Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A method for non-intrusive implementation of business system security audit

A security audit and business system technology, applied in the field of non-intrusive implementation of business system security audit, can solve the problems of inconvenient business application upgrade and maintenance, affecting the independent normal operation and maintenance of business applications and security audit, and inseparable problems

Active Publication Date: 2022-02-01
CHENGDU ZHONGKE HEXUN TECH CO LTD
View PDF8 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

At present, most of the security audits embed the audit logic into the business application through strong coupling, which has the following defects for the change of the security rules of the business application in the later stage: First, when the audit logic is strongly bound to the business application, the The later upgrade and maintenance of business applications becomes inconvenient, and when the software package of the business application is upgraded, the business application needs to be recompiled and redistributed. Second, some existing business applications can only be completely demolished and rebuilt when accessing the security audit function , which will waste a lot of manpower and material resources. Third, due to the programming language and technical limitations of business applications, different programming languages ​​need to be equipped with different security audit logic
It can be seen that the intrusive combination mode of security audit and business application in the prior art cannot effectively separate the control function of business application from the logical function of security audit, which seriously affects the independent normality of business application and security audit. Operation and Maintenance

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method for non-intrusive implementation of business system security audit

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0040] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

[0041] refer to figure 1 , which is a schematic flowchart of a method for non-intrusively implementing a security audit of a business system provided by the present invention. The method for realizing the security audit of the business system without intrusion comprises the following steps:

[0042] Step S1, obtaining the distribution information of application service-related nodes corresponding to the business application system, so as to determine the operating...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention provides a non-invasive method for implementing security audit of a business system. The non-invasive method for implementing a security audit of a business system is based on a sidecar model that combines the security audit module with a business application system in a non-invasive manner. The audit module and the business application system are deployed in a node at the same time, and the security audit module has the same life cycle as the application service of the amateur application system, so that the corresponding client can perform security audit operations. This method can integrate the business application The control function of the system is effectively separated from the logical function of the security audit module, so as to ensure the normal operation, maintenance and upgrade of the business application system and the security audit module.

Description

technical field [0001] The invention relates to the technical field of information management safety audit, in particular to a non-invasive method for realizing business system safety audit. Background technique [0002] During the period when industries with high security requirements need to engage in information management, it is necessary to conduct corresponding security audits on the daily user operation of application software, so as to assess whether the user's operation is an ultra vires operation or an unreasonable operation. At present, most of the security audits embed the audit logic into the business application through strong coupling, which has the following defects for the change of the security rules of the business application in the later stage: First, when the audit logic is strongly bound to the business application, the The later upgrade and maintenance of business applications becomes inconvenient, and when the software package of the business applica...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/40H04L41/0894
CPCH04L63/30H04L41/0893
Inventor 汪杰高守贵
Owner CHENGDU ZHONGKE HEXUN TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products