Unlock instant, AI-driven research and patent intelligence for your innovation.

Sensitive instruction protection method and device and storage medium

A technology of sensitive instructions and protection equipment, applied in the field of network security, can solve the problems of single protection method for sensitive instructions, easy to be breached, and inability to effectively prevent the execution of illegal operations in a timely manner, so as to enhance the protection ability and achieve diversity Effect

Inactive Publication Date: 2019-11-01
CHINA MOBILE COMM GRP CO LTD
View PDF9 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] However, in the existing 4A platform, the protection methods for sensitive instructions are relatively simple, and the existing protection methods are easy to be breached. The illegal operations performed by sensitive instructions can only be used as the basis for determining responsibility after the event, and cannot effectively prevent the execution of illegal operations in a timely manner.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Sensitive instruction protection method and device and storage medium
  • Sensitive instruction protection method and device and storage medium
  • Sensitive instruction protection method and device and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0039] see figure 2 , the method includes:

[0040] Step 201: When the operation instruction of the resource management platform is a sensitive instruction, determine the sensitivity level of the operation instruction;

[0041] Step 202: Based on the preset mapping relationship and the sensitivity level of the operation instruction, determine the protection strategy corresponding to the sensitivity level of the operation instruction; wherein, the mapping relationship includes the corresponding relationship between at least two sensitivity levels and at least two protection strategies;

[0042] Step 203: Protect sensitive instructions based on the determined protection policy.

[0043] Here, the subject of execution of steps 201 to 203 may be a processor of a resource management platform, or a processor of a protection device for sensitive instructions.

[0044] In some embodiments, before determining that the operation instruction of the resource management platform is a se...

Embodiment 2

[0059] In order to better reflect the purpose of the present invention, on the basis of the first embodiment of the present invention, a further example is given. Here, the resource management platform takes the 4A unified security management platform as an example, as image 3 As shown, the method includes:

[0060] Step 301: Obtain the operation instruction in the 4A unified security management platform.

[0061] Before performing step 301, it also includes: when the user logs in to the 4A platform through the single sign-on management module, and performs daily operation and maintenance operations, the system log monitoring platform in the 4A platform will monitor all instructions received by the server in real time.

[0062] Specifically, build an ELK real-time system log monitoring platform to analyze SYSLOG logs and monitor operating instructions in real time. The monitoring object is mainly the server equipment in the 4A platform. By monitoring the SYSLOG log of the se...

Embodiment 3

[0095] For the method of the embodiment of the present invention, the embodiment of the present invention also provides a protective device for sensitive instructions, such as Figure 7 As shown, the protection device 70 includes: a processor 701 and a memory 702; wherein,

[0096] The processor 701 is used to execute the protection program of the sensitive instruction stored in the memory 702, so as to realize the following steps:

[0097] When the operation instruction of the resource management platform is a sensitive instruction, determine the sensitivity level of the operation instruction;

[0098] Based on the preset mapping relationship and the sensitivity level of the operation instruction, determine the protection strategy corresponding to the sensitivity level of the operation instruction; wherein, the mapping relationship includes at least two correspondences between sensitivity levels and at least two protection strategies;

[0099] Based on the determined protect...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention discloses a sensitive instruction protection method, and the method comprises the steps: determining the sensitivity level of an operation instruction when the operation instruction of a resource management platform is a sensitive instruction; determining a protection strategy corresponding to the sensitivity level of the operation instruction based on a preset mapping relationship and the sensitivity level of the operation instruction; wherein the mapping relationship comprises a corresponding relationship between at least two sensitivity levels and at least two protection strategies; and protecting the sensitive instruction based on the determined protection strategy. The embodiment of the invention further discloses a sensitive instruction protection device and a storage medium.

Description

technical field [0001] The invention relates to network security technology, in particular to a method, device and storage medium for protecting sensitive instructions. Background technique [0002] 4A (Authentication, Authorization, Accounting, Audit) unified security management platform, that is, a solution that integrates four elements of unified account management, unified authentication management, unified authorization management and unified security audit, covering single sign-on (SSO) On, SSO) and other security functions, providing users with 4A management with complete functions and high security level. [0003] Among them, the unified authorization management can centrally manage the user's resource access authority, that is, it can realize the access authority control of the browser / server mode and client / server mode application system resources, and can also realize the database, host and network equipment. Operation authority control, therefore, the type of re...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/205
Inventor 张滨赵刚娄涛林华生刘健
Owner CHINA MOBILE COMM GRP CO LTD