CN119397562A - Data security assessment method and assessment system - Google Patents
Data security assessment method and assessment system Download PDFInfo
- Publication number
- CN119397562A CN119397562A CN202411427593.XA CN202411427593A CN119397562A CN 119397562 A CN119397562 A CN 119397562A CN 202411427593 A CN202411427593 A CN 202411427593A CN 119397562 A CN119397562 A CN 119397562A
- Authority
- CN
- China
- Prior art keywords
- data
- backup
- curve
- storage data
- checking
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/14—Error detection or correction of the data by redundancy in operation
- G06F11/1402—Saving, restoring, recovering or retrying
- G06F11/1446—Point-in-time backing up or restoration of persistent data
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/23—Updating
- G06F16/2365—Ensuring data consistency and integrity
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Databases & Information Systems (AREA)
- Data Mining & Analysis (AREA)
- Quality & Reliability (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The application relates to a data security evaluation method and an evaluation system, wherein the method comprises the steps of obtaining sample storage data and backup storage data of the sample data, wherein the number of the backup storage data is at least one, evaluating the consistency of the sample storage data and the backup storage data to obtain a consistency result, giving a security value of the sample storage data according to the consistency result, wherein the security value is the recovery probability of the sample storage data, obtaining the backup storage data of the sample data comprises reading backup time, backup address and backup range in a backup log, and evaluating the consistency of the sample storage data and the backup storage data according to the backup time, the backup address and the backup range. The data security evaluation method and the evaluation system disclosed by the application can evaluate the backup data and are used for evaluating the accuracy of data recovery by using the backup data.
Description
Technical Field
The application relates to the technical field of data security, in particular to a data security assessment method and an assessment system.
Background
Data security refers to a series of measures and techniques that protect data from unauthorized access, use, leakage, corruption, or tampering, with the goal of ensuring confidentiality, integrity, and availability of data. Data security involves several aspects, such as collection, access, transmission, storage, and backup.
The data security in the collection stage relates to data desensitization, data leakage and the like, the data security in the access stage relates to authority management, propagation range and the like, the data security in the transmission stage relates to data encryption, channel security and the like, and the data security in the storage and backup stage relates to data backup, data recovery and the like.
In the data backup stage, the currently used backup mode mainly comprises direct backup, and part of the backup mode also adopts remote backup and cloud backup, so that the data can be restored. During the backup phase, various verification methods are used to ensure the accuracy of the backup data. However, if the backup data is disturbed during the storage process, the backup data may be abnormal, and the accurate data recovery cannot be performed by using the abnormal backup data.
Disclosure of Invention
The application provides a data security evaluation method and an evaluation system, which can evaluate backup data and are used for evaluating the accuracy of data recovery by using the backup data.
The above object of the present application is achieved by the following technical solutions:
in a first aspect, the present application provides a data security assessment method, including:
obtaining sample storage data and backup storage data of the sample data, wherein the number of the backup storage data is at least one;
Evaluating consistency of the sample storage data and the backup storage data to obtain a consistency result;
according to the consistency result, a safety value of the sample storage data is given, wherein the safety value is the recovery probability of the sample storage data;
the backup storage data of the sample data comprises backup time, backup address and backup range read from a backup log;
And when evaluating the consistency of the sample storage data and the backup storage data, evaluating according to the backup time, the backup address and the backup range.
In one possible implementation manner of the first aspect, evaluating consistency of the sample storage data and the backup storage data includes:
Generating a first inspection curve using the sample storage data and a second inspection curve using the backup storage data;
generating a first spectrogram and a second spectrogram respectively by using the first checking curve and the second checking curve;
determining a difference between the first spectrogram and the second spectrogram, wherein the difference is located in the second spectrogram;
generating a screening curve by using the difference and overlapping the screening curve on the second checking curve, and determining the starting position and the cut-off position of the screening curve on the second checking curve;
And determining the data abnormal area according to the starting position and the cut-off position.
In a possible implementation manner of the first aspect, generating the first inspection curve using the sample storage data includes:
Selecting an inspection area on the sample storage data and sequentially creating inspection data blocks in the inspection area, wherein the lengths of adjacent inspection data blocks are the same;
Accumulating numbers included in the check data blocks to obtain accumulated values;
Creating a first checking curve by taking the sequential positions of the checking data blocks as the abscissa and the accumulated values of the checking data blocks as the ordinate;
Wherein the second inspection curve is generated using the backup storage data in the same manner as the first inspection curve is generated using the sample storage data.
In a possible implementation manner of the first aspect, the method further includes evaluating smoothness of the first checking curve and adjusting an accumulated value of the corresponding checking data block according to the smoothness.
In a possible implementation manner of the first aspect, evaluating the smoothness of the first checking curve includes:
Randomly selecting a plurality of points on a first checking curve, and marking the points as checking points;
Sequentially calculating the differences between adjacent check points to obtain a difference sequence, and simultaneously calculating a secondary difference sequence of the difference sequence;
and taking the fluctuation range of the secondary difference value sequence as the smoothness value of the first checking curve.
In a possible implementation manner of the first aspect, adjusting the accumulated value of the corresponding check data block includes:
selecting at least one point on the secondary difference value number column as a regulating point, wherein the number of the regulating points is a plurality of;
Changing the value of the adjusting point to enable the smoothness value of the first checking curve to be larger than or equal to the allowable value;
And giving the value after the change of the adjusting point to the corresponding check data block and adjusting the accumulated value of the check data block.
In a possible implementation manner of the first aspect, after determining the data anomaly area, the method further includes:
Repeatedly selecting check points on the first check curve, wherein two groups of check points are respectively positioned at the starting position and the cut-off position of the data abnormal region;
two checkpoints in a group are respectively endowed with forward adjustment and reverse adjustment;
the starting position and the stop position of the screening curve in the second examination curve are determined again.
In a second aspect, the present application provides a data security assessment apparatus comprising:
the data acquisition unit is used for acquiring sample storage data and backup storage data of the sample data, wherein the number of the backup storage data is at least one;
the data evaluation unit is used for evaluating the consistency of the sample storage data and the backup storage data to obtain a consistency result;
The result output unit is used for giving a safety value of the sample storage data according to the consistency result, wherein the safety value is the recovery probability of the sample storage data;
the backup storage data of the sample data comprises backup time, backup address and backup range read from a backup log;
And when evaluating the consistency of the sample storage data and the backup storage data, evaluating according to the backup time, the backup address and the backup range.
In a third aspect, the present application provides a data security assessment system, the system comprising:
one or more memories for storing instructions, and
One or more processors configured to invoke and execute the instructions from the memory, to perform the method as described in the first aspect and any possible implementation of the first aspect.
In a fourth aspect, the present application provides a computer readable storage medium comprising:
a program which, when executed by a processor, performs a method as described in the first aspect and any possible implementation of the first aspect.
In a fifth aspect, the present application provides a computer program product comprising program instructions which, when executed by a computing device, perform a method as described in the first aspect and any possible implementation of the first aspect.
In a sixth aspect, the present application provides a chip system comprising a processor for implementing the functions involved in the above aspects, e.g. generating, receiving, transmitting, or processing data and/or information involved in the above methods.
The chip system can be composed of chips, and can also comprise chips and other discrete devices.
In one possible design, the system on a chip also includes memory to hold the necessary program instructions and data. The processor and the memory may be decoupled, provided on different devices, respectively, connected by wire or wirelessly, or the processor and the memory may be coupled on the same device.
Drawings
FIG. 1 is a schematic block diagram of the data security assessment method provided by the application.
Fig. 2 is a schematic diagram of abnormal data in backup storage data according to the present application.
Fig. 3 is a schematic diagram of a first inspection curve provided by the present application.
Fig. 4 is a schematic diagram of a first spectrogram provided by the present application.
Fig. 5 is a schematic diagram of a second spectrogram provided by the present application.
Detailed Description
The technical scheme in the application is further described in detail below with reference to the accompanying drawings.
The application discloses a data security assessment method, referring to fig. 1, in some examples, the data security assessment method disclosed by the application comprises the following steps:
S101, obtaining sample storage data and backup storage data of the sample data, wherein the number of the backup storage data is at least one;
S102, evaluating consistency of sample storage data and backup storage data to obtain a consistency result;
s103, a safety value of the sample storage data is given according to the consistency result, wherein the safety value is the recovery probability of the sample storage data;
the backup storage data of the sample data comprises backup time, backup address and backup range read from a backup log;
And when evaluating the consistency of the sample storage data and the backup storage data, evaluating according to the backup time, the backup address and the backup range.
In general, the application aims to solve the problem of determining whether the sample storage data is consistent with the backup storage data of the sample data, and evaluating the consistency of the sample storage data and the backup storage data after obtaining the backup storage data of the sample data.
The portion of the backup storage data that differs from the sample storage data is referred to herein as storage errors (abnormal data), and the role of evaluating consistency is to determine the number of storage errors and the location of the storage errors, as shown in FIG. 2.
For example, for verifying consistency of two sets of data, the MD5 algorithm is currently used for verification, and the core idea of the MD5 algorithm is to finally generate a 128-bit hash value by a series of complex transformations on input data with any length. Such an algorithm can be used to compare whether the two sets of data are identical.
For example, two sets of data are ten thousand bits, two 128-bit hash values are generated, if the two 128-bit hash values are the same, it is indicated that the two sets of data are the same, otherwise, it is indicated that the two sets of data are different. One disadvantage of this approach is that it is not possible to determine where the differences are, nor how many.
The specific way of evaluating the consistency of the sample storage data and the backup storage data is:
S201, generating a first check curve by using sample storage data and generating a second check curve by using backup storage data;
s202, a first spectrogram and a second spectrogram are respectively generated by using a first checking curve and a second checking curve;
S203, determining the difference between the first spectrogram and the second spectrogram, wherein the difference is positioned in the second spectrogram;
s204, generating a screening curve by using the difference, overlapping the screening curve on the second checking curve, and determining the starting position and the cut-off position of the screening curve on the second checking curve;
s205, determining a data abnormal area according to the starting position and the stopping position.
In the contents of steps S201 to S205, a group of data represents a dot in which the dots are sequentially arranged in a coordinate system in such a manner that the data is subjected to grouping processing, the abscissa of the dot is the serial number of the data packet, and the ordinate of the dot is the accumulated value of the data in the data packet.
By sequentially connecting the points together and performing smoothing processing, a curve can be obtained, that is, a first check curve (shown in fig. 3) is generated using the sample storage data and a second check curve (refer to fig. 3) is generated using the backup storage data mentioned in step S201.
Next, in step S202, a first spectrogram (shown in fig. 4) and a second spectrogram (shown in fig. 5, the dashed lines in fig. 5 indicate differences) are generated using the first inspection curve and the second inspection curve, respectively, the first spectrogram indicating the composition of the first inspection curve, and the second spectrogram indicating the composition of the second inspection curve. Then, in step S203, a difference between the first spectrogram and the second spectrogram is determined, where the difference is located in the second spectrogram.
In step S204, a screening curve is generated using the difference and superimposed on the second inspection curve, and the starting position and the ending position of the screening curve on the second inspection curve are determined, where the screening curve is generated using the difference by generating a wavelet with the parameters (frequency, amplitude) of the difference, that is, the screening curve, and then superimposing the screening curve on the second inspection curve.
The superposition of the screening curve on the second examination curve results in a new waveform having a starting position and a stopping position, from which the data anomaly region can be determined.
The starting position and the stopping position can be determined through coordinates, namely, the abscissa range of the data abnormal region is determined, the abscissa range of the data abnormal region can be determined by properly expanding the abscissa range of the data abnormal region, and data packets in the abscissa range of the data abnormal region are suspicious objects and are verified by using an MD5 algorithm.
By using the method, all the data abnormal areas can be found in one processing process, and then the storage errors are screened according to the data abnormal area pairs.
The first inspection curve is generated using the sample storage data in the following manner:
Selecting an inspection area on the sample storage data and sequentially creating inspection data blocks in the inspection area, wherein the lengths of adjacent inspection data blocks are the same;
Accumulating numbers included in the check data blocks to obtain accumulated values;
Creating a first checking curve by taking the sequential positions of the checking data blocks as the abscissa and the accumulated values of the checking data blocks as the ordinate;
Wherein the second inspection curve is generated using the backup storage data in the same manner as the first inspection curve is generated using the sample storage data.
In some examples, a step of evaluating the smoothness of the first check curve and adjusting the accumulated value of the corresponding check data block according to the smoothness is added, the purpose of which is to further clarify the data anomaly region. It should be appreciated that when a storage error occurs in a data block, the following occurs:
A bit error:
1010010101010101001010101......
1010010101010101001010100......
Multi-bit errors:
1010010101010101001010101......
1010011101010101001110100......
The accumulated value obtained at this time may have a small difference, which may lead to a situation where the position is inaccurate when determining the data anomaly area, and it is necessary to evaluate the smoothness of the first checking curve and adjust the accumulated value of the corresponding checking data block according to the smoothness, the purpose of which is to amplify the difference.
The specific way to evaluate the smoothness of the first checking curve is:
S301, randomly selecting a plurality of points on a first checking curve, and marking the points as checking points;
S302, sequentially calculating the differences between adjacent check points to obtain a difference value sequence, and simultaneously calculating a secondary difference value sequence of the difference value sequence;
s303, taking the fluctuation range of the secondary difference value sequence as the smoothness value of the first checking curve.
The contents of steps S301 to S303 are to determine the smoothness value of the first checking curve according to the degree of variation of the difference value of the checking points.
The manner of adjusting the accumulated value of the corresponding check data block is as follows:
selecting at least one point on the secondary difference value number column as a regulating point, wherein the number of the regulating points is a plurality of;
Changing the value of the adjusting point to enable the smoothness value of the first checking curve to be larger than or equal to the allowable value;
And giving the value after the change of the adjusting point to the corresponding check data block and adjusting the accumulated value of the check data block.
After determining the data abnormal region, the following method is also needed to be used for processing:
S401, repeatedly selecting checkpoints on a first checking curve, wherein two groups of checkpoints are respectively positioned at the starting position and the stopping position of a data abnormal region;
s402, respectively endowing forward adjustment and reverse adjustment to two checkpoints in a group;
s403, determining the starting position and the cut-off position of the screening curve in the second checking curve again.
The contents in steps S401 to S403 are further defined, specifically, checkpoints are selected at the start position and the stop position of the data anomaly area, then two checkpoints in a group are respectively assigned to forward adjustment and reverse adjustment, so as to amplify the difference value, and finally, the start position and the stop position of the screening curve in the second inspection curve are determined again.
In determining the start position and the stop position of the data abnormal region, an indeterminate situation may occur, because if there is exactly two-bit storage error, the storage error cannot be identified, and multiple divisions of the check data block are needed to reduce the probability that the storage error cannot be identified.
The application also provides a data security assessment device, which comprises:
the data acquisition unit is used for acquiring sample storage data and backup storage data of the sample data, wherein the number of the backup storage data is at least one;
the data evaluation unit is used for evaluating the consistency of the sample storage data and the backup storage data to obtain a consistency result;
The result output unit is used for giving a safety value of the sample storage data according to the consistency result, wherein the safety value is the recovery probability of the sample storage data;
the backup storage data of the sample data comprises backup time, backup address and backup range read from a backup log;
And when evaluating the consistency of the sample storage data and the backup storage data, evaluating according to the backup time, the backup address and the backup range.
Further, the method further comprises the following steps:
a first generation unit for generating a first inspection curve using the sample storage data and a second inspection curve using the backup storage data;
the second generation unit is used for generating a first spectrogram and a second spectrogram by using the first checking curve and the second checking curve respectively;
the difference determining unit is used for determining the difference between the first spectrogram and the second spectrogram, wherein the difference is positioned in the second spectrogram;
The first processing unit is used for generating a screening curve by using the difference and superposing the screening curve on the second checking curve, and determining the starting position and the cut-off position of the screening curve on the second checking curve;
And the second processing unit is used for determining the data abnormal area according to the starting position and the cut-off position.
Further, the method further comprises the following steps:
a data block creation unit for selecting an inspection area on the sample storage data and sequentially creating inspection data blocks within the inspection area, lengths between adjacent inspection data blocks being identical;
The accumulation unit is used for accumulating the numbers included in the check data blocks to obtain accumulated values;
A creating unit for creating a first check curve with the sequential positions of the check data blocks as abscissa and the accumulated values of the check data blocks as ordinate;
Wherein the second inspection curve is generated using the backup storage data in the same manner as the first inspection curve is generated using the sample storage data.
Further, the method further comprises evaluating the smoothness of the first checking curve and adjusting the accumulated value of the corresponding checking data block according to the smoothness.
Further, the method further comprises the following steps:
a first selecting unit for randomly selecting a plurality of points on a first inspection curve, denoted as inspection points;
The third processing unit is used for sequentially calculating the differences between adjacent check points to obtain a difference value sequence, and simultaneously calculating a secondary difference value sequence of the difference value sequence;
And a result unit for taking the fluctuation range of the secondary difference value sequence as the smoothness value of the first checking curve.
Further, the method further comprises the following steps:
a second selecting unit for selecting at least one point on the secondary difference number as a set point, the number of the set points being plural;
The first numerical value adjusting unit is used for changing the numerical value of the adjusting point to enable the smoothness numerical value of the first checking curve to be larger than or equal to the allowable value;
and the fourth processing unit is used for giving the numerical value after the change of the adjusting point to the corresponding check data block and adjusting the accumulated value of the check data block.
Further, the method further comprises the following steps:
the third selection unit is used for repeatedly selecting check points on the first check curve, and two groups of check points are respectively positioned at the starting position and the cut-off position of the data abnormal region;
the second numerical value adjusting unit is used for respectively endowing forward adjustment and reverse adjustment to two check points in a group;
and the position redetermining unit is used for redetermining the starting position and the cut-off position of the screening curve in the second checking curve.
In one example, the elements in any of the above apparatus may be one or more integrated circuits configured to implement the above methods, such as one or more application specific integrated circuits (application specific integratedcircuit, ASICs), or one or more digital signal processors (DIGITAL SIGNAL processors, DSPs), or one or more field programmable gate arrays (field programmable GATE ARRAY, FPGAs), or a combination of at least two of these integrated circuit forms.
For another example, when the units in the apparatus may be implemented in the form of a scheduler of processing elements, the processing elements may be general-purpose processors, such as a central processing unit (central processing unit, CPU) or other processor that may invoke a program. For another example, the units may be integrated together and implemented in the form of a system-on-a-chip (SOC).
Various objects such as various messages/information/devices/network elements/systems/devices/actions/operations/processes/concepts may be named in the present application, and it should be understood that these specific names do not constitute limitations on related objects, and that the named names may be changed according to the scenario, context, or usage habit, etc., and understanding of technical meaning of technical terms in the present application should be mainly determined from functions and technical effects that are embodied/performed in the technical solution.
It will be clear to those skilled in the art that, for convenience and brevity of description, specific working procedures of the above-described systems, apparatuses and units may refer to corresponding procedures in the foregoing method embodiments, and are not repeated herein.
In the several embodiments provided by the present application, it should be understood that the disclosed systems, devices, and methods may be implemented in other manners. For example, the apparatus embodiments described above are merely illustrative, e.g., the division of the units is merely a logical function division, and there may be additional divisions when actually implemented, e.g., multiple units or components may be combined or integrated into another system, or some features may be omitted or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be an indirect coupling or communication connection via some interfaces, devices or units, which may be in electrical, mechanical or other form.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
It should also be understood that in various embodiments of the present application, first, second, etc. are merely intended to represent that multiple objects are different. For example, the first time window and the second time window are only intended to represent different time windows. Without any effect on the time window itself, the first, second, etc. mentioned above should not impose any limitation on the embodiments of the present application.
It is also to be understood that in the various embodiments of the application, where no special description or logic conflict exists, the terms and/or descriptions between the various embodiments are consistent and may reference each other, and features of the various embodiments may be combined to form new embodiments in accordance with their inherent logic relationships.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution, in the form of a software product stored in a computer-readable storage medium, comprising several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to perform all or part of the steps of the method according to the embodiments of the present application. The computer readable storage medium includes various media capable of storing program codes, such as a USB flash disk, a removable hard disk, a Read-Only Memory (ROM), a random access Memory (Random Access Memory, RAM), a magnetic disk or an optical disk.
The application also provides a data security assessment system, which comprises:
one or more memories for storing instructions, and
One or more processors configured to invoke and execute the instructions from the memory to perform the method as set forth above.
The present application also provides a computer program product comprising instructions which, when executed, cause the terminal device and the network device to perform operations of the terminal device and the network device corresponding to the above method.
The present application also provides a chip system comprising a processor for implementing the functions involved in the above, e.g. generating, receiving, transmitting, or processing data and/or information involved in the above method.
The chip system can be composed of chips, and can also comprise chips and other discrete devices.
The processor referred to in any of the foregoing may be a CPU, microprocessor, ASIC, or integrated circuit that performs one or more of the procedures for controlling the transmission of feedback information described above.
In one possible design, the system on a chip also includes memory to hold the necessary program instructions and data. The processor and the memory may be decoupled, and disposed on different devices, respectively, and connected by wired or wireless means, so as to support the chip system to implement the various functions in the foregoing embodiments. Or the processor and the memory may be coupled to the same device.
Optionally, the computer instructions are stored in a memory.
Alternatively, the memory may be a storage unit in the chip, such as a register, a cache, etc., and the memory may also be a storage unit in the terminal located outside the chip, such as a ROM or other type of static storage device, a RAM, etc., that may store static information and instructions.
It will be appreciated that the memory in the present application can be either volatile memory or nonvolatile memory, or can include both volatile and nonvolatile memory.
The non-volatile memory may be a ROM, programmable ROM (PROM), erasable programmable ROM (erasable PROM, EPROM), electrically erasable programmable EPROM (EEPROM), or flash memory.
The volatile memory may be RAM, which acts as external cache. There are many different types of RAM, such as sram (STATIC RAM, SRAM), DRAM (DYNAMIC RAM, DRAM), synchronous DRAM (SDRAM), double data rate SDRAM (double DATA RATE SDRAM, DDR SDRAM), enhanced SDRAM (ENHANCED SDRAM, ESDRAM), synchronous DRAM (SYNCH LINK DRAM, SLDRAM), and direct memory bus RAM.
The embodiments of the present application are all preferred embodiments of the present application, and are not limited in scope by the present application, so that all equivalent changes according to the structure, shape and principle of the present application are covered by the scope of the present application.
Claims (10)
1. The data security assessment method is characterized by comprising the following steps:
obtaining sample storage data and backup storage data of the sample data, wherein the number of the backup storage data is at least one;
Evaluating consistency of the sample storage data and the backup storage data to obtain a consistency result;
according to the consistency result, a safety value of the sample storage data is given, wherein the safety value is the recovery probability of the sample storage data;
the backup storage data of the sample data comprises backup time, backup address and backup range read from a backup log;
And when evaluating the consistency of the sample storage data and the backup storage data, evaluating according to the backup time, the backup address and the backup range.
2. The data security assessment method according to claim 1, wherein evaluating consistency of the sample storage data and the backup storage data comprises:
Generating a first inspection curve using the sample storage data and a second inspection curve using the backup storage data;
generating a first spectrogram and a second spectrogram respectively by using the first checking curve and the second checking curve;
determining a difference between the first spectrogram and the second spectrogram, wherein the difference is located in the second spectrogram;
generating a screening curve by using the difference and overlapping the screening curve on the second checking curve, and determining the starting position and the cut-off position of the screening curve on the second checking curve;
And determining the data abnormal area according to the starting position and the cut-off position.
3. The data security assessment method of claim 2, wherein generating a first inspection curve using the sample stored data comprises:
Selecting an inspection area on the sample storage data and sequentially creating inspection data blocks in the inspection area, wherein the lengths of adjacent inspection data blocks are the same;
Accumulating numbers included in the check data blocks to obtain accumulated values;
Creating a first checking curve by taking the sequential positions of the checking data blocks as the abscissa and the accumulated values of the checking data blocks as the ordinate;
Wherein the second inspection curve is generated using the backup storage data in the same manner as the first inspection curve is generated using the sample storage data.
4. A data security assessment method according to any one of claims 1 to 3, further comprising evaluating the smoothness of the first checking curve and adjusting the accumulated value of the corresponding checking data block according to the smoothness.
5. The data security assessment method according to claim 4, wherein evaluating smoothness of the first checking curve comprises:
Randomly selecting a plurality of points on a first checking curve, and marking the points as checking points;
Sequentially calculating the differences between adjacent check points to obtain a difference sequence, and simultaneously calculating a secondary difference sequence of the difference sequence;
and taking the fluctuation range of the secondary difference value sequence as the smoothness value of the first checking curve.
6. The data security assessment method according to claim 5, wherein adjusting accumulated values of corresponding check data blocks comprises:
selecting at least one point on the secondary difference value number column as a regulating point, wherein the number of the regulating points is a plurality of;
Changing the value of the adjusting point to enable the smoothness value of the first checking curve to be larger than or equal to the allowable value;
And giving the value after the change of the adjusting point to the corresponding check data block and adjusting the accumulated value of the check data block.
7. The data security assessment method according to claim 5, further comprising, after determining the data anomaly region:
Repeatedly selecting check points on the first check curve, wherein two groups of check points are respectively positioned at the starting position and the cut-off position of the data abnormal region;
two checkpoints in a group are respectively endowed with forward adjustment and reverse adjustment;
the starting position and the stop position of the screening curve in the second examination curve are determined again.
8. Data security evaluation device, characterized by comprising:
the data acquisition unit is used for acquiring sample storage data and backup storage data of the sample data, wherein the number of the backup storage data is at least one;
the data evaluation unit is used for evaluating the consistency of the sample storage data and the backup storage data to obtain a consistency result;
The result output unit is used for giving a safety value of the sample storage data according to the consistency result, wherein the safety value is the recovery probability of the sample storage data;
the backup storage data of the sample data comprises backup time, backup address and backup range read from a backup log;
And when evaluating the consistency of the sample storage data and the backup storage data, evaluating according to the backup time, the backup address and the backup range.
9. A data security assessment system, the system comprising:
one or more memories for storing instructions, and
One or more processors to invoke and execute the instructions from the memory to perform the method of any of claims 1 to 7.
10. A computer-readable storage medium, the computer-readable storage medium comprising:
Program which, when executed by a processor, performs a method according to any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202411427593.XA CN119397562B (en) | 2024-10-14 | 2024-10-14 | Data security assessment method and assessment system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202411427593.XA CN119397562B (en) | 2024-10-14 | 2024-10-14 | Data security assessment method and assessment system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN119397562A true CN119397562A (en) | 2025-02-07 |
| CN119397562B CN119397562B (en) | 2025-07-04 |
Family
ID=94414348
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202411427593.XA Active CN119397562B (en) | 2024-10-14 | 2024-10-14 | Data security assessment method and assessment system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN119397562B (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080178185A1 (en) * | 2007-01-24 | 2008-07-24 | Wataru Okada | Apparatus and method for controlling data recovery |
| US20080228833A1 (en) * | 2007-03-12 | 2008-09-18 | Hitachi, Ltd. | System and method for managing consistency among volumes based on application information |
| CN112286733A (en) * | 2020-12-23 | 2021-01-29 | 深圳市科力锐科技有限公司 | Method, device and equipment for determining backup data recovery time and storage medium |
| KR102273257B1 (en) * | 2020-11-16 | 2021-07-06 | 주식회사 엔젠바이오 | Copy number variations detecting method based on read-depth and analysis apparatus |
| CN115756955A (en) * | 2022-11-09 | 2023-03-07 | 中电信数智科技有限公司 | Data backup and data recovery method and device and computer equipment |
-
2024
- 2024-10-14 CN CN202411427593.XA patent/CN119397562B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080178185A1 (en) * | 2007-01-24 | 2008-07-24 | Wataru Okada | Apparatus and method for controlling data recovery |
| US20080228833A1 (en) * | 2007-03-12 | 2008-09-18 | Hitachi, Ltd. | System and method for managing consistency among volumes based on application information |
| KR102273257B1 (en) * | 2020-11-16 | 2021-07-06 | 주식회사 엔젠바이오 | Copy number variations detecting method based on read-depth and analysis apparatus |
| CN112286733A (en) * | 2020-12-23 | 2021-01-29 | 深圳市科力锐科技有限公司 | Method, device and equipment for determining backup data recovery time and storage medium |
| CN115756955A (en) * | 2022-11-09 | 2023-03-07 | 中电信数智科技有限公司 | Data backup and data recovery method and device and computer equipment |
Non-Patent Citations (1)
| Title |
|---|
| 郭佳 等: "备份与恢复类产品安全评估方法", 保密科学技术, no. 2, 20 February 2020 (2020-02-20), pages 45 - 49 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN119397562B (en) | 2025-07-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104598342B (en) | The detection method and device of memory | |
| US9202040B2 (en) | Chip authentication using multi-domain intrinsic identifiers | |
| CN118519843B (en) | Chip testing method and chip testing system | |
| CN117149082A (en) | Solid state disk data processing method and device, solid state disk and storage medium | |
| US7788506B2 (en) | Method and device for protecting a memory against attacks by error injection | |
| CN111104246B (en) | Method, device, computer equipment and storage medium for improving verification efficiency of error detection and correction of DRAM | |
| CN113535578B (en) | CTS test method, CTS test device and CTS test equipment | |
| EP1089293B1 (en) | Memory test method and nonvolatile memory with low error masking probability | |
| JP4196770B2 (en) | Data processing method, data inspection method | |
| US20230367912A1 (en) | Semiconductor chip apparatus and method for checking the integrity of a memory | |
| CN107203436B (en) | A method and device for verifying Nand Flash data | |
| CN119397562A (en) | Data security assessment method and assessment system | |
| JP6103958B2 (en) | Semiconductor memory device | |
| EP1089292A1 (en) | Nonvolatile memory and high speed memory test method | |
| CN114388053A (en) | SSD data testing method and device, storage medium and testing equipment | |
| CN115292114B (en) | Data storage method, device, equipment and storage medium based on ETHASH algorithm | |
| CN112992252B (en) | Read-write reliability detection method, device, electronic device and readable storage medium | |
| CN117409843B (en) | Quality analysis method and device of flash memory, electronic equipment and medium | |
| CN115705914A (en) | Method and device for detecting bad block of flash memory and computer storage medium | |
| CN117079703B (en) | Method and device for testing embedded memory of chip and electronic equipment | |
| CN114200395B (en) | Data quality monitoring method and device for multi-point positioning system and electronic equipment | |
| CN105788646B (en) | A kind of RAM detection method and system | |
| CN112631823A (en) | File processing method and device | |
| CN120216406B (en) | Method and system for detecting data loss of memory chip | |
| CN118658488B (en) | A coal mine monitoring method and monitoring system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |