CN114003943B

CN114003943B - Safe double-control management platform for computer room trusteeship management

Info

Publication number: CN114003943B
Application number: CN202111659584.XA
Authority: CN
Inventors: 詹越; 王龙华; 苗棋江; 张倚榕; 付斌; 李先峰; 陈杰皓
Original assignee: Beijing Guoxin Wanglian Technology Co ltd
Current assignee: Beijing Guoxin Wanglian Technology Co ltd
Priority date: 2021-12-31
Filing date: 2021-12-31
Publication date: 2022-11-08
Anticipated expiration: 2041-12-31
Also published as: CN114003943A

Abstract

The invention relates to a safety double-control management platform for computer room hosting management, which relates to the technical field of database safety and comprises an authority management module for carrying out user authority management on a user accessing an enterprise database, an operation and maintenance auditing module for auditing the process of the user accessing the enterprise database according to the user authority determined by the authority management module, and a data safety control module for carrying out safety control on the data accessed by the user according to the user authority and an auditing result.

Description

Safe double-control management platform for computer room trusteeship management

Technical Field

The invention relates to the technical field of database security, in particular to a security double-control management platform for computer room hosting management.

Background

Enterprise database security is regarded as an object of attention and important research since the development of internet, and accordingly, a great number of database protection means are generated in the continuous development process of internet technology, but due to the development progress of internet technology, a corresponding hacker intrusion technology is also developed, and the hacker intrusion technology intrudes into the database through various means (such as networking software, email, web browser, local sharing, and the like) to steal data or destroy data, so that enterprise data is lost, and even if an enterprise has data backup, the enterprise loses a lot due to huge database data volume and prolonged recovery period.

The data storage of enterprise data is stored in a third party machine room through the adoption of the existing enterprise, the third party machine room manages and controls the data storage equipment of the enterprise, and the purpose of protecting the enterprise data is achieved.

The existing database security technology can only protect sensitive information through keywords and regular expressions, the false alarm rate and the missing report rate of the technology are high, and along with continuous variation of malicious software and viruses, the traditional security prevention and control system cannot intelligently adjust the prevention and control system according to the change of the viruses due to low control precision, so that a good protection effect cannot be achieved.

Disclosure of Invention

Therefore, the invention provides a safe dual-control management platform for computer room hosting management, which is used for solving the problem that a safe prevention and control system in the prior art cannot be intelligently adjusted according to the change of viruses due to low control precision, so that the protection effect is poor.

In order to achieve the above object, the present invention provides a security dual-control management platform for hosting and managing a machine room, which comprises an intelligent entrance guard system for performing authorization and system alarm on personnel, specifying a time period for entering the machine room and storing video monitoring, a monitoring system for performing action track monitoring on the personnel entering the machine room, and an operation, maintenance and data security management and control system for performing storage and management on enterprise data, wherein the operation, maintenance and data security management and control system comprises:

the authority management module is used for carrying out user authority management on users accessing the enterprise database;

the operation and maintenance auditing module is connected with the authority management module and is used for auditing the process of accessing the enterprise database by the user according to the user authority determined by the authority management module;

the data security control module is respectively connected with the authority management module and the operation and maintenance auditing module and is used for carrying out security control on the data accessed by the user according to the authority of the user and the auditing result;

the authority management module comprises an account management unit for managing a user account, a password management unit for managing a user authentication mode and an authentication strategy, and an authorization management unit for authorizing a user;

the operation and maintenance auditing module comprises a monitoring unit for monitoring the process data of the enterprise database accessed by the user and an analysis and judgment unit for analyzing the process data accessed by the user;

the data security management and control module comprises an identification unit for identifying sensitive data and a desensitization unit for desensitizing the sensitive data identified by the identification unit;

when the authorization management unit authorizes the user, the authorization management unit acquires the user account information in the account management unit and determines the authority level of the user according to the user account information, and the authorization management unit determines the limit level of the user for accessing the enterprise database according to the user level.

Further, the monitoring unit monitors the process that the user accesses the enterprise database through the security decision system, and comprises monitoring the number Q of data types accessed by the user at a single time, the data amount U of each data type accessed by the user, the proportion B of sensitive data in the data amount accessed by the user and the number C of attempts of accessing data which are not in accordance with the user grade, the analysis and judgment unit determines the monitoring strength of the user according to the comparison result of the number Q of the data types and the preset number Q0 of the data types, wherein the monitoring unit is provided with a first monitoring strength value W1 and a second monitoring strength value W2, and W1 is less than W2,

if Q is less than or equal to Q0, the monitoring unit sets the monitoring force on the user as a first monitoring force value W1;

if Q is larger than Q0, the monitoring unit sets the monitoring force on the user as a first monitoring force value W2.

Furthermore, the analysis and determination unit is further configured to compare the monitored data amount U of each data type with a preset data amount U0, and determine whether to adjust the monitoring strength of the user according to the comparison result,

if U is less than or equal to U0, the analysis and judgment unit judges that the monitoring strength value of the user is not adjusted;

and if U is larger than U0, the analysis and judgment unit judges that the monitoring force value of the user is adjusted.

Further, the monitoring unit is further configured to calculate a data amount difference Δ U between the data amount U of the data type and a preset data amount U0 when the analyzing and determining unit determines to adjust the monitoring strength value of the user, set Δ U = U-U0, select a corresponding adjustment coefficient according to a comparison result between the data amount difference and the preset data amount difference to adjust the monitoring strength value,

wherein the monitoring unit is also provided with a first preset data quantity difference value delta U1, a second preset data quantity difference value delta U2, a third preset data quantity difference value delta U3, a first force value regulating coefficient K1, a second force value regulating coefficient K2 and a third force value regulating coefficient K3, wherein delta U1 is more than delta U2 and less than delta U3, K1 is more than 1 and less than K2 is more than K3 and less than 1.5 is set,

when the delta U is less than or equal to the delta U1, the monitoring unit selects a first force value adjusting coefficient K1 to adjust the monitoring force;

when the delta U is more than 1 and less than or equal to the delta U2, the monitoring unit selects a second force value adjusting coefficient K2 to adjust the monitoring force;

when delta U2 is larger than delta U and is smaller than or equal to delta U3, the monitoring unit selects a third force value adjusting coefficient K3 to adjust the monitoring force;

when the monitoring unit selects the ith force value adjusting coefficient Ki to adjust the monitoring force, i =1,2,3 is set, the monitoring unit sets the adjusted monitoring force value as Wk, and Wk = Wn multiplied by Ki, n =1,2 is set.

Further, the analysis and determination unit is further configured to, when the obtaining of the sensitive data ratio B in the user access data volume and the number of attempts C for accessing data that does not conform to the user permission level is completed, compare the data ratio B with a preset data ratio B0 and compare the number of attempts C with a preset number of attempts C0, and determine whether the access process of the user is in compliance according to the comparison result,

if B is less than or equal to B0 or C is less than or equal to C0, the analysis and judgment unit judges that the access process of the user is not compliant;

if B > B0 and C > C0, the analysis determination unit determines that the access procedure of the user is compliant.

Further, the analysis and determination unit is further configured to calculate a pass rate P of the user access process when determining that the access process of the user is not compliant, set P = B/B0+ C/C0, compare the pass rate P with a preset pass rate, and modify a monitoring strength value of the user access process according to a comparison result, perform degradation processing on a user permission level, or prohibit user access, where the analysis and determination unit further includes a first preset pass rate P1, a second preset pass rate P2, and a third preset pass rate P3, where P1 > P2 > P3,

when P is larger than or equal to P1, the analysis and judgment unit judges that the monitoring strength of the user is corrected;

when P1 is larger than P and is larger than or equal to P2, the analysis and judgment unit judges that the permission level reduction processing is carried out on the user;

when P2 is larger than P and is larger than or equal to P3, the analysis and judgment unit judges that the user is forbidden to access the enterprise database and sets forbidden duration;

the authorization management unit is further configured to reduce the user permission level by one level when the analysis determination unit determines to perform permission level reduction processing on the user.

Further, the monitoring unit is further configured to calculate a first yield difference Δ Pa between the yield P and a first preset yield P1, set Δ Pa = P-P1, and select a corresponding correction coefficient according to a comparison result between the yield difference and a preset yield difference to correct the monitoring force value when the analyzing and determining unit determines to correct the monitoring force of the user,

wherein the monitoring unit is also provided with a first preset yield difference value delta P1, a second preset yield difference value delta P2, a third preset yield difference value delta P3, a first force value correction coefficient X1, a second force value correction coefficient X2 and a third force value correction coefficient X3, wherein delta P1 is more than delta P2 and less than delta P3, 1 is more than X1 and more than X2 is more than X3 and less than 1.5,

when delta Pa is less than or equal to delta P1, the monitoring unit selects a first force value correction coefficient X1 to correct the user monitoring force value;

when delta P1 is larger than delta Pa and is smaller than or equal to delta P2, the monitoring unit selects a second force value correction coefficient X2 to correct the user monitoring force value;

when delta P2 is larger than delta Pa and is smaller than or equal to delta P3, the monitoring unit selects a third force value correction coefficient X3 to correct the user monitoring force value;

when the monitoring unit selects the jth force value correction coefficient Xj to correct the monitoring force value of the user, j =1,2,3 is set, the monitoring unit sets the corrected monitoring force value as Wx, and sets Wx = Wk multiplied by Xj.

Further, the authorization management unit is further configured to calculate a second yield difference Δ Pb between the yield P and a third preset yield P3 when the analysis and determination unit determines that the user is prohibited from accessing the enterprise database, set Δ Pb = P-P3, determine the prohibition duration according to a comparison result between the second yield difference and the preset yield difference,

wherein the authorization management unit is also provided with a first prohibition time period t1, a second prohibition time period t2 and a third prohibition time period t3, t1 is more than t2 and less than t3,

when the delta Pb is less than or equal to the delta P1, the authorization management unit sets the prohibition duration for prohibiting the user from accessing the enterprise database as a first prohibition duration t1;

when the delta P1 is larger than the delta Pb and is smaller than or equal to the delta P2, the authorization management unit sets the prohibition duration for prohibiting the user from accessing the enterprise database as a second prohibition duration t2;

and when the delta P2 is more than the delta Pb and less than or equal to the delta P3, the authorization management unit sets the prohibition time length for prohibiting the user from accessing the enterprise database as a third prohibition time length t3.

Further, the authorization management unit is further configured to set z =1,2,3 when the prohibition duration for prohibiting the user from accessing the enterprise database is set to be tz, obtain the compliance frequency F of the user from historically accessing the enterprise database, compare the compliance frequency F with the preset compliance frequency F0, if F is not greater than F0, the authorization management unit determines not to adjust the prohibition duration, and if F is greater than F0, the authorization management unit determines to adjust the prohibition duration.

Further, the authorization management unit is further configured to, when determining to adjust the prohibited time length, calculate a time difference Δ F between the compliance time F and a preset compliance time F0, set Δ F = F-F0, select a corresponding time length adjustment coefficient according to a comparison result of the time difference and the preset time difference to adjust the prohibited time length,

wherein, the authorization management unit is also provided with a first preset time difference value delta F1, a second preset time difference value delta F2, a third preset time difference value delta F3, a first time length regulating coefficient R1, a second time length regulating coefficient R2 and a third time length regulating coefficient R3, wherein, delta F1 is more than delta F2 and less than delta F3, R1 is more than 1 and more than R2 is more than R3 and less than 2,

when the delta F is less than or equal to the delta F1, the authorization management unit selects a first time length adjusting coefficient R1 to adjust the forbidden time length;

when the delta F1 is larger than the delta F and is not larger than the delta F2, the authorization management unit selects a second time length adjusting coefficient R2 to adjust the forbidden time length;

when the delta F2 is larger than the delta F and is not larger than the delta F3, the authorization management unit selects a third time length adjusting coefficient R3 to adjust the forbidden time length;

when the authorization management unit selects the e-th time length adjusting coefficient Re to adjust the prohibition time length, setting e =1,2,3, and the authorization management unit sets the adjusted prohibition time length as tr and sets tr = tz × Re.

Compared with the prior art, the method has the advantages that the third-party computer room is arranged to deploy the safety decision platform, the safety decision platform monitors the user in the whole process when the user enters the computer room, the compliance of the user access is determined according to the access process of the user, the monitoring strength of the user access process is improved, the probability of operating, downloading and entering a management area by illegal personnel is reduced, the intrusion probability of malicious software and viruses is further reduced, and the protection effect of an enterprise database is guaranteed.

Particularly, the authorization management unit is arranged to set different permission levels and corresponding access limit levels for different users, so that the number of acquirable people of the database is small, and the possibility of data leakage is reduced. The access process of each user is audited by the operation and maintenance auditing module, the monitoring force of the access process of the user is guaranteed, and the illegal operation is timely processed, so that the protection effect of the enterprise database is further improved. By arranging the data security management and control module, data are managed independently, and corresponding management and control strategies are set in the data security management and control module, so that the protection of enterprise data is improved while a user can acquire data corresponding to the authority level of the user.

Furthermore, the invention acquires the monitoring data of a plurality of user access processes in the user access process through the operation and maintenance auditing module, further determines the compliance of the user access database process according to the comparison result of the monitoring data and the preset value of the monitoring data by setting the preset value corresponding to the monitoring data, and correspondingly processes the user according to the set processing strategy when the access process of the auditing user is not compliant, thereby further improving the monitoring precision of the user access process and further improving the protection effect of the enterprise database.

Furthermore, the invention sets the number of the preset data types, a plurality of monitoring strength values and the preset data quantity in the operation and maintenance auditing module, determines the monitoring strength to the user according to the comparison result of the number of the data types and the preset number in the enterprise database accessed by the user after single login in the process that the user accesses the enterprise database, acquires the data quantity of each type of data accessed by the user after determining the monitoring strength, compares the data quantity with the preset data quantity, and determines whether to adjust the monitoring strength value according to the comparison result, thereby improving the control precision of the prevention and control process of the decision making system and further improving the protection effect on the enterprise database.

Furthermore, the monitoring unit and the analysis and judgment unit are arranged in the operation and maintenance auditing module, the access process data are acquired through the monitoring unit, the access process data are analyzed through the analysis and judgment unit, the monitoring unit is provided with a plurality of preset data quantity difference values and force adjustment coefficients, when the analysis and judgment unit is used for adjusting the monitoring force value, the data quantity of each data type actually accessed by a user and the data quantity difference value of the preset data quantity are calculated, and the corresponding force adjustment coefficient is selected according to the comparison result of the data quantity difference value and the preset data quantity difference values to adjust the monitoring force value, so that the control precision of the decision system prevention and control process is further improved, and the protection effect on an enterprise database is further improved.

Furthermore, the invention sets the preset sensitive data proportion and the preset trial times in the analysis and judgment unit, obtains the sensitive data proportion in the data volume accessed by the user and the trial times of accessing data which does not accord with the authority level data of the user in the process of accessing the enterprise database by the user, compares the sensitive data proportion with the preset sensitive data and the preset trial times respectively, analyzes and judges the compliance of the access process of the user according to the comparison result, further improves the control precision of the prevention and control process of the decision system, and further improves the protection effect of the enterprise database.

Furthermore, the invention sets a plurality of preset qualification rates in the analysis and judgment unit, calculates the qualification rate of the non-compliant access of the user when the analysis and judgment unit judges that the access process of the user is not compliant, and determines to further process the user according to the comparison result of the qualification rate and the preset qualification rates, thereby improving the control precision of the decision-making system in the prevention and control process and further improving the protection effect on the enterprise database.

Drawings

Fig. 1 is a logic block diagram of a security dual-control management platform for hosting management in a computer room according to the present invention.

Detailed Description

In order that the objects and advantages of the invention will be more clearly understood, the invention is further described below with reference to examples; it should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.

Preferred embodiments of the present invention are described below with reference to the accompanying drawings. It should be understood by those skilled in the art that these embodiments are only for explaining the technical principle of the present invention, and do not limit the scope of the present invention.

It should be noted that in the description of the present invention, the terms of direction or positional relationship indicated by the terms "upper", "lower", "left", "right", "inner", "outer", etc. are based on the directions or positional relationships shown in the drawings, which are only for convenience of description, and do not indicate or imply that the device or element must have a specific orientation, be constructed and operated in a specific orientation, and thus, should not be construed as limiting the present invention.

Furthermore, it should be noted that, in the description of the present invention, unless otherwise explicitly specified or limited, the terms "mounted," "connected," and "connected" are to be construed broadly, and may be, for example, fixedly connected, detachably connected, or integrally connected; can be mechanically or electrically connected; they may be connected directly or indirectly through intervening media, or they may be interconnected between two elements. The specific meanings of the above terms in the present invention can be understood by those skilled in the art according to specific situations.

The safety double-control decision platform integrates the main functions of a bastion machine, a data safety management and control system and an SSL VPN. The data managed to other machine rooms (200 stations) except the central office machine room server is remotely controlled mainly from three aspects of desensitization, watermarking and weight distribution.

The embodiment of the invention provides a safe double-control management platform for hosting management of a machine room, which comprises an intelligent entrance guard system, a monitoring system and an operation, maintenance and data safety management and control system, wherein the intelligent entrance guard system is used for authorizing personnel, giving system alarms, appointing time period for entering the machine room and storing video monitoring, the monitoring system is used for monitoring action tracks of the personnel entering the machine room, and the operation, maintenance and data safety management and control system is used for storing and managing enterprise data,

specifically, the intelligent entrance guard system comprises a monitoring system and a computer room, wherein the intelligent entrance guard system carries out face recognition authentication on personnel entering the computer room, and the personnel can enter the computer room after the authentication is successful, and the monitoring system acquires the positions of the personnel in real time when the personnel enter the computer room and determines whether the computer room area where the personnel are located is in compliance or not.

The operation, maintenance and data security management and control system comprises:

and the data security control module is respectively connected with the authority management module and the operation and maintenance auditing module and is used for carrying out security control on the data accessed by the user according to the user authority and the auditing result.

Specifically, the architecture of the logical networking is that the operation and maintenance security device and the data security management device are deployed in a cloud machine room in a bypass manner, all data are audited through the bypass of the security audit area under the operation condition, the operation and maintenance security control device and the data security control device need to be ensured to be accessible to the network of all controlled resources, and a minimum service port is opened to guarantee the security of the data.

Specifically, the authority management module comprises an account management unit for managing a user account, a password management unit for managing a user authentication mode and an authentication policy, and an authorization management unit for authorizing a user.

The management of the account management unit is mainly divided into two parts: the management of the natural human primary account is the first one, and the management of the system resource secondary account is the second one.

Specifically, the master-slave account management includes functions of master-slave account synchronization, master-slave account role maintenance, password periodic update, password policy management and the like. Managing the main account in the whole life cycle, including establishing, copying, modifying, migrating, freezing, deleting and other functions; the account information contains basic information including: information such as main account name, chinese and English names, job number, gender, birthday, telephone and the like; the storage and transmission of the account number and the password support encryption. And (3) personal maintenance management of a main account: the individual can maintain information of the established account, including information updating such as telephone and the like.

The slave account management comprises life cycle management of slave account synchronization, modification, freezing, deletion and the like; managing the attribute of contents such as account numbers and passwords; the collection and management of program accounts are realized; synchronizing slave accounts of the access resources; and (4) periodically performing consistency audit on the secondary account of the resource and the secondary account information of the resource stored on the platform side, and discovering zombie accounts of the system and the like.

Setting an account password strategy, formulating a natural person account password strategy and a resource account password strategy through the system, and sending the strategy to a password strategy module for execution. The password strategy comprises the minimum and maximum length limits of the account password, the password complexity, available special characters, the password validity period, the expected reminding time, the number of times that the password cannot be repeated, the number of times that the password is allowed to be wrong and the like.

Setting a time limit strategy to ensure the safety of important resources, and controlling the login of the resources, wherein if the work time is limited, the login of a certain resource can only be performed by a certain slave account, and the login is not allowed in the non-work time. The system can set the time strategy for the authorization of the secondary account, and flexibly select and configure a certain main account, resources and secondary accounts.

The password management unit comprises password intensity setting: the management of the static password intensity of the account is supported, and the setting of the password complexity intensity of the password number and the constituent elements is supported; password two-factor authentication: the method sets a user login mode, performs multi-factor authentication on an authenticated user (can be combined with modes such as a third party CA, a dynamic token, a mobile phone token, biological identification, short message authentication and the like, supports combined authentication, improves access security), has a standard development interface, and can lock the user for a user who fails in multiple authentication.

The authentication mode and the authentication strategy of the embodiment of the invention are also used for identifying the legality of the user identity and supporting various combined authentication modes, such as: dynamic password, static password, certificate authentication, short message authentication, mobile token and external authentication: besides providing local authentication service, the system also needs to support the butt joint with the CA in the tobacco industry, so that the dual-factor authentication of the operation and maintenance login password account and the CA in the tobacco industry is realized.

Specifically, the authorization management unit is further provided with a security decision platform accessible by a terminal with a designated IP address, the security decision platform inaccessible by terminals except for the designated IP address, time limitation for accessing the enterprise database by a user, a blacklist library and a whitelist library for inputting commands by the user, command library policy distribution is performed on the access of the user, constraint control of command line levels is effectively performed, and the authorization management unit also supports the identification blocking of a shorthand command line and a blacklist library.

The data security management and control module comprises an identification unit used for identifying the sensitive data and a desensitization unit used for desensitizing the sensitive data identified by the identification unit.

Specifically, the desensitization rule of the desensitization unit includes: data simulation: simulating the data content to generate high-simulation data with correct format and semantic, but not real; data masking: replacing the shielding content of the data by using special characters to destroy the readability of the data; random character string: randomly changing the data to ensure that the original semantics and format of the data are not reserved; resetting the fixed value: a fixed number or string, such as a password column, may be reset to "8888888888" for a particular data column; hash (encrypted): carrying out Hash encryption on complete data to make the data unreadable; column association: keeping the correspondence or operational relationship between columns, such as identity card field, birthday, age, etc.; longitudinal disorder: maintaining or disordering the corresponding relation of each row of data between the columns; calculating the association column: when there is an operational relationship between columns (e.g., a + B = C), the desensitized data still has the same operational relationship; dictionary mapping: according to the feature dictionary, replacing the data conforming to the features with a specified value, for example, uniformly replacing all Zhang three with Li four; random mapping: according to the feature dictionary, data conforming to the features are randomly replaced, for example, all the Zhang-three can be replaced by any one of the Li-four, the Wang-five and the Zhao-six.

The operation and maintenance auditing module comprises a monitoring unit for monitoring the process data of the enterprise database accessed by the user and an analysis and judgment unit for analyzing the process data accessed by the user.

Specifically, the operation and maintenance auditing module comprises the technologies of distributed auditing management, comprehensive intelligent classification of operation and maintenance auditing documents, document compression, encryption and leakage, and data safe deposit box.

The sub-authority audit management specifically provides a four-authority separated management mode for the system, and comprises four manager roles of a system manager, an operation and maintenance manager, a password manager and an auditor, so that the manager roles can be flexibly customized, the manager authority is further refined, and the system management safety is technically ensured; the system integrates authentication, authorization, management and audit organically, and effectively realizes advance prevention, central control and post audit.

Comprehensive operation and maintenance auditing is that the system adopts protocol analysis and a data packet-based restoration virtualization technology to realize operation interface simulation, converts all operations into a graphical interface to be displayed, and realizes that 100% auditing information is not lost. Besides the display of the operation and maintenance operation graphical auditing function, the method can also analyze characters, including commands of command line operation, echoed information and knocking information of a keyboard and a mouse during non-character operation. Audit protocols and tools supported by the system include:

telnet, SSH terminal command operation

Windows graphics RDP, VNC, pcAnywhere, dameWare, etc

Xwindows, a Unix/Linux graphic

File upload and download FTP, SFTP

Management operations based on BS HTTP, HTTPS

Database management tools all tools such as PLSQL.

The intelligent classification of the documents is an advanced technology integrating natural language learning, artificial intelligence and the like in the traditional system, can understand the content of the documents, judges the security level of the documents according to the content of the documents, and further automatically has the security strategy of the documents with similar content. The system becomes more and more intelligent due to continuous learning in the using process, so that the burden of the staff can be greatly reduced, and overlooked sensitive data can be automatically protected.

The method has the advantages that the document compression encryption leakage is prevented, most of domestic DLP solutions face that the compressed files are not policy-bound, and the encrypted documents are not protected. In this case, even if the other aspects are so powerful, the overall safety is relatively low, as is the case with wooden barrels having short panels. The system can find the compressed and encrypted sensitive files and prevent the divulgence behavior in time in the mode.

Data safe technology, with the constant variety of malware and viruses, traditional security measures are always frustrating. Especially in the protection aspect of terminal fixing, no effective method is available at present. In response to this situation, the data safe technology in the system can solve the above problems well. The data safe technology is suitable for protecting and monitoring fixed directories, such as important folder protection, database directory protection and the like. The implementation of the technology can effectively intercept the access and damage of any unknown malicious program.

The monitoring unit acquires user access process data when a user accesses the enterprise database, the analysis and judgment unit determines whether the user access process is in compliance according to the access process data, and when the user access process is determined not to be in compliance, the analysis and judgment unit performs degradation processing on the application user or processes the user access data.

The monitoring unit monitors the process that a user accesses an enterprise database through the safety decision system, and comprises the steps of monitoring the data type quantity Q of single access of the user, the data quantity U of each data type accessed by the user, the sensitive data proportion B in the data quantity accessed by the user and the trial times C of access data which do not conform to user grade data, the analysis and judgment unit determines the monitoring force on the user according to the comparison result of the data type quantity Q and the preset data type quantity Q0, wherein the monitoring unit is provided with a first monitoring force value W1 and a second monitoring force value W2, and W1 is less than W2,

if Q is less than or equal to Q0, the monitoring unit sets the monitoring force on the user to be a first monitoring force value W1;

Specifically, the analysis and determination unit is further configured to compare the monitored data amount U of each data type with a preset data amount U0, and determine whether to adjust the monitoring strength of the user according to the comparison result,

and if U is greater than U0, the analysis and judgment unit judges that the monitoring force value of the user is adjusted.

The monitoring unit is further used for calculating a data quantity difference value delta U between the data quantity U of the data type and a preset data quantity U0 when the analysis and judgment unit judges that the monitoring strength value of the user is adjusted, setting delta U = U-U0, and selecting a corresponding adjustment coefficient according to a comparison result of the data quantity difference value and the preset data quantity difference value to adjust the monitoring strength value,

when the delta U is larger than the delta U1 and smaller than the delta U and smaller than or equal to the delta U2, the monitoring unit selects a second force value adjusting coefficient K2 to adjust the monitoring force;

when the delta U2 is larger than the delta U and is smaller than or equal to the delta U3, the monitoring unit selects a third force value adjusting coefficient K3 to adjust the monitoring force;

The analysis and determination unit is further configured to compare the data proportion B with a preset data proportion B0 and compare the trial frequency C with a preset trial frequency C0 respectively when the sensitive data proportion B in the user access data volume and the trial frequency C of accessing data which do not conform to the user permission level are obtained, and determine whether the access process of the user is in compliance according to the comparison result,

The analysis and determination unit is further configured to calculate a qualification rate P of the user access process, set P = B/B0+ C/C0, compare the qualification rate P with a preset qualification rate, correct a monitoring strength value of the user access process according to a comparison result, perform degradation processing on a user permission level, or prohibit user access when determining that the user access process is not compliant, wherein the analysis and determination unit is further provided with a first preset qualification rate P1, a second preset qualification rate P2, and a third preset qualification rate P3, P1 > P2 > P3,

when P is larger than or equal to P1, the analysis and judgment unit judges that the monitoring force of the user is corrected;

when P1 is more than P and more than or equal to P2, the analysis and judgment unit judges that the permission level reduction processing is carried out on the user;

and when P2 is more than P and is more than or equal to P3, the analysis and judgment unit judges that the user is prohibited from accessing the enterprise database and sets a prohibited time length.

The monitoring unit is further used for calculating a first qualified rate difference value delta Pa between the qualified rate P and a first preset qualified rate P1 when the analysis and judgment unit judges that the monitoring force of the user is corrected, setting delta Pa = P-P1, selecting a corresponding correction coefficient according to a comparison result of the qualified rate difference value and the preset qualified rate difference value to correct the monitoring force value,

wherein the monitoring unit is also provided with a first preset qualified rate difference value delta P1, a second preset qualified rate difference value delta P2, a third preset qualified rate difference value delta P3, a first force value correction coefficient X1, a second force value correction coefficient X2 and a third force value correction coefficient X3, wherein, delta P1 is more than delta P2 and less than delta P3, X1 is more than 1 and less than X2 is more than X3 and less than 1.5 are set,

when the monitoring unit selects the j-th force value correction coefficient Xj to correct the monitoring force value of the user, j =1,2 and 3 is set, the monitoring unit sets the corrected monitoring force value as Wx, and sets Wx = Wk multiplied by Xj.

The authorization management unit is further configured to calculate a second yield difference Δ Pb between the yield P and a third preset yield P3 when the analysis and determination unit determines that the user is prohibited from accessing the enterprise database, set Δ Pb = P-P3, and determine the prohibition duration according to a comparison result between the second yield difference and the preset yield difference,

wherein the authorization management unit is further provided with a first prohibition time period t1, a second prohibition time period t2 and a third prohibition time period t3, t1 is more than t2 and less than t3,

when delta P1 is larger than delta Pb and is smaller than or equal to delta P2, the authorization management unit sets the prohibition time length for prohibiting the user from accessing the enterprise database as a second prohibition time length t2;

The authorization management unit is further used for setting z =1,2,3 when the prohibition time length for prohibiting the user from accessing the enterprise database is set to be tz, obtaining the compliance frequency F of the user for historical access to the enterprise database, comparing the compliance frequency F with the preset compliance frequency F0, if F is less than or equal to F0, the authorization management unit judges not to adjust the prohibition time length, and if F is greater than F0, the authorization management unit judges to adjust the prohibition time length.

The authorization management unit is further configured to calculate a time difference Δ F between the compliance time F and a preset compliance time F0, set Δ F = F-F0, and select a corresponding time length adjustment coefficient according to a comparison result of the time difference and the preset time difference to adjust the prohibited time length when determining to adjust the prohibited time length,

wherein, the authorization management unit is also provided with a first preset time difference value delta F1, a second preset time difference value delta F2, a third preset time difference value delta F3, a first time length regulating coefficient R1, a second time length regulating coefficient R2 and a third time length regulating coefficient R3, wherein, delta F1 is more than delta F2 and less than delta F3, R1 is more than 1 and less than R2 is more than R3 and less than 2,

when the authorization management unit selects the e-th time length adjusting coefficient Re to adjust the prohibited time length, setting e =1,2,3, and the authorization management unit sets the adjusted prohibited time length as tr and sets tr = tz × Re.

Specifically, the operation and maintenance auditing module of the embodiment of the invention comprises:

complete identity management and authentication: in order to ensure that a legal user can access background resources with the authority, the problem that specific people cannot be located due to cross operation and maintenance in an IT system is solved. The system meets the authorization requirement of who can do and the requirement of an auditing system of who can do, and provides a set of complete identity management and authentication functions. The method supports the authentication modes of the static password, the USBKey, the Rakuis, the LADP, the AD domain and the POP3 of the operation and maintenance user, supports the security management functions of the password intensity, the password validity period, the password attempt deadlock, the user activation and the like, supports the import and export of user information, and is convenient for batch processing.

Flexible, fine-grained authorization: the system provides an authorization function based on the combination of an operation and maintenance user, an operation and maintenance protocol, a target host, an operation and maintenance time period, an operation and maintenance session duration, an operation and maintenance client IP and the like, achieves a fine-grained authorization function, and meets the actual authorization requirements of the user. The method comprises the steps of providing authorization from an operation and maintenance user to resources, providing authorization from an operation and maintenance user group to resources, providing authorization from the operation and maintenance user to resource groups, providing authorization from the operation and maintenance user group to resource groups, and realizing the following safety targets by using a flexible and fine-grained authorization function, wherein the operation and maintenance user can only see and execute authorized application software, prevent document copying and local printing, cannot spread any virus, malicious software and the like, and cannot jump to other IT equipment by an unauthorized user. The lock technician executes the program (Telnet, SSH, etc. instructions) through the CLI.

Automatic login of background resources: the background resource automatic login function is that after an operation and maintenance user passes authentication and authorization of the Cojumper (jail surgers), the Cojumper realizes automatic login of background resources according to a configuration strategy, and the operation and maintenance user does not need to know account passwords of the background resources. The function provides a controllable correspondence from the operation and maintenance user to the background resource account, and simultaneously realizes the unified protection of the password of the background resource account. According to the characteristics of different hosts, networks and safety equipment, the Cojumper provides account interface command hosting and trusts to realize that an operation and maintenance user automatically logs in background resources in two ways.

Real-time monitoring: the method comprises the steps of monitoring the session in operation and maintenance, wherein the information comprises an operation and maintenance user, an operation and maintenance client IP address, a resource IP address, a protocol, start time and the like, monitoring background resources which are accessed currently, and providing a real-time monitoring function of online operation and maintenance operation. Various operations in operation and maintenance can be monitored in real time in an image mode aiming at the command interactivity protocol, and the information of the operations is completely consistent with that seen by the operation and maintenance client. For the resources being operated and maintained, the operation and maintenance session can be immediately interrupted according to the management requirement.

And (3) alarming and blocking violation operation in real time: aiming at the potential operation risk possibly existing in the operation and maintenance process, the Cojumper detects the illegal operation in the operation and maintenance process according to the security strategy configured by the user and provides real-time warning and blocking for the illegal operation, so that the operation risk is reduced and the capability of security management and control is improved. The operation of the non-character protocol can be blocked in real time, the operation of the character protocol can be configured with a blocking command in an alarm rule to realize alarm and blocking, the alarm rule supports the alarm level and alarm classification, and the alarm action supports session blocking, auditing platform alarm, mail alarm and the like.

The complete recording session process: the system provides complete session records of network sessions such AS operation and maintenance protocols Telnet, FTP, SSH, SFTP, RDP (Windows Terminal), XWindows, VNC, AS400, HTTP, HTTPs and the like, and completely meets the requirement that information is not lost in percentage in content audit. The mail sent and delivered through the internal mail server may be audited. The session information comprises operation and maintenance users, operation and maintenance addresses, background resource addresses, resource names, protocols, starting time, ending time and flow size information, and the session information comprises all data entering and exiting background resources in the operation and maintenance process.

Data security management and control: a network virtual storage center is utilized to establish a completely independent personal folder for each user, the operation and maintenance users are forced to download related data into the personal folders, the data are prevented from being downloaded to a local terminal and cannot be effectively controlled, the watermark identification is carried out on the downloaded files, and the effective tracing of data outgoing is realized.

And (3) sensitive data discovery: the data management module of the data security management and control system is internally provided with an automatic identification algorithm of sensitive contents such as names, mobile phone numbers, identification card numbers, chinese addresses, bank card numbers, company names, fixed telephones, electronic mailboxes, organizational structure codes, social uniform credit codes and the like, and can automatically identify the sensitive data. Sensitive data fields that cannot be identified can be added manually. The system supports the collection of distributed sample data, acquires the most complete sample information, and can effectively identify various complex types of sensitive data through data depth analysis, such as: 15-digit and 18-digit identity cards, 16-digit and 19-digit bank card numbers, chinese name + company name, identity card + organization code, mobile phone number + landline number, and the like.

Operation and maintenance real-time desensitization: the operation and maintenance real-time desensitization function mainly aims at protecting sensitive data in a database and is suitable for units related to sensitive information. Setting an operation and maintenance desensitization rule: the system can make a sensitive data desensitization strategy for different sensitive data types, such as printing, and the like. Different desensitization rules can be adopted for different fields of different databases, for example, different desensitization rules are selected for a certain field of a certain table, and sensitive contents are automatically displayed by using a star. And (3) desensitizing the result of accessing the database aiming at different personnel accessing the database, so as to prevent sensitive data from being leaked. The operation and maintenance safety control system 'sensitive data discovery and desensitization module' achieves that when a user carries out operation and maintenance through the data safety control platform and queries a database by using SQL sentences, sensitive data in the database are desensitized in real time, sensitive contents are shielded, and information leakage is avoided. The supported database types include: oracle, DB2, SQLServer, mysql, sybase. And according to the user access authorization policy setting, when the user operates the database, the fuzzification processing of the sensitive data is realized. When the user with low authority carries out SQL statement query operation on the database, the queried sensitive content is replaced and displayed, and sensitive information leakage is avoided.

Data leakage prevention: the data leakage prevention scheme is divided into two parts, namely terminal leakage prevention and gateway leakage prevention. The leakage prevention of the gateway mainly prevents sensitive data in a transmission state from being leaked, and the leakage prevention of the terminal prevents the data from being leaked in use and storage. The system can prevent sensitive files from being illegally accessed and sent out by controlling fine granularity, including dividing employees into different security levels, dividing documents into different security levels and dividing functions of processes. In order to realize data leakage prevention, the system does not adopt a data encryption mechanism, but adopts a mechanism of mandatory access control, and the granularity of an object is file level. The access policy of a specific file can be specified according to the requirements of a user. The terminal data leakage path generally comprises terminal peripheral equipment, IM software, e-mails, a WEB browser, local sharing, a pasting board and the like.

Remote erase/restore of sensitive data: the determination of the document content should be based on an analysis of the entire document content. The mode of the keywords or the regular expression has great limitation, the document abstract is used for judging the document, and although the document is direct and almost has zero false alarm, the efficiency is not high, and the false alarm is easy to miss. Thus, the system can identify documents with similar content using advanced word segmentation techniques and algorithms. The sensitive files can be identified as the sensitive files even if being changed and compressed, and then the leakage of the sensitive files is avoided.

Sensitive information rules: the administrator may configure the sensitive information rules as needed. The rule configuration supports algorithms such as word segmentation and regular expressions.

Sensitive information self-checking: the user can perform self-checking on the documents stored on the terminal according to the sensitive information rule configured by the administrator, and can locally display a corresponding document list and path containing the sensitive information.

Remote cleaning: the administrator can remotely delete the document containing the sensitive data on the appointed terminal on the management interface; remote recovery can also be performed on documents containing sensitive data that have been deleted.

File tracing: the file circulation history can be traced, the whole life cycle of the file is visible, and the analysis basis can be provided after a safety event occurs.

And (3) process management: processes running on the end host and the executable are all in the scope of monitoring. The system has a classification mechanism for the process, and has the categories of no read-write, compression, transmission and the like. The classification is preset in the system in advance, and an administrator can manually modify and add the application program to the knowledge base. This program classification mechanism can help the DIPS detection engine to quickly and accurately determine malicious programs and illegal operations. In the process management module, the black and white list function of the application proposed by the client in the actual project is added. The function can solve the problem that the enterprise has no control to the application program under the controlled network environment. The blacklist policy is preferably hit when the same application is both in the white list and in the black list. The process asset condition on the protected terminal can be known through the management interface. For all executables on a terminal, the process asset visualization function can monitor whether or not the executable is running. When an unknown process appears to send data over the network, the data protection engine directly blocks the action and logs it.

Data backup and recovery: data within an enterprise organization may become unavailable for various reasons, such as uncontrollable events like software and hardware failures, staff errors, hacking attacks and natural disasters. The system provides a data backup function for the client while preventing data leakage, and when data on the staff terminal is damaged or the normal state cannot be recovered, normal data can be obtained from the data backup server. The automatic data backup function has no influence on the user and is backed up once a day. When the user needs to restore the document, only the specified document is selected from the backup list for restoration. Data backup and recovery are technical requirements of 'equal guarantee 2.0'.

The operation, maintenance and safety management and control system of the safety double-control decision platform also comprises an encryption remote access module, which specifically comprises:

multiple authentication modes are combined for authentication, and an authentication means safer than the internet bank is provided, wherein the identity authentication means comprises the following steps: radius, LDAP, CA, user name and password.

And binding the master account and the slave account, namely forcibly binding the application system account and the SSL VPN account to enhance the use safety of the application system account and ensure that each user can only log in the system by using the specified application system account.

Client security policy, admission: the client side can access the intranet if having corresponding safety environment requirements, so that potential safety hazards are prevented; authorization: and granting access rights of different service systems according to different security levels (strategies) of the client, and ensuring the access security. Checking before logging in to prevent potential safety hazards; check after logging in to avoid unsafe factors.

Sandboxing — secure desktop, sandbox (sandbox) -better protects confidential data; after the sandbox is enabled, a secure desktop logically isolated from the client operating system is generated when the corresponding resource is accessed on the terminal. A safe desktop: disabling network data exchanges, disabling local data exchanges, disabling the use of peripheral copies, clearing data and operations.

The fastest SSL VPN, the HTTP fast transport protocol, which is a UDP based reliable transport protocol, improves TCP transport efficiency by improving congestion control algorithms and increasing window size. The problems of packet loss and time delay existing in the network are effectively solved, and the transmission speed when the GPRS, CDMA, WIFI and other modes are accessed is greatly improved.

The method comprises the steps of intelligently selecting multiple lines, preferentially selecting lines with high speed to establish a VPN tunnel, achieving an intelligent routing function only by an SSL VPN gateway under a pure WEB version, and if the function is not achieved, being incapable of using the multiple line function under the environment that plug-ins (such as a PDA and a future wireless terminal) cannot be installed.

And resource load balancing, namely, the load balancing access of resources is ensured through a load balancing algorithm, an access server is dynamically selected, and the access efficiency is improved.

Web optimization, aiming at the problems of maladjustment of proportion and low access speed when a Web page is accessed by using a PDA and other mobile terminals; the optimization processing of the pictures is realized through the picture filtering, reducing and fuzzifying strategies, and the experience of users with different WEB resources and different network environments in accessing the WEB resources is improved.

And (4) stream caching, wherein after the stream caching is started, a hard disk space is automatically opened up locally by the client terminal to serve as a cache region. The stream cache can improve the remote access rate and improve the business office efficiency; the flow cache can reduce the repeated flow of the client, and has high value for the mobile access terminal which charges according to the flow.

And single sign-on supports the single sign-on function of B/S application and C/S application. The trouble caused by manually inputting a large number of passwords is saved, and various application systems are automatically logged in.

The system tray needs to be online for a long time for the SSL VPN as an office tool, but the SSL VPN is closed due to possible misoperation, and the service is influenced; a system tray is provided, minimizing task bars, preventing malfunction and shutting down SSL VPN.

And (4) carrying out hierarchical and sub-right management, carrying out hierarchical management by up to 16 levels of administrators, and checking and configuring the distribution of rights.

Flow management, which limits uplink and downlink bandwidth based on users and user groups and can be used as session limitation; the access effect of the client is ensured, and the bandwidth is prevented from being occupied maliciously.

Clustering, namely ensuring high availability stability and supporting 200+ site asymmetric clusters; performance is smoothly expanded; the cluster owner mode of operation ensures stability.

And the system bypass prevention module is used for deploying equipment with operation and maintenance behavior bypass prevention capability in a bypass manner if necessary, realizing the compliance audit facing the background operation and maintenance operation, and monitoring and alarming the illegal access behavior which does not pass through the operation and maintenance safety management and control system.

The invention audits the whole operation process of the operation and maintenance personnel, and audits all the operation processes of the operation and maintenance personnel, including command audit and video playback, and can quickly trace the source after an event occurs. Operation and maintenance operation high-risk command management and control, the system can manage and control the high-risk command in the operation and maintenance process, management and control strategies include session interruption, secondary approval, command invalidation and the like, and risks caused by high-risk operation of low-authority personnel are effectively avoided. And the document downloading function is controlled, the downloading of data to a terminal computer is prevented in the operation and maintenance downloading scene, the data is forcedly downloaded to a personal folder, and sensitive data files are prevented from being leaked out at the terminal. The documents have the watermark function in the operation and maintenance process, and the document watermark technology effectively prevents operation and maintenance personnel from shooting and recording operation and maintenance sensitive data and enhances the traceability of behaviors. And the operation and maintenance sensitive data is subjected to real-time dynamic desensitization, the dynamic real-time desensitization of operation and maintenance operation is realized, and different databases and tables are operated by different personnel to perform dynamic real-time desensitization. The system is in seamless butt joint with the CA in the tobacco industry, the system realizes butt joint with the CA in the tobacco industry, and the system logs in a code scanning mode through the CA client of the mobile phone, so that the uniqueness of logging in system personnel is ensured; the system can be in butt joint with the machine room video real-time monitoring system, and the system can display the alarm information of the machine room real-time monitoring system.

So far, the technical solutions of the present invention have been described in connection with the preferred embodiments shown in the drawings, but it is apparent to those skilled in the art that the scope of the present invention is not limited to these specific embodiments. Equivalent changes or substitutions of related technical features can be made by those skilled in the art without departing from the principle of the invention, and the technical scheme after the changes or substitutions can fall into the protection scope of the invention.

The above description is only a preferred embodiment of the present invention and is not intended to limit the present invention; various modifications and alterations to this invention will become apparent to those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims

1. A safe double-control management platform for machine room hosting management comprises an operation, maintenance and data safety management and control system, and is characterized in that the operation, maintenance and data safety management and control system comprises:

the data security control module is respectively connected with the authority management module and the operation and maintenance auditing module and is used for performing security control on the data accessed by the user according to the user authority and the auditing result;

the data security management and control module comprises an identification unit used for identifying sensitive data and a desensitization unit used for desensitizing the sensitive data identified by the identification unit;

the authorization management unit acquires user account information in the account management unit when authorizing the user, and determines the authority level of the user according to the user account information, and the authorization management unit determines the limit level of the user for accessing the enterprise database according to the user level;

the monitoring unit monitors the process that a user accesses an enterprise database through a security decision system, and comprises the steps of monitoring the number Q of data types accessed by the user at a single time, the data amount U of each data type accessed by the user, the proportion B of sensitive data in the data amount accessed by the user and the number C of attempts of accessing data which are not in accordance with the user grade, and the analysis and judgment unit determines the monitoring strength on the user according to the comparison result of the number Q of the data types and the number Q0 of the preset data types;

when the analysis and judgment unit determines the monitoring force to the user according to the comparison result of the data type quantity Q and the preset data type quantity Q0, the monitoring unit is provided with a first monitoring force value W1 and a second monitoring force value W2, wherein W1 is smaller than W2,

if Q is larger than Q0, the monitoring unit sets the monitoring force on the user as a first monitoring force value W2;

the analysis and judgment unit is also used for comparing the data volume U of each monitored data type with a preset data volume U0 and determining whether to adjust the monitoring strength of the user according to the comparison result,

if U is larger than U0, the analysis and judgment unit judges that the monitoring strength value of the user is adjusted;

the analysis and judgment unit is also used for respectively comparing the data proportion B with a preset data proportion B0 and comparing the trial times C with a preset trial time C0 when the sensitive data proportion B in the user access data volume and the trial times C of accessing data which do not conform to the user authority level are obtained, and judging whether the access process of the user is in compliance according to the comparison result,

if B > B0 and C > C0, the analysis and determination unit determines that the access process of the user is compliant;

when the analysis and judgment unit judges that the user access process is not in compliance, the qualification rate P of the user access process is calculated, P = B/B0+ C/C0 is set, the qualification rate P is compared with a preset qualification rate, the monitoring strength value of the user access process is corrected according to the comparison result, and the user authority level is degraded or the user access is prohibited;

when the analysis and judgment unit judges that the user monitoring force is corrected, the monitoring unit calculates a first qualified rate difference value delta Pa between the qualified rate P and a first preset qualified rate P1, sets delta Pa = P-P1, and selects a corresponding correction coefficient according to a comparison result of the qualified rate difference value and a preset qualified rate difference value to correct the monitoring force value;

the authorization management unit is further used for setting z =1,2,3 when the prohibited duration for prohibiting the user from accessing the enterprise database is set to be tz, obtaining the compliance times F of the user in historical access to the enterprise database, comparing the compliance times F with the preset compliance times F0, if F is less than or equal to F0, judging that the prohibited duration is not adjusted by the authorization management unit, and if F is greater than F0, judging that the prohibited duration is adjusted by the authorization management unit;

the authorization management unit is further configured to calculate a time difference Δ F between the compliance time F and a preset compliance time F0, set Δ F = F-F0, and select a corresponding time adjustment coefficient according to a comparison result of the time difference and the preset time difference to adjust the prohibited time length when determining to adjust the prohibited time length.

2. The platform of claim 1, wherein the monitoring unit is further configured to calculate a data amount difference Δ U between the data amount U of the data type and a preset data amount U0, set Δ U = U-U0, and select a corresponding adjustment coefficient to adjust the monitoring strength value according to a comparison result between the data amount difference and the preset data amount difference when the analyzing and determining unit determines to adjust the monitoring strength value of the user,

3. The platform of claim 2, wherein the analysis and determination unit further comprises a first predetermined pass rate P1, a second predetermined pass rate P2, and a third predetermined pass rate P3, P1 > P2 > P3,

4. The platform of claim 3, wherein the monitoring unit further comprises a first predetermined yield difference Δ P1, a second predetermined yield difference Δ P2, a third predetermined yield difference Δ P3, a first force correction coefficient X1, a second force correction coefficient X2, and a third force correction coefficient X3, wherein Δ P1 < Δ P2 < Δ P3, and 1 < X2 < X3 < 1.5 are set,

5. The platform of claim 4, wherein the authorization management unit is further configured to calculate a second difference Δ Pb between the pass rate P and a third predetermined pass rate P3, set Δ Pb = P-P3, and determine the prohibited duration according to a comparison result between the second difference Δ Pb and the predetermined difference Δ Pb,

6. The dual security management platform for hosting and managing a computer room of claim 5, wherein the authorization management unit further comprises a first predetermined number of times difference Δ F1, a second predetermined number of times difference Δ F2, a third predetermined number of times difference Δ F3, a first time length adjustment coefficient R1, a second time length adjustment coefficient R2, and a third time length adjustment coefficient R3, wherein Δ F1 < Δ F2 < Δ F3,1 < R2 < R3 < 2,

when delta F is less than or equal to delta F1, the authorization management unit selects a first time length adjustment coefficient R1 to adjust the forbidden time length;

when delta F1 is larger than delta F and is smaller than or equal to delta F2, the authorization management unit selects a second time length adjusting coefficient R2 to adjust the forbidden time length;

when delta F2 is larger than delta F and is smaller than or equal to delta F3, the authorization management unit selects a third time length adjusting coefficient R3 to adjust the forbidden time length;

7. The secure dual-control management platform for machine room hosting management of claim 6, further comprising an intelligent concierge system to authorize personnel, system alarms, designate time periods for entering a machine room, and store video surveillance; and the monitoring system is used for monitoring the action track of the personnel entering the machine room.