CN114567678A - Resource calling method and device of cloud security service and electronic equipment - Google Patents

Resource calling method and device of cloud security service and electronic equipment Download PDF

Info

Publication number
CN114567678A
CN114567678A CN202210191837.3A CN202210191837A CN114567678A CN 114567678 A CN114567678 A CN 114567678A CN 202210191837 A CN202210191837 A CN 202210191837A CN 114567678 A CN114567678 A CN 114567678A
Authority
CN
China
Prior art keywords
behavior
target
security service
cloud security
resource
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210191837.3A
Other languages
Chinese (zh)
Other versions
CN114567678B (en
Inventor
刘紫千
常力元
孙福兴
李金伟
余启明
顾庆崴
陈林
刘长波
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tianyi Safety Technology Co Ltd
Original Assignee
Tianyi Safety Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tianyi Safety Technology Co Ltd filed Critical Tianyi Safety Technology Co Ltd
Priority to CN202210191837.3A priority Critical patent/CN114567678B/en
Publication of CN114567678A publication Critical patent/CN114567678A/en
Application granted granted Critical
Publication of CN114567678B publication Critical patent/CN114567678B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The embodiment of the application provides a resource calling method and device of cloud security service and electronic equipment, and relates to the technical field of network security. According to the method and the device, after a resource calling request sent by a target terminal is received, characteristic analysis is carried out on target behavior characteristics in the resource calling request, and behavior types corresponding to the target behavior characteristics are determined, so that when the behavior types are determined to be normal behaviors, cloud security service resources corresponding to at least one cloud security service requirement are respectively called from a pre-stored cloud security service set. By means of the method and the device, the behavior type corresponding to the target behavior characteristic is determined by performing characteristic analysis on the target behavior characteristic, and therefore whether cloud security service resources corresponding to at least one cloud security service requirement are called or not is judged according to the behavior type of the target behavior characteristic, and accuracy of cloud security service resource calling is improved.

Description

Resource calling method and device of cloud security service and electronic equipment
Technical Field
The application relates to the technical field of network security, in particular to a resource calling method and device of cloud security service and electronic equipment.
Background
With the rapid development of the internet technology, the popularization of a zero-trust network framework concept and the formulation of a general protocol provide a brand-new visual angle for the security of cloud boundary access; further, resource sharing services based on Zero-Trust Network Access (ZTNA) are also increasing gradually.
For example, in order to realize the secure sharing of resource data, a resource access request sent by a terminal is mapped according to a preset path mapping relationship, and a corresponding mapping result is obtained; then, selecting a target cloud security service resource corresponding to the mapping result from a preset cloud security service set; further, when determining that the resource access request carries configuration parameters required by calling the target cloud security service resource, establishing a secure communication channel with the terminal; and finally, sending the target cloud security service resource to the terminal through the secure communication channel.
However, with the ZTNA method, when the configuration parameters required by the corresponding cloud security service resources are called because the resource access request sent by the abnormal object at the terminal is carried, a secure communication channel with the terminal may also be established, so as to call the abnormal cloud security service resources. Therefore, the accuracy of cloud security service resource calling cannot be improved by adopting the mode.
Disclosure of Invention
The application provides a resource calling method and device of cloud security service and electronic equipment, which are used for improving the accuracy of cloud security service resource calling.
In a first aspect, an embodiment of the present application provides a resource calling method for cloud security services, where the method includes:
receiving a resource calling request sent by a target terminal; wherein, the resource calling request at least comprises: target behavior characteristics of the target object and at least one cloud security service requirement.
And performing characteristic analysis on the target behavior characteristics in the resource calling request, and determining the behavior type corresponding to the target behavior characteristics.
And when the behavior type is determined to be normal behavior, respectively calling cloud security service resources corresponding to at least one cloud security service requirement from a pre-stored cloud security service set.
In a second aspect, an embodiment of the present application further provides a device for resource invocation of cloud security service, where the device includes:
the receiving module is used for receiving a resource calling request sent by a target terminal; wherein, the resource calling request at least comprises: target behavior characteristics of the target object and at least one cloud security service requirement.
And the analysis module is used for carrying out characteristic analysis on the target behavior characteristics in the resource calling request and determining the behavior type corresponding to the target behavior characteristics.
And the calling module is used for respectively calling the cloud security service resources corresponding to at least one cloud security service requirement from a pre-stored cloud security service set when the behavior type is determined to be a normal behavior.
In an optional embodiment, after receiving the resource invocation request sent by the target terminal, the receiving module is further configured to:
acquiring a target hash value corresponding to a target object from the resource calling request; wherein, the target hash value is characterized by: the characteristic information of the target object and the respective characteristic information of the corresponding at least one cloud security service resource.
And when the target hash value exists in the preset hash value set, performing characteristic analysis on the target behavior characteristics in the resource calling request, and determining the behavior type corresponding to the target behavior characteristics.
In an optional embodiment, after receiving the resource invocation request sent by the target terminal, the receiving module is further configured to:
acquiring at least one authority authentication factor corresponding to a target object; wherein each authority authentication factor is characterized by: and the probability that the authentication passes through the corresponding authority authentication mode.
And when at least one authority authentication factor is determined and the respective corresponding authority authentication conditions are met, performing characteristic analysis on the target behavior characteristics in the resource calling request, and determining the behavior type corresponding to the target behavior characteristics.
In an optional embodiment, when performing feature analysis on the target behavior feature in the resource invocation request and determining the behavior type corresponding to the target behavior feature, the analysis module is specifically configured to:
acquiring historical behavior characteristics corresponding to each historical object recorded in a log file; wherein each history object owns: and resource calling authority of the cloud security service resource corresponding to each cloud security service requirement.
And determining the behavior type of the target characteristic behavior based on the characteristic similarity between the target behavior characteristic and each historical behavior characteristic.
In an optional embodiment, when determining the behavior type of the target feature behavior based on the feature similarity between the target behavior feature and each historical behavior feature, the analysis module is specifically configured to:
and if the obtained feature similarity is smaller than the set similarity threshold, determining the behavior type of the target feature behavior as the abnormal behavior.
And if the feature similarity greater than the similarity threshold exists in the feature similarities, determining that the behavior type of the target feature behavior is a normal behavior.
In a third aspect, the present application provides an electronic device, comprising:
a memory for storing a computer program;
and the processor is used for realizing the resource calling method steps of the cloud security service when executing the computer program stored in the memory.
In a fourth aspect, the present application provides a computer-readable storage medium, in which a computer program is stored, and the computer program, when executed by a processor, implements the above-mentioned method steps of resource calling of a cloud security service.
In a fifth aspect, a computer program product is provided, which when called by a computer, causes the computer to perform the resource invocation method steps of the cloud security service according to the first aspect.
According to the resource calling method of the cloud security service, after the resource calling request sent by the target terminal is received, the characteristic analysis is carried out on the target behavior characteristics in the resource calling request, the behavior type corresponding to the target behavior characteristics is determined, and therefore when the behavior type is determined to be a normal behavior, the cloud security service resources corresponding to at least one cloud security service requirement are respectively called from the pre-stored cloud security service set. By adopting the method, the behavior type corresponding to the target behavior characteristic is determined by performing characteristic analysis on the target behavior characteristic, so that whether to call the cloud security service resource corresponding to at least one cloud security service requirement is judged according to the behavior type of the target behavior characteristic, the technical defect that in the traditional method, when a resource calling request sent by an abnormal object at a target terminal is carried and a configuration parameter required by the corresponding cloud security service resource is called, a security communication channel can be established between the abnormal object and the terminal, so that the abnormal cloud security service resource is called is overcome, and the accuracy of cloud security service resource calling is improved.
Drawings
FIG. 1 illustrates a system architecture diagram to which embodiments of the present application are applicable;
fig. 2 schematically illustrates a structure diagram of a blockchain provided in an embodiment of the present application;
fig. 3 schematically illustrates a flow chart of a resource calling method of a cloud security service provided by an embodiment of the present application;
FIG. 4 is a logic diagram illustrating an example of receiving a resource invocation request according to an embodiment of the present application;
FIG. 5 is a logic diagram for determining a behavior type of a target feature behavior provided by an embodiment of the application;
FIG. 6 is a schematic diagram illustrating a logic diagram based on FIG. 5 according to an embodiment of the present application;
fig. 7 is a schematic diagram illustrating logic for invoking a cloud security service resource according to an embodiment of the present application;
FIG. 8 is a logic diagram based on FIG. 3 provided by an embodiment of the present application;
fig. 9 is a schematic structural diagram illustrating a resource invoking device of a cloud security service according to an embodiment of the present application;
fig. 10 schematically illustrates a structural diagram of an electronic device provided in an embodiment of the present application.
Detailed Description
In order to improve the accuracy of cloud security service resource calling, in the embodiment of the application, after a resource calling request sent by a target terminal is received, feature analysis is performed on target behavior features in the resource calling request, and a behavior type corresponding to the target behavior features is determined, so that when the behavior type is determined to be a normal behavior, cloud security service resources corresponding to at least one cloud security service requirement are respectively called from a pre-stored cloud security service set.
For a better understanding of the embodiments of the present application, technical terms referred to in the embodiments of the present application will be first described below.
(1) Web Application Firewall, (Web Application Firewall, WAF): the cloud security service is also called a website application level intrusion prevention system, and is a cloud security service specially providing protection for Web applications by executing a series of security policies aiming at hypertext Transfer Protocol (HTTP)/hypertext Transfer Protocol over Secure Socket Layer (HTTPs).
(2) Terminal Detection and Response (EDR): the terminal security solution is composed of cloud end, lightweight end point security software and management platform software. The cloud end is mainly responsible for upgrading the platform, upgrading the virus library and searching and killing the cloud; the MGR is responsible for managing and maintaining all Agent terminals, supporting unified terminal asset management, terminal virus killing, terminal compliance inspection, one-key isolation handling of security events and whole network threat positioning of hot spot event defect Indexes (IOCs); the Agent endpoint software supports an anti-virus function, an intrusion prevention function, a firewall isolation function, data information acquisition and reporting, one-key processing and the like.
(3) Network vulnerability scanning: the method is characterized in that the security vulnerability of a designated remote or local computer system is detected by means of scanning and the like based on a vulnerability database, and a security detection (penetration attack) behavior of available vulnerabilities is discovered. For convenience of description, the Vul Scanner is taken as an example of a cloud security service corresponding to website vulnerability scanning.
(4) Block chain Technology (BT): the system is a brand new distributed infrastructure and computing paradigm that utilizes a block chain data structure to verify and store data, utilizes a distributed node consensus algorithm to generate and update data, utilizes cryptography to ensure the security of data transmission and access, and utilizes an intelligent contract composed of automated script codes to program and operate data.
The current block chain firstly carries out fragmentation processing on each data, then carries out corresponding hash operation on the data in each fragment by adopting a secure hash algorithm, and then constructs a Merck tree based on the hash value of each fragment to obtain each Merck root, wherein each data of the Merck root can be used as an identifier (such as an ID value) in the block chain; in the process of constructing the Mercker tree, on one hand, intermediate nodes of the tree need to be stored, on the other hand, the hash operation times are large, the hash value storage structure in the block chain is constructed in a binary tree or an x-tree mode, and the performance of the block chain can be influenced by the ordering of the transaction data, so that the load of space storage is increased, and the operation speed is reduced.
(5) Secure Hash Algorithm (Secure Hash Algorithm, SHA): is a data encryption algorithm whose idea is to receive a piece of plaintext and then convert it into a (usually smaller) piece of ciphertext in an irreversible manner, which can be understood simply as a process of taking a string of input codes (called a pre-map or message) and converting them into an output sequence of short, fixed number of bits, i.e., a hash value (also called a message digest or a message authentication code).
(6) Role-Based Access Control model (RBAC): the access control model for roles supports three well-known security principles: a minimum authority principle, a responsibility separation principle and a data abstraction principle. In the access control model of roles, permissions are associated with roles, and users gain the permissions of the roles by becoming members of the appropriate roles. This greatly simplifies the management of rights. In an organization, roles are created to accomplish various tasks, and users are assigned corresponding roles according to their responsibilities and qualifications, and users can be easily assigned from one role to another. Roles can be given new permissions according to new requirements and system combination, and permissions can be recovered from a role according to needs. Role-to-role relationships can be established to encompass a wider range of objective situations.
It should be noted that the naming manner of the technical terms described above is only an example, and the embodiment of the present application does not limit the naming manner of the technical terms described above.
The technical solutions in the embodiments of the present invention will be described clearly and completely with reference to the accompanying drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that "a plurality" is understood as "at least two" in the description of the present application. "and/or" describes the association relationship of the associated objects, meaning that there may be three relationships, e.g., a and/or B, which may mean: a exists alone, A and B exist simultaneously, and B exists alone. A is connected with B and can represent: a and B are directly connected and A and B are connected through C. In addition, in the description of the present application, the terms "first," "second," and the like are used for descriptive purposes only and are not intended to indicate or imply relative importance nor order to be construed.
Fig. 1 is a diagram illustrating a system architecture to which the embodiment of the present application is applicable, and as shown in fig. 1, the system architecture includes: terminal device 101, server 102, and network 103. The terminal device 101 and the server 102 may perform information interaction in a wireless communication manner or a wired communication manner.
Illustratively, the terminal device 101 may communicate with the server 102 by accessing the network 103 via a cellular Mobile communication technology, e.g., including a fifth Generation Mobile Networks (5G) technology.
Optionally, the terminal device 101 may access the network 103 via a short-range Wireless communication means, for example, including Wireless Fidelity (Wi-Fi) technology, to communicate with the server 102.
In the embodiment of the present application, the number of the servers and the other devices is not limited, and fig. 1 only describes one server as an example.
The terminal device 101 is a device capable of providing voice and/or data connectivity to a user, and includes a handheld terminal device, a vehicle-mounted terminal device, and the like having a wireless connection function.
Illustratively, the terminal device may be: the Mobile terminal Device comprises a Mobile phone, a tablet computer, a notebook computer, a palm computer, a Mobile Internet Device (MID), a wearable Device, a Virtual Reality (VR) Device, an Augmented Reality (AR) Device, a wireless terminal Device in industrial control, a wireless terminal Device in unmanned driving, a wireless terminal Device in a smart grid, a wireless terminal Device in transportation safety, a wireless terminal Device in a smart city, a wireless terminal Device in a smart home, and the like.
The server 102 is used for receiving a resource calling request sent by a target terminal; wherein, the resource calling request at least comprises: target behavior characteristics of the target object and at least one cloud security service requirement; secondly, performing characteristic analysis on the target behavior characteristics in the resource calling request, and determining behavior types corresponding to the target behavior characteristics; further, when the behavior type is determined to be a normal behavior, cloud security service resources corresponding to at least one cloud security service requirement are respectively called from a pre-stored cloud security service set.
It should be noted that, for ease of understanding, the terminal device is also referred to as a target terminal herein. In the cloud security service resource calling and data transmission process, the server adopts a block chain technology to ensure the data and privacy security of the target object, as shown in fig. 2, which is a schematic structural diagram of a block chain, and each block chain link point includes: the data of the current blockchain node, and at least one of a hash value generated according to the data of the current blockchain node and a hash value of the last blockchain node.
Optionally, the server may use a permission generation algorithm in a preset permission of the security module, and generate a corresponding hash value according to the identification information of the corresponding object, the identification information of the cloud security service resource, the feature information of the cloud security service resource, and the permission time limit of the corresponding object, so as to be used for permission authentication. Wherein, the license generation algorithm may include: various secure hash algorithms, such as SHA256 algorithm or Keccak256 algorithm.
Further, based on the system architecture, the cloud security service resources corresponding to the cloud security service requirements are respectively called according to the at least one cloud security service requirement, referring to fig. 3, in an embodiment of the present application, a resource calling method flow of the cloud security service specifically includes the following steps:
s301: and receiving a resource calling request sent by the target terminal.
Specifically, referring to fig. 4, when step S301 is executed, the server receives a resource calling request sent by the target terminal, and analyzes the resource calling request through the information analysis module, so as to obtain various types of data packets from the resource calling request; further, the target behavior characteristics of the target object and at least one cloud security service requirement can be obtained from the obtained various data packets according to the data classification module.
In a possible implementation manner, after obtaining the target behavior characteristics of the target object and at least one cloud security service requirement, the service station may further obtain a target hash value of the target object from the obtained various data packets according to the data classification module; further, when a target hash value exists in the preset hash value set, feature analysis can be performed on the target behavior feature in the resource calling request, and then a behavior type corresponding to the target behavior feature is determined; wherein, the target hash value is characterized by: the characteristic information of the target object and the respective characteristic information of the corresponding at least one cloud security service resource.
It should be noted that, when constructing a corresponding block chain node, each candidate hash value in the hash value set by the server is generated by performing hash operation on the feature information of the corresponding history object and the respective feature information of each corresponding history cloud security service resource in the access control model by using a secure hash algorithm, so that each candidate hash value can authenticate the identity information of the corresponding history object. When a new block link point is created, a block link node needs to be constructed in the resource pool and the feature information of the corresponding historical object needs to be broadcast, so that each existing block link node of the block chain is informed, and the currently created new block link node is about to be added into the block chain.
Obviously, according to the mapping relationship between each candidate hash value and the characteristic information of the corresponding historical object and the respective characteristic information of each corresponding historical cloud security service resource in each block chain node, the server solves the problem of sharing multiple objects of the cloud security service resource, ensures the isolation among different information, and ensures that the cloud security service resource can be correctly distributed to the corresponding target terminal, thereby avoiding resource preemption and data leakage.
In a possible implementation manner, after obtaining the target behavior characteristics of the target object and at least one cloud security service requirement, the service station can also obtain at least one authority authentication factor corresponding to the target object from various obtained data packets according to the data classification module; wherein each authority authentication factor is characterized by: the probability that the corresponding authority authentication mode passes the authentication is different, and the authority authentication modes comprise: and authority authentication modes such as login password, short message authentication or mailbox authentication and the like. Optionally, after determining that the multi-factor authentication of the target object passes, the server determines the operation right and the data right of the target object, so as to ensure that the corresponding cloud security service resource is accurately invoked.
It should be noted that the server needs to determine at least one authority authentication factor, and when the authority authentication factors meet respective corresponding authority authentication conditions, the server can perform feature analysis on the target behavior feature in the resource invocation request, so as to determine the behavior type corresponding to the target behavior feature.
S302: and performing characteristic analysis on the target behavior characteristics in the resource calling request, and determining the behavior type corresponding to the target behavior characteristics.
Specifically, as shown in fig. 5, when executing step S302, after receiving a resource invocation request sent by a target terminal, a server may obtain historical behavior characteristics corresponding to each historical object recorded in a log file; further, determining the behavior type of the target characteristic behavior based on the characteristic similarity between the target behavior characteristic and each historical behavior characteristic; wherein each history object owns: and resource calling authority of the cloud security service resource corresponding to each cloud security service requirement.
For example, the server may perform machine learning modeling based on the historical behavior features corresponding to each historical object recorded in the log file, establish a behavior analysis model, and further obtain feature similarity between the target behavior feature and each historical behavior feature. The analysis model can carry out self-learning from the data corresponding to each historical behavior characteristic in real time so as to ensure the accuracy of behavior characteristic analysis; wherein each historical behavior feature may include: the corresponding source IP, the terminal device information, the network token and the usage habit (login time, activity, usage duration and the like) of the corresponding historical object.
Further, referring to fig. 6, if the obtained feature similarities are all smaller than the set similarity threshold, it is determined that the behavior type of the target feature behavior is an abnormal behavior; and if the feature similarity greater than the similarity threshold exists in the feature similarities, determining that the behavior type of the target feature behavior is a normal behavior.
Exemplarily, assuming that 5 historical behavior features are recorded in the log file and the set similarity threshold is 92%, the server performs feature analysis on the target behavior feature t.m.c of the target object through the analysis model, so as to obtain 5 historical behavior features, feature similarities between each historical behavior feature and the target behavior feature t.m.c, and feature similarities corresponding to each historical behavior feature are shown in table 1:
TABLE 1
Historical behavior characteristics H.M.C1 H.M.C2 H.M.C3 H.M.C4 H.M.C5
Degree of similarity of features T.d1 T.d2 T.d3 T.d4 T.d5
Numerical value of similarity 93% 85% 97% 75% 89%
As can be seen from the above table, the server performs feature comparison analysis on the target behavior feature t.m.c of the target object and each historical behavior feature through the analysis model, so that 5 historical behavior features can be obtained, and feature similarity between each historical behavior feature and the target behavior feature t.m.c can be obtained. For example, the server performs feature comparison analysis on the target behavior feature t.m.c and the historical behavior feature h.m.c1 through the analysis model, so as to obtain that the feature similarity between the target behavior feature t.m.c and the historical behavior feature h.m.c1 is t.d1, that is, 93%, and so on, and thus, the description is omitted.
Further, the server obtains the similarity of each feature and the set similarity threshold is 92%, so that: and if the feature similarity greater than the similarity threshold exists in the feature similarities, namely 93% and 97%, determining that the behavior type of the target feature behavior T.M.C is a normal behavior.
Illustratively, still taking 5 historical behavior features and target behavior features t.m.c in table 1 as an example, the server may obtain a similarity result between each historical behavior feature and the target behavior feature t.m.c by using each historical behavior feature, a feature similarity between each historical behavior feature and the target behavior feature t.m.c, and a preset similarity threshold of 92%.
It should be noted that the similarity results are characterized: whether the corresponding historical behavior feature is similar to the target behavior feature T.M.C; if the feature similarity between a certain historical behavior feature and the target behavior feature T.M.C is greater than or equal to 92% of a preset similarity threshold, the historical behavior feature can be judged to be similar to the target behavior feature T.M.C; if the feature similarity between a certain historical behavior feature and the target behavior feature T.M.C is smaller than a preset similarity threshold value of 92%, it can be determined that the historical behavior feature is not similar to the target behavior feature T.M.C.
It is apparent that the similarity results of each of the 5 historical behavior features to the target behavior feature t.m.c are shown in table 2:
TABLE 2
Historical behavior characteristics H.M.C1 H.M.C2 H.M.C3 H.M.C4 H.M.C5
Numerical value of similarity 93% 85% 97% 75% 89%
Similarity results Similarity of Are not similar Similarity of Are not similar Are not similar
As can be seen from the above table, the server may determine, according to each historical behavior feature, the respective similarity value with the target behavior feature t.m.c, and the preset similarity threshold 92%, whether the corresponding historical behavior feature is the target behavior feature t.m.c. For example, taking the historical behavior feature h.m.c1 as an example, it can be known through comparison that the similarity value between the historical behavior feature h.m.c1 and the target behavior feature t.m.c is 93%, and is greater than the preset similarity threshold value 92%, and it can be determined that the historical behavior feature h.m.c1 is similar to the target behavior feature t.m.c; taking the historical behavior feature h.m.c2 as an example, it can be known through comparison that the similarity value between the historical behavior feature h.m.c2 and the target behavior feature t.m.c is 85% and is smaller than the preset similarity threshold value 92%, and it can be determined that the historical behavior feature h.m.c2 is not similar to the target behavior feature t.m.c, and so on.
Further, the server may obtain, based on the similarity result between each of the 5 historical behavior features and the target behavior feature t.m.c in table 2, that: in the 5 historical behavior characteristics, 2 historical behavior characteristics with similar similarity results with the target behavior characteristics T.M.C exist; therefore, it can be determined that the behavior type of the target feature behavior t.m.c belongs to the normal behavior.
It should be noted that, assuming that there is no historical behavior feature whose similarity result with the target behavior feature is similar in each historical behavior feature, it may be determined that the behavior type of the target feature behavior t.m.c belongs to an abnormal behavior.
Optionally, the server may directly screen out the maximum feature similarity from the feature similarities between the target behavior features and the historical behavior features, so that the historical object corresponding to the maximum feature similarity is used as the target object, and the target object is permitted to call corresponding cloud security service resources; wherein, the maximum feature similarity is required to be larger than a set similarity threshold.
S303: and when the behavior type is determined to be normal behavior, respectively calling cloud security service resources corresponding to at least one cloud security service requirement from a pre-stored cloud security service set.
Specifically, when step S303 is executed, and the server determines that the behavior type is a normal behavior, the server calls, according to at least one cloud security service requirement in the resource call request, cloud security service resources corresponding to the corresponding cloud security service requirements from the cloud security service set prestored in the corresponding block link point.
Illustratively, referring to fig. 7, assume that the set of pre-stored cloud security services includes: and when the server determines that the behavior type of the target behavior characteristic is a normal behavior, respectively calling cloud security service resources corresponding to corresponding cloud security service requirements from a pre-stored cloud security service set according to the cloud security service requirements in the resource calling request and a preset comparison relation table.
Referring to table 3, cloud security service resources are respectively invoked for each block link point of the block chain.
TABLE 3
Figure BDA0003525178610000131
As can be seen from the above table, in the block chain used by the server, different block chain nodes can implement the call of different cloud security service resources, and the block chain Node1 has the resource scheduling authority of the cloud security service resource WAF; the block link Node3 has the cloud security service resource WAF and the resource scheduling authority of the cloud security service resource Vul Scanner.
It should be noted that the block chain has the technical characteristics of decentralization, data transparency, difficulty in tampering, traceability and the like, and is suitable for identity verification and access control of a target object and full-period recording of cloud security service resource distribution.
Optionally, the block link point may also carry a corresponding role-based access control model in addition to recording information of the cloud security service resource and the corresponding object, and the role-based access control model is based on behavior analysis and authority authentication for the target object.
Based on the above method steps, referring to fig. 8, the server may perform feature analysis on the target behavior feature in the resource calling request according to the resource calling request sent by the receiving target terminal, determine a behavior type corresponding to the target behavior feature, and respectively call, from a pre-stored cloud security service set, cloud security service resources corresponding to at least one cloud security service requirement when the behavior type is determined to be a normal behavior; wherein, the resource calling request at least comprises: target behavior characteristics of the target object, and at least one cloud security service requirement.
According to the resource calling method of the cloud security service, after the resource calling request sent by the target terminal is received, the characteristic analysis is carried out on the target behavior characteristics in the resource calling request, the behavior type corresponding to the target behavior characteristics is determined, and therefore when the behavior type is determined to be a normal behavior, the cloud security service resources corresponding to at least one cloud security service requirement are respectively called from the pre-stored cloud security service set. By adopting the method, the behavior type corresponding to the target behavior characteristic is determined by performing characteristic analysis on the target behavior characteristic, so that whether to call the cloud security service resource corresponding to at least one cloud security service requirement is judged according to the behavior type of the target behavior characteristic, the technical defects that in the traditional mode, when a resource calling request sent by an abnormal object at a target terminal is carried and a configuration parameter required by the corresponding cloud security service resource is called, a security communication channel can be established between the abnormal object and the terminal, so that the abnormal cloud security service resource is called are overcome, and the accuracy of cloud security service resource calling is improved.
Based on the same technical concept, the embodiment of the application also provides a resource calling device of the cloud security service, and the resource calling device of the cloud security service can realize the method and the process of the embodiment of the application. As shown in fig. 9, the resource invoking device of the cloud security service includes: a receiving module 901, an analyzing module 902 and a calling module 903, wherein:
a receiving module 901, configured to receive a resource calling request sent by a target terminal; wherein, the resource calling request at least comprises: target behavior characteristics of the target object and at least one cloud security service requirement.
The analysis module 902 is configured to perform feature analysis on the target behavior feature in the resource invocation request, and determine a behavior type corresponding to the target behavior feature.
The invoking module 903 is configured to, when it is determined that the behavior type is a normal behavior, respectively invoke cloud security service resources corresponding to at least one cloud security service requirement from a pre-stored cloud security service set.
In an optional embodiment, after receiving the resource invocation request sent by the target terminal, the receiving module 901 is further configured to:
acquiring a target hash value corresponding to a target object from the resource calling request; wherein, the target hash value is characterized by: the characteristic information of the target object and the respective characteristic information of the corresponding at least one cloud security service resource.
And when the target hash value exists in the preset hash value set, performing characteristic analysis on the target behavior characteristics in the resource calling request, and determining the behavior type corresponding to the target behavior characteristics.
In an optional embodiment, after receiving the resource invocation request sent by the target terminal, the receiving module 901 is further configured to:
acquiring at least one authority authentication factor corresponding to a target object; wherein each authority authentication factor is characterized by: and the probability that the authentication passes through the corresponding authority authentication mode.
And when at least one authority authentication factor is determined and the respective corresponding authority authentication conditions are met, performing characteristic analysis on the target behavior characteristics in the resource calling request, and determining the behavior type corresponding to the target behavior characteristics.
In an optional embodiment, when performing feature analysis on the target behavior feature in the resource invocation request and determining the behavior type corresponding to the target behavior feature, the analysis module 902 is specifically configured to:
acquiring historical behavior characteristics corresponding to each historical object recorded in a log file; wherein each history object owns: and resource calling authority of the cloud security service resource corresponding to each cloud security service requirement.
And determining the behavior type of the target characteristic behavior based on the characteristic similarity between the target behavior characteristic and each historical behavior characteristic.
In an alternative embodiment, when determining the behavior type of the target feature behavior based on the feature similarity between the target behavior feature and each historical behavior feature, the analysis module 902 is specifically configured to:
and if the obtained feature similarity is smaller than the set similarity threshold, determining the behavior type of the target feature behavior as the abnormal behavior.
And if the feature similarity greater than the similarity threshold exists in the feature similarities, determining that the behavior type of the target feature behavior is a normal behavior.
Based on the same technical concept, the embodiment of the application also provides electronic equipment, and the electronic equipment can realize the method flows provided by the embodiments of the application. In one embodiment, the electronic device may be a server, a terminal device, or other electronic device. As shown in fig. 10, the electronic device may include:
at least one processor 1001 and a memory 1002 connected to the at least one processor 1001, in this embodiment, a specific connection medium between the processor 1001 and the memory 1002 is not limited, and fig. 10 illustrates an example where the processor 1001 and the memory 1002 are connected through a bus 1000. The bus 1000 is shown by a thick line in fig. 10, and the connection manner between other components is merely illustrative and not limited thereto. The bus 1000 may be divided into an address bus, a data bus, a control bus, etc., and is shown with only one thick line in fig. 10 for ease of illustration, but does not represent only one bus or one type of bus. Alternatively, the processor 1001 may also be referred to as a controller, without limitation to name a few.
In this embodiment, the memory 1002 stores instructions executable by the at least one processor 1001, and the at least one processor 1001 may execute the instruction stored in the memory 1002 to perform the resource invoking method of the cloud security service, which is discussed above. The processor 1001 may implement the functions of the respective modules in the apparatus shown in fig. 9.
The processor 1001 is a control center of the apparatus, and may connect various parts of the entire control device by using various interfaces and lines, and perform various functions of the apparatus and process data by operating or executing instructions stored in the memory 1002 and calling data stored in the memory 1002, thereby performing overall monitoring of the apparatus.
In one possible design, processor 1001 may include one or more processing units and processor 1001 may integrate an application processor, which primarily handles operating systems, user interfaces, application programs, etc., and a modem processor, which primarily handles wireless communications. It will be appreciated that the modem processor described above may not be integrated into the processor 1001. In some embodiments, the processor 1001 and the memory 1002 may be implemented on the same chip, or in some embodiments, they may be implemented separately on separate chips.
The processor 1001 may be a general-purpose processor, such as a cpu (central processing unit), a digital signal processor, an application specific integrated circuit, a field programmable gate array or other programmable logic device, discrete gate or transistor logic, discrete hardware components, or any combination thereof, that may implement or perform the methods, steps, and logic blocks disclosed in the embodiments of the present application. The general purpose processor may be a microprocessor or any conventional processor or the like. The steps of the resource calling method for cloud security services disclosed in the embodiments of the present application may be directly implemented by a hardware processor, or implemented by a combination of hardware and software modules in the processor.
Memory 1002, which is a non-volatile computer-readable storage medium, may be used to store non-volatile software programs, non-volatile computer-executable programs, and modules. The Memory 1002 may include at least one type of storage medium, which may include, for example, a flash Memory, a hard disk, a multimedia card, a card-type Memory, a Random Access Memory (RAM), a Static Random Access Memory (SRAM), a Programmable Read Only Memory (PROM), a Read Only Memory (ROM), a charged Erasable Programmable Read Only Memory (EEPROM), a magnetic Memory, a magnetic disk, an optical disk, and the like. The memory 1002 is any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer, but is not limited to such. The memory 1002 in the embodiments of the present application may also be circuitry or any other device capable of performing a storage function for storing program instructions and/or data.
By programming the processor 1001, the code corresponding to the resource calling method for the cloud security service described in the foregoing embodiment may be solidified into the chip, so that the chip can execute the steps of the resource calling method for the cloud security service in the embodiment shown in fig. 3 when running. How to program the processor 1001 is well known to those skilled in the art and will not be described herein.
Based on the same inventive concept, embodiments of the present application further provide a storage medium, where the storage medium stores computer instructions, and when the computer instructions run on a computer, the computer is caused to execute the foregoing resource calling method for cloud security services.
In some possible embodiments, the present application provides that the aspects of the resource calling method of the cloud security service can also be implemented in the form of a program product, which includes program code for causing the control apparatus to perform the steps in the resource calling method of the cloud security service according to various exemplary embodiments of the present application described above in this specification, when the program product is run on a device.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

Claims (13)

1. A resource calling method of cloud security service is characterized by comprising the following steps:
receiving a resource calling request sent by a target terminal; wherein the resource invocation request at least comprises: target behavior characteristics of the target object and at least one cloud security service requirement;
performing characteristic analysis on target behavior characteristics in the resource calling request, and determining a behavior type corresponding to the target behavior characteristics;
and when the behavior type is determined to be a normal behavior, respectively calling cloud security service resources corresponding to the at least one cloud security service requirement from the pre-stored cloud security service set.
2. The method of claim 1, wherein after receiving the resource invocation request sent by the target terminal, the method further comprises:
acquiring a target hash value corresponding to the target object from the resource calling request; wherein the target hash value characterizes: the characteristic information of the target object and the respective characteristic information of the corresponding at least one cloud security service resource;
and when the target hash value exists in the preset hash value set, performing characteristic analysis on the target behavior characteristics in the resource calling request, and determining the behavior type corresponding to the target behavior characteristics.
3. The method according to claim 1 or 2, wherein after receiving the resource invocation request sent by the target terminal, the method further comprises:
acquiring at least one authority authentication factor corresponding to the target object; wherein each authority authentication factor is characterized by: the probability that the corresponding authority authentication mode passes the authentication;
and when the at least one authority authentication factor is determined to meet the respective corresponding authority authentication conditions, performing characteristic analysis on the target behavior characteristics in the resource calling request, and determining the behavior type corresponding to the target behavior characteristics.
4. The method of claim 1, wherein the performing feature analysis on the target behavior feature in the resource invocation request to determine a behavior type corresponding to the target behavior feature comprises:
acquiring historical behavior characteristics corresponding to each historical object recorded in a log file; wherein each history object owns: the resource calling authority of the cloud security service resource corresponding to each cloud security service requirement is set;
and determining the behavior type of the target characteristic behavior based on the characteristic similarity between the target behavior characteristic and each historical behavior characteristic.
5. The method of claim 4, wherein determining the behavior type of the target characteristic behavior based on the characteristic similarity between the target behavior characteristic and each historical behavior characteristic comprises:
if the obtained feature similarity is smaller than a set similarity threshold, determining the behavior type of the target feature behavior as an abnormal behavior;
and if the feature similarity larger than the similarity threshold exists in the feature similarities, determining that the behavior type of the target feature behavior is a normal behavior.
6. A resource calling device of a cloud security service is characterized by comprising:
the receiving module is used for receiving a resource calling request sent by a target terminal; wherein the resource invocation request at least comprises: target behavior characteristics of the target object and at least one cloud security service requirement;
the analysis module is used for carrying out characteristic analysis on the target behavior characteristics in the resource calling request and determining the behavior type corresponding to the target behavior characteristics;
and the calling module is used for respectively calling the cloud security service resources corresponding to the at least one cloud security service requirement from the pre-stored cloud security service set when the behavior type is determined to be a normal behavior.
7. The apparatus of claim 6, wherein after receiving the resource invocation request sent by the target terminal, the receiving module is further configured to:
acquiring a target hash value corresponding to the target object from the resource calling request; wherein the target hash value characterizes: the characteristic information of the target object and the respective characteristic information of the corresponding at least one cloud security service resource;
and when the target hash value exists in the preset hash value set, performing characteristic analysis on the target behavior characteristics in the resource calling request, and determining the behavior type corresponding to the target behavior characteristics.
8. The apparatus according to claim 6 or 7, wherein after receiving the resource invocation request sent by the target terminal, the receiving module is further configured to:
acquiring at least one authority authentication factor corresponding to the target object; wherein each authority authentication factor is characterized by: the probability that the authentication passes through the corresponding authority authentication mode;
and when the at least one authority authentication factor is determined to meet the respective corresponding authority authentication conditions, performing characteristic analysis on the target behavior characteristics in the resource calling request, and determining the behavior type corresponding to the target behavior characteristics.
9. The apparatus of claim 6, wherein when the feature analysis is performed on the target behavior feature in the resource invocation request and the behavior type corresponding to the target behavior feature is determined, the analysis module is specifically configured to:
acquiring historical behavior characteristics corresponding to each historical object recorded in a log file; wherein each history object owns: the resource calling authority of the cloud security service resource corresponding to each cloud security service requirement is set;
and determining the behavior type of the target characteristic behavior based on the characteristic similarity between the target behavior characteristic and each historical behavior characteristic.
10. The apparatus according to claim 9, wherein, when determining the behavior type of the target feature behavior based on the feature similarity between the target behavior feature and each of the historical behavior features, the analysis module is specifically configured to:
if the obtained feature similarity is smaller than a set similarity threshold, determining the behavior type of the target feature behavior as an abnormal behavior;
and if the feature similarity larger than the similarity threshold exists in the feature similarities, determining that the behavior type of the target feature behavior is a normal behavior.
11. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the method according to any of claims 1-5 when executing the computer program.
12. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 5.
13. A computer program product, which, when called by a computer, causes the computer to perform the method of any one of claims 1-5.
CN202210191837.3A 2022-02-28 2022-02-28 Resource calling method and device for cloud security service and electronic equipment Active CN114567678B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210191837.3A CN114567678B (en) 2022-02-28 2022-02-28 Resource calling method and device for cloud security service and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210191837.3A CN114567678B (en) 2022-02-28 2022-02-28 Resource calling method and device for cloud security service and electronic equipment

Publications (2)

Publication Number Publication Date
CN114567678A true CN114567678A (en) 2022-05-31
CN114567678B CN114567678B (en) 2024-06-14

Family

ID=81716152

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210191837.3A Active CN114567678B (en) 2022-02-28 2022-02-28 Resource calling method and device for cloud security service and electronic equipment

Country Status (1)

Country Link
CN (1) CN114567678B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115426320A (en) * 2022-08-25 2022-12-02 绿盟科技集团股份有限公司 Security resource scheduling method and device, electronic equipment and storage medium

Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110046494A (en) * 2019-04-24 2019-07-23 广州知弘科技有限公司 Big data processing method and system based on terminal
CN110084064A (en) * 2019-04-24 2019-08-02 广州知弘科技有限公司 Big data analysis processing method and system based on terminal
CN110602046A (en) * 2019-08-13 2019-12-20 上海陆家嘴国际金融资产交易市场股份有限公司 Data monitoring processing method and device, computer equipment and storage medium
CN110795708A (en) * 2019-10-25 2020-02-14 支付宝(杭州)信息技术有限公司 Security authentication method and related device
CN110958267A (en) * 2019-12-17 2020-04-03 北京工业大学 Method and system for monitoring threat behaviors in virtual network
WO2020134790A1 (en) * 2018-12-26 2020-07-02 中兴通讯股份有限公司 Data abnormality detection method and apparatus, and terminal device
CN112073400A (en) * 2020-08-28 2020-12-11 腾讯科技(深圳)有限公司 Access control method, system and device and computing equipment
CN112291264A (en) * 2020-11-17 2021-01-29 珠海大横琴科技发展有限公司 Safety control method and device
WO2021077828A1 (en) * 2019-10-25 2021-04-29 支付宝(杭州)信息技术有限公司 Near field communication authentication initiating method and related apparatus
CN112995163A (en) * 2021-02-10 2021-06-18 北京金山云网络技术有限公司 Resource access authentication method and device, storage medium and electronic equipment
CN113923192A (en) * 2021-09-29 2022-01-11 深信服科技股份有限公司 Flow auditing method, device, system, equipment and medium
CN114066475A (en) * 2021-12-08 2022-02-18 苏州市中拓互联信息科技有限公司 Information security protection method based on cloud payment and server

Patent Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2020134790A1 (en) * 2018-12-26 2020-07-02 中兴通讯股份有限公司 Data abnormality detection method and apparatus, and terminal device
CN110046494A (en) * 2019-04-24 2019-07-23 广州知弘科技有限公司 Big data processing method and system based on terminal
CN110084064A (en) * 2019-04-24 2019-08-02 广州知弘科技有限公司 Big data analysis processing method and system based on terminal
CN110602046A (en) * 2019-08-13 2019-12-20 上海陆家嘴国际金融资产交易市场股份有限公司 Data monitoring processing method and device, computer equipment and storage medium
CN110795708A (en) * 2019-10-25 2020-02-14 支付宝(杭州)信息技术有限公司 Security authentication method and related device
WO2021077828A1 (en) * 2019-10-25 2021-04-29 支付宝(杭州)信息技术有限公司 Near field communication authentication initiating method and related apparatus
CN110958267A (en) * 2019-12-17 2020-04-03 北京工业大学 Method and system for monitoring threat behaviors in virtual network
CN112073400A (en) * 2020-08-28 2020-12-11 腾讯科技(深圳)有限公司 Access control method, system and device and computing equipment
CN112291264A (en) * 2020-11-17 2021-01-29 珠海大横琴科技发展有限公司 Safety control method and device
CN112995163A (en) * 2021-02-10 2021-06-18 北京金山云网络技术有限公司 Resource access authentication method and device, storage medium and electronic equipment
CN113923192A (en) * 2021-09-29 2022-01-11 深信服科技股份有限公司 Flow auditing method, device, system, equipment and medium
CN114066475A (en) * 2021-12-08 2022-02-18 苏州市中拓互联信息科技有限公司 Information security protection method based on cloud payment and server

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115426320A (en) * 2022-08-25 2022-12-02 绿盟科技集团股份有限公司 Security resource scheduling method and device, electronic equipment and storage medium
CN115426320B (en) * 2022-08-25 2023-06-06 绿盟科技集团股份有限公司 Secure resource scheduling method and device, electronic equipment and storage medium

Also Published As

Publication number Publication date
CN114567678B (en) 2024-06-14

Similar Documents

Publication Publication Date Title
Bhat et al. Edge computing and its convergence with blockchain in 5G and beyond: Security, challenges, and opportunities
US11962601B1 (en) Automatically prioritizing computing resource configurations for remediation
US9275348B2 (en) Identifying participants for collaboration in a threat exchange community
US10623389B2 (en) Authenticating a device based on communication patterns in a group of devices
CN111274583A (en) Big data computer network safety protection device and control method thereof
CN103607385A (en) Method and apparatus for security detection based on browser
US20170257367A1 (en) Electronic devices and method for performing authentication between electronic devices
JP2024505692A (en) Data processing methods, devices and computer equipment based on blockchain networks
CN110445765B (en) Data sharing method based on block chain, terminal device and medium
US20230362142A1 (en) Network action classification and analysis using widely distributed and selectively attributed sensor nodes and cloud-based processing
US20230388278A1 (en) Detecting and mitigating forged authentication object attacks in multi - cloud environments with attestation
WO2019018829A1 (en) Advanced cybersecurity threat mitigation using behavioral and deep analytics
US20230308459A1 (en) Authentication attack detection and mitigation with embedded authentication and delegation
US20240364754A1 (en) Context-aware security policies and incident identification via automated cloud graph building with security overlays
CN116599747A (en) Network and information security service system
CN114598512A (en) Honeypot-based network security guarantee method and device and terminal equipment
US11658821B2 (en) Cybersecurity guard for core network elements
CN114567678B (en) Resource calling method and device for cloud security service and electronic equipment
CN113098852B (en) Log processing method and device
CN113238923A (en) Service behavior tracing method and system based on state machine
CN116806038A (en) Decentralizing computer data sharing method and device
CN110650132A (en) Access method and device of edge computing node, computer equipment and storage medium
Walter et al. Securing wearables through the creation of a personal fog
CN115002775A (en) Device network access method and device, electronic device and storage medium
CN113961600A (en) Data query method and device, computer equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant