CN-122020686-A - Enterprise financial data security management system and method

Abstract

The invention discloses an enterprise financial data safety management system and method, which relate to the technical field of financial data management, wherein the method comprises the steps of collecting enterprise financial data to be shared, marking business types, sensitivity levels and data modes corresponding to the enterprise financial data, and generating financial sharing and marking data; the invention generates common documents in various formats by carrying out hierarchical encryption on enterprise financial data and replacing the data of the hierarchical encrypted part by using a placeholder, the shared user logs in a designated cloud through verification identity, the cloud can decrypt the hierarchical encrypted enterprise financial data conforming to the identity authority of the shared user according to the authority of the verified identity after uploading the shared document and then fill the hierarchical encrypted enterprise financial data into the position of the corresponding placeholder, thereby ensuring that the shared user can acquire the encrypted data conforming to the authority of the shared user and reducing the risk of leakage of the encrypted data.

Inventors

• LIN YONGLIN
• LIU MINGMING

Assignees

• 永浪集团有限公司

Dates

Publication Date

20260512

Application Date

20260123

Claims (8)

1. 1. The enterprise financial data safety management method is characterized by comprising the following steps of: s1, acquiring enterprise financial data to be shared, and marking the business type, the sensitivity level and the data mode corresponding to the enterprise financial data to generate financial sharing and marking data; s2, selecting a proper preset document template based on a data mode, and generating document template sample data; S3, collecting shared user information and service type and sensitivity level data corresponding to the shared user information, and generating shared user authority data; s4, carrying out hierarchical encryption processing on the enterprise financial data according to the corresponding sensitivity level to generate hierarchical encryption data; S5, filling enterprise financial data to corresponding positions of corresponding document template sample data according to a template format, filling and updating positions of the enterprise financial data corresponding to the hierarchical encryption data in the document template sample data by using placeholders, generating shared documents, assigning a unique document identification code to each shared document, and sending the shared documents to a shared user; s6, recording a document unique identification code of each shared document, and generating a shared document information catalog according to the position of each placeholder, the corresponding hierarchical encryption data, the sensitivity level and the service type while generating the shared document; S7, based on the received shared document uploaded by the shared user, the shared user authority data and the shared document information catalog, filling the hierarchical encryption data conforming to the user authority into the corresponding position of the shared document.
2. 2. An enterprise financial data security management method as claimed in claim 1, wherein said S2 comprises the steps of: s2.1, respectively acquiring historical enterprise financial data according to data modes of the enterprise financial data to obtain mode enterprise financial data sets corresponding to the number of the data modes one by one; s2.2, feature extraction and normalization processing are respectively carried out on the model enterprise financial data in each model enterprise financial data set, and a corresponding model enterprise financial data feature vector set is generated; S2.3, performing cluster analysis on the model enterprise financial data feature vectors in the model enterprise financial data feature vector sets to obtain a plurality of model enterprise financial data feature clusters, and recording center vectors of the corresponding model feature clusters; S2.3, setting a corresponding mode document template sample in a manual review mode based on one or more mode enterprise financial data feature clusters corresponding to the same data mode and corresponding mode enterprise financial data to generate mode document template sample data; s2.4, collecting all mode document template sample data to generate a document template sample data set; S2.5, carrying out feature extraction and normalization processing on the enterprise financial data in the financial sharing and labeling data according to the data modes labeled in the financial sharing and labeling data to obtain corresponding mode enterprise financial data feature vectors, and generating mode enterprise financial sharing data feature vectors; S2.6, respectively calculating vector distances between the modal enterprise financial sharing data feature vector and each modal feature cluster center vector corresponding to the same data modality, selecting modal document template sample data corresponding to the modal feature cluster center vector with the smallest vector distance, and generating corresponding document template sample data.
3. 3. An enterprise financial data security management method as claimed in claim 1, wherein said S5 comprises the steps of: s5.1, manually filling the historical enterprise financial data into corresponding positions in corresponding historical mode document template sample data to generate corresponding historical mode document data; S5.2, training a neural network model by taking historical enterprise financial data and corresponding historical mode document template sample data as inputs and corresponding historical mode document data as outputs to obtain a financial data-template mapping model; s5.3, inputting the enterprise financial data and the corresponding document template sample data in the financial sharing and labeling data into the financial data-template mapping model to generate document data; S5.4, filling and updating the position of the enterprise financial data corresponding to the hierarchical encryption data in the document data by using the placeholder to generate a corresponding shared document; S5.5, generating a unique document identification code for each shared document, and marking the unique document identification code corresponding to the shared document; and S5.6, sending the shared document to the shared user.
4. 4. An enterprise financial data security management method as claimed in claim 1, wherein said S4 comprises the steps of: S4.1, setting encryption and decryption algorithms of all sensitivity levels, and generating a sensitivity level-encryption and decryption algorithm comparison table; S4.2, searching an encryption and decryption algorithm corresponding to the marked sensitivity level corresponding to each enterprise financial data in the financial sharing and marking data in the sensitivity level-encryption and decryption algorithm comparison table, and generating target encryption and decryption algorithm data of each enterprise financial data; And S4.3, encrypting the corresponding enterprise financial data by using the enterprise financial data target encryption and decryption algorithm data to generate corresponding hierarchical encryption data.
5. 5. The method for securely managing financial data of enterprises according to claim 1, wherein the financial sharing and labeling data, the document template sample data, the shared user right data, the hierarchical encryption data and the shared document information directory, and the encryption and decryption algorithms for encrypting and decrypting the hierarchical encryption data are uploaded and stored in the cloud.
6. 6. An enterprise financial data security management method as claimed in claim 5, wherein said S7 comprises the steps of: S7.1, the shared user performs authentication login cloud through corresponding to the shared user information; s7.2, uploading the received shared document to the cloud; s7.3, the cloud searches the service type and the sensitivity level data matched with the shared user information in the shared user authority data to obtain target service type and sensitivity level data; And S7.4, searching the positions of the hierarchical encryption data and the placeholders corresponding to the target service type and the sensitivity level data in the shared document information catalog, decrypting the corresponding hierarchical encryption data, and filling the decrypted hierarchical encryption data into the positions of the placeholders corresponding to the shared document to generate the user authority content document.
7. 7. An enterprise financial data security management method as claimed in claim 1, wherein said S7 is further adapted to: And filling the hierarchical encryption data conforming to the user authority into the corresponding position of the shared document based on the received unique document identification code uploaded by the shared user, the shared user authority data and the shared document information directory.
8. 8. An enterprise financial data security management system for executing an enterprise financial data security management method as claimed in any one of claims 1-7, comprising a client and a cloud; the user terminal is in communication connection with the cloud terminal through the Internet; the user side is used for collecting data, uploading the data to the cloud end and visually displaying the data; The cloud end is used for storing and processing data, the cloud end also stores a computer program, and the enterprise financial data safety management method according to any one of claims 1-7 is realized by executing the computer program.

Description

Enterprise financial data security management system and method Technical Field The invention relates to the technical field of financial data management, in particular to an enterprise financial data security management system and method. Background In current financial data security management practices, a "server-side dynamic generation" based approach has become the dominant technological path. The core of the scheme is that core data and authority control logic are completely reserved at a server side, and a client side (such as a browser) only receives and displays a final view (such as PDF, a picture or HTML in a specific format) dynamically generated by the server. This ensures that the client obtains a "result snapshot" that does not contain the underlying sensitive data, and the security boundary is tightly defined at the server, effectively preventing leakage of the original data. However, in the prior art, the receiving party receives the "snapshot" and then is inconvenient to share the data secondarily, for example, the "snapshot" received by the receiving party with high authority contains highly sensitive data, if the data is easily leaked to other users by direct sharing, the manual desensitization operation on the highly sensitive data is more complicated, even if the receiving party with low authority receives the "snapshot" and then shares the highly sensitive data to the user with high authority, the highly authorized user cannot acquire the encrypted data with higher authority than the sharing party, and the receiving party also needs to apply for the data to acquire the encrypted data, so that the security or efficiency of sharing the enterprise financial data with the external business partner of the enterprise to complete related business is greatly reduced. Disclosure of Invention The invention aims to provide an enterprise financial data security management system and method, which solve the defects in the prior art. In order to achieve the above purpose, the invention provides a technical scheme that the enterprise financial data security management method comprises the following steps: s1, acquiring enterprise financial data to be shared, and marking the business type, the sensitivity level and the data mode corresponding to the enterprise financial data to generate financial sharing and marking data; s2, selecting a proper preset document template based on a data mode, and generating document template sample data; S3, collecting shared user information and service type and sensitivity level data corresponding to the shared user information, and generating shared user authority data; And S4, carrying out hierarchical encryption processing on the enterprise financial data according to the corresponding sensitivity level to generate hierarchical encryption data, wherein further, the hierarchical encryption can be carried out by selecting different encryption algorithms according to different sensitivity levels corresponding to the enterprise financial data. S5, filling enterprise financial data to the corresponding position of the corresponding document template sample data according to the template format, filling and updating the position of the enterprise financial data corresponding to the hierarchical encryption data in the document template sample data by using the placeholder (namely, the enterprise financial data corresponding to the hierarchical encryption data filled in the document template sample data is covered by the placeholder, the enterprise financial data corresponding to the hierarchical encryption data does not exist in the document template sample data any more), generating shared documents, assigning a unique document identification code to each shared document, and then sending the shared documents to a shared user; s6, recording a document unique identification code of each shared document, and generating a shared document information catalog according to the position of each placeholder, the corresponding hierarchical encryption data, the sensitivity level and the service type while generating the shared document; S7, based on the received shared document uploaded by the shared user, the shared user authority data and the shared document information catalog, filling the hierarchical encryption data conforming to the user authority into the corresponding position of the shared document. Further, the step S2 includes the following steps: s2.1, respectively acquiring historical enterprise financial data according to data modes (such as Excel, PDF and the like) of the enterprise financial data to obtain a mode enterprise financial data set corresponding to the number of the data modes one by one; s2.2, feature extraction and normalization processing are respectively carried out on the model enterprise financial data in each model enterprise financial data set, and a corresponding model enterprise financial data feature vector set is generated; S2.3, respectivel