CN-121984709-A - Public data asset-oriented use behavior identification and compliance supervision system and method

Abstract

The invention relates to the technical field of data safety and supervision, and provides a public data asset-oriented use behavior identification and compliance supervision system and method, aiming at the problems of unclear asset base, compliance supervision lag and the like in the existing public data asset supervision, which restrict national data asset specification management and risk prevention and control, a flow mirror image acquisition module non-invasively captures a public data access request, a semantic analysis and tracking module extracts core asset elements and service system sources in the access request, and generating unique structure and content fingerprints for the data asset, constructing a 'system-interface-field' triplet relation diagram, dynamically updating, judging whether the access behavior is authorized in real time by a compliance judging and alarming module, alarming in a violation time, visually displaying the access condition by a visual supervision module, and establishing a dynamic, accurate and real-time data asset use tracking and compliance supervision mechanism for the national asset supervision department, thereby effectively improving the transparency, compliance and security management level of the national data asset.

Inventors

• LIU YANG
• JIANG YUANCHUN

Assignees

• 合肥工业大学

Dates

Publication Date

20260505

Application Date

20251226

Claims (10)

1. 1. A utility behavior identification and compliance administration system for public data assets, the system comprising: the traffic mirror image acquisition module is used for non-invasively capturing the access request of the business system to the public database; The semantic analysis and tracking module is used for extracting the table names and the field names accessed in the access request and synchronously identifying the service system source of the access request; the data asset fingerprint generation module is used for generating unique structural fingerprints and content fingerprints for public data; The behavior pattern constructing module is used for constructing a triplet relation diagram of a system-interface-field and dynamically updating the access behavior of a user; And the compliance judging and alarming module is used for judging whether the access request exceeds the access authority or not and triggering alarming for unauthorized illegal calling.
2. 2. The utility asset oriented usage behavior identification and compliance administration system of claim 1 wherein the access requests captured by the traffic mirror collection module comprise SQL and API requests into and out of the database.
3. 3. The utility behavior recognition and compliance management system for public data assets of claim 2, wherein the semantic parsing and tracking module comprises: the SQL semantic analysis sub-module performs lexical analysis and grammar analysis on the captured SQL request and extracts structured semantic information; The API call chain tracking sub-module identifies the service system from which the API call request originates by parsing the metadata of the API call request.
4. 4. A public data asset oriented usage behavior recognition and compliance administration system according to claim 3 wherein the process of lexical and grammatical analysis of captured SQL requests comprises: 1) Splitting sentences in the SQL request into a series of meaningful lemmas; 2) And constructing an abstract grammar tree according to SQL grammar rules, and positioning and extracting key elements.
5. 5. A utility behavior identification and compliance administration system for public data assets according to claim 3 wherein the process of identifying the source of the business system of API requests comprises: 1) Extracting a specific field in the HTTP request header, and resolving an IP address and a client_id; 2) And matching the analyzed IP address and the client_id with a registered service system white list, and determining and recording the name of the service system initiating the call.
6. 6. A utility model for public data asset oriented usage behavior identification and compliance administration system as claimed in claim 3 wherein the data asset fingerprint generation module generates unique fingerprints by performing SCHEMA HASH and content sampling hash combinations on the structured data table.
7. 7. A utility behavior recognition and compliance management system for public data assets according to claim 3, wherein the compliance determination and alert module comprises: the usage rule judging sub-module is used for judging whether the access request meets the requirement, if so, normal access is allowed, and if not, the access record is sent to the alarm sub-module; And the alarm sub-module is used for sending an alarm to the received illegal access records and synchronously generating an audit report.
8. 8. The system for identifying and compliance with use behavior for public data assets according to claim 1, further comprising a visual supervision module for visually presenting the results of the access requests in a graph.
9. 9. A method of use behavior identification and compliance supervision for public data assets, the method being implemented based on a use behavior identification and compliance supervision system for public data assets as claimed in any one of claims 1 to 8, comprising the steps of: capturing public data bypassed by a mirror image port of a switch, and acquiring SQL and API requests of a mirror image source port in and out of a database; performing lexical and grammatical analysis on the SQL sentence, and extracting table names, field names and operation types; Identifying the name of the service system of the calling source according to the HTTP header TraceID, token and the application registration information; Carrying out SCHEMA HASH and content sampling hash combination on a structured data table of public data to generate unique fingerprints, and establishing a public data asset fingerprint library based on the unique fingerprints; Dynamically updating access frequency, time stamp and operation type side attribute of a user based on the public data asset fingerprint library; Firstly, judging whether the system is authorized or not, if not, triggering an alarm, if so, continuously judging whether the condition of the access out-of-range exists or not, if so, triggering the alarm, and if not, allowing normal access; timely triggering an alarm for illegal access behaviors of a user, and generating a corresponding audit report for illegal call; And visually displaying the statistical result of the access request.
10. 10. An electronic device comprising at least one processor, and a memory communicatively coupled to the at least one processor, wherein: The memory stores instructions executable by the at least one processor to enable the at least one processor to perform the steps of a common data asset oriented usage behavior identification and compliance supervision method as recited in any one of claims 9.

Description

Public data asset-oriented use behavior identification and compliance supervision system and method Technical Field The invention relates to the technical field of data security and supervision, in particular to a public data asset-oriented use behavior identification and compliance supervision system and method. Background Public data refers to data that is lawfully collected, generated, and managed by a government or public agency, has public attributes, and serves public benefits, generated during the lawfully fulfilling public regulatory responsibilities or providing public services. Meanwhile, the public data is also a national important digital asset, has the characteristics of public attribute, high value density, scale economy and the like, is directly related to the value-keeping value-added and risk prevention and control of national data assets in normal use and safety management, and is required to follow legal, legal and necessary principles according to the data safety law and related national asset management rules, and is opened according to shared attribute, classified and classified management and authorized use in a catalogued and platform mode. Aiming at compliance supervision of public data, the data is required to be unfolded from multiple dimensions such as data rights, security protection, operation regulations and the like, legal utilization of the data is ensured by combining policy regulations and technical means, a governing department can meet compliance supervision responsibility of data use behaviors, the requirements of data security law are strictly followed, the security of the data in links such as collection, storage and transmission is ensured, and privacy leakage, business secret infringement and the like are prevented. However, from the viewpoint of national asset supervision, the management and use of the current public data have the outstanding problems that firstly, the asset base is unclear, which business systems are using which data assets cannot be automatically and accurately identified, so that the asset account is virtual, secondly, the use process is not observed, dynamic association and asset level tracking of data use behaviors are lacking, an effective use audit chain is difficult to form, thirdly, the compliance supervision is lagged, the access behaviors of the data assets are dependent on post-manual audit, the real-time performance is poor, the abuse or override behaviors of the assets cannot be timely early-warned and prevented, fourthly, the management and control cost is high, the traditional supervision mode is often required to be modified or implanted with an agent program on the side of the business systems, the implementation difficulty is high, and the large-scale deployment in huge and complex government or state-run assets systems is unfavorable. In view of this, there is a need to develop a non-invasive and automatic monitoring system and method, which can realize accurate identification, dynamic tracking and real-time compliance monitoring of the use behavior of domestic data assets, and ensure the safe, compliance and efficient use of the data assets by technical means. Disclosure of Invention Aiming at the defects existing in the prior art, the invention provides a public data asset-oriented use behavior identification and compliance supervision system and method, which are suitable for scenes such as government clouds, data sharing exchange platforms and state-run assets data supervision, and the like, and aim to automatically and accurately identify which type of public data is used on the premise of not changing the existing service system, judge whether the public data is used according to a set rule in real time and carry out alarming, auditing and visual display on behaviors which do not accord with the use rule so as to solve the problems existing in the background technology part. In order to achieve the above purpose, the present invention adopts the following technical scheme: in a first aspect, the present invention discloses a public data asset oriented usage behavior identification and compliance administration system comprising: the traffic mirror image acquisition module is used for non-invasively capturing the access request of the business system to the public database; The semantic analysis and tracking module is used for extracting the table names and the field names accessed in the access request and synchronously identifying the service system source of the access request; the data asset fingerprint generation module is used for generating unique structural fingerprints and content fingerprints for public data; The behavior pattern constructing module is used for constructing a triplet relation diagram of a system-interface-field and dynamically updating the access behavior of a user; And the compliance judging and alarming module is used for judging whether the access request exceeds the access authority or not and