WO2023035938A1

WO2023035938A1 - Method for executing robot script and related device

Info

Publication number: WO2023035938A1
Application number: PCT/CN2022/114356
Authority: WO
Inventors: 姚鲁智; 李渤; 张勇; 郑圣东
Original assignee: Huawei Technologies Co Ltd
Current assignee: Huawei Technologies Co Ltd
Priority date: 2021-09-09
Filing date: 2022-08-23
Publication date: 2023-03-16
Anticipated expiration: 2024-03-09
Also published as: CN115774581A

Abstract

The present application discloses a method for executing a robot script and a related device, said method comprising: acquiring a target robot script from an RPA management center; when target sensitive information must be used to execute the target robot script, sending a sensitive information acquisition request to the RPA management center, the sensitive information acquisition request being used to request to acquire target sensitive information from the RPA management center, the sensitive information acquisition request carrying relevant information of the target robot script, the relevant information of the target robot script comprising a target actuator identifier and/or a target control identifier, the target executor identifier being used to indicate an RPA actuator that executes the target robot script, and the target control identifier being used to indicate a control that must use the target sensitive information; and if a first response message that carries the target sensitive information and is sent by the RPA management center is received, processing the target robot script according to the target sensitive information. By employing the embodiments of the present application, the risk of sensitive information being leaked can be reduced.

Description

Method and related device for executing robot script

本申请要求于2021年9月9日提交中国国家知识产权局、申请号为202111060121.1、发明名称为“执行机器人脚本方法及相关装置”的中国专利申请的优先权，其全部内容通过引用结合在本申请中。This application claims the priority of the Chinese patent application with the application number 202111060121.1 and the title of the invention "Method for Executing Robotic Scripts and Related Devices" filed with the State Intellectual Property Office of China on September 9, 2021, the entire contents of which are incorporated herein by reference Applying.

technical field

本申请涉及计算机程序领域，尤其涉及一种执行机器人脚本方法及相关装置。The present application relates to the field of computer programs, in particular to a method for executing robot scripts and related devices.

Background technique

机器人流程自动化(robot process automation，RPA)系统是一种应用程序，它通过软件技术模仿最终用户在电脑的手动操作，实现软件对人工手工操作的替代，帮助企业实现流程自动化，提升企业运作效率。Robot process automation (robot process automation, RPA) system is an application program, which imitates the manual operation of the end user on the computer through software technology, realizes the replacement of manual operation by software, helps enterprises realize process automation, and improves enterprise operation efficiency.

图1示意出了一个典型的RPA系统。如图1所示，该RPA系统包括RPA管理中心、RPA执行器和目标系统。RPA管理中心作为RPA系统的控制中枢，提供机器人脚本管理、执行器管理、任务管理、参数管理等功能，作为RPA整个系统的控制中心负责任务调度、参数管理、执行器纳管等职责。RPA执行器作为RPA的执行端提供针对目标系统的自动操作能力，执行器通常支持对浏览器、客户端软件界面、网络接口的操作与调用，RPA执行器受RAP管理中心的控制与调度，实际应用时RPA执行器可能部署多台，并通常以集群的方式工作和运行，以实现对大规模人工操作的替代。除此之外通常还有RPA设计器提供RPA机器人脚本的编排、调试和发布能力，用户通过RPA设计器完成面向外部系统的操作自动化脚本，比如在财务领域中可以通过RPA设计器编排“自动报销机器人脚本”，该脚本可以实现自动创建报销申请的目的，完成包括通过浏览器打开报销系统、输入账号和密码登录报销系统、创建报销申请并提交等一系列动作的自动化。Figure 1 shows a typical RPA system. As shown in Figure 1, the RPA system includes an RPA management center, an RPA actuator and a target system. As the control center of the RPA system, the RPA management center provides functions such as robot script management, actuator management, task management, and parameter management. As the control center of the entire RPA system, it is responsible for task scheduling, parameter management, and actuator management. As the execution end of RPA, the RPA executor provides the automatic operation capability for the target system. The executor usually supports the operation and calling of the browser, client software interface, and network interface. The RPA executor is controlled and scheduled by the RAP management center. When applied, multiple RPA executors may be deployed, and usually work and run in clusters to replace large-scale manual operations. In addition, the RPA designer usually provides the ability to arrange, debug and publish RPA robot scripts. Users can complete the operation automation scripts for external systems through the RPA designer. For example, in the financial field, the RPA designer can be used to arrange "automatic reimbursement". Robot Script", which can realize the purpose of automatically creating reimbursement applications, and complete the automation of a series of actions including opening the reimbursement system through a browser, entering the account number and password to log in to the reimbursement system, creating and submitting reimbursement applications.

RPA系统目前广泛应用于财务、政务、电信等多个领域，通过对重复的人工操作的替代，RPA极大的提升了企业的运转效率。RPA系统在使用过程中经常涉及对目标系统的自动化操作，这时往往需要在RPA系统中录入RPA执行所需的账号、密码等敏感数据，以便RPA执行器在需要时可以基于这些敏感信息自动登录并完成对指定目标系统的自动化操作，针对这些敏感信息的安全防护是企业在应用RPA系统时核心顾虑之一，用户普遍担心提供给RPA系统使用的账号和密码信息是否存在泄露等问题，这是亟待解决的问题。RPA systems are currently widely used in many fields such as finance, government affairs, and telecommunications. By replacing repetitive manual operations, RPA has greatly improved the operating efficiency of enterprises. The RPA system often involves automatic operation of the target system during use. At this time, it is often necessary to enter sensitive data such as accounts and passwords required for RPA execution in the RPA system, so that the RPA executor can automatically log in based on these sensitive information when needed. And complete the automatic operation of the designated target system. The security protection of these sensitive information is one of the core concerns of enterprises when applying RPA systems. Users generally worry about whether the account and password information provided to the RPA system is leaked. This is Problems to be solved.

发明内容Contents of the invention

本申请实施例提供一种执行机器人脚本方法及相关装置，采用本申请实施例可以降低敏感信息被泄露的风险。Embodiments of the present application provide a method for executing robot scripts and related devices, and the risk of sensitive information being leaked can be reduced by using the embodiments of the present application.

第一方面，本申请实施例提供一种执行机器人脚本方法，包括：In the first aspect, the embodiment of the present application provides a method for executing a robot script, including:

从RPA管理中心获取目标机器人脚本；在执行目标机器人脚本需要使用目标敏感信息时，向RPA管理中心发送敏感信息获取请求，该敏感信息获取请求用于请求从RPA管理中心中获取目标敏感信息；该敏感信息获取请求携带目标机器人脚本的相关信息，目标机器人脚本的相关信息包括目标执行器标识和/或目标控件标识；该目标执行器标识用于指示执行目标机器人脚本的RPA执行器，目标控件标识用于指示需要使用目标敏感信息的控件；接收RPA 管理中心发送的用于响应敏感信息获取请求的第一响应消息，其中，第一响应消息携带目标敏感信息；根据目标敏感信息处理目标机器人脚本。Obtain the target robot script from the RPA management center; when executing the target robot script needs to use target sensitive information, send a sensitive information acquisition request to the RPA management center, and the sensitive information acquisition request is used to request to obtain target sensitive information from the RPA management center; The sensitive information acquisition request carries relevant information of the target robot script, and the relevant information of the target robot script includes the target executor ID and/or the target control ID; the target executor ID is used to indicate the RPA executor that executes the target robot script, and the target control ID A control for indicating that target sensitive information needs to be used; receiving a first response message sent by the RPA management center in response to the sensitive information acquisition request, wherein the first response message carries target sensitive information; and processing the target robot script according to the target sensitive information.

在此需要指出的是，在RPA执行器使用完目标敏感信息后，删除该目标敏感信息。It should be pointed out here that after the RPA executor finishes using the target sensitive information, the target sensitive information is deleted.

RPA执行器在需要使用目标敏感信息时，向RPA管理中心发送RPA执行器标识和/或控件标识，RPA管理中心通过RPA执行器标识和/或控件标识进行验证；若验证通过则向RPA执行器发送目标敏感信息，通过在RPA执行器和/或控件维度进行验证，限制了敏感信息的使用范围，使得针对其他RPA执行器和/或其他控件的场景，无法获取敏感信息，避免了敏感信息的泄露。When the RPA executor needs to use target sensitive information, it sends the RPA executor ID and/or control ID to the RPA management center, and the RPA management center verifies through the RPA executor ID and/or control ID; Send target sensitive information, and through verification in the dimension of RPA actuators and/or controls, the scope of use of sensitive information is limited, making it impossible to obtain sensitive information in scenarios targeting other RPA actuators and/or other controls, and avoiding sensitive information. Give way.

在一个可选的实施例中，目标机器人脚本的相关信息还包括目标敏感信息标识、目标机器人脚本标识、和/或目标用户标识；In an optional embodiment, the relevant information of the target robot script further includes a target sensitive information identifier, a target robot script identifier, and/or a target user identifier;

其中，目标敏感信息标识用于指示目标敏感信息，目标机器人脚本标识用于指示目标机器人脚本，目标用户标识用于指示需要完成目标机器人脚本对应任务的用户。Wherein, the target sensitive information identifier is used to indicate the target sensitive information, the target robot script identifier is used to indicate the target robot script, and the target user identifier is used to indicate the user who needs to complete the task corresponding to the target robot script.

通过引入目标敏感信息标识、目标机器人脚本标识和目标用户标识中的部分或者全部，提高了验证的门槛，进一步限定的敏感信息的使用范围，从而进一步降低了敏感信息被泄漏的风险。By introducing part or all of target sensitive information identification, target robot script identification and target user identification, the verification threshold is raised, and the scope of use of sensitive information is further limited, thereby further reducing the risk of sensitive information being leaked.

在一个可选的实施例中，目标控件为目标文本框，根据目标敏感信息处理目标机器人脚本，包括：In an optional embodiment, the target control is a target text box, and the target robot script is processed according to target sensitive information, including:

当目标文本框不为明文框时，将目标敏感信息输入到目标文本框中，以便继续处理目标机器人脚本；当目标文本框为明文框时，结束目标机器人脚本的执行。When the target text box is not a plain text box, input the target sensitive information into the target text box so as to continue processing the target robot script; when the target text box is a plain text box, end the execution of the target robot script.

通过在将目标敏感信息输入到目标文本框之前，先判断目标文本框是否不为明文框，在目标文本框不是明文框时，才将目标敏感信息输入到目标文本框，避免了将目标敏感信息输入到明文框而导致敏感信息的泄露。By judging whether the target text box is not a plain text box before inputting the target sensitive information into the target text box, and only inputting the target sensitive information into the target text box when the target text box is not a plain text box, avoiding the target sensitive information Entering into a clear text box results in the disclosure of sensitive information.

在此需要指出的是，目标控件不限于输入框，还可以为其他控件，比如网页、或者办公软件，例如word，ppt或者Excel等。It should be pointed out here that the target control is not limited to the input box, and can also be other controls, such as web pages, or office software, such as word, ppt or Excel.

在一个可选的实施例中，将目标敏感信息输入到目标文本框，以便继续处理目标机器人脚本，包括：In an optional embodiment, entering target sensitive information into the target text box in order to continue processing the target robot script includes:

对目标敏感信息进行分片，以得到M个敏感信息片段，M为大于1的整数；将M个敏感信息片段依次输入到目标文本框中，在目标文本框中输入第i个敏感信息片段之后，若输入到目标文本框中的敏感信息片段是以密文方式输入的，则继续在目标文本框中输入第i+1个敏感信息片段，直至目标敏感信息全部输入到目标文本框中，以便继续执行目标机器人脚本；i为大于0且小于M-1的整数；若输入到目标文本框中的敏感信息片段是否是以明文方式输入的，则向RPA管理中心上报疑似敏感信息泄露预警事件，并结束目标机器人脚本的执行。Fragment the target sensitive information to obtain M sensitive information fragments, M is an integer greater than 1; input the M sensitive information fragments into the target text box in turn, after inputting the i-th sensitive information fragment in the target text box , if the sensitive information segment input into the target text box is input in cipher text, then continue to input the i+1th sensitive information segment in the target text box until all the target sensitive information is input into the target text box, so that Continue to execute the target robot script; i is an integer greater than 0 and less than M-1; if the sensitive information segment input into the target text box is entered in plain text, report the suspected sensitive information leakage warning event to the RPA management center, and end the execution of the target robot script.

在此需要指出是，在目标文本框中每输入一个或多个敏感信息片段后，就执行一次判断输入到目标文本框中的敏感信息片段是否以密文方式输入的操作。It should be pointed out here that, after inputting one or more pieces of sensitive information in the target text box, an operation of judging whether the pieces of sensitive information input in the target text box are input in ciphertext is performed once.

在一个可选的实施例中，本申请的方法还包括：In an optional embodiment, the method of the present application also includes:

通过预设方式从目标文本框中获取输入的数据；若未获取到数据或者获取到的数据为预设字符，则确定输入到目标文本框中的敏感信息片段是以密文方式输入的；若获取到数据或者获取到的数据不为预设字符，则确定输入到目标文本框中的敏感信息片段是以明文方式输入的；Obtain the input data from the target text box in a preset manner; if no data is obtained or the obtained data is a preset character, then it is determined that the sensitive information segment input into the target text box is entered in ciphertext; if If the data is obtained or the obtained data is not a preset character, it is determined that the sensitive information segment entered into the target text box is entered in plain text;

其中，预设方式包括：Among them, the preset methods include:

通过调用控件接口从目标文本框中获取已输入的敏感信息片段，或者，Obtain the entered sensitive information fragment from the target text box by calling the control interface, or,

通过输入针对目标文本框的复制指令，以从目标文本框中获取已输入的敏感信息片段；或者，Retrieve the entered piece of sensitive information from the target text box by entering a copy command for the target text box; or,

通过对目标文本框进行截图，以得到目标文本框截图；对目标文本框的截图进行文字识别，以从目标文本框中获取已输入的敏感信息片段。A screenshot of the target text box is obtained to obtain a screenshot of the target text box; text recognition is performed on the screenshot of the target text box to obtain input sensitive information fragments from the target text box.

通过对输入到目标文本框中的敏感信息的输入方式进行判断，可以进一步避免敏感信息是以明文方式输入时而导致敏感信息的泄露。并且将敏感信息是以分片方式输入到目标文本框的，在确定敏感信息可能被泄漏时，由于泄漏的信息只是敏感信息的一部分，从而也避免了敏感信息被完全泄漏。By judging the input method of the sensitive information input into the target text box, it is possible to further avoid leakage of the sensitive information when the sensitive information is input in plain text. And the sensitive information is input into the target text box in pieces, and when it is determined that the sensitive information may be leaked, since the leaked information is only a part of the sensitive information, the complete leak of the sensitive information is also avoided.

接收到RPA管理中心发送的用于响应敏感信息获取请求的第二响应消息，结束目标机器人脚本的执行；Receive the second response message sent by the RPA management center for responding to the sensitive information acquisition request, and end the execution of the target robot script;

其中，第二响应消息携带第一标识，第一标识用于指示获取目标敏感信息失败，或者第二响应消息未携带目标敏感信息。Wherein, the second response message carries the first identifier, and the first identifier is used to indicate that the acquisition of the target sensitive information fails, or the second response message does not carry the target sensitive information.

第二方面，本申请实施例提供一种执行机器人脚本方法，包括：In a second aspect, an embodiment of the present application provides a method for executing a robot script, including:

接收RPA执行器发送的敏感信息获取请求，该敏感信息获取请求用于请求获取目标敏感信息，该敏感信息获取请求携带目标机器人脚本的相关信息，该目标机器人脚本的相关信息包括目标执行器标识和/或目标控件标识；目标执行器标识用于指示执行目标机器人脚本的执行器，目标控件标识用于指示需要使用目标敏感信息的控件；根据目标执行器标识和/或目标控件标识向RPA执行器发送第一响应消息，其中，第一响应消息携带目标敏感信息。Receive the sensitive information acquisition request sent by the RPA executor, the sensitive information acquisition request is used to request the acquisition of target sensitive information, the sensitive information acquisition request carries the relevant information of the target robot script, and the relevant information of the target robot script includes the target executor ID and /or target control identification; the target executor identification is used to indicate the executor that executes the target robot script, and the target control identification is used to indicate the control that needs to use target sensitive information; according to the target executor identification and/or target control identification to the RPA executor Sending a first response message, where the first response message carries target sensitive information.

在一个可选的实施例中，根据目标执行器标识和/或目标控件标识向RPA执行器发送第一响应消息，包括：In an optional embodiment, sending the first response message to the RPA executor according to the target executor identifier and/or the target control identifier includes:

根据目标机器人标识和/或目标控件标识遍历访问授权矩阵，其中，访问授权矩阵包括多个机器人脚本的相关信息，多个机器人脚本的相关信息中的任一机器人脚本S的相关信息包括第一执行器标识和/或第一控件标识；第一执行器标识用于指示执行机器人脚本S的执行器，第一控件标识用于指示需要使用第一敏感信息的控件；The access authorization matrix is traversed according to the target robot ID and/or the target control ID, wherein the access authorization matrix includes related information of a plurality of robot scripts, and the related information of any robot script S in the related information of the plurality of robot scripts includes the first execution executor identifier and/or first control identifier; the first executor identifier is used to indicate the executor that executes the robot script S, and the first control identifier is used to indicate the control that needs to use the first sensitive information;

若在访问授权矩阵遍历到第二执行器标识和/或第二控件标识，向RPA执行器发送第一响应消息；其中，第二执行器标识为访问授权矩阵的第一执行器标识中与目标执行器标识相同的标识，第二控件标识为访问授权矩阵的第一控件标识中与目标控件标识相同的标识，目标敏感信息为第二控件标识指示的控件需要使用的敏感信息。If the access authorization matrix traverses to the second executor ID and/or the second control ID, send the first response message to the RPA executor; wherein, the second executor ID is the same as the target in the first executor ID of the access authorization matrix The actuator ID is the same ID, the second control ID is the same ID as the target control ID in the first control ID of the access authorization matrix, and the target sensitive information is the sensitive information that needs to be used by the control indicated by the second control ID.

若在访问授权矩阵中未遍历到第二执行器标识和/或第二控件标识，向RPA执行器发送第二响应消息；其中，第二响应消息携带第一标识，该第一标识用于指示获取目标敏感信息失败，或者第二响应消息未携带目标敏感信息。If the second executor identifier and/or the second control identifier are not traversed in the access authorization matrix, a second response message is sent to the RPA executor; wherein, the second response message carries a first identifier, which is used to indicate Failed to obtain target sensitive information, or the second response message does not carry target sensitive information.

将RPA执行器标识和/或控件标识与访问授权矩阵中的执行器标识和控件标识进行匹配；若匹配到，则向RPA执行器发送敏感信息，以授权RPA执行器或者RPA执行器中的控件使用，避免了其他控件或者其他执行器在无授权的情况下使用敏感信息。Match the RPA actuator ID and/or control ID with the actuator ID and control ID in the access authorization matrix; if matched, send sensitive information to the RPA actuator to authorize the RPA actuator or the control in the RPA actuator Use to prevent other controls or other actuators from using sensitive information without authorization.

接收RPA执行器上报的疑似敏感信息泄露预警事件；记录疑似敏感信息泄露预警事件；向管理员发送告警信息，以提醒管理员修改对应的敏感信息。Receive the suspected sensitive information leakage early warning events reported by the RPA actuator; record the suspected sensitive information leakage early warning events; send alarm information to the administrator to remind the administrator to modify the corresponding sensitive information.

在接收到疑似敏感信息泄露预警事件后，为了避免敏感信息因泄露而被滥用，RPA管理中心会提醒管理员修改对应的敏感信息；记录疑似敏感信息泄露预警事件可以方便管理员查询。After receiving an early warning event of suspected sensitive information leakage, in order to avoid misuse of sensitive information due to leakage, the RPA management center will remind the administrator to modify the corresponding sensitive information; recording the early warning event of suspected sensitive information leakage can facilitate the administrator's query.

在此需要指出的是，记录疑似敏感信息泄露预警事件和向管理员发送告警信息的执行顺序不分先后，可以是先执行记录疑似敏感信息泄露预警事件，后执行向管理员发送告警信息；也可以是先执行向管理员发送告警信息，后执行记录疑似敏感信息泄露预警事件；也可以是两者同时被执行。What needs to be pointed out here is that the order of recording the early warning event of suspected sensitive information leakage and sending the warning information to the administrator is in no particular order. It can be executed first to record the early warning event of suspected sensitive information leakage, and then to send the warning information to the administrator; It can be executed first to send warning information to the administrator, and then to record the suspected sensitive information leakage warning event; or both can be executed at the same time.

在一个可选的实施例中，目标机器人脚本的相关信息还包括目标敏感信息标识、目标机器人脚本标识和/或目标用户标识；In an optional embodiment, the relevant information of the target robot script further includes a target sensitive information identifier, a target robot script identifier and/or a target user identifier;

构建访问授权矩阵，该访问授权矩阵包含多个机器人脚本的相关信息；机器人脚本S的相关信息还包括第一敏感信息标识、第一机器人脚本标识、和/或第一用户标识；Constructing an access authorization matrix, the access authorization matrix includes related information of a plurality of robot scripts; the related information of the robot script S also includes a first sensitive information identifier, a first robot script identifier, and/or a first user identifier;

其中，第一敏感信息标识用于指示第一敏感信息，第一机器人脚本标识用于指示机器人脚本S，第一用户标识用于指示需要完成机器人脚本S对应任务的用户。Wherein, the first sensitive information identifier is used to indicate the first sensitive information, the first robot script identifier is used to indicate the robot script S, and the first user identifier is used to indicate the user who needs to complete the task corresponding to the robot script S.

在此需要指出的是，通过进一步引入敏感信息标识、机器人脚本标识和用户标识中的部分或者全部，可以限定了敏感信息的使用范围，进而降低了敏感信息被泄漏的风险。It should be pointed out here that by further introducing some or all of the sensitive information identifier, robot script identifier and user identifier, the scope of use of sensitive information can be limited, thereby reducing the risk of sensitive information being leaked.

第三方面，本申请实施例提供一种RPA执行器，包括：In the third aspect, the embodiment of the present application provides an RPA actuator, including:

获取单元，用于从RPA管理中心获取目标机器人脚本；The acquisition unit is used to acquire the target robot script from the RPA management center;

收发单元，用于在执行目标机器人脚本需要使用目标敏感信息时，向RPA管理中心发送敏感信息获取请求，敏感信息获取请求用于请求从RPA管理中心中获取目标敏感信息；敏感信息获取请求携带目标机器人脚本的相关信息，目标机器人脚本的相关信息包括目标执行器标识和/或目标控件标识；目标执行器标识用于指示执行目标机器人脚本的RPA执行器，目标控件标识用于指示需要使用目标敏感信息的控件；接收所述RPA管理中心发送的用于响应所述敏感信息获取请求的第一响应消息，其中，所述第一响应消息携带所述目标敏感信息；The transceiver unit is used to send a sensitive information acquisition request to the RPA management center when the target robot script needs to use target sensitive information, and the sensitive information acquisition request is used to request to obtain target sensitive information from the RPA management center; the sensitive information acquisition request carries the target Relevant information about the robot script, the relevant information of the target robot script includes the target executor ID and/or the target control ID; the target executor ID is used to indicate the RPA executor that executes the target robot script, and the target control ID is used to indicate the need to use target-sensitive Information control; receiving a first response message sent by the RPA management center in response to the sensitive information acquisition request, wherein the first response message carries the target sensitive information;

处理单元，用于根据目标敏感信息处理目标机器人脚本。The processing unit is used for processing the target robot script according to the target sensitive information.

在一个可选的实施例中，处理单元具体用于：In an optional embodiment, the processing unit is specifically used for:

在一个可选的实施例中，在将目标敏感信息输入到目标文本框，以便继续处理目标机器人脚本的方面，处理单元具体用于：In an optional embodiment, in terms of inputting target sensitive information into the target text box so as to continue processing the target robot script, the processing unit is specifically configured to:

在一个可选的实施例中，处理单元还用于：In an optional embodiment, the processing unit is also used for:

通过预设方式从目标文本框中获取输入的数据；若未获取到数据或者获取到的数据为预设字符，则确定输入到目标文本框中的敏感信息片段是以密文方式输入的；若获取到数据或者获取到的数据不为预设字符，则确定输入到目标文本框中的敏感信息片段是以明文方式输入的；其中，预设方式包括：Obtain the input data from the target text box in a preset manner; if no data is obtained or the obtained data is a preset character, then it is determined that the sensitive information segment input into the target text box is entered in ciphertext; if If the data is obtained or the obtained data is not a preset character, it is determined that the sensitive information segment entered into the target text box is entered in plain text; the preset method includes:

在一个可选的实施例中，：In an alternative embodiment:

收发单元，还用于接收到RPA管理中心发送的用于响应敏感信息获取请求的第二响应消息，The transceiver unit is also used to receive the second response message sent by the RPA management center in response to the sensitive information acquisition request,

处理单元，还用于结束目标机器人脚本的执行；其中，第二响应消息携带第一标识，该第一标识用于指示获取目标敏感信息失败，或者第二响应消息未携带目标敏感信息。The processing unit is further configured to end the execution of the target robot script; wherein, the second response message carries a first identifier, and the first identifier is used to indicate that the acquisition of target sensitive information fails, or the second response message does not carry target sensitive information.

第四方面，本申请实施例提供一种RPA管理中心，包括：In a fourth aspect, the embodiment of the present application provides an RPA management center, including:

收发单元，用于接收机器人流程自动化RPA执行器发送的敏感信息获取请求，敏感信息获取请求用于请求获取目标敏感信息，敏感信息获取请求携带目标机器人脚本的相关信息，目标机器人脚本的相关信息包括目标执行器标识和/或目标控件标识；目标执行器标识用于指示执行目标机器人脚本的执行器，目标控件标识用于指示需要使用目标敏感信息的控件；The transceiver unit is configured to receive the sensitive information acquisition request sent by the robotic process automation RPA executor. The sensitive information acquisition request is used to request the acquisition of target sensitive information. The sensitive information acquisition request carries relevant information of the target robot script, and the relevant information of the target robot script includes Target executor ID and/or target control ID; the target executor ID is used to indicate the executor that executes the target robot script, and the target control ID is used to indicate the control that needs to use target sensitive information;

获取单元，用于执行根据目标执行器标识和/或目标控件标识获取目标敏感信息的操作；An acquisition unit, configured to perform an operation of acquiring target sensitive information according to the target executor ID and/or the target control ID;

收发单元，用于若根据目标执行器标识和/或目标控件标识获取目标敏感信息，则向RPA执行器发送第一响应消息，A transceiver unit, configured to send a first response message to the RPA executor if the target sensitive information is obtained according to the target executor identifier and/or the target control identifier,

其中，第一响应消息携带目标敏感信息。Wherein, the first response message carries target sensitive information.

在一个可选的实施例中，获取单元具体用于：根据目标机器人标识和/或目标控件标识遍历访问授权矩阵，其中，访问授权矩阵包括多个机器人脚本的相关信息，该多个机器人脚本的相关信息中的任一机器人脚本S的相关信息包括第一执行器标识和/或第一控件标识；第一执行器标识用于指示执行机器人脚本S的执行器，第一控件标识用于指示需要使用第一敏感信息的控件；In an optional embodiment, the obtaining unit is specifically configured to: traverse the access authorization matrix according to the target robot ID and/or the target control ID, wherein the access authorization matrix includes information about multiple robot scripts, and the multiple robot scripts' The relevant information of any robot script S in the related information includes the first executor identifier and/or the first control identifier; the first executor identifier is used to indicate the executor executing the robot script S, and the first control identifier is used to indicate the need Controls using the first sensitive information;

收发单元，用于若获取单元在访问授权矩阵遍历到第二执行器标识和/或第二控件标识，向RPA执行器发送第一响应消息；其中，第二执行器标识为访问授权矩阵的第一执行器标识中与目标执行器标识相同的标识，第二控件标识为访问授权矩阵的第一控件标识中与目标控件标识相同的标识，目标敏感信息为第二控件标识指示的控件需要使用的敏感信息。The transceiver unit is configured to send a first response message to the RPA executor if the acquisition unit traverses the second executor identifier and/or the second control identifier in the access authorization matrix; wherein, the second executor identifier is the first in the access authorization matrix An identifier identical to the target actuator identifier in the first actuator identifier, the second control identifier is the same identifier as the target control identifier in the first control identifier of the access authorization matrix, and the target sensitive information is required to be used by the control indicated by the second control identifier Sensitive information.

在一个可选的实施例中，收发单元还用于：In an optional embodiment, the transceiver unit is also used for:

若在访问授权矩阵中未遍历到第二执行器标识和/或第二控件标识，向RPA执行器发送第二响应消息；If the second executor identifier and/or the second control identifier are not traversed in the access authorization matrix, send a second response message to the RPA executor;

在一个可选的实施例中，收发单元还用于：接收RPA执行器上报的疑似敏感信息泄露预警事件；向管理员发送告警信息，以提醒管理员修改对应的敏感信息；In an optional embodiment, the transceiver unit is also used to: receive a suspected sensitive information leakage warning event reported by the RPA actuator; send an alarm message to the administrator to remind the administrator to modify the corresponding sensitive information;

RPA管理中心还包括：The RPA Management Center also includes:

记录单元，用于记录疑似敏感信息泄露预警事件。The recording unit is used to record the early warning events of suspected sensitive information leakage.

在一个可选的实施例中，RPA管理中心还包括：In an optional embodiment, the RPA management center also includes:

构建单元，用于构建访问授权矩阵，该访问授权矩阵包含多个机器人脚本的相关信息；机器人脚本S的相关信息还包括第一敏感信息标识、第一机器人脚本标识和/或第一用户标识；A construction unit, configured to construct an access authorization matrix, the access authorization matrix includes related information of a plurality of robot scripts; the related information of the robot script S also includes a first sensitive information identifier, a first robot script identifier and/or a first user identifier;

第五方面，本申请实施例提供一种电子设备，包括存储器，一个或多个处理器；其中，一个或多个程序被存储在所述存储器中；所述一个或多个处理器在执行所述一个或多个程序时，使得所述电子设备实现如第一方面或第二方面所述方法的部分或全部。In the fifth aspect, the embodiment of the present application provides an electronic device, including a memory and one or more processors; wherein, one or more programs are stored in the memory; and the one or more processors execute the When the above one or more programs are used, the electronic device is made to implement part or all of the method described in the first aspect or the second aspect.

第六方面，本申请实施例提供一种计算机存储介质，其特征在于，包括计算机指令，当所述计算机指令在电子设备上运行时，使得所述电子设备执行如第一方面或第二方面所述方法的部分或全部。In the sixth aspect, the embodiment of the present application provides a computer storage medium, which is characterized in that it includes computer instructions, and when the computer instructions are run on the electronic device, the electronic device executes the computer storage medium described in the first aspect or the second aspect. part or all of the methods described above.

第七方面，本申请实施例提供一种计算机程序产品，其特征在于，当所述计算机程序产品在计算机上运行时，使得所述计算机执行如第一方面或第二方面所述方法的部分或全部。In the seventh aspect, the embodiment of the present application provides a computer program product, which is characterized in that, when the computer program product is run on a computer, the computer is made to execute part or part of the method described in the first aspect or the second aspect all.

应理解，上述任意一种可能的实现方式，在不违背自然规律的前提下，可以自由组合，本申请中不予以赘述。It should be understood that any one of the above possible implementation manners can be freely combined under the premise of not violating the laws of nature, and will not be described in detail in this application.

应当理解的是，本申请中对技术特征、技术方案、有益效果或类似语言的描述并不是暗示在任意的单个实施例中可以实现所有的特点和优点。相反，可以理解的是对于特征或有益效果的描述意味着在至少一个实施例中包括特定的技术特征、技术方案或有益效果。因此，本说明书中对于技术特征、技术方案或有益效果的描述并不一定是指相同的实施例。进而，还可以任何适当的方式组合本实施例中所描述的技术特征、技术方案和有益效果。本领域技术人员将会理解，无需特定实施例的一个或多个特定的技术特征、技术方案或有益效果即可实现实施例。在其他实施例中，还可在没有体现所有实施例的特定实施例中识别出额外的技术特征和有益效果。It should be understood that descriptions of technical features, technical solutions, beneficial effects or similar language in this application do not imply that all features and advantages can be realized in any single embodiment. On the contrary, it can be understood that the description of features or beneficial effects means that specific technical features, technical solutions or beneficial effects are included in at least one embodiment. Therefore, descriptions of technical features, technical solutions or beneficial effects in this specification do not necessarily refer to the same embodiment. Furthermore, the technical features, technical solutions and beneficial effects described in this embodiment may also be combined in any appropriate manner. Those skilled in the art will understand that the embodiments can be implemented without one or more specific technical features, technical solutions or advantageous effects of the specific embodiments. In other embodiments, additional technical features and beneficial effects may also be identified in certain embodiments that do not embody all embodiments.

Description of drawings

为了更清楚地说明本申请实施例或现有技术中的技术方案，下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍，显而易见地，下面描述中的附图仅仅是本申请的一些实施例，对于本领域普通技术人员来讲，在不付出创造性劳动的前提下，还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions in the embodiments of the present application or the prior art, the following will briefly introduce the drawings that need to be used in the description of the embodiments or the prior art. Obviously, the accompanying drawings in the following description are only These are some embodiments of the present application. Those skilled in the art can also obtain other drawings based on these drawings without creative work.

图1为一种RPA系统的框架示意图；Fig. 1 is a schematic diagram of the framework of an RPA system;

图2为本申请实施例提供的一种RPA系统的框架示意图；Fig. 2 is the frame diagram of a kind of RPA system provided by the embodiment of the present application;

图3为本申请实施例提供的一种执行机器人脚本方法的流程示意图；FIG. 3 is a schematic flowchart of a method for executing a robot script provided by an embodiment of the present application;

图4为本申请实施例提供的另一种执行机器人脚本方法的流程示意图；FIG. 4 is a schematic flowchart of another method for executing a robot script provided by an embodiment of the present application;

图5为本申请实施例提供的一种执行机器人脚本方法具体过程示意图；FIG. 5 is a schematic diagram of a specific process of a method for executing a robot script provided by an embodiment of the present application;

图6为申请实施例提供的一种RPA执行器的结构示意图；Figure 6 is a schematic structural diagram of an RPA actuator provided in the embodiment of the application;

图7为申请实施例提供的一种RPA管理中心的结构示意图；Fig. 7 is a schematic structural diagram of an RPA management center provided in the embodiment of the application;

图8为申请实施例提供的另一种RPA执行器的结构示意图；FIG. 8 is a schematic structural diagram of another RPA actuator provided in the embodiment of the application;

图9为申请实施例提供的另一种RPA管理中心的结构示意图；FIG. 9 is a schematic structural diagram of another RPA management center provided in the embodiment of the application;

图10为申请实施例提供的另一种RPA系统的框架示意图。Fig. 10 is a schematic framework diagram of another RPA system provided by the embodiment of the application.

Detailed ways

以下分别进行详细说明。Each will be described in detail below.

本申请的说明书和权利要求书及所述附图中的术语“第一”、“第二”、“第三”和“第四”等是用于区别不同对象，而不是用于描述特定顺序。此外，术语“包括”和“具有”以及它们任何变形，意图在于覆盖不排他的包含。例如包含了一系列步骤或单元的过程、方法、系统、产品或设备没有限定于已列出的步骤或单元，而是可选地还包括没有列出的步骤或单元，或可选地还包括对于这些过程、方法、产品或设备固有的其它步骤或单元。The terms "first", "second", "third" and "fourth" in the specification and claims of the present application and the drawings are used to distinguish different objects, rather than to describe a specific order . Furthermore, the terms "include" and "have", as well as any variations thereof, are intended to cover a non-exclusive inclusion. For example, a process, method, system, product or device comprising a series of steps or units is not limited to the listed steps or units, but optionally also includes unlisted steps or units, or optionally further includes For other steps or units inherent in these processes, methods, products or apparatuses.

在本文中提及“实施例”意味着，结合实施例描述的特定特征、结构或特性可以包含在本申请的至少一个实施例中。在说明书中的各个位置出现该短语并不一定均是指相同的实施例，也不是与其它实施例互斥的独立的或备选的实施例。本领域技术人员显式地和隐式地理解的是，本文所描述的实施例可以与其它实施例相结合。Reference herein to an "embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment can be included in at least one embodiment of the present application. The occurrences of this phrase in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. It is understood explicitly and implicitly by those skilled in the art that the embodiments described herein can be combined with other embodiments.

“多个”是指两个或两个以上。“和/或”，描述关联对象的关联关系，表示可以存在三种关系，例如，A和/或B，可以表示：单独存在A，同时存在A和B，单独存在B这三种情况。字符“/”一般表示前后关联对象是一种“或”的关系。"Multiple" means two or more. "And/or" describes the association relationship of associated objects, indicating that there may be three types of relationships, for example, A and/or B may indicate: A exists alone, A and B exist simultaneously, and B exists independently. The character "/" generally indicates that the contextual objects are an "or" relationship.

下面先介绍本申请的相关的术语The following first introduces the relevant terms of this application

RPA管理中心，作为RPA系统的管理中心，提供了脚本、任务、敏感信息等RPA数据的管理能力，并实现对RPA执行器的统一纳管与调度管理。在行业内也会将RPA管理中心称为RPA管理器。The RPA management center, as the management center of the RPA system, provides the management capabilities of RPA data such as scripts, tasks, and sensitive information, and realizes the unified management and scheduling management of RPA actuators. In the industry, the RPA management center is also called the RPA manager.

RPA机器人脚本(RPA robot script)，是指用户通过录制、编排等手段定义出来的自动化流程，RPA机器人脚本需要在RPA执行器中执行。RPA robot script (RPA robot script) refers to the automation process defined by the user through recording, orchestration, etc., and the RPA robot script needs to be executed in the RPA executor.

RPA执行器，作为RPA机器人脚本的执行引擎，负责完成RPA机器人脚本中定义的自动化步骤的执行。The RPA executor, as the execution engine of the RPA robot script, is responsible for completing the execution of the automation steps defined in the RPA robot script.

RPA设计器，用于支撑用户录制、编排、测试、发布RPA机器人脚本。The RPA designer is used to support users to record, arrange, test and publish RPA robot scripts.

RPA控件，指在RPA设计器中可以编排和执行的最小动作单元，比如消息对话框、打开Excel文件、读取Excel指定单元格的内容、针对指定网页控件输入信息都是典型的RPA控件。RPA controls refer to the smallest action units that can be programmed and executed in the RPA designer, such as message dialog boxes, opening Excel files, reading the contents of Excel specified cells, and inputting information for specified web page controls are typical RPA controls.

敏感信息，指RPA机器人执行过程中需要使用的敏感数据，比如登录密码等，敏感数据在使用时一般需要满足加密存储、匿名化展示的特征。Sensitive information refers to sensitive data that needs to be used during the execution of RPA robots, such as login passwords, etc. Sensitive data generally needs to meet the characteristics of encrypted storage and anonymized display when used.

UI控件，指在WEB网页或者应用程序界面中用户可见、可操作的页面元素，比如一个对话框、一个按钮、文本输入框、下拉菜单等都说是典型的UI控件。UI controls refer to page elements that are visible and operable to users in a web page or application interface, such as a dialog box, a button, a text input box, a drop-down menu, etc., are typical UI controls.

下面结合附图对本申请的实施例进行描述。Embodiments of the present application are described below in conjunction with the accompanying drawings.

参见图2，图2为本申请实施例提供的一种RPA系统的框架示意图。如图2所示，该系统包括RPA管理中心和多个RPA执行器。Referring to FIG. 2, FIG. 2 is a schematic framework diagram of an RPA system provided by an embodiment of the present application. As shown in Figure 2, the system includes an RPA management center and multiple RPA actuators.

其中，RPA管理中心提供敏感信息配置管理功能。RPA管理中心获取机器人操作目标系统需要使用的账户、密码等敏感信息。RPA管理中心配置有针对敏感信息的允许使用的范围；RPA管理中心具有敏感信息授权矩阵配置管理能力，可基于获取的敏感信息的信息生成敏感信息授权矩阵；RPA管理中心还具有基于调度策略向RPA执行器分配机器人脚本的能力，以实现机器人脚本对应的任务。Among them, the RPA management center provides sensitive information configuration management functions. The RPA management center obtains sensitive information such as accounts and passwords that the robot needs to use to operate the target system. The RPA management center is configured with a range of allowed use of sensitive information; the RPA management center has the ability to configure and manage sensitive information authorization matrix, and can generate a sensitive information authorization matrix based on the obtained sensitive information; The executor allocates the capabilities of the robot script to realize the tasks corresponding to the robot script.

RPA执行器在执行机器人脚本需要获取敏感信息时，向RPA管理中心申请获取敏感信息；RPA管理中心基于授权矩阵确定为特定控件返回敏感信息，防止未经允许的控件使用敏感信息，若过涉及在UI界面中输入敏感信息，RPA执行器在目标系统中输入敏感信息时，通过增加疑似密码泄露检验等步骤实现对敏感信息的保护；当检测到疑似密码泄露事件时上报至RPA管理中心，系统管理员可以通过该事件获知密码泄露。在获取敏感信息后，RPA执行器通过目标系统的WEB页面、客户端界面、网络接口等交互接口实现敏感参数的自动输入，并继续完成后续的自动化操作，比如在目标系统上完成机器人脚本对应的任务，比如报销等。When the RPA executor needs to obtain sensitive information when executing robot scripts, it applies to the RPA management center for obtaining sensitive information; the RPA management center determines to return sensitive information for specific controls based on the authorization matrix to prevent unauthorized controls from using sensitive information. Input sensitive information in the UI interface, and when the RPA executor inputs sensitive information in the target system, the protection of sensitive information is realized by adding steps such as suspected password leakage inspection; when a suspected password leakage event is detected, it is reported to the RPA management center, and the system management Employees can learn about password leaks through this event. After obtaining sensitive information, the RPA executor realizes the automatic input of sensitive parameters through interactive interfaces such as the WEB page, client interface, and network interface of the target system, and continues to complete subsequent automation operations, such as completing the robot script on the target system. Tasks, such as reimbursement, etc.

其中，目标系统通常是指企业员工日常工作中所使用的IT系统，比如客户关系管理(customer relationship management，CRM)系统、财务系统、人力资源管理系统等。目标系统提供登录页面或接口承载敏感信息的输入。Among them, the target system usually refers to the IT system used by the employees of the enterprise in their daily work, such as customer relationship management (customer relationship management, CRM) system, financial system, human resource management system, etc. The target system provides a login page or interface that carries sensitive information for input.

参见图3，图3为本申请实施例提供的一种执行机器人脚本方法的流程示意图。如图3所示，该方法包括：Referring to FIG. 3 , FIG. 3 is a schematic flowchart of a method for executing a robot script provided by an embodiment of the present application. As shown in Figure 3, the method includes:

S301、RPA执行器从RPA管理中心获取目标机器人脚本。S301. The RPA executor obtains the target robot script from the RPA management center.

RPA管理中心中存储有多个机器人脚本，用于实现不同的机器人任务；比如自动报销机器人脚本用于实现自动报销任务；会议预定机器人脚本用于实现会议预定任务等。There are multiple robot scripts stored in the RPA management center, which are used to realize different robot tasks; for example, automatic reimbursement robot scripts are used to realize automatic reimbursement tasks; meeting reservation robot scripts are used to realize meeting reservation tasks, etc.

可选地，对于多个机器人脚本的执行顺序，可以是为机器人脚本分配一个执行时间，在机器人脚本的执行时间到达时，RPA管理中心为该机器人脚本分配一个RPA执行器；可以是基于消息队列的方式执行多个机器人脚本，还可以是用户手动触发的方式。Optionally, for the execution order of multiple robot scripts, an execution time may be allocated for the robot scripts, and when the execution time of the robot scripts arrives, the RPA management center may allocate an RPA executor for the robot scripts; it may be based on a message queue Execute multiple robot scripts in the same way, or manually triggered by the user.

对于基于消息队列的方式执行多个机器人脚本，具体地，RPA管理中心每创建一个机器人任务，将机器人任务关联相应的机器人脚本，将该机器人脚本放入消息队列中；在执行机器人脚本时，按照“先进先执行”的顺序来执行。For the execution of multiple robot scripts based on message queues, specifically, each time the RPA management center creates a robot task, it associates the robot task with the corresponding robot script, and puts the robot script into the message queue; when executing the robot script, follow the Execute in the order of "first in, first out".

RPA管理中心在确定需要执行目标机器人脚本时，为目标机器人脚本分配一个RPA执行器；该RPA执行器从RPA管理中心下载该机器人脚本。When the RPA management center determines that the target robot script needs to be executed, an RPA executor is assigned to the target robot script; the RPA executor downloads the robot script from the RPA management center.

S302、RPA执行器在执行目标机器人脚本需要使用目标敏感信息时，向RPA管理中心发送敏感信息获取请求，该敏感信息获取请求用于请求从RPA管理中心获取目标敏感信息。S302. The RPA executor sends a sensitive information acquisition request to the RPA management center when executing the target robot script needs to use target sensitive information, and the sensitive information acquisition request is used to request to acquire target sensitive information from the RPA management center.

其中，敏感信息获取请求携带目标机器人脚本的相关信息，该目标机器人脚本的相关信息包括目标执行器标识和/或目标控件标识，该目标执行器标识用于指示执行目标机器人脚本的RPA执行器，也即是本申请实施例所述的目标RPA执行器；目标控件标识用于指示需要使用目标敏感信息的控件。Wherein, the sensitive information acquisition request carries relevant information of the target robot script, and the relevant information of the target robot script includes a target executor identifier and/or a target control identifier, and the target executor identifier is used to indicate the RPA executor executing the target robot script, That is, the target RPA executor described in the embodiment of the present application; the target control identifier is used to indicate the control that needs to use target sensitive information.

在此需要指出的是，执行器标识可以是执行器的名称、执行器的ID，或者执行器的其他的属性；用户标识可以是用户的ID或者用户名；机器人脚本标识可以是机器人脚本的名称，或者机器人脚本的ID，或者机器人脚本的其他属性；控件标识可以是控件的名称或者控件的ID，或者控件的其他属性。It should be pointed out here that the executor ID can be the name of the executor, the ID of the executor, or other attributes of the executor; the user ID can be the user ID or username; the robot script ID can be the name of the robot script , or the ID of the robot script, or other properties of the robot script; the control ID can be the name or ID of the control, or other properties of the control.

S303、若接收RPA管理中心发送的用于响应敏感信息获取请求的第一响应消息，RPA执行器根据目标敏感信息继续执行目标机器人脚本。S303. If receiving the first response message sent by the RPA management center for responding to the sensitive information acquisition request, the RPA executor continues to execute the target robot script according to the target sensitive information.

在一个可选的实施例中，在获取目标敏感信息后，根据目标RPA机器人脚本的定义，通过网络协议和目标敏感信息连接到目标系统的网络接口，并在连接成功后继续执行目标机器人脚本，以实现对目标系统的自动操作。In an optional embodiment, after obtaining the target sensitive information, according to the definition of the target RPA robot script, connect to the network interface of the target system through the network protocol and the target sensitive information, and continue to execute the target robot script after the connection is successful, In order to realize the automatic operation of the target system.

判断目标文本框是否为明文框；当目标文本框不为明文框时，将目标敏感信息输入到目标文本框中，以便继续处理目标机器人脚本；当目标文本框为明文框时，结束目标机器人脚本的执行。Determine whether the target text box is a plain text box; when the target text box is not a plain text box, input the target sensitive information into the target text box to continue processing the target robot script; when the target text box is a plain text box, end the target robot script execution.

具体地，将目标敏感信息输入到目标文本框之前，对目标文本框检测，以判断目标文本框是否为明文框；具体检测方式视目标机器人脚本所执行任务的依赖的系统不同而不同；可以通过调用该系统的相关API检测判断；比如WEB登录界面控件，可以通过目标文本框的type属性是否为password来确定；若目标文本框的type属性为password，则确定目标文本框为不为明文框；若目标文本框的type属性为text，则确定目标文本框为明文框；在确定目标文本框不为明文框时，RPA执行器将目标敏感信息输入目标文本框，以便继续处理目标机器人脚本；在确定目标文本框为明文框，则不将目标敏感信息输入到目标文本框，以防止目标敏感信息被泄露，同时结束目标机器人脚本的执行并返回。可选地，为了避免目标敏感信息被泄漏，RPA执行器删除目标敏感信息。Specifically, before the target sensitive information is input into the target text box, the target text box is detected to determine whether the target text box is a plain text box; the specific detection method is different depending on the system that the task performed by the target robot script depends on; it can be passed Call the relevant API of the system to detect and judge; for example, the WEB login interface control can be determined by whether the type attribute of the target text box is password; if the type attribute of the target text box is password, then determine whether the target text box is a plain text box; If the type attribute of the target text box is text, it is determined that the target text box is a plain text box; when it is determined that the target text box is not a plain text box, the RPA executor will input the target sensitive information into the target text box to continue processing the target robot script; If the target text box is determined to be a plain text box, then the target sensitive information is not input into the target text box to prevent the target sensitive information from being leaked, and at the same time, the execution of the target robot script is terminated and returned. Optionally, in order to prevent the target sensitive information from being leaked, the RPA executor deletes the target sensitive information.

对目标敏感信息进行分片，以得到M个敏感信息片段，M为大于1的整数；将M个敏感信息片段输入到目标文本框中；在目标文本框中输入第i个敏感信息片段之后，判断输入到目标文本框中的敏感信息片段是否是以密文方式输入的，其中，i为大于0且小于M-1的整数；若输入到目标文本框中的敏感信息片段是以密文方式输入的，则继续在目标文本框中输入第i+1个敏感信息片段，直至目标敏感信息全部输入到目标文本框中，以便继续执行目标机器人脚本；Fragmenting the target sensitive information to obtain M sensitive information fragments, M is an integer greater than 1; input M sensitive information fragments into the target text box; after inputting the i-th sensitive information fragment in the target text box, Determine whether the sensitive information segment input into the target text box is input in ciphertext, where i is an integer greater than 0 and less than M-1; if the sensitive information segment input into the target text box is in ciphertext input, then continue to input the i+1th sensitive information segment in the target text box until all the target sensitive information is input in the target text box, so as to continue to execute the target robot script;

若输入到目标文本框中的敏感信息片段是以明文方式输入的，则向RPA管理中心上报疑似敏感信息泄露预警事件，并结束目标机器人脚本的执行。If the sensitive information segment input into the target text box is entered in plain text, report the suspected sensitive information leakage warning event to the RPA management center, and end the execution of the target robot script.

在一个可选的实施例中，判断输入到目标文本框中的敏感信息片段是否是以密文方式输入的，包括：In an optional embodiment, judging whether the sensitive information segment input into the target text box is input in ciphertext includes:

其中，预设方式包括：Among them, the preset methods include:

通过调用控件接口从目标文本框中获取所输入的敏感信息片段，或者，Obtain the entered sensitive information fragment from the target text box by calling the control interface, or,

通过输入针对目标文本框的复制指令，以从目标文本框中获取所输入的敏感信息片段；或者，Retrieve the entered piece of sensitive information from the target text box by entering a copy command for the target text box; or,

通过对目标文本框进行截图，以得到目标文本框截图进行文字识别，以从目标文本框中获取所输入的敏感信息片段。By taking a screenshot of the target text box, the screenshot of the target text box is obtained for text recognition, so as to obtain the input sensitive information fragment from the target text box.

具体地，在目标敏感信息输入到目标文本框之前，RPA执行器对目标敏感信息进行分片，以得到M个敏感信息片段，M为大于1的整数；可以是随机对目标敏感信息进行分片，也就是说M个敏感信息片段中字符的长度可以各不相同，也可以部分相同或者全部相同；也可以是按照预设字符长度对目标敏感信息进行分片，也就是说M个敏感信息片段中各个敏感信息片段的字符长度均为预设长度；RPA执行器调用浏览器接口或者键盘接口将M个敏感信息片段依次输入到目标文本框中；在将第i个敏感信息片段输入到目标文本框之后，判断敏感信息片段是否是以密文方式输入到目标文本框的；具体可以通过以下三种方式中的任一方式获取目标文本框中已输入的敏感信息片段：Specifically, before the target sensitive information is input into the target text box, the RPA executor fragments the target sensitive information to obtain M pieces of sensitive information, where M is an integer greater than 1; the target sensitive information can be randomly fragmented , that is to say, the lengths of the characters in the M sensitive information fragments can be different, partly or all the same; or the target sensitive information can be fragmented according to the preset character length, that is to say, the M sensitive information fragments The character length of each sensitive information segment in is preset; the RPA executor invokes the browser interface or keyboard interface to input M sensitive information segments into the target text box in turn; after inputting the i-th sensitive information segment into the target text After the box, determine whether the sensitive information segment is entered into the target text box in ciphertext; specifically, the sensitive information segment entered in the target text box can be obtained in any of the following three ways:

方式一：通过调用控件接口获取，比如针对基于WEB实现的浏览器中的文本框，可以基于XPath的ID调用对应的XPath控件获取文本框的内容，针对基于JAVA实现的浏览器中的文本框，也可以调用对应的控件获取文本框的内容；Method 1: Obtain by calling the control interface. For example, for the text box in the browser based on WEB, you can call the corresponding XPath control based on the XPath ID to obtain the content of the text box. For the text box in the browser based on JAVA, You can also call the corresponding control to get the content of the text box;

方式二：通过输入针对目标文本框复制指令，比如Ctrl+A和Ctrl+C指令，以从目标文本框中获取已输入的敏感信息片段；Method 2: Obtain the entered sensitive information fragment from the target text box by inputting copy commands for the target text box, such as Ctrl+A and Ctrl+C commands;

方式三：先通过鼠标控件定位到目标文本框，再对目标文本框进行截图，然后对该截图进行文字识别，比如调用OCR，以从目标文本框中获取已输入的敏感信息片段；Method 3: First locate the target text box through the mouse control, then take a screenshot of the target text box, and then perform text recognition on the screenshot, such as calling OCR, to obtain the input sensitive information fragment from the target text box;

可选地，若能够从目标文本框中获取已输入的敏感信息片段，则确定输入到目标文本框中的敏感信息片段是以明文方式输入的；若未能目标文本框中获取从目标文本框中获取已输入的敏感信息片段，则确定输入到目标文本框中的敏感信息片段是以密文方式输入的。Optionally, if the input sensitive information segment can be obtained from the target text box, it is determined that the sensitive information segment input into the target text box is entered in plain text; if the target text box cannot be obtained from the target text box If the input sensitive information fragment is obtained in the target text box, it is determined that the sensitive information fragment input into the target text box is input in ciphertext.

可选地，若能够从目标文本框中获取已输入的敏感信息片段，则进一步判断获取的数据是否为预设字符；若确定获取的数据是预设字符，则确定输入到目标文本框中的敏感信息片段是以密文方式输入的；若获取的数据不是预设字符，则确定输入到目标文本框中的敏感信息片段是以明文方式输入的；若未能目标文本框中获取从目标文本框中获取已输入的敏感信息片段，则确定输入到目标文本框中的敏感信息片段是以密文方式输入的。Optionally, if the input sensitive information segment can be obtained from the target text box, then further judge whether the acquired data is a preset character; if it is determined that the acquired data is a preset character, then determine the Sensitive information fragments are entered in ciphertext; if the acquired data is not a preset character, then make sure that the sensitive information fragments entered into the target text box are entered in clear text; if the target text box cannot be obtained from the target text If the input sensitive information fragment is obtained in the target text box, it is determined that the sensitive information fragment input into the target text box is input in cipher text.

若确定输入到目标文本框中的敏感信息片段是以密文方式输入的时，则继续在目标文本框中输入第i+1个敏感信息片段，直至将目标敏感信息完整输入到目标文本框中；在目标敏感信息完整输入到目标文本框中后，继续执行目标机器人脚本，以便完成目标机器人脚本对应的任务；若确定输入到目标文本框中的敏感信息片段是以明文信息输入的，则确定目标敏感信息存在被泄漏的可能，因此向RPA管理中心上报疑似敏感信息泄漏预警事件，并结束目标机器人脚本的执行；可选地，RPA执行器将目标敏感信息删除。If it is determined that the sensitive information segment input into the target text box is entered in ciphertext, then continue to input the i+1th sensitive information segment in the target text box until the target sensitive information is completely input into the target text box ; After the target sensitive information is completely input into the target text box, continue to execute the target robot script in order to complete the task corresponding to the target robot script; The target sensitive information may be leaked, so the suspected sensitive information leakage warning event is reported to the RPA management center, and the execution of the target robot script is terminated; optionally, the RPA executor deletes the target sensitive information.

在一个示例中，预设字符可以为“*”或者“●”或者其他字符，在此不作限定。In an example, the preset character may be "*" or "●" or other characters, which are not limited herein.

在一个可选的实施例中，对于从目标文本框中获取已输入的敏感信息片段的执行时机，可以是在目标文本框中每输入一个敏感信息片段之后执行一次，也可以是在目标文本框中每输入多个敏感信息片段之后执行一次，在此不做限定。In an optional embodiment, the execution timing of obtaining the input sensitive information fragments from the target text box may be executed once after each sensitive information fragment is input in the target text box, or it may be executed after the target text box It is executed after each multiple sensitive information fragments are input, and there is no limitation here.

当目标敏感信息被完整输入到目标文本框中后，RPA执行器继续执行目标机器人脚本，以完成目标机器人脚本对应的任务。比如自动报销机器人脚本，在将用户的密码输入到密码文本框后，RPA执行器继续执行自动报销机器人脚本，以实现点击登录按钮，创建报销单、提交报销单，从而完成报销任务。After the target sensitive information is completely input into the target text box, the RPA executor continues to execute the target robot script to complete the task corresponding to the target robot script. For example, the automatic reimbursement robot script, after inputting the user's password into the password text box, the RPA executor continues to execute the automatic reimbursement robot script, so as to click the login button, create a reimbursement form, submit the reimbursement form, and complete the reimbursement task.

在一个可选的实施例中，在将目标敏感信息输入到目标文本框之前；RPA执行器将随机生成的字符串输入到目标文本框中，其中，该字符串可以包括数字、字母、特殊字符中的部分或者全部，该字符串可以是RPA管理中心随机生成的，同目标敏感信息一起下发至RPA执行器，或者是RPA执行器随机生成的；然后RPA执行器按照上述方式一、方式二和方式三中的任一方式获取目标文本框内的内容；在一个示例中，若RPA执行器能从目标文本框中获取数据，则RPA执行器确定将目标敏感信息输入到目标文本框中存在被泄漏的风险；若RPA执行器未能从目标文本框中获取数据，则RPA执行器确定将目标敏感信息输入到目标文本框中不存在不泄露的风险；在另一个示例中，在从目标文本框中获取数据后，判断获取的数据是否为预设字符；若获取的数据不为预设字符，则RPA执行器确定将目标敏感信息输入到目标文本框中存在被泄漏的风险；若获取的数据为预设字符，则RPA执行器确定将目标敏感信息输入到目标文本框中不存在被泄漏的风险；In an optional embodiment, before inputting the target sensitive information into the target text box; the RPA executor inputs a randomly generated character string into the target text box, wherein the character string may include numbers, letters, special characters Part or all of the string can be randomly generated by the RPA management center and sent to the RPA executor together with the target sensitive information, or randomly generated by the RPA executor; then the RPA executor follows the above method 1 and method 2 and method 3 to obtain the content in the target text box; in one example, if the RPA executor can obtain data from the target text box, then the RPA executor determines that the input of target sensitive information into the target text box exists The risk of being leaked; if the RPA executor fails to obtain data from the target text box, the RPA executor determines that there is no risk of non-disclosure when inputting the target sensitive information into the target text box; After the data is acquired in the text box, it is judged whether the acquired data is a preset character; if the acquired data is not a preset character, the RPA executor determines that there is a risk of leaking the target sensitive information into the target text box; if the acquired If the data is a preset character, the RPA executor determines that there is no risk of leakage of the target sensitive information input into the target text box;

在确定将目标敏感信息输入到目标文本框中不存在被泄漏的风险时，RPA执行器将目标敏感信息输入到目标文本框中；在RPA执行器确定将目标敏感信息输入到目标文本框中存在被泄漏的风险时，为了避免目标敏感信息的泄露，RPA执行器删除目标敏感信息，并结束目标机器人脚本的执行。When it is determined that there is no risk of leaking the target sensitive information into the target text box, the RPA executor inputs the target sensitive information into the target text box; When there is a risk of being leaked, in order to avoid the leakage of target sensitive information, the RPA executor deletes the target sensitive information and ends the execution of the target robot script.

S304、若接收到用于响应敏感信息获取请求的第二响应消息，RPA执行器结束目标机器人脚本的执行。S304. If the second response message for responding to the sensitive information acquisition request is received, the RPA executor ends the execution of the target robot script.

其中，第二响应消息携带第一标识，第一标识用于指示获取目标敏感信息失败，或者第二响应消息未携带目标敏感信息。第二响应消息未携带目标敏感信息，也即是指RPA管理中心针对RPA执行器的敏感信息获取请求向RPA执行器返回一个空值。Wherein, the second response message carries the first identifier, and the first identifier is used to indicate that the acquisition of the target sensitive information fails, or the second response message does not carry the target sensitive information. The second response message does not carry target sensitive information, which means that the RPA management center returns a null value to the RPA executor for the RPA executor's sensitive information acquisition request.

可以看出，在本申请的方案中，RPA执行器从RPA管理中心获取敏感信息时，需要向RPA管理中心至少上报RPA执行器标识和/或控件标识，RPA管理中心对上报的信息进行验证；在验证通过后向RPA执行器发送敏感信息，使得敏感信息只能被通过验证的RPA执行器或控件使用，从而限定了敏感信息的使用范围，降低了敏感信息被泄漏的风险，比如说某一敏感信息设置只能在“网页中输入”控件中使用，基于该策略可以实现敏感信息只能在网页输入框中使用，无法在API接口调用、日志打印、消息窗口等其他控件使用；再比如某一敏感信息设置只能在“报销自动化机器人脚本”中使用，基于该策略可实现敏感信息只能在“报销自动化机器人脚本”中使用，在其他机器人脚本比如“工时自动化申报机器人脚本”中无法使用；再比如某一敏感信息设置只能由张三使用，基于该策略可以实现敏感信息只能在基于张三这个账号接入进来的执行器上使用，无法在使用其他账号接入进来的执行器上使用；再比如某一敏感信息设置只能由执行器A使用，基于该策略可实现敏感信息只能在执行器A上使用，无法在其他执行器比如执行器B上使用；也可以是上述策略的组合，从而精细化控制敏感信息的使用范围，进而有效保护敏感信息，防止敏感信息的泄露和越权使用；在将敏感信息输入到目标文本框之前，判断是否该目标文本框是否为明文框，在确定该目标文本框不为明文框时才将敏感信息输入到目标文本框中，进一步降低了敏感信息被泄漏的风险；在确定将敏感信息输入到目标文本框后，对敏感信息进行分片，再将敏感信息片段依次输入到目标文本框中，之后从目标文本框中获取输入的数据，以判断输入到目标文本框内的敏感信息片段是否以密文方式输入的；在确定是以明文方式输入时，停止其他敏感信息片段的输入，进一步降低了敏感信息被泄漏的风险。It can be seen that in the scheme of this application, when the RPA actuator obtains sensitive information from the RPA management center, it needs to report at least the RPA actuator identifier and/or control identifier to the RPA management center, and the RPA management center verifies the reported information; Send sensitive information to the RPA executor after the verification is passed, so that the sensitive information can only be used by the verified RPA executor or control, thereby limiting the scope of use of sensitive information and reducing the risk of sensitive information being leaked, for example, a certain Sensitive information settings can only be used in the "input in web page" control. Based on this strategy, sensitive information can only be used in the input box of the web page, and cannot be used in API interface calls, log printing, message windows and other controls; another example A sensitive information setting can only be used in the "reimbursement automation robot script". Based on this policy, sensitive information can only be used in the "reimbursement automation robot script", and cannot be used in other robot scripts such as "working hour automation declaration robot script" ; Another example is that a certain sensitive information setting can only be used by Zhang San. Based on this policy, sensitive information can only be used on the executors that are accessed based on Zhang San’s account, and cannot be used on executors that are accessed using other accounts. For another example, a certain sensitive information setting can only be used by executor A. Based on this policy, sensitive information can only be used on executor A, and cannot be used on other executors such as executor B; it can also be the above Combination of strategies, so as to finely control the scope of use of sensitive information, and then effectively protect sensitive information, prevent the leakage and unauthorized use of sensitive information; before inputting sensitive information into the target text box, determine whether the target text box is a plain text box , the sensitive information is input into the target text box only when it is determined that the target text box is not a clear text box, which further reduces the risk of sensitive information being leaked; after determining that the sensitive information is input into the target text box, the sensitive information is classified slices, and then input the sensitive information fragments into the target text box in turn, and then obtain the input data from the target text box to judge whether the sensitive information fragments input into the target text box are input in cipher text; When inputting in plain text, the input of other sensitive information fragments is stopped, further reducing the risk of sensitive information being leaked.

参见图4，图4为本申请实施例提供的另一种执行机器人脚本方法的流程示意图。如图4所示，该方法包括：Referring to FIG. 4 , FIG. 4 is a schematic flowchart of another method for executing a robot script provided by an embodiment of the present application. As shown in Figure 4, the method includes:

S401、接收RPA执行器发送的敏感信息获取请求，该敏感信息获取请求携带目标机器人脚本的相关信息，敏感信息获取请求用于请求获取目标敏感信息。S401. Receive a sensitive information acquisition request sent by an RPA executor, the sensitive information acquisition request carries information about a target robot script, and the sensitive information acquisition request is used to request acquisition of target sensitive information.

其中，目标机器人脚本的相关信息包括目标RPA执行器标识和/或目标控件标识；其中，目标RPA执行器标识用于执行目标机器人脚本的执行器，目标控件用于指示需要使用目标敏感信息的控件。Wherein, the relevant information of the target robot script includes the target RPA executor identification and/or the target control identification; wherein, the target RPA executor identifies the executor used to execute the target robot script, and the target control is used to indicate the control that needs to use the target sensitive information .

在此需要说明的是，RPA管理中心中存储有多个机器人脚本，用于实现不同的机器人任务；比如自动报销机器人脚本用于实现自动报销任务；会议预定机器人脚本用于实现会议预定任务等。It should be noted here that the RPA management center stores multiple robot scripts for realizing different robot tasks; for example, automatic reimbursement robot scripts are used for automatic reimbursement tasks; meeting reservation robot scripts are used for meeting reservation tasks, etc.

RPA管理中心在确定需要执行目标机器人脚本时，为该目标机器人脚本分配一个RPA执行器，即目标RPA执行器，并向该目标RPA执行器发送目标机器人脚本。When the RPA management center determines that the target robot script needs to be executed, it allocates an RPA executor for the target robot script, that is, the target RPA executor, and sends the target robot script to the target RPA executor.

在一个可行的实施例中，本申请的方法还包括：In a feasible embodiment, the method of the present application also includes:

RPA管理中心构建访问授权矩阵，其中，该访问授权矩阵包括多个机器人脚本的相关信息，每个机器人脚本的相关信息包括第一执行器标识和/或第一控件标识，第一执行器标识用于指示执行该机器人脚本的执行器，第一控件标识用于指示需要使用敏感信息的控件。The RPA management center constructs an access authorization matrix, wherein the access authorization matrix includes relevant information of a plurality of robot scripts, and the relevant information of each robot script includes a first executor identifier and/or a first control identifier, and the first executor identifier uses For instructing the executor to execute the robot script, the first control identifier is used to indicate a control that needs to use sensitive information.

在一个示例中，访问授权矩阵如下表1所示：In one example, the access authorization matrix is shown in Table 1 below:

敏感参数标识Sensitive parameter identification 执行器标识Actuator ID Zhangshan_passwordZhangshan_password 执行器_1Actuator_1 Lisi_passwordLisi_password 执行器_2Actuator_2 Wangwu_passwordWangwu_password 执行器_1Actuator_1

表1Table 1

可选地，每个机器人脚本的相关信息还包括第一敏感信息标识、第一机器人脚本标识、和/或第一用户标识；Optionally, the relevant information of each robot script further includes a first sensitive information identifier, a first robot script identifier, and/or a first user identifier;

在此需要指出的是，机器人脚本的相关信息不限于以上描述的信息，当然还可以包括其他信息，在此不做限定。It should be pointed out here that the relevant information of the robot script is not limited to the information described above, and of course may also include other information, which is not limited here.

在另一个示例中，访问授权矩阵如下表2所示：In another example, the access authorization matrix is shown in Table 2 below:

表2Table 2

上表2中，Public_password用于指示公共密码，每日运行报告发送通知机器人脚本在执行时可以使用公共密码，对执行每日运行报告发送通知机器人脚本时涉及的控件不做限定。In Table 2 above, Public_password is used to indicate the public password, and the daily operation report sending notification robot script can use the public password during execution, and the controls involved in executing the daily operation report sending notification robot script are not limited.

S402、根据目标RPA执行器标识和/或目标控件标识向RPA执行器发送第一响应消息；其中，第一响应消息携带目标敏感信息。S402. Send a first response message to the RPA executor according to the target RPA executor identifier and/or the target control identifier; wherein, the first response message carries target sensitive information.

在一个可行的实施例中，根据目标执行器标识和/或目标控件标识向RPA执行器发送第一响应消息，包括：In a feasible embodiment, the first response message is sent to the RPA executor according to the target executor identifier and/or the target control identifier, including:

根据目标机器人标识和/或目标控件标识遍历访问授权矩阵，其中，访问授权矩阵包括多个机器人脚本的相关信息，该多个机器人脚本的相关信息中的任一机器人脚本S的相关信息包括第一执行器标识和/或第一控件标识；第一执行器标识用于指示执行机器人脚本S的执行器，第一控件标识用于指示需要使用第一敏感信息的控件；The access authorization matrix is traversed according to the target robot ID and/or the target control ID, wherein the access authorization matrix includes related information of a plurality of robot scripts, and the related information of any robot script S in the related information of the plurality of robot scripts includes the first The executor identifier and/or the first control identifier; the first executor identifier is used to indicate the executor executing the robot script S, and the first control identifier is used to indicate the control that needs to use the first sensitive information;

若在访问授权矩阵遍历到第二执行器标识和/或第二控件标识，向RPA执行器发送第一响应消息；其中，第二执行器标识为访问授权矩阵的第一执行器标识中与目标执行器标识相同的标识，第二控件标识为访问授权矩阵的第一控件标识中与目标控件标识相同的标识，目标敏感信息为第二控件标识指示的控件需要使用的敏感信息；If the access authorization matrix traverses to the second executor ID and/or the second control ID, send the first response message to the RPA executor; wherein, the second executor ID is the same as the target in the first executor ID of the access authorization matrix The same identifier as the actuator identifier, the second control identifier is the same identifier as the target control identifier in the first control identifier of the access authorization matrix, and the target sensitive information is the sensitive information that needs to be used by the control indicated by the second control identifier;

若在访问授权矩阵中未遍历到第二执行器标识和/或第二控件标识，向所述RPA执行器发送第二响应消息；其中，第二响应消息携带第一标识，第一标识用于指示获取目标敏感信息失败，或者第二响应消息未携带目标敏感信息。If the second executor identifier and/or the second control identifier are not traversed in the access authorization matrix, a second response message is sent to the RPA executor; wherein, the second response message carries a first identifier, and the first identifier is used for Indicates that the acquisition of target sensitive information fails, or the second response message does not carry target sensitive information.

具体地，RPA管理中心根据目标机器人脚本的相关信息遍历访问授权矩阵中的多个机器然脚本的相关信息；当在访问授权矩阵遍历到与目标机器人脚本的相关信息相同的机器人脚本的相关信息时，确定执行目标机器人脚本的RPA执行器具有获取目标敏感信息的权限，向RPA执行器发送携带目标敏感信息的第一响应消息；当在访问授权矩阵未遍历到与目标机器人脚本的相关信息相同的机器人脚本的相关信息时，确定执行目标机器人脚本的RPA执行器没有获取目标敏感信息的权限，向RPA执行器发送上述第二响应消息。Specifically, the RPA management center traverses the relevant information of multiple machine scripts in the access authorization matrix according to the relevant information of the target robot script; , determine that the RPA executor executing the target robot script has the authority to obtain target sensitive information, and send the first response message carrying the target sensitive information to the RPA executor; when the access authorization matrix does not traverse to the same information as the target robot script When determining the relevant information of the robot script, it is determined that the RPA executor executing the target robot script does not have the authority to obtain the sensitive information of the target, and sends the above-mentioned second response message to the RPA executor.

在一个示例中，访问授权矩阵中任一机器人脚本S的相关信息包括第一执行器标识和/或第一控件名称，第一执行器标识用于指示执行机器人脚本S的执行器，第一控件标识用于指示需要使用第一敏感信息的控件；第一敏感信息为执行机器人脚本S时需要的敏感信息；判断在访问授权矩阵是否遍历到与目标机器人脚本的相关信息相同的机器人脚本的相关信息，具体包括：判断是否在访问授权矩阵中是否遍历到第二执行器标识和/或第二控件标识，其中，第二执行器标识为访问授权矩阵中的第一执行器标识中与目标执行器标识相同的标识，或者为访问授权矩阵中所指示的执行器与目标执行器标识所指示的执行器相同的执行器标识；第二控件标识为访问授权矩阵中的第一控件标识中与目标控件标识相同的标识，或者访问授权矩阵中所指示的控件与目标控件标识所指示的控件相同的控件标识；若在访问授权矩阵遍历到第二执行器标识和/或第二控件标识，则确定在访问授权矩阵遍历到与目标机器人脚本的相关信息相同的机器人脚本的相关信息；若在访问授权矩阵未遍历到第二执行器标识和/或第二控件标识，则确定在访问授权矩阵未遍历到与目标机器人脚本的相关信息相同的机器人脚本的相关信息。In one example, the relevant information of any robot script S in the access authorization matrix includes the first executor identifier and/or the name of the first control, the first executor identifier is used to indicate the executor executing the robot script S, and the first control Identify the control used to indicate that the first sensitive information needs to be used; the first sensitive information is the sensitive information required when executing the robot script S; determine whether the relevant information of the robot script that is the same as the relevant information of the target robot script is traversed in the access authorization matrix , specifically includes: judging whether to traverse to the second executor ID and/or the second control ID in the access authorization matrix, wherein the second executor ID is the same as the target executor in the first executor ID in the access authorization matrix The identity of the same identity, or the identity of the executor indicated in the access authorization matrix is the same as the executor indicated by the identity of the target executor; identify the same ID, or the control ID indicated by the control indicated in the access authorization matrix is the same as the control indicated by the target control ID; if the access authorization matrix traverses to the second actuator ID and/or the second control ID, it is determined in The access authorization matrix traverses to the relevant information of the robot script that is the same as the relevant information of the target robot script; if the second executor identification and/or the second control identification are not traversed in the access authorization matrix, it is determined that the access authorization matrix does not traverse to Information about the same bot script as that of the target bot script.

在另一个示例中，目标机器人的相关信息还包括目标敏感信息标识、目标机器人脚本标识和目标用户标识中的部分或者全部；访问授权矩阵中任一机器人脚本S的相关信息包括第一敏感信息标识、第一机器人脚本标识和第一用户标识中的部分或者全部；判断在访问授权矩阵是否遍历到与目标机器人脚本的相关信息相同的机器人脚本的相关信息，具体包括：判断在访问授权矩阵中是否同时遍历与目标机器人脚本的相关信息中标识相同的标识；若在访问授权矩阵中同时遍历与目标机器人脚本的相关信息中标识相同的标识，则确定在访问授权矩阵遍历到与目标机器人脚本的相关信息相同的机器人脚本的相关信息；若在访问授权矩阵中未同时遍历与目标机器人脚本的相关信息中标识相同的标识，或者在访问授权矩阵中遍历与目标机器人脚本的相关信息中标识部分相同的标识，则确定在访问授权矩阵未遍历到与目标机器人脚本的相关信息相同的机器人脚本的相关信息。In another example, the relevant information of the target robot further includes part or all of the target sensitive information identifier, the target robot script identifier and the target user identifier; the relevant information of any robot script S in the access authorization matrix includes the first sensitive information identifier 1. Part or all of the first robot script identifier and the first user identifier; judging whether the relevant information of the robot script that is the same as the relevant information of the target robot script has been traversed in the access authorization matrix, specifically including: judging whether in the access authorization matrix Simultaneously traverse the identifiers identified in the relevant information of the target robot script; if the same identifiers identified in the relevant information of the target robot script are traversed in the access authorization matrix at the same time, then it is determined that the access authorization matrix traverses to the relevant identifier of the target robot script. Relevant information of robot scripts with the same information; if the identifiers identified in the relevant information of the target robot script are not traversed at the same time in the access authorization matrix, or the identifiers partially identical to those of the target robot script are traversed in the access authorization matrix identification, it is determined that the relevant information of the robot script that is the same as the relevant information of the target robot script has not been traversed in the access authorization matrix.

比如目标机器人的相关信息包括目标敏感信息标识、目标执行器标识和目标控件标识，机器人脚本S的相关信息包括第一敏感信息标识、第一执行器标识和目标控件标识；判断在访问授权矩阵中是否同时遍历与目标机器人脚本的相关信息中标识相同的标识具体是指：判断在访问授权矩阵中是否遍历到第二敏感信息标识、第二执行器标识和第二控件标识，其中，第二敏感信息标识为访问授权矩阵中的第一敏感信息标识中与目标敏感信息标识相同的标识，或者为访问授权矩阵中所指示的敏感信息与目标敏感信息标识所指示的敏感信息相同的敏感信息标识；若在访问授权矩阵中同时遍历到第二敏感信息标识、第二执行器标识和第二控件标识，则确定访问授权矩阵中同时遍历与目标机器人脚本的相关信息中标识相同的标识；若在访问授权矩阵中未同时遍历到第二敏感信息标识、第二执行器标识和第二控件标识，或者在访问授权矩阵中遍历到第二敏感信息标识、第二执行器标识和第二控件标识中的部分，则确定访问授权矩阵中未同时遍历与目标机器人脚本的相关信息中标识相同的标识。For example, the relevant information of the target robot includes the target sensitive information identification, the target actuator identification and the target control identification, and the relevant information of the robot script S includes the first sensitive information identification, the first actuator identification and the target control identification; the judgment is in the access authorization matrix Whether to traverse at the same time the identifiers identified in the relevant information of the target robot script specifically refers to: judging whether the second sensitive information identifier, the second executor identifier, and the second control identifier are traversed in the access authorization matrix, wherein the second sensitive The information identifier is the same identifier as the target sensitive information identifier among the first sensitive information identifiers in the access authorization matrix, or the sensitive information identifier whose sensitive information indicated in the access authorization matrix is the same as the sensitive information indicated by the target sensitive information identifier; If the second sensitive information identifier, the second executor identifier and the second control identifier are simultaneously traversed in the access authorization matrix, then it is determined that the identifier identical to that identified in the relevant information of the target robot script is traversed in the access authorization matrix at the same time; The second sensitive information ID, the second executor ID, and the second control ID are not traversed in the authorization matrix at the same time, or the second sensitive information ID, the second executor ID, and the second control ID are traversed in the access authorization matrix part, then it is determined that the identifier identical to that identified in the relevant information of the target robot script is not traversed in the access authorization matrix at the same time.

通过在上述方式判断控件是否有使用敏感信息的权限，可以避免以下情况的发生：By judging whether the control has permission to use sensitive information in the above way, the following situations can be avoided:

针对某一控件，在RPA控制器获取该控件对应的敏感信息后，在RPA控制器中该敏感信息作为系统的上下文长时间存在，RPA所调用的控件均能使用上下文中敏感信息，这样用户可以通过使用日志打印、消息框或者自定义控件打印或者使用敏感信息，从而导致敏感信息的泄露。For a certain control, after the RPA controller obtains the sensitive information corresponding to the control, the sensitive information exists in the RPA controller as the context of the system for a long time, and the controls called by RPA can use the sensitive information in the context, so that the user can By using log printing, message boxes, or custom controls to print or use sensitive information, resulting in the disclosure of sensitive information.

接收RPA执行器上报的疑似敏感信息泄露预警事件；记录疑似敏感信息泄露预警事件；向管理员发送告警信息，以提醒所述管理员修改目标敏感信息。Receive the suspected sensitive information leakage early warning event reported by the RPA executor; record the suspected sensitive information leakage early warning event; send an alarm message to the administrator to remind the administrator to modify the target sensitive information.

具体地，在接收到RPA执行器上报的疑似敏感信息泄露预警事件后，记录疑似敏感信息泄露预警事件；其中，疑似敏感信息泄露事件包括目标敏感信息标识；向管理员发送告警信息，该告警信息携带目标敏感信息的标识，以提醒管理员修改目标敏感信息。Specifically, after receiving the suspected sensitive information leakage early warning event reported by the RPA executor, record the suspected sensitive information leakage early warning event; wherein, the suspected sensitive information leakage event includes the target sensitive information identification; send an alarm message to the administrator, the alarm information Carry the identification of target sensitive information to remind administrators to modify target sensitive information.

可选地，告警信息可以为短信、邮件或者即时通信应用信息，比如QQ、微信、畅连等。采用上述方式通知管理员，提升敏感信息泄露通知的实时性。Optionally, the alarm information may be SMS, email, or instant messaging application information, such as QQ, WeChat, Changlian, and the like. Use the above method to notify the administrator to improve the real-time performance of sensitive information leakage notification.

可以看出，在本申请的实施例中，RPA执行器从RPA管理中心获取敏感信息时，需要向RPA管理中心至少上报RPA执行器标识和/或控件标识，RPA管理中心对上报的信息进行验证；在验证通过后向RPA执行器发送敏感信息，使得敏感信息只能被通过验证的RPA执行器或控件使用，从而限定了敏感信息的使用范围，降低了敏感信息被泄漏的风险；在接收疑似敏感信息泄露预警事件后，向管理员发送告警信息，以提醒管理员修改目标敏感信息，从而保证机器热脚本被合理使用。It can be seen that in the embodiment of the present application, when the RPA actuator obtains sensitive information from the RPA management center, it needs to report at least the RPA actuator identifier and/or control identifier to the RPA management center, and the RPA management center verifies the reported information ;Send sensitive information to the RPA actuator after the verification is passed, so that the sensitive information can only be used by the verified RPA actuator or control, thereby limiting the scope of use of sensitive information and reducing the risk of sensitive information being leaked; After the sensitive information leakage warning event, an alarm message is sent to the administrator to remind the administrator to modify the target sensitive information, so as to ensure that the machine hot script is used reasonably.

在一个具体的示例中，如图5所示，以用户需要报销为例；RPA管理中心基于用户的需求创建报销申请任务，获取报销申请任务的任务参数；任务参数包括用户名(username:user001)及报销信息，将报销申请任务与自动报销机器人脚本关联，在此之前，RPA管理中心获取并保存用户的用户名user0001和在报销系统的登录密码01234567，并设置访问权限，即在RPA管理中心的访问授权矩阵中生成自动报销机器脚本的相关信息，该相关信息包括敏感信息标识(user001_password)、执行器标识(执行器_1)，机器人脚本标识(自动报销机器人脚本)和控件标识(在网页中输入文本)；RPA管理中心在接收到执行报销申请任务时，分配一个执行器_1来执行自动报销机器人脚本；执行器_1从RPA管理中心获取自动报销机器人脚本及任务参数；执行器_1上报自动报销机器人脚本的相关信息，包括：user001_password、执行器_1，自动报销机器人脚本和在网页中输入文本；RPA管理中心基于上报的自动报销机器人脚本的相关信息遍历访问授权矩阵，由于访问授权矩阵中包括自动报销机器人脚本的相关信息，标识执行器_1有权限获取user001_password，RPA管理中心向执行器_1发送登录密码“01234567”；执行器_1执行自动报销机器人脚本：访问自动报销系统统一资源定位器(uniform resource locator，URL)，打开报销系统界面；执行器_1通过鼠标控件定位到用户名文本框，将user001输入到用户名文本框；执行器_1通过鼠标控件定位到密码文本框；检测密码文本框是否为明文框，具体检测方式可参见图3所示实施例的相关描述，在此不在叙述；若确定密码文本框不为明文框，则对登录密码“01234567”进行分片，得到密码片段“012”、“34”和“567”；首先将密码片段“012”输入密码文本框中；然后判断密码片段“012”是否是以密文方式输入的；具体判断过程可参见图3所示实施例的相关描述，在此不在叙述；若确定密码片段“012”是以密文方式输入的，则继续输入密码片段“34”；判断密码片段“01234”是否是以密文方式输入的；若确定密码片段“01234”是以密文方式输入的，则继续输入密码片段“567”；判断密码片段“01234567”是否是以密文方式输入的，若确定密码片段“01234567”是以密文方式输入的，则执行器_1通过鼠标控件点击登录按钮登录，进入创建报销申请界面，自动在创建报销申请界面中填写报销信息，完成后鼠标控件点击提交按钮，以完成自动报销申请的提交；In a specific example, as shown in Figure 5, taking the user's need for reimbursement as an example; the RPA management center creates a reimbursement application task based on the user's needs, and obtains the task parameters of the reimbursement application task; the task parameters include the username (username:user001) and reimbursement information, and associate the reimbursement application task with the automatic reimbursement robot script. Prior to this, the RPA management center obtains and saves the user's username user0001 and the login password 01234567 in the reimbursement system, and sets access rights, that is, in the RPA management center The relevant information of the automatic reimbursement machine script is generated in the access authorization matrix, which includes sensitive information identification (user001_password), executor identification (executor_1), robot script identification (automatic reimbursement robot script) and control identification (in the web page Enter text); when the RPA management center receives the reimbursement application task, it assigns an executor_1 to execute the automatic reimbursement robot script; the executor_1 obtains the automatic reimbursement robot script and task parameters from the RPA management center; the executor_1 Report the relevant information of the automatic reimbursement robot script, including: user001_password, executor_1, automatic reimbursement robot script and text input in the webpage; the RPA management center traverses the access authorization matrix based on the reported information about the automatic reimbursement robot script, because the access authorization The matrix includes information about the automatic reimbursement robot script, which identifies that executor_1 has permission to obtain user001_password, and the RPA management center sends the login password "01234567" to executor_1; executor_1 executes the automatic reimbursement robot script: accesses the automatic reimbursement system Uniform resource locator (uniform resource locator, URL), open the reimbursement system interface; executor_1 locates the user name text box through the mouse control, and input user001 into the user name text box; executor_1 locates the password through the mouse control Text box; detect whether the password text box is a plaintext box, and the specific detection method can refer to the relevant description of the embodiment shown in Figure 3, which is not described here; if it is determined that the password text box is not a plaintext box, then log in password "01234567" Fragmentation to get the password segments "012", "34" and "567"; first input the password segment "012" into the password text box; then determine whether the password segment "012" is entered in ciphertext; the specific judgment process Can refer to the related description of the embodiment shown in Fig. 3, do not narrate here; If it is determined that the password segment "012" is input in a cipher text mode, then continue to input the password segment "34"; input in cipher text; if it is determined that the password segment "01234" is input in cipher text, continue to input the password segment "567"; determine whether the password segment "01234567" is input in cipher text, if it is determined that the password segment " 01234567" is If it is input in cipher text, the executor_1 will log in by clicking the login button with the mouse control to enter the creation reimbursement application interface, and automatically fill in the reimbursement information in the creation reimbursement application interface. After completion, click the submit button with the mouse control to complete the automatic reimbursement application submission of

在上述过程中，若确定密码片段是以明文方式输入的，或者从密码文本框中获取到数据，则确定密码存在泄漏风险；执行器_1结束自动报销机器人脚本的执行，向RPA管理中心上报疑似敏感信息泄露预警事件，可选地，事件包括user001_password；RPA管理中心记录该疑似敏感信息泄露预警事件，并向管理员发送报警信息，以使管理员修改用户user001的密码。In the above process, if it is determined that the password fragment is entered in plain text, or the data is obtained from the password text box, it is determined that the password has a risk of leakage; executor_1 ends the execution of the automatic reimbursement robot script and reports to the RPA management center The suspected sensitive information leakage early warning event, optionally, the event includes user001_password; the RPA management center records the suspected sensitive information leakage early warning event, and sends an alarm message to the administrator, so that the administrator can modify the password of user user001.

可选地，通过RPA管理中心定期查看疑似敏感信息泄露预警事件，确定是否需要修改对应的敏感信息。Optionally, the RPA management center regularly checks suspected sensitive information leakage early warning events to determine whether the corresponding sensitive information needs to be modified.

参见图6，图6为本申请实施例提供的一种RPA执行器的结构示意图。如图6所示，该RPA执行器600包括：Referring to FIG. 6, FIG. 6 is a schematic structural diagram of an RPA actuator provided in an embodiment of the present application. As shown in Figure 6, the RPA actuator 600 includes:

获取单元601，用于从RPA管理中心获取目标机器人脚本；Obtaining unit 601, used to obtain the target robot script from the RPA management center;

收发单元602，用于在执行目标机器人脚本需要使用目标敏感信息时，向RPA管理中心发送敏感信息获取请求，敏感信息获取请求用于请求从RPA管理中心中获取目标敏感信息；敏感信息获取请求携带目标机器人脚本的相关信息，目标机器人脚本的相关信息包括目标执行器标识和/或目标控件标识；目标执行器标识用于指示执行目标机器人脚本的RPA执行器，目标控件标识用于指示需要使用目标敏感信息的控件；接收所述RPA管理中心发送的用于响应所述敏感信息获取请求的第一响应消息，其中，所述第一响应消息携带所述目标敏感信息The transceiver unit 602 is used to send a sensitive information acquisition request to the RPA management center when the target robot script needs to use target sensitive information, and the sensitive information acquisition request is used to request to obtain target sensitive information from the RPA management center; the sensitive information acquisition request carries Relevant information of the target robot script, the relevant information of the target robot script includes the target executor ID and/or target control ID; the target executor ID is used to indicate the RPA executor that executes the target robot script, and the target control ID is used to indicate the need to use the target Sensitive information control; receiving a first response message sent by the RPA management center in response to the sensitive information acquisition request, wherein the first response message carries the target sensitive information

处理单元603，用于根据目标敏感信息处理目标机器人脚本。The processing unit 603 is configured to process the target robot script according to the target sensitive information.

在一个可选的实施例中，处理单元603具体用于：In an optional embodiment, the processing unit 603 is specifically configured to:

在一个可选的实施例中，在将目标敏感信息输入到目标文本框，以便继续处理目标机器人脚本的方面，处理单元603具体用于：In an optional embodiment, in terms of inputting target sensitive information into the target text box so as to continue processing the target robot script, the processing unit 603 is specifically configured to:

在一个可选的实施例中，处理单元603还用于：In an optional embodiment, the processing unit 603 is also configured to:

在一个可选的实施例中，收发单元602，还用于接收到RPA管理中心发送的用于响应敏感信息获取请求的第二响应消息，In an optional embodiment, the transceiver unit 602 is further configured to receive the second response message sent by the RPA management center in response to the sensitive information acquisition request,

处理单元603，还用于结束目标机器人脚本的执行；其中，第二响应消息携带第一标识，该第一标识用于指示获取目标敏感信息失败，或者第二响应消息未携带目标敏感信息。The processing unit 603 is further configured to end the execution of the target robot script; wherein, the second response message carries a first identifier, and the first identifier is used to indicate that the acquisition of target sensitive information fails, or the second response message does not carry target sensitive information.

需要说明的是，上述各单元(获取单元601、收发单元602和处理单元603)用于执行上述方法的相关步骤。It should be noted that, the above-mentioned units (acquisition unit 601, transceiver unit 602, and processing unit 603) are used to execute relevant steps of the above-mentioned method.

在本实施例中，RPA执行器600是以单元的形式来呈现。这里的“单元”可以指特定应用集成电路(application-specific integrated circuit，ASIC)，执行一个或多个软件或固件程序的处理器和存储器，集成逻辑电路，和/或其他可以提供上述功能的器件。此外，以上获取单元601和处理单元603可通过图8所示的RPA执行器的处理器801来实现。In this embodiment, the RPA actuator 600 is presented in the form of a unit. The "unit" here may refer to an application-specific integrated circuit (ASIC), a processor and memory executing one or more software or firmware programs, an integrated logic circuit, and/or other devices that can provide the above functions . In addition, the acquisition unit 601 and the processing unit 603 above can be implemented by the processor 801 of the RPA executor shown in FIG. 8 .

参见图7，图7为本申请实施例提供的一种RPA管理中心的结构示意图。如图7所示，该RPA管理中心700包括：Referring to FIG. 7, FIG. 7 is a schematic structural diagram of an RPA management center provided in an embodiment of the present application. As shown in Figure 7, the RPA management center 700 includes:

收发单元701，用于接收机器人流程自动化RPA执行器发送的敏感信息获取请求，敏感信息获取请求用于请求获取目标敏感信息，敏感信息获取请求携带目标机器人脚本的相关信息，目标机器人脚本的相关信息包括目标执行器标识和/或目标控件标识；目标执行器标识用于指示执行目标机器人脚本的执行器，目标控件标识用于指示需要使用目标敏感信息的控件；The transceiver unit 701 is configured to receive the sensitive information acquisition request sent by the robotic process automation RPA executor, the sensitive information acquisition request is used to request the acquisition of target sensitive information, the sensitive information acquisition request carries the relevant information of the target robot script, and the relevant information of the target robot script Including target executor identification and/or target control identification; the target executor identification is used to indicate the executor that executes the target robot script, and the target control identification is used to indicate the control that needs to use target sensitive information;

获取单元702，用于执行根据目标执行器标识和/或目标控件标识获取目标敏感信息的操作；An acquisition unit 702, configured to perform an operation of acquiring target sensitive information according to the target executor ID and/or the target control ID;

收发单元701，用于若根据目标执行器标识和/或目标控件标识获取目标敏感信息，则向RPA执行器发送第一响应消息，The transceiver unit 701 is configured to send a first response message to the RPA executor if the target sensitive information is obtained according to the target executor identifier and/or the target control identifier,

在一个可选的实施例中，获取单元702具体用于：根据目标机器人标识和/或目标控件标识遍历访问授权矩阵，其中，访问授权矩阵包括多个机器人脚本的相关信息，该多个机器人脚本的相关信息中的任一机器人脚本S的相关信息包括第一执行器标识和/或第一控件标识；第一执行器标识用于指示执行机器人脚本S的执行器，第一控件标识用于指示需要使用第一敏感信息的控件；In an optional embodiment, the acquiring unit 702 is specifically configured to: traverse the access authorization matrix according to the target robot ID and/or the target control ID, where the access authorization matrix includes information about multiple robot scripts, and the multiple robot scripts The relevant information of any robot script S in the relevant information includes the first executor identifier and/or the first control identifier; the first executor identifier is used to indicate the executor that executes the robot script S, and the first control identifier is used to indicate Controls that need to use the first sensitive information;

收发单元701，用于若获取单元702在访问授权矩阵遍历到第二执行器标识和/或第二控件标识，向RPA执行器发送第一响应消息；其中，第二执行器标识为访问授权矩阵的第一执行器标识中与目标执行器标识相同的标识，第二控件标识为访问授权矩阵的第一控件标识中与目标控件标识相同的标识，目标敏感信息为第二控件标识指示的控件需要使用的敏感信息。The transceiver unit 701 is configured to send a first response message to the RPA executor if the acquisition unit 702 traverses to the second executor identifier and/or the second control identifier in the access authorization matrix; wherein, the second executor identifier is the access authorization matrix The first executor ID of the access authorization matrix is the same as the target executor ID, the second control ID is the same as the target control ID in the first control ID of the access authorization matrix, and the target sensitive information is required by the control indicated by the second control ID Sensitive information used.

在一个可选的实施例中，收发单元701还用于：In an optional embodiment, the transceiver unit 701 is also used for:

若在访问授权矩阵中未遍历到第二执行器标识和/或第二控件标识，向RPA执行器发送第二响应消息；If the second executor ID and/or the second control ID are not traversed in the access authorization matrix, send a second response message to the RPA executor;

在一个可选的实施例中，收发单元701还用于：接收RPA执行器上报的疑似敏感信息泄露预警事件；向管理员发送告警信息，以提醒管理员修改对应的敏感信息；In an optional embodiment, the transceiver unit 701 is also configured to: receive a suspected sensitive information leakage warning event reported by the RPA executor; send an alarm message to the administrator to remind the administrator to modify the corresponding sensitive information;

RPA管理中心700还包括：The RPA management center 700 also includes:

记录单元703，用于记录疑似敏感信息泄露预警事件。The recording unit 703 is configured to record the suspected sensitive information leakage early warning event.

构建单元704，用于构建访问授权矩阵，该访问授权矩阵包含多个机器人脚本的相关信息；机器人脚本S的相关信息还包括第一敏感信息标识、第一机器人脚本标识、和/或第一用户标识；The construction unit 704 is configured to construct an access authorization matrix, where the access authorization matrix includes relevant information of multiple robot scripts; the relevant information of the robot script S also includes the first sensitive information identifier, the first robot script identifier, and/or the first user logo;

需要说明的是，上述各单元(收发单元701、获取单元702、记录单元703和构建单元704)用于执行上述方法的相关步骤。It should be noted that each of the above units (the transceiver unit 701, the acquisition unit 702, the recording unit 703 and the construction unit 704) is used to execute the relevant steps of the above method.

在本实施例中，RPA管理中心700是以单元的形式来呈现。这里的“单元”可以指特定应用集成电路(application-specific integrated circuit，ASIC)，执行一个或多个软件或固件程序的处理器和存储器，集成逻辑电路，和/或其他可以提供上述功能的器件。此外，以上获取单元 702、记录单元703和构建单元704可通过图9所示的RPA管理中心的处理器901来实现。In this embodiment, the RPA management center 700 is presented in the form of a unit. The "unit" here may refer to an application-specific integrated circuit (ASIC), a processor and memory executing one or more software or firmware programs, an integrated logic circuit, and/or other devices that can provide the above functions . In addition, the above acquisition unit 702, recording unit 703 and construction unit 704 can be realized by the processor 901 of the RPA management center shown in FIG. 9 .

如图8所示RPA执行器800可以以图8中的结构来实现，该RPA执行器800包括至少一个处理器801，至少一个存储器802以及至少一个通信接口803。所述处理器801、所述存储器802和所述通信接口803通过所述通信总线连接并完成相互间的通信。As shown in FIG. 8 , the RPA executor 800 may be implemented with the structure in FIG. 8 , and the RPA executor 800 includes at least one processor 801 , at least one memory 802 and at least one communication interface 803 . The processor 801 , the memory 802 and the communication interface 803 are connected through the communication bus and complete mutual communication.

处理器801可以是通用中央处理器(CPU)，微处理器，特定应用集成电路(application-specific integrated circuit，ASIC)，或一个或多个用于控制以上方案程序执行的集成电路。The processor 801 may be a general-purpose central processing unit (CPU), a microprocessor, an application-specific integrated circuit (ASIC), or one or more integrated circuits for controlling the execution of programs in the above solutions.

通信接口803，用于与其他设备或通信网络通信，如以太网，无线接入网(RAN)，无线局域网(Wireless Local Area Networks，WLAN)等。The communication interface 803 is used for communicating with other devices or communication networks, such as Ethernet, radio access network (RAN), wireless local area network (Wireless Local Area Networks, WLAN), etc.

存储器802可以是只读存储器(read-only memory，ROM)或可存储静态信息和指令的其他类型的静态存储设备，随机存取存储器(random access memory，RAM)或者可存储信息和指令的其他类型的动态存储设备，也可以是电可擦可编程只读存储器(Electrically Erasable Programmable Read-Only Memory，EEPROM)、只读光盘(Compact Disc Read-Only Memory，CD-ROM)或其他光盘存储、光碟存储(包括压缩光碟、激光碟、光碟、数字通用光碟、蓝光光碟等)、磁盘存储介质或者其他磁存储设备、或者能够用于携带或存储具有指令或数据结构形式的期望的程序代码并能够由计算机存取的任何其他介质，但不限于此。存储器可以是独立存在，通过总线与处理器相连接。存储器也可以和处理器集成在一起。Memory 802 may be read-only memory (read-only memory, ROM) or other types of static storage devices that can store static information and instructions, random access memory (random access memory, RAM) or other types that can store information and instructions It can also be an electrically erasable programmable read-only memory (Electrically Erasable Programmable Read-Only Memory, EEPROM), a read-only disc (Compact Disc Read-Only Memory, CD-ROM) or other optical disc storage, optical disc storage (including compact discs, laser discs, optical discs, digital versatile discs, Blu-ray discs, etc.), magnetic disk storage media or other magnetic storage devices, or can be used to carry or store desired program code in the form of instructions or data structures and can be programmed by a computer Any other medium accessed, but not limited to. The memory can exist independently and be connected to the processor through the bus. Memory can also be integrated with the processor.

其中，所述存储器802用于存储执行以上方案的应用程序代码，并由处理器801来控制执行。所述处理器801用于执行所述存储器802中存储的应用程序代码。Wherein, the memory 802 is used to store application program codes for executing the above solutions, and the execution is controlled by the processor 801 . The processor 801 is configured to execute application program codes stored in the memory 802 .

存储器802存储的代码可执行以上提供的任一种机器人脚本的执行方法，比如：从RPA管理中心获取目标机器人脚本；在执行目标机器人脚本需要使用目标敏感信息时，向RPA管理中心发送敏感信息获取请求，该敏感信息获取请求用于请求从RPA管理中心中获取目标敏感信息；该敏感信息获取请求携带目标机器人脚本的相关信息，目标机器人脚本的相关信息包括目标执行器标识和/或目标控件标识；该目标执行器标识用于指示执行目标机器人脚本的RPA执行器，目标控件标识用于指示需要使用目标敏感信息的控件；若接收RPA管理中心发送的用于响应敏感信息获取请求的第一响应消息，根据目标敏感信息处理目标机器人脚本，其中，第一响应消息携带目标敏感信息。The code stored in the memory 802 can perform the execution method of any robot script provided above, such as: obtain the target robot script from the RPA management center; when executing the target robot script needs to use target sensitive information, send sensitive information to the RPA management center Request, the sensitive information acquisition request is used to request to obtain the target sensitive information from the RPA management center; the sensitive information acquisition request carries the relevant information of the target robot script, and the relevant information of the target robot script includes the target executor ID and/or the target control ID ; The target executor identifier is used to indicate the RPA executor that executes the target robot script, and the target control identifier is used to indicate the control that needs to use the sensitive information of the target; if the first response sent by the RPA management center to respond to the sensitive information acquisition request is received message, processing the target robot script according to the target sensitive information, wherein the first response message carries the target sensitive information.

如图9所示RPA管理中心900可以以图9中的结构来实现，该RPA管理中心900包括至少一个处理器901，至少一个存储器902以及至少一个通信接口903。所述处理器901、所述存储器902和所述通信接口903通过所述通信总线连接并完成相互间的通信。As shown in FIG. 9 , the RPA management center 900 can be implemented with the structure in FIG. 9 , and the RPA management center 900 includes at least one processor 901 , at least one memory 902 and at least one communication interface 903 . The processor 901 , the memory 902 and the communication interface 903 are connected through the communication bus and complete mutual communication.

处理器901可以是通用中央处理器(CPU)，微处理器，特定应用集成电路(application-specific integrated circuit，ASIC)，或一个或多个用于控制以上方案程序执行的集成电路。The processor 901 may be a general-purpose central processing unit (CPU), a microprocessor, an application-specific integrated circuit (ASIC), or one or more integrated circuits for controlling the execution of programs in the above solutions.

通信接口903，用于与其他设备或通信网络通信，如以太网，无线接入网(RAN)，无线局域网(Wireless Local Area Networks，WLAN)等。The communication interface 903 is used to communicate with other devices or communication networks, such as Ethernet, Radio Access Network (RAN), Wireless Local Area Networks (Wireless Local Area Networks, WLAN), etc.

存储器902可以是只读存储器(read-only memory，ROM)或可存储静态信息和指令的其他类型的静态存储设备，随机存取存储器(random access memory，RAM)或者可存储信息和指令的其他类型的动态存储设备，也可以是电可擦可编程只读存储器(Electrically Erasable Programmable Read-Only Memory，EEPROM)、只读光盘(Compact Disc Read-Only Memory， CD-ROM)或其他光盘存储、光碟存储(包括压缩光碟、激光碟、光碟、数字通用光碟、蓝光光碟等)、磁盘存储介质或者其他磁存储设备、或者能够用于携带或存储具有指令或数据结构形式的期望的程序代码并能够由计算机存取的任何其他介质，但不限于此。存储器可以是独立存在，通过总线与处理器相连接。存储器也可以和处理器集成在一起。Memory 902 may be read-only memory (read-only memory, ROM) or other types of static storage devices that can store static information and instructions, random access memory (random access memory, RAM) or other types that can store information and instructions It can also be an electrically erasable programmable read-only memory (Electrically Erasable Programmable Read-Only Memory, EEPROM), a compact disc (Compact Disc Read-Only Memory, CD-ROM) or other optical disc storage, optical disc storage (including compact discs, laser discs, optical discs, digital versatile discs, Blu-ray discs, etc.), magnetic disk storage media or other magnetic storage devices, or can be used to carry or store desired program code in the form of instructions or data structures and can be programmed by a computer Any other medium accessed, but not limited to. The memory can exist independently and be connected to the processor through the bus. Memory can also be integrated with the processor.

其中，所述存储器902用于存储执行以上方案的应用程序代码，并由处理器901来控制执行。所述处理器901用于执行所述存储器902中存储的应用程序代码。Wherein, the memory 902 is used to store application program codes for executing the above solutions, and the execution is controlled by the processor 901 . The processor 901 is configured to execute application program codes stored in the memory 902 .

存储器902存储的代码可执行以上提供的任一种机器人脚本的执行方法，比如：The code stored in the memory 902 can execute any one of the robot script execution methods provided above, such as:

参见图10，图10为本申请实施例提供的一种系统结构示意图。如图10所示，该系统包括RPA管理中心和RPA执行器，Referring to FIG. 10 , FIG. 10 is a schematic structural diagram of a system provided by an embodiment of the present application. As shown in Figure 10, the system includes an RPA management center and an RPA actuator,

其中，RPA管理中心包括任务管理模块、敏感信息管理模块、敏感信息授权模块和敏感信息泄漏预警信息管理模块；Among them, the RPA management center includes a task management module, a sensitive information management module, a sensitive information authorization module and a sensitive information leakage warning information management module;

任务管理模块，用于创建机器人任务，并关联相应的机器人脚本；并确定机器人任务的执行顺序；在机器人任务需要被执行时，为机器人任务中的机器人脚本分配RPA执行器，并向该RPA执行器下发该机器人脚本及任务参数；The task management module is used to create robot tasks and associate corresponding robot scripts; and determine the execution sequence of robot tasks; when the robot tasks need to be executed, assign RPA executors to the robot scripts in the robot tasks and execute them to the RPA The controller sends the robot script and task parameters;

敏感信息管理模块，用于构建访问授权矩阵，并提供针对访问授权矩阵中信息的增删查改的功能，便于用户统一管理RPA使用过程中所涉及的所有敏感；The sensitive information management module is used to build the access authorization matrix, and provides the function of adding, deleting, checking and modifying the information in the access authorization matrix, so that users can manage all sensitive information involved in the use of RPA in a unified manner;

敏感信息授权模块，提供访问授权矩阵的配置管理能力与授权接口，支撑用户通过执行器、机器人脚本、用户角色、控件名称等中的一个或多个管理敏感信息的使用范围。The sensitive information authorization module provides the configuration management capability and authorization interface of the access authorization matrix, and supports users to manage the scope of use of sensitive information through one or more of executors, robot scripts, user roles, and control names.

敏感信息泄露预警信息管理模块，提供敏感信息泄露预警信息的管理功能和写入接口，支撑用户查询查看敏感信息泄露预警事件。The sensitive information leakage early warning information management module provides the management function and writing interface of sensitive information leakage early warning information, and supports users to query and view sensitive information leakage early warning events.

RPA执行器包括脚本执行引擎、敏感信息输入模块和敏感信息泄漏检测模块，The RPA executor includes a script execution engine, a sensitive information input module and a sensitive information leakage detection module,

脚本执行引擎，用于基于任务参数执行机器人脚本；Script execution engine for executing robot scripts based on task parameters;

敏感信息输入模块，用于在控件涉及敏感信息操作时，与RPA管理中心的敏感信息授权模块进行交互，以获取敏感信息，同时如果涉及在UI界面上输入敏感信息，则通过对输入目标框的类型检测、敏感信息分片输入等手段实现敏感信息被正确输入到敏感信息输入框，比如密码输入框。The sensitive information input module is used to interact with the sensitive information authorization module of the RPA management center to obtain sensitive information when the control involves sensitive information operations. Sensitive information is correctly entered into the sensitive information input box, such as the password input box, by means of type detection and sensitive information segmentation input.

敏感信息泄露检测模块，用于针对在UI界面，比如图10所示的目标系统的登录界面上输入敏感信息的场景，通过在敏感信息输入后检测UI界面上目标输入框中是否存在明文敏感信息，并据此识别敏感信息是否被输入到了非敏感信息输入框，当发现敏感信息被输入到非敏感信息输入框时，向RPA管理中心的敏感信息泄露预警信息管理模块上报疑似敏感信息泄露事件。The sensitive information leakage detection module is used for inputting sensitive information on the UI interface, such as the login interface of the target system shown in Figure 10, by detecting whether there is clear text sensitive information in the target input box on the UI interface after the sensitive information is input , and based on this, identify whether sensitive information has been input into the non-sensitive information input box, and report the suspected sensitive information leakage event to the sensitive information leakage warning information management module of the RPA management center when it is found that sensitive information has been input into the non-sensitive information input box.

在此需要指出的是，上述RPA管理中心中各模块实现的功能具体可以参见图4所示的实施例的相关描述，在此不再叙述；上述RPA执行器中各模块实现的功能具体可以参见图3所示的实施例的相关描述，在此不再叙述。It should be pointed out here that, for the functions realized by the modules in the above-mentioned RPA management center, please refer to the relevant description of the embodiment shown in FIG. The related description of the embodiment shown in FIG. 3 is omitted here.

本申请实施例还提供一种计算机存储介质，其中，该计算机存储介质可存储有程序，该程序执行时包括上述方法实施例中记载的任何一种执行机器人脚本方法的部分或全部步骤。The embodiment of the present application also provides a computer storage medium, wherein the computer storage medium can store a program, and when the program is executed, it includes some or all steps of any method for executing a robot script described in the above method embodiments.

需要说明的是，对于前述的各方法实施例，为了简单描述，故将其都表述为一系列的动作组合，但是本领域技术人员应该知悉，本申请并不受所描述的动作顺序的限制，因为依据本申请，某些步骤可以采用其他顺序或者同时进行。其次，本领域技术人员也应该知悉，说明书中所描述的实施例均属于优选实施例，所涉及的动作和模块并不一定是本申请所必须的。It should be noted that for the foregoing method embodiments, for the sake of simple description, they are expressed as a series of action combinations, but those skilled in the art should know that the present application is not limited by the described action sequence. Depending on the application, certain steps may be performed in other orders or simultaneously. Secondly, those skilled in the art should also know that the embodiments described in the specification belong to preferred embodiments, and the actions and modules involved are not necessarily required by this application.

在上述实施例中，对各个实施例的描述都各有侧重，某个实施例中没有详述的部分，可以参见其他实施例的相关描述。In the foregoing embodiments, the descriptions of each embodiment have their own emphases, and for parts not described in detail in a certain embodiment, reference may be made to relevant descriptions of other embodiments.

在本申请所提供的几个实施例中，应该理解到，所揭露的装置，可通过其它的方式实现。例如，以上所描述的装置实施例仅仅是示意性的，例如所述单元的划分，仅仅为一种逻辑功能划分，实际实现时可以有另外的划分方式，例如多个单元或组件可以结合或者可以集成到另一个系统，或一些特征可以忽略，或不执行。另一点，所显示或讨论的相互之间的耦合或直接耦合或通信连接可以是通过一些接口，装置或单元的间接耦合或通信连接，可以是电性或其它的形式。In the several embodiments provided in this application, it should be understood that the disclosed device can be implemented in other ways. For example, the device embodiments described above are only illustrative. For example, the division of the units is only a logical function division. In actual implementation, there may be other division methods. For example, multiple units or components can be combined or can be Integrate into another system, or some features may be ignored, or not implemented. In another point, the mutual coupling or direct coupling or communication connection shown or discussed may be through some interfaces, and the indirect coupling or communication connection of devices or units may be in electrical or other forms.

所述作为分离部件说明的单元可以是或者也可以不是物理上分开的，作为单元显示的部件可以是或者也可以不是物理单元，即可以位于一个地方，或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部单元来实现本实施例方案的目的。The units described as separate components may or may not be physically separated, and the components shown as units may or may not be physical units, that is, they may be located in one place, or may be distributed to multiple network units. Part or all of the units can be selected according to actual needs to achieve the purpose of the solution of this embodiment.

另外，在本申请各个实施例中的各功能单元可以集成在一个处理单元中，也可以是各个单元单独物理存在，也可以两个或两个以上单元集成在一个单元中。上述集成的单元既可以采用硬件的形式实现，也可以采用软件功能单元的形式实现。In addition, each functional unit in each embodiment of the present application may be integrated into one processing unit, each unit may exist separately physically, or two or more units may be integrated into one unit. The above-mentioned integrated units can be implemented in the form of hardware or in the form of software functional units.

所述集成的单元如果以软件功能单元的形式实现并作为独立的产品销售或使用时，可以存储在一个计算机可读取存储器中。基于这样的理解，本申请的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的全部或部分可以以软件产品的形式体现出来，该计算机软件产品存储在一个存储器中，包括若干指令用以使得一台计算机设备(可为个人计算机、服务器或者网络设备等)执行本申请各个实施例所述方法的全部或部分步骤。而前述的存储器包括：U盘、只读存储器(ROM，Read-Only Memory)、随机存取存储器(RAM，Random Access Memory)、移动硬盘、磁碟或者光盘等各种可以存储程序代码的介质。If the integrated unit is realized in the form of a software function unit and sold or used as an independent product, it can be stored in a computer-readable memory. Based on this understanding, the technical solution of the present application is essentially or part of the contribution to the prior art, or all or part of the technical solution can be embodied in the form of a software product, and the computer software product is stored in a memory. Several instructions are included to make a computer device (which may be a personal computer, server or network device, etc.) execute all or part of the steps of the methods described in the various embodiments of the present application. The aforementioned memory includes: various media that can store program codes such as U disk, read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), mobile hard disk, magnetic disk or optical disk.

本领域普通技术人员可以理解上述实施例的各种方法中的全部或部分步骤是可以通过程序来指令相关的硬件来完成，该程序可以存储于一计算机可读存储器中，存储器可以包括：闪存盘、只读存储器(英文：Read-Only Memory，简称：ROM)、随机存取器(英文：Random Access Memory，简称：RAM)、磁盘或光盘等。Those of ordinary skill in the art can understand that all or part of the steps in the various methods of the above-mentioned embodiments can be completed by instructing related hardware through a program, and the program can be stored in a computer-readable memory, and the memory can include: a flash disk , Read-only memory (English: Read-Only Memory, referred to as: ROM), random access device (English: Random Access Memory, referred to as: RAM), magnetic disk or optical disc, etc.

以上对本申请实施例进行了详细介绍，本文中应用了具体个例对本申请的原理及实施方式进行了阐述，以上实施例的说明只是用于帮助理解本申请的方法及其核心思想；同时，对于本领域的一般技术人员，依据本申请的思想，在具体实施方式及应用范围上均会有改变之处，综上上述，本说明书内容不应理解为对本申请的限制。The embodiments of the present application have been introduced in detail above, and specific examples have been used in this paper to illustrate the principles and implementation methods of the present application. The descriptions of the above embodiments are only used to help understand the methods and core ideas of the present application; meanwhile, for Those skilled in the art will have changes in the specific implementation and scope of application based on the ideas of the present application. In summary, the contents of this specification should not be construed as limiting the present application.

Claims

A method for executing a robot script, characterized in that it comprises:

Obtain the target robot script from the Robotic Process Automation RPA Management Center;

When executing the target robot script needs to use target sensitive information, send a sensitive information acquisition request to the RPA management center, and the sensitive information acquisition request is used to request to obtain target sensitive information from the RPA management center; the sensitive The information acquisition request carries relevant information of the target robot script, and the relevant information of the target robot script includes a target executor identifier and/or a target control identifier; the target executor identifier is used to indicate the RPA executing the target robot script An executor, the target control identifier is used to indicate the control that needs to use the target sensitive information;

receiving a first response message sent by the RPA management center in response to the sensitive information acquisition request, where the first response message carries the target sensitive information;

Processing the target robot script based on the target sensitive information.

The method according to claim 1, wherein the relevant information of the target robot script further includes a target sensitive information identifier, a target robot script identifier, and/or a target user identifier;

Wherein, the target sensitive information identifier is used to indicate the target sensitive information, the target robot script identifier is used to indicate the target robot script, and the target user identifier is used to indicate the user who needs to complete the task corresponding to the target robot script user.

The method according to claim 2, wherein the target control is a target text box, and processing the target robot script according to the target sensitive information includes:

When the target text box is not the plain text box, input the target sensitive information into the target text box, so as to continue processing the target robot script;

When the target text box is a plain text box, end the execution of the target robot script.

The method according to claim 3, wherein said inputting said target sensitive information into said target text box so as to continue processing said target robot script comprises:

Fragmenting the target sensitive information to obtain M pieces of sensitive information, where M is an integer greater than 1;

inputting the M pieces of sensitive information into the target text box in sequence,

After inputting the i-th sensitive information fragment in the target text box,

If the sensitive information segment input into the target text box is input in ciphertext, then continue to input the i+1th sensitive information segment in the target text box until all the target sensitive information is input into the target text box. In the target text box, so as to continue to execute the target robot script; the i is an integer greater than 0 and less than M-1;

If the sensitive information segment input into the target text box is input in plain text, report the suspected sensitive information leakage warning event to the RPA management center, and end the execution of the target robot script.

The method according to claim 4, characterized in that the method further comprises:

Obtain the input data from the target text box in a preset manner; if no data is acquired or the acquired data is a preset character, it is determined that the sensitive information segment input into the target text box is in cipher text input; if the acquired data or the acquired data is not the preset character, then determine that the sensitive information segment input into the target text box is input in plain text;

Among them, the preset methods include:

Obtaining the input sensitive information fragment from the target text box by calling a control interface, or,

Obtain the input sensitive information segment from the target text box by inputting a copy instruction for the target text box; or,

Taking a screenshot of the target text box to obtain a screenshot of the target text box; performing text recognition on the screenshot of the target text box to obtain the input sensitive information segment from the target text box.

The method according to any one of claims 1-5, wherein the method further comprises:

receiving the second response message sent by the RPA management center in response to the sensitive information acquisition request, ending the execution of the target robot script;

Wherein, the second response message carries a first identifier, and the first identifier is used to indicate that the acquisition of the target sensitive information fails, or the second response message does not carry the target sensitive information.

A method for executing a robot script, characterized in that it comprises:

Receiving the sensitive information acquisition request sent by the robotic process automation RPA executor, the sensitive information acquisition request is used to request acquisition of target sensitive information, the sensitive information acquisition request carries the relevant information of the target robot script, and the relevant information of the target robot script Including target executor identification and/or target control identification; the target executor identification is used to indicate the executor that executes the target robot script, and the target control identification is used to indicate the control that needs to use the target sensitive information;

sending a first response message to the RPA executor according to the target executor identifier and/or target control identifier,

Wherein, the first response message carries the target sensitive information.

The method according to claim 7, wherein the sending a first response message to the RPA executor according to the target executor identification and/or target control identification includes:

According to the target robot ID and/or the target control ID, the access authorization matrix is traversed, wherein the access authorization matrix includes related information of a plurality of robot scripts, and any robot script in the related information of the plurality of robot scripts The relevant information of S includes the first executor identifier and/or the first control identifier; the first executor identifier is used to indicate the executor that executes the robot script S, and the first control identifier is used to indicate the need to use the first - control of sensitive information;

If the access authorization matrix traverses to the second executor identifier and/or the second control identifier, send the first response message to the RPA executor; wherein, the second executor identifier is the access authorization The first executor identifier of the matrix is the same as the target executor identifier, the second control identifier is the same identifier as the target control identifier in the first control identifier of the access authorization matrix, and the target The sensitive information is sensitive information that needs to be used by the control indicated by the second control identifier.

The method according to claim 8, characterized in that the method further comprises:

If the second executor identifier and/or the second control identifier is not traversed in the access authorization matrix, send the second response message to the RPA executor;

Wherein, the second response message carries a first identifier, and the first identifier is used to indicate that the acquisition of target sensitive information fails, or the second response message does not carry the target sensitive information.

The method according to any one of claims 7-9, wherein the method further comprises:

Receive the suspected sensitive information leakage warning event reported by the RPA actuator;

Record the suspected sensitive information leakage warning event;

An alarm message is sent to the administrator to remind the administrator to modify the corresponding sensitive information.

The method according to any one of claims 7-10, wherein the relevant information of the target robot script further includes a target sensitive information identifier, a target robot script identifier and/or a target user identifier;

The method according to claim 11, characterized in that the method further comprises:

Constructing the access authorization matrix, the access authorization matrix includes relevant information of a plurality of robot scripts;

The relevant information of the robot script S also includes a first sensitive information identifier, a first robot script identifier and/or a first user identifier;

Wherein, the first sensitive information identifier is used to indicate the first sensitive information, the first robot script identifier is used to indicate the robot script S, and the first user identifier is used to indicate that the robot script needs to be completed S corresponds to the user of the task.

A robotic process automation RPA executor is characterized in that it comprises:

The acquisition unit is used to acquire the target robot script from the RPA management center;

A transceiver unit, configured to send a sensitive information acquisition request to the RPA management center when executing the target robot script needs to use target sensitive information, and the sensitive information acquisition request is used to request to obtain target sensitive information from the RPA management center. information; the sensitive information acquisition request carries relevant information of the target robot script, and the relevant information of the target robot script includes a target executor identifier and/or a target control identifier; the target executor identifier is used to instruct the execution of the The RPA executor of the target robot script, the target control identification is used to indicate the control that needs to use the target sensitive information; receiving the first response message sent by the RPA management center for responding to the sensitive information acquisition request, wherein , the first response message carries the target sensitive information;

A processing unit, configured to process the target robot script according to the target sensitive information.

The RPA executor according to claim 13, wherein the relevant information of the target robot script also includes target sensitive information identification, target robot script identification and/or target user identification;

The RPA actuator according to claim 14, wherein the processing unit is specifically used for:

The RPA executor according to claim 15, wherein in the aspect of inputting the target sensitive information into the target text box so as to continue processing the target robot script, the processing unit is specifically used to :

After inputting the i-th sensitive information fragment in the target text box,

The RPA actuator according to claim 16, wherein the processing unit is also used for:

Among them, the preset methods include:

The RPA actuator according to any one of claims 13-17, characterized in that,

The transceiving unit is further configured to receive a second response message sent by the RPA management center in response to the sensitive information acquisition request;

The processing unit is further configured to end the execution of the target robot script;

A robotic process automation RPA management center is characterized in that it includes:

The transceiver unit is configured to receive the sensitive information acquisition request sent by the robot process automation RPA executor, the sensitive information acquisition request is used to request the acquisition of target sensitive information, the sensitive information acquisition request carries the relevant information of the target robot script, and the target The relevant information of the robot script includes a target executor identifier and/or a target control identifier; the target executor identifier is used to indicate the executor that executes the target robot script, and the target control identifier is used to indicate that the target sensitive information controls;

An acquisition unit, configured to perform an operation of acquiring the target sensitive information according to the target executor identifier and/or the target control identifier;

The transceiver unit is configured to send a first response message to the RPA executor if the target sensitive information is acquired according to the target executor identifier and/or the target control identifier,

Wherein, the first response message carries the target sensitive information.

The RPA management center according to claim 19, wherein the acquisition unit is specifically used for:

Traverse the access authorization matrix according to the target robot ID and/or target control ID, wherein the access authorization matrix includes related information of a plurality of robot scripts, any robot script S in the related information of the plurality of robot scripts Relevant information includes a first executor identifier and/or a first control identifier; the first executor identifier is used to indicate the executor executing the robot script S, and the first control identifier is used to indicate that the first sensitive information controls;

The transceiver unit is configured to send the first response message to the RPA executor if the acquisition unit traverses the second executor identifier and/or the second control identifier in the access authorization matrix; wherein, the The second executor ID is the same ID as the target executor ID in the first executor ID of the access authorization matrix, and the second control ID is the same as the target executor ID in the first control ID of the access authorization matrix. The same identifier as the target control identifier, and the target sensitive information is sensitive information that needs to be used by the control indicated by the second control identifier.

The RPA management center according to claim 20, wherein the transceiver unit is also used for:

The RPA management center according to any one of claims 19-21, wherein the transceiver unit is also used for:

Receive the suspected sensitive information leakage warning event reported by the RPA executor; send an alarm message to the administrator to remind the administrator to modify the corresponding sensitive information

The RPA management center also includes:

A recording unit, configured to record the suspected sensitive information leakage warning event.

The RPA management center according to any one of claims 19-22, wherein the relevant information of the target robot script also includes a target sensitive information identifier, a target robot script identifier, and/or a target user identifier;

RPA management center according to claim 23, is characterized in that, described RPA management center also comprises:

A construction unit, configured to construct the access authorization matrix, where the access authorization matrix includes relevant information of multiple robot scripts;

The relevant information of the robot script S also includes a first sensitive information identifier, a first robot script identifier, and/or a first user identifier;

An electronic device, comprising a communication interface, a memory, and one or more processors; wherein, one or more programs are stored in the memory; it is characterized in that, the one or more processors execute the one or more or multiple programs, causing the electronic device to implement the method according to any one of claims 1 to 12.

A computer storage medium, characterized by comprising computer instructions, and when the computer instructions are run on an electronic device, the electronic device is made to execute the method according to any one of claims 1 to 12.

A computer program product, characterized in that, when the computer program product is run on a computer, the computer is made to execute the method according to any one of claims 1 to 12.