A method for non-intrusive implementation of business system security audit

Abstract

The present invention provides a non-invasive method for implementing security audit of a business system. The non-invasive method for implementing a security audit of a business system is based on a sidecar model that combines the security audit module with a business application system in a non-invasive manner. The audit module and the business application system are deployed in a node at the same time, and the security audit module has the same life cycle as the application service of the amateur application system, so that the corresponding client can perform security audit operations. This method can integrate the business application The control function of the system is effectively separated from the logical function of the security audit module, so as to ensure the normal operation, maintenance and upgrade of the business application system and the security audit module.

Description

technical field [0001] The invention relates to the technical field of information management safety audit, in particular to a non-invasive method for realizing business system safety audit. Background technique [0002] During the period when industries with high security requirements need to engage in information management, it is necessary to conduct corresponding security audits on the daily user operation of application software, so as to assess whether the user's operation is an ultra vires operation or an unreasonable operation. At present, most of the security audits embed the audit logic into the business application through strong coupling, which has the following defects for the change of the security rules of the business application in the later stage: First, when the audit logic is strongly bound to the business application, the The later upgrade and maintenance of business applications becomes inconvenient, and when the software package of the business applica...

AI Technical Summary

Problems solved by technology

At present, most of the security audits embed the audit logic into the business application through strong coupling, which has the following defects for the change of the security rules of the business application in the later stage: First, when the audit logic is strongly bound to the business application, the The later upgrade and maintenance of business applications becomes inconvenient, and when the software package of the business application is upgraded, the business application needs to be recompiled and redistributed. Second, some existing business applications can only be completely demolished and rebuilt when accessing the security audit function , which will waste a lot of manpower and material resources. Third, due to the programming language and technical limitations of business applications, different programming languages ​​need to be equipped with different security audit logic

It can be seen that the intrusive combination mode of security audit and business application in the prior art cannot effectively separate the control function of business application from the logical function of security audit, which seriously affects the independent normality of business application and security audit. Operation and Maintenance

Images