Search

CN-121167716-B - Internet-based technical consultation risk assessment method and system

CN121167716BCN 121167716 BCN121167716 BCN 121167716BCN-121167716-B

Abstract

The invention discloses a technical consultation risk assessment method and a system based on the Internet, which relate to the technical field of data protection, and are used for determining an enterprise data pool, establishing connection relations between the enterprise data pool and an enterprise terminal and between the enterprise data pool and a technical consultation platform respectively, sending consultation data to the technical consultation platform through the enterprise terminal, giving advice data according to the consultation data by the technical consultation platform, storing the consultation data and the corresponding advice data in the enterprise data pool, setting a tracking set corresponding to the enterprise data pool, and counting access information of the enterprise data pool, wherein the access information comprises a processed result of the access data, and the result comprises the removed destruction and normal access, so as to obtain a risk assessment index of the technical consultation. The invention can ensure the safety of the related data storage of the enterprise and can also know the network security risk faced by the enterprise in the technical consultation process.

Inventors

  • DENG QIAO
  • Xu Feier

Assignees

  • 四川信融慧创科技有限公司

Dates

Publication Date
20260505
Application Date
20250904

Claims (6)

  1. 1. The technical consultation risk assessment method based on the Internet is characterized by comprising the following steps of: Determining an enterprise data pool, and establishing connection relations between the enterprise data pool and an enterprise end and between the enterprise data pool and a technical consultation platform respectively; Sending the consultation data to a technical consultation platform through an enterprise terminal, giving advice data according to the consultation data by the technical consultation platform, and storing the consultation data and the corresponding advice data in an enterprise data pool; Setting a tracking set corresponding to the enterprise data pool, wherein the tracking set comprises a plurality of tracking bodies, the whole process monitoring is carried out on the access data of the enterprise data pool through the tracking bodies, the access data which do not meet the safety condition are used as abnormal access, and the access data corresponding to the abnormal access are wrapped and removed for destruction; The step of wrapping and removing the access data corresponding to the abnormal access as the abnormal access, wherein the access data does not meet the safety condition comprises the following steps: setting a plurality of tracking bodies as tracking sets corresponding to connection ports on the enterprise data pool; when an enterprise terminal or a technical consultation platform accesses an enterprise data pool through access data, configuring a corresponding tracking body corresponding to the access data of the enterprise terminal or the technical consultation platform, wherein the tracking body comprises a plurality of tracking packages; Determining an access path of access data of the enterprise terminal or the technical consultation platform, performing whole-course monitoring on an actual access path of the access data of the enterprise terminal or the technical consultation platform through a plurality of tracking packets corresponding to the tracking body, and taking the access data which does not meet the security condition as abnormal access when the actual access path and the access path do not correspond, wherein the step comprises the following steps: setting a plurality of storage areas in an enterprise data pool, wherein the storage areas are isolated from each other, and a plurality of interception points are arranged among the storage areas; storing single consultation data and corresponding suggestion data into the storage areas one by one, and establishing connection channels between the storage areas and the connection ports respectively as access paths; When an enterprise terminal or a technical consultation platform accesses an enterprise data pool to obtain access data, tracking the access data through a tracking body in a connection port, determining a storage area to be accessed by the access data, and determining an access path; Tracking the access data through a plurality of tracking packets of the tracking body respectively, and when the actual access path and the access path of part or all of the access data do not correspond, representing that the security condition is not met, and taking the access data as abnormal access; Abutting and wrapping the tracking packet corresponding to the abnormal access with the access data, separating the tracking packet from the enterprise data pool, and destroying the separated tracking packet; Counting access information of the enterprise data pool, wherein the access information comprises a processed result of the access data, and the result comprises the removed destruction and normal access to obtain a risk assessment index of technical consultation; The step of obtaining the risk assessment index of the technical consultation comprises the following steps: counting the processed results and times of access data accessed to an enterprise data pool; according to the processed results and the times of the access data, the risk assessment index of the technical consultation is obtained as follows: , wherein, For a risk assessment index of technical consultation, In order to access the number of times data is removed for destruction, Accessing a corresponding number of storage areas for the access data to be removed for destruction; in order to access the number of normal accesses of data, The corresponding number of storage areas is normally accessed for accessing the data, To access the weight coefficients for which the data is removed for destruction, , And (3) with Are constants greater than zero.
  2. 2. The internet-based technical consultation risk assessment method of claim 1, wherein the step of determining an enterprise data pool and establishing connection relations between the enterprise data pool and the enterprise end and the technical consultation platform respectively includes: Registering an enterprise terminal and a technical consultation platform based on the Internet, and setting an enterprise data pool corresponding to the enterprise terminal; establishing a connection relation between an enterprise terminal and an enterprise data pool, and establishing a connection relation between the enterprise data pool and a technical consultation platform; And establishing a connection relation between the enterprise terminal and the technical consultation platform.
  3. 3. The internet-based technical consultation risk assessment method according to claim 1, wherein the step of sending consultation data to the technical consultation platform through the enterprise terminal, the technical consultation platform giving advice data according to the consultation data, and storing the consultation data and the corresponding advice data in the enterprise data pool includes: The enterprise terminal selects the consultation form, and inputs consultation information as consultation data through the consultation form; transmitting the consultation data to a technical consultation platform, and giving advice data by the technical consultation platform; the technical consultation platform transmits the advice data to the enterprise terminal, and the enterprise terminal stores the advice data to an enterprise data pool; the advisory data and the corresponding advice data are mapped in the enterprise data pool.
  4. 4. The internet-based technical consultation risk assessment method of claim 1, wherein the step of tracking the access data through a tracking body in the connection port, determining a storage area to be accessed by the access data, and determining an access path includes: enabling a single tracking body in the connection port, and binding the single tracking body with access data through a plurality of tracking packets in the tracking body; And determining a storage area to be accessed by the access data, taking an access path between the access port and the storage area to be accessed as a target path, and binding the target path with a plurality of tracking packets in the tracking body.
  5. 5. The internet-based technical consultation risk assessment method of claim 1, wherein the step of interfacing the trace packet corresponding to the abnormal access with the access data, disconnecting the trace packet from the enterprise data pool, and destroying the trace packet after the disconnection includes: When the actual access path and the access path of the partial access data do not correspond, one tracking packet in the tracking body is started to track the partial access data; Establishing a connection relation among a plurality of interception points, passing part or all of access data through a tracking packet, reaching the front of an actual access path, and carrying out butt joint package on part or all of access data through the tracking packet; And separating the tracking package from the enterprise data pool, and destroying the tracking package after separation.
  6. 6. An internet-based technical consultation risk assessment system for implementing the internet-based technical consultation risk assessment method of any one of claims 1 to 5, comprising: The construction module is used for determining an enterprise data pool and establishing connection relations between the enterprise data pool and an enterprise end and between the enterprise data pool and a technical consultation platform respectively; The consultation module is connected with the construction module and is used for sending consultation data to the technical consultation platform through the enterprise terminal, the technical consultation platform gives advice data according to the consultation data, and the consultation data and the corresponding advice data are stored in the enterprise data pool; the security module is connected with the consultation module and is used for setting a tracking set corresponding to the enterprise data pool, wherein the tracking set comprises a plurality of tracking bodies, the whole process of monitoring is carried out on the access data of the enterprise data pool through the tracking bodies, the access data which do not meet the security conditions are used as abnormal access, and the access data corresponding to the abnormal access are wrapped and removed for destruction; The evaluation module is connected with the security module and is used for counting the access information of the enterprise data pool, wherein the access information comprises the processed result of the access data, and the result comprises the removed destruction and normal access to obtain the risk evaluation index of the technical consultation.

Description

Internet-based technical consultation risk assessment method and system Technical Field The invention relates to the technical field of data protection, in particular to a technical consultation risk assessment method and system based on the Internet. Background As digital economy permeates into various industries, such as digital transformation of manufacturing industry and online upgrading of service industry, the technical system of enterprises is increasingly complex, such as hybrid cloud architecture, AI application and internet of things deployment, and the need of external technical consultation is changed from 'selective supplement' to 'just needed'. Therefore, professional technical consultation is needed to help enterprises to transform and upgrade, online communication is mostly needed between the enterprises and professional technical consultation teams, a large amount of enterprise-related data is needed to be involved in the communication process, the protection of the enterprise-related data is disadvantageous, leakage of the enterprise-related data is easy to cause, and damage is caused to the enterprises. Disclosure of Invention The invention aims to provide a technical consultation risk assessment method and a technical consultation risk assessment system based on the Internet, so as to solve the problem of the deficiency in the background technology. In order to achieve the above purpose, the invention provides the following technical scheme that the technical consultation risk assessment method based on the Internet comprises the following steps: Determining an enterprise data pool, and establishing connection relations between the enterprise data pool and an enterprise end and between the enterprise data pool and a technical consultation platform respectively; Sending the consultation data to a technical consultation platform through an enterprise terminal, giving advice data according to the consultation data by the technical consultation platform, and storing the consultation data and the corresponding advice data in an enterprise data pool; Setting a tracking set corresponding to the enterprise data pool, wherein the tracking set comprises a plurality of tracking bodies, the whole process monitoring is carried out on the access data of the enterprise data pool through the tracking bodies, the access data which do not meet the safety condition are used as abnormal access, and the access data corresponding to the abnormal access are wrapped and removed for destruction; and counting access information of the enterprise data pool, wherein the access information comprises a result of processing the access data, and the result comprises the removed destruction and normal access to obtain a risk assessment index of technical consultation. In a preferred embodiment, the step of determining an enterprise data pool, and establishing connection relations between the enterprise data pool and the enterprise end and the technical consultation platform respectively, includes: Registering an enterprise terminal and a technical consultation platform based on the Internet, and setting an enterprise data pool corresponding to the enterprise terminal; establishing a connection relation between an enterprise terminal and an enterprise data pool, and establishing a connection relation between the enterprise data pool and a technical consultation platform; And establishing a connection relation between the enterprise terminal and the technical consultation platform. In a preferred embodiment, the step of sending, by the enterprise terminal, the advisory data to the technical advisory platform, the technical advisory platform giving advice data according to the advisory data, and storing the advisory data and the corresponding advice data in the enterprise data pool includes: The enterprise terminal selects the consultation form, and inputs consultation information as consultation data through the consultation form; transmitting the consultation data to a technical consultation platform, and giving advice data by the technical consultation platform; the technical consultation platform transmits the advice data to the enterprise terminal, and the enterprise terminal stores the advice data to an enterprise data pool; the advisory data and the corresponding advice data are mapped in the enterprise data pool. In a preferred embodiment, the step of wrapping the access data which does not meet the security condition as the abnormal access, wrapping the access data corresponding to the abnormal access, and removing the destruction includes: setting a plurality of tracking bodies as tracking sets corresponding to connection ports on the enterprise data pool; when an enterprise terminal or a technical consultation platform accesses an enterprise data pool through access data, configuring a corresponding tracking body corresponding to the access data of the enterprise terminal or the technical consultation platform,