[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

CN113378152B - Operation and maintenance auditing method and device, storage medium and electronic equipment - Google Patents

Operation and maintenance auditing method and device, storage medium and electronic equipment Download PDF

Info

Publication number
CN113378152B
CN113378152B CN202110734466.4A CN202110734466A CN113378152B CN 113378152 B CN113378152 B CN 113378152B CN 202110734466 A CN202110734466 A CN 202110734466A CN 113378152 B CN113378152 B CN 113378152B
Authority
CN
China
Prior art keywords
maintenance
terminal
information
target
terminal information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110734466.4A
Other languages
Chinese (zh)
Other versions
CN113378152A (en
Inventor
杨鑫
李瑞一
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Topsec Technology Co Ltd
Beijing Topsec Network Security Technology Co Ltd
Beijing Topsec Software Co Ltd
Original Assignee
Beijing Topsec Technology Co Ltd
Beijing Topsec Network Security Technology Co Ltd
Beijing Topsec Software Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Topsec Technology Co Ltd, Beijing Topsec Network Security Technology Co Ltd, Beijing Topsec Software Co Ltd filed Critical Beijing Topsec Technology Co Ltd
Priority to CN202110734466.4A priority Critical patent/CN113378152B/en
Publication of CN113378152A publication Critical patent/CN113378152A/en
Application granted granted Critical
Publication of CN113378152B publication Critical patent/CN113378152B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • G06F21/445Program or device authentication by mutual authentication, e.g. between devices or programs
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y04INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
    • Y04SSYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
    • Y04S10/00Systems supporting electrical power generation, transmission or distribution
    • Y04S10/50Systems or methods supporting the power network operation or management, involving a certain degree of interaction with the load-side end user applications

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The embodiment of the application provides an operation and maintenance auditing method, an operation and maintenance auditing device, a storage medium and electronic equipment, wherein the operation and maintenance auditing method comprises the following steps: acquiring terminal information to be verified of a target terminal, wherein the terminal information to be verified comprises operating system type information of the target terminal and/or version type information of a browser in the target terminal; matching the operation and maintenance terminal information set with the terminal information to be verified, wherein the operation and maintenance terminal information set comprises a plurality of operation and maintenance terminal information which is input in advance, and each operation and maintenance terminal information in the plurality of operation and maintenance terminal information corresponds to an operation and maintenance asset; and if the terminal information to be verified is matched with the target operation and maintenance terminal information through the matching, allowing the target terminal to operate and maintain the operation and maintenance asset corresponding to the target operation and maintenance terminal information. By means of the technical scheme, the operation and maintenance safety can be improved.

Description

Operation and maintenance auditing method and device, storage medium and electronic equipment
Technical Field
The application relates to the technical field of safety protection, in particular to an operation and maintenance auditing method, an operation and maintenance auditing device, a storage medium and electronic equipment.
Background
With the continuous expansion of the network scale and the equipment quantity, the increasingly complex actions of IT systems and operation and maintenance personnel bring greater risks to information security, the common audit system cannot meet the requirement of operation and maintenance security, and the operation and maintenance audit management system is widely used.
However, the existing operation and maintenance auditing method has the problem of low safety.
Disclosure of Invention
The embodiment of the application aims to provide an operation and maintenance auditing method, an operation and maintenance auditing device, a storage medium and electronic equipment so as to improve the operation and maintenance safety.
In a first aspect, an embodiment of the present application provides an operation and maintenance auditing method, including: acquiring terminal information to be verified of a target terminal, wherein the terminal information to be verified comprises operating system type information of the target terminal and/or version type information of a browser in the target terminal; matching the operation and maintenance terminal information set with the terminal information to be verified, wherein the operation and maintenance terminal information set comprises a plurality of operation and maintenance terminal information which is input in advance, and each operation and maintenance terminal information in the plurality of operation and maintenance terminal information corresponds to an operation and maintenance asset; and if the terminal information to be verified is matched with the target operation and maintenance terminal information through the matching, allowing the target terminal to operate and maintain the operation and maintenance asset corresponding to the target operation and maintenance terminal information.
Therefore, the embodiment of the application limits the terminal information of the terminal of the user and checks the terminal information in the operation and maintenance process, so that compared with a related operation and maintenance auditing method, the dimension of the operation and maintenance rule is increased, and the operation and maintenance safety can be improved.
In one possible embodiment, the terminal information to be verified includes operating system type information of the target terminal and version type information of a browser in the target terminal; the method for obtaining the terminal information to be verified of the target terminal comprises the following steps: receiving an operation and maintenance request carrying user agent information sent by a target terminal; and acquiring the type information of the operating system of the target terminal and the version type information of the browser in the target terminal according to the user agent information.
Therefore, the embodiment of the application can rapidly acquire the operating system type information of the target terminal and the version type information of the browser in the target terminal through the user agent information.
In one possible embodiment, the operation and maintenance auditing method further includes: receiving operation and maintenance record data sent by a target terminal; detecting operation and maintenance record data; and if the operation and maintenance record data contains sensitive operation and maintenance data through detection, sending a stop instruction for indicating the target terminal to stop operation and maintenance to the target terminal.
Therefore, the embodiment of the application can further improve the operation and maintenance safety by monitoring the operation and maintenance process of the terminal.
In one possible embodiment, if the terminal information to be verified and the target operation and maintenance terminal information are determined to match through matching, allowing the target terminal to operate and maintain the operation and maintenance asset corresponding to the target operation and maintenance terminal information includes: if the terminal information to be verified is matched with the target operation and maintenance terminal information through matching, acquiring environment information of the target terminal; determining the security level of the environment where the target terminal is located according to the environment information; and if the security level of the environment where the target terminal is located is higher than the preset security level, allowing the target terminal to operate and maintain the operation and maintenance asset corresponding to the target operation and maintenance terminal information.
Therefore, the embodiment of the application ensures the safety of the operation and maintenance environment by detecting the safety level of the terminal, thereby further improving the safety of the operation and maintenance.
In a second aspect, an embodiment of the present application provides an operation and maintenance auditing apparatus, including: the system comprises an acquisition module, a verification module and a verification module, wherein the acquisition module is used for acquiring terminal information to be verified of a target terminal, and the terminal information to be verified comprises operating system type information of the target terminal and/or version type information of a browser in the target terminal; the matching module is used for matching the operation and maintenance terminal information set with the terminal information to be verified, wherein the operation and maintenance terminal information set comprises a plurality of operation and maintenance terminal information which is input in advance, and each operation and maintenance terminal information in the plurality of operation and maintenance terminal information corresponds to an operation and maintenance asset; and the determining module is used for allowing the target terminal to operate and maintain the operation and maintenance asset corresponding to the target operation and maintenance terminal information if the terminal information to be verified is matched with the target operation and maintenance terminal information through matching.
In one possible embodiment, the terminal information to be verified includes operating system type information of the target terminal and version type information of a browser in the target terminal; the acquisition module is specifically configured to: receiving an operation and maintenance request carrying user agent information sent by a target terminal; and acquiring the type information of the operating system of the target terminal and the version type information of the browser in the target terminal according to the user agent information.
In one possible embodiment, the operation and maintenance auditing apparatus further includes: the receiving module is used for receiving the operation and maintenance record data sent by the target terminal; the detection module is used for detecting the operation and maintenance record data; and the sending module is used for sending a stopping instruction for indicating the target terminal to stop operation and maintenance to the target terminal if the operation and maintenance record data contains sensitive operation and maintenance data through detection.
In a possible embodiment, the determining module is specifically configured to: if the terminal information to be verified is matched with the target operation and maintenance terminal information through matching, acquiring environment information of the target terminal; determining the security level of the environment where the target terminal is located according to the environment information; and if the security level of the environment where the target terminal is located is higher than the preset security level, allowing the target terminal to operate and maintain the operation and maintenance asset corresponding to the target operation and maintenance terminal information.
In a third aspect, embodiments of the present application provide a storage medium having stored thereon a computer program which, when executed by a processor, performs the method of the first aspect or any alternative implementation of the first aspect.
In a fourth aspect, an embodiment of the present application provides an electronic device, including: a processor, a memory and a bus, the memory storing machine-readable instructions executable by the processor, the processor and the memory in communication via the bus when the electronic device is running, the machine-readable instructions when executed by the processor performing the method of the first aspect or any alternative implementation of the first aspect.
In a fifth aspect, the application provides a computer program product which, when run on a computer, causes the computer to perform the method of the first aspect or any of the possible implementations of the first aspect.
In order to make the above objects, features and advantages of the embodiments of the present application more comprehensible, preferred embodiments accompanied with figures are described in detail below.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the embodiments of the present application will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present application and should not be considered as limiting the scope, and other related drawings can be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 shows a schematic diagram of an application scenario provided by an embodiment of the present application;
fig. 2 is a schematic diagram of a method for setting operation and maintenance rules according to an embodiment of the present application;
FIG. 3 shows a flowchart of an operation and maintenance auditing method provided by an embodiment of the present application;
FIG. 4 shows a specific flowchart of an operation and maintenance auditing method provided by an embodiment of the present application;
Fig. 5 shows a block diagram of an operation and maintenance auditing apparatus according to an embodiment of the present application;
fig. 6 shows a block diagram of an electronic device according to an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be described below with reference to the accompanying drawings in the embodiments of the present application.
It should be noted that: like reference numerals and letters denote like items in the following figures, and thus once an item is defined in one figure, no further definition or explanation thereof is necessary in the following figures. Meanwhile, in the description of the present application, the terms "first", "second", and the like are used only to distinguish the description, and are not to be construed as indicating or implying relative importance.
At present, related operation and maintenance auditing methods comprise the following two methods:
one such method is to first configure the user's asset authorization to authorize the asset's operation and maintenance rights to a particular user, and then configure the user's IP address, operation and maintenance asset, operation and maintenance time, etc. operation and maintenance rules. However, for the method, the operation and maintenance rule of the method does not limit the terminal used by the user, so that the related operation and maintenance auditing method has the problem of low safety.
That is, the properties of the asset and the user involved in the operation and maintenance process are relatively large, such as account numbers, protocols, IP of the asset, IP of the user, operation and maintenance time and operation and maintenance behavior of the user, and the like. However, most of the limitations in the operation and maintenance process are to limit the operation and maintenance assets of the user, the login IP of the user, the operation and maintenance time of the user and the like, and the limitations of the terminal used by the user in the operation and maintenance process are not met;
The other method is that the terminal information is imported into the memory of the operation and maintenance safety management equipment, after the terminal makes a login request, the terminal information to be logged in to the terminal can be compared with the terminal information stored in the memory, if the terminal information is consistent, the authentication is successful, and if the terminal information is inconsistent, the authentication is failed. However, this method is a method of determining the correlation of terminal information when a user logs into the system, and is not a method of determining operation and maintenance.
Based on this, the embodiment of the application provides an operation and maintenance audit scheme, by acquiring the terminal information to be verified of the target terminal, wherein the terminal information to be verified comprises the operating system type information of the target terminal and/or the version type information of the browser in the target terminal, then matching the operation and maintenance terminal information set with the terminal information to be verified, wherein the operation and maintenance terminal information set comprises a plurality of operation and maintenance terminal information recorded in advance, each operation and maintenance terminal information in the plurality of operation and maintenance terminal information corresponds to an operation and maintenance asset, and finally, if the operation and maintenance terminal information to be verified and the operation and maintenance terminal information to be verified are matched through the matching, the operation and maintenance asset corresponding to the operation and maintenance terminal information of the target terminal is allowed.
Therefore, the embodiment of the application limits the terminal information of the terminal of the user and checks the terminal information in the operation and maintenance process, so that compared with a related operation and maintenance auditing method, the dimension of the operation and maintenance rule is increased, and the operation and maintenance safety can be improved.
Referring to fig. 1, fig. 1 shows a schematic diagram of an application scenario provided by an embodiment of the present application. The application scenario shown in fig. 1 includes a target terminal, an operation and maintenance audit management system, and an asset to be operated and maintained.
It should be understood that the specific device of the target terminal, the specific device of the operation and maintenance audit management system, the specific device of the asset to be operated and maintained, and the like may all be set according to actual requirements, and the embodiment of the present application is not limited thereto.
For example, the target terminal may be a mobile phone, a notebook, a desktop, or the like.
For another example, the operation and maintenance audit management system may be a fort machine or the like.
For another example, the asset to be operated may be a switch, a firewall, a computer, or the like.
It should also be appreciated that the target terminal may also be referred to as a client of the target operation and maintenance.
It should also be appreciated that the operation and maintenance audit management system may also be referred to as an operation and maintenance audit management device.
In order to facilitate an understanding of embodiments of the present application, the following description is made by way of specific examples.
Specifically, when the User logs in the system through the target terminal, the User may click on an operation and maintenance list (or operation and maintenance service object list) displayed on an interface of the target terminal and used for recording a plurality of operation and maintenance services corresponding to the target terminal, so that the target terminal may respond to the click of the User to generate an operation and maintenance request carrying User Agent (UA) information, and send the operation and maintenance request to the operation and maintenance audit management system. Correspondingly, the operation and maintenance audit management system receives an operation and maintenance request sent by the target terminal.
And then, the operation and maintenance audit management system can acquire the operating system type information of the target terminal and the version type information of the browser in the target terminal according to the UA information in the operation and maintenance request. And the operation and maintenance audit management system can match the operation and maintenance terminal information set with the terminal information to be verified. The operation and maintenance terminal information set comprises a plurality of operation and maintenance terminal information which are input in advance, and each operation and maintenance terminal information in the plurality of operation and maintenance terminal information corresponds to an operation and maintenance asset.
Although the above description is made by taking the matching of the terminal information as an example, in the actual use process, it is necessary to perform verification of other information (for example, operation and maintenance time) in the operation and maintenance rule in addition to verification of the terminal information in the operation and maintenance rule, and the embodiment of the present application is not limited thereto.
In addition, if the operation and maintenance audit management system determines that the terminal information to be verified is matched with the target operation and maintenance terminal information through matching, allowing the target terminal to operate and maintain the operation and maintenance asset corresponding to the target operation and maintenance terminal information, namely, if the target terminal can be authorized, the operation and maintenance can be successful; if the operation and maintenance audit management system determines that the terminal information to be verified and the operation and maintenance terminal information set are not matched through matching, the operation and maintenance of the target terminal are not allowed, namely, the target terminal cannot be authorized, and the operation and maintenance fail.
It should be noted that, the operation and maintenance audit scheme provided by the embodiment of the present application may be further extended to other suitable application scenarios, and is not limited to the application scenario shown in fig. 1.
For example, while one terminal and one asset to be operated are shown in fig. 1, it should be understood by those skilled in the art that the application scenario may include more terminals and more assets to be operated during the actual application.
Referring to fig. 2, fig. 2 is a schematic diagram illustrating a method for setting operation and maintenance rules according to an embodiment of the present application. The setting method as shown in fig. 2 includes:
in step S210, the operation and maintenance audit management system grants the operation and maintenance rights of the asset to the designated terminal.
It should be understood that the operable devices corresponding to the assets may be set according to actual requirements, and embodiments of the present application are not limited thereto.
For example, the asset may be a firewall, a switch, a personal computer, or the like.
It should also be understood that the corresponding terminal in the designated terminals may be set by an administrator according to actual needs, and embodiments of the present application are not limited thereto.
In order to facilitate an understanding of embodiments of the present application, the following description is made by way of specific examples.
Specifically, in the event that an administrator logs into the operation and maintenance audit management system, the administrator may add an asset (e.g., the asset may be a first identified switch, etc.) to the operation and maintenance audit management system. Then, after adding the asset to the operation and maintenance audit management system, the administrator can authorize the operation and maintenance right of the appointed asset to the appointed terminal through the operation and maintenance audit management system, so that the connection between the appointed asset and the appointed terminal can be established, and the appointed terminal is qualified to operate and maintain the corresponding asset.
Step S220, after authorization is completed, the operation and maintenance audit management system sets operation and maintenance rules.
It should be understood that the information included in the operation and maintenance rule may be set according to actual requirements, and embodiments of the present application are not limited thereto.
For example, the operation and maintenance rules may include asset information, user information, time information, operation and maintenance terminal information, and other conventional information. Wherein the asset information may include an identification of the asset and an IP address of the asset; the user information may include a login account of the user; the time information may include an operation and maintenance time for identifying whether the operation and maintenance are allowed or not allowed; the operation and maintenance terminal information may include a source IP address of the terminal, an operating system type of the terminal (e.g., win7 or win10 or Unix, etc.), and a version type of a browser in the terminal (e.g., google browser or 360 browser, etc., for example, version 1.0 or version 2.0, etc.).
Here, it should be noted that, the information included in the operation rule is used for verification, so as to determine whether the terminal applying for operation has the authority of operation.
In order to facilitate an understanding of embodiments of the present application, the following description is made by way of specific examples.
Specifically, after an administrator logs into the operation and maintenance audit management system, the administrator may configure operation and maintenance authorizations through the operation and maintenance audit management system to authorize the operation and maintenance rights of the asset to a designated user. And after the authorization is configured, the asset account number, the user and the terminal can be bound, so that the user at the terminal side can see the authorized asset information (namely, the operation and maintenance list). And, at the time of operation, operation is enabled only through the authorization check as shown in fig. 3.
It should be understood that the above method for setting the operation and maintenance rule is only exemplary, and those skilled in the art can make various modifications according to the above method, and modifications or contents after the modifications are also within the scope of the present application.
Here, the operation and maintenance auditing method shown in fig. 3 is implemented based on the operation and maintenance rule setting method shown in fig. 2.
Referring to fig. 3, fig. 3 shows a flowchart of an operation and maintenance auditing method according to an embodiment of the present application. The operation and maintenance auditing method shown in fig. 3 comprises the following steps:
and step S310, the operation and maintenance audit management system acquires the terminal information to be verified of the target terminal. The terminal information to be verified comprises operating system type information of the target terminal and/or version type information of a browser in the target terminal.
It should be understood that the target terminal may be any one of a plurality of terminals communicatively connected to the operation and maintenance audit management system, or may be a designated one of the plurality of terminals.
It should also be understood that version type information of the browser in the target terminal includes type information and version information of the browser.
It should also be understood that the operating system type information of the target terminal and/or the version type information of the browser in the target terminal includes the operating system type information of the target terminal, the version type information of the browser in the target terminal, and the operating system type information of the target terminal and the version type information of the browser in the target terminal.
It should also be understood that, while the above description is given by taking as an example that the terminal information to be verified includes the operating system type information of the target terminal and/or version type information of the browser in the target terminal, it should be understood by those skilled in the art that the terminal information to be verified may also include other information, and the embodiment of the present application is not limited thereto.
For example, the terminal information to be verified may further include a source IP address of the terminal, etc.
It should also be understood that the specific process of the operation and maintenance audit management system obtaining the terminal information to be verified of the target terminal may be set according to actual requirements, and the embodiment of the application is not limited thereto.
Alternatively, in the case where the target account number has been registered through the target terminal, the target terminal may be displayed with an operation and maintenance list. Therefore, when a user at the target terminal side can click on the operation and maintenance list to perform asset operation and maintenance, the target terminal is triggered to generate an operation and maintenance request carrying UA information of the browser, and the operation and maintenance request is sent to an operation and maintenance audit management system. Correspondingly, the operation and maintenance audit management system receives an operation and maintenance request sent by the target terminal.
The UA information can carry the type information of the operating system of the target terminal and/or the version type information of the browser in the target terminal, so that the operation and maintenance audit management system can acquire the type information of the operating system of the target terminal and the version type information of the browser in the target terminal according to the UA information.
And step S320, the operation and maintenance audit management system matches the operation and maintenance terminal information set with the terminal information to be verified. The operation and maintenance terminal information set comprises a plurality of operation and maintenance terminal information which are input in advance, and each operation and maintenance terminal information in the plurality of operation and maintenance terminal information can correspond to an operation and maintenance asset.
It should be understood that the plurality of operation and maintenance terminal information in the operation and maintenance terminal information set may be operation and maintenance terminal information in operation and maintenance rules entered in advance.
For ease of understanding, the following description is made by way of specific examples.
Specifically, the operation and maintenance audit management system compares the terminal information to be verified with each operation and maintenance terminal information in the operation and maintenance terminal information set to determine whether target operation and maintenance terminal information corresponding to the terminal information to be verified exists in the operation and maintenance terminal information set.
For example, in the case that the terminal information to be verified includes the IP address of the terminal and version type information of the browser in the terminal, each piece of operation and maintenance terminal information in the set of operation and maintenance terminal information may be compared, and if it is determined that the IP address of the terminal in the target operation and maintenance terminal information in the set of operation and maintenance terminal information and the version type information of the browser are identical to the IP address of the terminal in the terminal information to be verified and the version type information of the browser, it is determined that the target operation and maintenance terminal information and the terminal information to be verified are matched.
And step S330, if the operation and maintenance audit management system determines that the terminal information to be verified is matched with the target operation and maintenance terminal information through matching, allowing the target terminal to operate and maintain the operation and maintenance asset corresponding to the target operation and maintenance terminal information.
Specifically, if the terminal information to be verified is matched with the target operation and maintenance terminal information through matching, the operation and maintenance audit management system acquires the environment information of the target terminal. The environment information may reflect a security level or a trusted level of the target terminal, and may include environment information in which the target terminal side user is located during a payment operation (e.g., a transfer operation, etc.).
The operation and maintenance audit management system may then determine the security level of the environment in which the target terminal is located according to the environmental information (e.g., determine the security level by determining whether the payment operation satisfies the number of preset conditions, if the environmental information satisfies one preset condition, determine the security level of the environment in which the target terminal is located as a low security level, and if the environmental information satisfies two or more preset conditions, determine the security level of the environment in which the target terminal is located as a high security level, where the preset conditions may include whether the payment channel is a secure channel, whether the payment channel is connected to a public network, whether a screen blockage occurs during the payment process, and so on).
After determining the security level of the environment where the target terminal is located, if the security level of the environment where the target terminal is located is higher than the preset security level, allowing the target terminal to operate and maintain the operation and maintenance asset corresponding to the target operation and maintenance terminal information; and if the security level of the environment where the target terminal is located is not higher than the preset security level, the operation and maintenance asset corresponding to the operation and maintenance terminal information of the target terminal is not allowed to be operated and maintained.
It should be understood that the specific security level corresponding to the preset security level may be set according to actual requirements, and embodiments of the present application are not limited thereto.
In addition, in the process of allowing the target terminal to operate and maintain the operation and maintenance asset corresponding to the target operation and maintenance terminal information, the operation and maintenance audit management system can receive operation and maintenance record data sent by the target terminal. The operation and maintenance record data can be log record data of the target terminal in the operation and maintenance process. The operation and maintenance audit management system can then detect the operation and maintenance record data to determine whether preset sensitive operation and maintenance data exists in the operation and maintenance record data.
It should be understood that the specific data of the sensitive operation and maintenance data may be set according to actual requirements, and embodiments of the present application are not limited thereto.
For example, in the case where the sensitive operation data is configurable sensitive instruction data, the sensitive operation data includes a system restart instruction, a close interface instruction, and an instruction to force a process to be turned off.
For another example, in the case where the sensitive operation data is a configurable sensitive field, the sensitive operation data may be a number or symbol or the like.
In addition, if the operation and maintenance record data contains sensitive operation and maintenance data through detection, a stop instruction for indicating the target terminal to stop operation and maintenance is sent to the target terminal, so that the target terminal stops operation and maintenance according to the stop instruction; if the operation and maintenance record data does not contain sensitive operation and maintenance data through detection, continuing to perform next detection.
And step S340, if the operation and maintenance audit management system determines that the terminal information to be verified and the operation and maintenance terminal information set are not matched through matching, the operation and maintenance audit management system does not allow the target terminal to operate and maintain the operation and maintenance asset corresponding to the target operation and maintenance terminal information.
Therefore, in the process of verifying authorization, the embodiment of the application judges the identity of the authenticated user by limiting the type of the operation and maintenance terminal and the version type of the browser thereof, thereby ensuring that the network and the data are not invaded and protected by abnormal users.
It should be noted that, although the above description is given by taking an example in which the user has logged into the system, those skilled in the art should understand that the operation and maintenance process in which the user has not logged into the system may be set according to actual requirements, and the embodiment of the present application is not limited thereto.
For example, if the user clicks the operation and maintenance list under the condition that the user does not log in the system, the user side generates a corresponding operation and maintenance request, and the operation and maintenance request at this time may not carry the operating system type information of the target terminal and the version type information of the browser in the target terminal, so that the operation and maintenance audit management system can match the related information carried in the operation and maintenance request at this time with the operation and maintenance terminal information set, and if other information is matched, the operation and maintenance asset in the unregistered state corresponding to the operation and maintenance target terminal information of the target terminal can be allowed.
That is, the operation and maintenance assets in the embodiment of the present application may include an operation and maintenance asset in a logged-in state and an operation and maintenance asset in a non-logged-in state, and the importance degree of the operation and maintenance asset in the logged-in state is higher than that of the operation and maintenance asset in the non-logged-in state. The operation and maintenance asset in the login state can be required to verify the operating system type information of the target terminal and the version type information of the browser in the target terminal, and the operation and maintenance asset in the non-login state can be unnecessary to verify the operating system type information of the target terminal and the version type information of the browser in the target terminal.
In order to facilitate an understanding of embodiments of the present application, the following description is made by way of specific examples.
Referring to fig. 4, fig. 4 shows a specific flowchart of an operation and maintenance auditing method according to an embodiment of the present application. The method as shown in fig. 4 includes:
In step S410, the administrator configures user authorization.
Specifically, an administrator creates operation and maintenance authorization, accurately configures user information and asset information, and can bind users, terminals and assets. The type of the terminal and the version and model of the browser can be selectively configured in the authorization, and the terminal of multiple types can be supported to be configured, and the terminals configured in the authorization can be operated and maintained. In addition, if the terminal is not configured, all types of terminals are defaulted, and all types of browsers can access the operation and maintenance.
Step S420, the user logs in the operation and maintenance audit management system through the target terminal.
And step S430, the target terminal sends an operation and maintenance request to the operation and maintenance audit management system. Correspondingly, the operation and maintenance audit management system receives an operation and maintenance request sent by the target terminal.
Step S440, the operation and maintenance audit management system judges whether the target terminal is an authorized terminal according to the operation and maintenance request.
If it is determined that the target terminal is an authorized terminal, step S450 may be executed; if it is determined that the target terminal is not an authorized terminal, step S460 may be performed.
Step S450, the operation and maintenance are successful.
Step S460, the operation and maintenance fail.
Step S470, log audit.
Specifically, if the log determines that the information of multiple terminals of the same IP is changed greatly, alarm information can be generated.
It should be understood that the above operation and maintenance auditing method is merely exemplary, and those skilled in the art can make various modifications according to the above method, and modifications or modifications are also within the scope of the present application.
Referring to fig. 5, fig. 5 shows a block diagram of an operation and maintenance auditing apparatus 500 according to an embodiment of the present application, and it should be understood that the operation and maintenance auditing apparatus 500 corresponds to the method embodiments of fig. 3 and fig. 4, and is capable of executing the steps involved in the method embodiments, and specific functions of the operation and maintenance auditing apparatus 500 may be referred to the above description, and detailed descriptions thereof are omitted herein as appropriate to avoid redundancy. The operation and maintenance auditing device 500 includes at least one software functional module that can be stored in memory in the form of software or firmware (firmware) or cured in an Operating System (OS) of the operation and maintenance auditing device 500. Specifically, the operation and maintenance auditing apparatus 500 includes:
The obtaining module 510 is configured to obtain terminal information to be verified of the target terminal, where the terminal information to be verified includes operating system type information of the target terminal and/or version type information of a browser in the target terminal;
the matching module 520 is configured to match the operation and maintenance terminal information set with the terminal information to be verified, where the operation and maintenance terminal information set includes a plurality of operation and maintenance terminal information that is input in advance, and each operation and maintenance terminal information in the plurality of operation and maintenance terminal information corresponds to an operation and maintenance asset;
and the determining module 530 is configured to allow the target terminal to operate and maintain the operation and maintenance asset corresponding to the target operation and maintenance terminal information if the terminal information to be verified and the target operation and maintenance terminal information are determined to match through matching.
In one possible embodiment, the terminal information to be verified includes operating system type information of the target terminal and version type information of a browser in the target terminal;
the obtaining module 510 is specifically configured to: receiving an operation and maintenance request carrying user agent information sent by a target terminal; and acquiring the type information of the operating system of the target terminal and the version type information of the browser in the target terminal according to the user agent information.
In one possible embodiment, the operation and maintenance auditing apparatus further includes: a receiving module (not shown) for receiving the operation and maintenance record data transmitted by the target terminal; a detection module (not shown) for detecting the operation and maintenance record data; and a transmitting module (not shown) for transmitting a stop instruction for instructing the target terminal to stop the operation if it is determined by the detection that the operation record data contains sensitive operation data.
In one possible embodiment, the determining module 530 is specifically configured to: if the terminal information to be verified is matched with the target operation and maintenance terminal information through matching, acquiring environment information of the target terminal; determining the security level of the environment where the target terminal is located according to the environment information; and if the security level of the environment where the target terminal is located is higher than the preset security level, allowing the target terminal to operate and maintain the operation and maintenance asset corresponding to the target operation and maintenance terminal information.
It will be clear to those skilled in the art that, for convenience and brevity of description, reference may be made to the corresponding procedure in the foregoing method for the specific working procedure of the apparatus described above, and this will not be repeated here.
Referring to fig. 6, fig. 6 shows a block diagram of an electronic device 600 according to an embodiment of the application. As shown in fig. 6. Electronic device 600 may include processor 610, communication interface 620, memory 630, and at least one communication bus 640. Wherein communication bus 640 is used to enable direct connection communications for these components. Wherein, the communication interface 620 in the embodiment of the present application is used for signaling or data communication with other devices. The processor 610 may be an integrated circuit chip with signal processing capabilities. The processor 610 may be a general-purpose processor, including a central processing unit (Central Processing Unit, CPU for short), a network processor (Network Processor, NP for short), etc.; but may also be a Digital Signal Processor (DSP), application Specific Integrated Circuit (ASIC), an off-the-shelf programmable gate array (FPGA) or other programmable logic device, discrete gate or transistor logic device, discrete hardware components. The disclosed methods, steps, and logic blocks in the embodiments of the present application may be implemented or performed. A general purpose processor may be a microprocessor or the processor 610 may be any conventional processor or the like.
The Memory 630 may be, but is not limited to, random access Memory (Random Access Memory, RAM), read Only Memory (ROM), programmable Read Only Memory (Programmable Read-Only Memory, PROM), erasable Read Only Memory (Erasable Programmable Read-Only Memory, EPROM), electrically erasable Read Only Memory (Electric Erasable Programmable Read-Only Memory, EEPROM), etc. The memory 630 has stored therein computer readable instructions which, when executed by the processor 610, enable the electronic device 600 to perform the steps involved in the method embodiments described above.
The electronic device 600 may also include a memory controller, an input-output unit, an audio unit, a display unit.
The memory 630, the memory controller, the processor 610, the peripheral interface, the input/output unit, the audio unit, and the display unit are electrically connected directly or indirectly to each other, so as to realize data transmission or interaction. For example, the elements may be electrically coupled to each other via one or more communication buses 640. The processor 610 is configured to execute executable modules stored in the memory 630. And, the apparatus 300 is for performing the following method: acquiring terminal information to be verified of a target terminal, wherein the terminal information to be verified comprises operating system type information of the target terminal and/or version type information of a browser in the target terminal; matching an operation and maintenance terminal information set with the terminal information to be verified, wherein the operation and maintenance terminal information set comprises a plurality of operation and maintenance terminal information which are input in advance, and each operation and maintenance terminal information in the plurality of operation and maintenance terminal information corresponds to an operation and maintenance asset; and if the terminal information to be verified is matched with the target operation and maintenance terminal information, allowing the target terminal to operate and maintain the operation and maintenance asset corresponding to the target operation and maintenance terminal information.
The input-output unit is used for providing the user with input data to realize the interaction between the user and the server (or the local terminal). The input/output unit may be, but is not limited to, a mouse, a keyboard, and the like.
The audio unit provides an audio interface to the user, which may include one or more microphones, one or more speakers, and audio circuitry.
The display unit provides an interactive interface (e.g. a user-operated interface) between the electronic device and the user or is used to display image data to a user reference. In this embodiment, the display unit may be a liquid crystal display or a touch display. In the case of a touch display, the touch display may be a capacitive touch screen or a resistive touch screen, etc. supporting single-point and multi-point touch operations. Supporting single-point and multi-point touch operations means that the touch display can sense touch operations simultaneously generated from one or more positions on the touch display, and the sensed touch operations are passed to the processor for calculation and processing.
It is to be understood that the configuration shown in fig. 6 is illustrative only, and that the electronic device 600 may also include more or fewer components than shown in fig. 6, or have a different configuration than shown in fig. 6. The components shown in fig. 6 may be implemented in hardware, software, or a combination thereof.
The application also provides a storage medium having stored thereon a computer program which, when executed by a processor, performs the method according to the method embodiment.
The application also provides a computer program product which, when run on a computer, causes the computer to perform the method according to the method embodiments.
It will be clear to those skilled in the art that, for convenience and brevity of description, reference may be made to the corresponding procedure in the foregoing method for the specific working procedure of the system described above, and this will not be repeated here.
It should be noted that, in the present specification, each embodiment is described in a progressive manner, and each embodiment is mainly described as different from other embodiments, and identical and similar parts between the embodiments are all enough to be referred to each other. For the apparatus class embodiments, the description is relatively simple as it is substantially similar to the method embodiments, and reference is made to the description of the method embodiments for relevant points.
In the several embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other manners. The apparatus embodiments described above are merely illustrative, for example, of the flowcharts and block diagrams in the figures that illustrate the architecture, functionality, and operation of possible implementations of apparatus, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
In addition, functional modules in the embodiments of the present application may be integrated together to form a single part, or each module may exist alone, or two or more modules may be integrated to form a single part.
The functions, if implemented in the form of software functional modules and sold or used as a stand-alone product, may be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution, in the form of a software product stored in a storage medium, comprising several instructions for causing a computer device (which may be a personal computer, a server, a network device, etc.) to perform all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: a usb disk, a removable hard disk, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a magnetic disk, or an optical disk, or other various media capable of storing program codes. It is noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The above description is only of the preferred embodiments of the present application and is not intended to limit the present application, but various modifications and variations can be made to the present application by those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the protection scope of the present application. It should be noted that: like reference numerals and letters denote like items in the following figures, and thus once an item is defined in one figure, no further definition or explanation thereof is necessary in the following figures.
The foregoing is merely illustrative of the present application, and the present application is not limited thereto, and any person skilled in the art will readily recognize that variations or substitutions are within the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.

Claims (10)

1. The operation and maintenance auditing method is characterized in that the method is applied to an operation and maintenance auditing management system, and the operation and maintenance auditing management system is connected with a plurality of terminals and a plurality of operation and maintenance assets; the method comprises the following steps:
Pre-authorizing the operation and maintenance rights of the appointed operation and maintenance asset to the appointed terminal, and setting operation and maintenance rules; the operation and maintenance rule is used for checking and comprises operation and maintenance terminal information; the operation and maintenance terminal information comprises operating system type information of the appointed terminal and version type information of a browser;
The operation and maintenance rights of the appointed operation and maintenance asset are authorized to the appointed user in advance, and the operation and maintenance asset, the user and the terminal are bound;
Acquiring terminal information to be verified of a target terminal, wherein the terminal information to be verified comprises operating system type information of the target terminal and/or version type information of a browser in the target terminal;
matching an operation and maintenance terminal information set with the terminal information to be verified, wherein the operation and maintenance terminal information set comprises a plurality of operation and maintenance terminal information which are input in advance, and each operation and maintenance terminal information in the plurality of operation and maintenance terminal information corresponds to an operation and maintenance asset;
and if the terminal information to be verified is matched with the target operation and maintenance terminal information, allowing the target terminal to operate and maintain the operation and maintenance asset corresponding to the target operation and maintenance terminal information.
2. The operation and maintenance auditing method according to claim 1, characterized in that the terminal information to be verified includes operating system type information of the target terminal and version type information of a browser in the target terminal;
the obtaining the terminal information to be verified of the target terminal includes:
receiving an operation and maintenance request carrying user agent information sent by the target terminal;
and acquiring the operating system type information of the target terminal and the version type information of the browser in the target terminal according to the user agent information.
3. The operation and maintenance auditing method according to claim 1, further comprising:
Receiving operation and maintenance record data sent by the target terminal;
Detecting the operation and maintenance record data;
And if the operation and maintenance record data contains sensitive operation and maintenance data through detection, sending a stop instruction for indicating the target terminal to stop operation and maintenance to the target terminal.
4. The operation and maintenance auditing method according to claim 1, wherein if it is determined by matching that the terminal information to be verified and the target operation and maintenance terminal information match, allowing the target terminal to operate and maintain an operation and maintenance asset corresponding to the target operation and maintenance terminal information, comprising:
If the terminal information to be verified is matched with the target operation and maintenance terminal information through matching, acquiring environment information of the target terminal;
Determining the security level of the environment where the target terminal is located according to the environment information;
And if the security level of the environment where the target terminal is located is higher than the preset security level, allowing the target terminal to operate and maintain the operation and maintenance asset corresponding to the target operation and maintenance terminal information.
5. An operation and maintenance auditing device, comprising:
The acquisition module is used for pre-authorizing the operation and maintenance rights of the appointed operation and maintenance asset to the appointed terminal and setting operation and maintenance rules; the operation and maintenance rule is used for checking and comprises operation and maintenance terminal information; the operation and maintenance terminal information comprises operating system type information of the appointed terminal and version type information of a browser; the operation and maintenance rights of the appointed operation and maintenance asset are pre-authorized to the appointed user, and the operation and maintenance asset, the user and the terminal are bound; the method comprises the steps of obtaining terminal information to be verified of a target terminal, wherein the terminal information to be verified comprises operating system type information of the target terminal and/or version type information of a browser in the target terminal;
The matching module is used for matching the operation and maintenance terminal information set with the terminal information to be verified, wherein the operation and maintenance terminal information set comprises a plurality of operation and maintenance terminal information which is input in advance, and each operation and maintenance terminal information in the plurality of operation and maintenance terminal information corresponds to an operation and maintenance asset;
And the determining module is used for allowing the target terminal to operate and maintain the operation and maintenance asset corresponding to the target operation and maintenance terminal information if the terminal information to be verified is matched with the target operation and maintenance terminal information through matching.
6. The operation and maintenance auditing apparatus according to claim 5, wherein the terminal information to be verified includes operating system type information of the target terminal and version type information of a browser in the target terminal;
The acquiring module is specifically configured to: receiving an operation and maintenance request carrying user agent information sent by the target terminal; and acquiring the operating system type information of the target terminal and the version type information of the browser in the target terminal according to the user agent information.
7. The operation and maintenance auditing device of claim 5, further comprising:
the receiving module is used for receiving the operation and maintenance record data sent by the target terminal;
the detection module is used for detecting the operation and maintenance record data;
And the sending module is used for sending a stop instruction for indicating the target terminal to stop operation and maintenance to the target terminal if the operation and maintenance record data contains sensitive operation and maintenance data through detection.
8. The operation and maintenance auditing device according to claim 6, wherein the determination module is specifically configured to: if the terminal information to be verified is matched with the target operation and maintenance terminal information through matching, acquiring environment information of the target terminal; determining the security level of the environment where the target terminal is located according to the environment information; and if the security level of the environment where the target terminal is located is higher than the preset security level, allowing the target terminal to operate and maintain the operation and maintenance asset corresponding to the target operation and maintenance terminal information.
9. A storage medium having stored thereon a computer program which, when executed by a processor, performs the operation and maintenance auditing method according to any of claims 1-4.
10. An electronic device, comprising: a processor, a memory and a bus, the memory storing machine-readable instructions executable by the processor, the processor in communication with the memory via the bus when the electronic device is operating, the machine-readable instructions when executed by the processor performing the operation and maintenance auditing method according to any of claims 1-4.
CN202110734466.4A 2021-06-30 2021-06-30 Operation and maintenance auditing method and device, storage medium and electronic equipment Active CN113378152B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110734466.4A CN113378152B (en) 2021-06-30 2021-06-30 Operation and maintenance auditing method and device, storage medium and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110734466.4A CN113378152B (en) 2021-06-30 2021-06-30 Operation and maintenance auditing method and device, storage medium and electronic equipment

Publications (2)

Publication Number Publication Date
CN113378152A CN113378152A (en) 2021-09-10
CN113378152B true CN113378152B (en) 2024-09-24

Family

ID=77580126

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110734466.4A Active CN113378152B (en) 2021-06-30 2021-06-30 Operation and maintenance auditing method and device, storage medium and electronic equipment

Country Status (1)

Country Link
CN (1) CN113378152B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114039873B (en) * 2021-11-09 2023-11-28 北京天融信网络安全技术有限公司 Audit method and operation and maintenance security audit system aiming at client type
CN115473824A (en) * 2022-09-06 2022-12-13 北京天融信网络安全技术有限公司 Operation and maintenance management and control processing method, operation and maintenance terminal and operation and maintenance auditing system

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108521347A (en) * 2018-04-10 2018-09-11 江苏亨通工控安全研究院有限公司 Industry control O&M behavior auditing method, apparatus and system
CN112383524A (en) * 2020-11-03 2021-02-19 中国南方电网有限责任公司 Operation and maintenance auditing method, device and medium

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101867490B (en) * 2010-06-09 2014-07-02 中兴通讯股份有限公司 Maintenance operation system and method
CN110764971A (en) * 2019-10-30 2020-02-07 杭州安恒信息技术股份有限公司 Auxiliary database operation and maintenance auditing method and device and electronic equipment
CN112967056A (en) * 2021-03-30 2021-06-15 建信金融科技有限责任公司 Access information processing method and device, electronic equipment and medium

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108521347A (en) * 2018-04-10 2018-09-11 江苏亨通工控安全研究院有限公司 Industry control O&M behavior auditing method, apparatus and system
CN112383524A (en) * 2020-11-03 2021-02-19 中国南方电网有限责任公司 Operation and maintenance auditing method, device and medium

Also Published As

Publication number Publication date
CN113378152A (en) 2021-09-10

Similar Documents

Publication Publication Date Title
JP6680840B2 (en) Automatic detection of fraudulent digital certificates
US11582242B2 (en) System, computer program product and method for risk evaluation of API login and use
CN109376078B (en) Mobile application testing method, terminal equipment and medium
US10462665B2 (en) Multifactor network authentication
US10063538B2 (en) System for secure login, and method and apparatus for same
US10114960B1 (en) Identifying sensitive data writes to data stores
CN104580075A (en) User login validation method, device and system
CN113378152B (en) Operation and maintenance auditing method and device, storage medium and electronic equipment
CN104881602A (en) Unattended Secure Device Authorization
US10462126B2 (en) Self-adjusting multifactor network authentication
EP4242891A2 (en) Systems and methods for securing login access
CN110708335A (en) Access authentication method and device and terminal equipment
CN113360868A (en) Application program login method and device, computer equipment and storage medium
CN106685945B (en) Service request processing method, service handling number verification method and terminal thereof
CN113806825B (en) Verification method and device, storage medium and electronic equipment
CN111259368A (en) Method and equipment for logging in system
CN107645514B (en) Authentication protocol conversion method and device
WO2020001078A1 (en) Safe operation method and system for storage data
CN106851613A (en) Service request method, the verification method of business handling number and its terminal
CN106790159B (en) Secret level checking method and device
CN114386104A (en) Method for storing sensitive data, data reading method and device
CN113761498A (en) Third party login information hosting method, system, equipment and storage medium
CN112948771B (en) Authority verification method and device, readable storage medium and electronic equipment
CN110888716A (en) Data processing method and device, storage medium and electronic equipment
CN106878018B (en) Operation verification method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant