[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

CN110032879B - User behavior security authentication and log audit method and system - Google Patents

User behavior security authentication and log audit method and system Download PDF

Info

Publication number
CN110032879B
CN110032879B CN201810025474.XA CN201810025474A CN110032879B CN 110032879 B CN110032879 B CN 110032879B CN 201810025474 A CN201810025474 A CN 201810025474A CN 110032879 B CN110032879 B CN 110032879B
Authority
CN
China
Prior art keywords
hook
security authentication
module
log audit
function
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810025474.XA
Other languages
Chinese (zh)
Other versions
CN110032879A (en
Inventor
李山峰
吴吉庆
马立克
马俊杰
刘涛
吴春光
申利飞
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Standard Software Co Ltd
Original Assignee
China Standard Software Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Standard Software Co Ltd filed Critical China Standard Software Co Ltd
Priority to CN201810025474.XA priority Critical patent/CN110032879B/en
Publication of CN110032879A publication Critical patent/CN110032879A/en
Application granted granted Critical
Publication of CN110032879B publication Critical patent/CN110032879B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/17Details of further file system functions
    • G06F16/1734Details of monitoring file system events, e.g. by the use of hooks, filter drivers, logs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Bioethics (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Data Mining & Analysis (AREA)
  • Debugging And Monitoring (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to a security authentication and log audit method and a system for user behaviors, which are characterized in that a hook technology is utilized to create a before hook and after hook function module, and the security authentication and log audit are respectively executed for each application development interface api request, so that the program is greatly simplified, the functions are more modularized, the coupling among the modules is added, the security authentication and log audit must be carried out for each call, and the security of the system can be fully ensured.

Description

User behavior security authentication and log audit method and system
Technical Field
The invention relates to the design of project architecture, in particular to a security authentication and log audit system for user behaviors.
Background
Currently, with the massive use of networks, enterprises and individuals put many materials on the networks, with the consequent problem of network security. In order to ensure the security of the data, the operation behaviors of the user are generally subjected to security authentication to judge whether the user has corresponding permission, whether access control such as override exists or not, and log audit is performed on the behaviors of the user so as to be convenient for viewing at a later date. Therefore, the realization of the security authentication module and the log audit module of the service platform becomes more and more important, and the performance of the whole service is not influenced and the simplicity of the realization is ensured.
As shown in fig. 1, a flowchart is implemented for a security authentication and log audit method of user behavior in the prior art, and a typical service implementation manner is as follows: and firstly carrying out security authentication in an api interface of each request of a user, then executing corresponding operation steps, and finally generating logs of whether the api is successful or not. This method has the following drawbacks: first, the program content is made redundant, against the simplicity of the software; second, security certification and log auditing are not modular, which is detrimental to future extension and maintenance.
Therefore, a new security authentication and log audit method is needed.
Disclosure of Invention
In order to solve the defects existing in the prior art, the invention provides a method for safety authentication and log audit of user behaviors, which comprises the following steps:
step S1: creating a before hook and an after hook by using a hook technology;
step S2: performing security authentication on the user behavior by using a before hook, if the security authentication is passed, executing api content, and performing log audit on the user behavior by using an after hook; if the security authentication is not passed, directly utilizing the after hook to carry out log audit on the user behavior.
In the step S2, the before hook performs security authentication by calling the security authentication module, and the after hook performs log audit by calling the log audit module.
In the step S1, the creation of the before hook and the after hook is achieved by indirectly calling the event function event func by calling the encapsulation function pack func.
In the step S1, the creation of the before hook and after hook is realized by calling the encapsulation function pack func, executing the logic web function, and indirectly calling the call event function event func.
In the step S1, the creation forms of the before hook and the after hook are as follows:
pack func(event func)
{
before hook func();
event func();
after hook func();
}。
wherein, the functions of the before hook and the after hook created in the step S1 are independent.
The invention further provides a system for safety certification and log audit of user behaviors, which comprises:
the before hook module is used for receiving api requests of a plurality of users and carrying out security authentication on the api requests;
the execution modules are connected with the before hook module and are used for receiving the security authentication result of the before hook module and executing the api request;
the after hook module is connected with the execution modules and the before hook module and is used for carrying out log audit on the api requests and returning an audit result.
After passing the security authentication of the before hook module, the plurality of api requests are executed by the after hook module to carry out log audit if passing the security authentication, and if not passing the security authentication, the after hook module directly carries out log audit.
Wherein the before hook module and the after hook module are both created based on the hook technology.
The method comprises the steps that a security authentication module is included in the before hook module, security authentication is completed by calling a security authentication function in the security authentication module, the after hook module includes a log audit module, and log audit is completed by calling a log audit function in the log audit module.
The security authentication function and the log audit function of the before hook module and the after hook module are mutually independent.
According to the security authentication and log audit method and system for the user behavior, the hook technology is utilized to create the functional modules of the before hook and the after hook, the security authentication and the log audit are respectively executed for each application development interface api request, the program is greatly simplified, the functions are more modularized, the coupling between the modules is added, the security authentication and the log audit are ensured to be carried out for each call, and the security of the system can be fully ensured.
Drawings
Fig. 1: the safety authentication and log audit method of the user behavior in the prior art realizes a flow chart;
fig. 2: the invention relates to a realization flow chart of a safety authentication and log audit method of user behaviors;
fig. 3: the invention relates to a security authentication and log audit system structure schematic diagram of user behavior.
Description of the reference numerals
10 Before hook module
11. Security authentication module
20. Execution module
30 after hook module
31. And a log audit module.
Detailed Description
In order to further understand the technical scheme and beneficial effects of the present invention, the technical scheme and beneficial effects thereof will be described in detail with reference to the accompanying drawings.
The inventors of the WWW, tim, bernas, have said that "simplicity and modularity are the foundation of software engineering" when referring to design principles; distributed and fault tolerant are life of the internet. Therefore, the invention provides a user behavior safety authentication and log audit method and system based on the modular design concept based on the same concept.
As shown in fig. 2, a flowchart for implementing the security authentication and log audit method of user behavior according to the present invention includes the following steps:
step S1: creating a before hook and an after hook using a hook technique;
step S2: the before hook carries out security authentication on the user behavior by calling a security authentication module, if the security authentication is passed, the api content is executed, and the after hook carries out log audit on the user behavior by calling a log audit module; if the security authentication is not passed, the after hook directly carries out log audit on the user behavior by calling a log audit module.
In the invention, the creation of the pre-hook function and the post-hook function can be realized in a packaged form, such as defining an event function event_func, a pre-hook function before_hook_func, a post-hook function after_hook_func, and the packaged function is pack_func:
pack_func(event_func)
{
before_hook_func();
Event_func();
after_hook_func();
}
as above, if a logic_web function needs to be executed, pack_func (logic_web) may be called.
The event function is called in an indirect mode instead of a direct calling mode, namely, the encapsulation function is called first, and the event function is called indirectly through the encapsulation function. Such as get, post, delete, put requests, etc., in a well-known web request.
As shown in fig. 3, a structural schematic diagram of a security authentication and log audit system for user behavior provided by the present invention includes:
the before hook module 10 is created based on a hook technology, and is used for receiving api requests of a plurality of users and carrying out security authentication on the api requests;
the execution modules 20 are connected with the before hook module 10 and are used for receiving the security authentication result of the before hook module 10 and executing the api request;
the after hook module 30 is also created based on the hook technology, and is connected with the plurality of execution modules 20 and the before hook module 10, and is used for performing log audit on a plurality of api requests and returning an audit result.
In a specific work process, after the security authentication of the before hook module 10 is passed, the plurality of api requests are executed by the execution module 20 and then subjected to log audit by the after hook module 30 if the requests pass, and if the requests do not pass, the log audit is directly performed by the after hook module 30.
In the present invention, the security authentication function of the before hook module 10 is completed by calling the security authentication function provided by the security authentication module 11 disposed therein, and similarly, the log audit function of the after hook module 30 is completed by calling the log audit function provided by the log audit module 31 disposed therein.
That is, in the present invention, as long as there is an api call execution, security authentication must be executed first, and whether the log audit module in the after hook module is called or not is irrelevant to the api call and whether the security authentication is successful or not. In the invention, the functions of the before hook module and the after hook module are mutually independent and are not influenced by other functions, and the implementation flow of the whole method is linear.
Taking a web micro architecture table as an example, in the invention, the implementation steps of performing authority verification and log audit of an api request by using a hook technology are as follows:
1. defining a routing function get_user_info for URL/api/user/< userid: int >/info;
2. writing a permission verification function as check_auth;
3. the rights verification function check_auth is decorated by a decorator@hook ('before_request');
4. writing a log audit module function do_audio;
5. the log audit function do_auth is decorated by a decorator @ hook ('after_request').
Assuming that the whole web service architecture is well established, when a request with URL of/api/user/1/info is called in the web service, the service firstly executes a permission verification function check_auth with hook of function_request, if authentication is successful, continues executing a get_user_info function, otherwise, skips, and finally executes a log audit function do_audio with hook of function of after_request.
According to the security authentication and log audit method and system for the user behavior, the hook technology is utilized to create the functional modules of the before hook and the after hook, the security authentication and the log audit are respectively executed for each application development interface api request, the program is greatly simplified, the functions are more modularized, the coupling between the modules is added, the security authentication and the log audit are ensured to be carried out for each call, and the security of the system can be fully ensured.
Although the present invention has been described with reference to the above preferred embodiments, it should be understood that the present invention is not limited to the above embodiments, and that various changes and modifications can be made herein without departing from the spirit and scope of the invention as defined by the appended claims.

Claims (4)

1. A security authentication and log audit system for user behavior is used for realizing the following security authentication and log audit methods:
step S1: creating a before hook and an after hook by using a hook technology;
step S2: performing security authentication on the user behavior by using a before hook, if the security authentication is passed, executing api content, and performing log audit on the user behavior by using an after hook; if the security authentication is not passed, directly utilizing the after hook to carry out log audit on the user behavior;
in the step S1, by calling the encapsulation function pack func, executing the logic web function, and indirectly calling the event function event func, the creation of the before hook and after hook is realized, and the created before hook and after hook functions are independent from each other; the creation forms of the before hook and after hook are:
pack func(event func)
{
before hook func();
event func();
after hook func();
};
the system comprises:
the before hook module is used for receiving api requests of a plurality of users and carrying out security authentication on the api requests;
the execution modules are connected with the before hook module and are used for receiving the security authentication result of the before hook module and executing the api request;
the after hook module is connected with the execution modules and the before hook module and is used for carrying out log audit on the api requests and returning an audit result;
after the plurality of api requests pass the security authentication of the before hook module, if the requests pass the security authentication of the before hook module, the requests are executed by the after hook module to carry out log audit, and if the requests do not pass the security authentication, the requests are directly carried out by the after hook module to carry out log audit.
2. The user behavior security authentication and log audit system according to claim 1 wherein: the before hook module and the after hook module are both created based on the hook technology.
3. The user behavior security authentication and log audit system according to claim 1 wherein: the before hook module comprises a security authentication module, the security authentication is completed by calling a security authentication function in the security authentication module, the after hook module comprises a log audit module, and the log audit is completed by calling a log audit function in the log audit module.
4. The user behavior security authentication and log audit system according to claim 1 wherein: the security authentication function and the log audit function of the before hook module and the after hook module are mutually independent.
CN201810025474.XA 2018-01-11 2018-01-11 User behavior security authentication and log audit method and system Active CN110032879B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810025474.XA CN110032879B (en) 2018-01-11 2018-01-11 User behavior security authentication and log audit method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810025474.XA CN110032879B (en) 2018-01-11 2018-01-11 User behavior security authentication and log audit method and system

Publications (2)

Publication Number Publication Date
CN110032879A CN110032879A (en) 2019-07-19
CN110032879B true CN110032879B (en) 2023-10-20

Family

ID=67234177

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810025474.XA Active CN110032879B (en) 2018-01-11 2018-01-11 User behavior security authentication and log audit method and system

Country Status (1)

Country Link
CN (1) CN110032879B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111274554B (en) * 2020-02-10 2023-03-21 广州虎牙科技有限公司 API calling method, device, equipment and medium of applet

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5754860A (en) * 1996-07-23 1998-05-19 Digital Equipment Corporation Method and apparatus for software testing using a differential testing technique to test compilers
CN101763593A (en) * 2009-12-17 2010-06-30 中国电力科学研究院 Method and device for realizing audit log of system
CN104580233A (en) * 2015-01-16 2015-04-29 重庆邮电大学 Internet of Things smart home security gateway system

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9038170B2 (en) * 2000-07-10 2015-05-19 Oracle International Corporation Logging access system events
US8463617B2 (en) * 2002-06-03 2013-06-11 Hewlett-Packard Development Company, L.P. Network subscriber usage recording system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5754860A (en) * 1996-07-23 1998-05-19 Digital Equipment Corporation Method and apparatus for software testing using a differential testing technique to test compilers
CN101763593A (en) * 2009-12-17 2010-06-30 中国电力科学研究院 Method and device for realizing audit log of system
CN104580233A (en) * 2015-01-16 2015-04-29 重庆邮电大学 Internet of Things smart home security gateway system

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
AOP技术在农资信息管理平台中的应用;王振智;王开义;喻钢;;农机化研究(第08期);全文 *
基于LSM的安全审计机制研究与实现;曲坤等;《计算机工程与设计》;20090628;第30卷(第12期);2882-2885,2918 *

Also Published As

Publication number Publication date
CN110032879A (en) 2019-07-19

Similar Documents

Publication Publication Date Title
CN112583802B (en) Data sharing platform system and equipment based on block chain and data sharing method
CN110622129B (en) Method, system, and portal for accelerating aspects of data analysis application development and deployment using software containers
CN113114498B (en) Architecture system of trusted block chain service platform and construction method thereof
Xu et al. An autonomic agent trust model for IoT systems
CN112583887B (en) Data credible sharing method based on block chain
CN105912389B (en) The virtual machine (vm) migration system under mixing cloud environment is realized based on data virtualization
CN101930361B (en) Method and system for providing online data storage service
CN102945337A (en) On-line self-help management method and system of Subversion user password
CN110221949A (en) Automate operation management method, apparatus, equipment and readable storage medium storing program for executing
Dai et al. Automatic analysis of complex interactions in microservice systems
CN107196761B (en) A kind of method of core function in protection application program
CN102480464B (en) With service calling system and the method that contextual information is injected in web session decoupling
CN110032879B (en) User behavior security authentication and log audit method and system
Ardagna et al. A case for IoT security assurance
CN109474706B (en) data security centralized service method and system
CN115378605A (en) Data processing method and device based on block chain
CN101038637B (en) Electronic document safety distribution controlling method based on task stream
CN111581673B (en) SAP electronic signature method and system
CN113704101B (en) Distributed system compatibility testing method based on gateway asynchronous replication
CN113407931A (en) Password management method and device and input terminal
de Aguiar Monteiro et al. A Survey on Microservice Security–Trends in Architecture Privacy and Standardization on Cloud Computing Environments
CN111241173A (en) Method and system for data interaction among multiple systems
CN116566698B (en) Secret-related data exchange method and system based on multistage cross-network isolation
CN114443623A (en) Data migration task scheduling system facing hybrid cloud scene
Dong et al. A Security and Trust Protection Framework for Open CNC Production Line

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant