CN115659359A

Movatterモバイル変換

Info

Publication number: CN115659359A
Application number: CN202211028597.1A
Authority: CN
Inventors: 吴松洋; 刘占斌; 李营那; 陈以山; 孙文琦; 杨曜宁
Original assignee: Third Research Institute of the Ministry of Public Security
Current assignee: Third Research Institute of the Ministry of Public Security
Priority date: 2022-08-25
Filing date: 2022-08-25
Publication date: 2023-01-31

Abstract

The invention discloses a business system access active auditing method and system, aiming at the problem that business data which is set to be accessed and audited in a business system is audited and verified by a third party auditing system before being accessed. The service system access active auditing scheme provided by the invention can realize that the auditing time point of the service system access request is moved forward, before a user accesses high-value and high-sensitivity service data in the service system, auditing verification is carried out by a third party auditing system, and the high-value and high-sensitivity service data in the service system can be accessed only after the auditing verification is passed, so that the prior auditing is realized, and the safety of the high-value and high-sensitivity service data is greatly improved.

Description

Translated fromChinese

一种业务系统访问主动审计方法及系统A method and system for actively auditing business system access

技术领域technical field

本发明涉及网络安全技术，具体涉及网络数据访问审计技术。The invention relates to network security technology, in particular to network data access auditing technology.

背景技术Background technique

随着互联网深入人们生活、工作的方方面面，网络数据的安全，特别是用户隐私数据的安全越来越引起人们的关注。目前用户隐私数据的泄漏时常发生，给企业，用户带来较大的经济损失。As the Internet penetrates into all aspects of people's life and work, the security of network data, especially the security of user privacy data has attracted more and more attention. At present, the leakage of user privacy data often occurs, which brings great economic losses to enterprises and users.

经分析，很多用户隐私数据的泄漏，都是各行业，如快递、银行、餐饮等等，的内部员工越权访问、非法读取后造成的泄露，因此需要采取更加严格的业务审计措施。此外，很多行业的业务系统具有一定的敏感性，对业务系统访问的审计要求非常严格，例如审计用户是否有越权读取特定数据的行为。随着数据安全法、个人信息保护法的出台，对业务系统访问的审计更加重要。After analysis, the leakage of many user privacy data is caused by internal employees in various industries, such as express delivery, banking, catering, etc., after unauthorized access and illegal reading. Therefore, more stringent business audit measures are required. In addition, business systems in many industries are sensitive to a certain extent, and the audit requirements for business system access are very strict, such as auditing whether users have unauthorized access to specific data. With the promulgation of data security law and personal information protection law, the audit of business system access is more important.

目前绝大多数的审计方案和审计系统都是被动式的、事后审计，即允许用户的访问，记录用户的访问行为或者保存用户的访问流量，这样方式在实际应用时存在如下问题：At present, most of the auditing schemes and auditing systems are passive and post-event auditing, that is, allowing user access, recording user access behavior or saving user access traffic. This method has the following problems in practical application:

1.审计不及时：对用户的访问行为进行事后审计，在事后，通过分析系统日志、流量日志的方式，统一对用户的访问行为进行审计，发现访问异常，无法及时发现违规访问事件防患于未然。当通过审计发现异常时，往往违规行为已经发生，甚至造成大规模的数据泄露，损失难以挽回，因此这种方案不适合对高价值、高敏感数据(例如公民身份信息)的访问审计。1. The audit is not timely: after the event, the user's access behavior is audited. After the event, by analyzing the system log and traffic log, the user's access behavior is uniformly audited, and access abnormalities are found, and illegal access events cannot be found in time to prevent problems. Not yet. When anomalies are found through auditing, violations have already occurred, and even large-scale data leakage is caused, and the losses are irreparable. Therefore, this solution is not suitable for access auditing of high-value and highly sensitive data (such as citizen identity information).

2.容易被用户绕过：例如篡改或者删除业务系统日志记录，又如通过其他网络接入，绕过流量审计的线路。因此容易造成无法发现用户的违规访问，极易造成较大的损失。2. It is easy to be bypassed by users: such as tampering or deleting business system log records, or accessing through other networks to bypass traffic audit lines. Therefore, it is easy to cause the user's illegal access that cannot be found, and it is very easy to cause relatively large losses.

因此，现有被动式且事后审计的业务审计方案，已经无法适应大数据时代隐私数据保护的需求。如何实现对各种数据进行主动式审计，特别隐私数据的主动式审计，保证数据的安全性为本领域亟需解决的问题。Therefore, the existing passive and post-audit business audit scheme can no longer meet the needs of privacy data protection in the era of big data. How to realize the active audit of various data, especially the active audit of private data, and ensure the security of data is an urgent problem to be solved in this field.

发明内容Contents of the invention

针对现有事后被动式的业务审计方案所存在的问题，本发明的目的在于提供一种业务系统访问主动审计方案，能够在高价值、高敏感数据访问之前主动进行访问审计，保证隐私数据的安全性。Aiming at the problems existing in the existing post-event passive business audit scheme, the purpose of the present invention is to provide an active audit scheme for business system access, which can actively perform access audit before high-value and high-sensitive data access to ensure the security of private data .

为了达到上述目的，本发明提供了一种业务系统访问主动审计方法，该方法针对业务系统中被设定需访问审计的业务数据在被访问前，通过第三方审计系统对访问对象进行审计验证。In order to achieve the above purpose, the present invention provides an active audit method for business system access, which audits and verifies the access object through a third-party audit system before the business data in the business system that is set to be accessed and audited is accessed.

进一步的，所述第三方审计系统在对访问对象进行审计验证时，由第三方审计系统对访问对象的数据访问权限进行验证；在验证权限后，针对访问对象需要访问的字段进行加密计算，形成对应的加密值；所述加密值只能由对应的业务系统进行解密。Further, when the third-party audit system audits and verifies the access object, the third-party audit system verifies the data access authority of the access object; after verifying the authority, it encrypts and calculates the fields that the access object needs to access, forming The corresponding encrypted value; the encrypted value can only be decrypted by the corresponding business system.

进一步的，所述审计方法还包括第三方审计系统与对应业务系统之间的部署步骤，所述部署步骤中第三方审计系统与对应业务系统在线下部署相配合的加密算法及密钥。Further, the audit method also includes a deployment step between the third-party audit system and the corresponding business system, and in the deployment step, the third-party audit system and the corresponding business system deploy offline the matching encryption algorithm and key.

进一步的，所述审计方法中第三方审计系统与对应业务系统部署成功正式上线运行后不进行加密算法和密钥信息的交互。Further, in the audit method, the third-party audit system and the corresponding business system do not interact with encryption algorithm and key information after they are successfully deployed and officially put into operation.

进一步的，所述审计方法中第三方审计系统针对形成的加密值，直接反馈给对应的业务系统；或反馈给访问对象，再由访问对象反馈给对应的业务系统。Further, in the audit method, the third-party audit system directly feeds back the encrypted value formed to the corresponding business system; or feeds back to the access object, and then the access object feeds back to the corresponding business system.

进一步的，所述审计方法中由对应部署的业务系统对接收到的加密值进行解密，并验证当前访问请求的审计状态。Further, in the audit method, the service system deployed correspondingly decrypts the received encrypted value, and verifies the audit status of the current access request.

进一步的，所述审计方法中还包括针对访问对象发起的数据访问请求的识别步骤，所述识别步骤识别访问对象发起的数据访问请求中是否包含被设定需访问审计的业务数据；若干包含被设定需访问审计的业务数据，则将相应的数据访问请求发送至第三方审计系统进行审计验证。Further, the audit method also includes an identification step for the data access request initiated by the access object, the identification step identifying whether the data access request initiated by the access object contains business data that is set to be accessed and audited; Set the business data that needs to be audited, and then send the corresponding data access request to the third-party audit system for audit verification.

为了达到上述目的，本发明提供了一种业务系统访问主动审计系统，所述主动审计系统包括：访问请求识别模块与第三方审计系统；In order to achieve the above object, the present invention provides an active audit system for business system access, the active audit system includes: an access request identification module and a third-party audit system;

所述访问请求识别模块对访问对象发起的数据访问请求进行识别，并将包含被设定需访问审计的业务数据的数据访问请求发送至第三方审计系统；The access request identification module identifies the data access request initiated by the access object, and sends the data access request containing the business data set to be accessed and audited to the third-party audit system;

所述第三方审计系统与业务系统以及访问请求识别模块进行数据交互，可对所述访问请求识别模块发送的数据访问请求进行审计验证。The third-party audit system performs data interaction with the business system and the access request identification module, and can audit and verify the data access request sent by the access request identification module.

进一步的，所述访问请求识别模块在数据访问请求发起的本地对数据访问请求进行识别。Further, the access request identifying module identifies the data access request locally when the data access request is initiated.

进一步的，所述访问请求识别模块包括高价值、高敏感数据配置子模块以及高价值、高敏感数据访问识别子模块；Further, the access request identification module includes a high-value, high-sensitive data configuration sub-module and a high-value, high-sensitive data access identification sub-module;

所述高价值、高敏感数据配置子模块能接收第三方审计系统下发的高价值、高敏感数据的配置信息，并支持基于访问url的配置，访问内容的配置；The high-value, high-sensitive data configuration sub-module can receive configuration information of high-value, high-sensitive data issued by a third-party audit system, and supports configuration based on access url and configuration of access content;

所述高价值、高敏感数据访问识别子模块能够针对访问对象发起的数据访问请求提取访问的url信息将其与本地存储的高价值、高敏感数据的url规则配置信息进行分析比对，根据比对结果确定数据访问请求是否需要发送至第三方审计系统。The high-value and highly sensitive data access identification sub-module can extract the accessed url information for the data access request initiated by the access object, analyze and compare it with the url rule configuration information of the locally stored high-value and highly sensitive data, and according to the comparison Determine whether the data access request needs to be sent to a third-party audit system based on the results.

进一步的，所述第三方审计系统中具有权限认证模块和加密模块；Further, the third-party audit system has an authority authentication module and an encryption module;

所述权限认证模块针对访问对象的数据访问权限进行验证；The authority authentication module verifies the data access authority of the access object;

所述加密模块与所述权限认证模块进行数据交互，根据所述权限认证模块的验证结果对接收到的数据访问请求中包含的被设定需访问审计的业务数据进行加密计算，形成对应的加密值；所述加密值只能由对应的业务系统进行解密。The encryption module performs data interaction with the authority authentication module, and according to the verification result of the authority authentication module, encrypts and calculates the business data that is set to be accessed and audited in the received data access request to form a corresponding encryption value; the encrypted value can only be decrypted by the corresponding business system.

进一步的，所述第三方审计系统与对应业务系统在线下部署配置相配合的加密算法及密钥。Further, the third-party audit system and the corresponding business system are deployed offline to configure an encryption algorithm and key that match.

进一步的，所述第三方审计系统以旁路部署的方式或串接部署方式相对于业务系统部署设置。Further, the third-party audit system is deployed relative to the business system in a bypass deployment mode or a serial deployment mode.

进一步的，所述第三方审计系统包含加密算法配置模块，基于硬件信息的密钥对生成模块，数据加密模块，高敏感数据规则配置模块，权限认证模块，高敏感信息识别模块；Further, the third-party audit system includes an encryption algorithm configuration module, a key pair generation module based on hardware information, a data encryption module, a highly sensitive data rule configuration module, an authority authentication module, and a highly sensitive information identification module;

所述加密算法配置模块在第三方审计系统进行初始化配置时，进行加密算法配置；所述基于硬件信息的密钥对生成模块在第三方审计系统进行初始化配置时，根据客户端的硬件信息为不同的客户端生成不同的密钥对；The encryption algorithm configuration module configures the encryption algorithm when the third-party audit system is initially configured; the key pair generation module based on hardware information is different according to the hardware information of the client when the third-party audit system is initialized. The client generates a different key pair;

所述高敏感数据规则配置模块在第三方审计系统正式上线运行后，配置每个系统的高敏感数据的访问规则；所述数据加密模块能够针对配置的访问规则信息使用加密算法配置模块配置的加密算法加密后下发给响应的客户端和/或业务系统；The highly sensitive data rule configuration module configures the highly sensitive data access rules of each system after the third-party audit system is officially launched; the data encryption module can use the encryption configured by the encryption algorithm configuration module for the configured access rule information The algorithm is encrypted and delivered to the responding client and/or business system;

所述权限认证模块对接权限中心对每次的访问请求进行权限认证，并将认证通过的访问请求会转入高敏感信息识别模块；The authority authentication module connects with the authority center to perform authority authentication for each access request, and transfers the authenticated access request to the highly sensitive information identification module;

所述高敏感信息识别模块对转入的认证通过的访问请求进行是否访问高敏感信息识别；所述数据加密模块针对识别为高敏感信息访问的访问请求，调用由加密算法配置模块配置的加密算法对访问内容进行加密处理，再将请求转给业务系统。The highly sensitive information identification module identifies whether to access the highly sensitive information for the transferred access request that has passed the authentication; the data encryption module invokes the encryption algorithm configured by the encryption algorithm configuration module for the access request identified as highly sensitive information access Encrypt the access content, and then transfer the request to the business system.

本发明提供的业务系统访问主动审计方案，可实现将业务系统访问请求的审计的时间点前移，在用户访问业务系统中高价值、高敏感业务数据之前，通过第三方审计系统进行审计验证，只有在审计验证通过后才能够访问业务系统中高价值、高敏感业务数据，实现事前审计，大大提高高价值、高敏感业务数据的安全性。The active auditing scheme for business system access provided by the present invention can move forward the time point of auditing business system access requests. Before the user accesses high-value and highly sensitive business data in the business system, the third-party audit system is used for audit verification. Only After the audit verification is passed, the high-value and highly sensitive business data in the business system can be accessed to realize pre-audit and greatly improve the security of high-value and highly sensitive business data.

本发明提供的业务系统访问主动审计方案，仅对高价值、高敏感数据访问做区分化处理，不影响大多数业务数据的访问。The active audit scheme for business system access provided by the present invention only differentiates access to high-value and high-sensitive data without affecting access to most business data.

本发明提供的业务系统访问主动审计方案，不依赖于业务系统日志和用户网络流量的抓取，故难以被绕过。The business system access active audit scheme provided by the present invention does not rely on business system logs and capture of user network traffic, so it is difficult to be bypassed.

本发明提供的业务系统访问主动审计方案，其实现审计数据的访问，重点在于事前审计，可与认证鉴权系统同时工作。The active audit scheme for business system access provided by the present invention realizes the access of audit data, focuses on pre-audit, and can work simultaneously with the authentication system.

目前现有的认证鉴权系统确定用户是否有访问系统和数据库的权限，而本发明方案对用户的数据访问做细粒度的审计。At present, the existing authentication and authentication system determines whether the user has the authority to access the system and the database, but the solution of the present invention performs fine-grained auditing on the user's data access.

附图说明Description of drawings

以下结合附图和具体实施方式来进一步说明本发明。The present invention will be further described below in conjunction with the accompanying drawings and specific embodiments.

图1为本发明实例1中旁路部署的示例图；Fig. 1 is an exemplary diagram of bypass deployment in Example 1 of the present invention;

图2为本发明实例1中系统初始配置的示例图；Fig. 2 is an example diagram of the initial configuration of the system in Example 1 of the present invention;

图3为本发明实例1中业务系统访问审计的流程示例图；Fig. 3 is a flowchart example diagram of business system access audit in Example 1 of the present invention;

图4为本发明实例2中旁路部署的示例图；FIG. 4 is an example diagram of bypass deployment in Example 2 of the present invention;

图5为本发明实例2中系统初始配置的示例图；Fig. 5 is an example diagram of the initial configuration of the system in Example 2 of the present invention;

图6为本发明实例2中业务系统访问审计的流程示例图；Fig. 6 is an example diagram of the flow of business system access audit in Example 2 of the present invention;

图7为本发明实例3中业务系统访问审计的流程示例图。FIG. 7 is an example diagram of the flow of business system access audit in Example 3 of the present invention.

具体实施方式Detailed ways

为了使本发明实现的技术手段、创作特征、达成目的与功效易于明白了解，下面结合具体图示，进一步阐述本发明。In order to make the technical means, creative features, objectives and effects achieved by the present invention easy to understand, the present invention will be further described below in conjunction with specific illustrations.

针对现有的业务审计采用被动式的事后审计方案所带来的问题，本发明给出业务系统访问主动审计方案，创新的将业务系统访问请求的审计的时间点前移，在用户访问业务系统中高价值、高敏感业务数据之前，通过第三方审计系统进行审计验证，只有在审计验证通过后才能够访问业务系统中高价值、高敏感业务数据。实现将业务审计从之前事后被动设计转换为事前主动审计，在事前阻止各类数据安全问题的发生，大大提高高价值、高敏感业务数据的安全性，可有效适应大数据时代个人隐私数据保护的需。Aiming at the problems caused by the passive post-event audit scheme for the existing business audit, the present invention provides a business system access active audit scheme, which innovatively shifts the time point of the audit of the business system access request forward, so that users can access the business system at a high rate Before collecting valuable and highly sensitive business data, the audit verification is carried out through the third-party audit system, and only after the audit verification is passed can access to high-value and highly sensitive business data in the business system. Realize the conversion of business audit from passive design after the event to active audit before the event, prevent the occurrence of various data security issues in advance, greatly improve the security of high-value and highly sensitive business data, and can effectively adapt to the protection of personal privacy data in the era of big data need.

本业务系统访问主动审计方案引入第三方审计系统来对访问对象访问业务系统的数据访问请求进行主动审计验证。This business system access active audit scheme introduces a third-party audit system to actively audit and verify the data access request of the access object to access the business system.

这里引入的第三方审计系统能够对相应的数据访问请求的访问权限进行验证；再者该第三方审计系统还可对数据访问请求中相应的需要访问字段进行加密计算形成相应的加密值，以用于与相应的业务系统进行审计结果确认。The third-party audit system introduced here can verify the access rights of the corresponding data access requests; moreover, the third-party audit system can also encrypt and calculate the corresponding fields in the data access requests to form corresponding encrypted values for use To confirm the audit results with the corresponding business system.

作为优选方案，本方案中的第三方审计系统针对通过访问权限验证的数据访问请求中的相应需要访问字段进行加密计算。As a preferred solution, the third-party audit system in this solution performs encrypted calculations on the corresponding required fields in the data access request that has passed the access authorization verification.

在此基础上，本方案对引入第三方审计系统与相应的业务系统进行配合部署，两者内置对应的加密算法及密钥，使得经过第三方审计系统加密的数据，只能够有对应部署的业务系统才能够解密，由此保证审计数据安全可靠性。On this basis, this solution introduces the third-party audit system and the corresponding business system to cooperate with the deployment. The corresponding encryption algorithm and key are built into the two, so that the data encrypted by the third-party audit system can only have the corresponding deployed business. The system can decrypt, thereby ensuring the security and reliability of audit data.

进一步的，本方案中对引入第三方审计系统以及相应的业务系统在线下，即上线前进行对应的内置加密算法及密钥，上线后不进行交互，即第三方审计系统与对应业务系统部署成功正式上线运行后不进行加密算法和密钥信息的交互，提升安全性。Furthermore, in this solution, the introduction of the third-party audit system and the corresponding business system is offline, that is, the corresponding built-in encryption algorithm and key are carried out beforegoing online , and there is no interaction after going online, that is, the deployment of the third-party audit system and the corresponding business system is successful. After the official launch and operation, the encryption algorithm and key information will not be interacted to improve security.

在此基础上，本方案对引入数据访问请求识别技术，以对访问对象发起的数据访问请求首先进行数据识别处理，以识别访问对象发起的数据访问请求中是否包含被设定需访问审计的业务数据。On this basis, this solution introduces the data access request identification technology to first perform data identification processing on the data access request initiated by the access object to identify whether the data access request initiated by the access object includes the business that needs to be audited data.

在此基础上，若识别出数据访问请求中需要访问字段中包含被设定需访问审计的业务数据，则将该数据访问请求送入第三方审计系统进行安全审计；On this basis, if it is identified that the field to be accessed in the data access request contains business data that is set to be audited, the data access request will be sent to a third-party audit system for security audit;

若数据访问请求中需要访问字段中没有识别出包含被设定需访问审计的业务数据，则将不将该数据访问请求送入第三方审计系统进行安全审计。If the required access field in the data access request does not identify the business data that is set to be accessed and audited, the data access request will not be sent to the third-party audit system for security audit.

这里的被设定需访问审计的业务数据指业务系统中高价值、高敏感的业务数据。The business data set to be accessed and audited here refers to high-value and highly sensitive business data in the business system.

作为优选方式，本方案在访问对象发起的数据访问请求本地，直接对数据访问请求进行识别处理。As a preferred mode, this solution directly identifies and processes the data access request locally at the data access request initiated by the access object.

作为举例，本方案在对直接对数据访问请求进行识别处理时，针对访问对象发起数据访问请求，提取访问的url信息将其与本地存储的高价值、高敏感数据的url规则配置信息进行分析比对：As an example, when directly identifying and processing data access requests, this solution initiates a data access request for the access object, extracts the accessed url information, and analyzes and compares it with the url rule configuration information of high-value and highly sensitive data stored locally right:

如果匹配，则识别为需要访问审计的业务数据的数据访问请求，将请求发送至第三方审计系统；If it matches, identify it as a data access request that needs to access audited business data, and send the request to a third-party audit system;

如若不匹配，则提取访问请求的参数信息与其与本地存储的高价值、高敏感数据的内容规则配置信息进行分析比对，如果匹配，则识别为需要访问审计的业务数据的数据访问请求，将请求发送至第三方审计系统，如若不匹配，则正常访问业务系统。If it does not match, extract the parameter information of the access request and analyze and compare it with the content rule configuration information of the locally stored high-value and highly sensitive data. The request is sent to the third-party audit system, and if there is no match, the business system is accessed normally.

本方案通过对数据访问请求的本地识别，实现仅对高价值、高敏感数据访问做区分化处理，不影响业务系统常规业务数据的访问。Through the local identification of data access requests, this solution realizes differentiated processing only for high-value and highly sensitive data access, without affecting access to regular business data of the business system.

在本方案的一些具体实施方式中，本业务系统访问主动审计方案可采用如下基本逻辑过程来完成业务系统访问主动审计。In some specific implementations of this solution, the active auditing solution for business system access can use the following basic logic process to complete the active auditing of business system access.

首先，针对访问对象面向业务系统在本地发起的数据访问请求，进行访问请求识别，以识别访问对象发起的数据访问请求中需要访问字段中是否含被设定需访问审计的业务数据。First, for the data access request initiated by the access object-oriented business system locally, access request identification is performed to identify whether the field to be accessed in the data access request initiated by the access object contains business data that is set to be accessed and audited.

若识别出数据访问请求中需要访问字段中包含被设定需访问审计的业务数据，则将该数据访问请求送入第三方审计系统进行安全审计；If it is identified that the field to be accessed in the data access request contains business data that is set to be accessed and audited, then the data access request is sent to a third-party audit system for security audit;

若数据访问请求中需要访问字段中没有识别出包含被设定需访问审计的业务数据，则将该数据访问请求送入常规业务系统访问流程。If the required access field in the data access request does not identify the business data that is set to be accessed and audited, the data access request is sent to the normal business system access process.

接着，第三方审计系统针对接收到的数据访问请求进行审计验证。第三方审计系统首先对数据访问请求的数据访问权限进行验证；在验证权限后，针对数据访问请求中需要访问字段调用内置的加密算法进行加密计算，形成对应的加密值，并将该加密值传至访问请求对应的业务系统。这里第三方审计系统针对形成的加密值，可直接反馈给对应的业务系统；或先反馈给访问对象，再由访问对象反馈给对应的业务系统。Next, the third-party audit system performs audit verification on the received data access request. The third-party audit system first verifies the data access permission of the data access request; after verifying the permission, it invokes the built-in encryption algorithm for encryption and calculation for the fields that need to be accessed in the data access request to form a corresponding encrypted value, and transmits the encrypted value to To the business system corresponding to the access request. Here, the third-party audit system can directly feed back the encrypted value formed to the corresponding business system; or first feed back to the access object, and then the access object feeds back to the corresponding business system.

最后，业务系统针对接收到的加密值，调用内置的解密算法及密钥进行解密计算，并将解密得到的数据与原始字段比对的方式，确认该数据访问请求是否通过第三方审计系统的审计。Finally, the business system calls the built-in decryption algorithm and key to perform decryption calculations for the received encrypted value, and compares the decrypted data with the original field to confirm whether the data access request has passed the audit of the third-party audit system .

由此可见，本业务系统访问主动审计方案有效将审计的时间点前移，在用户访问高价值、高敏感业务数据之前主动进行识别审计；同时不依赖于业务系统日志和用户网络流量的抓取，难以被绕过。It can be seen that this business system access active audit scheme effectively moves the audit time forward, and actively conducts identification audits before users access high-value and highly sensitive business data; at the same time, it does not rely on business system logs and capture of user network traffic , is difficult to bypass.

针对上述的业务系统访问主动审计方案，本发明进一步给一种业务系统访问主动审计系统来进一步实施该业务系统访问主动审计方案。Regarding the above-mentioned active auditing scheme for business system access, the present invention further provides an active auditing system for business system access to further implement the active auditing scheme for business system access.

本业务系统访问主动审计系统主要由访问请求识别模块与第三方审计系统配合构成。The business system access active audit system is mainly composed of an access request identification module and a third-party audit system.

本系统中的访问请求识别模块，其部署在与业务系统相配合的客户端中。这里的客户端可产生面向业务系统的数据访问请求。这里对于客户端的具体构成方案不加以限定，可根据实际需求而定。The access request identification module in this system is deployed in the client that cooperates with the business system. The client here can generate data access requests for business systems. Here, the specific composition scheme of the client is not limited, and may be determined according to actual requirements.

对于部署在客户端中访问请求识别模块，可本地对客户端发起的数据访问请求直接进行识别，以识别访问对象发起的数据访问请求中需要访问字段中是否含被设定需访问审计的业务数据。For the access request identification module deployed in the client, the data access request initiated by the client can be directly identified locally to identify whether the field to be accessed in the data access request initiated by the access object contains business data that is set to be accessed and audited .

进一步的，该访问请求识别模块将需要访问字段中包含被设定需访问审计的业务数据的数据访问请求，直接送入第三方审计系统进行安全审计。Further, the access request identification module directly sends the data access request containing the business data set to be audited in the access field to the third-party audit system for security audit.

该访问请求识别模块将需要访问字段中没有识别出包含被设定需访问审计的业务数据的数据访问请求，送入常规业务系统访问流程中。The access request identification module sends the data access requests that do not contain business data set to be audited in the required access field into the regular business system access process.

作为举例，该访问请求识别模块具有高价值、高敏感数据配置子模块，高价值、高敏感数据访问识别子模块，以及加密算法子模块。As an example, the access request identification module has a high-value and highly sensitive data configuration sub-module, a high-value and high-sensitive data access identification sub-module, and an encryption algorithm sub-module.

这里的高价值、高敏感数据配置子模块能接收第三方审计系统下发的高价值、高敏感数据的配置信息，支持基于访问url的配置，访问内容的配置。The high-value and high-sensitive data configuration sub-module here can receive the configuration information of high-value and high-sensitive data issued by the third-party audit system, and supports the configuration based on the access URL and the configuration of the access content.

这里的加密算法子模块支持非对称加密RSA算法和国密SM2算法。The encryption algorithm sub-module here supports the asymmetric encryption RSA algorithm and the national secret SM2 algorithm.

进一步的，本访问请求识别模块针对访问对象发起数据访问请求时，本访问请求识别模块提取访问的url信息将其与本地存储的高价值、高敏感数据的url规则配置信息进行分析比对：Further, when the access request identification module initiates a data access request for the access object, the access request identification module extracts the accessed url information and analyzes and compares it with the url rule configuration information of high-value and highly sensitive data stored locally:

如若不匹配，则提取访问请求的参数信息与其与本地存储的高价值、高敏感数据的内容规则配置信息进行分析比对：如果匹配，则识别为需要访问审计的业务数据的数据访问请求，将请求发送至第三方审计系统；如若不匹配，则正常访问业务系统。If it does not match, extract the parameter information of the access request and analyze and compare it with the content rule configuration information of the high-value and highly sensitive data stored locally: if it matches, identify the data access request as business data that needs to be accessed and audited. The request is sent to the third-party audit system; if there is no match, the business system is accessed normally.

本系统中的第三方审计系统与业务系统进行配合部署，并分别与业务系统以及访问请求识别模块进行数据交互，可对访问请求识别模块发送的数据访问请求进行审计验证。The third-party audit system in this system is deployed in cooperation with the business system, and performs data interaction with the business system and the access request identification module respectively, and can audit and verify the data access request sent by the access request identification module.

本第三方审计系统在业务系统进行线下的配合部署，即本第三方审计系统与相应的业务系统分别配置对应的加解密算法及密钥，以使得经第三方审计系统加密的数据，只有配合部署的业务系统能够实现解密。The third-party audit system is deployed offline in the business system, that is, the third-party audit system and the corresponding business system are respectively configured with corresponding encryption and decryption algorithms and keys, so that the data encrypted by the third-party audit system can only be Deployed business systems can be decrypted.

这里线下的部署方案，可采用人工导入配置的方式进行，但不限于此。The offline deployment scheme here can be carried out by manually importing the configuration, but it is not limited to this.

再者，这里对于第三方审计系统与业务系统以及访问请求识别模块进行数据交互的实现方式，不加以限定，可根据实际需求而定。Furthermore, here, there is no limitation on how the third-party audit system performs data interaction with the business system and the access request identification module, and it can be determined according to actual needs.

对于配置的加解密算法及密钥，此处不加以限定，可根据实际需求而定。作为举例，可采用非对称加密RSA算法或者国密SM2算法，采用足够长度的私钥加密，加大被破解难度。The configured encryption and decryption algorithms and keys are not limited here and can be determined according to actual needs. As an example, the asymmetric encryption RSA algorithm or the national secret SM2 algorithm can be used to encrypt with a private key of sufficient length to increase the difficulty of being cracked.

进一步的，本第三方审计系统中具有相应的权限认证模块，加密模块以及数据传输模块。Furthermore, the third-party auditing system has corresponding authority authentication modules, encryption modules and data transmission modules.

其中，权限认证模块，可针对数据访问请求的数据访问权限进行验证。Wherein, the authority authentication module can verify the data access authority of the data access request.

这里对权限认证模块的构成方案以及相应的访问权限验证方案，此处不加以限定，可根据实际需求而定。Here, the composition scheme of the authority authentication module and the corresponding access authority verification scheme are not limited here, and can be determined according to actual needs.

本第三方审计系统中的加密模块与权限认证模块进行数据交互，该加密模块根据权限认证模块的验证结果，调用配置的加密算法和/或密钥对接收到的数据访问请求中需要访问字段进行加密计算，形成对应的加密值。The encryption module in this third-party audit system interacts with the authority authentication module. According to the verification result of the authority authentication module, the encryption module invokes the configured encryption algorithm and/or key to perform data processing on the fields that need to be accessed in the received data access request. Encryption calculation to form the corresponding encrypted value.

本第三方审计系统中的数据传输模块与加密模块和权限认证模块进行数据交互，并与客户端以及业务系统进行数据交互。The data transmission module in this third-party audit system performs data interaction with the encryption module and the authority authentication module, and performs data interaction with the client and the business system.

该数据传输模块可接收客户端中访问请求识别模块反馈的需要审计验证的数据访问请求，并传至权限认证模块；该数据传输模块可将加密模块形成的加密值传至客户端或业务系统。最终由业务系统根据部署时配置的解密算法或/和密钥完成加密值的解码，并将解密得到的数据与原始字段比对的方式，确认该数据访问请求是否通过第三方审计系统的审计。The data transmission module can receive the data access request that needs to be audited and verified fed back by the access request identification module in the client, and transmit it to the authority authentication module; the data transmission module can transmit the encrypted value formed by the encryption module to the client or the business system. Finally, the business system completes the decoding of the encrypted value according to the decryption algorithm or/and key configured during deployment, and compares the decrypted data with the original field to confirm whether the data access request has passed the audit of the third-party audit system.

为保障第三方审计系统的安全性，本方案在第三方审计系统中采用内置的国密加密卡进行密钥存储和加解密计算，并配备有硬件级防篡改、防拆卸监测预警。In order to ensure the security of the third-party audit system, this solution uses a built-in national secret encryption card in the third-party audit system for key storage and encryption and decryption calculations, and is equipped with hardware-level anti-tampering and anti-disassembly monitoring and early warning.

作为举例，本第三方审计系统具体包括加密算法配置模块，基于硬件信息的密钥对生成模块，数据加密模块，高敏感数据规则配置模块，权限认证模块，高敏感信息识别模块。As an example, the third-party audit system specifically includes an encryption algorithm configuration module, a key pair generation module based on hardware information, a data encryption module, a highly sensitive data rule configuration module, an authority authentication module, and a highly sensitive information identification module.

本第三方审计系统在正式上线运行前需要进行初始化配置，这里的初始化配置包括加密算法配置以及授权访问客户端的信息如MAC地址。This third-party audit system needs to be initialized before it is officially launched. The initial configuration here includes encryption algorithm configuration and authorized access to client information such as MAC address.

针对加密算法配置，本第三方审计系统通过加密算法配置模块配置相应的加密算法，完成加密算法的选择，作为举例，这里支持非对称RSA和国密SM2；使得数据加密模块可调取由加密算法配置模块配置的加密算法进行加密运算。For the encryption algorithm configuration, this third-party audit system configures the corresponding encryption algorithm through the encryption algorithm configuration module to complete the selection of the encryption algorithm. As an example, here supports asymmetric RSA and national secret SM2; so that the data encryption module can be called by the encryption algorithm Configure the encryption algorithm configured by the module to perform encryption operations.

针对授权访问客户端的信息如MAC地址，本第三方审计系统基于硬件信息的密钥对生成模块根据客户端的硬件信息为不同的客户端生成不同的密钥对，由此保证数据的安全。For authorized access to client information such as MAC address, the key pair generation module based on hardware information of the third-party audit system generates different key pairs for different clients according to the client hardware information, thereby ensuring data security.

在此基础上，本第三方审计系统正式上线运行后，用户可通过高敏感数据规则配置模块配置每个系统的高敏感数据的访问规则，如url规则、请求参数规则等，第三方审计系统将访问规则信息使用配置的加密算法加密后下发给响应的客户端和业务系统，即调用数据加密模块针对配置的访问规则信息使用加密算法配置模块配置的加密算法加密后下发给响应的客户端和业务系统。On this basis, after the third-party audit system is officially launched, users can configure the highly sensitive data access rules of each system through the highly sensitive data rule configuration module, such as url rules, request parameter rules, etc., and the third-party audit system will The access rule information is encrypted with the configured encryption algorithm and sent to the responding client and business system, that is, the data encryption module is called to encrypt the configured access rule information with the encryption algorithm configured in the encryption algorithm configuration module and then sent to the responding client and business systems.

同时，权限认证模块对接权限中心对每次的访问请求进行权限认证。具体的，认证失败的，记录非法访问请求预警信息；认证通过的访问请求会转入高敏感信息识别模块。At the same time, the authority authentication module interfaces with the authority center to perform authority authentication for each access request. Specifically, if the authentication fails, the warning information of the illegal access request will be recorded; the access request that passes the authentication will be transferred to the highly sensitive information identification module.

高敏感信息识别模块对转入的认证通过的访问请求进行是否访问高敏感信息识别。具体的，本高敏感信息识别模块通过提取访问的url信息将其与本地存储的高价值、高敏感数据的url规则配置信息进行分析比对，提取访问参数信息与本地存储的高价值、高敏感数据的内容规则配置信息进行分析比对，二者满足其一即识别为高敏感信息访问，进入信息加密流程。The highly sensitive information identification module identifies whether to access highly sensitive information for the transferred access requests that pass the authentication. Specifically, this highly sensitive information identification module analyzes and compares the accessed url information with the url rule configuration information of locally stored high-value and highly sensitive data by extracting the accessed url information, and extracts the access parameter information and the locally stored high-value and highly sensitive data. The content rule configuration information of the data is analyzed and compared, and if one of the two is satisfied, it is identified as highly sensitive information access and enters the information encryption process.

届时，数据加密模块针对识别为高敏感信息访问的访问请求，调用由加密算法配置模块配置的加密算法对访问内容进行加密处理，再将请求转给业务系统。At that time, the data encryption module will call the encryption algorithm configured by the encryption algorithm configuration module to encrypt the access content for the access request identified as highly sensitive information, and then transfer the request to the business system.

本业务系统访问主动审计系统在配合客户端与业务系统应用时，相应的业务系统可以通过验证设备身份等方式，验证第三方审计系统的有效性，由此来进一步保障安全性。When the business system accesses the active audit system to cooperate with the client and business system applications, the corresponding business system can verify the effectiveness of the third-party audit system by verifying the identity of the device, thereby further ensuring security.

本业务系统访问主动审计系统在配合客户端与业务系统应用时，其中第三方审计系统相对于客户端与业务系统之间可采用多种应用部署方式，实现不同形式的主动审计。下面通过具体的应用实例来说明。When the business system visits the active audit system to cooperate with the client and business system applications, the third-party audit system can adopt multiple application deployment methods to realize different forms of active audit compared with the client and the business system. The following is illustrated by specific application examples.

实例1Example 1

参见图1，本实例中业务系统访问主动审计系统在部署时，相应的访问请求识别模块部署在用户终端中；而第三方审计系统相对于用户终端与业务系统采用旁路部署的方式进行部署。Referring to Fig. 1, when the business system access active audit system is deployed in this example, the corresponding access request identification module is deployed in the user terminal; while the third-party audit system is deployed in a bypass deployment way relative to the user terminal and the business system.

如图1所示，在第三方审计系统旁路部署的情况下，用户终端和第三方审计系统之间是连通；第三方审计系统和业务系统是连通的，同时用户终端和业务系统之间也是连通的。As shown in Figure 1, in the case of bypass deployment of the third-party audit system, the user terminal and the third-party audit system are connected; the third-party audit system and the business system are connected, and the user terminal and the business system are also connected. Connected.

在此部署的基础上，对第三方审计系统和业务系统进行初始配置。On the basis of this deployment, the initial configuration of the third-party audit system and business system is carried out.

参见图2，在第三方审计系统旁路部署的情况下，第三方审计系统和业务系统初始化配置即为并在线下配置加解密算法和密钥对，在第三方审计系统中配置算法，生成密钥对(P1，P2)，同时在第三方审计系统中配置使用一个密钥P1，同时将另一个密钥P2人工配置到相应的业务系统中。See Figure 2. In the case of bypass deployment of the third-party audit system, the initial configuration of the third-party audit system and business system is to configure the encryption and decryption algorithm and key pair offline, configure the algorithm in the third-party audit system, and generate a key pair. A key pair (P1, P2), at the same time configure and use one key P1 in the third-party audit system, and at the same time manually configure the other key P2 into the corresponding business system.

这里配置的加密算法，可以为非对称加密RSA算法或者国密SM2算法，采用足够长度的私钥加密，避免被破解。The encryption algorithm configured here can be an asymmetric encryption RSA algorithm or a national secret SM2 algorithm, which is encrypted with a private key of sufficient length to avoid being cracked.

基于第三方审计系统的旁路部署，本实例中的业务系统访问主动审计系统完成对业务系统访问进行主动审计的过程如下(参见图3)：Based on the bypass deployment of the third-party audit system, the business system access active audit system in this example completes the process of actively auditing the business system access as follows (see Figure 3):

1.用户通过用户终端在本地向业务系统发起数据访问请求，运行用户终端本地的识别模块识别该请求进行识别：1. The user initiates a data access request to the business system locally through the user terminal, and runs the local identification module of the user terminal to identify the request:

若数据访问请求中需要请求访问的数据A(即需要访问的业务系统中的数据)中包含受审计数据(即是否包含高价值、高敏感数据)，则将该数据访问请求(包含请求数据A)发送给第三方审计系统；If the data A that needs to be accessed in the data access request (that is, the data in the business system that needs to be accessed) contains audited data (that is, whether it contains high-value, high-sensitive data), then the data access request (including the requested data A) ) to the third-party audit system;

若数据访问请求中需要请求访问的数据A(即需要访问的业务系统中的数据)中不包含受审计数据(即是否包含高价值、高敏感数据)，则将该数据访问请求以正常的业务系统访问交互方式发送给业务系统进行请求数据A的查询。If the data A that needs to be accessed in the data access request (that is, the data in the business system that needs to be accessed) does not contain the audited data (that is, whether it contains high-value, high-sensitive data), the data access request is processed as normal business The system accesses the interactive mode and sends it to the business system to query the requested data A.

2.第三方审计系统利用配置的安全加密算法以及相应的密钥P1，针对数据访问请求中的请求访问数据A进行加密计算，生成一个加密后的数值B。第三方审计系统将请求访问数据A以及相应的加密数值B反馈给用户终端。2. The third-party audit system uses the configured security encryption algorithm and the corresponding key P1 to encrypt and calculate the requested data A in the data access request to generate an encrypted value B. The third-party audit system feeds back the requested access data A and the corresponding encrypted value B to the user terminal.

3.用户通过用户终端直接向业务系统发起数据访问请求，该访问请求中包含请求访问数据A以及相应的加密数值B。3. The user directly initiates a data access request to the business system through the user terminal, and the access request includes the requested access data A and the corresponding encrypted value B.

4.业务系统接收到用户终端发送的数据访问请求后，利用自身配置的加密算法和公钥(即密钥P2)对数据访问请求中的加密数值B进行解密，得到解密数据A’，将解密后数据A’与数据访问请求中携带的请求访问数据A比对，如果相同，则认为该访问请求合法，将给用户发送响应；如果不相同，则不合法，触发下一步预警处置动作。4. After the business system receives the data access request sent by the user terminal, it decrypts the encrypted value B in the data access request by using its own configured encryption algorithm and public key (that is, the key P2), and obtains the decrypted data A', which will be decrypted The post-data A' is compared with the requested access data A carried in the data access request. If they are the same, the access request is considered legal and a response will be sent to the user;

这里业务系统的算法和第三方审计系统的算法是一致的，密钥采用第三方审计系统采用的密钥所对应的公钥。需要说明的是，如果第三审计系统采用的是私钥加密，则业务系统采用公钥解密，如果第三方审计系统采用的是公钥加密，则业务系统采用私钥解密。The algorithm of the business system here is consistent with the algorithm of the third-party audit system, and the key uses the public key corresponding to the key used by the third-party audit system. It should be noted that if the third audit system uses private key encryption, the business system uses the public key to decrypt, and if the third-party audit system uses public key encryption, the business system uses the private key to decrypt.

另外，本实例中业务系统访问主动审计系统在具体应用时，为保障第三方审计系统的安全性，采用内置的国密加密卡进行密钥存储和加解密计算，并配备有硬件级防篡改、防拆卸监测预警。In addition, in this example, in the specific application of the business system access active audit system, in order to ensure the security of the third-party audit system, the built-in national secret encryption card is used for key storage and encryption and decryption calculation, and is equipped with hardware-level tamper-proof, Anti-disassembly monitoring and early warning.

实例2Example 2

参见图4，本实例中业务系统访问主动审计系统在部署时，相应的访问请求识别模块部署在用户终端中；而第三方审计系统相对于用户终端与业务系统采用串接部署的方式进行部署。Referring to Figure 4, when the business system access active audit system is deployed in this example, the corresponding access request identification module is deployed in the user terminal; while the third-party audit system is deployed in series with respect to the user terminal and the business system.

如图4所示，在第三方审计系统串接部署的情况下，用户终端和第三方审计系统之间连通；第三方审计系统和业务系统之间连通；用户终端和业务系统之间没有直接的通信，两者之间可以不连通。As shown in Figure 4, in the case of the serial deployment of the third-party audit system, the connection between the user terminal and the third-party audit system; the connection between the third-party audit system and the business system; there is no direct communication between the user terminal and the business system. Communication, the two may not be connected.

如果用户终端和业务系统之间不连通，则用户终端所有的访问数据都经过第三方审计系统中转；如果用户终端和业务系统是连通的，则用户终端的正常访问数据(不需要受审计)，可以直接和业务系统进行交互。If the user terminal is not connected to the business system, all access data of the user terminal will be transferred through the third-party audit system; if the user terminal and the business system are connected, the normal access data of the user terminal (not subject to audit), It can directly interact with the business system.

参见图5，在第三方审计系统串接部署的情况下，需要配置业务系统、第三方审计系统和业务系统，使得第三方审计系统作为业务系统和第三方审计系统中间的访问代理。Referring to Figure 5, when the third-party audit system is deployed in series, it is necessary to configure the business system, the third-party audit system, and the business system so that the third-party audit system acts as an access agent between the business system and the third-party audit system.

并在线下，针对第三方审计系统和业务系统初始化配置加解密算法和密钥对，在第三方审计系统中人工配置算法，生成密钥对(P1，P2)，同时在第三方审计系统中配置使用一个密钥P1，同时将另一个密钥P2人工配置到相应的业务系统中。And offline, the encryption and decryption algorithm and key pair are initially configured for the third-party audit system and business system, the algorithm is manually configured in the third-party audit system, and the key pair (P1, P2) is generated, and at the same time configured in the third-party audit system Use one key P1 and manually configure another key P2 into the corresponding business system.

本实例中第三方审计系统以串接方式进行部署，整个系统更为安全，即所有的用户访问请求和业务系统响应都经过第三方审计系统转发，用户和业务系统之间没有直接的交互，通过集群部署和负载均衡的方式避免第三方审计系统成为瓶颈。In this example, the third-party audit system is deployed in series, and the whole system is more secure, that is, all user access requests and business system responses are forwarded by the third-party audit system, and there is no direct interaction between users and business systems. The way of cluster deployment and load balancing prevents the third-party audit system from becoming a bottleneck.

本实例中的业务系统访问主动审计系统完成对业务系统访问进行主动审计的过程如下(参见图6)：The active auditing system for business system access in this example completes the process of actively auditing business system access as follows (see Figure 6):

若数据访问请求中需要请求访问的数据A(即需要访问的业务系统中的数据)中不包含受审计数据(即是否包含高价值、高敏感数据)，则将该数据访问请求以正常的业务系统访问交互方式直接发送给业务系统进行请求数据A的查询，或通过第三方审计系统中转的方式发送给业务系统进行请求数据A的查询。If the data A that needs to be accessed in the data access request (that is, the data in the business system that needs to be accessed) does not contain the audited data (that is, whether it contains high-value, high-sensitive data), the data access request is processed as normal business The system access interactive method directly sends to the business system to query the requested data A, or sends it to the business system to query the requested data A through a third-party audit system.

2.第三方审计系统针对需要审计验证的数据访问请求，利用配置的安全加密算法以及相应的密钥P1，针对数据访问请求中的请求访问数据A进行加密计算，生成一个加密后的数值B。第三方审计系统将接收到的数据访问请求与请求访问数据A以及相应的加密数值B一起反馈给业务系统。2. For data access requests that require audit verification, the third-party audit system uses the configured security encryption algorithm and the corresponding key P1 to encrypt and calculate the requested access data A in the data access request to generate an encrypted value B. The third-party audit system feeds back the received data access request together with the requested access data A and the corresponding encrypted value B to the business system.

3.业务系统接收到第三方审计系统发送的数据访问请求以及携带的请求访问数据A和加密数值B后，利用自身配置的加密算法和公钥(即密钥P2)对数据访问请求中的加密数值B进行解密，得到解密数据A’，将解密后数据A’与数据访问请求中携带的请求访问数据A比对，如果相同，则认为该访问请求合法，将向第三方审计系统返回用户请求的数据，第三方审计系统再将返回的用户请求数据转发给用户终端；如果不相同，则不合法，触发下一步预警处置动作。3. After the business system receives the data access request sent by the third-party audit system and the requested access data A and encrypted value B, it uses its own configured encryption algorithm and public key (ie, key P2) to encrypt the data in the data access request. The value B is decrypted to obtain the decrypted data A', and the decrypted data A' is compared with the requested access data A carried in the data access request. If they are the same, the access request is considered legal and the user request will be returned to the third-party audit system data, the third-party audit system forwards the returned user request data to the user terminal; if not the same, it is illegal and triggers the next step of early warning and handling action.

这里业务系统的算法和第三方审计系统的算法是一致的，秘钥采用第三方审计系统采用的秘钥所对应的公钥。需要说明的是，如果第三审计系统采用的是私钥加密，则业务系统采用公钥解密，如果第三方审计系统采用的是公钥加密，则业务系统采用私钥解密。The algorithm of the business system here is consistent with the algorithm of the third-party audit system, and the secret key adopts the public key corresponding to the secret key adopted by the third-party audit system. It should be noted that if the third audit system uses private key encryption, the business system uses the public key to decrypt, and if the third-party audit system uses public key encryption, the business system uses the private key to decrypt.

另外，本实例中业务系统访问主动审计系统在具体应用时，为进一步保障安全性，业务系统可以通过验证设备身份等方式，验证第三方审计系统的有效性。In addition, in this example, when the business system accesses the active audit system in specific applications, in order to further ensure security, the business system can verify the effectiveness of the third-party audit system by verifying the identity of the device.

实例3Example 3

本实例中将业务系统访问主动审计系统与认证、鉴权系统的有机配合使用，实现对用户的数据访问同时进行粗粒度的认证鉴权和细粒度的数据审计。In this example, the business system access active audit system is used organically with the authentication and authentication system to implement coarse-grained authentication and authentication and fine-grained data audit for user data access.

本实例中对于业务系统访问主动审计系统与业务系统之间的部署，可参见实例1或实例2，此处不加以赘述。For the deployment between the business system access active audit system and the business system in this example, refer to Example 1 or Example 2, and details will not be described here.

同时引入认证、鉴权系统，其可对用户终端配合，验证用户身份、并确认用户有访问业务系统的权限，并进行配置。At the same time, the authentication and authentication system is introduced, which can cooperate with the user terminal to verify the user's identity, confirm that the user has the authority to access the business system, and configure it.

在此，本实例方案对用户的数据访问同时进行粗粒度的认证鉴权和细粒度的数据审计的实施过程如下(参见图7)Here, the example scheme implements coarse-grained authentication and fine-grained data auditing for user data access at the same time (see Figure 7)

首先，通过认证鉴权系统对用户终端的身份进行认证、权限进行鉴别，确认用户有接入系统的权限之后，用户可以得知第三方审计系统相关的地址配置，实现更大程度地保护第三审计系统。First of all, through the authentication and authentication system to authenticate the identity and authority of the user terminal, after confirming that the user has the authority to access the system, the user can know the address configuration related to the third-party audit system to achieve a greater degree of protection for the third party. audit system.

后续，用户终端通过部署的业务系统访问主动审计系统来访问业务系统，整个数据请求访问过程参考实例1和实例2。Subsequently, the user terminal accesses the business system by accessing the active audit system through the deployed business system. Refer to Example 1 and Example 2 for the entire data request access process.

该过程中，当用户访问业务系统的行为发生异常时，可以通知第三方审计系统、认证鉴权系统，认证鉴权系统对用户进行综合分析、二次认证鉴权或者强制下线等操作，第三方审计系统则记录异常事件，用于后期的审计行为分析，即第三方审计系统即支持事前主动审计，也支持事后被动审计。During this process, when the behavior of the user accessing the business system is abnormal, the third-party audit system and authentication system can be notified, and the authentication system will perform comprehensive analysis on the user, secondary authentication or forced offline operations, etc. The three-party audit system records abnormal events for later audit behavior analysis, that is, the third-party audit system supports both pre-event active audit and post-event passive audit.

通过上述实例可知，本业务系统访问主动审计系统实现审计数据的访问，重点在事前审计，能够在高价值、高敏感数据被访问之前，通过第三方审计系统进行审计，实现事前审计，防患于未然。It can be seen from the above examples that the business system accesses the active audit system to realize the access of audit data, focusing on pre-audit, which can be audited through the third-party audit system before high-value and highly sensitive data is accessed, so as to realize pre-audit and prevent problems. Not yet.

本业务系统访问主动审计系统还可与认证鉴权系统可以同时工作，相对于目前现有的认证鉴权系统确定用户是否有访问系统和数据库的权限，而本系统方案能够对用户的数据访问进行细粒度的审计，做到粗粒度的认证鉴权和细粒度的数据审计结合。The business system access active audit system can also work with the authentication and authentication system at the same time. Compared with the current existing authentication and authentication system to determine whether the user has access to the system and database, the system solution can monitor the user's data access. Fine-grained auditing combines coarse-grained authentication with fine-grained data auditing.

以上显示和描述了本发明的基本原理、主要特征和本发明的优点。本行业的技术人员应该了解，本发明不受上述实施例的限制，上述实施例和说明书中描述的只是说明本发明的原理，在不脱离本发明精神和范围的前提下，本发明还会有各种变化和改进，这些变化和改进都落入要求保护的本发明范围内。本发明要求保护范围由所附的权利要求书及其等效物界定。The basic principles, main features and advantages of the present invention have been shown and described above. Those skilled in the industry should understand that the present invention is not limited by the above-mentioned embodiments. What are described in the above-mentioned embodiments and the description only illustrate the principle of the present invention. Without departing from the spirit and scope of the present invention, the present invention will also have Variations and improvements are possible, which fall within the scope of the claimed invention. The protection scope of the present invention is defined by the appended claims and their equivalents.