CN110032879B - User behavior security authentication and log audit method and system - Google Patents
User behavior security authentication and log audit method and system Download PDFInfo
- Publication number
- CN110032879B CN110032879B CN201810025474.XA CN201810025474A CN110032879B CN 110032879 B CN110032879 B CN 110032879B CN 201810025474 A CN201810025474 A CN 201810025474A CN 110032879 B CN110032879 B CN 110032879B
- Authority
- CN
- China
- Prior art keywords
- hook
- security authentication
- module
- log audit
- function
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/17—Details of further file system functions
- G06F16/1734—Details of monitoring file system events, e.g. by the use of hooks, filter drivers, logs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- General Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Bioethics (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Data Mining & Analysis (AREA)
- Debugging And Monitoring (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to a security authentication and log audit method and a system for user behaviors, which are characterized in that a hook technology is utilized to create a before hook and after hook function module, and the security authentication and log audit are respectively executed for each application development interface api request, so that the program is greatly simplified, the functions are more modularized, the coupling among the modules is added, the security authentication and log audit must be carried out for each call, and the security of the system can be fully ensured.
Description
Technical Field
The invention relates to the design of project architecture, in particular to a security authentication and log audit system for user behaviors.
Background
Currently, with the massive use of networks, enterprises and individuals put many materials on the networks, with the consequent problem of network security. In order to ensure the security of the data, the operation behaviors of the user are generally subjected to security authentication to judge whether the user has corresponding permission, whether access control such as override exists or not, and log audit is performed on the behaviors of the user so as to be convenient for viewing at a later date. Therefore, the realization of the security authentication module and the log audit module of the service platform becomes more and more important, and the performance of the whole service is not influenced and the simplicity of the realization is ensured.
As shown in fig. 1, a flowchart is implemented for a security authentication and log audit method of user behavior in the prior art, and a typical service implementation manner is as follows: and firstly carrying out security authentication in an api interface of each request of a user, then executing corresponding operation steps, and finally generating logs of whether the api is successful or not. This method has the following drawbacks: first, the program content is made redundant, against the simplicity of the software; second, security certification and log auditing are not modular, which is detrimental to future extension and maintenance.
Therefore, a new security authentication and log audit method is needed.
Disclosure of Invention
In order to solve the defects existing in the prior art, the invention provides a method for safety authentication and log audit of user behaviors, which comprises the following steps:
step S1: creating a before hook and an after hook by using a hook technology;
step S2: performing security authentication on the user behavior by using a before hook, if the security authentication is passed, executing api content, and performing log audit on the user behavior by using an after hook; if the security authentication is not passed, directly utilizing the after hook to carry out log audit on the user behavior.
In the step S2, the before hook performs security authentication by calling the security authentication module, and the after hook performs log audit by calling the log audit module.
In the step S1, the creation of the before hook and the after hook is achieved by indirectly calling the event function event func by calling the encapsulation function pack func.
In the step S1, the creation of the before hook and after hook is realized by calling the encapsulation function pack func, executing the logic web function, and indirectly calling the call event function event func.
In the step S1, the creation forms of the before hook and the after hook are as follows:
pack func(event func)
{
before hook func();
event func();
after hook func();
}。
wherein, the functions of the before hook and the after hook created in the step S1 are independent.
The invention further provides a system for safety certification and log audit of user behaviors, which comprises:
the before hook module is used for receiving api requests of a plurality of users and carrying out security authentication on the api requests;
the execution modules are connected with the before hook module and are used for receiving the security authentication result of the before hook module and executing the api request;
the after hook module is connected with the execution modules and the before hook module and is used for carrying out log audit on the api requests and returning an audit result.
After passing the security authentication of the before hook module, the plurality of api requests are executed by the after hook module to carry out log audit if passing the security authentication, and if not passing the security authentication, the after hook module directly carries out log audit.
Wherein the before hook module and the after hook module are both created based on the hook technology.
The method comprises the steps that a security authentication module is included in the before hook module, security authentication is completed by calling a security authentication function in the security authentication module, the after hook module includes a log audit module, and log audit is completed by calling a log audit function in the log audit module.
The security authentication function and the log audit function of the before hook module and the after hook module are mutually independent.
According to the security authentication and log audit method and system for the user behavior, the hook technology is utilized to create the functional modules of the before hook and the after hook, the security authentication and the log audit are respectively executed for each application development interface api request, the program is greatly simplified, the functions are more modularized, the coupling between the modules is added, the security authentication and the log audit are ensured to be carried out for each call, and the security of the system can be fully ensured.
Drawings
Fig. 1: the safety authentication and log audit method of the user behavior in the prior art realizes a flow chart;
fig. 2: the invention relates to a realization flow chart of a safety authentication and log audit method of user behaviors;
fig. 3: the invention relates to a security authentication and log audit system structure schematic diagram of user behavior.
Description of the reference numerals
10 Before hook module
11. Security authentication module
20. Execution module
30 after hook module
31. And a log audit module.
Detailed Description
In order to further understand the technical scheme and beneficial effects of the present invention, the technical scheme and beneficial effects thereof will be described in detail with reference to the accompanying drawings.
The inventors of the WWW, tim, bernas, have said that "simplicity and modularity are the foundation of software engineering" when referring to design principles; distributed and fault tolerant are life of the internet. Therefore, the invention provides a user behavior safety authentication and log audit method and system based on the modular design concept based on the same concept.
As shown in fig. 2, a flowchart for implementing the security authentication and log audit method of user behavior according to the present invention includes the following steps:
step S1: creating a before hook and an after hook using a hook technique;
step S2: the before hook carries out security authentication on the user behavior by calling a security authentication module, if the security authentication is passed, the api content is executed, and the after hook carries out log audit on the user behavior by calling a log audit module; if the security authentication is not passed, the after hook directly carries out log audit on the user behavior by calling a log audit module.
In the invention, the creation of the pre-hook function and the post-hook function can be realized in a packaged form, such as defining an event function event_func, a pre-hook function before_hook_func, a post-hook function after_hook_func, and the packaged function is pack_func:
pack_func(event_func)
{
before_hook_func();
Event_func();
after_hook_func();
}
as above, if a logic_web function needs to be executed, pack_func (logic_web) may be called.
The event function is called in an indirect mode instead of a direct calling mode, namely, the encapsulation function is called first, and the event function is called indirectly through the encapsulation function. Such as get, post, delete, put requests, etc., in a well-known web request.
As shown in fig. 3, a structural schematic diagram of a security authentication and log audit system for user behavior provided by the present invention includes:
the before hook module 10 is created based on a hook technology, and is used for receiving api requests of a plurality of users and carrying out security authentication on the api requests;
the execution modules 20 are connected with the before hook module 10 and are used for receiving the security authentication result of the before hook module 10 and executing the api request;
the after hook module 30 is also created based on the hook technology, and is connected with the plurality of execution modules 20 and the before hook module 10, and is used for performing log audit on a plurality of api requests and returning an audit result.
In a specific work process, after the security authentication of the before hook module 10 is passed, the plurality of api requests are executed by the execution module 20 and then subjected to log audit by the after hook module 30 if the requests pass, and if the requests do not pass, the log audit is directly performed by the after hook module 30.
In the present invention, the security authentication function of the before hook module 10 is completed by calling the security authentication function provided by the security authentication module 11 disposed therein, and similarly, the log audit function of the after hook module 30 is completed by calling the log audit function provided by the log audit module 31 disposed therein.
That is, in the present invention, as long as there is an api call execution, security authentication must be executed first, and whether the log audit module in the after hook module is called or not is irrelevant to the api call and whether the security authentication is successful or not. In the invention, the functions of the before hook module and the after hook module are mutually independent and are not influenced by other functions, and the implementation flow of the whole method is linear.
Taking a web micro architecture table as an example, in the invention, the implementation steps of performing authority verification and log audit of an api request by using a hook technology are as follows:
1. defining a routing function get_user_info for URL/api/user/< userid: int >/info;
2. writing a permission verification function as check_auth;
3. the rights verification function check_auth is decorated by a decorator@hook ('before_request');
4. writing a log audit module function do_audio;
5. the log audit function do_auth is decorated by a decorator @ hook ('after_request').
Assuming that the whole web service architecture is well established, when a request with URL of/api/user/1/info is called in the web service, the service firstly executes a permission verification function check_auth with hook of function_request, if authentication is successful, continues executing a get_user_info function, otherwise, skips, and finally executes a log audit function do_audio with hook of function of after_request.
According to the security authentication and log audit method and system for the user behavior, the hook technology is utilized to create the functional modules of the before hook and the after hook, the security authentication and the log audit are respectively executed for each application development interface api request, the program is greatly simplified, the functions are more modularized, the coupling between the modules is added, the security authentication and the log audit are ensured to be carried out for each call, and the security of the system can be fully ensured.
Although the present invention has been described with reference to the above preferred embodiments, it should be understood that the present invention is not limited to the above embodiments, and that various changes and modifications can be made herein without departing from the spirit and scope of the invention as defined by the appended claims.
Claims (4)
1. A security authentication and log audit system for user behavior is used for realizing the following security authentication and log audit methods:
step S1: creating a before hook and an after hook by using a hook technology;
step S2: performing security authentication on the user behavior by using a before hook, if the security authentication is passed, executing api content, and performing log audit on the user behavior by using an after hook; if the security authentication is not passed, directly utilizing the after hook to carry out log audit on the user behavior;
in the step S1, by calling the encapsulation function pack func, executing the logic web function, and indirectly calling the event function event func, the creation of the before hook and after hook is realized, and the created before hook and after hook functions are independent from each other; the creation forms of the before hook and after hook are:
pack func(event func)
{
before hook func();
event func();
after hook func();
};
the system comprises:
the before hook module is used for receiving api requests of a plurality of users and carrying out security authentication on the api requests;
the execution modules are connected with the before hook module and are used for receiving the security authentication result of the before hook module and executing the api request;
the after hook module is connected with the execution modules and the before hook module and is used for carrying out log audit on the api requests and returning an audit result;
after the plurality of api requests pass the security authentication of the before hook module, if the requests pass the security authentication of the before hook module, the requests are executed by the after hook module to carry out log audit, and if the requests do not pass the security authentication, the requests are directly carried out by the after hook module to carry out log audit.
2. The user behavior security authentication and log audit system according to claim 1 wherein: the before hook module and the after hook module are both created based on the hook technology.
3. The user behavior security authentication and log audit system according to claim 1 wherein: the before hook module comprises a security authentication module, the security authentication is completed by calling a security authentication function in the security authentication module, the after hook module comprises a log audit module, and the log audit is completed by calling a log audit function in the log audit module.
4. The user behavior security authentication and log audit system according to claim 1 wherein: the security authentication function and the log audit function of the before hook module and the after hook module are mutually independent.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810025474.XA CN110032879B (en) | 2018-01-11 | 2018-01-11 | User behavior security authentication and log audit method and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810025474.XA CN110032879B (en) | 2018-01-11 | 2018-01-11 | User behavior security authentication and log audit method and system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110032879A CN110032879A (en) | 2019-07-19 |
CN110032879B true CN110032879B (en) | 2023-10-20 |
Family
ID=67234177
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810025474.XA Active CN110032879B (en) | 2018-01-11 | 2018-01-11 | User behavior security authentication and log audit method and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110032879B (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111274554B (en) * | 2020-02-10 | 2023-03-21 | 广州虎牙科技有限公司 | API calling method, device, equipment and medium of applet |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5754860A (en) * | 1996-07-23 | 1998-05-19 | Digital Equipment Corporation | Method and apparatus for software testing using a differential testing technique to test compilers |
CN101763593A (en) * | 2009-12-17 | 2010-06-30 | 中国电力科学研究院 | Method and device for realizing audit log of system |
CN104580233A (en) * | 2015-01-16 | 2015-04-29 | 重庆邮电大学 | Internet of Things smart home security gateway system |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9038170B2 (en) * | 2000-07-10 | 2015-05-19 | Oracle International Corporation | Logging access system events |
US8463617B2 (en) * | 2002-06-03 | 2013-06-11 | Hewlett-Packard Development Company, L.P. | Network subscriber usage recording system |
-
2018
- 2018-01-11 CN CN201810025474.XA patent/CN110032879B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5754860A (en) * | 1996-07-23 | 1998-05-19 | Digital Equipment Corporation | Method and apparatus for software testing using a differential testing technique to test compilers |
CN101763593A (en) * | 2009-12-17 | 2010-06-30 | 中国电力科学研究院 | Method and device for realizing audit log of system |
CN104580233A (en) * | 2015-01-16 | 2015-04-29 | 重庆邮电大学 | Internet of Things smart home security gateway system |
Non-Patent Citations (2)
Title |
---|
AOP技术在农资信息管理平台中的应用;王振智;王开义;喻钢;;农机化研究(第08期);全文 * |
基于LSM的安全审计机制研究与实现;曲坤等;《计算机工程与设计》;20090628;第30卷(第12期);2882-2885,2918 * |
Also Published As
Publication number | Publication date |
---|---|
CN110032879A (en) | 2019-07-19 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN112583802B (en) | Data sharing platform system and equipment based on block chain and data sharing method | |
CN110622129B (en) | Method, system, and portal for accelerating aspects of data analysis application development and deployment using software containers | |
CN113114498B (en) | Architecture system of trusted block chain service platform and construction method thereof | |
Xu et al. | An autonomic agent trust model for IoT systems | |
CN112583887B (en) | Data credible sharing method based on block chain | |
CN105912389B (en) | The virtual machine (vm) migration system under mixing cloud environment is realized based on data virtualization | |
CN101930361B (en) | Method and system for providing online data storage service | |
CN102945337A (en) | On-line self-help management method and system of Subversion user password | |
CN110221949A (en) | Automate operation management method, apparatus, equipment and readable storage medium storing program for executing | |
Dai et al. | Automatic analysis of complex interactions in microservice systems | |
CN107196761B (en) | A kind of method of core function in protection application program | |
CN102480464B (en) | With service calling system and the method that contextual information is injected in web session decoupling | |
CN110032879B (en) | User behavior security authentication and log audit method and system | |
Ardagna et al. | A case for IoT security assurance | |
CN109474706B (en) | data security centralized service method and system | |
CN115378605A (en) | Data processing method and device based on block chain | |
CN101038637B (en) | Electronic document safety distribution controlling method based on task stream | |
CN111581673B (en) | SAP electronic signature method and system | |
CN113704101B (en) | Distributed system compatibility testing method based on gateway asynchronous replication | |
CN113407931A (en) | Password management method and device and input terminal | |
de Aguiar Monteiro et al. | A Survey on Microservice Security–Trends in Architecture Privacy and Standardization on Cloud Computing Environments | |
CN111241173A (en) | Method and system for data interaction among multiple systems | |
CN116566698B (en) | Secret-related data exchange method and system based on multistage cross-network isolation | |
CN114443623A (en) | Data migration task scheduling system facing hybrid cloud scene | |
Dong et al. | A Security and Trust Protection Framework for Open CNC Production Line |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |