Risk assessment method and device for private data leakage

A privacy data and data technology, which is applied in the field of risk assessment for privacy data leakage, can solve problems such as illegal calls, stealing users' personal privacy information, user privacy leakage, etc., and achieve the effect of improving credibility and usability
CN111027094AActive Publication Date: 2020-04-17ALIPAY (HANGZHOU) INFORMATION TECH CO LTD
3 Cites 10 Cited by

Patent Information

Authority / Receiving Office
CN ยท China
Patent Type
Applications(China)
Current Assignee / Owner
ALIPAY (HANGZHOU) INFORMATION TECH CO LTD
Publication Date
2020-04-17

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
  • Figure 3
    Figure 3
Patent Text Reader

Abstract

The embodiment of the invention provides a risk assessment method for private data leakage. The method comprises the steps that firstly, a request message sent by a requester to a service platform andused for calling an application program interface (API) and a response message returned by the service platform for the request message are obtained, and the request message is used for requesting private data of a target object; then, the request message and the response message are analyzed to obtain analyzed data which at least comprises a plurality of target APIs, input parameters for the plurality of target APIs and a plurality of privacy categories of privacy data output through the plurality of target APIs; then, permission data of API calling of the requester is obtained from the service platform, wherein the permission data comprises an API set which the requester has permission to call, a parameter set composed of parameters which have permission to be transmitted in for the APIset, and a privacy category set of output data corresponding to the parameter set; and then, at least based on the analysis data and the permission data, the data leakage risk of the API call is evaluated.
Need to check novelty before this filing date? Find Prior Art

Description

Technical field

[0001] One or more embodiments of this specification relate to the technical field of data information security, and in particular to a risk assessment method and device for private data leakage. Background technique

[0002] API (Application Programming Interface) has the advantages of convenient calling and strong versatility, and has gradually become the main way of providing Internet network services. Therefore, API calls have also become a key focus area to prevent data leakage.

[0003] The service platform usually stores the basic information data of the objects it serves (such as individuals or enterprises, etc.), as well as the service data generated during the use of the service. It is understandable that these data are all private data for the service object. In the case where the service object authorizes some of their private data, the service platform can provide API call services to the data demander (such as research institutions or merchants, etc....

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More