Method for managing controlled data sandbox based on access connector
By creating a controlled data sandbox through the access connector and injecting data access methods, the problem of insufficient dynamic control and unified auditing in the existing data sandbox management is solved, thereby improving the security, controllability and auditability of the data usage process.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- BEIJING TOPSEC NETWORK SECURITY TECH
- Filing Date
- 2026-03-16
- Publication Date
- 2026-06-19
AI Technical Summary
Existing data sandbox technology lacks dynamic control and unified auditing capabilities during data usage, making it difficult to effectively manage the data usage process. In particular, when data usage strategies are changed or terminated, it relies on manual intervention, resulting in insufficient security, controllability, and auditability.
By receiving data usage requests through the access connector, performing identity authentication and policy acquisition, creating a controlled data sandbox, and injecting controlled data access methods, the system achieves linkage control between the data sandbox and the access authorization process, including verification of usage purpose, scope, timeliness, and frequency, providing temporary data access credentials and data access proxy nodes, and monitoring and recording data usage behavior.
It enables dynamic control and unified auditing of the data usage process, improves the security, controllability and auditability of data usage, avoids uncontrolled copying of data, and enhances the real-time control capability of data access.
Smart Images

Figure CN122241688A_ABST
Abstract
Description
Technical Field
[0001] This application relates to the field of data security, specifically to a controlled data sandbox management method based on an access connector. Background Technology
[0002] With the continuous development of data element circulation and data sharing applications, data sandboxes have become an important means of ensuring secure data circulation. They provide isolated data processing environments for data users to reduce security risks during data sharing and use. However, existing data sandbox technologies mainly focus on the isolation capabilities of the operating environment itself, lacking sufficient support for access control, usage control, and lifecycle management during data use. Traditional data sandbox management methods typically adopt a creation-then-authorization walkthrough model. The creation process is usually independent of the data access authorization process. When data usage policies change or data usage needs to be terminated, manual intervention is often required, making it difficult to achieve dynamic control and unified auditing of the data usage process. Therefore, there are still shortcomings in terms of the security, controllability, and auditability of data use. Summary of the Invention
[0003] The purpose of this application is to provide a controlled data sandbox management method based on access connectors.
[0004] To achieve the above objectives, the first aspect of this application provides a controlled data sandbox management method based on access connectors, applied to access connectors in a trusted data space, comprising: Receive data usage requests initiated by data users, and the data usage requests shall include at least the data asset identifier of the target data asset; Authenticate the identity of the data user; Once identity authentication is successful, the data usage strategy for the target data asset is obtained based on the data asset identifier. The data usage request is subject to usage control verification according to the data usage policy. The usage control verification includes at least one of the following: usage purpose verification, usage scope verification, usage timeliness verification, and usage frequency verification. If the control verification passes, a controlled data sandbox corresponding to the data usage request is created according to the data usage policy; Inject controlled data access methods into the controlled data sandbox, where the target data asset itself does not enter the controlled data sandbox in the form of a copy, but is accessed in the controlled data sandbox through controlled data access methods.
[0005] In this embodiment of the application, injecting controlled data access methods into the controlled data sandbox includes: generating a temporary data access credential associated with the target data asset based on the data usage policy, wherein the content bound to the temporary data access credential includes the data asset identifier, the data source type of the target data asset, the allowed access operations, the scope of use, the validity period, and the identification information of the controlled data sandbox; and injecting the temporary data access credential into the controlled data sandbox.
[0006] In this embodiment of the application, the method further includes: when a temporary data access credential becomes invalid upon receiving a revocation, supervision, or emergency control instruction for data usage policy issued by a trusted data space.
[0007] In this embodiment of the application, injecting controlled data access methods into the controlled data sandbox further includes: configuring the access connector as a data access proxy node; receiving data access requests from the controlled data sandbox; after verifying the data access request based on data usage authorization or temporary access credentials, forwarding the data access request to the corresponding data source system; receiving response data returned by the data source system, and returning the response data to the controlled data sandbox.
[0008] In this embodiment of the application, injecting controlled data access methods into the controlled data sandbox further includes: creating a controlled access path in the controlled data sandbox corresponding to the target data asset; and mapping the controlled access path to the policy read-only data interface of the target data asset to provide a data access interface to the controlled data sandbox.
[0009] In this embodiment of the application, the method further includes: monitoring and recording the data usage behavior in the controlled data sandbox when the data user uses the target data asset, wherein the data usage behavior includes at least data access operations, data calculation operations and result output operations.
[0010] In this embodiment of the application, the method further includes: destroying or recycling the controlled data sandbox in any of the following situations: the target data asset is used up, the data usage policy becomes invalid, the data usage policy is revoked, or an emergency control instruction is received.
[0011] In this embodiment of the application, the destruction or recycling of the controlled data sandbox includes: revoking the access credentials of the controlled data sandbox and deleting the temporary data in the controlled data sandbox.
[0012] A second aspect of this application provides a controlled data sandbox management device based on an access connector, comprising: The memory is configured to store instructions; The processor is configured to retrieve instructions from memory and, when executing instructions, to implement the aforementioned controlled data sandbox management method based on the access connector.
[0013] In the third aspect of the present application, an access connector is provided, including the above-mentioned controlled data sandbox management device based on the access connector.
[0014] In the fourth aspect of the present application, a machine-readable storage medium is provided, on which instructions are stored. When the instructions are executed by a processor, the processor is configured to execute the above-mentioned controlled data sandbox management method based on the access connector.
[0015] Through the above technical solution, after receiving a data usage request initiated by a data usage subject, the identity of the data usage subject is verified. If the identity authentication is passed, the data usage policy of the target data asset is obtained, and the data usage request is subjected to usage control verification based on the data usage policy. If the usage control verification is passed, a controlled data sandbox corresponding to the data usage request is created according to the data usage policy, and a controlled data access method is injected into the controlled data sandbox. Taking the access connector as a unified control execution node, the linkage control of the data sandbox creation process and the data access authorization process is realized, and the dynamic control and unified auditing of the data usage process can be achieved, improving the security, controllability, and auditability of data usage.
[0016] Other features and advantages of the embodiments of the present application will be described in detail in the subsequent specific implementation part. Brief Description of the Drawings
[0017] The drawings are used to provide a further understanding of the embodiments of the present application and constitute a part of the specification. Together with the following specific implementation, they are used to explain the embodiments of the present application, but do not constitute a limitation to the embodiments of the present application. In the drawings: Figure 1 A schematic flowchart of the controlled data sandbox management method based on the access connector; Figure 2 A schematic diagram showing the internal structure of the computer device in the embodiment of the present application. Detailed Description of the Embodiments
[0018] To make the objectives, technical solutions, and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below in conjunction with the drawings in the embodiments of the present application. It should be understood that the specific implementation described here is only used to illustrate and explain the embodiments of the present application and does not limit the embodiments of the present application. Based on the embodiments in the present application, all other embodiments obtained by those of ordinary skill in the art without creative efforts shall fall within the protection scope of the present application.
[0019] Figure 1The illustration schematically shows a flowchart of a controlled data sandbox management method based on an access connector according to an embodiment of this application. Figure 1 As shown in one embodiment of this application, a controlled data sandbox management method based on access connectors is provided, applied to access connectors in a trusted data space, including the following steps: Step 101: Receive a data usage request initiated by the data user entity. The data usage request shall include at least the data asset identifier of the target data asset.
[0020] Step 102: Authenticate the identity of the data user.
[0021] Step 103: If identity authentication is successful, obtain the data usage strategy of the target data asset based on the data asset identifier.
[0022] Step 104: Perform usage control verification on the data usage request according to the data usage policy. The usage control verification includes at least one of the following: usage purpose verification, usage scope verification, usage timeliness verification, and usage frequency verification.
[0023] Step 105: If the control verification passes, create a controlled data sandbox corresponding to the data usage request according to the data usage policy.
[0024] Step 106: Inject controlled data access methods into the controlled data sandbox. The target data asset itself does not enter the controlled data sandbox in the form of a copy, but is accessed in the controlled data sandbox through controlled data access methods.
[0025] The Trusted Data Space is a data circulation and utilization infrastructure based on consensus rules, connecting multiple entities to achieve data resource sharing and utilization. The access connector is a logical component used for authentication, policy acquisition, and the creation and management of data sandboxes. The access connector can receive data usage requests initiated by data users, which can be application systems, algorithms, or user terminals. The data usage request includes at least the data asset identifier of the target data asset and data usage requirement information. Specifically, the data asset identifier is a globally unique identifier corresponding to each data asset in the Trusted Data Space. Then, the access connector can authenticate the data user, specifically through digital certificate authentication, key authentication, or access token authentication. If authentication is successful, the access connector can obtain the data usage policy of the target data asset based on the data asset identifier. The data usage policy is the product usage method specified when the data asset is listed on the Trusted Data Space service platform. For example, in one embodiment, the data usage policy includes at least the data asset's user entity, usage environment, usage restrictions, and data out-of-domain restrictions. Furthermore, the access connector can perform usage control verification on the data usage request according to the data usage policy, and reject the data usage request if the usage control verification fails. The usage control verification includes at least one of the following: usage purpose verification, usage scope verification, usage duration verification, and usage frequency verification. If the usage control verification passes, the access connector can create a controlled data sandbox corresponding to the data usage request based on the data usage policy. The controlled data sandbox is an isolated operating environment used to limit the boundaries of data usage behavior. Furthermore, the access connector can inject controlled data access methods into the controlled data sandbox, ensuring that data assets can only be accessed within the controlled data sandbox environment. Specifically, the target data asset itself does not enter the controlled data sandbox in the form of a copy, but is accessed within the controlled data sandbox through controlled data access methods.
[0026] In one embodiment, injecting controlled data access methods into a controlled data sandbox includes: generating a temporary data access credential associated with a target data asset based on a data usage policy. The temporary data access credential includes a data asset identifier, the data source type of the target data asset, allowed access operations, scope of use, time-to-live (TTL), and identification information of the controlled data sandbox; and injecting the temporary data access credential into the controlled data sandbox. For example, the data source type can be a database, an application programming interface (API), or a data vault; allowed access operations can be read, query, or calculation; and the scope of use can be a table, interface, or graph. Specifically, in one embodiment, an access connector generates a temporary data access credential associated with the target data asset based on a data usage policy. The temporary data access credential is configured to have time-limited information. A data user can use this temporary data access credential to access the target data asset through the data access proxy module of the access connector. During data access, the access connector can verify the validity of the temporary data access credential. If the temporary data access credential exceeds its validity period or is revoked, the data user's access to the target data asset is blocked. Specifically, within the data sandbox, the access component checks the expiration date of each temporary data access credential. If it has expired, access is denied. Data access within the data sandbox must pass through the proxy channel provided by the access connector, which checks the validity of the credential. If valid, the data access request is forwarded; otherwise, access is denied. Injecting temporary data access credentials into the controlled data sandbox environment is suitable for high-performance data access. The access connector does not need to perform a full usage policy verification for each data access. Instead, it achieves automatic detection and enforcement of credential expiration or invalidation through credential self-contained expiration date, proxy channel verification, and proactive credential revocation mechanisms.
[0027] In one embodiment, the method further includes: upon receiving a revocation, oversight, or emergency control instruction for data usage policy issued by the trusted data space, the temporary data access credential becomes invalid. Specifically, when injecting a temporary data access credential into the controlled data sandbox, the access connector retains a control handle to reclaim the temporary data access credential upon receiving a revocation, oversight, or emergency control instruction for data usage policy issued by the trusted data space.
[0028] In one embodiment, injecting controlled data access methods into a controlled data sandbox further includes: configuring the access connector as a data access proxy node; receiving data access requests from the controlled data sandbox; after verifying the data access request based on data usage authorization or temporary access credentials, forwarding the data access request to the corresponding data source system; receiving response data returned by the data source system, and returning the response data to the controlled data sandbox. In this embodiment, the data sandbox does not directly establish an access connection with the data source system, but instead completes the initiation and response of data access requests through the access connector, thereby placing data access traffic under the control of the access connector. The access connector can uniformly control and audit data access behavior during data usage, and restrict or block data access requests when necessary. For highly sensitive data access, the access connector needs to perform a complete usage policy verification for each data access.
[0029] In one embodiment, injecting controlled data access methods into the controlled data sandbox further includes: creating a controlled access path corresponding to the target data asset within the controlled data sandbox; mapping the controlled access path to the read-only data interface of the target data asset, thereby providing a data access interface to the controlled data sandbox through interface mounting. The controlled access path is created, maintained, and revoked by the access connector. Data access operations within the data sandbox can only access the target data through the controlled access path; access paths not authorized by the access connector cannot be established within the data sandbox. By providing a read-only data access interface to the controlled data sandbox environment, the target data does not need to enter the data sandbox in duplicate. The data sandbox provides read-only access to the target data through the controlled access path, thereby ensuring data availability while reducing the risk of data leakage.
[0030] In one embodiment, the access connector can select any of the aforementioned methods for injecting controlled data access into the controlled data sandbox, based on the data type, data sensitivity level, data usage scenario, or data usage strategy of the target data asset, or switch between different methods during data usage. For example, in one embodiment, data access capabilities are provided to the data sandbox in the early stages of data usage through a data injection method based on temporary data access credentials. During data usage, the method is switched to a connector-proxy-based data injection method according to control requirements, thereby enhancing the real-time control capability over data access behavior.
[0031] In one embodiment, the controlled data sandbox management method based on the access connector further includes: monitoring and recording the data usage behavior in the controlled data sandbox when the data user uses the target data asset. Specifically, the data usage behavior includes at least data access operations, data calculation operations, and result output operations.
[0032] In one embodiment, the controlled data sandbox management method based on the access connector further includes: destroying or reclaiming the controlled data sandbox in any of the following situations: the target data asset is no longer in use, the data usage policy expires, the data usage policy is revoked, or an emergency control instruction is received. Specifically, destroying or reclaiming the controlled data sandbox includes: revoking the access credentials of the controlled data sandbox and deleting temporary data in the controlled data sandbox.
[0033] Through the above embodiments, upon receiving a data usage request initiated by a data user, the identity of the data user is verified. If the identity authentication is successful, the data usage policy of the target data asset is obtained, and the data usage request is validated for usage control based on the data usage policy. If the usage control validation is successful, a controlled data sandbox corresponding to the data usage request is created according to the data usage policy, and controlled data access methods are injected into the controlled data sandbox. By using the access connector as a unified control execution node, the linkage control between the data sandbox creation process and the data access authorization process is realized, enabling time-limited control and dynamic revocation of data usage permissions. Furthermore, the authorized use of data within the data sandbox prevents uncontrolled data copying. Unified control over data access paths and access behaviors enables dynamic control and unified auditing of the data usage process, improving the security, controllability, and auditability of data usage.
[0034] Figure 1 This is a flowchart illustrating a controlled data sandbox management method based on an access connector in one embodiment. It should be understood that, although... Figure 1 The steps in the flowchart are shown sequentially as indicated by the arrows, but these steps are not necessarily executed in the order indicated by the arrows. Unless otherwise explicitly stated herein, there is no strict order in which these steps are executed, and they can be performed in other orders. Figure 1 At least some of the steps in the process may include multiple sub-steps or multiple stages. These sub-steps or stages are not necessarily completed at the same time, but can be executed at different times. The execution order of these sub-steps or stages is not necessarily sequential, but can be executed in turn or alternately with other steps or at least some of the sub-steps or stages of other steps.
[0035] In one embodiment, a controlled data sandbox management device (not shown) based on an access connector is provided, comprising: The memory is configured to store instructions; The processor is configured to retrieve instructions from memory and, when executing instructions, to implement the aforementioned controlled data sandbox management method based on the access connector.
[0036] The controlled data sandbox management device based on the access connector includes a processor and a memory. The processor contains a kernel, which retrieves the corresponding program units from the memory. One or more kernels can be configured, and the controlled data sandbox management method based on the access connector can be implemented by adjusting the kernel parameters.
[0037] The memory may include non-permanent memory in computer-readable media, such as random access memory (RAM) and / or non-volatile memory, such as read-only memory (ROM) or flash RAM, and the memory includes at least one memory chip.
[0038] In one embodiment, an access connector is provided, including the aforementioned controlled data sandbox management device based on the access connector. Specifically, in one embodiment, the access connector includes an identity authentication module, a usage control module, a sandbox management module, a data access proxy module, and an audit logging module. The identity authentication module is used to authenticate the data user, the usage control module is used to perform usage control verification according to the data usage policy, the sandbox management module is used to create, manage, and destroy the controlled data sandbox environment, the data access proxy module is used to provide controlled data access methods to the controlled data sandbox environment, and the audit logging module is used to record data usage behavior.
[0039] This application provides a storage medium storing a program that, when executed by a processor, implements the aforementioned controlled data sandbox management method based on an access connector.
[0040] This application provides a processor for running a program, wherein the program executes the above-described controlled data sandbox management method based on an access connector.
[0041] In one embodiment, a computer device is provided, which may be a server, and its internal structure diagram may be as follows: Figure 2 As shown, the computer device includes a processor A01, a network interface A02, and a memory (not shown) connected via a system bus. The processor A01 provides computing and control capabilities. The memory includes internal memory A03 and a non-volatile storage medium A04. The non-volatile storage medium A04 stores an operating system B01 and a computer program B02. The internal memory A03 provides an environment for the operation of the operating system B01 and the computer program B02 stored in the non-volatile storage medium A04. The network interface A02 is used for communication with external terminals via a network connection. When executed by the processor A01, the computer program B02 implements a controlled data sandbox management method based on an access connector.
[0042] Those skilled in the art will understand that Figure 2 The structure shown is merely a block diagram of a portion of the structure related to the present application and does not constitute a limitation on the computer device to which the present application is applied. Specific computer devices may include more or fewer components than those shown in the figure, or combine certain components, or have different component arrangements.
[0043] This application provides a computer (electronic) device, which includes a processor, a memory, and a program stored in the memory and executable on the processor. When the processor executes the program, it implements the steps of any of the above-mentioned controlled data sandbox management methods based on access connectors.
[0044] This application also provides a computer program product that, when executed on a data processing device, is adapted to perform the initialization steps of a controlled data sandbox management method based on an access connector.
[0045] Those skilled in the art will understand that embodiments of this application can be provided as methods, systems, or computer program products. Therefore, this application can take the form of a completely hardware embodiment, a completely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, this application can take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) containing computer-usable program code.
[0046] This application is described with reference to flowchart illustrations and / or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of this application. It will be understood that each block of the flowchart illustrations and / or block diagrams, and combinations of blocks in the flowchart illustrations and / or block diagrams, can be implemented by computer program instructions. These computer program instructions can be provided to a processor of a general-purpose computer, special-purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, generate instructions for implementing the process. Figure 1 One or more processes and / or boxes Figure 1 A device that provides the functions specified in one or more boxes.
[0047] These computer program instructions may also be stored in a computer-readable storage medium that can direct a computer or other programmable data processing device to function in a particular manner, such that the instructions stored in the computer-readable storage medium produce an article of manufacture including instruction means, which are implemented in a process Figure 1 One or more processes and / or boxes Figure 1 The function specified in one or more boxes.
[0048] These computer program instructions may also be loaded onto a computer or other programmable data processing equipment to cause a series of operational steps to be performed on the computer or other programmable equipment to produce a computer-implemented process, thereby providing instructions that execute on the computer or other programmable equipment for implementing the process. Figure 1 One or more processes and / or boxes Figure 1 The steps of the function specified in one or more boxes.
[0049] In a typical configuration, a computing device includes one or more processors (CPU), input / output interfaces, network interfaces, and memory.
[0050] Memory may include non-persistent memory in computer-readable media, such as random access memory (RAM) and / or non-volatile memory, such as read-only memory (ROM) or flash RAM. Memory is an example of computer-readable media.
[0051] Computer-readable media includes both permanent and non-permanent, removable and non-removable media that can store information using any method or technology. Information can be computer-readable instructions, data structures, modules of programs, or other data. Examples of computer storage media include, but are not limited to, phase-change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random access memory (RAM), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), flash memory or other memory technologies, CD-ROM, digital versatile optical disc (DVD) or other optical storage, magnetic tape, magnetic magnetic disk storage or other magnetic storage devices, or any other non-transferable medium that can be used to store information accessible by a computing device. As defined herein, computer-readable media does not include transient computer-readable media, such as modulated data signals and carrier waves.
[0052] It should also be noted that the terms "comprising," "including," or any other variations thereof are intended to cover non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements includes not only those elements but also other elements not expressly listed, or elements inherent to such process, method, article, or apparatus. Unless otherwise specified, an element defined by the phrase "comprising one..." does not exclude the presence of other identical elements in the process, method, article, or apparatus that includes that element.
[0053] The above are merely embodiments of this application and are not intended to limit the scope of this application. Various modifications and variations can be made to this application by those skilled in the art. Any modifications, equivalent substitutions, improvements, etc., made within the spirit and principles of this application should be included within the scope of the claims of this application.
Claims
1. An access connector based controlled data sandbox management method, characterized by, The method is applied to access connectors in a trusted data space, including: Receive a data usage request initiated by a data user, wherein the data usage request includes at least the data asset identifier of the target data asset; The identity of the entity using the data is authenticated; If identity authentication is successful, the data usage strategy of the target data asset is obtained based on the data asset identifier; The data usage request is subject to usage control verification according to the data usage policy, wherein the usage control verification includes at least one of the following: usage purpose verification, usage scope verification, usage timeliness verification, and usage frequency verification. If the data usage control verification passes, a controlled data sandbox corresponding to the data usage request is created according to the data usage policy. A controlled data access method is injected into the controlled data sandbox, wherein the target data asset itself does not enter the controlled data sandbox in the form of a copy, but is accessed in the controlled data sandbox through the controlled data access method.
2. The access connector based controlled data sandbox management method of claim 1, wherein, The method of injecting controlled data access into the controlled data sandbox includes: Based on the data usage policy, a temporary data access credential is generated that is associated with the target data asset. The temporary data access credential is bound to the data asset identifier, the data source type of the target data asset, the allowed access operations, the scope of use, the validity period, and the identification information of the controlled data sandbox. Inject the temporary data access credentials into the controlled data sandbox.
3. The access connector based controlled data sandbox management method of claim 2, wherein, The method further includes: The temporary data access credential becomes invalid upon receiving a revocation, monitoring, or emergency control instruction regarding the data usage policy issued by the trusted data space.
4. The access connector based controlled data sandbox management method of claim 1, wherein, The method of injecting controlled data access into the controlled data sandbox also includes: Configure the access connector as a data access proxy node; Receive data access requests from the controlled data sandbox; After the data access request is verified based on the data usage authorization or temporary access credentials, the data access request is forwarded to the corresponding data source system. Receive response data returned by the data source system and return the response data to the controlled data sandbox.
5. The access connector based controlled data sandbox management method of claim 1, wherein, The method of injecting controlled data access into the controlled data sandbox also includes: Create a controlled access path corresponding to the target data asset within the controlled data sandbox; The controlled access path is mapped to the read-only data interface of the target data asset to provide a data access interface to the controlled data sandbox.
6. The access connector based controlled data sandbox management method of claim 1, wherein, The method further includes: When the data user uses the target data asset, the data usage behavior in the controlled data sandbox is monitored and recorded, wherein the data usage behavior includes at least data access operations, data calculation operations, and result output operations.
7. The access connector based controlled data sandbox management method of claim 1, wherein, The method further includes: In any of the following circumstances, the controlled data sandbox shall be destroyed or recycled: the target data asset is used up, the data use policy expires, the data use policy is revoked, or an emergency control instruction is received.
8. The controlled data sandbox management method based on access connectors according to claim 7, characterized in that, The process of destroying or reclaiming the controlled data sandbox includes: revoking the access credentials of the controlled data sandbox and deleting the temporary data in the controlled data sandbox.
9. A controlled data sandbox management device based on an access connector, characterized in that, include: The memory is configured to store instructions; The processor is configured to retrieve the instructions from the memory and, when executing the instructions, to implement the controlled data sandbox management method based on the access connector according to any one of claims 1 to 8.
10. A connection connector, characterized in that, Includes the controlled data sandbox management device based on the access connector as described in claim 9.
11. A machine-readable storage medium storing instructions thereon, characterized in that, When executed by the processor, the instruction causes the processor to be configured to perform the controlled data sandbox management method based on the access connector according to any one of claims 1 to 8.