Method and system for securing information systems based on dynamic feedback
By constructing workflow subgraphs and security link graphs and configuring dynamic protection strategies, the problem of traditional scheduling systems lacking dynamic adaptability in complex network environments is solved, achieving efficient, stable operation and security protection of information systems.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Patents(China)
- Current Assignee / Owner
- CHINA CYBER SECURITY REVIEW CERTIFICATION AND MARKET SUPERVISION BIG DATA CENT
- Filing Date
- 2025-09-05
- Publication Date
- 2026-06-19
AI Technical Summary
Traditional multi-task flow scheduling systems lack dynamic adaptability when facing complex and ever-changing network environments. They struggle to perceive changes in system status in real time and adjust task execution strategies, leading to system paralysis under attacks and an inability to effectively defend against complex network attacks.
By acquiring workflow feedback information from the information system, workflow subgraphs and security link graphs are constructed, dependencies are identified, and security protection levels for workflow nodes and sub-containers are configured to achieve dynamic adjustment and hierarchical protection.
It enhances the system's security protection capabilities, effectively resisting complex network attacks and ensuring the smooth execution of critical tasks and the stable operation of the system.
Smart Images

Figure CN120934885B_ABST
Abstract
Description
Technical Field
[0001] This invention belongs to the field of system security and task scheduling technology, and in particular relates to a method and system for information system security protection based on dynamic feedback. Background Technology
[0002] Information systems in the digital age have deeply integrated into all sectors of society, becoming critical infrastructure. From communication confidentiality to computer system security, then to information system network security, and now even cyberspace security, information security assurance has undergone transformations, with its concepts and connotations constantly evolving. With the rise of new technologies such as cloud computing, the Internet of Things, and big data, modern information systems need to handle a large number of complex and diverse tasks simultaneously. This makes multitasking scheduling a crucial link in ensuring the efficient operation of the system, and its impact on system security is becoming increasingly prominent. The order of task execution is also vital in multitasking scheduling, as it is closely related to system security.
[0003] Different tasks often have dependencies, and the correct execution order is fundamental to ensuring the normal operation of system functions and the integrity and consistency of data. Taking bank transfer business as an example, it involves multiple tasks such as account balance inquiry, fund deduction, and fund deposit. These must be executed strictly in the order of inquiry first, then deduction, and finally deposit. If scheduling errors occur, resulting in funds being deducted but not successfully deposited into the target account, it will not only cause financial losses to users but also disrupt the data consistency of the bank system, triggering a crisis of user trust. Furthermore, it may be exploited by criminals for arbitrage and other illegal activities, seriously threatening system security. Chinese invention patent application CN202111279968.9 proposes a data compliance management method based on security capability scenario-based orchestration. This method combines basic security function services using scenario-based orchestration to form an executable workflow engine. It can flexibly manage and invoke data security capabilities and consider the status information fed back by data security software and hardware tools, achieving consistency in security policies and better leveraging the protective effectiveness of protection strategies.
[0004] However, the dynamism of multi-task flow scheduling is also closely related to system security. In complex and ever-changing network environments, information systems face constantly evolving security threats. This necessitates that multi-task flow scheduling be able to perceive changes in system status in real time and dynamically adjust task scheduling strategies. When the system detects an abnormal increase in network traffic, it may indicate a distributed denial-of-service (DDoS) attack. In this case, the scheduling system should react quickly, dynamically adjusting resource allocation, prioritizing the execution of anti-attack tasks such as network traffic scrubbing, and restricting resource usage for non-critical tasks to maintain normal system operation and defend against attacks. If the scheduling system lacks dynamic adaptability and cannot adjust task execution in a timely manner according to security threats, the system may be paralyzed under attack. Summary of the Invention
[0005] To address the aforementioned technical problems, this invention proposes an information system security protection method and system based on dynamic feedback.
[0006] In a first aspect of the present invention, a method for information system security protection based on dynamic feedback is proposed, the method comprising the following steps;
[0007] Obtain workflow feedback information for the current cycle of the information system;
[0008] Multiple workflow subgraphs are determined based on the workflow feedback information;
[0009] Identify the first dependencies between the multiple workflow subgraphs and construct a security link graph;
[0010] Based on the security link diagram, determine the security protection strategy for the information system in the current period;
[0011] The security link diagram includes multiple workflow nodes;
[0012] The security protection strategy includes configuring a first security protection level for each of the workflow nodes.
[0013] The workflow feedback information includes the number of nodes in each workflow and the second dependency relationship between the nodes;
[0014] The second dependency relationship includes a node predecessor or successor, and a second dependency cycle.
[0015] The first dependency relationship includes the dependent workflow node and the first dependency cycle;
[0016] The first dependency period is longer than the second dependency period.
[0017] The security link graph includes at least a first workflow subgraph and a second workflow subgraph;
[0018] The first workflow subgraph runs in the first sub-container, and the second workflow subgraph runs in the second sub-container;
[0019] The first and second child containers interact with each other through the main container.
[0020] The information system includes at least one main container;
[0021] After determining multiple workflow subgraphs, the main container creates multiple sub-containers based on the workflow subgraphs;
[0022] Each sub-container corresponds to a workflow subgraph.
[0023] In a second aspect of the invention, a dynamic feedback-based information system security protection system is also proposed, the system comprising:
[0024] A workflow feedback information acquisition unit is used to acquire workflow feedback information within the current cycle of the information system.
[0025] A workflow subgraph determination unit is used to determine multiple workflow subgraphs based on the workflow feedback information;
[0026] The sub-container creation unit is used to create multiple sub-containers, each of which corresponds to a workflow subgraph.
[0027] The security link graph construction unit is used to identify the first dependency relationship between the multiple workflow subgraphs and construct the security link graph.
[0028] A security protection strategy determination unit is used to determine the security protection strategy of the information system in the current period based on the security link diagram.
[0029] The security link diagram includes multiple workflow nodes;
[0030] The security protection strategy includes configuring a first security protection level for each workflow node and a second security protection level for each sub-container.
[0031] The information system includes at least one main container;
[0032] After determining multiple workflow subgraphs, the main container creates multiple sub-containers based on the workflow subgraphs; different sub-containers interact with each other through the main container.
[0033] The first security protection level of each workflow node includes the resource access control level corresponding to each workflow node;
[0034] The second security protection level for each sub-container includes the identity access verification level corresponding to each sub-container.
[0035] In a third aspect of the invention, a computer-readable storage medium is also provided, on which program code for implementing containerized workflow management is stored, wherein when the program code is executed by a processor, the aforementioned information system security protection method based on dynamic feedback is implemented.
[0036] To address the shortcomings of traditional static protection methods, such as lagging performance and inability to handle complex attacks, the technical solution of this invention utilizes a workflow feedback information acquisition unit to monitor system operation in real time, providing precise data for protection strategy formulation. The workflow subgraph determination and subcontainer creation unit refines the system into multiple subgraphs and corresponding subcontainers, facilitating targeted protection and enhancing its precision. The security link graph construction unit organizes subgraph dependencies to construct a security link graph, making the system's security structure readily apparent. Based on this, the security protection strategy determination unit configures workflow node resource access control levels and subcontainer identity access verification levels, achieving tiered protection. This enhances the protection of key nodes and areas, improves the overall system security capabilities, and effectively resists complex network attacks.
[0037] Further specific advantages and implementation principles of the present invention will be further detailed in the specific embodiments section in conjunction with the accompanying drawings. Attached Figure Description
[0038] To more clearly illustrate the technical solutions in the embodiments of the present invention or the prior art, the drawings used in the embodiments will be briefly introduced below. Obviously, the drawings described below are only some embodiments of the present invention. For those skilled in the art, other drawings can be obtained based on these drawings without creative effort.
[0039] Figure 1 This is a schematic diagram of the main execution flow of an information system security protection method based on dynamic feedback according to an embodiment of the present invention;
[0040] Figure 2 yes Figure 1 A schematic diagram of the security link graph constructed by the method;
[0041] Figure 3 This is a schematic diagram illustrating the relationship between the workflow sub-graph, sub-containers, and main container in the technical solution of this invention;
[0042] Figure 4 This is a schematic diagram of the hardware unit composition of an information system security protection system based on dynamic feedback, according to an embodiment of the present invention. Detailed Implementation
[0043] In the specific embodiments of this application, if the embodiments of the relevant technical solutions involve user-related data, then when the embodiments of this application are applied to specific products or technologies, user permission or consent is required, and the collection, use and processing of the relevant data must comply with the relevant laws, regulations and standards of the relevant countries and regions.
[0044] First, it should be noted that, for ease of understanding, the following embodiments of the present invention will be described in detail with several specific product, process, or task examples (for example, the information system is specifically an e-commerce system, a production system, and the task is specifically an order statistics task). However, the technical solution of the present invention can also be applied to other types of information systems, products, processes, or tasks.
[0045] Furthermore, the concepts of "higher" (permission, level) and "lower" (permission, level) will be mentioned repeatedly in subsequent embodiments of the present invention. It should be understood that "higher" and "lower" are relative concepts within a particular embodiment and are generally not absolute values. That is, a "higher" level in the first embodiment is not necessarily "higher" than a "lower" level in the second embodiment; and a "lower" level in the second embodiment is not necessarily "lower" than a "higher" level in the first embodiment.
[0046] First see Figure 1 , Figure 1 This is a schematic diagram of the main execution flow of an information system security protection method based on dynamic feedback according to an embodiment of the present invention.
[0047] Figure 1 The method includes the following steps:
[0048] Obtain workflow feedback information for the current cycle of the information system;
[0049] Multiple workflow subgraphs are determined based on the workflow feedback information;
[0050] Identify the first dependencies between the multiple workflow subgraphs and construct a security link graph;
[0051] Based on the security link diagram, the security protection strategy for the information system in the current period is determined.
[0052] Next, combined Figures 2-3 ,right Figure 1 The method embodiments described above are further elaborated.
[0053] In embodiments of the present invention, information systems need to handle a large number of complex and diverse tasks simultaneously, making multi-task flow scheduling a key element in ensuring efficient system operation, and its impact on system security is becoming increasingly prominent. Multi-task flow scheduling is not a static process that can be completed once and for all; it needs to possess high flexibility and real-time adaptability in the face of dynamically changing network environments and complex and diverse task requirements. Faced with sudden surges in network traffic, such as distributed denial-of-service (DDoS) attacks, multi-task flow scheduling should be able to quickly detect and reallocate resources, prioritizing the execution of network protection tasks, alleviating network pressure in a timely manner, and maintaining normal system operation.
[0054] Therefore, in Figure 1 The method first requires obtaining workflow feedback information for the current cycle of the information system.
[0055] Preferably, the workflow feedback information includes the number of nodes in each workflow and a second dependency relationship between the nodes. The second dependency relationship includes a node predecessor or successor and a second dependency cycle.
[0056] See further Figure 2 ,exist Figure 2 The diagram shows multiple workflow node tasks A1, A2, A3, and workflow node tasks B1, B2, B3.
[0057] Among them, task A2 depends on A1 (that is, task A2 can only be executed after task A1 is completed, and the output of task A1 serves as the input of task A2); task A3 depends on A2 (in the same principle).
[0058] Similarly, task B2 depends on B1, and task B3 depends on B2.
[0059] In this example, A2 is the predecessor node of A3, and A3 is one of the successors of A2. Therefore, the second dependency between A2 and A3 includes both the predecessor and the successor of the node.
[0060] Similarly, in this example, B2 is the predecessor node of B3 and B3 is the successor node of B2. Therefore, the second dependency relationship between B2 and B3 includes both the predecessor and the successor of the node.
[0061] In the example above, Figure 2 In the process, task flow nodes A1-A2-A3 constitute a complete first subtask flow, and task flow nodes B1-B2-B3 constitute a complete second subtask flow.
[0062] In a scenario, the first subtask flow and the second subtask flow are completely independent;
[0063] In another scenario, there is a cyclical dependency between the first subtask flow and the second subtask flow.
[0064] The embodiments of the present invention mainly consider the case where there is a periodic dependency between the first subtask flow and the second subtask flow.
[0065] For example, Figure 2 As shown, task A2 in the first subtask flow has a successor task B1, or task A3 in the first subtask flow has a successor task B2.
[0066] However, the successor or predecessor relationship between different subtask flows is significantly different from the successor or predecessor relationship between the same subtask flow.
[0067] For example, if task A2 in the first subtask flow has a successor task A3, it means that A3 will be executed immediately after task A2 is completed, or A3 will be executed every short first cycle (e.g., 30 seconds) after task A2 is completed.
[0068] Between different subtask flows, for example, if task A2 in the first subtask flow has a successor task B1, it means that after task A2 is completed, it will take a long second cycle before task B1 will be executed. For example, task B1 will be executed every 24 hours, that is, the second cycle is longer than the first cycle.
[0069] This is the situation described above where "there is a periodic dependency between the first subtask flow and the second subtask flow," meaning that the two have a certain degree of temporal independence, but are not completely independent.
[0070] This situation of different subtask flows is prominent in real-world information processing systems.
[0071] In e-commerce information systems, there exists a typical task flow execution scenario. For example, during a promotional event, there is a first sub-task flow of order processing and inventory updates, and a second sub-task flow of user consumption data analysis. In the order processing and inventory update task flow, once a customer places an order and task A2 "Order Information Confirmation" is completed, the subsequent task A3 "Inventory Deduction" will be executed immediately, or within a short first cycle (e.g., 30 seconds) after completion. This is because inventory needs to be deducted as quickly as possible after order confirmation to avoid overselling and ensure the accuracy and timeliness of transactions; the entire order processing task chain needs to be executed quickly to respond to customer needs.
[0072] In the user consumption data analysis subtask flow, after task A2 "order information confirmation" is completed in the first subtask flow, the subsequent task B1 "daily consumption data statistical analysis" will not be executed immediately. Since consumption data statistical analysis does not require real-time execution, after task A2 is completed, a longer second cycle is required, such as every 24 hours, before task B1 will be launched. This is because consumption data is continuously generated throughout the day, and sufficient data volume needs to be accumulated before unified analysis. This avoids excessive consumption of system resources and allows for more valuable analytical results based on data from the entire day. This demonstrates the cyclical dependency between different subtask flows; while they possess a certain degree of temporal independence, they are not completely independent and work together to ensure the efficient operation of the system in actual e-commerce business operations.
[0073] Take the production management system of a manufacturing enterprise as an example. Production task scheduling constitutes the first sub-task flow, and equipment maintenance arrangement is the second sub-task flow. In production task scheduling, after task A2 "parts processing completed", the subsequent task A3 "product assembly" will start immediately or within a short time (such as 30 seconds) to ensure the continuity and efficiency of production. The entire production task chain must be advanced quickly to complete the production target.
[0074] Regarding equipment maintenance scheduling, once task A2 "Daily production task completed," the subsequent task B1 "Deep equipment inspection" will be executed after a longer second cycle, such as every 7 days. This is because equipment does not require daily deep inspections; overly frequent inspections would affect production time. Performing deep inspections at longer intervals ensures stable equipment operation without causing excessive disruption to daily production. This also reflects the specific time dependencies between different sub-task flows. In actual production management scenarios, rationally planning task execution ensures the orderly operation of enterprise production.
[0075] At this point, return Figure 1 The next step of the method is to determine multiple workflow subgraphs based on the workflow feedback information.
[0076] exist Figure 2 The diagram shows two workflow subgraphs: the first workflow subgraph (A1-A2-A3) and the second workflow subgraph (B1-B2-B3).
[0077] Simultaneously, the first dependency relationship between the multiple workflow subgraphs is identified, and a secure link graph is constructed; the first dependency relationship includes dependent workflow nodes and a first dependency period; the first dependency period is greater than the second dependency period.
[0078] Figure 2 The constructed secure link graph connects different workflow subgraphs through a second dependency cycle, ensuring the secure execution of the overall task flow of the information system. In this case, the secure link graph includes multiple workflow nodes; specifically, it includes all nodes of the first and second subtask flows.
[0079] After completing the above steps, Figure 1 The method can determine the security protection strategy of the information system in the current period based on the security link diagram; the security protection strategy includes configuring a first security protection level for each workflow node.
[0080] Preferably, the first security protection level of each workflow node includes the resource access control level corresponding to each workflow node.
[0081] Continuing with the previous example, the above security protection strategies will be described in detail below.
[0082] Taking a comprehensive e-commerce information system as an example, there are two key workflow sub-graphs. The first workflow sub-graph (A1-A2-A3) is mainly responsible for the real-time order processing flow. A1 represents the order receiving task; when a user places an order, the system immediately captures the order information. A2 is the order verification task, quickly checking key information such as product inventory and user payment information. A3 is the order confirmation and shipping task; once verification is successful, the goods are quickly shipped. This workflow sub-graph emphasizes efficiency and timeliness, with each task closely linked to ensure a good customer shopping experience. The second workflow sub-graph (B1-B2-B3) focuses on user behavior data analysis, providing a basis for marketing strategy formulation. B1 is the user behavior data collection task, continuously collecting user browsing, searching, and purchasing behavior information on the platform. B2 is responsible for data cleaning and organization, removing invalid or erroneous data to standardize the data. B3 is the data analysis and report generation task, using complex algorithms to extract data value and generate user behavior analysis reports. Because data accumulation and in-depth analysis require a certain time span, the execution cycle of this workflow sub-graph is relatively long.
[0083] Analysis revealed a primary dependency between the two workflow subgraphs. For example, upon completion of task A2 (order verification) in the first workflow subgraph, it becomes a crucial source of new data for task B1 (user behavior data collection) in the second workflow subgraph; A2 and B1 are thus dependent workflow nodes. Furthermore, the timeline from A2's completion to B1 acquiring and updating the analysis involves a relatively long primary dependency cycle, such as daily data updates. This is because minor changes in order data over a short period have minimal impact on overall user behavior analysis, thus eliminating the need for frequent updates. In contrast, the secondary dependency cycle within the first workflow subgraph, from A2 to A3, is very short, potentially lasting only a few minutes, as order verification necessitates prompt shipment.
[0084] When constructing the security link graph based on these dependencies, the second dependency cycle serves as the connecting link, linking different workflow subgraphs in an orderly manner. In this e-commerce system, the security link graph starts from order receipt, proceeds through the order verification and shipping process, and then to the user behavior data collection, processing, and analysis stage, forming a complete and logically clear task flow network.
[0085] Based on this security link diagram, a security protection strategy is determined. In the first workflow sub-diagram, for the A1 order receiving node, since it directly faces user input, a high level of resource access control is configured to prevent malicious order data injection. Strict input validation rules are adopted, such as restricting the format and length of input fields and encrypting the transmission of sensitive information. For the A2 order verification node, since it involves the verification of key data such as inventory and payment, the security protection level is further enhanced. In addition to strengthening access control, a data consistency verification mechanism is added, and abnormal data changes are monitored in real time. For the A3 order confirmation and shipment node, the focus is on protecting the accuracy and integrity of the shipment operation. Appropriate resource access control is configured to prevent misoperation or illegal tampering of shipment information. In the second workflow sub-diagram, the B1 user behavior data collection node needs to ensure the comprehensiveness and security of data collection. An appropriate level of resource access control is set, and strict identity verification is performed on the data collection source to ensure the reliability of the data source. For the B2 data cleaning and processing node, to ensure the correctness of data processing and prevent data loss or malicious modification during the cleaning process, a medium-to-high level of security protection is configured, and data backup and recovery strategies are implemented. The B3 data analysis and report generation node, due to the critical importance of its output reports to enterprise decision-making, is configured with high-level security protection, restricting report access permissions to only authorized personnel for viewing and downloading. This differentiated and precise security protection configuration for each workflow node, combined with the construction of a security link graph based on the dependencies between workflow subgraphs, effectively ensures the secure and stable execution of the overall task flow of the e-commerce information system and resists various potential cybersecurity threats.
[0086] Preferably, the multiple workflow nodes of the security link graph include associated link nodes and non-associated link nodes. Associated link nodes are used to associate different workflow subgraphs, for example... Figure 2 The nodes A2-B1 and A3-B2 mentioned above; non-associated link nodes refer to nodes other than the associated link nodes, that is, nodes within each workflow subgraph that are not connected to other workflow subgraphs, for example... Figure 2 The nodes A1, A3, and B3 are mentioned above.
[0087] As a further improvement, the first security protection level of associated and unassociated link nodes in the security link graph also differs.
[0088] Taking an enterprise information system integrating production management and supply chain management as an example, this system includes a production task execution workflow sub-diagram (A1-A2-A3) and a supplier order processing workflow sub-diagram (B1-B2-B3). In the production task execution workflow sub-diagram, A1 represents the issuance of production tasks, A2 represents raw material preparation, and A3 represents product production. In the supplier order processing workflow sub-diagram, B1 represents order receipt, B2 represents order confirmation, and B3 is responsible for shipment arrangements.
[0089] Linked nodes act as bridges in system interactions, thus requiring a higher level of security protection. For example, node A2-B1, as a linked node, connects the raw material preparation task A2 in the production task execution workflow and the order receiving task B1 in the supplier order processing workflow. Because it involves data interaction between two different workflow subgraphs, an attack could lead to a disconnect between production planning and raw material supply, severely impacting enterprise production operations. Therefore, resource access control levels for this node are set extremely strictly. Regarding data transmission, advanced encryption algorithms are used to encrypt incoming and outgoing data, ensuring that data is not stolen or tampered with during transmission. For access permissions, only specific system modules and authorized personnel with multi-factor authentication are allowed access, and access behavior is audited and recorded in real time. Any abnormal access immediately triggers an alarm and blocks the operation.
[0090] Next, let's look at node A3-B2, which connects the product completion (A3) and order confirmation (B2) stages. Security at this node is equally crucial, as it affects the accuracy of the connection between production results and sales orders. At this node, in addition to implementing high-strength data encryption and strict access control, a data integrity verification mechanism is introduced. After each data interaction, the system automatically verifies the integrity of the interacting data to ensure that no data is lost or erroneous during transmission between different workflow subgraphs.
[0091] In contrast, while non-associated link nodes also require security protection, the level can be relatively lower. Taking node A1 in the production task execution workflow subgraph as an example, it is primarily responsible for issuing production tasks, operating only within this workflow subgraph and not directly interacting with other workflow subgraphs. The resource access control level configuration for node A1 mainly focuses on preventing unauthorized internal operations. For example, user role-based access permissions can be set, allowing only specific roles with production task issuance authority to operate, while limiting the number of operations by the same role within a specific time period to prevent production task chaos caused by accidental or malicious frequent operations. However, the data encryption strength is lower compared to associated link nodes; a relatively lightweight encryption algorithm is sufficient to ensure secure data storage and transmission within this workflow subgraph.
[0092] Node B3 in the supplier order processing workflow subgraph is responsible for shipment arrangements and is also a non-associated link node. Its security focus is on ensuring operational accuracy and preventing internal data leakage. Resource access controls are implemented for node B3, restricting shipment arrangement operations to authorized personnel from the logistics department, and detailed logs are recorded throughout the process for traceability. For data encryption, standard encryption methods that meet internal security requirements are used to ensure the secure flow of order shipment data within this workflow subgraph.
[0093] By differentiating the first security protection level for associated and unassociated link nodes in the security link diagram, resources can be concentrated to protect key interactive links in the system, and security resources can be rationally allocated to ensure that the entire information system is effectively protected at different levels, thereby improving the overall security and stability of the system and better responding to complex and ever-changing cybersecurity threats.
[0094] exist Figures 1-2 Based on this, see further Figure 3 . Figure 3 This diagram illustrates the relationship between the workflow sub-graph, sub-containers, and main container in the technical solution of this invention.
[0095] In information system security, containers primarily serve functions such as environment isolation, resource limitation and allocation, secure application deployment and management, and data security protection. In related technologies, container security is mainly achieved through the isolation and independence of resources within each container.
[0096] However, in the scenario of this invention, although different workflows are relatively independent, there are still long-term dependencies between them. In this case, simply using independent containers for isolation would prevent these dependencies from being maintained, and forcibly enabling communication between different containers would require changing the underlying security logic of the containers.
[0097] Therefore, as a further improved embodiment of the present invention, the information system includes at least one main container; after determining multiple workflow subgraphs, the main container creates multiple sub-containers based on the workflow subgraphs; each sub-container corresponds to one workflow subgraph.
[0098] Continuing with the above example, the security link graph includes at least a first workflow subgraph and a second workflow subgraph; the first workflow subgraph runs in a first sub-container, and the second workflow subgraph runs in a second sub-container; the first sub-container and the second sub-container interact with each other through a main container.
[0099] Taking an e-commerce system as an example, the system might have a first workflow subgraph (A1-A2-A3) for handling instant transactions. A1 receives order information, A2 verifies order validity and inventory, and A3 confirms the order and ships the goods. There's also a second workflow subgraph (B1-B2-B3) for analyzing long-term user behavior. B1 continuously collects user browsing and purchasing data, B2 cleans and organizes the collected data, and B3 uses complex algorithms for in-depth analysis and generates reports. Once the main container recognizes these two workflow subgraphs, it will create the first and second sub-containers respectively.
[0100] The principle behind the process of the main container creating child containers is as follows:
[0101] First, the main container allocates necessary computing resources, such as CPU cores and memory capacity, to each child container from its own resource pool. Taking the first child container as an example, given the extremely high real-time requirements of the order processing workflow, the main container may allocate relatively more CPU resources to it to ensure that tasks such as order verification and shipping can be executed quickly, avoiding processing delays due to insufficient resources and affecting user experience. Simultaneously, the main container builds an independent runtime environment for the child containers, including file systems and network configurations. Regarding the file system, the first child container will have independent storage space to store order-related data files, log files, etc., ensuring data security and integrity and preventing conflicts with data from other child containers.
[0102] In terms of network configuration, each sub-container is assigned an independent IP address or port, isolating them at the network layer and reducing the risk of external attacks. For example, the order processing service in the first sub-container can be bound to a specific port, accepting only network requests from the e-commerce platform's front-end server and related payment interface servers, while other irrelevant network traffic is blocked. Furthermore, the main container loads the necessary basic software and dependency libraries for the sub-containers to run. For the order processing workflow in the first sub-container, the main container ensures that its required database connection drivers, data encryption libraries, and other dependencies are correctly installed and configured, guaranteeing the smooth operation of the workflow subgraph.
[0103] The first workflow subgraph runs in the first sub-container, and the second workflow subgraph runs in the second sub-container, with data interaction between them implemented through the main container. The main container has a dedicated data interaction mechanism, a common approach being message queues. When the order processing workflow in the first sub-container completes the A2 order verification task, the generated data, such as order amount, product information, and user address, is encapsulated into messages of a specific format. These messages are sent to the message queue maintained by the main container, which temporarily stores this data awaiting transmission according to a first-in, first-out (FIFO) principle.
[0104] The second sub-container periodically reads messages related to its user behavior analysis workflow from the message queue. For example, during specific times of the day, the second sub-container proactively pulls new order data accumulated that day from the message queue. This data serves as an important basis for analyzing users' recent consumption behavior. In this way, the first and second sub-containers achieve cross-container data interaction while avoiding the security risks and complexities of direct communication.
[0105] During data transmission, the main container also performs a series of data verification and security checks. For data sent from the first child container to the message queue, the main container verifies the data's integrity, for example, by calculating the data's hash value to ensure that the data has not been tampered with during transmission. When the second child container reads data, the main container checks the second child container's access permissions; only authorized child containers can obtain the corresponding data, further ensuring the data security of the information system.
[0106] This approach, which involves creating sub-containers from a main container and having the main container coordinate data interaction between sub-containers, can fully utilize the isolation characteristics of containers to ensure the independent and secure operation of each workflow subgraph, while also enabling necessary data sharing and collaboration between different workflow subgraphs. This provides solid support for the efficient and stable operation of information systems in complex business scenarios.
[0107] Based on this, the security protection strategy also includes:
[0108] Configure a second security protection level for each of the sub-containers. The second security protection level for each sub-container includes the identity access verification level corresponding to each sub-container.
[0109] In the information system security architecture constructed in this invention, the communication mechanism of sub-containers and the configuration of different security protection levels are key to ensuring stable system operation and data security. Taking an e-commerce information system that integrates order processing and user data analysis as an example, the system includes a first workflow sub-graph (A1-A2-A3) responsible for real-time order processing, running in the first sub-container; and a second workflow sub-graph (B1-B2-B3) focusing on user data analysis, running in the second sub-container. The two sub-graphs interact with each other through the main container.
[0110] The main container plays a central role in communication between sub-containers. After the order processing workflow in the first sub-container completes the A2 order verification task, the generated data needs to be passed to the second sub-container for subsequent user behavior analysis. At this point, the main container intervenes to coordinate. The main container has a dedicated data exchange channel that operates based on a message queue mechanism. The first sub-container encapsulates the data into messages of a specific format and sends them to the main container's message queue, which temporarily stores these messages in a first-in, first-out (FIFO) order. The second sub-container periodically reads relevant messages from the message queue to obtain the necessary data, thus enabling data transfer across sub-containers.
[0111] For example, during e-commerce promotional events, order volume surges, and the first sub-container continuously generates order verification data. This data is quickly sent to the main container's message queue. The second sub-container then continuously pulls data from the queue based on its processing capacity, ensuring the continuity of data analysis and preventing processing delays or data loss due to data transmission issues.
[0112] Specifically, an example of configuring security protection levels for different sub-containers is described below:
[0113] First sub-container (order processing): Because order processing involves user privacy information (such as name, address, payment information, etc.) as well as the accuracy and timeliness of transactions, the security requirements are extremely high. Therefore, a higher level of second security protection is configured.
[0114] Access verification level: A multi-factor authentication mechanism is employed. In addition to requiring operators to enter their username and password, identity verification is also confirmed through additional factors such as mobile phone verification codes or fingerprint recognition. For example, when a system administrator logs into the first sub-container for maintenance operations, besides entering the correct account and password, they must also obtain a dynamic verification code from their linked mobile phone and enter it. Access is granted only after both verifications are successful.
[0115] At the network access level, a strict whitelist policy is implemented. Only specific server IP addresses and internal network segments are allowed to access the first sub-container. For example, only the core business servers of the e-commerce platform and the IP addresses of the internal operations management network are on the whitelist; access requests from other external IP addresses will be directly blocked, effectively preventing unauthorized external intrusion.
[0116] Second sub-container (user data analytics): While user data analytics is equally important, its data sensitivity and real-time requirements are slightly lower than those of order processing. Therefore, a moderate second level of security protection is configured.
[0117] Identity access verification levels: Role-based access control (RBAC) is used. Employees are assigned appropriate roles based on their job functions, such as data analyst and data auditor, with each role having specific access permissions. For example, a data analyst can only read and process user behavior data, but cannot delete or modify it; a data auditor, on the other hand, has higher privileges and can review and confirm analysis results.
[0118] Regarding network access, a relatively lenient firewall policy is adopted. Access requests from multiple related internal department networks are allowed, while access traffic is monitored and restricted to prevent performance degradation of sub-containers due to a large number of concurrent accesses. For example, the networks of departments such as Marketing and Operations can access the second sub-container to obtain data analysis reports, but if the access traffic of a certain department increases abnormally in a short period of time, the firewall will automatically limit the access rate of that department to ensure the stable operation of the sub-container. Through this communication mechanism design for different sub-containers and differentiated security protection level configuration, the data interaction needs between different workflow subgraphs can be met, and the information system can be effectively protected at different security requirement levels to resist various potential network security threats, ensuring the stable and secure operation of the e-commerce information system in a complex and ever-changing network environment.
[0119] exist Figures 1-3 Based on the method implementation examples introduced, Figure 4 This diagram illustrates the hardware unit composition of an information system security protection system based on dynamic feedback, according to an embodiment of the present invention.
[0120] The system includes:
[0121] A workflow feedback information acquisition unit is used to acquire workflow feedback information within the current cycle of the information system.
[0122] A workflow subgraph determination unit is used to determine multiple workflow subgraphs based on the workflow feedback information;
[0123] The sub-container creation unit is used to create multiple sub-containers, each of which corresponds to a workflow subgraph.
[0124] The security link graph construction unit is used to identify the first dependency relationship between the multiple workflow subgraphs and construct the security link graph.
[0125] A security protection strategy determination unit is used to determine the security protection strategy of the information system in the current period based on the security link diagram.
[0126] The security link diagram includes multiple workflow nodes;
[0127] The security protection strategy includes configuring a first security protection level for each workflow node and a second security protection level for each sub-container.
[0128] The information system includes at least one main container;
[0129] After determining multiple workflow subgraphs, the main container creates multiple sub-containers based on the workflow subgraphs; different sub-containers interact with each other through the main container.
[0130] The first security protection level of each workflow node includes the resource access control level corresponding to each workflow node;
[0131] The second security protection level for each sub-container includes the identity access verification level corresponding to each sub-container.
[0132] Although not shown in the accompanying drawings, a preferred and more common product embodiment may also be an electronic device comprising: a memory and one or more processors. The memory stores one or more application programs adapted to be executed by the one or more processors, as described above, a dynamic feedback-based information system security protection method.
[0133] Although not shown in the accompanying drawings, more embodiments also include a computer-readable storage medium storing a computer program that, when executed, implements the steps of the aforementioned information system security protection method based on dynamic feedback.
[0134] It is understood that the system, product, equipment, and media implementation examples and method implementations correspond to each other and can be referenced by each other, and their principles are similar or the same, so they will not be elaborated again.
[0135] It is understood that although the above embodiments often use e-commerce systems or production systems as examples, the information system of the present invention is not limited to these. Security processing and protection for any other information system involving multi-task flow processing can refer to similar methods. The scope of protection of the present invention is determined by the contents of the claims.
[0136] Other technologies, principles, algorithms, or models not elaborated in detail in this application can be found in the prior art.
[0137] To address the shortcomings of traditional static protection methods, such as lagging performance and inability to handle complex attacks, the technical solution of this invention utilizes a workflow feedback information acquisition unit to monitor system operation in real time, providing precise data for protection strategy formulation. The workflow subgraph determination and subcontainer creation unit refines the system into multiple subgraphs and corresponding subcontainers, facilitating targeted protection and enhancing its precision. The security link graph construction unit organizes subgraph dependencies to construct a security link graph, making the system's security structure readily apparent. Based on this, the security protection strategy determination unit configures workflow node resource access control levels and subcontainer identity access verification levels, achieving tiered protection. This enhances the protection of key nodes and areas, improves the overall system security capabilities, and effectively resists complex network attacks.
[0138] After applying the technical solution of this invention to multiple different types of information systems, the advantages and improvements of this invention compared to the prior art are at least reflected in the following aspects:
[0139] Efficient Task Isolation and Collaboration: The solution innovatively creates multiple sub-containers from a main container, each corresponding to a workflow subgraph, achieving effective task isolation. Taking an e-commerce system as an example, the order processing workflow and the user data analysis workflow run in different sub-containers without interference, preventing the failure or attack of one workflow from affecting other workflows and significantly improving system stability. Simultaneously, sub-containers interact with each other through the main container, enabling necessary data sharing and collaboration between different workflows while maintaining isolation. This ensures the smooth execution of the overall task flow of the information system and meets the dual requirements of task isolation and collaboration in complex business scenarios.
[0140] Flexible and precise security protection: In terms of security protection, this solution configures a first security protection level for each workflow node and a second security protection level for each sub-container. Furthermore, different security levels are set for related and unrelated link nodes, achieving multi-layered and refined security management. For example, critical nodes that are linked across different workflow subgraphs, such as the raw material preparation and order receiving nodes in a production management and supply chain management system, are given a higher level of security protection due to their importance and vulnerability, including strict access control, high-strength data encryption, and real-time security auditing. For unrelated link nodes, corresponding security protection levels are rationally configured based on their roles and risk levels within their respective workflow subgraphs. This differentiated and precise security configuration strategy can concentrate resources on protecting key links while avoiding resource waste from over-protection, greatly improving the overall security of the system.
[0141] Excellent adaptability and scalability: This technical solution demonstrates excellent adaptability when facing complex and diverse dependencies between different workflows, especially long-term dependencies. It breaks through the limitations of traditional independent container isolation that makes dependency management difficult, cleverly solving this problem by coordinating data interaction between sub-containers through the main container. Furthermore, as business grows and the information system expands, when new workflow subgraphs need to be added, the main container can easily create corresponding sub-containers based on the new workflow subgraphs and integrate them into the existing security link graph, achieving smooth system expansion. Simultaneously, in terms of technology upgrades, this solution has a flexible architecture, easily introducing new security technologies and protection mechanisms, continuously improving the system's security capabilities to adapt to the increasingly complex and ever-changing network security environment.
[0142] The foregoing has shown and described the method embodiments and systems of the present invention, but it will be understood by those skilled in the art that various changes, modifications, substitutions and variations can be made to these embodiments without departing from the principles and spirit of the present invention, the scope of which is defined by the appended claims and their equivalents.
Claims
1. A dynamic feedback based information system security protection method, characterized in that, The method includes the following steps: Obtain workflow feedback information for the current cycle of the information system; Multiple workflow subgraphs are determined based on the workflow feedback information; Identify the first dependencies between the multiple workflow subgraphs and construct a security link graph; Based on the security link diagram, determine the security protection strategy for the information system in the current period; The security link diagram includes multiple workflow nodes; The security protection strategy includes configuring a first security protection level for each of the workflow nodes; The workflow feedback information includes the number of nodes in each workflow and the second dependency relationship between the nodes; The second dependency relationship includes a node predecessor or successor, and a second dependency period; The information system includes at least one main container; After determining multiple workflow subgraphs, the main container creates multiple sub-containers based on the workflow subgraphs; in terms of network configuration, each sub-container is assigned an independent IP address or port; The security link graph includes at least a first workflow subgraph and a second workflow subgraph; The first workflow subgraph runs in the first sub-container, and the second workflow subgraph runs in the second sub-container; The first and second sub-containers interact with each other through the main container; Each sub-container corresponds to a workflow subgraph; The security protection strategy also includes: Configure a second security protection level for each of the sub-containers; The first dependency relationship includes the dependent workflow node and the first dependency cycle; The first dependency period is longer than the second dependency period.
2. A dynamic feedback based information system security protection system, characterized in that, The system includes: A workflow feedback information acquisition unit is used to acquire workflow feedback information within the current cycle of the information system. A workflow subgraph determination unit is used to determine multiple workflow subgraphs based on the workflow feedback information; The sub-container creation unit is used to create multiple sub-containers, each of which corresponds to a workflow subgraph. The information system includes at least one main container; After determining multiple workflow subgraphs, the main container creates multiple sub-containers based on the workflow subgraphs; different sub-containers interact with each other through the main container; in terms of network configuration, each sub-container is assigned an independent IP address or port. The security link graph construction unit is used to identify the first dependency relationship between the multiple workflow subgraphs and construct the security link graph. A security protection strategy determination unit is used to determine the security protection strategy of the information system in the current period based on the security link diagram. The security link diagram includes multiple workflow nodes; The security protection strategy includes configuring a first security protection level for each workflow node and a second security protection level for each sub-container; The workflow feedback information includes the number of nodes in each workflow and the second dependency relationship between the nodes; The second dependency relationship includes a node predecessor or successor, and a second dependency period; The first dependency relationship includes the dependent workflow node and the first dependency cycle; The first dependency period is longer than the second dependency period.
3. The information system security protection system based on dynamic feedback as described in claim 2, characterized in that, The first security protection level of each workflow node includes the resource access control level corresponding to each workflow node; The second security protection level for each sub-container includes the identity access verification level corresponding to each sub-container.
4. A computer-readable storage medium storing program code for implementing containerized workflow management, wherein when the program code is executed by a processor, the information system security protection method based on dynamic feedback as described in claim 1 is implemented.