Data flow conversion monitoring method, device and equipment and readable storage medium

By acquiring sensitive tags and target sensitivity scores, determining encryption keys, and adopting appropriate encryption methods, the problem of insufficient monitoring of sensitive data flow is solved, and effective monitoring of data with different levels of sensitivity is achieved.

CN122394947APending Publication Date: 2026-07-14CHINA MOBILE GROUP SHAIHAI +1

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
CHINA MOBILE GROUP SHAIHAI
Filing Date
2026-05-22
Publication Date
2026-07-14

Smart Images

  • Figure CN122394947A_ABST
    Figure CN122394947A_ABST
Patent Text Reader

Abstract

The application provides a data flow transfer monitoring method and device, equipment and a readable storage medium. The method comprises the following steps: in a flow transfer stage of to-be-transferred data, acquiring a sensitive label, a data volume and a target sensitive degree score of the to-be-transferred data; in a case where the to-be-transferred data passes verification based on the sensitive label, the data volume and the target sensitive degree score, determining an encryption key of the to-be-transferred data based on a time value and the target sensitive degree score of the to-be-transferred data; encrypting first data based on the encryption key to obtain second data, the first data comprising the to-be-transferred data, the sensitive label and a verification parameter, the verification parameter being obtained by encrypting address information of a first electronic device based on the target sensitive degree score; and transferring the second data to a second electronic device, the verification parameter being used for the second electronic device to verify whether a flow transfer process of the to-be-transferred data is abnormal.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This application relates to the field of data security technology, and in particular to a data flow monitoring method, apparatus, device, and readable storage medium. Background Technology

[0002] With the development of digitalization, data flow has become more extensive, frequent, and diversified. While the openness and access to data bring convenience to data sharing and interaction, it also poses many security risks, especially when it comes to the transfer of sensitive data, where effective security control cannot be implemented.

[0003] Currently, the security of sensitive data transfer relies on encrypted transmission of the sensitive data. For example, after acquiring the data to be transferred, it is encrypted using an encryption key before being transferred to the data recipient. However, related technologies often use the same transfer monitoring scheme for all sensitive data, which may result in insufficient monitoring of some sensitive data. Summary of the Invention

[0004] This application provides a data flow monitoring method, apparatus, device, and readable storage medium, which can solve the technical problem of insufficient monitoring of sensitive data flow in related technologies.

[0005] In a first aspect, embodiments of this application provide a data flow monitoring method, applied to a first electronic device, the method comprising:

[0006] During the data transfer stage, the sensitive tags, data volume, and target sensitivity score of the data to be transferred are obtained. The sensitive tags are determined based on the data volume and target sensitivity score of the data to be transferred during the production stage of the data to be transferred. Both the sensitive tags and the target sensitivity score are used to characterize the sensitivity of the data to be transferred.

[0007] If the data to be transferred passes the verification based on the sensitive tags, data volume, and target sensitivity score, the encryption key of the data to be transferred is determined based on the time value of the data to be transferred and the target sensitivity score. The time value is determined based on the generation time, validity period, and production time of the data to be transferred, and the time value is used to indicate whether the transfer time of the data to be transferred exceeds the validity period of the data to be transferred.

[0008] The first data is encrypted using the encryption key to obtain the second data. The first data includes the data to be transferred, the sensitive tag, and the verification parameters. The verification parameters are obtained by encrypting the address information of the first electronic device based on the target sensitivity score.

[0009] The second data stream is transferred to the second electronic device, and the verification parameters are used by the second electronic device to verify whether the data to be transferred is abnormal during the transfer process.

[0010] Secondly, embodiments of this application provide a data flow monitoring method, applied to a second electronic device, the method comprising:

[0011] Based on the decryption key of the data to be transferred, the second data sent by the first electronic device is decrypted to obtain the eighth data. The decryption key includes the private key of the second electronic device, and the eighth data includes verification parameters.

[0012] Based on the decryption method corresponding to the data volume of the eighth data, the eighth data is decrypted to obtain the sensitive tag of the data to be transferred. The decryption method corresponds to the method of encrypting the first data based on the encryption key of the data to be transferred.

[0013] Based on the sensitive tags and target relationships of the data to be transferred, the verification values ​​of the verification parameters are determined, wherein the target relationship is the relationship between the sensitive tags of the data to be transferred and the target sensitivity scores;

[0014] Based on the verification value of the verification parameter, the verification parameter is decrypted to obtain the target address information;

[0015] Based on the target address information and the address information of the first electronic device, the monitoring and transfer result of the data to be transferred is determined.

[0016] Thirdly, embodiments of this application provide a data flow monitoring device applied to a first electronic device, the device comprising:

[0017] The first acquisition module is used to acquire the sensitive tags, data volume, and target sensitivity score of the data to be transferred during the data transfer stage. The sensitive tags are determined based on the data volume and target sensitivity score of the data to be transferred during the production stage of the data to be transferred. Both the sensitive tags and the target sensitivity score are used to characterize the sensitivity of the data to be transferred.

[0018] The first determining module is used to determine the encryption key of the data to be transferred based on the time value of the data to be transferred and the target sensitivity score, after verifying the data to be transferred based on the sensitive label, data volume and target sensitivity score. The time value is determined based on the generation time, validity period and production time of the data to be transferred, and the time value is used to indicate whether the transfer time of the data to be transferred exceeds the validity period of the data to be transferred.

[0019] An encryption module is used to encrypt first data based on the encryption key to obtain second data. The first data includes the data to be transferred, the sensitive tag, and verification parameters. The verification parameters are obtained by encrypting the address information of the first electronic device based on the target sensitivity score.

[0020] The transfer module is used to transfer the second data to the second electronic device, and the verification parameters are used by the second electronic device to verify whether the transfer process of the data to be transferred is abnormal.

[0021] Fourthly, embodiments of this application provide a data flow monitoring device applied to a second electronic device, the device comprising:

[0022] The first decryption module is used to decrypt the second data sent by the first electronic device based on the decryption key of the data to be transferred, to obtain the eighth data. The decryption key includes the private key of the second electronic device, and the eighth data includes verification parameters.

[0023] The second decryption module is used to decrypt the eighth data based on the decryption method corresponding to the data volume of the eighth data to obtain the sensitive tag of the data to be transferred. The decryption method corresponds to the method of encrypting the first data based on the encryption key of the data to be transferred.

[0024] The second determining module is used to determine the verification value of the verification parameter based on the sensitive tags and target relationships of the data to be transferred, wherein the target relationship is the relationship between the sensitive tags of the data to be transferred and the target sensitivity score;

[0025] The third decryption module is used to decrypt the verification parameter based on the verification value of the verification parameter to obtain the target address information;

[0026] The third determining module is used to determine the monitoring and transfer result of the data to be transferred based on the target address information and the address information of the first electronic device.

[0027] Fifthly, embodiments of this application provide an electronic device, including: a processor, a memory, and a program stored in the memory and executable on the processor. When the program is executed by the processor, it implements the steps of the data flow monitoring method as described in the first aspect, or implements the steps of the data flow monitoring method as described in the second aspect.

[0028] In a sixth aspect, embodiments of this application provide a computer-readable storage medium storing a computer program, which, when executed by a processor, implements the steps of the data flow monitoring method as described in the first aspect, or implements the steps of the data flow monitoring method as described in the second aspect.

[0029] In a seventh aspect, embodiments of this application provide a computer program product, including computer instructions that, when executed by a processor, implement the steps of the data flow monitoring method as described in the first aspect, or implement the steps of the data flow monitoring method as described in the second aspect.

[0030] In this embodiment, during the data transfer stage, sensitive tags, data volume, and target sensitivity scores of the data to be transferred are obtained. The sensitive tags are determined during the data production stage based on the data volume and target sensitivity score. Both the sensitive tags and the target sensitivity score characterize the sensitivity of the data to be transferred. If the data to be transferred passes verification based on the sensitive tags, data volume, and target sensitivity score, an encryption key for the data to be transferred is determined based on the time value of the data and the target sensitivity score. The time value is... The time value is determined based on the task generation time, validity period, and production time of the data to be transferred. It is used to indicate whether the transfer time of the data to be transferred exceeds the validity period of the data to be transferred. The first data is encrypted based on the encryption key to obtain the second data. The first data includes the data to be transferred, the sensitive tag, and verification parameters. The verification parameters are obtained by encrypting the address information of the first electronic device based on the target sensitivity score. The second data is transferred to the second electronic device. The verification parameters are used by the second electronic device to verify whether the transfer process of the data to be transferred is abnormal. In this way, during the data transfer stage, on the one hand, the data to be transferred is verified based on the relationship between the sensitive labels, data volume, and target sensitivity scores of the data to be transferred. Data transfer is only executed if the verification is successful. On the other hand, different encryption keys are determined for the data to be transferred based on the target sensitivity score of the data to be transferred and whether the transfer time exceeds the valid duration. Different encryption methods are then used to encrypt the data to be transferred before the encrypted data is transferred. This ensures that different encryption methods are used for data with different levels of sensitivity, so that sensitive data with different levels of sensitivity are monitored with appropriate monitoring intensity, thus achieving effective monitoring of sensitive data transfer. Attached Figure Description

[0031] To more clearly illustrate the technical solutions of the embodiments of this application, the drawings used in the description of the embodiments or the prior art will be briefly introduced below. Obviously, the drawings described below are only some embodiments of this application. For those skilled in the art, other drawings can be obtained based on these drawings without creative effort.

[0032] Figure 1 This is one of the flowcharts of a data flow monitoring method provided in the embodiments of this application;

[0033] Figure 2 This is a second flowchart of a data flow monitoring method provided in the embodiments of this application;

[0034] Figure 3 This is one of the structural diagrams of a data flow monitoring device provided in the embodiments of this application;

[0035] Figure 4 This is a second structural diagram of a data flow monitoring device provided in an embodiment of this application;

[0036] Figure 5 This is a structural diagram of an electronic device provided in an embodiment of this application. Detailed Implementation

[0037] The technical solutions of the embodiments of this application will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some embodiments of this application, not all embodiments. Based on the embodiments of this application, all other embodiments obtained by those skilled in the art without creative effort are within the scope of protection of this application.

[0038] Because different data have varying degrees of sensitivity—some data is generally sensitive, while others are extremely sensitive—and because different data recipients have different access permissions, allowing them to receive sensitive data of varying sensitivity levels, and because related technologies do not consider the sensitivity of data but instead treat all sensitive data equally using the same flow monitoring scheme, this can lead to insufficient monitoring of some sensitive data. Therefore, this application provides a novel data flow monitoring method. By determining different encryption keys for the data to be flowed based on its target sensitivity score and whether its flow time exceeds the valid duration, different encryption methods are used to encrypt the data before it is flowed. This ensures that data of different sensitivity levels are monitored using different encryption methods, achieving effective monitoring of sensitive data flow.

[0039] See Figure 1 , Figure 1 This is one of the flowcharts of a data flow monitoring method provided in the embodiments of this application, such as... Figure 1 As shown, the method includes the following steps:

[0040] Step 101: During the data transfer stage, obtain the sensitive tags, data volume, and target sensitivity score of the data to be transferred. The sensitive tags are determined based on the data volume and target sensitivity score of the data to be transferred during the production stage of the data to be transferred. Both the sensitive tags and the target sensitivity score are used to characterize the sensitivity of the data to be transferred.

[0041] Step 102: If the data to be transferred is verified based on the sensitive label, data volume, and target sensitivity score, the encryption key of the data to be transferred is determined based on the time value of the data to be transferred and the target sensitivity score. The time value is determined based on the generation time, validity period, and production time of the data to be transferred. The time value is used to indicate whether the transfer time of the data to be transferred exceeds the validity period of the data to be transferred.

[0042] Step 103: Encrypt the first data based on the encryption key to obtain the second data. The first data includes the data to be transferred, the sensitive tag, and the verification parameters. The verification parameters are obtained by encrypting the address information of the first electronic device based on the target sensitivity score.

[0043] Step 104: Transfer the second data stream to the second electronic device. The verification parameters are used by the second electronic device to verify whether the data stream process is abnormal.

[0044] It should be noted that this embodiment applies to a first electronic device, which can be a data sender. The data sender and the data producer can be the same or different; no specific limitation is made here. The lifecycle of the data to be transferred can include a data production stage and a data transfer stage. The data production stage is used to produce and obtain the data to be transferred. Afterward, the data to be transferred can undergo data flow and enter the data transfer stage.

[0045] In step 101, during the data transfer stage, sensitive tags of the data to be transferred can be obtained. Data volume Target sensitivity score These parameters are determined by the data producer during the production stage of the data to be transferred. When the data sender and the data producer are the same, these parameters determined during the production stage of the data to be transferred are obtained accordingly. When the data sender and the data producer are different, these parameters can be transferred to the data sender along with the data to be transferred.

[0046] In some embodiments, before the data to be transferred is transferred, the authentication data of a second electronic device (which may be the data recipient) can be obtained, and after authentication is completed, the sensitive tags, data volume, and target sensitivity score of the data to be transferred can be obtained.

[0047] Both the sensitive label and the target sensitivity score are used to characterize the sensitivity of the data to be transferred. The two are linked through a target relationship, which in some embodiments can be the sensitive label. .in, This is a hash function.

[0048] In step 102, it can be based on , and Verify the data A to be transferred. If the verification fails, reject the transfer. If the verification passes, the data transfer can be executed.

[0049] The system can validate the data to be transferred based on sensitive labels, data volume, and target sensitivity scores, utilizing target relationships. The validation method varies depending on the target relationship.

[0050] In some embodiments, the method further includes:

[0051] The verification value of the data to be transferred is obtained by performing an XOR operation on the hash value of the data volume and the hash value of the sensitive tag.

[0052] If the verification value of the data to be transferred is the same as the hash value of the target sensitivity score, the data to be transferred is determined to have passed verification.

[0053] This allows us to determine the verification value of the data A to be transferred. Determine the target sensitivity score hash value If the verification value of the data to be transferred, A, is consistent with... If the values ​​are not the same, the verification fails. If they are the same, the verification passes.

[0054] In this way, a first-level monitoring of data flow can be achieved based on sensitive tags, data volume, and target sensitivity scoring, thereby improving the security of data flow.

[0055] If the data to be transferred passes verification based on the aforementioned sensitive tags, data volume, and target sensitivity score, the encryption key for the data to be transferred can be determined based on the time value and target sensitivity score of the data to be transferred. The time value is determined based on the data transfer task generation time, validity period, and production time. The data transfer task generation time... It is a parameter in the task when the task is received, and this parameter is also synchronized to the data receiver when the task is generated.

[0056] In some embodiments, the time value can be ,in, It can be set to the production time of the data to be transferred. This can be the valid duration of the data to be transferred. Wherein, if This indicates that the data to be transferred has not exceeded its validity period. If the value is greater than 0, it means that the data to be transferred has exceeded its validity period, and the larger the value, the longer the time has exceeded the validity period.

[0057] In some embodiments, the sensitivity level of the data to be transferred can be determined based on the time value and target sensitivity score of the data to be transferred, and the encryption key of the data to be transferred can be determined accordingly based on the sensitivity level.

[0058] In some embodiments, the target sensitivity score of the data to be transferred is located in a first preset range, or is greater than the value of the first preset range. Step 102 specifically includes at least one of the following:

[0059] If the data to be transferred meets a first preset condition, the encryption key of the data to be transferred is determined to be the public key of the second electronic device; the first preset condition is that the target sensitivity score is within a first preset range.

[0060] If the data to be transferred meets the second preset condition, the encryption key of the data to be transferred is determined to be the public key of the second electronic device; the second preset condition is that the target sensitivity score is within the second preset interval, and the time value indicates that the transfer time of the data to be transferred exceeds the effective duration of the data to be transferred by a preset multiple, the first preset interval and the second preset interval are adjacent, and the value of the first preset interval is less than the value of the second preset interval;

[0061] If the data to be transferred meets the third preset condition, the encryption key of the data to be transferred is determined to be the public key and the target key of the second electronic device. The target key is obtained by XOR operation based on the time value and the address information of the second electronic device. The third preset condition is other conditions besides the first preset condition and the second preset condition among the conditions constructed by the target sensitivity score and the time value.

[0062] That is, if the target sensitivity score First preset interval (e.g., low sensitivity interval) If the data to be transferred is relatively low in sensitivity, then the encryption key can be the public key of the data recipient.

[0063] If the target sensitivity score The second preset interval (e.g., medium sensitivity interval) ),and ( You can set a preset multiplier, such as a multiplier threshold. Although the data to be transferred has a certain degree of sensitivity, the time it took for the data to be transferred to be produced is relatively long, exceeding the effective time limit. At this point, it is also believed that the sensitivity of the data to be transferred has decreased over time, and the encryption key can be the public key of the data recipient.

[0064] Otherwise, if the data to be transferred is considered to be highly sensitive, the encryption key can be the public key of the data recipient and the target key, which can be obtained through... The calculation yielded the following result. This can be the address information of the data recipient, such as an IP address.

[0065] In this way, different encryption keys can be set for different data based on the time value and target sensitivity of the data to be transferred. This allows sensitive data to be encrypted using different methods according to its sensitivity during the transfer process. Sensitive data of different sensitivity levels are monitored with appropriate monitoring intensity, thus achieving effective monitoring of the transfer of sensitive data.

[0066] In step 103, existing encryption methods or new encryption methods can be used to encrypt the first data based on the encryption key.

[0067] In some embodiments, step 103 specifically includes:

[0068] When the encryption key is the public key of the second electronic device, the first data is encrypted based on the public key of the second electronic device to obtain the second data;

[0069] When the encryption key is the public key of the second electronic device and the target key, the data to be transferred and the sensitive tag are encrypted based on the target key to obtain the initial result; the validity period, production time, initial result and verification parameters are encrypted based on the public key of the second electronic device to obtain the second data.

[0070] In some embodiments, if the encryption key is the data receiver's public key, it can be accessed through... right Encryption is performed to obtain verification parameters, among which, This includes the sender's address information, such as their IP address; and the receiver's public key, along with sensitive tags on the data to be transferred. The verification parameters are encrypted to obtain the encrypted result, which is the second data; the encrypted result is then sent to the data recipient.

[0071] In some embodiments, if the encryption key is the data receiver's public key and the target key, it can be achieved through... right Encryption is performed to obtain verification parameters, among which, This includes the sender's address information, such as an IP address; and a second key containing sensitive tags for the data to be transferred. Encryption is performed to obtain the initial result; the production time of the data to be transferred is obtained through the public key of the data recipient. Valid duration The initial result and verification parameters are encrypted to obtain the encrypted result, which is the second data; the encrypted result is then sent to the data recipient.

[0072] In this way, sensitive data can be encrypted using different methods depending on its sensitivity during its transfer, and sensitive data of different levels of sensitivity can be monitored with appropriate monitoring intensity, thus achieving effective monitoring of the transfer of sensitive data.

[0073] In step 104, the second data can be transferred to the second electronic device. Accordingly, the second electronic device can receive the second data and, based on the second data, verify whether the transfer process of the data to be transferred is abnormal.

[0074] In some embodiments, the target sensitivity score can be the first sensitivity score of the data to be transferred by the first data producer in the production stage. The target sensitivity score can also be determined based on the second sensitivity score of the third data, which is obtained based on the effective duration, data volume and value score of the data to be transferred and is related to the data to be transferred.

[0075] In some embodiments, the method further includes:

[0076] During the production stage of the data to be transferred, the first attribute information of the data to be transferred is obtained. The first attribute information includes: the first sensitivity score and value score of the data to be transferred by the first data producer in the production stage, as well as the effective duration and data volume of the data to be transferred.

[0077] Based on the effective duration, data volume, and value score of the data to be transferred, obtain third-party data related to the data to be transferred.

[0078] Based on the second sensitivity score of the third data, the first sensitivity score is adjusted to obtain the target sensitivity score.

[0079] In other words, during the data production stage, the value of the data to be transferred can be scored based on the first data producer, and other data similar to the data to be transferred can be found based on the effective duration and data volume set for the data to be transferred. The first sensitivity score can be adjusted according to the sensitivity of other data to obtain a more objective and comprehensive sensitivity score.

[0080] Specifically, during the data production stage, after the first data producer produces the data to be transferred, it will score the sensitivity of the data to be transferred, and obtain a first sensitivity score. At the same time, the value of the data being processed is scored to obtain a value score. And set a valid duration for the data to be transferred. In other words, , and These values ​​are all manually labeled and derived by relevant personnel based on the actual situation of the data to be transferred and their work experience (if applicable, such as relevant laws, regulations, industry standards, or internal standards, these can also be considered). Correspondingly, the primary attribute information of the data to be transferred can be obtained. Among these, the primary sensitivity score... Value rating The higher the score, the more sensitive and valuable the data, because it is evaluated by the primary data producer, who is most familiar with the flow of data. and It is the most accurate.

[0081] Then, based on the effective duration, data volume, and value score of the data to be transferred, third-party data related to the data to be transferred can be obtained. This third-party data can include data with similar effective duration, data volume, and value score to the data to be transferred.

[0082] In some embodiments, obtaining third data related to the data to be transferred based on the effective duration, data volume, and value score of the data to be transferred includes:

[0083] Acquire fourth data; the fourth data includes at least one of the fifth data produced by the first data producer and the sixth data produced by the second data producer, wherein the second data producer is a data producer whose second attribute information is similar to that of the first data producer, and the fifth data does not include the data to be transferred.

[0084] A seventh data point is obtained from the fourth data point, which is similar to the data to be transferred in terms of effective duration, data volume, and value score; the third data point includes the fourth data point and the seventh data point.

[0085] In other words, this embodiment can acquire multiple types of data related to the data to be transferred.

[0086] The identifier of the primary data producer can be obtained. ,based on Obtain the second attribute information of the first data producer. This second attribute information may include the first data producer's domain, credit rating, etc., and an attribute vector can be constructed. This attribute vector consists of multiple attribute values, which are filled in by the first data producer during registration and will be updated as the first data producer changes. Attribute values, such as the first data producer's domain and credit rating, use existing dimensions and will not be described in detail here.

[0087] In some embodiments, all data produced by the first data producer (excluding data to be transferred) can be obtained and used as the first type of related data to obtain the fifth data.

[0088] In some embodiments, based on the attribute vector of the first data producer, a second data producer similar to the first data producer can be identified. All data generated by the second data producer is then acquired as the second type of related data, resulting in the sixth data. Specifically, the Euclidean distance between the attribute values ​​of other data producers and the attribute values ​​of the first data producer can be calculated. Data producers whose Euclidean distance is greater than a distance threshold are identified as second data producers. Since the second data producer is similar to the first data producer, it should possess similar data production characteristics.

[0089] In some embodiments, based on , and By identifying similar data, we can classify it as the third category of related data, thus obtaining the seventh type of data. Within this framework, the value of the data to be transferred can be scored. Valid duration Data volume Using the feature vector of the data to be transferred as the feature vector, calculate the Euclidean distance between the feature vectors of other data and the feature vector of the data to be transferred, and determine the other data whose Euclidean distance is greater than the distance threshold as the seventh data.

[0090] Accordingly, three types of related data can be obtained. The first type of related data consists of other data produced by the same data producer as the data to be transferred. The second type of related data consists of data produced by a second data producer similar to the first data producer of the data to be transferred. The third type of related data consists of data with the same data characteristics as the data to be transferred. The first and second types of related data are similar data from the perspective of data producers, while the third type of related data is similar data from the perspective of data characteristics.

[0091] Based on these three types of relevant data, the sensitivity of the data to be transferred can be assessed, resulting in a third sensitivity score. .

[0092] In some embodiments, the third data includes the fifth, sixth, and seventh data, and the second sensitivity score based on the third data, adjusting the first sensitivity score to obtain the target sensitivity score, includes:

[0093] Based on the similarity between the data to be transferred and the data in the third data, target data is selected from the third data, and the target data is one of the fifth data, the sixth data and the seventh data;

[0094] The first sensitivity score is adjusted based on the second sensitivity score of the target data to obtain the target sensitivity score.

[0095] In other words, based on the similarity between the data to be transferred and the data in the third data, target data can be selected from the third data to choose the data with the highest consistency with the data to be transferred, thereby assessing the sensitivity of the data to be transferred. Accordingly, the first sensitivity score can be adjusted based on the second sensitivity score of the target data to obtain the target sensitivity score.

[0096] In some embodiments, selecting target data from the third data based on the similarity between the data to be transferred and the data in the third data includes:

[0097] Obtain the first average similarity between the fifth data and each data in the data to be transferred, and the second average similarity between the data to be transferred and the fifth data; obtain the third average similarity between the sixth data and each data in the data to be transferred, and the fourth average similarity between the data to be transferred and the sixth data; obtain the fifth average similarity between the seventh data and each data in the data to be transferred, and the sixth average similarity between the data to be transferred and the seventh data;

[0098] Obtain the seventh average similarity between the data to be transferred and the third data;

[0099] Based on the first average value, the second average value, and the seventh average value, a first degree of conformity between the data to be transferred and the fifth data is determined; based on the third average value, the fourth average value, and the seventh average value, a second degree of conformity between the data to be transferred and the sixth data is determined; based on the fifth average value, the sixth average value, and the seventh average value, a third degree of conformity between the data to be transferred and the seventh data is determined.

[0100] Based on the first, second, and third conformity scores, target data is selected from the third data; the target data is the data corresponding to the target conformity score, and the target conformity score is the largest conformity score among the first, second, and third conformity scores.

[0101] In other words, by determining the similarity between any two data points in the first category of related data and the data to be transferred, we can obtain the average similarity, i.e., the first average value. This allows us to determine the similarity between the data to be transferred and each data point in the first category of related data, and to obtain the average similarity, i.e., the second average value. .

[0102] By determining the similarity between any two data points in the second category of related data and the data to be transferred, we can obtain the average similarity, i.e., the third average value. This allows us to determine the similarity between the data to be transferred and each data point in the second category of related data, and to obtain the average similarity, i.e., the fourth average. .

[0103] By determining the similarity between any two data points in the third category of related data and the data to be transferred, the average similarity, i.e., the fifth average, can be obtained. This allows us to determine the similarity between the data to be transferred and each data point in the third category of related data, and to obtain the average similarity, i.e., the sixth average. .

[0104] The similarity between the data to be transferred and each data point in the third set can be determined, and the average similarity, i.e., the seventh average, can be obtained. .

[0105] It can calculate the first degree of conformity between the data to be transferred and the first type of related data. The second degree of conformity between the data to be transferred and the second type of related data. The third degree of conformity between the data to be transferred and the third type of related data. .

[0106] You can select the class of relevant data with the highest degree of conformity as the comparison class of relevant data to obtain the target data.

[0107] In some embodiments, the average score of the second sensitivity scores of each data point in the target data can be determined as the third sensitivity score of the data to be transferred.

[0108] In some embodiments, the second sensitivity score based on the target data, adjusting the first sensitivity score to obtain the target sensitivity score, includes:

[0109] Determine the maximum, minimum, average, and median score values ​​in the second sensitivity score of the target data;

[0110] Based on the maximum score, minimum score, average score, and median score, a third sensitivity score is determined for the data to be transferred.

[0111] The maximum score between the first sensitivity score and the third sensitivity score is determined as the target sensitivity score.

[0112] It is possible to determine the maximum score value in the second sensitivity score of each data point in the target data. Minimum score Average score Median score It can be based on Determine the third sensitivity score of the data to be transferred. .

[0113] It should be noted that the third sensitivity score This is an evaluation value derived from finding other data with similar characteristics based on the features of the data to be transferred. While not precise, this value reflects the general sensitivity of data with that characteristic and has some reference value. The first sensitivity score... It is the sensitivity assessed by the primary data producer, and it is an accurate value. and Although both involve assessing the sensitivity of data to be transferred, the evaluation methods and the accuracy of the values ​​differ.

[0114] A third sensitivity score can be given based on the data to be transferred. And first sensitivity rating Determine the final target sensitivity score of the data to be transferred.

[0115] In some embodiments, the maximum score between the first sensitivity score and the third sensitivity score can be determined as the target sensitivity score, i.e. .

[0116] See Figure 2 , Figure 2 This is a second flowchart of a data flow monitoring method provided in the embodiments of this application, such as... Figure 2 As shown, the method includes the following steps:

[0117] Step 201: Based on the decryption key of the data to be transferred, decrypt the second data sent by the first electronic device to obtain the eighth data. The decryption key includes the private key of the second electronic device, and the eighth data includes verification parameters.

[0118] Step 202: Based on the decryption method corresponding to the data volume of the eighth data, the eighth data is decrypted to obtain the sensitive tag of the data to be transferred. The decryption method corresponds to the method of encrypting the first data based on the encryption key of the data to be transferred.

[0119] Step 203: Based on the sensitive tags and target relationships of the data to be transferred, determine the verification value of the verification parameter, wherein the target relationship is the relationship between the sensitive tags of the data to be transferred and the target sensitivity score;

[0120] Step 204: Based on the verification value of the verification parameter, decrypt the verification parameter to obtain the target address information;

[0121] Step 205: Based on the target address information and the address information of the first electronic device, determine the monitoring and transfer result of the data to be transferred.

[0122] It should be noted that this embodiment applies to a second electronic device, which can be a data receiver.

[0123] The decryption key of the data receiver corresponds to the encryption key of the data sender. For example, if the encryption key is the public key of the second electronic device, then the decryption key is the private key of the second electronic device. If the encryption key is the public key and the target key of the second electronic device, then the decryption key is the private key and the target key of the second electronic device.

[0124] The specific decryption key can be determined based on the amount of data in the eighth data set. This is determined by the encryption method. For example, if the encryption key is the public key of the second electronic device, the encryption method is to directly encrypt the data to be transferred, the sensitive tag, and the verification parameters based on the public key of the second electronic device to obtain the second data set. Correspondingly, after decrypting the second data set based on the private key of the second electronic device, the resulting eighth data set includes three data sets: the data to be transferred, the sensitive tag, and the verification parameters. However, if the encryption key is the private key of the second electronic device and the target key, the encryption method is to use the target key to encrypt the data to be transferred and the sensitive tag. Encryption is performed to obtain the initial result, and then the public key of the second electronic device is used to... , The initial result and verification parameters are encrypted to obtain the second data. Correspondingly, after decrypting the second data using the private key of the second electronic device, the resulting eighth data includes four data items, namely... , The initial results and verification parameters are then used. Based on the decryption method corresponding to the data volume of the eighth data point, decrypting the eighth data point yields the sensitive tags of the data to be transferred.

[0125] In some embodiments, step 202 specifically includes:

[0126] When the data volume of the eighth data is a first value, obtain the sensitive tags of the data to be transferred in the eighth data;

[0127] When the data volume of the eighth data is the second value, the time value of the data to be transferred is determined based on the generation time of the transfer task of the data to be transferred, the effective duration of the data to be transferred in the eighth data, and the production time; a decryption key is determined, the decryption key is a target key, the target key is obtained by XOR operation based on the time value and the address information of the second electronic device; the initial result in the eighth data is decrypted based on the target key to obtain the sensitive tag of the data to be transferred.

[0128] The first value can be 3, and the second value can be 4.

[0129] In some embodiments, if the eighth data contains three data points, it indicates that the sensitivity of the data to be transferred is not high, and the amount of data to be transferred in the eighth data can be determined. Based on the target relationship and the sensitive tags in the eighth data, the verification value is determined. Decrypt the verification parameter using the verification value; if the decryption result is... If the verification is successful, the data to be transferred is the final data; otherwise, the decryption result is not... If the verification fails, it indicates an anomaly during the data transfer process, and an alert will be issued.

[0130] If the eighth data point consists of four data points, it indicates that the data to be transferred is highly sensitive, and therefore, it can be based on the eighth data point. , Determining the value of time Based on time value, determine the target key. The initial result in the eighth data is decrypted using the target key to obtain the data to be transferred and its sensitive tags. Determine the amount of data to be transferred. The verification value is determined based on the target relationship and sensitive tags. Decrypt the verification parameter using the verification value; if the decryption result is... If the verification is successful, the data to be transferred is the final data; otherwise, the decryption result is not... If the verification fails, it indicates an anomaly during the data transfer process, and an alert will be issued.

[0131] In this embodiment, the value of the data is scored based on the data producer's assessment, the validity period set for the data, and the data volume. Other similar data can be found, and the sensitivity score of the data producer is adjusted according to the sensitivity of these other data to obtain a more objective and comprehensive sensitivity score. Sensitive tags are assigned to the data based on the sensitivity score; the higher the value of the sensitivity tag, the more sensitive the data. During the data flow stage, different encryption keys are determined for the data based on the value of the sensitivity tag and whether the validity period has expired after data production. Different encryption methods are then used to encrypt and transfer the data, ensuring that different encryption methods are used for data of varying sensitivity levels. This allows for appropriate monitoring of sensitive data at different levels, achieving effective monitoring of sensitive data flow. This approach can be widely applied in data security-related businesses and has broad application prospects.

[0132] See Figure 3 , Figure 3 This is one of the structural diagrams of a data flow monitoring device provided in the embodiments of this application, such as... Figure 3 As shown, the data flow monitoring device 300, applied to a first electronic device, includes:

[0133] The first acquisition module 301 is used to acquire the sensitive tags, data volume and target sensitivity score of the data to be transferred during the data transfer stage. The sensitive tags are determined based on the data volume and target sensitivity score of the data to be transferred during the production stage of the data to be transferred. Both the sensitive tags and the target sensitivity score are used to characterize the sensitivity of the data to be transferred.

[0134] The first determining module 302 is used to determine the encryption key of the data to be transferred based on the time value of the data to be transferred and the target sensitivity score, after verifying the data to be transferred based on the sensitive label, data volume and target sensitivity score. The time value is determined based on the generation time, validity period and production time of the data to be transferred. The time value is used to indicate whether the transfer time of the data to be transferred exceeds the validity period of the data to be transferred.

[0135] The encryption module 303 is used to encrypt the first data based on the encryption key to obtain the second data. The first data includes the data to be transferred, the sensitive tag, and the verification parameters. The verification parameters are obtained by encrypting the address information of the first electronic device based on the target sensitivity score.

[0136] The transfer module 304 is used to transfer the second data to the second electronic device, and the verification parameters are used by the second electronic device to verify whether the transfer process of the data to be transferred is abnormal.

[0137] Optionally, if the target sensitivity score of the data to be transferred is located in a first preset range or is greater than the value of the first preset range, the first determining module 302 is specifically used for:

[0138] If the data to be transferred meets a first preset condition, the encryption key of the data to be transferred is determined to be the public key of the second electronic device; the first preset condition is that the target sensitivity score is within a first preset range.

[0139] If the data to be transferred meets the second preset condition, the encryption key of the data to be transferred is determined to be the public key of the second electronic device; the second preset condition is that the target sensitivity score is within the second preset interval, and the time value indicates that the transfer time of the data to be transferred exceeds the effective duration of the data to be transferred by a preset multiple, the first preset interval and the second preset interval are adjacent, and the value of the first preset interval is less than the value of the second preset interval;

[0140] If the data to be transferred meets the third preset condition, the encryption key of the data to be transferred is determined to be the public key and the target key of the second electronic device. The target key is obtained by XOR operation based on the time value and the address information of the second electronic device. The third preset condition is other conditions besides the first preset condition and the second preset condition among the conditions constructed by the target sensitivity score and the time value.

[0141] Optionally, the encryption module 303 is specifically used for:

[0142] When the encryption key is the public key of the second electronic device, the first data is encrypted based on the public key of the second electronic device to obtain the second data;

[0143] When the encryption key is the public key of the second electronic device and the target key, the data to be transferred and the sensitive tag are encrypted based on the target key to obtain the initial result; the validity period, production time, initial result and verification parameters are encrypted based on the public key of the second electronic device to obtain the second data.

[0144] Optionally, the device further includes:

[0145] The calculation module is used to perform an XOR operation based on the hash value of the data volume and the hash value of the sensitive tag to obtain the verification value of the data to be transferred;

[0146] The fourth determining module is used to determine that the data to be transferred has passed verification if the verification value of the data to be transferred is the same as the hash value of the target sensitivity score.

[0147] Optionally, the device further includes:

[0148] The second acquisition module is used to acquire the first attribute information of the data to be transferred during the production stage of the data to be transferred. The first attribute information includes: the first sensitivity score and value score of the data to be transferred by the first data producer during the production stage, as well as the effective duration and data volume of the data to be transferred.

[0149] The third acquisition module is used to acquire third data related to the data to be transferred based on the effective duration, data volume and value score of the data to be transferred;

[0150] The adjustment module is used to adjust the first sensitivity score based on the second sensitivity score of the third data to obtain the target sensitivity score.

[0151] Optionally, the third acquisition module is specifically used for:

[0152] Acquire fourth data; the fourth data includes at least one of the fifth data produced by the first data producer and the sixth data produced by the second data producer, wherein the second data producer is a data producer whose second attribute information is similar to that of the first data producer, and the fifth data does not include the data to be transferred.

[0153] A seventh data point is obtained from the fourth data point, which is similar to the data to be transferred in terms of effective duration, data volume, and value score; the third data point includes the fourth data point and the seventh data point.

[0154] Optionally, the third data includes the fifth, sixth, and seventh data, and the adjustment module is specifically used for:

[0155] Based on the similarity between the data to be transferred and the data in the third data, target data is selected from the third data, and the target data is one of the fifth data, the sixth data and the seventh data;

[0156] The first sensitivity score is adjusted based on the second sensitivity score of the target data to obtain the target sensitivity score.

[0157] Optionally, the adjustment module is further configured to:

[0158] Obtain the first average similarity between the fifth data and each data in the data to be transferred, and the second average similarity between the data to be transferred and the fifth data; obtain the third average similarity between the sixth data and each data in the data to be transferred, and the fourth average similarity between the data to be transferred and the sixth data; obtain the fifth average similarity between the seventh data and each data in the data to be transferred, and the sixth average similarity between the data to be transferred and the seventh data;

[0159] Obtain the seventh average similarity between the data to be transferred and the third data;

[0160] Based on the first average value, the second average value, and the seventh average value, a first degree of conformity between the data to be transferred and the fifth data is determined; based on the third average value, the fourth average value, and the seventh average value, a second degree of conformity between the data to be transferred and the sixth data is determined; based on the fifth average value, the sixth average value, and the seventh average value, a third degree of conformity between the data to be transferred and the seventh data is determined.

[0161] Based on the first, second, and third conformity scores, target data is selected from the third data; the target data is the data corresponding to the target conformity score, and the target conformity score is the largest conformity score among the first, second, and third conformity scores.

[0162] Optionally, the adjustment module is further configured to:

[0163] Determine the maximum, minimum, average, and median score values ​​in the second sensitivity score of the target data;

[0164] Based on the maximum score, minimum score, average score, and median score, a third sensitivity score is determined for the data to be transferred.

[0165] The maximum score between the first sensitivity score and the third sensitivity score is determined as the target sensitivity score.

[0166] The data flow monitoring device 300 can realize all the processes implemented in the above-mentioned data flow monitoring method embodiment on the first electronic device side, and can achieve the same technical effect. To avoid repetition, it will not be described again here.

[0167] See Figure 4 , Figure 4 This is a second structural diagram of a data flow monitoring device provided in the embodiments of this application, as shown below. Figure 4 As shown, the data flow monitoring device 400, applied to a second electronic device, includes:

[0168] The first decryption module 401 is used to decrypt the second data sent by the first electronic device based on the decryption key of the data to be transferred, and obtain the eighth data. The decryption key includes the private key of the second electronic device, and the eighth data includes verification parameters.

[0169] The second decryption module 402 is used to decrypt the eighth data based on the decryption method corresponding to the data volume of the eighth data to obtain the sensitive tag of the data to be transferred. The decryption method corresponds to the method of encrypting the first data based on the encryption key of the data to be transferred.

[0170] The second determining module 403 is used to determine the verification value of the verification parameter based on the sensitive tags and target relationships of the data to be transferred, wherein the target relationship is the relationship between the sensitive tags of the data to be transferred and the target sensitivity score;

[0171] The third decryption module 404 is used to decrypt the verification parameter based on the verification value of the verification parameter to obtain the target address information;

[0172] The third determining module 405 is used to determine the monitoring and transfer result of the data to be transferred based on the target address information and the address information of the first electronic device.

[0173] The data flow monitoring device 400 can realize all the processes implemented in the above-mentioned second electronic device side data flow monitoring method embodiment, and can achieve the same technical effect. To avoid repetition, it will not be described again here.

[0174] Optionally, the second decryption module is specifically used for:

[0175] When the data volume of the eighth data is a first value, obtain the sensitive tags of the data to be transferred in the eighth data;

[0176] When the data volume of the eighth data is the second value, the time value of the data to be transferred is determined based on the generation time of the transfer task of the data to be transferred, the effective duration of the data to be transferred in the eighth data, and the production time; a decryption key is determined, the decryption key is a target key, the target key is obtained by XOR operation based on the time value and the address information of the second electronic device; the initial result in the eighth data is decrypted based on the target key to obtain the sensitive tag of the data to be transferred.

[0177] See Figure 5 The figure shows a structural diagram of an electronic device provided in an embodiment of the present invention. Figure 5 As shown, the electronic device 500 includes: a processor 501, a memory 502, a user interface 503, and a bus interface 504.

[0178] Processor 501 is used to read the program from memory 502 and execute the following procedures:

[0179] During the data transfer stage, the sensitive tags, data volume, and target sensitivity score of the data to be transferred are obtained. The sensitive tags are determined based on the data volume and target sensitivity score of the data to be transferred during the production stage of the data to be transferred. Both the sensitive tags and the target sensitivity score are used to characterize the sensitivity of the data to be transferred.

[0180] If the data to be transferred passes the verification based on the sensitive tags, data volume, and target sensitivity score, the encryption key of the data to be transferred is determined based on the time value of the data to be transferred and the target sensitivity score. The time value is determined based on the generation time, validity period, and production time of the data to be transferred, and the time value is used to indicate whether the transfer time of the data to be transferred exceeds the validity period of the data to be transferred.

[0181] The first data is encrypted using the encryption key to obtain the second data. The first data includes the data to be transferred, the sensitive tag, and the verification parameters. The verification parameters are obtained by encrypting the address information of the first electronic device based on the target sensitivity score.

[0182] The second data stream is transferred to the second electronic device, and the verification parameters are used by the second electronic device to verify whether the data to be transferred is abnormal during the transfer process.

[0183] Alternatively, processor 501 may read the program from memory 502 and execute the following procedures:

[0184] Based on the decryption key of the data to be transferred, the second data sent by the first electronic device is decrypted to obtain the eighth data. The decryption key includes the private key of the second electronic device, and the eighth data includes verification parameters.

[0185] Based on the decryption method corresponding to the data volume of the eighth data, the eighth data is decrypted to obtain the sensitive tag of the data to be transferred. The decryption method corresponds to the method of encrypting the first data based on the encryption key of the data to be transferred.

[0186] Based on the sensitive tags and target relationships of the data to be transferred, the verification values ​​of the verification parameters are determined, wherein the target relationship is the relationship between the sensitive tags of the data to be transferred and the target sensitivity scores;

[0187] Based on the verification value of the verification parameter, the verification parameter is decrypted to obtain the target address information;

[0188] Based on the target address information and the address information of the first electronic device, the monitoring and transfer result of the data to be transferred is determined.

[0189] exist Figure 5 In this context, the bus architecture can include any number of interconnected buses and bridges, specifically linking various circuits of one or more processors represented by processor 501 and memory represented by memory 502 together. The bus architecture can also link various other circuits such as peripheral devices, voltage regulators, and power management circuits, which are well known in the art and therefore will not be described further herein. Bus interface 504 provides an interface. For different user devices, user interface 503 can also be an interface capable of connecting external or internal devices, including but not limited to keypads, displays, speakers, microphones, joysticks, etc.

[0190] The processor 501 is responsible for managing the bus architecture and general processing, while the memory 502 can store the data used by the processor 501 when performing operations.

[0191] Preferably, the present invention also provides an electronic device 500, including a processor 501, a memory 502, and a computer program stored in the memory 502 and executable on the processor 501. When the computer program is executed by the processor 501, it implements the various processes of the above-described first electronic device side data flow monitoring method embodiment, or implements the various processes of the above-described second electronic device side data flow monitoring method embodiment, and can achieve the same technical effect. To avoid repetition, it will not be described again here.

[0192] This invention also provides a readable storage medium storing a computer program. When executed by a processor, this computer program implements the various processes of the first electronic device-side data flow monitoring method embodiment or the second electronic device-side data flow monitoring method embodiment, achieving the same technical effect. To avoid repetition, it will not be described again here. The readable storage medium may be a read-only memory (ROM), a random access memory (RAM), a magnetic disk, or an optical disk, etc.

[0193] This application also provides a computer program product, including computer instructions. When executed by a processor, the computer instructions implement the various processes of the above-described first electronic device side data flow monitoring method embodiment, or implement the various processes of the above-described second electronic device side data flow monitoring method embodiment, and can achieve the same technical effect. To avoid repetition, it will not be described again here.

[0194] Those skilled in the art will recognize that the units and algorithm steps of the various examples described in conjunction with the embodiments disclosed herein can be implemented in electronic hardware, or a combination of computer software and electronic hardware. Whether these functions are implemented in hardware or software depends on the specific application and design constraints of the technical solution. Those skilled in the art can use different methods to implement the described functions for each specific application, but such implementations should not be considered beyond the scope of this invention.

[0195] Those skilled in the art will understand that, for the sake of convenience and brevity, the specific working processes of the systems, devices, and units described above can be referred to the corresponding processes in the foregoing method embodiments, and will not be repeated here.

[0196] In the embodiments provided in this application, it should be understood that the disclosed systems and methods can be implemented in other ways. For example, the system embodiments described above are merely illustrative. For instance, the division of units is only a logical functional division, and in actual implementation, there may be other division methods. For example, multiple units or components may be combined or integrated into another system, or some features may be ignored or not executed. Furthermore, the coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection through some interfaces, devices, or units, and may be electrical, mechanical, or other forms.

[0197] The units described as separate components may or may not be physically separate. The components shown as units may or may not be physical units; that is, they may be located in one place or distributed across multiple network units. Some or all of the units can be selected to achieve the purpose of the embodiments of the present invention, depending on actual needs.

[0198] In addition, the functional units in the various embodiments of the present invention can be integrated into one processing unit, or each unit can exist physically separately, or two or more units can be integrated into one unit.

[0199] If the aforementioned functions are implemented as software functional units and sold or used as independent products, they can be stored in a computer-readable storage medium. Based on this understanding, the technical solution of this invention, essentially, or the part that contributes to the prior art, or a portion of the technical solution, can be embodied in the form of a software product. This computer software product is stored in a storage medium and includes several instructions to cause a computer device (which may be a personal computer, server, or network device, etc.) to execute all or part of the steps of the methods described in the various embodiments of this invention. The aforementioned storage medium includes various media capable of storing program code, such as USB flash drives, portable hard drives, ROM, RAM, magnetic disks, or optical disks.

[0200] The above description is merely a specific embodiment of the present invention, but the scope of protection of the present invention is not limited thereto. Any variations or substitutions that can be easily conceived by those skilled in the art within the technical scope disclosed in the present invention should be included within the scope of protection of the present invention. Therefore, the scope of protection of the present invention should be determined by the scope of the claims.

Claims

1. A data flow monitoring method, characterized in that, Applied to a first electronic device, the method includes: During the data transfer stage, the sensitive tags, data volume, and target sensitivity score of the data to be transferred are obtained. The sensitive tags are determined based on the data volume and target sensitivity score of the data to be transferred during the production stage of the data to be transferred. Both the sensitive tags and the target sensitivity score are used to characterize the sensitivity of the data to be transferred. If the data to be transferred passes the verification based on the sensitive tags, data volume, and target sensitivity score, the encryption key of the data to be transferred is determined based on the time value of the data to be transferred and the target sensitivity score. The time value is determined based on the generation time, validity period, and production time of the data to be transferred, and the time value is used to indicate whether the transfer time of the data to be transferred exceeds the validity period of the data to be transferred. The first data is encrypted using the encryption key to obtain the second data. The first data includes the data to be transferred, the sensitive tag, and the verification parameters. The verification parameters are obtained by encrypting the address information of the first electronic device based on the target sensitivity score. The second data stream is transferred to the second electronic device, and the verification parameters are used by the second electronic device to verify whether the data to be transferred is abnormal during the transfer process.

2. The method according to claim 1, characterized in that, The target sensitivity score of the data to be transferred is located within a first preset range, or is greater than the value of the first preset range. Determining the encryption key for the data to be transferred based on its time value and the target sensitivity score includes at least one of the following: If the data to be transferred meets a first preset condition, the encryption key of the data to be transferred is determined to be the public key of the second electronic device; the first preset condition is that the target sensitivity score is within a first preset range. If the data to be transferred meets the second preset condition, the encryption key of the data to be transferred is determined to be the public key of the second electronic device; The second preset condition is that the target sensitivity score is located in the second preset interval, and the time value indicates that the transfer time of the data to be transferred exceeds a preset multiple of the effective duration of the data to be transferred, the first preset interval and the second preset interval are adjacent, and the value of the first preset interval is less than the value of the second preset interval; If the data to be transferred meets the third preset condition, the encryption key of the data to be transferred is determined to be the public key and the target key of the second electronic device. The target key is obtained by XOR operation based on the time value and the address information of the second electronic device. The third preset condition is other conditions besides the first preset condition and the second preset condition among the conditions constructed by the target sensitivity score and the time value.

3. The method according to claim 1 or 2, characterized in that, The step of encrypting the first data based on the encryption key to obtain the second data includes: When the encryption key is the public key of the second electronic device, the first data is encrypted based on the public key of the second electronic device to obtain the second data; When the encryption key is the public key of the second electronic device and the target key, the data to be transferred and the sensitive tag are encrypted based on the target key to obtain the initial result; the validity period, production time, initial result and verification parameters are encrypted based on the public key of the second electronic device to obtain the second data.

4. The method according to claim 1, characterized in that, The method further includes: The verification value of the data to be transferred is obtained by performing an XOR operation on the hash value of the data volume and the hash value of the sensitive tag. If the verification value of the data to be transferred is the same as the hash value of the target sensitivity score, the data to be transferred is determined to have passed verification.

5. The method according to claim 1, characterized in that, The method further includes: During the production stage of the data to be transferred, the first attribute information of the data to be transferred is obtained. The first attribute information includes: the first sensitivity score and value score of the data to be transferred by the first data producer in the production stage, as well as the effective duration and data volume of the data to be transferred. Based on the effective duration, data volume, and value score of the data to be transferred, obtain third-party data related to the data to be transferred. Based on the second sensitivity score of the third data, the first sensitivity score is adjusted to obtain the target sensitivity score.

6. The method according to claim 5, characterized in that, The process of obtaining third-party data related to the data to be transferred based on the effective duration, data volume, and value score of the data to be transferred includes: Acquire fourth data; the fourth data includes at least one of the fifth data produced by the first data producer and the sixth data produced by the second data producer, wherein the second data producer is a data producer whose second attribute information is similar to that of the first data producer, and the fifth data does not include the data to be transferred. A seventh data point is obtained from the fourth data point, which is similar to the data to be transferred in terms of effective duration, data volume, and value score; the third data point includes the fourth data point and the seventh data point.

7. The method according to claim 6, characterized in that, The third data includes the fifth, sixth, and seventh data. The second sensitivity score based on the third data, which adjusts the first sensitivity score to obtain the target sensitivity score, includes: Based on the similarity between the data to be transferred and the data in the third data, target data is selected from the third data, and the target data is one of the fifth data, the sixth data and the seventh data; The first sensitivity score is adjusted based on the second sensitivity score of the target data to obtain the target sensitivity score.

8. The method according to claim 7, characterized in that, The step of selecting target data from the third data based on the similarity between the data to be transferred and the data in the third data includes: Obtain the first average similarity between the fifth data and each data in the data to be transferred, and the second average similarity between the data to be transferred and the fifth data; obtain the third average similarity between the sixth data and each data in the data to be transferred, and the fourth average similarity between the data to be transferred and the sixth data; obtain the fifth average similarity between the seventh data and each data in the data to be transferred, and the sixth average similarity between the data to be transferred and the seventh data; Obtain the seventh average similarity between the data to be transferred and the third data; Based on the first average value, the second average value, and the seventh average value, a first degree of conformity between the data to be transferred and the fifth data is determined; based on the third average value, the fourth average value, and the seventh average value, a second degree of conformity between the data to be transferred and the sixth data is determined; based on the fifth average value, the sixth average value, and the seventh average value, a third degree of conformity between the data to be transferred and the seventh data is determined. Based on the first, second, and third conformity scores, target data is selected from the third data; the target data is the data corresponding to the target conformity score, and the target conformity score is the largest conformity score among the first, second, and third conformity scores.

9. The method according to claim 7, characterized in that, The second sensitivity score based on the target data adjusts the first sensitivity score to obtain the target sensitivity score, including: Determine the maximum, minimum, average, and median score values ​​in the second sensitivity score of the target data; Based on the maximum score, minimum score, average score, and median score, a third sensitivity score is determined for the data to be transferred. The maximum score between the first sensitivity score and the third sensitivity score is determined as the target sensitivity score.

10. A data flow monitoring method, characterized in that, Applied to a second electronic device, the method includes: Based on the decryption key of the data to be transferred, the second data sent by the first electronic device is decrypted to obtain the eighth data. The decryption key includes the private key of the second electronic device, and the eighth data includes verification parameters. Based on the decryption method corresponding to the data volume of the eighth data, the eighth data is decrypted to obtain the sensitive tag of the data to be transferred. The decryption method corresponds to the method of encrypting the first data based on the encryption key of the data to be transferred. Based on the sensitive tags and target relationships of the data to be transferred, the verification values ​​of the verification parameters are determined, wherein the target relationship is the relationship between the sensitive tags of the data to be transferred and the target sensitivity scores; Based on the verification value of the verification parameter, the verification parameter is decrypted to obtain the target address information; Based on the target address information and the address information of the first electronic device, the monitoring and transfer result of the data to be transferred is determined.

11. The method according to claim 10, characterized in that, The decryption method based on the data volume of the eighth data, which decrypts the eighth data to obtain the sensitive tags of the data to be transferred, includes: When the data volume of the eighth data is a first value, obtain the sensitive tags of the data to be transferred in the eighth data; When the data volume of the eighth data is the second value, the time value of the data to be transferred is determined based on the generation time of the transfer task of the data to be transferred, the effective duration of the data to be transferred in the eighth data, and the production time; a decryption key is determined, the decryption key is a target key, the target key is obtained by XOR operation based on the time value and the address information of the second electronic device; the initial result in the eighth data is decrypted based on the target key to obtain the sensitive tag of the data to be transferred.

12. A data flow monitoring device, characterized in that, Applied to a first electronic device, the device includes: The first acquisition module is used to acquire the sensitive tags, data volume, and target sensitivity score of the data to be transferred during the data transfer stage. The sensitive tags are determined based on the data volume and target sensitivity score of the data to be transferred during the production stage of the data to be transferred. Both the sensitive tags and the target sensitivity score are used to characterize the sensitivity of the data to be transferred. The first determining module is used to determine the encryption key of the data to be transferred based on the time value of the data to be transferred and the target sensitivity score, after verifying the data to be transferred based on the sensitive label, data volume and target sensitivity score. The time value is determined based on the generation time, validity period and production time of the data to be transferred, and the time value is used to indicate whether the transfer time of the data to be transferred exceeds the validity period of the data to be transferred. An encryption module is used to encrypt first data based on the encryption key to obtain second data. The first data includes the data to be transferred, the sensitive tag, and verification parameters. The verification parameters are obtained by encrypting the address information of the first electronic device based on the target sensitivity score. The transfer module is used to transfer the second data to the second electronic device, and the verification parameters are used by the second electronic device to verify whether the transfer process of the data to be transferred is abnormal.

13. A data flow monitoring device, characterized in that, Applied to a second electronic device, the device includes: The first decryption module is used to decrypt the second data sent by the first electronic device based on the decryption key of the data to be transferred, to obtain the eighth data. The decryption key includes the private key of the second electronic device, and the eighth data includes verification parameters. The second decryption module is used to decrypt the eighth data based on the decryption method corresponding to the data volume of the eighth data to obtain the sensitive tag of the data to be transferred. The decryption method corresponds to the method of encrypting the first data based on the encryption key of the data to be transferred. The second determining module is used to determine the verification value of the verification parameter based on the sensitive tags and target relationships of the data to be transferred, wherein the target relationship is the relationship between the sensitive tags of the data to be transferred and the target sensitivity score; The third decryption module is used to decrypt the verification parameter based on the verification value of the verification parameter to obtain the target address information; The third determining module is used to determine the monitoring and transfer result of the data to be transferred based on the target address information and the address information of the first electronic device.

14. An electronic device, characterized in that, include: A processor, a memory, and a program stored in the memory and executable on the processor, wherein the program, when executed by the processor, implements the steps of the data flow monitoring method as described in any one of claims 1 to 9, or implements the steps of the data flow monitoring method as described in any one of claims 10 to 11.

15. A computer-readable storage medium, characterized in that, The computer-readable storage medium stores a computer program that, when executed by a processor, implements the steps of the data flow monitoring method as described in any one of claims 1 to 9, or implements the steps of the data flow monitoring method as described in any one of claims 10 to 11.

16. A computer program product, characterized in that, It includes computer instructions that, when executed by a processor, implement the steps of the data flow monitoring method as described in any one of claims 1 to 9, or implement the steps of the data flow monitoring method as described in any one of claims 10 to 11.