Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Information security management and control method, system and device and readable storage medium

A technology of information security and security control, applied in the field of systems, devices, computer-readable storage media, and information security control methods, can solve problems such as theft of sensitive information, human instability, and enterprise hazards, and achieve information security and difficulty in internal intrusion high effect

Pending Publication Date: 2019-05-24
SANGFOR TECH INC
View PDF3 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] However, due to the instability of people, it is not ruled out that the influence of various self- and external factors on their psychology and behavior may cause employees to steal sensitive information through their own or borrowed access rights from others, causing harm to the company.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Information security management and control method, system and device and readable storage medium
  • Information security management and control method, system and device and readable storage medium
  • Information security management and control method, system and device and readable storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0063] See figure 1 , figure 1 A flowchart of an information security management and control method provided in the embodiment of the present application, which includes the following steps:

[0064] S101: Obtain the behavior data of the user;

[0065] The purpose of this step is to obtain various behavior data performed by internal employees in the internal network of the enterprise that can represent some behavior data performed by users in accordance with their own will, such as modification operations on local device security items, various operations performed on sensitive data, The location information of the login file system, the time spent browsing the recruitment website, the number of local attachments uploaded, etc. Since the types of data given above and other data with the same meaning are all direct feedback of actions taken by users in accordance with their own will, this application will use behavioral data as the data of the same or similar data mentioned a...

Embodiment 2

[0082] See figure 2 , figure 2 A flow chart of a method for implementing information security management and control according to the number of operations on sensitive data provided by the embodiment of the present application, on the basis of the first embodiment, this embodiment aims to perform operations on sensitive data according to the user's operations on the sensitive data within a preset time period. The behavior data of the dimension of times is used to give a specific information security management and control method, including the following steps:

[0083] S201: Acquire various operations performed by a user on sensitive data within a preset time period;

[0084] Since sensitive data leakage operations are often performed during non-working hours, and it is often inconvenient to perform operations during working hours due to the presence of surrounding colleagues, the preset time period may preferably be the off-get off work and after-get off work hours of the ...

Embodiment 3

[0096] See Figure 4 , Figure 4 A flowchart of a method for implementing information security management and control according to the number of login location changes provided in the embodiment of the present application, on the basis of the first embodiment, this embodiment is based on the behavior data of the dimension of the location information of the user logging in to the file system. To give an information security management and control method, including the following steps:

[0097] S301: Determine a common login location according to the location information of the user logging in to the file system each time;

[0098] The common login location is a location where the number of logins exceeds the preset number of logins when the user logs in to the file system.

[0099] S302: Evaluate the current behavior status of the user according to the magnitude relationship between the number of new landing positions different from the common landing positions and the number...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an information security management and control method. The method is different from the prior art in which a fixed authority is set for each employee. According to the invention, evaluation is carried out in real time based on the behavior data capable of reflecting the user behavior state; According to the invention, the security management and control level of the corresponding user is dynamically adjusted according to the evaluation result, so that each user has a non-invariable authority, the phenomenon that the current behavior of the user is not matched with the current security management and control level can be more timely perceived, then flexible adjustment is performed, the internal invasion difficulty is higher, and the information is safer. The invention further discloses an information security management and control system and device and a computer readable storage medium which have the above beneficial effects.

Description

technical field [0001] The present application relates to the technical field of information security, and in particular, to an information security management and control method, system, device, and computer-readable storage medium. Background technique [0002] With the establishment and establishment of the enterprise information security mechanism, the difficulty of invading the target system simply through external means also increases. Even if the intrusion is successful, it is easy to be discovered by various audit methods and then traced. [0003] On the other hand, the proportion of cases in which employees within an enterprise steal their own sensitive information has gradually become more prominent. Compared with external intrusions, internal intrusions often happen to employees who already have legal authority. However, because enterprises often adopt a "one-size-fits-all" approach to divide which users have access rights or outgoing rights to sensitive informati...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/60G06F21/45G06F21/31
Inventor 梁景波
Owner SANGFOR TECH INC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com