143 results about "Information systems security" patented technology

The invention provides an access control method and system based on block chain technology. The block chain technology is combined with attribute-based access control in the method, and the method comprises the following steps: adding an object in a chain, binding a judgment process of attribute and strategy on all block chain nodes with reference to the strategy. The access authorization is converted from a centralized manner into a distributed manner, the consistency check of the judgment results in the whole network is achieved by using a consensus mechanism of the block chain, and the authorized operations for accessing the recorded transactions are permanently recorded on the block chain. The method has the advantages of anti-single point failure, flexible authorization mode, accurateaccess boundary, and record auditability. The access control method and system provided by the invention are applicable to operating environments such as enterprises and governments that have the need of data privacy protection and realize multi-branch cooperation work based on a block chain platform, the access permissions of users in the system can be dynamically and scalably managed, fine-grained permission management is achieved for the strategy and the attribute, and the access control method and system are of important practical significance for protecting the security of information systems in a distributed network environment.

The invention discloses a method for evaluating operation quality of information systems. The method comprises the steps of firstly, constructing an evaluation index system for the operation quality of information systems; secondly, using an analytic hierarchy process to evaluate the operation quality of the qualitative information system and calculate the subjective weight of evaluation indexes, using an entropy weight method to evaluate the operation quality of the quantitative information system and calculate the objective weight of evaluation indexes, and synthesizing the subjective weight of evaluation indexes and the objective weight of evaluation indexes to calculate the combined weight of all evaluation indexes; and finally, calculating evaluative values of all evaluation objects according to the combined weight, and conducting evaluation analyses on evaluative values of all evaluation objects. According to the method, the entropy weight method and the analytic hierarchy process are combined to evaluate the operation quality of information systems, the potential problems in operation of information systems are found out, the operation guaranteeing capability of information systems is improved, and the operation and maintenance level of information systems is evaluated accurately and objectively, so that the safe, high-efficiency and economical operation of information systems is effectively guided.

Systems and methods for an information system security infrastructure are described. One embodiment of the present invention comprises global Internet-scale defense infrastructure, referred to as the Intrusion Detection Force (IDF). The IDF comprises a virtual infrastructure implemented on top of an existing network, such as the Internet. The IDF enables secure information sharing and intelligent data analysis and response. The node (e.g. 102 of FIG. 1) is the most primitive entity in the IDF architecture, and may be a switch, router, server, or workstation. The IDF may be implemented in small networks of computers or may be utilized by millions of hosts throughout the Internet, spanning different organizations, countries, and continents.

The invention discloses a system proceed safe test for computer BIOS firmware and method, which comprises the following steps: initializing; proceeding BIOS sampling; analyzing BIOS image file; scanning various hidden dangers of BIOS; measuring completeness integrity of BIOS code; outputting the testing effect; proceeding safe repair for BIOS. This invention can decrease, reduce and remove safety loophole and hidden danger of computer BIOS, which provides reliable terminal safety prevention and overall protection for computer and network.

The invention relates to a terminal user-based database fine-grained access control method, and belongs to the technical field of database safety protection. According to the method, legal terminal users are identified to stop illegal access users; and meanwhile, fine-grained access control rules are loaded to database access request sentences initiated by the terminal users so as to achieve fine-grained access request control ability for the terminal users. Through the access authority control realized by the method, identity authentication can be carried out on the terminal users, and column-level database fine-grained access control can be carried out on the terminal users without encrypting and decrypting the data, so that the database protection ability is effectively strengthened and the information system safety is maintained.

The invention discloses a security posture sensing system and a security posture sensing method for an intelligent sensing system of the Great Wall of the Ming dynasty. The intelligent sensing system of the Great Wall of the Ming dynasty comprises a posture data collection module, a posture sensing module, an alarm module and a posture display module. The functions of collecting posture data, sensing system operating postures, sensing system security postures, sensing system comprehensive postures, warning and pre-warning system threats, displaying operating postures, displaying security postures and displaying comprehensive postures are provided. The security posture sensing system provided by the invention supports an application mode of the intelligent sensing system of the Great Wall of the Ming dynasty. The system solves the problem that a system manager and a user worry about security of an information system, ensures operating security and stability of the system, improves guarantee capability of the system, and avoids the problem that the Great Wall site cannot be efficiently protected when the system is failed to operate.

Systems and methods for securing or encrypting data or other information arising from a user's interaction with software and/or hardware, resulting in transformation of original data into ciphertext. Generally, the ciphertext is generated using context-based keys that depend on the environment in which the original data originated and/or was accessed. The ciphertext can be stored in a user's storage device or in an enterprise database (e.g., at-rest encryption) or shared with other users (e.g., cryptographic communication). The system generally allows for secure federation across organizations, including mechanisms to ensure that the system itself and any other actor with pervasive access to the network cannot compromise the confidentially of the protected data.

The invention discloses a threat detection and alert method and system based on big data analysis. The system comprises an alert aggregation assembly, a scene extraction assembly, a study and detection assembly, a prediction assembly and a new attack strategy digging assembly. According to the threat detection and alert method and system, the big data technology is adopted to predict and alert network attacks to government and enterprise information systems in real time, thereby greatly covering the shortage of the existing information security alert analysis technology on one hand; and on the other hand, false alerts generated by information security equipment such as an intrusion detection system can be identified and unknown malicious attacks can be analyzed, and therefore, the accuracy and the credibility of the alerts can be improved and the security risks of the information systems can be sensed.

The invention relates to the field of information securitygrade protection, and aims at providing a grade-protection-oriented information system security compliance check method. The grade-protection-oriented information system security compliance check method comprises the steps that a check index library is built, a check task or a check plan is defined, a check object is scanned, a check result is guided in, a scanning result is decoded, a scanning result code is decoded, the scanning result is judged, a judgment result is graded, and a grade protection compliance report is generated. According to the method, information system security grade protection check work is objective, standard and fair, and the difficulty and complexity of the information security grade protection check work can be greatly reduced so that the efficiency of the information security grade protection check work can be greatly improved.

The invention discloses an internal threat real-time detection method based on an agent, belongs to the technical field of information system security and aims at ensuring the internal network data security through adoption of a detection assembly based on an agent technology. The internal threat real-time detection method based on the agents comprises the specific steps that a client agent program is installed, before a user accesses service data on a database server host, the agent program judges an identity and authority of the user, and only the user passing through authentication can access data; in a process of processing licensed service data by the user, the agent program monitors behaviors of the user in real time and records the behaviors of the user in a log file; and after the user finishes processing the licensed service data, the agent program calls a corresponding signing mechanism according to a demand of the user to sign a part processed the user, so the modification of the user for the service data has non-repudiation.

The invention relates to the field of network information security risk assessment and discloses a security policy level joint modeling method based on a consultative objective risk analysis system (CORAS)-Petri. Aimed at a vulnerable spot and defect of a CORAS framework and improving of the CORAS framework, and based on unified modeling language modeling, a Petri net describing network or information system dynamic behavior is introduced, a risk assessment method based on an analytic hierarchy process (AHP) and fuzzy comprehensive evaluation risk assessment method is introduced in a risk computing method of the CORAS framework to compute the risk, and the security policy level joint modeling method can not only reduce working amount of estimation and improves estimation efficiency, but also can refer to previous estimation conclusion, strengthens accuracy and effectiveness of estimation, and therefore improves acquaintance of information system security risk. People can take effectively security protection measures to ensure security of an information system.

The invention discloses a method of a situation awareness technology for a smart city oriented cross-city security service platform. A situation awareness system of the security service platform of the smart city comprises a security situation analysis database, a security threat active discovery and detection subsystem, a network security incident correlation analysis and early warning subsystem, a network security index calculation subsystem and a network security situation display subsystem. Security threat detection, condition monitoring, security situation awareness, trend prediction and other security services are provided. The security situation awareness system disclosed by the invention supports a nationwide cross-city platform application mode; the worry of a city manager and citizens about information system security is solved, information security is guaranteed, and information leakage is prevented; the potential safety hazard generated by inconsistent information security protection mechanism levels of various systems is reduced; The fund contradiction of security guarantee system construction is relieved, and the reconstruction and the resource waste caused by the fact that each city establishes an own information security guarantee system are avoided.

The invention discloses a power grid information system fault positioning system and method based on a bidirectional deep neural network. The power grid information system fault positioning system comprises a fault monitoring module, an inference machine, a database and a deep learning module. The method includes; Performing deep neural network forward and reverse training on a fault tree analysisresult; and obtaining a corresponding relation between the fault characteristics and the fault positions, storing the corresponding relation in an expert knowledge base, carrying out power grid information system fault monitoring, writing the fault characteristics obtained according to monitoring data into a characteristic database, and performing reasoning to obtain a fault positioning result according to the expert knowledge base and the fault characteristics. The problem that power grid information system fault positioning is difficult can be effectively solved; The problems of low positioning speed and inaccurate positioning are solved, so that the system can give an alarm at the first time when a fault occurs, intelligent fault positioning and intelligent processing functions of theinformation system can be realized in combination with the fault self-processing system, the operation and maintenance efficiency of the power grid information system can be further improved, and safeand stable operation of the information system is guaranteed.

The invention discloses an information system security risk assessment method. The method includes the steps of constructing a threatening behavior model bank, matching calling behaviors recorded in an information system with threatening behaviors in the threatening behavior model bank to obtain decision values of the matched calling behaviors, determining weighted values of the threatening behaviors according to the decision values of the matched calling behaviors, and enabling the weighted values of the threatening behaviors to be combined with a vulnerability weighted value and a remedial measure weighted value to obtain a risk grade. The invention further discloses an information system security risk assessment device. Through the scheme of the information system security risk assessment method and device, security risks of the information system can be measured in multi-dimensional mode, the defects of existing risk evaluation quantification are greatly made up for, the accuracy and credibility of threat evaluation are improved, and the core problem of risk quantification of the information system can be solved; consequently, users can conveniently and objectively know the condition of running risks of the information system, and the risks of the information system can be perceived.

The invention, which belongs to the technical field of private cloud maintenance, provides a security operation and maintenance method and apparatus of a private cloud platform information system. Themethod comprises: an access request to a private cloud by a user terminal through a firewall virtual private network (VPN) is obtained; a VPN account password inputted by the user terminal is authenticated; if authentication is done successfully, connection between the user terminal and an operation and maintenance audit system is established by using the access control function of the firewall;identity authentication is carried out on an account number, inputted by the user terminal, of the operation and maintenance audit system; and if authentication is done successfully, the user terminalis authorized. Therefore, the authentication, authorization, and auditing functions of the operation and maintenance operation of the user are realized; and a safety problem that the information system is likely to be exposed in a public network is solved.

The invention provides a closed loop type information system security class assessment tool, which is characterized by comprising an assessment control module and an assessment tool module; the assessment tool module is provided with an assessment driving interface and a result collecting interface, and is connected with an information system to be assessed through the assessment driving interface and the result collecting interface; and the assessment tool module adopts a double-interface design of the assessment driving interface and the result collecting interface, effectively overcomes the limitation in the aspect of result collection of the prior tool system, not only realizes a closed loop working mode, but also is compatible with a familiar single-link direct connection working mode to support class assessment for a complicated information system, promotes the automation and standardization of information system security class assessment, and achieves the aim of the invention.

The invention belongs to the technical field of improvement of the reliability of a residual current protector, and in particular relates to a residual current detection circuit based on a signal injection mode and an intelligent self-checking method for the residual current detection circuit. The intelligent self-checking method comprises the following steps: adding a winding to a current transformer for detecting a residual circuit, and adding a self-checking circuit which is controlled through an MCU control module. The intelligent self-checking method has the advantages that 1 whether a current induction coil is damaged or not is detected; 2 the self-checking is relatively safe and reliable, and tripping operation or blackout is not needed in the self-checking of residual current; 3 the method is relatively safe; and 4 related standards and specifications of information system security levels can be met.

The invention discloses a deep learning differential privacy protection method, and belongs to the technical field of information system security. The invention provides a novel deep learning differential privacy protection model. A WGAN is adopted to generate an image result for the data subjected to model privacy protection processing; a result closest to a real image is selected from the generated images, the similarity between the generated result and the original image is compared, a difference value is calculated for threshold comparison, privacy parameters in the model gradient are fedback and adjusted under the similarity threshold limiting condition, and therefore a certain promotion effect is provided for application of differential privacy in the fields of deep learning and thelike.

Said invention discloses software behavioural abnormality detection and protecting means. It contains obtaining one software behaviour and address attribute and establishing characteristic of correspondence data integration; using said established characteristic data integration detecting and protection software abnormal behavior, wherein characteristic data integration having virtual space address attribute. Said invented method can restrict software behaviour track without error, capable of raising detecting accuracy, greatly raising identifying efficiency and convenient execution. It can independently use and conjunctively use with other data, for example short sequence, status attribute, and resource attribute. Said invention can realize real time detecting with controlling to application program behaviour, capable of being used in main unit information system safety protection and network information system invasion protection etc field.

The present invention provides a safety development middleware for electric power mobile polling terminal and a safety control method. The middleware comprises a safety parameter collection unit, a safety strategic management unit and a basic safety service unit. The three units employ a standard TCP/IP protocol for communication; the safety parameter collection unit is configured to collect basic information of the polling terminal hardware and the operation environment thereof; the safety strategic management unit is configured to perform communication with a superior polling terminal management center to obtain a safety control strategy; and the basic safety service unit is configured to shield the distinction between the polling terminal hardware with different types and the distinction between different types of operation systems of the polling terminal to provide basic safety service. The safety development middleware for electric power mobile polling terminal and the safety control method provide a uniform safety development interface for the electric power polling terminal to realize the remote safety control of the electric power polling device and allow the development of the electric power polling business not to reduce the original information system safety protection intensity.

In allusion to the disadvantages that the conventional workflow node transfer efficiency is low, the expansibility is not high, etc., the present invention introduces a method of automatically judging a workflow transfer node. According to the method, the system administrators can change the processing rules of a business by setting the processing flow and approval condition of the business, and arrange different persons to approve and operate, so that the information security of a company can be guaranteed, and the general manager can grasp the operation and development states of an enterprise overall and also can empower the subordinates, so that the subordinates can decide freely within a certain range, the master consciousness of staff is brought into play fully, and the company identification sense and sense of belonging of the staff are increased.