Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Safety injection automation method and device, electronic equipment and storage medium

An automatic device and security injection technology, which is applied in the field of data security, can solve the problems of complex system controls, labor-intensive manual injection, and inability to analyze results in real time, so as to achieve the effect of improving efficiency and quality

Pending Publication Date: 2022-05-10
WINNING HEALTH TECHNOLOGY GROUP CO LTD
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The technical problem to be solved by the present invention is to overcome the security injection monitoring of the C / S architecture in the prior art, which can only be manually injected at present. Due to the complexity and large amount of system controls, manual injection is very labor-intensive and cannot perform real-time results. Analyze the defects that require manual intervention to realize monitoring, and provide a security injection automation method, device, electronic equipment and storage medium

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Safety injection automation method and device, electronic equipment and storage medium
  • Safety injection automation method and device, electronic equipment and storage medium
  • Safety injection automation method and device, electronic equipment and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0045] figure 1 A security injection automation method of an information management system based on a C / S architecture in this embodiment is shown. Wherein, the information management system may be any applied information management system, such as an information management system for personnel file management, an information management system for borrowing books in a library, and the like. Security injection automation methods include:

[0046] When the trigger condition is met, the trigger condition can be a timing trigger, and the following steps are performed:

[0047] Step 11: Locate the controls for the information management system. If the information management system is designed based on the Windows system, the controls can be classified into Windows standardized controls and Windows non-standardized controls. The positioning of Windows standardized controls is relatively simple and can be realized by using autoit. The positioning of Windows non-standardized contro...

Embodiment 2

[0070] figure 2 It shows a security injection automation device for an information management system based on a C / S architecture in this embodiment. Wherein, the information management system may be any applied information management system, such as an information management system for personnel file management, an information management system for borrowing books in a library, and the like. The security injection automation device includes: a trigger module 21 , a location module 22 , a tracking module 23 , an input module 24 , an analysis module 25 and a notification module 26 .

[0071] The triggering module 21 is configured to invoke the positioning module 22 when a triggering condition is met. The trigger condition may be a timing trigger.

[0072] The locating module 22 is used to locate the control of the information management system, and then calls the tracking module 23 to start the SQL tracking tool, and the SQL tracking tool is used to track the database viewing...

Embodiment 3

[0080] image 3 It is a schematic structural diagram of an electronic device provided by Embodiment 3 of the present invention. The electronic device includes a memory, a processor, and a computer program stored on the memory and operable on the processor, and the processor implements the method in Embodiment 1 when executing the program. image 3 The electronic device 40 shown is only an example, and should not impose any limitation on the functions and application scope of the embodiments of the present invention.

[0081] Such as image 3 As shown, electronic device 40 may take the form of a general-purpose computing device, which may be a server device, for example. Components of the electronic device 40 may include, but are not limited to: at least one processor 41 , at least one memory 42 , and a bus 43 connecting different system components (including the memory 42 and the processor 41 ).

[0082] The bus 43 includes a data bus, an address bus and a control bus.

[...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a safety injection automation method and device, electronic equipment and a storage medium. The method comprises the following steps when a triggering condition is met: positioning a control of the information management system; starting an SQL (Structured Query Language) tracking tool, wherein the SQL tracking tool is used for tracking the database to view the data stream; inputting an SQL (Structured Query Language) injection statement, wherein the SQL injection statement is generated according to the value received by the control; the SQL tracking tool is closed; and analyzing the injection risk of the data stream according to a preset rule and obtaining an analysis result. Automatic testing in the field of C / S architecture information management system safety testing can be achieved, even if system controls are complex and large in quantity, manual intervention is not needed, automatic monitoring and tracking are completed, and the efficiency and quality of automatic safety testing are improved.

Description

technical field [0001] The invention belongs to the field of data security, and in particular relates to a security injection automation method, device, electronic equipment and storage medium. Background technique [0002] The general idea of ​​C / S (client / server) architecture security testing is as follows: requirement analysis>use case design>test case maintenance>test case execution>result analysis. Use case execution and result analysis in the above process are generally done manually. Currently, commonly used security testing tools include Appscan and Burpsuit, etc., which are mainly based on the B / S (browser / server) architecture. In the information management system of the C / S architecture, due to the large number of input boxes, information leakage is a threat to social security, and use case execution and result analysis take a lot of time, and the timeliness is not strong, so automatic use case execution and real-time security reporting are realized. T...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F11/36G06F16/242G06F16/2455
CPCG06F11/3684G06F11/3688G06F16/2433G06F16/24564
Inventor 施云云王涛黄智勇杨艳刘辉王晓鹏王巧珍吴铭
Owner WINNING HEALTH TECHNOLOGY GROUP CO LTD
Features
  • Generate Ideas
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More