Deep profile data leakage prevention scheme

One 、 Preface

• Various embedded R & D and platform software R & D industries , Each has its own core data and core documents , User data and other sensitive information , These information data have the following commonalities ：

– It belongs to the core confidential information , In case of leakage, it will have a bad impact on

– There are many types of core data , Source code data , Employees have high computer skills

– A lot of data is in the business system , It's not a document

• If you don't control , Designers and users can easily copy the data through various ways , Cause leakage .

Two 、 Common ways of disclosure

• Because R & D personnel are more proficient in computers than ordinary office personnel , In addition to the common network , mail ,U disc ,QQ And other data diffusion methods , There are many other methods that are very easy for developers （ Not listed completely ）：

• Physical method ：

– Network cable direct connection , Unplug the network cable from the wall , Then connect directly to an uncontrolled computer ;

–winPE start-up , Via CD or U Discoid winPE start-up , Even directly ISO The image starts .

– virtual machine , Through installation VMWare virtual machine , Use peripherals in the virtual machine U disc , The Internet .

– Other uncontrolled computers , That is, copy the data to other uncontrolled computers in the network , transit

– Upload online , By building an upload server on the public network , Bypass Internet Behavior Management

• Data distortion ：

– Write a console program , Print the code to DOS On the console, and then save the screen information as ;

– Write the code to Log Log file , Or write code to shared memory , Then another program reads away .

– Write interprocess communication program , Pass the code through socket, news ,LPC,COM,mutex, Shear plate , Pipeline and other interprocess communication methods , Transfer to send the data ;

– adopt IIS/Tomcat etc. web The parser transfers , Publish the code data as a web page , Then browse the browser and save as , Or just write txt box , Copy all the code during initialization ;

• Peripheral transfer

– For embedded development scenarios , You can use the serial port ,U mouth , The network port burns the code to the equipment and leaks the secret

3、 ... and 、SDC Sandbox data anti disclosure system

• Shenxinda SDC Sandbox data anti disclosure system , It is a system specially for anti disclosure protection of sensitive data , Realize code level protection of data , Will not affect work efficiency , Does not affect normal use . All sensitive information and files are automatically encrypted , So as to obtain effective range control , Prevent leaks .

Sandbox data anti disclosure system , The system architecture is as follows ：

• The management end ： System control center , Strategic management

• Confidential end ： Source code and design document version management server , There can be multiple sets

• Outgoing audit server ( Optional ): Sending out classified documents , Email review

• client ： Leak proof terminal , There can be multiple sets . All terminal source code , All documents are encrypted transparently

3、 ... and 、SDC Introduction to the main functions of sandbox data anti disclosure system

• All confidential data of the client is automatically encrypted

– The client from SVN Wait for the server to download the code , Documents, etc. can only be carried out in the sandbox , All file formats in the sandbox , All files read and written by software are automatically encrypted , Do not distinguish between file formats , It does not affect the normal development and debugging .

– The confidential data of the terminal cannot pass U disc , mail , Network communication , Chat tool , Disc burning , Hard disk extraction and other disclosure methods .

– Data can be source code 、 file 、 Drawing 、 Database etc. ..

• Safely isolate the Internet

– This function module is provided for customers who need to go to the Internet to find information in secret related status .

– In a classified state , Through this module , You can find information on the Internet normally ,QQ,GoogleTalk Etc. available ,Web Mail available . But because it is isolated from the secret related state , Can't get in , therefore

• You can't copy and paste the contents of confidential documents

• You can't put classified documents QQ Or email or website upload .

• Unable to get QQ Screenshots, etc. send the secret related screen .

•anywork Zero trust

•anywork The zero trust function is SDC Internal and external network access control module of sandbox anti disclosure system . It's through anywork gateway , Control Internet access , In the absence of VPN Under the circumstances , The Internet client can use anywork The gateway accesses the intranet confidential server .

​

Edit switch to center

Add picture comments , No more than 140 word （ Optional ）

​

• Smart port

• The intelligent port filtering function is SDC Peripheral control module of sandbox anti leak system . The way is through software , Control peripheral access , Filter outgoing data files , And the server records and traces the passed data .

​

​

edit

Add picture comments , No more than 140 word （ Optional ）

​ key word ： Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption , Source code encryption , Source code anti disclosure , Source code leakage prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , The source code is confidential , Data leakage prevention , Source code security management , Enterprise data security management , Terminal data leakage prevention , Server data leakage prevention , Anti leakage of operation and maintenance data , Document encryption , Encryption of drawings , Environment encryption . Source code encryption , Operation and maintenance data security , Server data leakage prevention , How to choose encryption software , Enterprise source code encryption , Enterprise code protection , Enterprise source code leak proof , Database leak prevention , Source code encryption software , Data leakage prevention solution , Enterprise data security management , Serial port control , Burn control , Source code protection , Server security , Source code encryption system , Research and development data security

Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption , Source code encryption , Source code anti disclosure , Source code leakage prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , The source code is confidential , Data leakage prevention , Source code security management , Enterprise data security management , Terminal data leakage prevention , Server data leakage prevention , Anti leakage of operation and maintenance data , Document encryption , Encryption of drawings , Environment encryption . Source code encryption , Operation and maintenance data security , Server data leakage prevention , How to choose encryption software , Enterprise source code encryption , Enterprise code protection , Enterprise source code leak proof , Database leak prevention , Source code encryption software , Data leakage prevention solution , Enterprise data security management , Serial port control , Burn control , Source code protection , Server security , Source code encryption system , Research and development data security

Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption , Source code encryption , Source code anti disclosure , Source code leakage prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , The source code is confidential , Data leakage prevention , Source code security management , Enterprise data security management , Terminal data leakage prevention , Server data leakage prevention , Anti leakage of operation and maintenance data , Document encryption , Encryption of drawings , Environment encryption . Source code encryption , Operation and maintenance data security , Server data leakage prevention , How to choose encryption software , Enterprise source code encryption , Enterprise code protection , Enterprise source code leak proof , Database leak prevention , Source code encryption software , Data leakage prevention solution , Enterprise data security management , Serial port control , Burn control , Source code protection , Server security , Source code encryption system , Research and development data security