CN111950040A - Environment sensing method and device of terminal equipment, computer equipment and storage medium - Google Patents
Environment sensing method and device of terminal equipment, computer equipment and storage medium Download PDFInfo
- Publication number
- CN111950040A CN111950040A CN201910406098.3A CN201910406098A CN111950040A CN 111950040 A CN111950040 A CN 111950040A CN 201910406098 A CN201910406098 A CN 201910406098A CN 111950040 A CN111950040 A CN 111950040A
- Authority
- CN
- China
- Prior art keywords
- item
- environment
- perception
- sensing
- items
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 41
- 230000008447 perception Effects 0.000 claims abstract description 108
- 230000007613 environmental effect Effects 0.000 claims abstract description 8
- 230000003862 health status Effects 0.000 claims description 12
- 238000004590 computer program Methods 0.000 claims description 8
- 230000002159 abnormal effect Effects 0.000 claims description 7
- 230000036541 health Effects 0.000 claims description 5
- 230000006870 function Effects 0.000 description 6
- 241000700605 Viruses Species 0.000 description 5
- 238000001514 detection method Methods 0.000 description 5
- 230000008569 process Effects 0.000 description 5
- 230000001960 triggered effect Effects 0.000 description 4
- 238000010586 diagram Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000000977 initiatory effect Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/73—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by creating or determining hardware identification, e.g. serial numbers
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Mathematical Physics (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention provides an environment sensing method and an environment sensing device of terminal equipment, wherein the method comprises the following steps: responding to an environment perception command, acquiring equipment identification information of terminal equipment, wherein the equipment identification information is generated based on a hardware identification number and a trusted private key of the terminal equipment and is used for uniquely identifying the terminal equipment; acquiring a preset perception strategy, and perceiving the environmental information of the terminal equipment based on the preset perception strategy; the environment information is used for representing the safety state of an environment sensing item related to the terminal equipment; and scoring the terminal equipment according to the environment information, and sending the score and the equipment identification information to a server.
Description
Technical Field
The present invention relates to the field of security sensing technologies, and in particular, to a method and an apparatus for sensing an environment of a terminal device, a computer device, and a storage medium.
Background
The computer terminal is composed of hardware, an operating system, application software and the like, serves as an infrastructure for information storage, transmission and application processing and a key node for connecting a network, becomes an important support platform for working links of daily production, office work and the like of a large number of users, and potential safety hazards of the computer terminal become one of the greatest network safety threats. Most of the existing computer security detection software only aims at defending viruses and bugs, has single detection function and cannot reflect the overall performance of a computer terminal. For example, although some computer terminals do not have viruses and bugs, the account passwords of the computer terminals are too simple, and the hidden danger of being attacked exists; or the website stored in the browser of the terminal is too messy and lacks the awareness of safe internet surfing; or the user of the computer terminal leaves the seat for a long time without adopting a screen protection strategy, which easily causes the information leakage problem of a terminal manufacturer. In the above situation, the computer terminal is still not secure enough, but the existing security detection software cannot detect the computer terminal. Therefore, how to provide a more flexible and reliable computer terminal detection technology is a technical problem that those skilled in the art need to solve.
Disclosure of Invention
The invention aims to provide a method and a device for sensing the environment of terminal equipment, computer equipment and a storage medium, which are used for solving the defects in the prior art.
In order to achieve the above object, the present invention provides a method for sensing an environment of a terminal device, including the following steps:
responding to an environment perception command, acquiring equipment identification information of terminal equipment, wherein the equipment identification information is generated based on a hardware identification number and a trusted private key of the terminal equipment and is used for uniquely identifying the terminal equipment;
acquiring a preset perception strategy, and perceiving the environmental information of the terminal equipment based on the preset perception strategy; the environment information is used for representing the safety state of an environment sensing item related to the terminal equipment;
and scoring the terminal equipment according to the environment information, and sending the score and the equipment identification information to a server. According to the environment sensing method of the terminal equipment provided by the invention, the step of acquiring the preset sensing strategy and sensing the environment information of the terminal equipment based on the sensing strategy comprises the following steps:
acquiring an environment perception item of the terminal equipment, wherein the environment perception item is preset based on a configuration template;
judging whether the environment perception items comprise third-party perception items or not, if so, acquiring the security state of the third-party perception items from a third-party perception system;
and judging whether the environment perception items comprise local perception items, if so, scanning the local perception items to acquire the security states of the local perception items.
According to the environment sensing method of the terminal device provided by the invention, the step of acquiring the security state of the third-party sensing item from the third-party sensing system comprises the following steps:
calling the third-party system through an interface, and inquiring the security state and the perception time of the third-party perception item stored in the third-party system;
when the sensing time exceeds a first threshold value, sensing the latest safety state of the third-party sensing item again by using the third-party system;
and acquiring the latest security state of the third-party perception project.
According to the environment sensing method of the terminal device provided by the invention, the step of judging whether the environment sensing item contains a local sensing item comprises the following steps:
judging whether any one of the following contents is included in the environment perception item:
system safety items, system application items, health state items and physical state items;
wherein the system security item refers to an item related to vulnerability configuration existing on an operating system of the terminal equipment; the system application items refer to items related to software, services, a registry and USBKEY on the terminal equipment; the health status items refer to items related to a browser, a printer configuration and a disk; the physical state item refers to an item related to an actual physical environment of the terminal device.
According to the environment sensing method of the terminal device provided by the invention, after acquiring a preset sensing strategy and sensing the environment information of the terminal device based on the preset sensing strategy, the method further comprises the following steps:
and processing the perception item with the abnormal safety state.
In order to achieve the above object, the present invention further provides an environment sensing apparatus for a terminal device, including:
the identification information acquisition module is suitable for responding to an environment perception command and acquiring equipment identification information of the terminal equipment, and the equipment identification information is generated based on a hardware identification number and a credible private key of the terminal equipment and is used for uniquely identifying the terminal equipment;
the environment information acquisition module is suitable for acquiring a preset sensing strategy and sensing the environment information of the terminal equipment based on the preset sensing strategy; the environment information is used for representing the safety state of an environment sensing item related to the terminal equipment;
and the scoring module is suitable for scoring the terminal equipment according to the environmental information and sending the score and the equipment identification information to a server. The environment sensing device of the terminal equipment provided by the invention comprises an environment information acquisition module and a control module, wherein the environment information acquisition module comprises:
the item acquisition submodule is suitable for acquiring an environment perception item of the terminal equipment, and the environment perception item is preset based on a configuration template;
the third-party item acquisition submodule is suitable for judging whether the environment perception items contain third-party perception items or not, and if yes, acquiring the safety state of the third-party perception items from a third-party perception system;
and the local item acquisition submodule is suitable for judging whether the environment perception item contains a local perception item, and if so, scanning the local perception item to acquire the security state of the local perception item.
According to the environment sensing apparatus of the terminal device provided by the present invention, the local item acquisition sub-module includes:
a system security obtaining unit, adapted to obtain a security state of a system security item, where the system security item is an item related to vulnerability configuration existing on an operating system of the terminal device;
the system application acquisition unit is suitable for acquiring the safety state of a system application project, wherein the system application project refers to projects related to software, services, a registry and USBKEY on the terminal equipment;
a health status acquisition unit adapted to acquire a security status of a health status item, the health status item referring to items related to a browser, a printer configuration, and a disk;
and the physical state acquisition unit is suitable for acquiring the safety state of a physical state item, wherein the physical state item refers to an item related to the actual physical environment of the terminal equipment.
To achieve the above object, the present invention further provides a computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the steps of the above method when executing the computer program.
To achieve the above object, the present invention also provides a computer-readable storage medium having stored thereon a computer program which, when being executed by a processor, carries out the steps of the above method.
The environment sensing method and device of the terminal equipment, the computer equipment and the computer readable storage medium provided by the invention provide a scheme for comprehensively and flexibly sensing the state of the terminal equipment. Besides the perception of basic security items of viruses and vulnerabilities, the contents of system security items, system application items, health state items, physical state items and the like can be perceived, various other factors which possibly influence the credibility of the terminal equipment although no threat exists at present are comprehensively considered, and the perception of the terminal equipment is ensured to be more complete and specific. Furthermore, the environment perception items in the invention comprise third party perception items and local perception items, wherein the third party perception items refer to items which can be directly dared by calling a third party detection system, so that resources can be saved and repeated work can be avoided; the local perception is striking, namely other light-weighted items which can be selected and customized by the user can be obtained, and accordingly the credibility of the terminal equipment can be evaluated more specifically.
Drawings
FIG. 1 is a flowchart of a first embodiment of a context awareness method of the present invention;
FIG. 2 is a block diagram of a first exemplary embodiment of an environment sensing apparatus according to the present invention;
FIG. 3 is a diagram illustrating a hardware structure of a first embodiment of an environment sensing apparatus according to the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The environment sensing method and device of the terminal equipment, the computer equipment and the computer readable storage medium provided by the invention provide a scheme for comprehensively and flexibly sensing the state of the terminal equipment. Besides the perception of basic security items of viruses and vulnerabilities, the contents of system security items, system application items, health state items, physical state items and the like can be perceived, various other factors which possibly influence the credibility of the terminal equipment although no threat exists at present are comprehensively considered, and the perception of the terminal equipment is ensured to be more complete and specific. Furthermore, the environment perception items in the invention comprise third party perception items and local perception items, wherein the third party perception items refer to items which can be directly dared by calling a third party detection system, so that resources can be saved and repeated work can be avoided; the local perception is striking, namely other light-weighted items which can be selected and customized by the user can be obtained, and accordingly the credibility of the terminal equipment can be evaluated more specifically.
Example one
The environment perception method of the terminal equipment adopts a client/server mode, wherein the client is arranged on the terminal equipment and is used for perceiving the environment information of the terminal equipment; the server is independent of the terminal equipment and is used for receiving the environment information which is sent by the client and related to the terminal equipment and evaluating the credibility of the terminal equipment based on the environment information. The specific context awareness method is described in detail below.
Referring to fig. 1, the present embodiment provides a method for sensing an environment of a terminal device, which specifically includes the following steps:
and S1, responding to the environment sensing command, and acquiring the equipment identification information of the terminal equipment, wherein the equipment identification information is used for uniquely identifying the terminal equipment.
After receiving the environment sensing command, the client of the invention needs to first acquire the equipment identification information of the terminal equipment to uniquely identify the terminal equipment.
The environment sensing command of the invention can be triggered based on preset execution logic or randomly by clicking a button according to the requirement of a user. The preset execution logic in the invention can include various modes such as startup execution, interval execution, timing execution and the like, wherein the startup execution refers to immediately executing the environment sensing operation after the terminal equipment is started each time, the interval execution refers to executing the environment sensing operation once every fixed interval period, the timing execution refers to executing the environment sensing operation at a preset moment, and preferably, the interval period and the timing execution moment in the invention can be accurate to minutes.
In addition to the statically triggered execution logic described above, the context aware commands in the present invention can also be triggered in a dynamic manner. For example, some objects in the terminal device are monitored, and the environment sensing command can be triggered once the monitored objects are found to be changed. Those skilled in the art will appreciate that the triggering manner of the context aware command in the present invention can be selected from many alternatives, and is not limited to the above listed forms, and all triggering manners capable of initiating a command in the prior art are included in the scope of the present invention.
In order to clarify the information source, the present invention first needs to acquire device identification information each time when executing the environment sensing operation, and the device identification information is generated based on the hardware identification number (such as a CPU identification number, a hard disk serial number, a physical network card MAC address) of the terminal device and a trusted private key, and is used for uniquely identifying the terminal device running the current client.
S2, acquiring a preset perception strategy, and perceiving the environment information of the terminal equipment based on the preset perception strategy; the environmental information is used to characterize a security state of an environmental awareness item associated with the terminal device.
After the device identification of the terminal device is obtained, the environment information sensing is executed based on the preset sensing strategy. The preset perception strategy in the invention is preset on the configuration template by the user according to the actual requirement. The configuration template lists the content of selection items and threshold information of each item for the user to perform personalized configuration, and the user can freely select specific items to be sensed and set sensing standards or detection thresholds of certain specific items so that the client can execute environment information sensing operation strictly according to specific parameters in the configuration template.
The environment information in the present invention is used to characterize the security status of the environment-aware items related to the terminal device, for example, whether a particular awareness is normal, abnormal, or otherwise.
The environment perception items in the invention can be divided into two categories, one is a third party perception item, and the other is a local perception item. The third-party perception projects refer to projects which are not perceived by the client through the third-party system, and such projects mainly include basic security perception projects which are large in resource consumption and long in execution time, such as virus APT environment perception and system vulnerability perception. The local perception items refer to light-weight items with less resource consumption and shorter execution time, and the items are perceived by the client side.
The method can determine which ones belong to the third-party perception items and which ones belong to the local perception items from the environment perception items, and then respectively adopt different processing measures.
For the third-party perception project, the invention calls the third-party system through the interface to acquire the safety state of the third-party perception project stored in the third-party system. Through the mode, the invention can utilize the existing sensing result of the third-party system, thereby achieving the purposes of saving resources and improving the sensing efficiency. Further, the method and the device can further inquire the storage time of the security state of the third-party sensing project when the security state of the stored third-party sensing project in the third-party system is obtained. And when the storage time is greater than a preset first threshold value, calling a third-party system to re-sense and output a corresponding safety state. By setting the first threshold, the invention can ensure the timeliness of the acquired safety state and prevent the situation that the acquired safety state data does not conform to the reality due to untimely updating.
The local aware item differs from the third party aware item in that the object detected by the local aware item is not content that would pose an immediate security threat, but may be associated with the administrative policy of the enterprise user or may pose a security risk to future operations. The local perception item is a perception operation performed by the client itself, and may specifically include any one of the following: system security items, system application items, health status items, physical status items.
The system security item refers to an item related to vulnerability configuration existing on an operating system of the terminal device, the vulnerability configuration refers to vulnerability configuration existing in the terminal device, and the terminal device cannot be damaged by simple vulnerabilities without corresponding threats, such as account locking duration, account locking time and the like; the system application item refers to an item related to software installed on the terminal device, such as software perception, service perception, registry perception, USBKey perception and the like; the health status item refers to items related to security configuration of the browser, such as an IE homepage, an IE menu, and the like; the physical state item refers to an item related to the actual physical environment of the terminal device, such as authorized person leaving, multi-person watching, and the like. The authorized person leaving refers to detecting whether a user of the terminal device leaves the device currently, and the multi-person watching refers to detecting whether the content displayed by the terminal device currently is being browsed by multiple persons.
According to the invention, by detecting the local sensing project, other parameter information except the basic security threat in the terminal equipment can be found, and the enterprise user can be helped to perform targeted monitoring management according to actual needs, so that the network management pressure of the enterprise user can be greatly reduced, and the management efficiency is improved.
And S3, processing the sensing item with the abnormal safety state.
When the state of some perception items is found to be abnormal, the invention also processes the abnormal perception items. The specific processing measures can also be configured in advance through a configuration template, for example, whether the mode of repairing after an abnormal item is found is automatic repairing or manual repairing by a user can be selected.
And S4, scoring the terminal equipment according to the environment information, and sending the score and the equipment identification information to a server. .
In this step, the client scores the terminal device according to the environment information, and sends the device identification information and the score to the server for storage, so that the access authority of the terminal device can be determined according to the environment scoring result in the following.
The criteria for computing the environmental score may also be preconfigured in the configuration template. For example, when the environment perception item includes five kinds of perception information, such as a basic security perception item, a system application perception item, a health state perception item, a physical state perception item, and the like, different weights are set for the five kinds of perception information according to different emphasis points, after classification scores of each kind of perception information are obtained through respective calculation, a weighted average score is calculated according to a corresponding weight value obtained by each kind, and the weighted average score is the environment score of the terminal device.
Referring to fig. 2, a terminal device environment sensing apparatus is shown, in this embodiment, the environment sensing apparatus 10 may include or be divided into one or more program modules, and the one or more program modules are stored in a storage medium and executed by one or more processors to implement the present invention and implement the above-mentioned environment sensing method. The program modules referred to herein are a series of computer program instruction segments that are capable of performing certain functions and are more suitable than the program itself for describing the execution of the context awareness apparatus 10 on a storage medium. The following description will specifically describe the functions of the program modules of the present embodiment:
the identification information acquisition module 11 is adapted to respond to an environment sensing command and acquire device identification information of the terminal device, wherein the device identification information is used for uniquely identifying the terminal device;
the environment information acquisition module 12 is adapted to acquire a preset sensing strategy and sense the environment information of the terminal device based on the preset sensing strategy; the environment information is used for representing the safety state of an environment sensing item related to the terminal equipment;
and the scoring module 13 is adapted to score the terminal device according to the environment information, and send the score and the device identification information to a server for storage. .
According to the environment sensing apparatus of the terminal device provided by the present invention, the environment information obtaining module 12 includes:
the item obtaining submodule 121 is adapted to obtain an environment sensing item of the terminal device, where the environment sensing item is preset based on a configuration template;
the third-party item obtaining sub-module 122 is adapted to determine whether the environment sensing item includes a third-party sensing item, and if so, obtain a security status of the third-party sensing item from a third-party sensing system;
the local item obtaining sub-module 123 is adapted to determine whether the environment sensing item includes a local sensing item, and if so, scan the local sensing item to obtain a security status of the local sensing item.
According to the environment sensing apparatus of the terminal device provided by the present invention, the local item obtaining sub-module 123 includes:
a system security obtaining unit 1231, adapted to obtain a security state of a system security item, where the system security item refers to an item related to vulnerability configuration existing on an operating system of the terminal device;
a system application obtaining unit 1232, adapted to obtain a security state of a system application item, where the system application item refers to an item related to software, a service, a registry, and a USBKEY on the terminal device;
a health status acquiring unit 1233 adapted to acquire a security status of a health status item, which refers to items related to a browser, a printer configuration, and a disk;
the physical state obtaining unit 1234 is adapted to obtain a security state of a physical state item, where the physical state item refers to an item related to an actual physical environment of the terminal device.
The embodiment also provides a computer device, such as a smart phone, a tablet computer, a notebook computer, a desktop computer, a rack server, a blade server, a tower server or a rack server (including an independent server or a server cluster composed of a plurality of servers) capable of executing programs, and the like. The computer device 20 of the present embodiment includes at least, but is not limited to: a memory 21, a processor 22, which may be communicatively coupled to each other via a system bus, as shown in FIG. 3. It is noted that fig. 3 only shows the computer device 20 with components 21-22, but it is to be understood that not all shown components are required to be implemented, and that more or fewer components may be implemented instead.
In the present embodiment, the memory 21 (i.e., a readable storage medium) includes a flash memory, a hard disk, a multimedia card, a card-type memory (e.g., SD or DX memory, etc.), a Random Access Memory (RAM), a Static Random Access Memory (SRAM), a read-only memory (ROM), an electrically erasable programmable read-only memory (EEPROM), a programmable read-only memory (PROM), a magnetic memory, a magnetic disk, an optical disk, and the like. In some embodiments, the storage 21 may be an internal storage unit of the computer device 20, such as a hard disk or a memory of the computer device 20. In other embodiments, the memory 21 may also be an external storage device of the computer device 20, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), or the like, provided on the computer device 20. Of course, the memory 21 may also include both internal and external storage devices of the computer device 20. In this embodiment, the memory 21 is generally used for storing an operating system and various application software installed on the computer device 20, such as the program code of the environment sensing apparatus 10 in the first embodiment. Further, the memory 21 may also be used to temporarily store various types of data that have been output or are to be output.
Processor 22 may be a Central Processing Unit (CPU), controller, microcontroller, microprocessor, or other data Processing chip in some embodiments. The processor 22 is typically used to control the overall operation of the computer device 20. In this embodiment, the processor 22 is configured to execute the program code stored in the memory 21 or process data, for example, execute the environment sensing apparatus 10, so as to implement the environment sensing method according to the first embodiment.
The present embodiment also provides a computer-readable storage medium, such as a flash memory, a hard disk, a multimedia card, a card-type memory (e.g., SD or DX memory, etc.), a Random Access Memory (RAM), a Static Random Access Memory (SRAM), a read-only memory (ROM), an electrically erasable programmable read-only memory (EEPROM), a programmable read-only memory (PROM), a magnetic memory, a magnetic disk, an optical disk, a server, an App application mall, etc., on which a computer program is stored, which when executed by a processor implements corresponding functions. The computer-readable storage medium of this embodiment is used for storing the environment sensing apparatus 10, and when executed by a processor, the environment sensing method of the first embodiment is implemented.
The above-mentioned serial numbers of the embodiments of the present invention are merely for description and do not represent the merits of the embodiments.
Any process or method descriptions in flow charts or otherwise described herein may be understood as representing modules, segments, or portions of code which include one or more executable instructions for implementing specific logical functions or steps of the process, and alternate implementations are included within the scope of the preferred embodiment of the present invention in which functions may be executed out of order from that shown or discussed, including substantially concurrently or in reverse order, depending on the functionality involved, as would be understood by those reasonably skilled in the art of the present invention.
It will be understood by those skilled in the art that all or part of the steps carried by the method for implementing the above embodiments may be implemented by hardware related to instructions of a program, which may be stored in a computer readable medium, and when executed, the program includes one or a combination of the steps of the method embodiments.
In the description herein, references to the description of the term "one embodiment," "some embodiments," "an example," "a specific example" or "some examples" or the like are intended to mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the invention. In this specification, the schematic representations of the terms used above do not necessarily refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner.
The above description is only a preferred embodiment of the present invention, and not intended to limit the scope of the present invention, and all modifications of equivalent structures and equivalent processes, which are made by using the contents of the present specification and the accompanying drawings, or directly or indirectly applied to other related technical fields, are included in the scope of the present invention.
Claims (10)
1. A method for sensing the environment of a terminal device is characterized by comprising the following steps:
responding to an environment perception command, acquiring equipment identification information of terminal equipment, wherein the equipment identification information is generated based on a hardware identification number and a trusted private key of the terminal equipment and is used for uniquely identifying the terminal equipment;
acquiring a preset perception strategy, and perceiving the environmental information of the terminal equipment based on the preset perception strategy; the environment information is used for representing the safety state of an environment sensing item related to the terminal equipment;
and scoring the terminal equipment according to the environment information, and sending the score and the equipment identification information to a server.
2. The method for sensing the environment of the terminal device according to claim 1, wherein the step of obtaining a preset sensing strategy and sensing the environment information of the terminal device based on the sensing strategy includes:
acquiring an environment perception item of the terminal equipment, wherein the environment perception item is preset based on a configuration template;
judging whether the environment perception items comprise third-party perception items or not, if so, acquiring the security state of the third-party perception items from a third-party perception system;
and judging whether the environment perception items comprise local perception items, if so, scanning the local perception items to acquire the security states of the local perception items.
3. The environment awareness method of the terminal device according to claim 2, wherein the step of obtaining the security status of the third-party-aware item from a third-party-aware system comprises:
calling the third-party system through an interface, and inquiring the security state and the perception time of the third-party perception item stored in the third-party system;
when the sensing time exceeds a first threshold value, sensing the latest safety state of the third-party sensing item again by using the third-party system;
and acquiring the latest security state of the third-party perception project.
4. The method for sensing the environment of the terminal device according to claim 2, wherein the step of determining whether the environment sensing item includes a local sensing item comprises:
judging whether any one of the following contents is included in the environment perception item:
system safety items, system application items, health state items and physical state items;
wherein the system security item refers to an item related to vulnerability configuration existing on an operating system of the terminal equipment; the system application items refer to items related to software, services, a registry and USBKEY on the terminal equipment; the health status items refer to items related to a browser, a printer configuration and a disk; the physical state item refers to an item related to an actual physical environment of the terminal device.
5. The method for sensing the environment of the terminal device according to claim 2, after obtaining a preset sensing strategy and sensing the environment information of the terminal device based on the preset sensing strategy, further comprising:
and processing the perception item with the abnormal safety state.
6. An environment sensing apparatus of a terminal device, comprising:
the identification information acquisition module is suitable for responding to an environment perception command and acquiring equipment identification information of the terminal equipment, wherein the equipment identification information is used for uniquely identifying the terminal equipment;
the environment information acquisition module is suitable for acquiring a preset sensing strategy and sensing the environment information of the terminal equipment based on the preset sensing strategy; the environment information is used for representing the safety state of an environment sensing item related to the terminal equipment;
and the scoring module is suitable for scoring the terminal equipment according to the environmental information and sending the score and the equipment identification information to a server.
7. The apparatus as claimed in claim 6, wherein the environment information acquiring module comprises:
the item acquisition submodule is suitable for acquiring an environment perception item of the terminal equipment, and the environment perception item is preset based on a configuration template;
the third-party item acquisition submodule is suitable for judging whether the environment perception items contain third-party perception items or not, and if yes, acquiring the safety state of the third-party perception items from a third-party perception system;
and the local item acquisition submodule is suitable for judging whether the environment perception item contains a local perception item, and if so, scanning the local perception item to acquire the security state of the local perception item.
8. The environment awareness apparatus for a terminal device according to claim 7, wherein the local item acquisition sub-module comprises:
a system security obtaining unit, adapted to obtain a security state of a system security item, where the system security item is an item related to vulnerability configuration existing on an operating system of the terminal device;
the system application acquisition unit is suitable for acquiring the safety state of a system application project, wherein the system application project refers to projects related to software, services, a registry and USBKEY on the terminal equipment;
a health status acquisition unit adapted to acquire a security status of a health status item, the health status item referring to items related to a browser, a printer configuration, and a disk;
and the physical state acquisition unit is suitable for acquiring the safety state of a physical state item, wherein the physical state item refers to an item related to the actual physical environment of the terminal equipment.
9. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the steps of the method of any of claims 1 to 5 are implemented by the processor when executing the computer program.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the method of any one of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910406098.3A CN111950040A (en) | 2019-05-15 | 2019-05-15 | Environment sensing method and device of terminal equipment, computer equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910406098.3A CN111950040A (en) | 2019-05-15 | 2019-05-15 | Environment sensing method and device of terminal equipment, computer equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111950040A true CN111950040A (en) | 2020-11-17 |
Family
ID=73335903
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910406098.3A Pending CN111950040A (en) | 2019-05-15 | 2019-05-15 | Environment sensing method and device of terminal equipment, computer equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111950040A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114615055A (en) * | 2022-03-10 | 2022-06-10 | 中国建设银行股份有限公司 | Processing method of access request, data uploading method and device |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103929323A (en) * | 2013-12-16 | 2014-07-16 | 汉柏科技有限公司 | Health degree monitoring method of cloud network equipment |
| CN104866772A (en) * | 2015-05-07 | 2015-08-26 | 中国科学院信息工程研究所 | Computer access control method and system based on physical environment perception |
| CN104978257A (en) * | 2015-07-17 | 2015-10-14 | 北京奇虎科技有限公司 | Computer device elastic scoring method and computer device elastic scoring device |
| CN109150870A (en) * | 2018-08-14 | 2019-01-04 | 中国电子科技集团公司电子科学研究院 | Network safety situation analysis and application method and system |
| CN109246125A (en) * | 2018-10-09 | 2019-01-18 | 郑州云海信息技术有限公司 | A kind of Host Security condition evaluation system |
-
2019
- 2019-05-15 CN CN201910406098.3A patent/CN111950040A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103929323A (en) * | 2013-12-16 | 2014-07-16 | 汉柏科技有限公司 | Health degree monitoring method of cloud network equipment |
| CN104866772A (en) * | 2015-05-07 | 2015-08-26 | 中国科学院信息工程研究所 | Computer access control method and system based on physical environment perception |
| CN104978257A (en) * | 2015-07-17 | 2015-10-14 | 北京奇虎科技有限公司 | Computer device elastic scoring method and computer device elastic scoring device |
| CN109150870A (en) * | 2018-08-14 | 2019-01-04 | 中国电子科技集团公司电子科学研究院 | Network safety situation analysis and application method and system |
| CN109246125A (en) * | 2018-10-09 | 2019-01-18 | 郑州云海信息技术有限公司 | A kind of Host Security condition evaluation system |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114615055A (en) * | 2022-03-10 | 2022-06-10 | 中国建设银行股份有限公司 | Processing method of access request, data uploading method and device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11570211B1 (en) | Detection of phishing attacks using similarity analysis | |
| US11240262B1 (en) | Malware detection verification and enhancement by coordinating endpoint and malware detection systems | |
| CN109743315B (en) | Behavior identification method, behavior identification device, behavior identification equipment and readable storage medium for website | |
| USRE46768E1 (en) | System and method for identifying and assessing vulnerabilities on a mobile communications device | |
| CN108664793B (en) | Method and device for detecting vulnerability | |
| CN111274583A (en) | Big data computer network safety protection device and control method thereof | |
| CN112685682B (en) | Method, device, equipment and medium for identifying forbidden object of attack event | |
| JP2014509421A (en) | Security measures for extended USB protocol stack of USB host system | |
| CN112703496B (en) | Content policy based notification to application users regarding malicious browser plug-ins | |
| WO2014113501A1 (en) | Systems and methods for identifying and reporting application and file vulnerabilities | |
| US11785044B2 (en) | System and method for detection of malicious interactions in a computer network | |
| CN111651754B (en) | Intrusion detection method and device, storage medium and electronic device | |
| US10498760B1 (en) | Monitoring system for detecting and preventing a malicious program code from being uploaded from a client computer to a webpage computer server | |
| CN111460445A (en) | Method and device for automatically identifying malicious degree of sample program | |
| CN110059007B (en) | System vulnerability scanning method and device, computer equipment and storage medium | |
| CN104268475A (en) | Application running system | |
| CN113836509B (en) | Information acquisition method, device, electronic equipment and storage medium | |
| CN108108618B (en) | Application interface detection method and device for counterfeiting attack | |
| CN111953633A (en) | Access control method and access control device based on terminal environment | |
| CN111950040A (en) | Environment sensing method and device of terminal equipment, computer equipment and storage medium | |
| US8935784B1 (en) | Protecting subscribers of web feeds from malware attacks | |
| US8677495B1 (en) | Dynamic trap for detecting malicious applications in computing devices | |
| CN111949363B (en) | Service access management method, computer equipment, storage medium and system | |
| CN111783082A (en) | Process tracing method, device, terminal and computer readable storage medium | |
| CN115118481B (en) | Host information acquisition method, device, equipment and medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |