Search

CN-121997304-A - Information security management system for software development data

CN121997304ACN 121997304 ACN121997304 ACN 121997304ACN-121997304-A

Abstract

The invention relates to the technical field of software development. The invention provides an information security management system for software development data, which comprises a user operation end, a mobile management terminal, a remote terminal and a management terminal, wherein the user operation end is used for submitting a login request, applying for access to read designated files, receiving authority coding and decoding information and executing reading or operation requests of corresponding files, the mobile management terminal is used for generating and transferring authority information of a user and authority information of the files applying for access to read, generating decoding information of each corresponding file according to the authority information and sending the decoding information to the user operation end, and the remote terminal is used for receiving and processing information forwarded by the mobile management terminal and receiving the access read information sent by the user operation end.

Inventors

  • Chao Haijing
  • WANG YEJIAO

Assignees

  • 常州工业职业技术学院

Dates

Publication Date
20260508
Application Date
20260123

Claims (10)

  1. 1. A system for information security management of software development data, the system comprising: the user operation terminal is used for submitting a login request, applying for accessing and reading the designated file, receiving authority coding and decoding information and executing a reading or operation request of the corresponding file; The mobile management terminal comprises a permission information identification module and a software information encryption management module and is used for generating and transmitting permission information of a user and file permission information which is applied to access and read, generating decoding information of each corresponding file according to the permission information of the user and the file permission information which is applied to access and read, and transmitting the decoding information to a user operation terminal; the system comprises a right information identification module, a software information encryption management module, a software information management module and a data access and reading module, wherein the right information identification module is used for acquiring user login information, judging whether a user has operation right according to user identity information when receiving a data access and reading request, and generating right information and logs of the user; The remote terminal is used for receiving and processing the information forwarded by the mobile management terminal and receiving the access reading information sent by the user operation terminal; The mobile management terminal, the remote terminal and the user operation terminal perform data transmission in a wireless transmission mode.
  2. 2. The system for information security management of software development data according to claim 1 wherein said user login information in the mobile management terminal includes user identity information including user name, ID, IMSI, user permission level, target file request information, file permission information for access, said log including ID, access time, target file path, access type including read/write, permission judgment result, operation result; The authority information identification module comprises an identity authentication sub-module, an information uploading sub-module, a demand sub-module and a retrieval sub-module; The identity authentication submodule comprises an identity authentication unit, a permission control unit and an operation log unit; The information uploading submodule is used for acquiring and reporting the IP address, the MAC address, the VNI number and the VETP IP address of the virtual machine when each virtual machine joins the VXLAN network; the identity authentication submodule is used for receiving and storing key information of at least one piece of protected software and information authentication parameters required by executing the key information, and simultaneously authenticating the information authentication parameters and the IMSI information, wherein the key information is a functional parameter of the software information, and the information authentication parameters are user identification and/or the software information; The requirement submodule is used for receiving operation requirement information of a user for accessing the target file and transmitting a corresponding permission judging request to the identity authentication submodule; The searching submodule is used for inquiring file information which is authorized to be accessed by the user and matching an operable target file set for subsequent permission judgment or log generation.
  3. 3. The system for information security management of software development data according to claim 2, wherein the encryption processing in the software information encryption management module comprises the specific steps of: Step S01, generating a key pair, namely generating a positive integer e and a positive decimal d to enable The method comprises the steps of storing a positive integer e as a secret key, generating an integer N which represents a length value when a plaintext is represented in decimal, and disclosing { d, s, N, N } as a public key; step S02 encryption, the encryption party generates decimal m so that And the decimal number of M is not more than s, M is plaintext, and the encryption party calculates C is ciphertext.
  4. 4. A system for information security management of software development data according to claim 2 wherein said mobile management terminal has the authority to operate, read status information sent by the remote terminal.
  5. 5. The system for information security management of software development data according to claim 1 wherein said generating decoding information of each corresponding file from authority information in the mobile management terminal is to calculate an intermediate value using a octave formula Wherein e is a multiple of Deriving an intermediate value Calculating The plaintext M is obtained.
  6. 6. The system for information security management of software development data according to claim 1 wherein said mobile management terminal further comprises an SDK distribution module and an information reinforcement module; The SDK distribution module is used for reinforcing AAR and JAR files by using DEX shelling, DEX source code separation and dynamic restoration, DEXVMP and anti-debugging technology, and carrying out safety protection on a mobile management terminal, and comprises the following steps: Protecting a resource file, an SO file and an operation data file in the mobile management terminal; Monitoring the memory space of the mobile management terminal; collecting fault information of the mobile management terminal; The security situation of the mobile management terminal is obtained, wherein the security situation comprises an attack source, an attack form, an operation environment and related information after the attack of the mobile management terminal; The information reinforcement module is used for carrying out safety reinforcement on the mobile management terminal.
  7. 7. The system for information security management of software development data according to claim 1 wherein the remote terminal processes information forwarded by the mobile management terminal, and wherein the content of the information forwarded by the mobile management terminal is that whether a user is allowed to execute an operation on a file in an information list to which access is applied is confirmed according to user identity information, and when the user is confirmed, the remote terminal transmits user login information to the mobile management terminal, generates an access read permission code corresponding to each file according to permission information of the user and file permission information to which access is applied, transmits the access read permission code to a user operation terminal, and transmits decoding information of a file to which the user has read permission to the user operation terminal, wherein the access read permission code comprises the read permission code and identification codes corresponding to a plurality of permission levels.
  8. 8. The system for information security management of software development data of claim 7 wherein said means for verifying in the remote terminal whether the user is allowed to perform an operation on a file in the list of information for which access is requested is by verifying whether said user identity information matches an identification code of a corresponding permission level of said permission code, and if so, the user has read permission, otherwise the user does not have read permission.
  9. 9. A system for information security management of software development data in accordance with claim 1 wherein said remote terminal comprises: The storage sub-module is used for storing user identity information, authority judging results, access control strategies and file information lists which are applied to be accessed by the users; the transmission sub-module is used for transmitting the judgment result of the user access authority and the corresponding access reading authority code to the mobile management terminal or the user operation terminal; and the display sub-module is used for displaying file information, authority verification state and operation log which are applied to access and read by the user and checking and confirming by a manager.
  10. 10. The system for information security management of software development data according to claim 1, wherein after the generation of the access read permission code corresponding to each file in the remote terminal, the remote terminal generates an access read log and generates a waiting confirmation information identifier, and when the time difference between the access read information sent by the user operation terminal and the access read information generated by the remote terminal is greater than a preset time threshold, early warning information is sent.

Description

Information security management system for software development data Technical Field Embodiments of the present invention generally relate to the field of software development technologies, and in particular, to an information security management system and apparatus for software development data. Background In a mature software development company, an enterprise typically collects, files and compiles common code segments, and the components are categorized into different business components according to business classifications. At this time, a developer can select an appropriate service component to use according to needs, so that the development efficiency and development quality of a software project are improved, and after the code segments are modularized, enterprises form an own intellectual property system and gradually accumulate and grow. In the development process of software, the auxiliary support of the management system is not available in the early stage, the middle stage or the later stage, but the supervision of the management system is poor for the manager when the manager goes out, the manager often needs to access the company system through an unsafe public network, the core assets such as source codes, design documents and the like face high risks of being stolen or leaked, and potential safety hazards exist. Disclosure of Invention In order to solve the problems, the portable mobile management terminal, the remote terminal and the user operation terminal are used for carrying out data transmission in a wireless transmission mode, so that the state information of the user access terminal can be real-time through the mobile management terminal, the access authority and the file decoding authority are separated, the problem of code leakage when a manager goes out is avoided, and meanwhile, when the state information of the accessed user operation terminal triggers a dangerous signal, the manager can be timely warned to carry out rescue, and therefore monitoring of software information managed by the manager in the process of going out is greatly improved, and information leakage is avoided. According to an embodiment of the present invention, there is provided a system for information security management of software development data. The system comprises: the user operation terminal is used for submitting a login request, applying for accessing and reading the designated file, receiving authority coding and decoding information and executing a reading or operation request of the corresponding file; The mobile management terminal comprises a permission information identification module and a software information encryption management module and is used for generating and transmitting permission information of a user and file permission information which is applied to access and read, generating decoding information of each corresponding file according to the permission information of the user and the file permission information which is applied to access and read, and transmitting the decoding information to a user operation terminal; the system comprises a right information identification module, a software information encryption management module, a software information management module and a data access and reading module, wherein the right information identification module is used for acquiring user login information, judging whether a user has operation right according to user identity information when receiving a data access and reading request, and generating right information and logs of the user; The remote terminal is used for receiving and processing the information forwarded by the mobile management terminal and receiving the access reading information sent by the user operation terminal; The mobile management terminal, the remote terminal and the user operation terminal perform data transmission in a wireless transmission mode. Further, the user login information in the mobile management terminal comprises user identity information, user authority level, target file request information and file authority information for applying access and reading, wherein the user identity information comprises a user name, an ID and an IMSI; The authority information identification module comprises an identity authentication sub-module, an information uploading sub-module, a demand sub-module and a retrieval sub-module; The identity authentication submodule comprises an identity authentication unit, a permission control unit and an operation log unit; The information uploading submodule is used for acquiring and reporting the IP address, the MAC address, the VNI number and the VETP IP address of the virtual machine when each virtual machine joins the VXLAN network; the identity authentication submodule is used for receiving and storing key information of at least one piece of protected software and information authentication parameters required by executing the key information, and simultan