Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Role based dynamic database desensitization service method and system

A service method and database technology, applied in the role-based database dynamic desensitization service method and system, in the field of database sensitive information protection, which can solve the problem of not being able to protect different tables and sensitive fields, not being able to satisfy protection, and not being able to view personal conditions, etc. question

Inactive Publication Date: 2016-12-07
北京同余科技有限公司
View PDF6 Cites 35 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

For example, patients can read personal disease information through the mobile app developed by the hospital, while the program of the government's medical and health management department can only read the hospital's medical statistics, but not the individual's condition
Moreover, the above invention fixes the tables, records, fields and encryption methods that need to be desensitized when initializing the database, which cannot satisfy the protection of different tables and sensitive fields for users of different roles, nor can it satisfy the use of different desensitization methods for users of different roles. Sensitive functions and parameters require different levels of protection for the same sensitive fields

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Role based dynamic database desensitization service method and system
  • Role based dynamic database desensitization service method and system
  • Role based dynamic database desensitization service method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0043] The present invention will be further described in detail below in conjunction with the accompanying drawings. figure 1 It is a structural diagram of the system, mainly including a parser, a data processing unit, a sensitive information setting unit, and a sensitive information storage unit, wherein a lookup table is stored in the sensitive information storage unit. figure 2 It is a workflow flowchart of receiving a SQL statement by the database control device, including several steps in the data operation stage in the following description. image 3 It is an illustration of a lookup table, which is used to judge whether the data requested by users with different roles is sensitive data and what function to use for desensitization.

[0044] Initial setup phase

[0045] Step 1: The data processing unit submits the SQL statement used to generate the custom masking function to the database, and the database executes the SQL statement to generate the custom masking functi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention belongs to the field of information safety and provides a role based dynamic database desensitization service method and system. The system comprises a parser for parsing SQL statements, a sensitive information setting unit for setting sensitive fields, desensitization functions and parameters for users of different roles, a sensitive information storage unit for storing a lookup table, a data processing unit for generating the desensitization functions in a database, obtaining user roles, verifying the integrity of the lookup table and modifying SELECT statements according to the requirements in the lookup table. In addition, the invention discloses the method, the method comprises the steps that the SQL statements are parsed through the parser, if the SQL statements are SELECT statements, the statements are submitted to the data processing unit for processing; if not, the statements are submitted to the database. Different sensitive fields and desensitization functions are set for the users of different roles, different desensitization functions can be also set for the same sensitive fields, the requirement for different sensitive data protection degrees of the users of different roles are met, and the diversification demand during provision of data service is met.

Description

technical field [0001] The invention belongs to the field of information security, and relates to a database sensitive information protection technology, in particular to a role-based database dynamic desensitization service method and system. Background technique [0002] A database is a place where computer servers are used to store data, and it is specially used to provide various data services. For example, in the process of medical and health informatization, the names and ID card information of a large number of sick patients are involved, and the database provides data query services for authorized applications. Applications of different units and roles can connect to medical databases to query medical information. For example, the program of the government's medical and health management department can read the hospital's medical statistics, and the mobile phone APP developed by the hospital can also read personal medical information. Providing the same original dat...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/62G06F17/30
Inventor 付海涛赵小录芦效峰
Owner 北京同余科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com