File management method, device and computer readable storage medium
By using a file management method based on head office nodes and file adapters, the problem of low file management efficiency caused by regulatory differences in various countries under the background of bank internationalization was solved. It achieved centralized and secure storage of cross-departmental file reading, thereby improving management efficiency and security.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Patents(China)
- Current Assignee / Owner
- CHINA MERCHANTS BANK
- Filing Date
- 2023-06-29
- Publication Date
- 2026-06-05
AI Technical Summary
In the context of banking internationalization, different regulatory requirements in different countries have led to different document storage methods used by overseas branches. This makes it difficult for documents to be transferred between departments, resulting in time-consuming and inefficient management processes. Furthermore, the lack of a unified management platform makes it difficult to guarantee security and compliance.
By employing a master node and a file adapter, the branch nodes of the target file are determined through archive information, and the target file is read based on the file adaptation method. Sensitivity levels are set for encryption and decryption, thereby achieving centralized management and secure storage of files.
It has enabled centralized reading of cross-departmental documents, shortened the overall reading time, improved management efficiency, and ensured the security and compliance of documents.
Smart Images

Figure CN116841977B_ABST
Abstract
Description
Technical Field
[0001] This invention relates to the field of data management technology, and in particular to file management methods, devices and computer-readable storage media. Background Technology
[0002] Against the backdrop of banking internationalization, banks' overseas assets have expanded rapidly, but at the same time they also face more and more complex risks and crises.
[0003] Because different countries have different regulatory requirements for the banking industry, overseas branches need to use different document storage methods.
[0004] Different branches and different departments within the same branch have different methods for storing and managing files. This results in the lack of a unified management platform, making it difficult for files to circulate between departments. The process of accessing documents from other departments is cumbersome, leading to a time-consuming and inefficient management process.
[0005] The above content is only used to help understand the technical solution of the present invention and does not represent an admission that the above content is prior art. Summary of the Invention
[0006] The main objective of this invention is to provide a file management method, device, and computer-readable storage medium, aiming to solve the technical problems of long management processes and low efficiency.
[0007] To achieve the above objectives, the present invention provides a file management method, the file management method comprising the following steps:
[0008] The archive front-end service node receives archive information sent by the head office node and sends the archive information to the local file storage service node. The archive information includes file description information.
[0009] The local file storage service node receives the target file fed back based on the archive information. After receiving the archive information, the local file storage service node determines the line node corresponding to the target file based on the archive information, reads the target file from the line node based on the file adaptation method corresponding to the archive information, and feeds it back to the archive front-end service node.
[0010] Output the target file.
[0011] Optionally, the step of reading the target file from the line node based on the file adaptation method corresponding to the archive information includes:
[0012] Based on the file information, the anti-theft link is read from the branch node;
[0013] Based on a pre-set sensitive word database, determine the sensitivity level corresponding to the file information;
[0014] If the sensitivity level is the first level, then the security code of the anti-theft link is verified to obtain the target link, and based on the file adaptation method corresponding to the file information, the intermediate file is read according to the target link, the intermediate file is decrypted to obtain the target file;
[0015] If the sensitivity level is level two, the anti-theft link is dynamically decrypted to obtain the target link, and the target file is read according to the target link based on the file adaptation method corresponding to the file information.
[0016] If the sensitivity level is level three, then the anti-theft link is statically decrypted to obtain the target link, and the target file is read according to the target link based on the file adaptation method corresponding to the file information.
[0017] Optionally, before the step of the archive front-end service node receiving archive information sent by the head office node, the following steps are included:
[0018] Receive file read commands sent by the user;
[0019] The step of reading the target file from the line node based on the file adaptation method corresponding to the archive information includes:
[0020] If the file reading instruction is a file preview instruction, then based on the preset correspondence between file information and preview adaptation methods, the preview adaptation method corresponding to the file information is determined, and based on the preview adaptation method, the target file is read from the line break node;
[0021] If the file reading instruction is a file download instruction, then according to the preset correspondence between file information and download adaptation methods, the download adaptation method corresponding to the file information is determined, and the target file is read from the branch node based on the download adaptation method;
[0022] The step of outputting the target file includes:
[0023] If the file read command is a file preview command, then the target file is displayed in the browser;
[0024] If the file read instruction is a file download instruction, then the target file is stored in the local storage.
[0025] Optionally, before the step of the archive front-end service node receiving archive information sent by the head office node, the following steps are included:
[0026] After receiving the file storage instruction sent by the user, the front-end service node of the archive receives the archive information and the target file;
[0027] The archive information is stored in the head office node, and the archive information and the target file are sent to the local file storage service node. After receiving the archive information and the target file, the local file storage service node determines the branch node corresponding to the target file based on the archive information, and stores the target file in the branch node based on the file adaptation method corresponding to the archive information.
[0028] Optionally, the step of storing the target file to the branch node based on the file adaptation method corresponding to the archive information includes:
[0029] Based on the pre-set correspondence between file information and storage adaptation methods, determine the storage adaptation method corresponding to the file information;
[0030] Based on a pre-set sensitive word database, determine the sensitivity level corresponding to the file information;
[0031] If the sensitivity level is the first level, the target file is encrypted into an intermediate file, a corresponding target link is generated based on the intermediate file, a security code corresponding to the target link is generated, and the intermediate file, the target link and the security code are stored in the branch node based on the storage adaptation method.
[0032] If the sensitivity level is level two, then based on the storage adaptation method, the target link is directly stored in the branch node;
[0033] If the sensitivity level is level three, then based on the storage adaptation method, the target link is directly stored to the branch node.
[0034] Optionally, before the step of determining the sensitivity level corresponding to the file information based on a preset sensitive word database, the following steps are included:
[0035] If the sensitivity level is level four, then the file information and the target file are directly stored in the head office node.
[0036] Optionally, after receiving the archive information and the target file, the local file storage service node, following the steps of determining the line break node corresponding to the target file based on the archive information and storing the target file to the line break node based on the file adaptation method corresponding to the archive information, includes:
[0037] The head office node compiles all the aforementioned file information and generates comprehensive file information;
[0038] The comprehensive archive information is aggregated and managed for security and compliance.
[0039] Optionally, before the step of storing the target file to the branch node based on the file adaptation method corresponding to the archive information, the following steps are included:
[0040] If duplicate target files exist in the branch node, and / or duplicate archive information exists in the main node, a warning will be output.
[0041] In addition, to achieve the above objectives, the present invention also provides a file management device, the device comprising: a memory, a processor, and a file management program stored on the memory and executable on the processor, the file management program being configured to implement the steps of the file management method described above.
[0042] In addition, to achieve the above objectives, the present invention also provides a computer-readable storage medium storing a file management program, which, when executed by a processor, implements the steps of the file management method described above.
[0043] In one technical solution provided by this invention, the archive front-end service node receives archive information sent by the head office node and sends the archive information to the local file storage service node. Then, it receives the target file from the local file storage service node based on the archive information and finally outputs the target file. Unlike storing all files in overseas branches, this solution stores the archive information of the files in the domestic head office and the specific content of the files in overseas branches, and includes a file adapter. This allows the entire file management system to uniformly read all files once the user triggers the relevant command via a browser, eliminating the need for cross-departmental access and transfer, and removing considerations of time differences between branches. This ensures more centralized file reading operations, thereby shortening the overall reading time and improving management efficiency. Attached Figure Description
[0044] Figure 1 This is a flowchart illustrating the first embodiment of the document management method of the present invention;
[0045] Figure 2 This is a schematic diagram of the file management system in the first embodiment of the file management method of the present invention;
[0046] Figure 3 This is a flowchart illustrating the second embodiment of the document management method of the present invention;
[0047] Figure 4 This is a flowchart illustrating the third embodiment of the document management method of the present invention;
[0048] Figure 5This is a schematic diagram of the adapter model in the third embodiment of the document management method of the present invention;
[0049] Figure 6 This is a flowchart illustrating the fourth embodiment of the document management method of the present invention;
[0050] Figure 7 This is a schematic diagram of the file management system in the fourth embodiment of the file management method of the present invention;
[0051] Figure 8 This is a flowchart illustrating the fifth embodiment of the document management method of the present invention;
[0052] Figure 9 This is a schematic diagram of the structure of a file management device in the hardware operating environment involved in the embodiments of the present invention.
[0053] The realization of the objective, functional features and advantages of the present invention will be further explained in conjunction with the embodiments and with reference to the accompanying drawings. Detailed Implementation
[0054] It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
[0055] The head office in China will grant overseas branches a certain degree of autonomy in management, allowing each branch to store and manage the aforementioned sensitive documents independently.
[0056] On the one hand, due to different regulatory requirements for the banking industry in different countries, overseas branches need to store documents of different sensitivity levels locally. Since there is no unified management requirement, each department of the branch has chosen different file storage methods according to its own habits. For example, some are stored on local disks, some on FTP (File Transfer Protocol) servers, some in shared directories, and some may be stored in multiple places. This results in the need to develop corresponding management systems for the storage services of each branch, making it impossible to manage them all through a unified file management system. Files are difficult to circulate between departments, and the process of accessing documents from other departments is cumbersome, resulting in low management efficiency.
[0057] On the other hand, branches need to report management results to the head office regularly, but there are time differences between overseas branches, so it is impossible to receive feedback results from all branches in a short period of time. This results in a time-consuming and inefficient management process.
[0058] Furthermore, the lack of access control and record keeping for various operations on the documents poses a significant challenge to security auditing and security.
[0059] To address the aforementioned issues, this invention adds a headquarters node and a file adapter to the entire document management process, aiming to improve management efficiency.
[0060] To better understand the above technical solutions, exemplary embodiments of this application will be described in more detail below with reference to the accompanying drawings. Although exemplary embodiments of this application are shown in the drawings, it should be understood that this application can be implemented in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided to enable a more thorough understanding of this application and to fully convey the scope of this application to those skilled in the art.
[0061] This invention provides a file management method, referring to... Figure 1 , Figure 1 This is a flowchart illustrating a first embodiment of a file management method according to the present invention.
[0062] In this embodiment, the file management method includes:
[0063] Step S11: The archive front-end service node receives the archive information sent by the head office node and sends the archive information to the local file storage service node. The archive information includes file description information.
[0064] Understandably, a file contains both archive information and the target file. Archive information includes file description information such as file identifier, client number, client name, file name, category, uploading user, and file format, stored in the main node. The target file refers to the file's specific content, such as text, images, and tables in a Word document, stored in the sub-nodes. File storage methods include, but are not limited to, local disks, multi-storage combinations, NAS (Network Attached Storage), ECS (Elastic Compute Service), FTP (File Transfer Protocol), UDS (Unified Data Storage), and custom storage.
[0065] It is important to note that the reason for using separate storage is based on considerations of file security and overall management. If a file is lost at an overseas branch, the head office in China can clearly know the basic information such as the type and quantity of the lost file.
[0066] When browsing or downloading files, users can directly manipulate the files through the browser.
[0067] Optionally, after a user triggers a relevant command based on a browser, the user node will send file information based on the relevant command, and the file front-end service node will receive the file information accordingly.
[0068] Furthermore, to ensure file integrity, the front-end archive service node also needs to obtain the specific content of the file, i.e., the target file. Considering the different file storage formats of each branch, direct retrieval is not possible; therefore, the archive information is sent to the local file storage service node, referring to... Figure 2 This is done indirectly to obtain the target file.
[0069] Step S12: Receive the target file fed back by the local file storage service node based on the archive information. After receiving the archive information, the local file storage service node determines the line node corresponding to the target file based on the archive information, reads the target file from the line node based on the file adaptation method corresponding to the archive information, and feeds it back to the archive front-end service node.
[0070] It is understandable that the local file storage service node is connected to several branch nodes, which essentially plays a role in the unified management of target files, such as unified reading and unified storage.
[0071] Optionally, after receiving the archive information, the local file storage service node determines the line branch node of the target file based on the archive information. For example, the uploading user is selected from the archive information, and then the line branch to which the uploading user belongs is determined by referring to the employee information of each line, thereby determining the line branch node of the target file.
[0072] Furthermore, the corresponding file adaptation method is determined based on the archive information. For example, the corresponding file adaptation method has already been written into the archive information during the previous file storage process, so in the current process, the corresponding adaptation method can be directly read from the archive information; for example, the file format is filtered from the archive information, and then the corresponding file adaptation method is determined based on the mapping relationship between the file format and the adaptation method.
[0073] Furthermore, the local file storage service node sends the archive information to the branch node of the target file. Correspondingly, the branch node uses the file identifier or other descriptive information in the archive information to search for files with the same identifier or other descriptive information in the branch file storage server, selects them as the target file, and then sends the target file or the corresponding link to the local file storage service node.
[0074] At this point, the local file storage service node can use the above file adaptation method to read the target file and then send it back to the archive front-end service node.
[0075] Step S13: Output the target file.
[0076] Optionally, after receiving the target file, the front-end service node can perform corresponding output processing according to user needs, such as previewing or downloading.
[0077] It is important to note that the entire file management system also allows for setting management permissions and logging operations, restricting file administrators, and generating corresponding operation logs, thereby ensuring file security and compliance.
[0078] In one technical solution provided in this embodiment, the archive front-end service node receives archive information sent by the head office node and sends the archive information to the local file storage service node. Then, it receives the target file from the local file storage service node based on the archive information and finally outputs the target file. Unlike storing all files in overseas branches, this solution stores the archive information of the files in the domestic head office and the specific content of the files in overseas branches, and includes a file adapter. This allows the entire file management system to uniformly read all files once the user triggers the relevant command through a browser, eliminating the need for cross-departmental access and transfer, and removing considerations of time differences between branches. This ensures more centralized file reading operations, thereby shortening the overall reading time and improving management efficiency.
[0079] Furthermore, refer to Figure 3 A second embodiment of the document management method of the present invention is proposed. Based on the above... Figure 1 In the embodiment shown, the step of reading the target file from the branch node based on the file adaptation method corresponding to the archive information includes:
[0080] Step S21: Based on the file information, read the anti-theft link from the branch node;
[0081] Step S22: Determine the sensitivity level of the file information based on the preset sensitive word database;
[0082] Understandably, hotlinking refers to a service provider offering content it doesn't actually provide, bypassing other end-user interfaces with financial incentives, and directly providing that content to end-users on its own website, thus deceiving them into browsing and clicking. To avoid this, this solution applies anti-hotlinking technology during storage, encrypting the target link corresponding to the target file to generate an anti-hotlinking link for external distribution.
[0083] Optionally, the local file storage service node sends the file identifier in the archive information to the branch node. Since the branch node stores the mapping relationship between file identifiers and file links, after receiving the file identifier A, the branch node can directly determine the corresponding anti-theft link a and feed back the anti-theft link a to the local file storage service node.
[0084] Optionally, technical personnel can pre-set sensitive word databases based on business type, user group, etc., including but not limited to customer personal basic information (such as name, nationality, identification document, address, residence), customer personal contact information (such as telephone, mobile phone, email, WeChat), basic information of the company (such as company name, business license, company address, shareholder information, management information, company contact information, company financial status), customer account information (such as basic account information, account amount information, account transaction information), customer contract information (such as loan information, repayment information), etc.
[0085] For example, based on a sensitive word database, the frequency of sensitive words appearing in the archive information is statistically analyzed. Frequency = number of times sensitive words appear / total number of words. Then, the sensitivity level of the archive information is determined according to the frequency. For example, a frequency of 0.6 or above is classified as Level 1, a frequency of 0.3-0.6 as Level 2, a frequency of 0.3-0.1 as Level 3, and a frequency of less than 0.1 as Level 4.
[0086] For example, all sensitive words in the sensitive word database are divided into Level 1 sensitive words, Level 2 sensitive words, Level 3 sensitive words, etc. If a Level 1 sensitive word exists in the file information, it belongs to Level 1; if a Level 2 sensitive word exists in the file information but no Level 1 sensitive word exists, it belongs to Level 2; if a Level 3 sensitive word exists in the file information, it belongs to Level 3; and if no sensitive word exists in the file information, it belongs to Level 4.
[0087] Step S23: If the sensitivity level is the first level, then the security code of the anti-theft link is verified to obtain the target link, and based on the file adaptation method corresponding to the file information, the intermediate file is read according to the target link, the intermediate file is decrypted to obtain the target file;
[0088] Step S24: If the sensitivity level is the second level, the anti-theft link is dynamically decrypted to obtain the target link, and the target file is read according to the target link based on the file adaptation method corresponding to the file information.
[0089] Step S25: If the sensitivity level is level three, statically decrypt the anti-theft link to obtain the target link, and read the target file according to the target link based on the file adaptation method corresponding to the file information.
[0090] Understandably, the sensitivity of Level 1, Level 2, and Level 3 decreases sequentially, and the encryption and decryption methods used at each level are also different. Specifically, when storing files, Level 1 requires encrypted storage and the setting of a security code to prevent theft; Level 2 requires the setting of a dynamic anti-theft link; and Level 3 requires a static anti-theft link.
[0091] During file reading, if the sensitivity level is Level 1, the current security code needs to be obtained from the anti-theft link and compared with the standard security code. If they match, it means the link has not been tampered with, and the security code in the anti-theft link can be removed to obtain the target link. Based on the file adaptation method corresponding to the archive information, intermediate files are read from the target link, and then decrypted using a decryption algorithm to obtain the target file.
[0092] If the sensitivity level is Level 2, dynamic decryption of the anti-theft links is required. During dynamic encryption, a new link is dynamically generated for each encryption, meaning there's a one-to-many relationship between the target link and the anti-theft links, such as X-{a,b,c,d,e}, Y-{f,g,h,i,j}. Therefore, during decryption, it's necessary to first determine the set of anti-theft links to which the current anti-theft link belongs, and then identify the target link defined in that set. This identifies the target link corresponding to the anti-theft link. Then, based on the file adaptation method corresponding to the file information, the target file is read from the target link.
[0093] If the sensitivity level is level three, static decryption of the anti-theft link is required. During static encryption, regardless of the number of encryption iterations, only one new link will be generated; that is, there is a one-to-one relationship between the target link and the anti-theft link, such as Xx, Yy. Therefore, during decryption, the target file can be read directly from the target link corresponding to the anti-theft link, based on the file adaptation method corresponding to the archive information.
[0094] In one technical solution provided in this embodiment, the sensitivity level of the file information is determined based on a sensitive word database. Then, the corresponding decryption method is adopted based on the sensitivity level to obtain the target file. By setting sensitivity levels and distinguishing the sensitivity of files, the decryption method of the target file can be determined quickly and accurately, thereby shortening the overall reading time.
[0095] Furthermore, refer to Figure 4 A third embodiment of the document management method of the present invention is proposed. Based on the above... Figure 1 In the illustrated embodiment, before the step of the archive front-end service node receiving archive information sent by the head office node, the following steps are included:
[0096] Step S31: Receive the file read command sent by the user;
[0097] Optionally, users can click the file preview or file download option on their browser, triggering file reading commands, such as file preview or file download commands. File preview and file download are essentially the same: both involve acquiring the file's data stream. The difference lies in how the data is processed after acquisition; the former is presented directly on the browser using a tool, while the latter saves the file directly to the local machine.
[0098] The step of reading the target file from the line node based on the file adaptation method corresponding to the archive information includes:
[0099] Step S32: If the file reading instruction is a file preview instruction, then according to the preset correspondence between file information and preview adaptation method, determine the preview adaptation method corresponding to the file information, and read the target file from the line break node based on the preview adaptation method;
[0100] Step S33: If the file reading instruction is a file download instruction, then according to the preset correspondence between file information and download adaptation methods, determine the download adaptation method corresponding to the file information, and read the target file from the branch node based on the download adaptation method;
[0101] The step of outputting the target file includes:
[0102] Step S34: If the file reading instruction is a file preview instruction, then display the target file in the browser;
[0103] Step S35: If the file read instruction is a file download instruction, then the target file is stored in the local storage.
[0104] It is understandable that the adapter model in local file storage services refers to... Figure 5 It supports various management services, including storage, preview, download, and delete interfaces. The local file storage service determines the interface type based on the type of user command received, and provides the corresponding file adaptation method.
[0105] Optionally, if the file reading instruction is a file preview instruction, the required preview adaptation method is determined based on the pre-defined correspondence between archive information and preview adaptation methods, and the target file is read accordingly. Further, after receiving the target file, the archive front-end service displays the target file in a browser using a tool.
[0106] Optionally, if the file reading instruction is a file download instruction, the required download adaptation method is determined based on the pre-set correspondence between archive information and download adaptation methods, and the target file is read accordingly. Further, after receiving the target file, the archive front-end service stores the target file in local storage.
[0107] In one technical solution provided in this embodiment, different types of interfaces are used based on the type of file reading command sent by the user, and then different types of file adaptation methods are adopted to obtain the target file and use different output methods. By distinguishing between preview commands and download commands, the actual needs of the user are understood, and corresponding services are provided, increasing file management methods and achieving file management diversity.
[0108] Furthermore, refer to Figure 6 This invention proposes a fourth embodiment of the document management method. Based on the above... Figure 1 In the illustrated embodiment, before the step of the archive front-end service node receiving archive information sent by the head office node, the following steps are included:
[0109] Step S41: After receiving the file storage instruction sent by the user, the file front-end service node receives the file information and the target file;
[0110] Step S42: Store the archive information to the main branch node, and send the archive information and the target file to the local file storage service node. After receiving the archive information and the target file, the local file storage service node determines the branch node corresponding to the target file based on the archive information, and stores the target file to the branch node based on the file adaptation method corresponding to the archive information.
[0111] Understandably, when a user clicks the file storage option on the browser, a file storage instruction is triggered, and the file management system then performs the storage operation on the file provided by the user.
[0112] Optionally, after receiving a file storage instruction, the front-end service node of the file management system receives the file uploaded by the user, which carries the file information and the target file.
[0113] Reference Figure 7 On the one hand, the archive information is stored at the head office node; on the other hand, the archive information and the target file are sent to the local file storage service node so that the local file storage service node can store the target file to the corresponding branch node according to the archive information.
[0114] The local file storage service node first determines the line breakpoint of the target file based on the archive information, and then determines the corresponding file adaptation method based on the archive information, the specific method being the same as S12, and will not be repeated here. Further, according to the storage adaptation method, the target file is stored in the line breakpoint.
[0115] It's important to note that before actually storing the file to the branch node, to avoid duplicate file storage, it's necessary to check if there are duplicate target files in the branch node and / or duplicate archive information in the main node. If so, a warning should be output, and the storage operation should not be performed to inform the user that a duplicate file already exists, thus saving storage space.
[0116] It is important to note that after the file storage is completed, the head office node can compile all the archive information and generate comprehensive archive information. Based on this, it can perform aggregated management and security compliance management, including but not limited to global retrieval, access control, operation log recording, security audit, archive report analysis, cross-departmental document access, etc.
[0117] In one technical solution provided in this embodiment, after obtaining the user's storage instructions and corresponding files, the files are divided into archive information and target files. The former is stored at the head office node, and the latter is stored at the branch node, thereby achieving distributed file storage. This storage method can meet the regulatory requirements of various countries, ensuring that file content does not leave the country. Furthermore, the head office can, to a certain extent, grasp the file management overview of the branches, such as the number and type of stored files. This allows the head office to perform aggregated management and security compliance management of archive information, facilitating unified management by operations and maintenance personnel.
[0118] Furthermore, refer to Figure 8 The fifth embodiment of the document management method of the present invention is proposed. Based on the above... Figure 6 In the embodiment shown, the step of storing the target file to the branch node based on the file adaptation method corresponding to the archive information includes:
[0119] Step S51: Determine the storage adaptation method corresponding to the file information based on the pre-set correspondence between file information and storage adaptation methods;
[0120] Step S52: Determine the sensitivity level of the file information based on the preset sensitive word database;
[0121] Step S53: If the sensitivity level is the first level, the target file is encrypted into an intermediate file, a corresponding target link is generated based on the intermediate file, a security code corresponding to the target link is generated, and the intermediate file, the target link and the security code are stored in the branch node based on the storage adaptation method.
[0122] Step S54: If the sensitivity level is the second level, then generate the corresponding target link based on the target file, and directly store the target file and the target link to the branch node based on the storage adaptation method;
[0123] Step S55: If the sensitivity level is level three, then generate the corresponding target link based on the target file, and directly store the target file and the target link to the branch node based on the storage adaptation method;
[0124] Step S56: If the sensitivity level is level four, then directly store the file information and the target file to the main node.
[0125] Optionally, since the user command is a file storage command, the local file storage service will call the storage interface accordingly, and then determine the required storage adaptation method based on the pre-set correspondence between the file information and the storage adaptation method.
[0126] Optionally, the sensitivity level of the file information can be determined based on a preset sensitive word database. The specific method is the same as in S22, and will not be repeated here.
[0127] If the sensitivity level is Level 1, encrypted storage and a security code need to be set. The specific process is as follows: using an encryption algorithm, the target file is encrypted into an intermediate file, and a corresponding target link is generated. Then, a security code corresponding to the target link is dynamically generated, and the target link and security code are combined. Finally, using a storage adaptation method, the intermediate file, target link, and security code are stored in the branch node.
[0128] If the sensitivity level is level two or three, storage can be performed directly. That is, the corresponding target link is generated based on the target file, and then the target file and target link are stored in the branch node using storage adaptation.
[0129] If the sensitivity level is level four, it means that the file entered by the user is a non-sensitive file, such as company news, office documents that do not involve sensitive data, laws and regulations, some business management data, application forms for business processing, report data with customer information filtered out, and processed and anonymized data. These types of files are not subject to the control restrictions of various countries and can therefore be directly stored at the head office node.
[0130] In one technical solution provided in this embodiment, the sensitivity level of the file information is determined according to the sensitive word database so that appropriate file confidentiality measures can be adopted according to the sensitivity level of the file before formal storage, so as to prevent criminals from tampering with or stealing the relevant files during file transmission or on a specific server. Moreover, multiple decryption methods are provided to balance the security and efficiency of file storage.
[0131] Reference Figure 9 , Figure 9 This is a schematic diagram of the file management device structure of the hardware operating environment involved in the embodiments of the present invention.
[0132] like Figure 9 As shown, the file management device may include: a processor 1001, such as a central processing unit (CPU), a communication bus 1002, a user interface 1003, a network interface 1004, and a memory 1005. The communication bus 1002 is used to enable communication between these components. The user interface 1003 may include a display screen or an input unit such as a keyboard; optionally, the user interface 1003 may also include a standard wired interface or a wireless interface. The network interface 1004 may optionally include a standard wired interface or a wireless interface (such as a Wi-Fi interface). The memory 1005 may be a high-speed random access memory (RAM) or a stable non-volatile memory (NVM), such as a disk drive. The memory 1005 may also optionally be a storage device independent of the aforementioned processor 1001.
[0133] Those skilled in the art will understand that Figure 9 The structure shown does not constitute a limitation on the file management device and may include more or fewer components than shown, or combine certain components, or have different component arrangements.
[0134] like Figure 9 As shown, the memory 1005, which serves as a storage medium, may include an operating system, a data storage module, a network communication module, a user interface module, and a file management program.
[0135] exist Figure 9 In the file management device shown, the network interface 1004 is mainly used for data communication with other devices; the user interface 1003 is mainly used for data interaction with the user; the processor 1001 and the memory 1005 in the file management device of the present invention can be set in the file management device, and the file management device calls the file management program stored in the memory 1005 through the processor 1001 and executes the file management method provided in the embodiment of the present invention.
[0136] This invention provides a computer-readable storage medium storing a computer program, which, when executed by a processor, implements the steps of any of the above-described file management methods.
[0137] Since the embodiments of the computer-readable storage medium portion correspond to the embodiments of the method portion, the embodiments of the computer-readable storage medium portion are described in the description of the embodiments of the method portion, and will not be repeated here.
[0138] It should be noted that, in this document, the terms "comprising," "including," or any other variations thereof are intended to cover non-exclusive inclusion, such that a process, method, article, or system that comprises a list of elements includes not only those elements but also other elements not expressly listed, or elements inherent to such a process, method, article, or system. Unless otherwise specified, an element defined by the phrase "comprising one..." does not exclude the presence of other identical elements in the process, method, article, or system that includes that element.
[0139] The sequence numbers of the above embodiments of the present invention are for descriptive purposes only and do not represent the superiority or inferiority of the embodiments.
[0140] Through the above description of the embodiments, those skilled in the art can clearly understand that the methods of the above embodiments can be implemented by means of software plus necessary general-purpose hardware platforms. Of course, they can also be implemented by hardware, but in many cases the former is a better implementation method. Based on this understanding, the technical solution of the present invention, or the part that contributes to the prior art, can be embodied in the form of a software product. This computer software product is stored in a storage medium (such as ROM / RAM, magnetic disk, optical disk) as described above, and includes several instructions to cause a terminal device (which may be a mobile phone, computer, server, or network device, etc.) to execute the methods described in the various embodiments of the present invention.
[0141] The above are merely preferred embodiments of the present invention and do not limit the scope of the patent. Any equivalent structural or procedural transformations made based on the description and drawings of the present invention, or direct or indirect applications in other related technical fields, are similarly included within the scope of patent protection of the present invention.
Claims
1. A file management method, characterized in that, The file management method includes the following steps: The archive front-end service node receives archive information sent by the head office node and sends the archive information to the local file storage service node. The archive information includes file description information. The local file storage service node receives a target file fed back by the local file storage service node based on the archive information. After receiving the archive information, the local file storage service node determines the line node corresponding to the target file based on the archive information, reads the target file from the line node based on the file adaptation method corresponding to the archive information, and feeds it back to the archive front-end service node. Output the target file; The step of reading the target file from the line break node based on the file adaptation method corresponding to the archive information includes: Based on the file information, the anti-theft link is read from the branch node; Based on a pre-set sensitive word database, determine the sensitivity level corresponding to the file information; If the sensitivity level is the first level, then the security code of the anti-theft link is verified to obtain the target link, and based on the file adaptation method corresponding to the file information, the intermediate file is read according to the target link, the intermediate file is decrypted to obtain the target file; If the sensitivity level is level two, the anti-theft link is dynamically decrypted to obtain the target link, and the target file is read according to the target link based on the file adaptation method corresponding to the file information. If the sensitivity level is level three, then the anti-theft link is statically decrypted to obtain the target link, and the target file is read according to the target link based on the file adaptation method corresponding to the file information.
2. The file management method as described in claim 1, characterized in that, Before the step of the front-end service node receiving the archive information sent by the head office node, the following steps are included: Receive file read commands sent by the user; The step of reading the target file from the line break node based on the file adaptation method corresponding to the archive information includes: If the file reading instruction is a file preview instruction, then based on the preset correspondence between file information and preview adaptation methods, the preview adaptation method corresponding to the file information is determined, and based on the preview adaptation method, the target file is read from the line break node; If the file reading instruction is a file download instruction, then according to the preset correspondence between file information and download adaptation methods, the download adaptation method corresponding to the file information is determined, and the target file is read from the branch node based on the download adaptation method; The step of outputting the target file includes: If the file read command is a file preview command, then the target file is displayed in the browser; If the file read instruction is a file download instruction, then the target file is stored in the local storage.
3. The file management method as described in claim 1, characterized in that, Before the step of the front-end service node receiving the archive information sent by the head office node, the following steps are included: After receiving the file storage instruction sent by the user, the front-end service node of the archive receives the archive information and the target file; The archive information is stored in the head office node, and the archive information and the target file are sent to the local file storage service node. After receiving the archive information and the target file, the local file storage service node determines the branch node corresponding to the target file based on the archive information, and stores the target file in the branch node based on the file adaptation method corresponding to the archive information.
4. The file management method as described in claim 3, characterized in that, The step of storing the target file to the branch node based on the file adaptation method corresponding to the archive information includes: Based on the pre-set correspondence between file information and storage adaptation methods, determine the storage adaptation method corresponding to the file information; Based on a pre-set sensitive word database, determine the sensitivity level corresponding to the file information; If the sensitivity level is the first level, the target file is encrypted into an intermediate file, a corresponding target link is generated based on the intermediate file, a security code corresponding to the target link is generated, and the intermediate file, the target link and the security code are stored in the branch node based on the storage adaptation method. If the sensitivity level is the second level, then a corresponding target link is generated based on the target file, and the target file and the target link are directly stored in the branch node based on the storage adaptation method; If the sensitivity level is level three, then a corresponding target link is generated based on the target file, and the target file and the target link are directly stored in the branch node based on the storage adaptation method.
5. The file management method as described in claim 4, characterized in that, Before the step of determining the sensitivity level of the file information based on a preset sensitive word database, the following steps are included: If the sensitivity level is level four, then the file information and the target file are directly stored in the head office node.
6. The file management method as described in claim 3, characterized in that, After receiving the archive information and the target file, the local file storage service node determines the line break node corresponding to the target file based on the archive information, and stores the target file to the line break node based on the file adaptation method corresponding to the archive information. Following this step, the process includes: The head office node compiles all the aforementioned file information and generates comprehensive file information; The comprehensive archive information is aggregated and managed for security and compliance.
7. The file management method as described in claim 6, characterized in that, Before the step of storing the target file to the branch node based on the file adaptation method corresponding to the archive information, the following steps are included: If duplicate target files exist in the branch node, and / or duplicate archive information exists in the main node, a warning will be output.
8. A document management device, characterized in that, The device includes: a memory, a processor, and a file management program stored on the memory and executable on the processor, the file management program being configured to implement the steps of the file management method as described in any one of claims 1 to 7.
9. A computer-readable storage medium, characterized in that, The computer-readable storage medium stores a file management program, which, when executed by a processor, implements the steps of the file management method as described in any one of claims 1 to 7.