Data correlation method based on J2EE platform and correlation plug-in

A data association and plug-in technology, applied in electrical components, program control devices, transmission systems, etc., can solve problems such as unsafe events, difficult correlation of correlation models, and performance degradation of security audit products.

Active Publication Date: 2014-03-19
BEIJING VENUS INFORMATION SECURITY TECH +1
View PDF3 Cites 19 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

These association models are based on timestamps, probability statistics, association rules, or sql template learning. From a technical point of view, it is difficult for these association models to achieve 100% association, and of course it is impossible to accurately identify security events. Positioning, precise traceability
Moreover, these association models will also cause a significant decline in the performance of security audit products

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Data correlation method based on J2EE platform and correlation plug-in
  • Data correlation method based on J2EE platform and correlation plug-in

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0027] The applicant proposes that a plug-in can be deployed on the We application server. The plug-in adds a user information probe to the class that processes http requests, and adds a sql information probe to the class that processes sql statements. The user information probe will be responsible for obtaining user information and business information, the sql information probe is responsible for associating user information, business information and sql statements triggered by the business. The associated sql statement will carry user information and business information. The associated information will appear in the sql statement in the form of a comment in the form of a feature string. Deploy the database audit system to audit the database protocol traffic at the entrance switch of the database server, analyze the characteristic string in it to form a complete sql event associated with user information and business information, and record it in the database audit log. Af...

Embodiment 2

[0058] This embodiment provides a precise data association method based on the J2EE platform, which can be realized by the association plug-in in the first embodiment above. The method includes the following operations:

[0059] When the WEB application server receives a service request triggered by a logged-in user, the associated plug-in acquires and stores the associated information of the service request, which includes the user information and service information corresponding to the service request;

[0060] When the WEB application server requests data from the database according to the business request, the association plug-in associates the stored association information of the business request with the SQL statement in the form of comments, and then sends the SQL statement carrying the association information in the form of a database protocol packet to the switch.

[0061] In this way, the switch sends the database protocol packet to the database audit server for a...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a data correlation method based on a J2EE platform and a correlation plug-in, and relates to security audit technology. The method disclosed by the invention comprises the steps that when a WEB application server receives a service request triggered by a login user, a correlation plug-in obtains and stores the correlation information of the service request, wherein the correlation information comprises user information and service information corresponding to the service request; when the WEB application server requests data from a database according to the service request, the correlation plug-in correlates the correlation information of the stored service request in an SQL (Structured Query Language) sentence in an annotation manner and transmits the SQL sentence containing the correlation information to a switch in a database protocol packet manner. The invention also discloses the correlation plug-in. The technical scheme of the application is accurate service audit technology based on J2EE platform, which is used for accurately correlating the application user login information with service action information, and the accuracy of correlation degree reaches 100%.

Description

technical field [0001] The invention relates to safety audit technology, in particular to a data association method and an association plug-in based on a J2EE platform. Background technique [0002] With the rapid development of network technology, various applications have gradually transformed from the original C / S mode to the B / S mode. At present, the development of Web applications in enterprises mostly adopts J2EE platform and .NET platform. Due to the cross-platform characteristics of the Java language, most applications adopt the B / S (Browser / Server) three-tier architecture system based on the J2EE platform. The three-tier structure is: presentation layer (browser), business logic layer (Web middleware server), and data layer (database server). [0003] In the application of the B / S three-tier architecture, it is difficult to correlate the user HTTP request event of the presentation layer with the SQL response event of the data layer one-to-one. The traditional aud...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L29/08G06F9/44
Inventor 董学林
Owner BEIJING VENUS INFORMATION SECURITY TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap