Database dynamic desensitization method and system based on TCP proxy

A database and desensitization technology, which is applied in the field of information security, can solve the problems of low possibility of reuse, few applicable scenarios, and high cost of scenario switching, and achieve the effects of high availability, easy implementation, and linear scalability of performance

Pending Publication Date: 2021-06-11
北京中安星云软件技术有限公司
View PDF0 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] 1. The first type needs to be modified on the application program, with few applicable scenarios, low possibility of reuse, and high cost of scene switching; 2. The actual desensitization operation of the second type of technology requires the support of the database; 3. The second type of technology desensitization Sensitization operations will consume computing resources of the database, that is to say, the actual process of desensitization is completed on the database server; 4. The second type of technology cannot be applied to database systems that do not support desensitization functions

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Database dynamic desensitization method and system based on TCP proxy
  • Database dynamic desensitization method and system based on TCP proxy

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0030] see figure 1 , figure 1 A schematic diagram of steps of a TCP proxy-based database dynamic desensitization method provided by the embodiment of the present invention is as follows:

[0031] Step S100, establishing a TCP proxy between the database client and the database server;

[0032]Step S110, intercepting the request of the database client and the response content of the database server through the TCP proxy;

[0033] Step S120, filtering and matching the request of the database client and the response content of the database server according to a preset policy matching rule to obtain field information to be desensitized;

[0034] Step S130, performing desensitization processing on the field information to be desensitized to obtain desensitized data;

[0035] Step S140: Acquire and analyze and reorganize the desensitized data according to the corresponding database protocol to obtain reorganized data, and send the reorganized data to the corresponding database cl...

Embodiment 3

[0045] see figure 2 , figure 2 A schematic diagram of a TCP proxy-based database dynamic desensitization system module provided by the embodiment of the present invention is as follows:

[0046] The proxy deployment module 100 is used to establish a TCP proxy between the database client and the database server;

[0047] The data interception module 200 is used for intercepting the request of the database client and the response content of the database server through the TCP proxy;

[0048] The filtering and matching module 300 is used for filtering and matching the request of the database client and the response content of the database server according to a preset policy matching rule, so as to obtain the field information to be desensitized;

[0049] The desensitization module 400 is used to desensitize the field information to be desensitized to obtain desensitized data;

[0050] The data reorganization module 500 is used to obtain and analyze and reorganize the desensi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a dynamic database desensitization method and system based on TCP proxy, and relates to the technical field of information security. The dynamic database desensitization method based on the TCP proxy comprises the following steps: establishing the TCP proxy between a database client and a database server; intercepting the request of the database client and the response content of the database server through the TCP proxy; and filtering and matching the request of the database client and the response content of the database server according to a preset strategy matching rule. The dynamic desensitization of the sensitive data access of the database can be realized by only modifying the configuration of the access address of the database without any code modification on the database client, and meanwhile, the database is not configured and modified. In addition, the invention further provides a dynamic database desensitization system based on the TCP proxy. The system comprises a proxy deployment module, a data interception module, a filtering and matching module, a desensitization module and a data recombination module.

Description

technical field [0001] The invention relates to the technical field of information security, in particular to a method and system for dynamic desensitization of databases based on TCP proxy. Background technique [0002] In the existing database dynamic desensitization system, the first type is to explicitly judge the data returned from the request on the database client, which fields are to be desensitized, and then use the corresponding desensitization interface for processing, and then hand it over to the final User; the second category is an improvement over the first category. It is also deployed between the client and the relational database server in the form of a TCP proxy. The corresponding desensitization function is added to the statement (at the same time, the desensitization function needs to be defined on the database) to realize the desensitization function of sensitive fields. [0003] The disadvantages of existing solutions are: [0004] 1. The first type ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/62H04L29/06
CPCG06F21/6245H04L63/0281
Inventor 唐更新宋辉王锋赵卫国
Owner 北京中安星云软件技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap