information of the user and the browser operation information, the safety risk coefficient corresponding to the operation information of the user is judged according to the evaluation result, the access authority of the user is further judged, and whether the user is allowed to access the computer storage system is finally judged, so that the safety of the data of the user is ensured.

Description

Translated fromChinese
一种计算机存储系统的数据安全访问系统及方法Data security access system and method for computer storage system

技术领域technical field

本发明涉及计算机技术领域,具体为一种计算机存储系统的数据安全访问系统及方法。The invention relates to the technical field of computers, in particular to a data security access system and method of a computer storage system.

背景技术Background technique

随着计算机技术的快速发展,计算机为人们的生产生活带来的巨大的便利,但同时人们在使用计算机的同时也面临一定的危险,在人们浏览网站时,网页上面的病毒也会对浏览网站的计算机进行攻击或者潜伏在计算机中,进而使得人们的计算机存在较大的风险,当人们访问重要数据时,会对访问的数据安全造成一定的威胁。With the rapid development of computer technology, computers have brought great convenience to people's production and life, but at the same time, people also face certain dangers while using computers. When people access important data, it will pose a certain threat to the security of the accessed data.

当前的数据安全访问系统,仅仅是从浏览的网站的关键词信息进行分析,通过识别浏览的网站类别对计算机的安全级别进行判定,进而确保计算机中的数据安全,但是这种方式存在较大的缺陷,计算机中的存储数据面临的是两方面安全隐患,一方面是人们对计算机的误操作,会因为人们误删数据导致数据缺失,另一方面是浏览器的浏览网站,但是一般的病毒会潜藏在网站内的广告条中,通过点击广告条对应的链接将病毒植入计算机中,同时这部分广告条不一定都是具备病毒的,且藏有安全隐患(病毒)的广告条还受广告条对应的宣传内容的影响。The current data security access system only analyzes the keyword information of the website being browsed, and determines the security level of the computer by identifying the type of website being browsed, thereby ensuring the data security in the computer. Defects, the data stored in the computer is faced with two security risks. On the one hand, people misuse the computer, which will cause data loss because people delete data by mistake. On the other hand, the browser browses the website, but the general virus will The advertisements are hidden in the website, and the virus is implanted into the computer by clicking the link corresponding to the advertisement. At the same time, these advertisements are not necessarily virus-containing, and the advertisements with hidden security risks (viruses) are also subject to advertisements. The influence of the corresponding publicity content.

针对上述情况,我们需要一种算机存储系统的数据安全访问系统及方法。In view of the above situation, we need a data security access system and method for computer storage system.

发明内容SUMMARY OF THE INVENTION

本发明的目的在于提供一种计算机存储系统的数据安全访问系统及方法,以解决上述背景技术中提出的问题。The purpose of the present invention is to provide a data security access system and method of a computer storage system to solve the problems raised in the above background art.

为了解决上述技术问题,本发明提供如下技术方案:一种计算机存储系统的数据安全访问系统,包括:In order to solve the above-mentioned technical problems, the present invention provides the following technical solutions: a data security access system of a computer storage system, comprising:

操作信息采集模块,所述操作信息采集模块获取用户在计算机上单位时间内的操作信息;an operation information acquisition module, the operation information acquisition module acquires the operation information of the user per unit time on the computer;

数据安全处理模块,所述数据安全处理模块用于将操作信息采集模块获取的用户操作信息进行分类处理,获取处理后的各个类别对应的用户操作信息进行保存;a data security processing module, the data security processing module is configured to classify and process the user operation information obtained by the operation information collection module, and obtain and store the user operation information corresponding to each category after processing;

数据安全判定模块,所述数据安全判定模块对数据安全处理模块保存的结果进行分析,判断用户操作信息中各类别的操作信息分别对应的安全风险系数;a data security determination module, wherein the data security determination module analyzes the results saved by the data security processing module, and determines the respective security risk coefficients corresponding to each type of operation information in the user operation information;

访问权限判定模块,所述访问权限判定模块根据每个用户的操作信息分别对应的安全风险系数,对用户对应的访问权限进行判定,并根据用户对应的访问权限,判断是否允许用户访问存储系统。An access authority judgment module, which judges the access authority corresponding to the user according to the security risk coefficient corresponding to the operation information of each user, and judges whether to allow the user to access the storage system according to the access authority corresponding to the user.

本发明通过各个模块的协同合作,通过分析用户在计算机上单位时间内的操作信息对应的安全风险系数,进而确定用户的访问权限,进而判断是否允许用户访问存储系统,确保存储系统中数据的安全性。Through the cooperation and cooperation of various modules, the present invention determines the user's access authority by analyzing the security risk coefficient corresponding to the user's operation information per unit time on the computer, and then determines whether the user is allowed to access the storage system, so as to ensure the safety of the data in the storage system. sex.

进一步的,所述操作信息采集模块获取的用户在计算机上单位时间内的操作信息包括:本地操作信息及浏览器操作信息,Further, the operation information of the user in the unit time on the computer obtained by the operation information collection module includes: local operation information and browser operation information,

所述本地操作信息指用户对计算机本地内容的操作信息,包括访问的文件夹及所在位置,对文件的增加、删除、修改及查找;The local operation information refers to the operation information of the user on the local content of the computer, including the accessed folder and location, and the addition, deletion, modification and search of files;

所述浏览器操作信息指用户在计算机中浏览器上执行的操作信息,包括打开的网址信息对应的网站名称、浏览内容信息。The browser operation information refers to the operation information performed by the user on the browser in the computer, including the website name and browsing content information corresponding to the opened website information.

本发明从本地操作信息及浏览操作信息这两个方面对用户的操作信息进行分析,是因为这两者涉及的安全隐患方向不同,本地操作信息对应的用户自身的因素,所有的安全隐患均是用户自身的误操作导致的(分析该方面内容是为了判断用户是否具有误删文件的习惯及该习惯的严重程度),浏览器操作信息对应的是外部因素,安全隐患取决于用户浏览的网站中存在风险的几率。The present invention analyzes the user's operation information from the two aspects of the local operation information and the browsing operation information, because the security risks involved in the two are different, the local operation information corresponds to the user's own factors, and all the security risks are Caused by the user's own misoperation (the content of this aspect is analyzed to determine whether the user has the habit of deleting files by mistake and the severity of the habit), the browser operation information corresponds to external factors, and the security risks depend on the website that the user browses. the probability of risk.

进一步的,所述数据安全处理模块对获取的用户操作信息进行分类处理时,将用户在计算机中单位时间内的本地操作信息的处理结果记为该用户的第一操作信息集合,将用户在计算机中单位时间内的浏览器操作信息的处理结果记为该用户的第二操作信息集合。Further, when the data security processing module classifies the acquired user operation information, the processing result of the user's local operation information per unit time in the computer is recorded as the user's first operation information set, and the user is stored in the computer. The processing result of the browser operation information in the unit time is recorded as the second operation information set of the user.

本发明设置第一操作信息集合与第二操作信息集合是为了便于后续分别对本地操作信息及浏览器操作信息对应的处理结果进行分析,能够将两者的处理结果股有效的区分开,进而避免两者对应的分析结果在保存是产生混淆,进而对后续的数据分析产生影响,使得分析结果产生偏差。The present invention sets the first operation information set and the second operation information set to facilitate the subsequent analysis of the processing results corresponding to the local operation information and the browser operation information respectively, and can effectively distinguish the processing results of the two, thereby avoiding The corresponding analysis results of the two are confused when saved, which in turn affects the subsequent data analysis and causes deviations in the analysis results.

进一步的,数据安全处理模块获取用户的第一操作信息集合的方法包括以下步骤:Further, the method for the data security processing module to obtain the user's first operation information set includes the following steps:

S1.1、获取用户在单位时间内的本地操作信息对应的所有操作信息内容;S1.1. Obtain all operation information content corresponding to the user's local operation information within a unit time;

S1.2、将本地操作信息中用户删除的文件、在回收站查找或者还原的文件分别进行标记,其中用户删除的文件进行第一标记,用户在回收站查找的文件进行第二标记,用户还原内的文件进行第三标记;S1.2. Mark the files deleted by the user in the local operation information and the files searched or restored in the recycle bin, wherein the files deleted by the user are marked first, the files searched by the user in the recycle bin are marked second, and the users restore the document within the third mark;

S1.3、判断每个第三标记的用户还原文件之后的本地操作信息中是否含有针对该文件的修改操作,S1.3. Determine whether the local operation information after each third marked user restores the file contains a modification operation for the file,

当用户还原文件之后的本地操作信息中含有针对该文件的修改操作,则将该修改操作与该用户还原文件进行绑定,并获取该修改操作对应的修改内容及该修改操作距离该用户还原文件时的时长,When the local operation information after the user restores a file contains a modification operation for the file, the modification operation is bound to the user's restored file, and the modification content corresponding to the modification operation and the distance between the modification operation and the user's restored file are obtained. time period,

当用户还原文件之后的本地操作信息中不含有针对该文件的修改操作,则不对该用户还原文件进行处理;When the local operation information after the user restores the file does not contain the modification operation for the file, the file restored by the user will not be processed;

S1.4、按照本地操作信息的时间先后顺序,逐个将各个第一标记、第二标记及第三标记对应的操作信息录入到一个空白集合中,构成第一操作信息集合;S1.4, according to the chronological order of the local operation information, enter the operation information corresponding to each first mark, second mark and third mark one by one into a blank set to form a first operation information set;

数据安全处理模块获取用户的第二操作信息集合的方法包括以下步骤:The method for obtaining the second operation information set of the user by the data security processing module includes the following steps:

S2.1、获取用户在计算机中单位时间内的浏览器操作信息;S2.1. Obtain the user's browser operation information per unit time in the computer;

S2.2、将每个浏览器操作信息对应的网站名称与对比数据库进行比较,S2.2, compare the website name corresponding to each browser operation information with the comparison database,

若浏览器操作信息对应的网站名称包含于对比数据库中,则判定该浏览器操作信息对应的网站名称为授权网站,If the website name corresponding to the browser operation information is included in the comparison database, it is determined that the website name corresponding to the browser operation information is an authorized website,

若浏览器操作信息对应的网站名称不包含于对比数据库中,则判定该浏览器操作信息对应的网站名称为非授权网站;If the website name corresponding to the browser operation information is not included in the comparison database, it is determined that the website name corresponding to the browser operation information is an unauthorized website;

S2.3、分别提取每个非授权网站的网站内容中对应的广告条,并将提取的广告条分别与对应的非授权网站进行绑定;S2.3. Respectively extract the corresponding advertisement banners in the website content of each unauthorized website, and bind the extracted advertisement banners to the corresponding unauthorized websites respectively;

S2.4、按浏览器操作信息的时间先后顺序,逐个将各个非授权网站名称对应的操作信息添加到一个空白集合中,构成第二操作信息集合。S2.4. According to the chronological sequence of the browser operation information, add the operation information corresponding to each unauthorized website name to a blank set one by one to form a second operation information set.

本发明获取第一操作信息集合时,将本地操作信息中用户删除的文件、在回收站查找或者还原的文件分别进行标记,是因为便于对三者进行区分,这三者中任意一种均会存在一定的风险性,均会造成数据的丢失,删除文件是造成文件丢失的起因,查找文件是造成文件丢失的直观表现,还原文件是造成文件丢失的弥补措施,这三者直观体现了一个用户在本地操作的习惯及该习惯会造成文件丢失的影响程度,在计算机存储系统中该习惯极易造成数据丢失,在未保存有数据备份的情况下,会造成较为严重的后果(无法复原数据);获取第二操作信息集合中判断网站是否授权,是为了确认用户是否浏览未经允许(对比数据库中包含的)的网站,提取每个非授权网站的网站内容中对应的广告条,是因为非授权的网站存在较大的安全隐患,尤其是广告条对应的链接,因此需要将其与相应非授权网站进行绑定,进而对其进行分析。When the present invention obtains the first operation information set, the files deleted by the user in the local operation information and the files searched or restored in the recycle bin are marked respectively, because it is convenient to distinguish the three, and any one of the three will be There are certain risks, all of which will cause data loss. Deleting files is the cause of file loss, searching for files is an intuitive manifestation of file loss, and restoring files is a remedy for file loss. These three intuitively reflect a user. The habit of operating locally and the extent to which it will cause file loss. In the computer storage system, this habit can easily lead to data loss. If no data backup is saved, it will cause serious consequences (the data cannot be restored). Obtain the second operation information set to judge whether the website is authorized, in order to confirm whether the user browses the website without permission (contained in the comparison database), extract the corresponding advertisement bar in the website content of each unauthorized website, because the non-authorized website Authorized websites have great security risks, especially the links corresponding to advertisement banners. Therefore, it is necessary to bind them with corresponding unauthorized websites and then analyze them.

进一步的,所述数据安全判定模块获取用户的第一操作信息集合并对其进行分析,得到第一安全风险系数;Further, the data security determination module acquires the user's first operation information set and analyzes it to obtain the first security risk coefficient;

所述数据安全判定模块获取用户的第二操作信息集合并对其进行分析,得到第二安全风险系数。The data security determination module acquires the user's second operation information set and analyzes it to obtain a second security risk coefficient.

进一步的,所述数据安全判定模块得到第一安全风险系数的方法包括以下步骤:Further, the method for obtaining the first security risk coefficient by the data security determination module includes the following steps:

S3.1、获取用户对应的第一操作信息集合中的内容;S3.1. Obtain the content in the first operation information set corresponding to the user;

S3.2、计算该用户对应的第一安全风险系数Q1,S3.2. Calculate the first safety risk coefficient Q1 corresponding to the user,

所述

Figure BDA0003410041710000041
其中,a1表示删除文件风险系数,a2表示丢失文件风险系数,a3表示还原文件风险系数,said
Figure BDA0003410041710000041
Among them, a1 represents the risk factor of deleting files, a2 represents the risk factor of losing files, a3 represents the risk factor of restoring files,

B1表示第一操作信息集合中第一标记对应的未备份的删除文件的个数,B1 represents the number of unbacked deleted files corresponding to the first mark in the first operation information set,

所述第一操作信息集合中第一标记对应的未备份的删除文件的个数是通过数据安全判定模块自动检索计算机中第一标记对应的删除文件的名称时,通过对应的检索结果来获取的,The number of unbacked deleted files corresponding to the first mark in the first operation information set is obtained through the corresponding retrieval result when the data security determination module automatically retrieves the name of the deleted file corresponding to the first mark in the computer ,

当检索结果中不存在与第一标记对应的删除文件的名称相同名称的文件时,则判定第一标记对应的删除文件未备份,When there is no file with the same name as the name of the deleted file corresponding to the first mark in the retrieval result, it is determined that the deleted file corresponding to the first mark is not backed up,

当检索结果中存在与第一标记对应的删除文件的名称相同名称的文件时,则判定第一标记对应的删除文件备份;When there is a file with the same name as the name of the deleted file corresponding to the first mark in the retrieval result, it is determined that the deleted file corresponding to the first mark is backed up;

B2表示丢失的文件个数,等于第一操作信息集合中第二标记对应的查找结果中未查找到文件的个数,所述第一操作信息集合中第二标记对应的查找结果中未查找到文件的个数是通过数据安全判定模块自动检索计算机中第二标记对应的查找文件的名称时,通过对应的检索结果来获取的,B2 represents the number of lost files, which is equal to the number of files not found in the search results corresponding to the second mark in the first operation information set, and the search results corresponding to the second mark in the first operation information set are not found. The number of files is obtained through the corresponding retrieval result when the name of the search file corresponding to the second mark in the computer is automatically retrieved by the data security determination module,

B3表示第一操作信息集合中第三标记的个数,B3 represents the number of the third mark in the first operation information set,

Ci表示第i个第三标记对应的还原文件对应的还原文件风险值,Ci represents the risk value of the restored file corresponding to the restored file corresponding to the ith third mark,

所述

Figure BDA0003410041710000051
said
Figure BDA0003410041710000051

其中,C1表示第i个第三标记对应的还原文件未绑定修改操作时的还原文件风险值,Among them, C1 represents the risk value of the restored file when the restored file corresponding to the ith third mark is not bound to the modification operation,

Figure BDA0003410041710000052
表示第i个第三标记对应的还原文件绑定修改操作时的还原文件风险值,
Figure BDA0003410041710000052
Indicates the risk value of the restored file when the restored file corresponding to the i-th third tag is bound to the modification operation,

d1表示还原内容风险系数,d2表示还原时长风险系数,d1 represents the risk factor of restoration content, d2 represents the risk factor of restoration duration,

R1i表示第i个第三标记对应的还原文件绑定的修改操作对应的修改内容的总字数,所述修改内容表示还原文件中发生文字增加、文字删除或者文字替换的句子,R1i represents the total number of words in the modified content corresponding to the modification operation bound to the restored file corresponding to the i-th third tag, where the modified content represents a sentence in the restored file in which text is added, text is deleted, or text is replaced,

R2i表示第i个第三标记对应的还原文件执行绑定的修改操作前的总字数,R2i represents the total number of words in the restore file corresponding to the ith third mark before the bound modification operation is performed,

ti表示第i个第三标记对应的还原文件绑定的修改操作距离该用户还原文件时的时长;ti represents the duration of the modification operation bound to the restored file corresponding to the i-th third mark from the time when the user restores the file;

所述a1、a2及a3是动态变化的,不同单位时间内分别对应的a1或者a2或者a3可能不同,基于当前时间获取下一单位时间内a1、a2及a3分别对应的值,The a1, a2, and a3 are dynamically changed, and the corresponding a1, a2, or a3 may be different in different unit times. The values corresponding to a1, a2, and a3 in the next unit time are obtained based on the current time.

基于当前时间获取下一单位时间内a1对应的值的方法包括以下步骤:The method for obtaining the value corresponding to a1 in the next unit time based on the current time includes the following steps:

S3.2.1、基于当前时间所属的单位时间,分别获取历史数据中当前时间所属单位时间的前n个单位时间中每个单位时间分别对应的a1与B1的乘积,并计算获取的乘积之和的平均值,记为

Figure BDA0003410041710000053
S3.2.1. Based on the unit time to which the current time belongs, obtain the product of a1 and B1 corresponding to each unit time in the first n unit times of the unit time to which the current time belongs in the historical data, and calculate the sum of the obtained products. average, denoted as
Figure BDA0003410041710000053

S3.2.2、基于当前时间所属的单位时间,分别获取历史数据中当前时间所属单位时间的前n个单位时间中每个单位时间分别对应的B1的和的平均值,记为

Figure BDA0003410041710000054
S3.2.2. Based on the unit time to which the current time belongs, obtain the average value of the sum of B1 corresponding to each unit time in the first n unit times of the unit time to which the current time belongs in the historical data, and denote it as
Figure BDA0003410041710000054

S3.2.3、基于当前时间所属的单位时间,分别获取历史数据中当前时间所属单位时间的前n个单位时间中每个单位时间分别对应的a1的和的平均值,记为

Figure BDA0003410041710000055
S3.2.3. Based on the unit time to which the current time belongs, obtain the average value of the sum of a1 corresponding to each unit time in the first n unit times of the unit time to which the current time belongs in the historical data, and denote it as
Figure BDA0003410041710000055

S3.2.4、基于当前时间获取的下一单位时间内a1的值为

Figure BDA0003410041710000056
Figure BDA0003410041710000057
这两者中的最小值,记为
Figure BDA0003410041710000058
其中,p的值等于当前时间所属单位时间对应的a1的值;S3.2.4. The value of a1 in the next unit time obtained based on the current time is
Figure BDA0003410041710000056
and
Figure BDA0003410041710000057
The minimum of the two, denoted as
Figure BDA0003410041710000058
Among them, the value of p is equal to the value of a1 corresponding to the unit time to which the current time belongs;

根据基于当前时间获取下一单位时间内a1对应的值的方法,分别基于当前时间获取下一单位时间内a2、a3对应的值,According to the method of obtaining the value corresponding to a1 in the next unit time based on the current time, the values corresponding to a2 and a3 in the next unit time are obtained respectively based on the current time,

基于当前时间获取下一单位时间内a2对应的值的方法包括以下步骤:The method for obtaining the value corresponding to a2 in the next unit time based on the current time includes the following steps:

S3.2.1-1、基于当前时间所属的单位时间,分别获取历史数据中当前时间所属单位时间的前n个单位时间中每个单位时间分别对应的a2与B2的乘积,并计算获取的乘积之和的平均值,记为

Figure BDA0003410041710000061
S3.2.1-1. Based on the unit time to which the current time belongs, obtain the product of a2 and B2 corresponding to each unit time in the first n unit times of the unit time to which the current time belongs in the historical data, and calculate the sum of the obtained products The average of the sum, denoted as
Figure BDA0003410041710000061

S3.2.2-2、基于当前时间所属的单位时间,分别获取历史数据中当前时间所属单位时间的前n个单位时间中每个单位时间分别对应的B2的和的平均值,记为

Figure BDA0003410041710000062
S3.2.2-2. Based on the unit time to which the current time belongs, obtain the average value of the sum of B2 corresponding to each unit time in the first n unit times of the unit time to which the current time belongs in the historical data, and denote it as
Figure BDA0003410041710000062

S3.2.3-2、基于当前时间所属的单位时间,分别获取历史数据中当前时间所属单位时间的前n个单位时间中每个单位时间分别对应的a2的和的平均值,记为

Figure BDA0003410041710000063
S3.2.3-2. Based on the unit time to which the current time belongs, obtain the average value of the sum of a2 corresponding to each unit time in the first n unit times of the unit time to which the current time belongs in the historical data, and denote it as
Figure BDA0003410041710000063

S3.2.4-2、基于当前时间获取的下一单位时间内a2的值为

Figure BDA0003410041710000064
Figure BDA0003410041710000065
这两者中的最小值,记为
Figure BDA0003410041710000066
其中,p1的值等于当前时间所属单位时间对应的a2的值;S3.2.4-2. The value of a2 in the next unit time obtained based on the current time is the value of
Figure BDA0003410041710000064
and
Figure BDA0003410041710000065
The minimum of the two, denoted as
Figure BDA0003410041710000066
Among them, the value of p1 is equal to the value of a2 corresponding to the unit time to which the current time belongs;

基于当前时间获取下一单位时间内a3对应的值的方法包括以下步骤:The method for obtaining the value corresponding to a3 in the next unit time based on the current time includes the following steps:

S3.2.1-3、基于当前时间所属的单位时间,分别获取历史数据中当前时间所属单位时间的前n个单位时间中每个单位时间分别对应的a3与

Figure BDA0003410041710000067
的乘积,并计算获取的乘积之和的平均值,记为
Figure BDA0003410041710000068
S3.2.1-3. Based on the unit time to which the current time belongs, obtain respectively the a3 and the corresponding a3 and the corresponding unit time of each unit time in the first n unit times of the unit time to which the current time belongs in the historical data.
Figure BDA0003410041710000067
The product of , and calculate the average value of the sum of the obtained products, denoted as
Figure BDA0003410041710000068

S3.2.2-3、基于当前时间所属的单位时间,分别获取历史数据中当前时间所属单位时间的前n个单位时间中每个单位时间分别对应的

Figure BDA0003410041710000069
的和的平均值,记为
Figure BDA00034100417100000610
S3.2.2-3. Based on the unit time to which the current time belongs, obtain the corresponding unit time of each unit time in the first n unit times of the unit time to which the current time belongs in the historical data.
Figure BDA0003410041710000069
The average of the sums of , denoted as
Figure BDA00034100417100000610

S3.2.3-3、基于当前时间所属的单位时间,分别获取历史数据中当前时间所属单位时间的前n个单位时间中每个单位时间分别对应的a3的和的平均值,记为

Figure BDA00034100417100000611
S3.2.3-3. Based on the unit time to which the current time belongs, obtain the average value of the sum of a3 corresponding to each unit time in the first n unit times of the unit time to which the current time belongs in the historical data, and denote it as
Figure BDA00034100417100000611

S3.2.4-3、基于当前时间获取的下一单位时间内a3的值为

Figure BDA00034100417100000612
Figure BDA00034100417100000613
这两者中的最小值,记为
Figure BDA00034100417100000614
其中,p2的值等于当前时间所属单位时间对应的a3的值。S3.2.4-3. The value of a3 in the next unit time obtained based on the current time is the value of
Figure BDA00034100417100000612
and
Figure BDA00034100417100000613
The minimum of the two, denoted as
Figure BDA00034100417100000614
Among them, the value of p2 is equal to the value of a3 corresponding to the unit time to which the current time belongs.

本发明在计算该用户对应的第一安全风险系数Q1的过程中,a1、a2及a3是通过数据库查询获取的,用a1乘商B1(第一操作信息集合中第一标记对应的未备份的删除文件的个数),而不是第一标记的个数,是因为删除的文件包括备份过的及未备份的,只有未备份的文件才会造成数据丢失;B2可能会含有B1对应的未备份且删除的文件,但是两者不冲突,因为B2可能还包括单位时间之前删除的未备份的文件,同时查找文件的次数能够侧面凸显出该文件的重要性;计算还原文件风险值时设置多段函数,是因为需要考虑到第三标记对应的还原文件未绑定修改操作时的还原文件风险值情况;基于当前时间获取下一单位时间内a1对应的值时,

Figure BDA0003410041710000071
Figure BDA0003410041710000072
分别为历史数据中当前时间所属单位时间的前n个单位时间中每个单位时间不受B1值的影响和受B1值的影响状态下前n个单位时间中分别对应的a1的平均值,
Figure BDA0003410041710000073
Figure BDA0003410041710000074
Figure BDA0003410041710000075
均是根据获取的平均值与当前时间所属单位时间对应的a1值及下一单位时间对应的a1值之间的关系进行推导的,预设三者之间是稳定的,存在等差关系,进而分贝推导出
Figure BDA0003410041710000076
Figure BDA0003410041710000077
设置
Figure BDA0003410041710000078
是为了使得获取的下一单位时间对应的a1更加稳定,进而使得误差最下化。In the present invention, in the process of calculating the first safety risk coefficient Q1 corresponding to the user, a1, a2 and a3 are obtained through database query, and a1 is multiplied by the quotient B1 (the unbacked data corresponding to the first mark in the first operation information set The number of deleted files), not the number of the first mark, because the deleted files include backed up and unbacked files, and only unbacked files will cause data loss; B2 may contain unbacked files corresponding to B1 And deleted files, but the two do not conflict, because B2 may also include unbacked files deleted before unit time, and the number of times to find files can highlight the importance of the file; set a multi-segment function when calculating the risk value of restoring files , because it is necessary to consider the risk value of the restored file when the restored file corresponding to the third mark is not bound to the modification operation; when obtaining the value corresponding to a1 in the next unit of time based on the current time,
Figure BDA0003410041710000071
and
Figure BDA0003410041710000072
are the average values of a1 corresponding to each unit time in the first n unit times of the unit time to which the current time belongs in the historical data that is not affected by the B1 value and the corresponding a1 in the first n unit times that are affected by the B1 value, respectively.
Figure BDA0003410041710000073
Figure BDA0003410041710000074
and
Figure BDA0003410041710000075
Both are derived based on the relationship between the obtained average value and the a1 value corresponding to the unit time to which the current time belongs and the a1 value corresponding to the next unit time. decibels derived
Figure BDA0003410041710000076
and
Figure BDA0003410041710000077
set up
Figure BDA0003410041710000078
The purpose is to make the obtained a1 corresponding to the next unit time more stable, thereby minimizing the error.

进一步的,所述数据安全判定模块得到第二安全风险系数的方法包括以下步骤:Further, the method for obtaining the second security risk coefficient by the data security determination module includes the following steps:

S4.1、获取用户对应的第二操作信息集合中的内容;S4.1. Obtain the content in the second operation information set corresponding to the user;

S4.2、计算该用户对应的第二安全风险系数Q2,所述

Figure BDA0003410041710000079
S4.2, calculate the second safety risk coefficient Q2 corresponding to the user, the
Figure BDA0003410041710000079

其中,j1表示非授权网站的网站内容中对应的广告条的总类别数,Among them, j1 represents the total number of categories of advertisement bars corresponding to the website content of the unauthorized website,

e3j表示非授权网站的网站内容中对应的广告条中第j类对应的广告条的个数,e3j represents the number of advertisement banners corresponding to the jth category in the corresponding advertisement banners in the website content of the unauthorized website,

e4表示非授权网站的网站内容中对应的广告条的总个数,e4 represents the total number of advertisement bars corresponding to the website content of the unauthorized website,

d4j表示非授权网站的网站内容中对应的广告条中第j类对应的广告条对应的广告风险系数,d4j represents the advertisement risk coefficient corresponding to the advertisement strip corresponding to the jth category in the corresponding advertisement strip in the website content of the unauthorized website,

所述非授权网站的网站内容中对应的广告条的类别是通过广告条对应的图片进行划分的,具体的划分方法包括以下步骤:The category of the advertisement bar corresponding to the website content of the unauthorized website is divided by the pictures corresponding to the advertisement bar, and the specific dividing method includes the following steps:

S5.1、获取广告条中的图片;S5.1. Obtain the picture in the advertisement banner;

S5.2、通过图像识别,分别得到图片中相应的文字内容,并对文字内容进行关键词提取;S5.2, through image recognition, respectively obtain the corresponding text content in the picture, and perform keyword extraction on the text content;

S5.3、将每个图片中提取的所有关键词分别与类别对比数据库进行比对,获取图片对应的类别,进而得到广告条对应的类别。S5.3, compare all the keywords extracted from each picture with the category comparison database respectively, obtain the category corresponding to the picture, and then obtain the category corresponding to the advertisement banner.

本发明数据安全判定模块得到第二安全风险系数的过程中,通过广告条所属的类别及各类别对应的广告风险系数进行获取,广告风险系数是通过数据库进行查询获取的;在划分广告条的类别时,通过识别图片中的文字信息,并根据文字信息中的关键词对广告条所属类别进行划分的,此处采用的图像识别方法获取图片中的文字信息运用的是现有技术。In the process of obtaining the second security risk coefficient by the data security determination module of the present invention, the category of the advertisement banner and the corresponding advertisement risk coefficient of each category are obtained, and the advertisement risk coefficient is obtained by querying the database; , by identifying the text information in the picture, and classifying the category to which the advertisement belongs according to the keywords in the text information, the image recognition method adopted here uses the prior art to obtain the text information in the picture.

进一步的,所述访问权限判定模块对用户对应的访问权限进行判定时,需要获取每个用户的操作信息分别对应的第一安全风险系数及第二安全风险系数,计算每个用户的操作信息对应的第一安全风险系数与第二安全风险系数之和,记为相应用户对应的最终安全风险值,Further, when the access authority determination module determines the access authority corresponding to the user, it needs to obtain the first security risk coefficient and the second security risk coefficient corresponding to the operation information of each user, and calculate the corresponding operation information of each user. The sum of the first safety risk coefficient and the second safety risk coefficient of , is recorded as the final safety risk value corresponding to the corresponding user,

当用户对应的最终安全风险值大于等于第一阈值时,判定该用户具有访问存储系统的权限,允许该用户访问存储系统;When the final security risk value corresponding to the user is greater than or equal to the first threshold, it is determined that the user has the authority to access the storage system, and the user is allowed to access the storage system;

当用户对应的最终安全风险值小于第一阈值时,判定该用户不具有访问存储系统的权限,禁止该用户访问存储系统。When the final security risk value corresponding to the user is less than the first threshold, it is determined that the user does not have the right to access the storage system, and the user is prohibited from accessing the storage system.

本发明计算每个用户的操作信息对应的第一安全风险系数与第二安全风险系数之和能够实现对用户本地操作信息及浏览器操作信息对应风险的综合评估,实现对用户操作信息对应安全风险情况的预测。The invention calculates the sum of the first security risk coefficient and the second security risk coefficient corresponding to the operation information of each user, which can realize the comprehensive evaluation of the corresponding risks of the user's local operation information and the browser operation information, and realize the corresponding security risks of the user's operation information. forecast of the situation.

一种计算机存储系统的数据安全访问方法,所述方法包括以下步骤:A data security access method of a computer storage system, the method comprises the following steps:

S1、通过操作信息采集模块获取用户在计算机上单位时间内的操作信息;S1, obtain the operation information of the user per unit time on the computer through the operation information collection module;

S2、在数据安全处理模块中,将操作信息采集模块获取的用户操作信息进行分类处理,获取处理后的各个类别对应的用户操作信息进行保存;S2. In the data security processing module, classify and process the user operation information obtained by the operation information collection module, and obtain and save the user operation information corresponding to each category after processing;

S3、通过数据安全判定模块对数据安全处理模块保存的结果进行分析,判断用户操作信息中各类别的操作信息分别对应的安全风险系数;S3, analyze the results saved by the data security processing module through the data security determination module, and determine the security risk coefficients corresponding to each type of operation information in the user operation information;

S4、在访问权限判定模块中,根据每个用户的操作信息分别对应的安全风险系数,对用户对应的访问权限进行判定,并根据用户对应的访问权限,判断是否允许用户访问存储系统。S4. In the access authority determination module, the access authority corresponding to the user is determined according to the security risk coefficient corresponding to the operation information of each user, and whether the user is allowed to access the storage system is determined according to the access authority corresponding to the user.

与现有技术相比,本发明所达到的有益效果是:本发明在对用户的操作信息进行分析时,通过用户的本地操作信息及浏览器操作信息实现对用户操作行为的综合评估,并根据评估结果判断用户操作信息对应的安全风险系数,进而判定用户的访问权限,最终判断是否允许用户访问计算机存储系统,确保用户的数据的安全性,同时该方式获取的用户访问权限会更加安全、考虑的更加全面,能够有效避免计算机存储系统的数据泄露及数据丢失情况。Compared with the prior art, the beneficial effect achieved by the present invention is: when the present invention analyzes the user's operation information, the comprehensive evaluation of the user's operation behavior is realized through the user's local operation information and the browser operation information, and according to the The evaluation results determine the security risk factor corresponding to the user's operation information, and then determine the user's access authority, and finally determine whether to allow the user to access the computer storage system to ensure the security of the user's data. It is more comprehensive and can effectively avoid data leakage and data loss in the computer storage system.

附图说明Description of drawings

附图用来提供对本发明的进一步理解,并且构成说明书的一部分,与本发明的实施例一起用于解释本发明,并不构成对本发明的限制。在附图中:The accompanying drawings are used to provide a further understanding of the present invention, and constitute a part of the specification, and are used to explain the present invention together with the embodiments of the present invention, and do not constitute a limitation to the present invention. In the attached image:

图1是本发明一种计算机存储系统的数据安全访问系统的结构示意图;1 is a schematic structural diagram of a data security access system of a computer storage system of the present invention;

图2是本发明一种计算机存储系统的数据安全访问系统中数据安全处理模块获取用户的第一操作信息集合的方法的流程示意图;2 is a schematic flowchart of a method for a data security processing module in a data security access system of a computer storage system of the present invention to obtain a user's first operation information set;

图3是本发明一种计算机存储系统的数据安全访问系统中数据安全处理模块获取用户的第二操作信息集合的方法的流程示意图;3 is a schematic flowchart of a method for a data security processing module in a data security access system of a computer storage system of the present invention to obtain a user's second operation information set;

图4是本发明一种计算机存储系统的数据安全访问方法的流程示意图。FIG. 4 is a schematic flowchart of a data security access method of a computer storage system according to the present invention.

具体实施方式Detailed ways

下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only a part of the embodiments of the present invention, but not all of the embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative efforts shall fall within the protection scope of the present invention.

请参阅图1-图4,本发明提供技术方案:一种计算机存储系统的数据安全访问系统,包括:1-4, the present invention provides a technical solution: a data security access system for a computer storage system, including:

操作信息采集模块,所述操作信息采集模块获取用户在计算机上单位时间内的操作信息;an operation information acquisition module, the operation information acquisition module acquires the operation information of the user per unit time on the computer;

数据安全处理模块,所述数据安全处理模块用于将操作信息采集模块获取的用户操作信息进行分类处理,获取处理后的各个类别对应的用户操作信息进行保存;a data security processing module, the data security processing module is configured to classify and process the user operation information obtained by the operation information collection module, and obtain and store the user operation information corresponding to each category after processing;

数据安全判定模块,所述数据安全判定模块对数据安全处理模块保存的结果进行分析,判断用户操作信息中各类别的操作信息分别对应的安全风险系数;a data security determination module, wherein the data security determination module analyzes the results saved by the data security processing module, and determines the respective security risk coefficients corresponding to each type of operation information in the user operation information;

访问权限判定模块,所述访问权限判定模块根据每个用户的操作信息分别对应的安全风险系数,对用户对应的访问权限进行判定,并根据用户对应的访问权限,判断是否允许用户访问存储系统。An access authority judgment module, which judges the access authority corresponding to the user according to the security risk coefficient corresponding to the operation information of each user, and judges whether to allow the user to access the storage system according to the access authority corresponding to the user.

本发明通过各个模块的协同合作,通过分析用户在计算机上单位时间内的操作信息对应的安全风险系数,进而确定用户的访问权限,进而判断是否允许用户访问存储系统,确保存储系统中数据的安全性。Through the cooperation and cooperation of various modules, the present invention determines the user's access authority by analyzing the security risk coefficient corresponding to the user's operation information per unit time on the computer, and then determines whether the user is allowed to access the storage system, so as to ensure the safety of the data in the storage system. sex.

所述操作信息采集模块获取的用户在计算机上单位时间内的操作信息包括:本地操作信息及浏览器操作信息,The operation information of the user in the unit time on the computer obtained by the operation information collection module includes: local operation information and browser operation information,

所述本地操作信息指用户对计算机本地内容的操作信息,包括访问的文件夹及所在位置,对文件的增加、删除、修改及查找;The local operation information refers to the operation information of the user on the local content of the computer, including the accessed folder and location, and the addition, deletion, modification and search of files;

所述浏览器操作信息指用户在计算机中浏览器上执行的操作信息,包括打开的网址信息对应的网站名称、浏览内容信息。The browser operation information refers to the operation information performed by the user on the browser in the computer, including the website name and browsing content information corresponding to the opened website information.

本发明从本地操作信息及浏览操作信息这两个方面对用户的操作信息进行分析,是因为这两者涉及的安全隐患方向不同,本地操作信息对应的用户自身的因素,所有的安全隐患均是用户自身的误操作导致的(分析该方面内容是为了判断用户是否具有误删文件的习惯及该习惯的严重程度),浏览器操作信息对应的是外部因素,安全隐患取决于用户浏览的网站中存在风险的几率。The present invention analyzes the user's operation information from the two aspects of the local operation information and the browsing operation information, because the security risks involved in the two are different, the local operation information corresponds to the user's own factors, and all the security risks are Caused by the user's own misoperation (the content of this aspect is analyzed to determine whether the user has the habit of deleting files by mistake and the severity of the habit), the browser operation information corresponds to external factors, and the security risks depend on the website that the user browses. the probability of risk.

所述数据安全处理模块对获取的用户操作信息进行分类处理时,将用户在计算机中单位时间内的本地操作信息的处理结果记为该用户的第一操作信息集合,将用户在计算机中单位时间内的浏览器操作信息的处理结果记为该用户的第二操作信息集合。When the data security processing module classifies the acquired user operation information, the processing result of the user's local operation information per unit time in the computer is recorded as the first operation information set of the user, and the user's unit time in the computer is recorded as the user's first operation information set. The processing result of the browser operation information in the device is recorded as the second operation information set of the user.

本发明设置第一操作信息集合与第二操作信息集合是为了便于后续分别对本地操作信息及浏览器操作信息对应的处理结果进行分析,能够将两者的处理结果股有效的区分开,进而避免两者对应的分析结果在保存是产生混淆,进而对后续的数据分析产生影响,使得分析结果产生偏差。The present invention sets the first operation information set and the second operation information set to facilitate the subsequent analysis of the processing results corresponding to the local operation information and the browser operation information respectively, and can effectively distinguish the processing results of the two, thereby avoiding The corresponding analysis results of the two are confused when saved, which in turn affects the subsequent data analysis and causes deviations in the analysis results.

数据安全处理模块获取用户的第一操作信息集合的方法包括以下步骤:The method for the data security processing module to obtain the user's first operation information set includes the following steps:

S1.1、获取用户在单位时间内的本地操作信息对应的所有操作信息内容;S1.1. Obtain all operation information content corresponding to the user's local operation information within a unit time;

S1.2、将本地操作信息中用户删除的文件、在回收站查找或者还原的文件分别进行标记,其中用户删除的文件进行第一标记,用户在回收站查找的文件进行第二标记,用户还原内的文件进行第三标记;S1.2. Mark the files deleted by the user in the local operation information and the files searched or restored in the recycle bin, wherein the files deleted by the user are marked first, the files searched by the user in the recycle bin are marked second, and the users restore the document within the third mark;

S1.3、判断每个第三标记的用户还原文件之后的本地操作信息中是否含有针对该文件的修改操作,S1.3. Determine whether the local operation information after each third marked user restores the file contains a modification operation for the file,

当用户还原文件之后的本地操作信息中含有针对该文件的修改操作,则将该修改操作与该用户还原文件进行绑定,并获取该修改操作对应的修改内容及该修改操作距离该用户还原文件时的时长,When the local operation information after the user restores a file contains a modification operation for the file, the modification operation is bound to the user's restored file, and the modification content corresponding to the modification operation and the distance between the modification operation and the user's restored file are obtained. time period,

当用户还原文件之后的本地操作信息中不含有针对该文件的修改操作,则不对该用户还原文件进行处理;When the local operation information after the user restores the file does not contain the modification operation for the file, the file restored by the user will not be processed;

S1.4、按照本地操作信息的时间先后顺序,逐个将各个第一标记、第二标记及第三标记对应的操作信息录入到一个空白集合中,构成第一操作信息集合;S1.4, according to the chronological order of the local operation information, enter the operation information corresponding to each first mark, second mark and third mark one by one into a blank set to form a first operation information set;

数据安全处理模块获取用户的第二操作信息集合的方法包括以下步骤:The method for obtaining the second operation information set of the user by the data security processing module includes the following steps:

S2.1、获取用户在计算机中单位时间内的浏览器操作信息;S2.1. Obtain the user's browser operation information per unit time in the computer;

S2.2、将每个浏览器操作信息对应的网站名称与对比数据库进行比较,S2.2, compare the website name corresponding to each browser operation information with the comparison database,

若浏览器操作信息对应的网站名称包含于对比数据库中,则判定该浏览器操作信息对应的网站名称为授权网站,If the website name corresponding to the browser operation information is included in the comparison database, it is determined that the website name corresponding to the browser operation information is an authorized website,

若浏览器操作信息对应的网站名称不包含于对比数据库中,则判定该浏览器操作信息对应的网站名称为非授权网站;If the website name corresponding to the browser operation information is not included in the comparison database, it is determined that the website name corresponding to the browser operation information is an unauthorized website;

S2.3、分别提取每个非授权网站的网站内容中对应的广告条,并将提取的广告条分别与对应的非授权网站进行绑定;S2.3. Respectively extract the corresponding advertisement banners in the website content of each unauthorized website, and bind the extracted advertisement banners to the corresponding unauthorized websites respectively;

S2.4、按浏览器操作信息的时间先后顺序,逐个将各个非授权网站名称对应的操作信息添加到一个空白集合中,构成第二操作信息集合。S2.4. According to the chronological sequence of the browser operation information, add the operation information corresponding to each unauthorized website name to a blank set one by one to form a second operation information set.

本发明获取第一操作信息集合时,将本地操作信息中用户删除的文件、在回收站查找或者还原的文件分别进行标记,是因为便于对三者进行区分,这三者中任意一种均会存在一定的风险性,均会造成数据的丢失,删除文件是造成文件丢失的起因,查找文件是造成文件丢失的直观表现,还原文件是造成文件丢失的弥补措施,这三者直观体现了一个用户在本地操作的习惯及该习惯会造成文件丢失的影响程度,在计算机存储系统中该习惯极易造成数据丢失,在未保存有数据备份的情况下,会造成较为严重的后果(无法复原数据);获取第二操作信息集合中判断网站是否授权,是为了确认用户是否浏览未经允许(对比数据库中包含的)的网站,提取每个非授权网站的网站内容中对应的广告条,是因为非授权的网站存在较大的安全隐患,尤其是广告条对应的链接,因此需要将其与相应非授权网站进行绑定,进而对其进行分析。When the present invention obtains the first operation information set, the files deleted by the user in the local operation information and the files searched or restored in the recycle bin are marked respectively, because it is convenient to distinguish the three, and any one of the three will be There are certain risks, all of which will cause data loss. Deleting files is the cause of file loss, searching for files is an intuitive manifestation of file loss, and restoring files is a remedy for file loss. These three intuitively reflect a user. The habit of operating locally and the extent to which it will cause file loss. In the computer storage system, this habit can easily lead to data loss. If no data backup is saved, it will cause serious consequences (the data cannot be restored). Obtain the second operation information set to judge whether the website is authorized, in order to confirm whether the user browses the website without permission (contained in the comparison database), extract the corresponding advertisement bar in the website content of each unauthorized website, because the non-authorized website Authorized websites have great security risks, especially the links corresponding to advertisement banners. Therefore, it is necessary to bind them with corresponding unauthorized websites and then analyze them.

所述数据安全判定模块获取用户的第一操作信息集合并对其进行分析,得到第一安全风险系数;The data security determination module acquires the user's first operation information set and analyzes it to obtain the first security risk coefficient;

所述数据安全判定模块获取用户的第二操作信息集合并对其进行分析,得到第二安全风险系数。The data security determination module acquires the user's second operation information set and analyzes it to obtain a second security risk coefficient.

所述数据安全判定模块得到第一安全风险系数的方法包括以下步骤:The method for obtaining the first security risk coefficient by the data security determination module includes the following steps:

S3.1、获取用户对应的第一操作信息集合中的内容;S3.1. Obtain the content in the first operation information set corresponding to the user;

S3.2、计算该用户对应的第一安全风险系数Q1,S3.2. Calculate the first safety risk coefficient Q1 corresponding to the user,

所述

Figure BDA0003410041710000121
其中,a1表示删除文件风险系数,a2表示丢失文件风险系数,a3表示还原文件风险系数,said
Figure BDA0003410041710000121
Among them, a1 represents the risk factor of deleting files, a2 represents the risk factor of losing files, a3 represents the risk factor of restoring files,

B1表示第一操作信息集合中第一标记对应的未备份的删除文件的个数,B1 represents the number of unbacked deleted files corresponding to the first mark in the first operation information set,

所述第一操作信息集合中第一标记对应的未备份的删除文件的个数是通过数据安全判定模块自动检索计算机中第一标记对应的删除文件的名称时,通过对应的检索结果来获取的,The number of unbacked deleted files corresponding to the first mark in the first operation information set is obtained through the corresponding retrieval result when the data security determination module automatically retrieves the name of the deleted file corresponding to the first mark in the computer ,

当检索结果中不存在与第一标记对应的删除文件的名称相同名称的文件时,则判定第一标记对应的删除文件未备份,When there is no file with the same name as the name of the deleted file corresponding to the first mark in the retrieval result, it is determined that the deleted file corresponding to the first mark is not backed up,

当检索结果中存在与第一标记对应的删除文件的名称相同名称的文件时,则判定第一标记对应的删除文件备份;When there is a file with the same name as the name of the deleted file corresponding to the first mark in the retrieval result, it is determined that the deleted file corresponding to the first mark is backed up;

B2表示丢失的文件个数,等于第一操作信息集合中第二标记对应的查找结果中未查找到文件的个数,所述第一操作信息集合中第二标记对应的查找结果中未查找到文件的个数是通过数据安全判定模块自动检索计算机中第二标记对应的查找文件的名称时,通过对应的检索结果来获取的,B2 represents the number of lost files, which is equal to the number of files not found in the search results corresponding to the second mark in the first operation information set, and the search results corresponding to the second mark in the first operation information set are not found. The number of files is obtained through the corresponding retrieval result when the name of the search file corresponding to the second mark in the computer is automatically retrieved by the data security determination module,

B3表示第一操作信息集合中第三标记的个数,B3 represents the number of the third mark in the first operation information set,

Ci表示第i个第三标记对应的还原文件对应的还原文件风险值,Ci represents the risk value of the restored file corresponding to the restored file corresponding to the ith third mark,

所述

Figure BDA0003410041710000122
said
Figure BDA0003410041710000122

其中,C1表示第i个第三标记对应的还原文件未绑定修改操作时的还原文件风险值,Among them, C1 represents the risk value of the restored file when the restored file corresponding to the ith third mark is not bound to the modification operation,

Figure BDA0003410041710000123
表示第i个第三标记对应的还原文件绑定修改操作时的还原文件风险值,
Figure BDA0003410041710000123
Indicates the risk value of the restored file when the restored file corresponding to the i-th third tag is bound to the modification operation,

d1表示还原内容风险系数,d2表示还原时长风险系数,d1 represents the risk factor of restoration content, d2 represents the risk factor of restoration duration,

R1i表示第i个第三标记对应的还原文件绑定的修改操作对应的修改内容的总字数,所述修改内容表示还原文件中发生文字增加、文字删除或者文字替换的句子,R1i represents the total number of words in the modified content corresponding to the modification operation bound to the restored file corresponding to the i-th third tag, where the modified content represents a sentence in the restored file in which text is added, text is deleted, or text is replaced,

R2i表示第i个第三标记对应的还原文件执行绑定的修改操作前的总字数,R2i represents the total number of words in the restore file corresponding to the ith third mark before the bound modification operation is performed,

ti表示第i个第三标记对应的还原文件绑定的修改操作距离该用户还原文件时的时长;ti represents the length of time between the modification operation bound to the restored file corresponding to the i-th third mark and the time when the user restores the file;

本实施例中用户甲含有两个第三标记对应的还原文件,第1个第三标对应的还原文件未绑定修改操作,第2个第三标记对应的还原文件绑定的修改操作对应的修改内容的总字数为50字,第2个第三标记对应的还原文件执行绑定的修改操作前的总字数为500字,第2个第三标记对应的还原文件绑定的修改操作距离该用户还原文件时的时长为15小时,In this embodiment, user A contains two restored files corresponding to the third mark. The restored file corresponding to the first third mark is not bound to the modification operation, and the second third mark corresponds to the restored file bound to the modification operation. The total number of words in the modified content is 50 words, the total number of words in the restored file corresponding to the second and third mark before the bound modification operation is performed is 500 words, and the bound modification operation of the restore file corresponding to the second and third mark is far from The time period when the user restores the file is 15 hours,

C1为1,d1为10,d2为3,C1 is 1, d1 is 10, d2 is 3,

则C1=1;Then C1 =1;

Figure BDA0003410041710000131
Figure BDA0003410041710000131

所述a1、a2及a3是动态变化的,不同单位时间内分别对应的a1或者a2或者a3可能不同,基于当前时间获取下一单位时间内a1、a2及a3分别对应的值,并将获取的下一单位时间内a1、a2及a3分别对应的值保存到数据库中,The a1, a2, and a3 are dynamically changed, and the corresponding a1, a2, or a3 may be different in different unit times. Based on the current time, obtain the values corresponding to a1, a2, and a3 in the next unit time, and use the obtained values. In the next unit time, the corresponding values of a1, a2 and a3 are stored in the database,

基于当前时间获取下一单位时间内a1对应的值的方法包括以下步骤:The method for obtaining the value corresponding to a1 in the next unit time based on the current time includes the following steps:

S3.2.1、基于当前时间所属的单位时间,分别获取历史数据中当前时间所属单位时间的前n个单位时间中每个单位时间分别对应的a1与B1的乘积,并计算获取的乘积之和的平均值,记为

Figure BDA0003410041710000132
S3.2.1. Based on the unit time to which the current time belongs, obtain the product of a1 and B1 corresponding to each unit time in the first n unit times of the unit time to which the current time belongs in the historical data, and calculate the sum of the obtained products. average, denoted as
Figure BDA0003410041710000132

S3.2.2、基于当前时间所属的单位时间,分别获取历史数据中当前时间所属单位时间的前n个单位时间中每个单位时间分别对应的B1的和的平均值,记为

Figure BDA0003410041710000133
S3.2.2. Based on the unit time to which the current time belongs, obtain the average value of the sum of B1 corresponding to each unit time in the first n unit times of the unit time to which the current time belongs in the historical data, and denote it as
Figure BDA0003410041710000133

S3.2.3、基于当前时间所属的单位时间,分别获取历史数据中当前时间所属单位时间的前n个单位时间中每个单位时间分别对应的a1的和的平均值,记为

Figure BDA0003410041710000134
S3.2.3. Based on the unit time to which the current time belongs, obtain the average value of the sum of a1 corresponding to each unit time in the first n unit times of the unit time to which the current time belongs in the historical data, and denote it as
Figure BDA0003410041710000134

S3.2.4、基于当前时间获取的下一单位时间内a1的值为

Figure BDA0003410041710000135
Figure BDA0003410041710000136
这两者中的最小值,记为
Figure BDA0003410041710000137
其中,p的值等于当前时间所属单位时间对应的a1的值;S3.2.4. The value of a1 in the next unit time obtained based on the current time is
Figure BDA0003410041710000135
and
Figure BDA0003410041710000136
The minimum of the two, denoted as
Figure BDA0003410041710000137
Among them, the value of p is equal to the value of a1 corresponding to the unit time to which the current time belongs;

本实施例中当前时间所属单位时间对应的a1的值为0.5,In this embodiment, the value of a1 corresponding to the unit time to which the current time belongs is 0.5,

历史数据中当前时间所属单位时间的前3个单位时间中每个单位时间分别对应的B1的值,分别为2、4、3,The value of B1 corresponding to each unit time in the first 3 unit times of the unit time to which the current time belongs in the historical data is 2, 4, and 3, respectively.

历史数据中当前时间所属单位时间的前3个单位时间中每个单位时间分别对应的a1的值,分别为0.4、0.6、0.5,The value of a1 corresponding to each unit time in the first three unit times of the unit time to which the current time belongs in the historical data is 0.4, 0.6, and 0.5, respectively.

则对应的

Figure BDA0003410041710000138
then the corresponding
Figure BDA0003410041710000138

对应的

Figure BDA0003410041710000141
corresponding
Figure BDA0003410041710000141

对应的

Figure BDA0003410041710000142
corresponding
Figure BDA0003410041710000142

Figure BDA0003410041710000143
but
Figure BDA0003410041710000143

Figure BDA0003410041710000144
Figure BDA0003410041710000144

进而

Figure BDA0003410041710000145
and then
Figure BDA0003410041710000145

根据基于当前时间获取下一单位时间内a1对应的值的方法,分别基于当前时间获取下一单位时间内a2、a3对应的值。According to the method of obtaining the value corresponding to a1 in the next unit time based on the current time, the values corresponding to a2 and a3 in the next unit time are obtained respectively based on the current time.

本发明在计算该用户对应的第一安全风险系数Q1的过程中,a1、a2及a3是通过数据库查询获取的,用a1乘商B1(第一操作信息集合中第一标记对应的未备份的删除文件的个数),而不是第一标记的个数,是因为删除的文件包括备份过的及未备份的,只有未备份的文件才会造成数据丢失;B2可能会含有B1对应的未备份且删除的文件,但是两者不冲突,因为B2可能还包括单位时间之前删除的未备份的文件,同时查找文件的次数能够侧面凸显出该文件的重要性;计算还原文件风险值时设置多段函数,是因为需要考虑到第三标记对应的还原文件未绑定修改操作时的还原文件风险值情况。In the present invention, in the process of calculating the first safety risk coefficient Q1 corresponding to the user, a1, a2 and a3 are obtained through database query, and a1 is multiplied by the quotient B1 (the unbacked data corresponding to the first mark in the first operation information set The number of deleted files), not the number of the first mark, because the deleted files include backed up and unbacked files, and only unbacked files will cause data loss; B2 may contain unbacked files corresponding to B1 And deleted files, but the two do not conflict, because B2 may also include unbacked files deleted before unit time, and the number of times to find files can highlight the importance of the file; set a multi-segment function when calculating the risk value of restoring files , because the risk value of the restored file when the restored file corresponding to the third mark is not bound to the modification operation needs to be considered.

所述数据安全判定模块得到第二安全风险系数的方法包括以下步骤:The method for obtaining the second security risk coefficient by the data security determination module includes the following steps:

S4.1、获取用户对应的第二操作信息集合中的内容;S4.1. Obtain the content in the second operation information set corresponding to the user;

S4.2、计算该用户对应的第二安全风险系数Q2,所述

Figure BDA0003410041710000146
S4.2, calculate the second safety risk coefficient Q2 corresponding to the user, the
Figure BDA0003410041710000146

其中,j1表示非授权网站的网站内容中对应的广告条的总类别数,Among them, j1 represents the total number of categories of advertisement bars corresponding to the website content of the unauthorized website,

e3j表示非授权网站的网站内容中对应的广告条中第j类对应的广告条的个数,e3j represents the number of advertisement banners corresponding to the jth category in the corresponding advertisement banners in the website content of the unauthorized website,

e4表示非授权网站的网站内容中对应的广告条的总个数,e4 represents the total number of advertisement bars corresponding to the website content of the unauthorized website,

d4j表示非授权网站的网站内容中对应的广告条中第j类对应的广告条对应的广告风险系数,d4j represents the advertisement risk coefficient corresponding to the advertisement strip corresponding to the jth category in the corresponding advertisement strip in the website content of the unauthorized website,

本实施例中非授权网站的网站内容中对应的广告条的总类别数为3,非授权网站的网站内容中对应的广告条的总个数为5,In this embodiment, the total number of categories of advertisement bars corresponding to the website content of the unauthorized website is 3, and the total number of advertisement bars corresponding to the website content of the unauthorized website is 5.

非授权网站的网站内容中对应的广告条中第1类对应的广告条个数为2,The number of advertisements corresponding to the first category in the corresponding advertisements in the website content of the unauthorized website is 2,

非授权网站的网站内容中对应的广告条中第2类对应的广告条个数为1,The number of advertisements corresponding to the second category in the corresponding advertisements in the website content of the unauthorized website is 1.

非授权网站的网站内容中对应的广告条中第3类对应的广告条个数为2,The number of advertisements corresponding to the third category in the corresponding advertisements in the website content of the unauthorized website is 2,

非授权网站的网站内容中对应的广告条中,In the corresponding advertisement strip in the website content of the unauthorized website,

第1类对应的广告条对应的广告风险系数为1.5,The advertisement risk factor corresponding to the advertisement bar corresponding to the first category is 1.5.

第2类对应的广告条对应的广告风险系数为2,The advertisement risk factor corresponding to the advertisement bar corresponding to the second category is 2,

第3类对应的广告条对应的广告风险系数为1.3,The advertisement risk factor corresponding to the advertisement bar corresponding to the third category is 1.3,

则该用户对应的第二安全风险系数Then the second security risk factor corresponding to the user

Figure BDA0003410041710000151
Figure BDA0003410041710000151

所述非授权网站的网站内容中对应的广告条的类别是通过广告条对应的图片进行划分的,具体的划分方法包括以下步骤:The category of the advertisement bar corresponding to the website content of the unauthorized website is divided by the pictures corresponding to the advertisement bar, and the specific dividing method includes the following steps:

S5.1、获取广告条中的图片;S5.1. Obtain the picture in the advertisement banner;

S5.2、通过图像识别,分别得到图片中相应的文字内容,并对文字内容进行关键词提取;S5.2, through image recognition, respectively obtain the corresponding text content in the picture, and perform keyword extraction on the text content;

S5.3、将每个图片中提取的所有关键词分别与类别对比数据库进行比对,获取图片对应的类别,进而得到广告条对应的类别。S5.3, compare all the keywords extracted from each picture with the category comparison database respectively, obtain the category corresponding to the picture, and then obtain the category corresponding to the advertisement banner.

本发明数据安全判定模块得到第二安全风险系数的过程中,通过广告条所属的类别及各类别对应的广告风险系数进行获取,广告风险系数是通过数据库进行查询获取的;在划分广告条的类别时,通过识别图片中的文字信息,并根据文字信息中的关键词对广告条所属类别进行划分的,此处采用的图像识别方法获取图片中的文字信息运用的是现有技术。In the process of obtaining the second security risk coefficient by the data security determination module of the present invention, the category of the advertisement banner and the corresponding advertisement risk coefficient of each category are obtained, and the advertisement risk coefficient is obtained by querying the database; , by identifying the text information in the picture, and classifying the category to which the advertisement belongs according to the keywords in the text information, the image recognition method adopted here uses the prior art to obtain the text information in the picture.

所述访问权限判定模块对用户对应的访问权限进行判定时,需要获取每个用户的操作信息分别对应的第一安全风险系数及第二安全风险系数,计算每个用户的操作信息对应的第一安全风险系数与第二安全风险系数之和,记为相应用户对应的最终安全风险值,When the access authority determination module determines the access authority corresponding to the user, it needs to obtain the first security risk coefficient and the second security risk coefficient corresponding to the operation information of each user, and calculate the first security risk coefficient corresponding to the operation information of each user. The sum of the safety risk coefficient and the second safety risk coefficient is recorded as the final safety risk value corresponding to the corresponding user,

当用户对应的最终安全风险值大于等于第一阈值时,判定该用户具有访问存储系统的权限,允许该用户访问存储系统;When the final security risk value corresponding to the user is greater than or equal to the first threshold, it is determined that the user has the authority to access the storage system, and the user is allowed to access the storage system;

当用户对应的最终安全风险值小于第一阈值时,判定该用户不具有访问存储系统的权限,禁止该用户访问存储系统。When the final security risk value corresponding to the user is less than the first threshold, it is determined that the user does not have the right to access the storage system, and the user is prohibited from accessing the storage system.

本发明计算每个用户的操作信息对应的第一安全风险系数与第二安全风险系数之和能够实现对用户本地操作信息及浏览器操作信息对应风险的综合评估,实现对用户操作信息对应安全风险情况的预测。The invention calculates the sum of the first security risk coefficient and the second security risk coefficient corresponding to the operation information of each user, which can realize the comprehensive evaluation of the corresponding risks of the user's local operation information and the browser operation information, and realize the corresponding security risks of the user's operation information. forecast of the situation.

一种计算机存储系统的数据安全访问方法,所述方法包括以下步骤:A data security access method of a computer storage system, the method comprises the following steps:

S1、通过操作信息采集模块获取用户在计算机上单位时间内的操作信息;S1, obtain the operation information of the user per unit time on the computer through the operation information collection module;

S2、在数据安全处理模块中,将操作信息采集模块获取的用户操作信息进行分类处理,获取处理后的各个类别对应的用户操作信息进行保存;S2. In the data security processing module, classify and process the user operation information obtained by the operation information collection module, and obtain and save the user operation information corresponding to each category after processing;

S3、通过数据安全判定模块对数据安全处理模块保存的结果进行分析,判断用户操作信息中各类别的操作信息分别对应的安全风险系数;S3, analyze the results saved by the data security processing module through the data security determination module, and determine the security risk coefficients corresponding to each type of operation information in the user operation information;

S4、在访问权限判定模块中,根据每个用户的操作信息分别对应的安全风险系数,对用户对应的访问权限进行判定,并根据用户对应的访问权限,判断是否允许用户访问存储系统。S4. In the access authority determination module, the access authority corresponding to the user is determined according to the security risk coefficient corresponding to the operation information of each user, and whether the user is allowed to access the storage system is determined according to the access authority corresponding to the user.

需要说明的是,在本文中,诸如第一和第二等之类的关系术语仅仅用来将一个实体或者操作与另一个实体或操作区分开来,而不一定要求或者暗示这些实体或操作之间存在任何这种实际的关系或者顺序。而且,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、物品或者设备不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、物品或者设备所固有的要素。It should be noted that, in this document, relational terms such as first and second are only used to distinguish one entity or operation from another entity or operation, and do not necessarily require or imply any relationship between these entities or operations. any such actual relationship or sequence exists. Moreover, the terms "comprising", "comprising" or any other variation thereof are intended to encompass a non-exclusive inclusion such that a process, method, article or device that includes a list of elements includes not only those elements, but also includes not explicitly listed or other elements inherent to such a process, method, article or apparatus.

最后应说明的是:以上所述仅为本发明的优选实施例而已,并不用于限制本发明,尽管参照前述实施例对本发明进行了详细的说明,对于本领域的技术人员来说,其依然可以对前述各实施例所记载的技术方案进行修改,或者对其中部分技术特征进行等同替换。凡在本发明的精神和原则之内,所作的任何修改、等同替换、改进等,均应包含在本发明的保护范围之内。Finally, it should be noted that the above descriptions are only preferred embodiments of the present invention, and are not intended to limit the present invention. Although the present invention has been described in detail with reference to the foregoing embodiments, for those skilled in the art, the The technical solutions described in the foregoing embodiments may be modified, or some technical features thereof may be equivalently replaced. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present invention shall be included within the protection scope of the present invention.

Claims (9)

1. A system for securing access to data of a computer storage system, comprising:
the operation information acquisition module acquires operation information of a user in unit time on a computer;
the data security processing module is used for classifying the user operation information acquired by the operation information acquisition module, and acquiring and storing the user operation information corresponding to each category after processing;
the data security judgment module analyzes the result stored by the data security processing module and judges security risk coefficients corresponding to various types of operation information in the user operation information;
and the access authority judging module judges the access authority corresponding to the user according to the safety risk coefficient corresponding to the operation information of each user and judges whether the user is allowed to access the storage system according to the access authority corresponding to the user.
2. A system for securing access to data in a computer storage system according to claim 1, wherein: the operation information of the user in unit time on the computer acquired by the operation information acquisition module comprises: the local operation information and the browser operation information,
the local operation information refers to operation information of a user on local contents of the computer, and comprises accessed folders and positions, and files are added, deleted, modified and searched;
the browser operation information refers to operation information executed by a user on a browser in a computer, and comprises a website name and browsing content information corresponding to opened website information.
3. A system for securing access to data in a computer storage system according to claim 2, wherein: when the data security processing module classifies the acquired user operation information, the processing result of the local operation information of the user in the computer per unit time is recorded as a first operation information set of the user, and the processing result of the browser operation information of the user in the computer per unit time is recorded as a second operation information set of the user.
4. A system for securing access to data in a computer storage system according to claim 3, wherein: the method for acquiring the first operation information set of the user by the data security processing module comprises the following steps:
s1.1, acquiring all operation information contents corresponding to local operation information of a user in unit time;
s1.2, respectively marking files deleted by a user in the local operation information and files searched or restored in the recycle bin, wherein the files deleted by the user are marked with a first mark, the files searched by the user in the recycle bin are marked with a second mark, and the files restored by the user are marked with a third mark;
s1.3, judging whether the local operation information of each third marked user after restoring the file contains the modification operation aiming at the file,
when the local operation information of the user restored the file contains the modification operation aiming at the file, the modification operation is bound with the user restored file, the modification content corresponding to the modification operation and the time length of the modification operation from the user restored the file are obtained,
when the local operation information of the user restored the file does not contain the modification operation aiming at the file, the file restored by the user is not processed;
s1.4, according to the time sequence of the local operation information, inputting the operation information corresponding to each first mark, each second mark and each third mark into a blank set one by one to form a first operation information set;
the method for acquiring the second operation information set of the user by the data security processing module comprises the following steps:
s2.1, acquiring browser operation information of a user in a computer within a unit time;
s2.2, comparing the website name corresponding to each browser operation information with a comparison database,
if the website name corresponding to the browser operation information is contained in the comparison database, determining that the website name corresponding to the browser operation information is an authorized website,
if the website name corresponding to the browser operation information is not contained in the comparison database, judging that the website name corresponding to the browser operation information is an unauthorized website;
s2.3, respectively extracting corresponding advertisement strips in the website content of each unauthorized website, and respectively binding the extracted advertisement strips with the corresponding unauthorized websites;
and S2.4, adding the operation information corresponding to the name of each unauthorized website into a blank set one by one according to the time sequence of the browser operation information to form a second operation information set.
5. The system of claim 4, wherein the data security access system comprises: the data security judgment module acquires and analyzes a first operation information set of a user to obtain a first security risk coefficient;
and the data security judgment module acquires and analyzes a second operation information set of the user to obtain a second security risk coefficient.
6. The system of claim 5, wherein the data security access system comprises: the method for obtaining the first safety risk coefficient by the data safety judgment module comprises the following steps:
s3.1, acquiring the content in the first operation information set corresponding to the user;
s3.2, calculating a first safety risk coefficient Q1 corresponding to the user,
the above-mentioned
Figure FDA0003410041700000031
Where a1 denotes the delete file risk coefficient, a2 denotes the lost file risk coefficient, a3 denotes the restore file risk coefficient,
b1 indicates the number of the un-backed-up deleted files corresponding to the first marker in the first operation information set,
the number of the un-backed deleted files corresponding to the first mark in the first operation information set is obtained through the corresponding retrieval result when the data security judgment module automatically retrieves the name of the deleted file corresponding to the first mark in the computer,
when the file with the same name as the name of the deleted file corresponding to the first mark does not exist in the retrieval result, the deleted file corresponding to the first mark is judged not to be backed up,
when a file with the same name as the name of the deleted file corresponding to the first mark exists in the retrieval result, judging that the deleted file corresponding to the first mark is backed up;
b2 represents the number of lost files, which is equal to the number of the files not found in the search result corresponding to the second mark in the first operation information set, the number of the files not found in the search result corresponding to the second mark in the first operation information set is obtained through the corresponding search result when the name of the search file corresponding to the second mark in the computer is automatically searched through the data security judgment module,
b3 indicates the number of third labels in the first set of operation information,
Ciindicating the risk value of the restored file corresponding to the ith third mark,
the above-mentioned
Figure FDA0003410041700000032
Wherein C1 represents the risk value of the restored file when the restored file corresponding to the ith third mark is not bound for modification operation,
Figure FDA0003410041700000033
indicating a risk value of the restored file during the binding modification operation of the restored file corresponding to the ith third mark,
d1 represents the reduction content risk coefficient, d2 represents the reduction duration risk coefficient,
R1ithe total word number of the modified content corresponding to the modification operation of the restored file binding corresponding to the ith third mark is represented, the modified content represents a sentence in which character addition, character deletion or character replacement occurs in the restored file,
R2iindicating the total word number before the bound modification operation is executed on the restored file corresponding to the ith third mark,
tithe modification operation distance of the restored file binding corresponding to the ith third mark from the time when the user restores the file is represented;
the a1, the a2 and the a3 are dynamically changed, the corresponding a1, a2 or a3 in different unit time may be different, the corresponding values of a1, a2 and a3 in the next unit time are obtained based on the current time, the obtained corresponding values of a1, a2 and a3 in the next unit time are saved in a database,
the method for acquiring the value corresponding to the a1 in the next unit time based on the current time comprises the following steps:
s3.2.1, respectively obtaining products of a1 and B1 corresponding to each unit time in the first n unit times of the unit time of the current time in the historical data based on the unit time of the current time, and calculating the average value of the sum of the obtained products, and recording the average value as the sum of the products
Figure FDA0003410041700000041
S3.2.2, respectively obtaining the average value of the sum of B1 corresponding to each unit time in the previous n unit times of the unit time of the current time in the historical data based on the unit time of the current time, and recording the average value as
Figure FDA0003410041700000042
S3.2.3, respectively obtaining the average value of the sum of a1 corresponding to each unit time in the previous n unit times of the unit time of the current time in the historical data based on the unit time of the current time
Figure FDA0003410041700000043
S3.2.4, the value of a1 in the next unit time obtained based on the current time is
Figure FDA0003410041700000044
And
Figure FDA0003410041700000045
the minimum value of the two is recorded as
Figure FDA0003410041700000046
Wherein the value of p is equal to the value of a1 corresponding to the unit time to which the current time belongs;
according to the method of obtaining the value corresponding to a1 in the next unit time based on the current time, the values corresponding to a2 and a3 in the next unit time are obtained based on the current time, respectively.
7. A system for securing access to data in a computer storage system according to claim 6, wherein: the method for obtaining the second safety risk coefficient by the data safety judgment module comprises the following steps:
s4.1, acquiring the content in the second operation information set corresponding to the user;
s4.2, calculating a second safety risk coefficient Q2 corresponding to the user, wherein the second safety risk coefficient Q2 is obtained by calculating the safety risk coefficient
Figure FDA0003410041700000047
Wherein j1 represents the total category number of the corresponding advertisement banner in the website content of the unauthorized website,
e3jthe number of the advertisement bars corresponding to the jth class in the advertisement bars corresponding to the website contents of the unauthorized website is shown,
e4 represents the total number of corresponding advertisement banner in the website content of the unauthorized website,
d4jthe advertisement risk coefficient corresponding to the advertisement strip corresponding to the jth class in the advertisement strips corresponding to the website contents of the unauthorized website is represented,
the category of the corresponding advertisement bar in the website content of the unauthorized website is divided by the picture corresponding to the advertisement bar, and the specific division method comprises the following steps:
s5.1, obtaining pictures in the advertisement strip;
s5.2, respectively obtaining corresponding character contents in the pictures through image recognition, and extracting keywords from the character contents;
and S5.3, comparing all the keywords extracted from each picture with a category comparison database respectively to obtain the category corresponding to the picture, and further obtaining the category corresponding to the advertisement strip.
8. A system for securing access to data in a computer storage system according to claim 7, wherein: when the access authority judging module judges the access authority corresponding to the user, a first safety risk coefficient and a second safety risk coefficient corresponding to the operation information of each user respectively need to be obtained, the sum of the first safety risk coefficient and the second safety risk coefficient corresponding to the operation information of each user is calculated and recorded as a final safety risk value corresponding to the corresponding user,
when the final security risk value corresponding to the user is larger than or equal to the first threshold value, judging that the user has the authority of accessing the storage system, and allowing the user to access the storage system;
and when the final security risk value corresponding to the user is smaller than the first threshold value, judging that the user does not have the authority of accessing the storage system, and forbidding the user to access the storage system.
9. A method for securing access to data of a computer storage system of a system for securing access to data of a computer storage system, according to any of claims 1 to 8, characterized by: the method comprises the following steps:
s1, acquiring the operation information of the user in unit time on the computer through the operation information acquisition module;
s2, classifying the user operation information acquired by the operation information acquisition module in the data security processing module, and acquiring and storing the user operation information corresponding to each category after processing;
s3, analyzing the result stored by the data security processing module through the data security judging module, and judging security risk coefficients corresponding to various types of operation information in the user operation information;
and S4, in the access authority judging module, judging the access authority corresponding to the user according to the security risk coefficient corresponding to the operation information of each user respectively, and judging whether the user is allowed to access the storage system according to the access authority corresponding to the user.
CN202111528966.9A2021-12-142021-12-14Data security access system and method of computer storage systemPendingCN114398667A (en)

Priority Applications (1)

Application NumberPriority DateFiling DateTitle
CN202111528966.9ACN114398667A (en)2021-12-142021-12-14Data security access system and method of computer storage system

Applications Claiming Priority (1)

Application NumberPriority DateFiling DateTitle
CN202111528966.9ACN114398667A (en)2021-12-142021-12-14Data security access system and method of computer storage system

Publications (1)

Publication NumberPublication Date
CN114398667Atrue CN114398667A (en)2022-04-26

Family

ID=81226583

Family Applications (1)

Application NumberTitlePriority DateFiling Date
CN202111528966.9APendingCN114398667A (en)2021-12-142021-12-14Data security access system and method of computer storage system

Country Status (1)

CountryLink
CN (1)CN114398667A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
CN116451262A (en)*2023-06-162023-07-18河北登浦信息技术有限公司Data encryption method and encryption system for financial system client
CN116701118A (en)*2023-06-142023-09-05黑龙江省力元信息科技有限公司 A risk monitoring and early warning system and method based on data analysis
CN120256396A (en)*2025-06-042025-07-04上海农林职业技术学院 A computer resource allocation management system and method based on data analysis

Citations (3)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
US20010042126A1 (en)*2000-02-292001-11-15Wong Leon C.Methods and systems for controlling access to presence information according to a variety of different access permission types
CN108123926A (en)*2016-11-302018-06-05阿里巴巴集团控股有限公司Identity identifying method and device and computing device
CN109800589A (en)*2019-01-252019-05-24深信服科技股份有限公司A kind of information security management and control method, system, device and readable storage medium storing program for executing

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
US20010042126A1 (en)*2000-02-292001-11-15Wong Leon C.Methods and systems for controlling access to presence information according to a variety of different access permission types
CN108123926A (en)*2016-11-302018-06-05阿里巴巴集团控股有限公司Identity identifying method and device and computing device
CN109800589A (en)*2019-01-252019-05-24深信服科技股份有限公司A kind of information security management and control method, system, device and readable storage medium storing program for executing

Cited By (4)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
CN116701118A (en)*2023-06-142023-09-05黑龙江省力元信息科技有限公司 A risk monitoring and early warning system and method based on data analysis
CN116451262A (en)*2023-06-162023-07-18河北登浦信息技术有限公司Data encryption method and encryption system for financial system client
CN116451262B (en)*2023-06-162023-08-25河北登浦信息技术有限公司Data encryption method and encryption system for financial system client
CN120256396A (en)*2025-06-042025-07-04上海农林职业技术学院 A computer resource allocation management system and method based on data analysis

Similar Documents

PublicationPublication DateTitle
US10783168B2 (en)Systems and methods for probabilistic data classification
US20190236102A1 (en)System and method for differential document analysis and storage
US11036808B2 (en)System and method for indexing electronic discovery data
US11176000B2 (en)Methods and systems for custom metadata driven data protection and identification of data
Bernstein et al.Redundant documents and search effectiveness
CN114398667A (en)Data security access system and method of computer storage system
US11030054B2 (en)Methods and systems for data backup based on data classification
US11113148B2 (en)Methods and systems for metadata tag inheritance for data backup
CN110888990A (en) Text recommending methods, devices, equipment and media
US20130110839A1 (en)Constructing an analysis of a document
US12079276B2 (en)Methods and systems for event based tagging of metadata
US20140180934A1 (en)Systems and Methods for Using Non-Textual Information In Analyzing Patent Matters
US11093448B2 (en)Methods and systems for metadata tag inheritance for data tiering
US20180025012A1 (en)Web page classification based on noise removal
US20150081681A1 (en)Method and apparatus for classifying and comparing similar documents using base templates
US11574287B2 (en)Automatic document classification
CN105975547B (en)Based on content web document detection method approximate with position feature
US11113238B2 (en)Methods and systems for metadata tag inheritance between multiple storage systems
US11100048B2 (en)Methods and systems for metadata tag inheritance between multiple file systems within a storage system
CN110880142A (en) A method and device for obtaining a risk entity
US20240193522A1 (en)Citation and policy based document classification
CN108763961B (en)Big data based privacy data grading method and device
Kopliku et al.Towards a framework for attribute retrieval
CN106933993B (en) An information processing method and device
CN107169065B (en)Method and device for removing specific content

Legal Events

DateCodeTitleDescription
PB01Publication
PB01Publication
SE01Entry into force of request for substantive examination
SE01Entry into force of request for substantive examination
[8]ページ先頭
©2009-2025 Movatter.jp