[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

CN110032879A - A kind of safety certification and log audit method and system of user behavior - Google Patents

A kind of safety certification and log audit method and system of user behavior Download PDF

Info

Publication number
CN110032879A
CN110032879A CN201810025474.XA CN201810025474A CN110032879A CN 110032879 A CN110032879 A CN 110032879A CN 201810025474 A CN201810025474 A CN 201810025474A CN 110032879 A CN110032879 A CN 110032879A
Authority
CN
China
Prior art keywords
hook
log audit
module
safety certification
user behavior
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810025474.XA
Other languages
Chinese (zh)
Other versions
CN110032879B (en
Inventor
李山峰
吴吉庆
马立克
马俊杰
刘涛
吴春光
申利飞
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Standard Software Co Ltd
Original Assignee
China Standard Software Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Standard Software Co Ltd filed Critical China Standard Software Co Ltd
Priority to CN201810025474.XA priority Critical patent/CN110032879B/en
Publication of CN110032879A publication Critical patent/CN110032879A/en
Application granted granted Critical
Publication of CN110032879B publication Critical patent/CN110032879B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/17Details of further file system functions
    • G06F16/1734Details of monitoring file system events, e.g. by the use of hooks, filter drivers, logs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Bioethics (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Data Mining & Analysis (AREA)
  • Debugging And Monitoring (AREA)
  • Storage Device Security (AREA)

Abstract

The present invention relates to the safety certifications of user behavior and log audit method and system, it creates before hook and after hook functional module using hook technology, safety certification and log audit are executed respectively to each application and development interface api request, greatly simplify program, keep function more modular, the coupling being added between module, while ensure that calling must all carry out safety certification and log audit every time, can fully ensure that the safety of system.

Description

A kind of safety certification and log audit method and system of user behavior
Technical field
The present invention relates to the safety certifications and log audit system of the design of project framework more particularly to a kind of user behavior System.
Background technique
Currently, whether enterprise or individual are put into many data on the net with the extensive application of network, produce therewith The problem of having given birth to network security.In order to ensure the safety of data, usually can all safety certification be carried out to the operation behavior of user To judge whether user has corresponding permission, if there are the access controls such as go beyond one's commission, while can also be carried out to the behavior of user Log audit, to check in the future.So the security authentication module of service platform and the realization of log audit module become more next It is more important, it should guarantee the performance for not influencing entirely to service, guarantee the simplicity realized again.
As shown in Figure 1, the safety certification and log audit method implementation flow chart of the user behavior for the prior art, lead to Normal service implementation is: first carrying out safety certification in the api interface of each request of user, then executes corresponding operation step Suddenly, this api whether successfully equal logs are ultimately produced.Such method has following defects that first, makes contents of program very redundancy, disobeys The simplicity of software is carried on the back;Second, safety certification and log audit do not have modularization, are unfavorable for later extension and maintenance.
Therefore, it is necessary to a kind of new safety certifications and log audit method.
Summary of the invention
To solve the shortcomings of the prior art, the present invention provides a kind of safety certification of user behavior and log audits Method includes the following steps:
Step S1: before hook and after hook are created using hook technology;
Step S2: safety certification is carried out to user behavior using before hook and is executed in api if safety certification passes through Hold, after hook is recycled to carry out log audit to user behavior;If safety certification does not pass through, after is directly utilized Hook carries out log audit to user behavior.
Wherein, in the step S2, before hook is by calling security authentication module to carry out safety certification, after Hook is by calling log audit module to carry out log audit.
Wherein, in the step S1, by calling encapsulation function pack func to call event functions event indirectly Func realizes the creation of before hook and after hook.
Wherein, in the step S1, function pack func is encapsulated by calling, login web function is executed, adjusts indirectly With event functions event func is called, to realize the creation of before hook and after hook.
Wherein, in the step S1, the creation form of before hook and after hook are as follows:
pack func(event func)
{
before hook func();
event func();
after hook func();
}。
Wherein, before hook and after the hook function of being created in the step S1 is mutually indepedent.
Invention additionally provides a kind of safety certification of user behavior and Log Audit Systems, comprising:
Before hook module, the api for receiving multiple users is requested, and carries out safety certification to it;
Multiple execution modules are connect with before hook module, for receiving the security certification result of before hook module, And execute api request;
After hook module is connect with multiple execution modules and before hook module, for requesting to carry out to multiple api Log audit simultaneously returns to auditing result.
Wherein, multiple api request, if passing through, is passed through and is executed after the safety certification of before hook module Module, which executes, carries out log audit by after hook module again, if not passing through, directly carries out day by after hook module Will audit.
Wherein, the before hook module and after hook module are based on the creation of hook technology.
Wherein, the before hook module includes security authentication module, by calling the safety in security authentication module Verification function completes safety certification, and the after hook module includes log audit module, by calling log audit module Interior log audit function completes log audit.
Wherein, the safety certification function and log audit function of the before hook module and after hook module Independently of each other.
The safety certification and log audit method and system of user behavior provided by the invention are created using hook technology Before hook and after hook functional module executes safety certification and day to each application and development interface api request respectively Will audit, greatly simplifies program, keeps function more modular, the coupling being added between module, while ensure that every Secondary calling must all carry out safety certification and log audit, can fully ensure that the safety of system.
Detailed description of the invention
Fig. 1: the safety certification and log audit method implementation flow chart of the user behavior of the prior art;
Fig. 2: the safety certification of user behavior of the invention and the implementation flow chart of log audit method;
Fig. 3: the safety certification and Log Audit System structural schematic diagram of user behavior of the invention.
Description of symbols
10 before hook modules
11 security authentication modules
20 execution modules
30 after hook modules
31 log audit modules.
Specific embodiment
In order to have further understanding to technical solution of the present invention and beneficial effect, it is described in detail with reference to the accompanying drawing Technical solution of the present invention and its beneficial effect of generation.
The inventor Di Mubainasili of WWW said when speaking of design principle, and " simplicity and modularization are soft projects Foundation stone;Distributed and fault-tolerance is the life of internet ".Therefore, it the present invention is based on identical theory, proposes based on module Change the safety certification and log audit method and system of the user behavior of design concept.
As shown in Fig. 2, for the safety certification of user behavior of the invention and the implementation flow chart of log audit method, including Following steps:
Step S1: using hook technology creation before hook(before Hook Function) and after hook(after Hook Function);
Step S2:before hook is by calling security authentication module to carry out safety certification to user behavior, if safety certification is logical It crosses, then executes api content, after hook is by calling log audit module to carry out log audit to user behavior;If safety Certification does not pass through, then after hook, which directly passes through, calls log audit module to carry out log audit to user behavior.
In the present invention, the creation of preceding Hook Function and rear Hook Function can be realized by way of encapsulation, such as define thing Part function event_func, preceding Hook Function before_hook_func, rear Hook Function after_hook_func encapsulate letter Number is pack_func:
pack_func(event_func)
{
before_hook_func();
Event_func();
after_hook_func();
}
As above, if necessary to execute login_web function, pack_func (login_web) can be called.
Event functions are called to realize by indirect form, i.e., first not instead of by way of calling directly in this way Encapsulation function is called, calls event functions indirectly by encapsulating function.Get, post, delete in web request as the well-known, Put request etc..
As shown in figure 3, for the safety certification and Log Audit System structural schematic diagram of user behavior provided by the invention, this Invent provide user behavior safety certification and Log Audit System include:
Before hook module 10 is created based on hook technology, and the api for receiving multiple users is requested, and is pacified to it Full certification;
Multiple execution modules 20 are connect with before hook module 10, and the safety for receiving before hook module 10 is recognized Card is as a result, and execute api request;
After hook module 30 is created also based on hook technology, is connected with multiple execution modules 20 and before hook module 10 It connects, for requesting to carry out log audit to multiple api and returning to auditing result.
When specific works, multiple api request is after the safety certification of before hook module 10, if passing through, It is executed by execution module 20 and log audit is carried out by after hook module 30 again, if not passing through, directly by after Hook module 30 carries out log audit.
In the present invention, the safety certification function of the before hook module 10 is by calling the safety being arranged inside to recognize It demonstrate,proves safety certification function provided by module 11 to complete, likewise, the log audit function of the after hook module 30 is logical Log audit function provided by the log audit module 31 called and be arranged inside is crossed to complete.
That is, being executed as long as there is api to call, it is necessary to first carry out safety certification, also, after hook in the present invention It is unrelated with the success or not of the calling of api and safety certification whether the calling of log audit module in module.In the present invention, Before hook module and after hook functions of modules are independent from each other, and are not influenced by other functions, entire method Implementation process is linear.
By taking the miniature framework bottle of web as an example, the present invention in, using hook technology carry out api request Authority Verification and Steps are as follows for the realization of log audit:
It 1, is URL/api/user/<userid:int>/ info definition routing function get_user_info;
2, writing Authority Verification function is check_auth;
3, by Authority Verification function check_auth by decorator@hook (' before_request') decoration;
4, log audit modularity function do_audit is write;
5, by log audit function do_auth by decorator@hook (' after_request') decoration.
Assuming that entire web services framework has been put up, then calling URL in web services is /api/user/1/info When request, service can first carry out the Authority Verification function check_auth that hook is before_request, if authenticated successfully, It will continue to execute get_user_info function, otherwise skip, finally execute the log audit letter that hook is after_request Number do_audit.
The safety certification and log audit method and system of user behavior provided by the invention are created using hook technology Before hook and after hook functional module executes safety certification and day to each application and development interface api request respectively Will audit, greatly simplifies program, keeps function more modular, the coupling being added between module, while ensure that every Secondary calling must all carry out safety certification and log audit, can fully ensure that the safety of system.
Although the present invention is illustrated using above-mentioned preferred embodiment, the protection model that however, it is not to limit the invention It encloses, anyone skilled in the art are not departing within the spirit and scope of the present invention, and opposite above-described embodiment carries out various changes It is dynamic still to belong to the range that the present invention is protected with modification, therefore protection scope of the present invention subjects to the definition of the claims.

Claims (11)

1. the safety certification and log audit method of a kind of user behavior, it is characterised in that include the following steps:
Step S1: before hook and after hook are created using hook technology;
Step S2: safety certification is carried out to user behavior using before hook and is executed in api if safety certification passes through Hold, after hook is recycled to carry out log audit to user behavior;If safety certification does not pass through, after is directly utilized Hook carries out log audit to user behavior.
2. the safety certification and log audit method of user behavior as described in claim 1, it is characterised in that: the step S2 In, before hook is by calling security authentication module to carry out safety certification, and after hook is by calling log audit module Carry out log audit.
3. the safety certification and log audit method of user behavior as described in claim 1, it is characterised in that: the step S1 In, by calling encapsulation function pack func to call event functions event func indirectly, realize before hook and after The creation of hook.
4. the safety certification and log audit method of user behavior as claimed in claim 3, it is characterised in that: the step S1 In, function pack func is encapsulated by calling, login web function is executed, calls event functions event indirectly Func, to realize the creation of before hook and after hook.
5. the safety certification and log audit method of user behavior as described in claim 1, it is characterised in that: the step S1 In, the creation form of before hook and after hook are as follows:
pack func(event func)
{
before hook func();
event func();
after hook func();
}。
6. the safety certification and log audit method of user behavior as described in claim 1, it is characterised in that: the step S1 Middle created before hook and after hook function is mutually indepedent.
7. the safety certification and Log Audit System of a kind of user behavior, characterized by comprising:
Before hook module, the api for receiving multiple users is requested, and carries out safety certification to it;
Multiple execution modules are connect with before hook module, for receiving the security certification result of before hook module, And execute api request;
After hook module is connect with multiple execution modules and before hook module, for requesting to carry out to multiple api Log audit simultaneously returns to auditing result.
8. the safety certification and Log Audit System of user behavior as claimed in claim 7, it is characterised in that: multiple api Request, if passing through, is executed by execution module again by after hook after the safety certification of before hook module Module carries out log audit, if not passing through, directly carries out log audit by after hook module.
9. the safety certification and Log Audit System of user behavior as claimed in claim 7, it is characterised in that: the before Hook module and after hook module are based on the creation of hook technology.
10. the safety certification and Log Audit System of user behavior as claimed in claim 7, it is characterised in that: described Before hook module includes security authentication module, by calling the safety certification function in security authentication module to complete safety Certification, the after hook module includes log audit module, by calling the log audit function in log audit module Complete log audit.
11. the safety certification and Log Audit System of user behavior as claimed in claim 7, it is characterised in that: described The safety certification function and log audit function of before hook module and after hook module are mutually indepedent.
CN201810025474.XA 2018-01-11 2018-01-11 User behavior security authentication and log audit method and system Active CN110032879B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810025474.XA CN110032879B (en) 2018-01-11 2018-01-11 User behavior security authentication and log audit method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810025474.XA CN110032879B (en) 2018-01-11 2018-01-11 User behavior security authentication and log audit method and system

Publications (2)

Publication Number Publication Date
CN110032879A true CN110032879A (en) 2019-07-19
CN110032879B CN110032879B (en) 2023-10-20

Family

ID=67234177

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810025474.XA Active CN110032879B (en) 2018-01-11 2018-01-11 User behavior security authentication and log audit method and system

Country Status (1)

Country Link
CN (1) CN110032879B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111274554A (en) * 2020-02-10 2020-06-12 广州虎牙科技有限公司 API calling method, device, equipment and medium of applet

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5754860A (en) * 1996-07-23 1998-05-19 Digital Equipment Corporation Method and apparatus for software testing using a differential testing technique to test compilers
US20020116642A1 (en) * 2000-07-10 2002-08-22 Joshi Vrinda S. Logging access system events
US20040039809A1 (en) * 2002-06-03 2004-02-26 Ranous Alexander Charles Network subscriber usage recording system
CN101763593A (en) * 2009-12-17 2010-06-30 中国电力科学研究院 Method and device for realizing audit log of system
CN104580233A (en) * 2015-01-16 2015-04-29 重庆邮电大学 Internet of Things smart home security gateway system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5754860A (en) * 1996-07-23 1998-05-19 Digital Equipment Corporation Method and apparatus for software testing using a differential testing technique to test compilers
US20020116642A1 (en) * 2000-07-10 2002-08-22 Joshi Vrinda S. Logging access system events
US20040039809A1 (en) * 2002-06-03 2004-02-26 Ranous Alexander Charles Network subscriber usage recording system
CN101763593A (en) * 2009-12-17 2010-06-30 中国电力科学研究院 Method and device for realizing audit log of system
CN104580233A (en) * 2015-01-16 2015-04-29 重庆邮电大学 Internet of Things smart home security gateway system

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
曲坤等: "基于LSM的安全审计机制研究与实现", 《计算机工程与设计》 *
曲坤等: "基于LSM的安全审计机制研究与实现", 《计算机工程与设计》, vol. 30, no. 12, 28 June 2009 (2009-06-28), pages 2882 - 2885 *
王振智;王开义;喻钢;: "AOP技术在农资信息管理平台中的应用", 农机化研究, no. 08 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111274554A (en) * 2020-02-10 2020-06-12 广州虎牙科技有限公司 API calling method, device, equipment and medium of applet

Also Published As

Publication number Publication date
CN110032879B (en) 2023-10-20

Similar Documents

Publication Publication Date Title
CN109361517A (en) A kind of virtualization cloud cipher machine system and its implementation based on cloud computing
Xu et al. An autonomic agent trust model for IoT systems
CN112311893B (en) Cross-region, business and system data service middleware and data verification method
CN106357724A (en) Uniformly integrated information management platform system
CN105872051A (en) Capability opening management and control service platform in government-enterprise cloud platform
CN112583887B (en) Data credible sharing method based on block chain
CN103227799A (en) Implementing method of unified user management and single sign-on platform based on multiple application systems
CN106650422A (en) System and method for using TrustZone technology to prevent leakage of sensitive data of third-party input method
CN101968745A (en) Development system and development method for application programs of mobile terminal
CN107343007A (en) Distributed file management method and system based on user identity and purview certification
CN101309139A (en) License authentication system
CN103036917B (en) The implementation method of client platform and client platform
CN104580211A (en) SOA architecture-based intrusive system
CN104580081A (en) Integrated SSO (single sign on) system
CN102480464B (en) With service calling system and the method that contextual information is injected in web session decoupling
CN105975333B (en) The method and device of application program operation control
CN110032879A (en) A kind of safety certification and log audit method and system of user behavior
CN111970162B (en) Heterogeneous GIS platform service central control system under super-integration framework
CN105681291B (en) A kind of realization multi-client uniform authentication method and system
CN109697351A (en) A kind of credible measurement system and method
CN109033809A (en) A kind of user&#39;s integrated system and method based on application role&#39;s trustship
CN111027076B (en) Safety isolated computer application system and design method thereof
CN102682240A (en) Method for controlling resources in large browser/server (BS) structured system
CN114189330A (en) Password service platform based on cloud architecture
CN107609070A (en) NDF data fusion platforms

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant