Search

CN-121996511-A - Interface call risk monitoring method, device, medium and program product

CN121996511ACN 121996511 ACN121996511 ACN 121996511ACN-121996511-A

Abstract

The invention discloses an interface call risk monitoring method, equipment, a medium and a program product. The method relates to the technical field of big data and distribution, and comprises the steps of updating the risk level of each interface caller in a business system according to the risk data of the interface caller and the interface access condition of the interface caller in the last business period, carrying out calling authority detection according to the current risk level of the target interface caller, the interface type of a target function interface and a calling authority matrix, opening the calling authority of the target function interface to the target interface caller when the calling authority detection is carried out, continuously carrying out incremental risk detection on the target interface caller, and carrying out dynamic adjustment on the interface calling authority of the target interface caller according to the incremental risk when the incremental risk is detected. According to the technical scheme, interface calling risk identification can be automatically carried out, and the calling authority of an interface calling party can be timely and accurately adjusted, so that the interface calling safety in a service system is ensured.

Inventors

  • ZHOU QIANQIAN

Assignees

  • 中国工商银行股份有限公司

Dates

Publication Date
20260508
Application Date
20260202

Claims (10)

  1. 1. An interface call risk monitoring method, comprising: In the information maintenance time window, updating the risk level of each interface calling party in the service system according to the risk data of the interface calling party and the interface access condition of the interface calling party in the last service period; When a target interface caller initiates the call of a target function interface, carrying out call authority detection according to the current risk level of the target interface caller, the interface type of the target function interface and a preset call authority matrix, and opening the call authority of the target function interface to the target interface caller when the call authority detection is carried out; After the target interface caller successfully calls the target function interface, continuously detecting the increment risk of the target interface caller, and dynamically adjusting the interface calling authority of the target interface caller according to the increment risk when the increment risk is detected.
  2. 2. The method of claim 1, wherein updating the risk level of each interface caller in the business system according to the risk data of the interface caller and the interface access condition of the interface caller in the last business period in the information maintenance time window comprises: in the information maintenance time window, acquiring interface caller risk data uploaded by a plurality of associated service systems respectively according to the shared data system, and extracting multi-dimensional risk characteristics of registered interface callers in the service systems according to the interface caller risk data; determining a first risk level of an interface caller according to the multidimensional risk characteristics of the interface caller and the interface caller level; And determining a second risk level according to the calling frequency of the interface calling party to the core service interface in the previous period and the first risk level, and updating the risk level of the interface calling party in a service system according to the second risk level.
  3. 3. The method of claim 2, wherein determining the first risk level for the interface caller based on the multi-dimensional risk characteristics for the interface caller and the interface caller level comprises: according to the interface calling party level, adjusting the initial weight of each dimension risk feature to obtain the first weight of each dimension risk feature corresponding to the interface calling party; Calculating correction coefficients of risk features of each dimension according to a pre-established multi-factor associated knowledge graph, correcting the first weight according to the correction coefficients of the risk features of each dimension, and generating second weights of the risk features of each dimension; And calculating the risk total score of the interface calling party according to the multidimensional risk characteristics of the interface calling party and the second weight of each dimensional risk characteristic, and determining a first risk level according to the risk total score of the interface calling party.
  4. 4. The method according to claim 1, further comprising, after performing call permission detection according to a current risk level of a target interface caller, an interface type of a target function interface, and a pre-established call permission matrix: When the call permission detection is not passed, a first evaluation report uploading prompt is generated and sent to a service manager, and the call permission of a target interface caller to a basic service interface is reserved; When a first evaluation report uploaded by a service manager is received, carrying out validity analysis on the first evaluation report; If the first evaluation report is determined to be a valid evaluation report, determining the interface type which is allowed to be called by the target interface calling party according to the first evaluation report, and updating the function interface calling authority of the target interface calling party according to the interface type which is allowed to be called.
  5. 5. The method of claim 1, wherein dynamically adjusting the interface call rights of the target interface caller based on the incremental risk when the incremental risk is detected comprises: when the incremental risk is detected, carrying out risk correlation analysis according to the incremental risk and each function interface currently called by a target interface calling party; if the risk association relation between the incremental risk and at least one currently called functional interface is determined, risk prompt information is generated and sent to a service manager, and according to a second evaluation report fed back by the service manager, the functional interface calling state of the target interface calling party is determined to be maintained or the target interface calling party is cleared.
  6. 6. The method as recited in claim 1, further comprising: Responding to a risk screening request initiated by a service manager aiming at a newly added interface caller in a service system, and extracting the total risk data of the newly added interface caller in a shared data system according to the identification information of the newly added interface caller in each service scene; and classifying the total risk data, and displaying the risk information of the newly added interface caller to a service manager according to the classification result and the data source of the total risk data.
  7. 7. The method as recited in claim 1, further comprising: determining associated risk items of a service system according to a function interface currently provided in the service system; When the risk data of the interface calling party is extracted from the shared data system, filtering the original risk data in the distributed data system according to the associated risk item and the preset effective time interval, and extracting the risk data of the interface calling party after filtering.
  8. 8. An electronic device, the electronic device comprising: At least one processor, and A memory communicatively coupled to the at least one processor, wherein, The memory stores a computer program executable by the at least one processor to enable the at least one processor to perform the interface call risk monitoring method of any one of claims 1-7.
  9. 9. A computer readable storage medium storing computer instructions for causing a processor to implement the interface call risk monitoring method of any one of claims 1-7 when executed.
  10. 10. A computer program product, characterized in that the computer program product comprises a computer program which, when executed by a processor, implements the interface call risk monitoring method according to any of claims 1-7.

Description

Interface call risk monitoring method, device, medium and program product Technical Field The present invention relates to the field of big data and distributed technologies, and in particular, to an interface call risk monitoring method, device, medium, and program product. Background In the service system, the interface calling party and each application programming interface supporting the service function can be managed, and the calling relation between the interface calling party and the application programming interface is maintained, for example, for the interface calling party with lower risk, the interface calling authority of the core service is opened, and for the interface calling party with higher risk, only the interface calling authority of the basic service is opened, and the calling of the core service interface is limited, thereby ensuring the safety of the service system. In the prior art, basic information of an interface caller is generally input in advance in a service system, and the type of a functional interface which can be called by each interface caller is defined, so that when the interface caller calls the functional interface, whether the interface caller is allowed to call a specified functional interface is judged according to a preset calling relationship. The existing service system lacks a risk identification function for calling interfaces, service personnel are required to query the associated service system to judge the risk condition of each interface calling party, however, the operation flow is complex, the workload is increased, the risk information is easily lost due to missing query links, and the associated service systems provide the full risk information of the interface calling party, a large amount of risk information irrelevant to the current service is mixed, so that the pertinence and the efficiency of risk identification are reduced, and the rapid focusing of key risk points by the service personnel is not facilitated. Disclosure of Invention The invention provides an interface call risk monitoring method, equipment, medium and program product, which can automatically identify the interface call risk, timely and accurately adjust the call authority of an interface caller, thereby ensuring the interface call safety in a service system. According to an aspect of the present invention, there is provided an interface call risk monitoring method, including: In the information maintenance time window, updating the risk level of each interface calling party in the service system according to the risk data of the interface calling party and the interface access condition of the interface calling party in the last service period; When a target interface caller initiates the call of a target function interface, carrying out call authority detection according to the current risk level of the target interface caller, the interface type of the target function interface and a preset call authority matrix, and opening the call authority of the target function interface to the target interface caller when the call authority detection is carried out; After the target interface caller successfully calls the target function interface, continuously detecting the increment risk of the target interface caller, and dynamically adjusting the interface calling authority of the target interface caller according to the increment risk when the increment risk is detected. Optionally, in the information maintenance time window, updating the risk level of each interface caller in the service system according to the risk data of the interface caller and the interface access condition of the interface caller in the last service period, including: in the information maintenance time window, acquiring interface caller risk data uploaded by a plurality of associated service systems respectively according to the shared data system, and extracting multi-dimensional risk characteristics of registered interface callers in the service systems according to the interface caller risk data; determining a first risk level of an interface caller according to the multidimensional risk characteristics of the interface caller and the interface caller level; And determining a second risk level according to the calling frequency of the interface calling party to the core service interface in the previous period and the first risk level, and updating the risk level of the interface calling party in a service system according to the second risk level. The method has the advantages that through multi-system risk data integration, one-sided performance of a single data source can be avoided, the comprehensiveness of risk assessment is improved, the grade is dynamically updated based on actual risk data and access behaviors, hysteresis of static assessment can be avoided, and assessment accuracy is effectively improved. Optionally, determining the first risk level of the interface caller according to the multi