CN103259663A - User unified authentication method in cloud computing environment - Google Patents
User unified authentication method in cloud computing environment Download PDFInfo
- Publication number
- CN103259663A CN103259663A CN2013101660625A CN201310166062A CN103259663A CN 103259663 A CN103259663 A CN 103259663A CN 2013101660625 A CN2013101660625 A CN 2013101660625A CN 201310166062 A CN201310166062 A CN 201310166062A CN 103259663 A CN103259663 A CN 103259663A
- Authority
- CN
- China
- Prior art keywords
- user
- cloud
- authentication
- unified certification
- service system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention provides a user unified authentication method in a cloud computing environment. The method is mainly used for solving the authentication problem when a user logs in a cloud platform and carries out related operation on the cloud platform in the cloud environment, reliability of the authentication is ensured, corresponding cloud resources can be operated only by authenticated users, and legitimacy of the user requires reliable authentication before the user enters the cloud environment. The provided frame provides the function of unified user management, the function of mutual authentication and the function of being capable of accessing all application services through one time of login, the user requires mutual authentication with a server, after the authentication is passed, the authentication server generates a certificate identifying successful authentication, and then sends the certificate to a client, after receiving a session key of the authentication server, the client accesses a corresponding cloud application program, the cloud application program examines whether the certificate provided by the user is legal or not through interaction with the authentication server, if the certificate is legal, the cloud application program checks whether the user has an access right, and if the user has the access right, the user can access the corresponding service.
Description
Technical field
The present invention provides the solution that the user authenticates under a kind of cloud environment, be mainly used in solving the authentication question that the user logins the cloud platform and operates at the enterprising line correlation of cloud platform under the cloud environment, guarantee the reliability of authentication and have only the user's who authenticated ability to operate corresponding cloud resource, simultaneously user's information is carried out unified management and maintenance, belong to the cloud computing security fields.
Background technology
Cloud computing is the another big the Internet computation schema that computer realm proposes after grid computing, Distributed Calculation, cloud computing can be divided into three kinds of service modes: IaaS (Infrastructure-as-a-service, infrastructure is namely served), the consumer can obtain service from perfect computer based Infrastructure by Internet; In fact PaaS (Platform-as-a-Service, platform is namely served), Paas refer to that platform with research and development of software is as a kind of service; SaaS(Software-as-a-Service, software is namely served), it is the pattern that software is provided by Internet, the user need not to buy software, but rents software based on Web to provider, comes the management enterprise business activities.With respect to the traditional calculations pattern, the cloud computing pattern has following advantage: as required from service, immanent access to netwoks, by using paying and risk transfer etc.
The cloud computing model can provide service as required, and visits configurable computational resource shared pool anywhere or anytime by network, and shared pool comprises network, storage, server, services and applications.Cloud computing is with management cost as few as possible, configuration provides and discharges resource rapidly.Although it has numerous advantages cloud computing, also there are many reasons to cause the third party dare not adopt this new computation schema, safety and secret protection are considered to stop the user to use the main cause of cloud computing.The safety problem that cloud computing brings mainly contains the safety of virtual safety, application safety, identity information and data security etc., and authentication is of paramount importance in these safety.Along with popularizing of cloud computing, a large amount of user's sensitive datas has been stored in high in the clouds, in case user identity by counterfeit, just is easy to cause the leakage of privacy and sensitive data, the loss of bringing for enterprise and user also can't remedy.The development of cloud computing has brought access registrar request and the complicated user authority management of magnanimity, thereby has promoted the continuous development of identity identifying technology, has occurred the identity identifying technology based on multiple security credence in the cloud computing.Traditional can not satisfy user's demand for security based on the identity identifying technology of single voucher, many cloud services provide the commercial city to adopt identity identifying technology based on multiple security credence, but lack summary and comparison to these technology at present.Therefore, carry out the unified authenticating user identification of cloud computing platform and the fail safe Enhancement Technology of mandate, the cloud security service platform that makes up autonomous property right is to capture global IT application to build strategic lofty perch, realizes the necessary behave of great-leap-forward development.Thereby cloud computing can be trusted by the user, promote greatly developing of cloud computing technology, for medium-sized and small enterprises and domestic consumer bring vital interests.
Summary of the invention
Technical problem: the purpose of this invention is to provide a kind of user's uniform authentication method based on cloud computing safety, for SaaS, PaaS, user profile is carried out unified management among the IaaS, unified implementation user's access control policy, the process that authentication adopts server end and client to authenticate mutually, guarantee mutual trust and the reliability of client and server end, it is addressable various cloud resource that the while user once authenticates, reduce the trouble that the user repeatedly inputs user name and password, reduce the potential safety hazard that sensitive information leakage such as user name and password are brought, guarantee fail safe and the availability of cloud platform, had higher Research Significance.
Technical scheme: the present invention is intended to propose the user's uniform authentication method under a kind of cloud computing environment, the process that user authentication process has adopted cloud terminal use and cloud service end to authenticate mutually, be that the user goes server end to carry out checking work in information such as inputing user name, password, if the checking of user name, encrypted message generates a number at random by server end then, and carry out sending to the terminal use after relevant Hash is handled with user name, password, the number of Sheng Chenging also sends to the terminal use by the encryption channel at random. togetherThe terminal use utilizes user name, password to carry out identical Hash and handles operation after receiving the random number that server end is sent, and whether with the cryptographic Hash that calculate identical, as if identical, then finished the user to server-side certificate if relatively accepting the cryptographic Hash of coming.The user utilizes the current time point rise time to stab then, utilize user name, password carries out Hash to be handled, the cryptographic Hash that obtains is sent to server end, timestamp also sends to server end by encrypting channel, server end utilizes the work of comparing of the timestamp of current time and timestamp that the user sends after receiving the information that the user sends, if the difference between them is less than the corresponding maximum time difference of system regulation then to receive information effective, utilize timestamp simultaneously, user name, password carries out Hash and handles the work of comparing of cryptographic Hash that the cryptographic Hash obtain sends with the user, if both equate then have finished the certification work of server end to user side, finished the work of two-way authentication, the credential information that server generates authentication success sends to the terminal use, the terminal use begins to visit corresponding cloud platform application service, application service begins to go to the terminal authentication system validity of the voucher of verified users submission then, if credential information effectively then go to check whether the user has corresponding access rights, if corresponding authority is arranged, the user is the addressable service that he asks then.Owing to adopt unified authentication model, remove the management of a plurality of numbers of the account of same user name in the original system, set up unified user identity management, make things convenient for the keeper that the user is carried out centralization and must manage the modification that authorizes with access rights control, application in can only access authority range after making the user login, unified certification has reduced the user and has frequently inputed the security risk that user name and password bring, make things convenient for the user to the memory of number of the account simultaneously, making the user have unique voucher can realize the cloud platform, the visit of virtual machine and cloud application system are visited, and have improved fail safe and the validity of system.
User's uniform authentication method under a kind of cloud computing environment is:
A specifically refers to a cloud service end subscriber, S represents the certificate server end, and ID represents user name, and PW represents user cipher, x represents that unified certification service system S arbitrarily generates a number arbitrarily, T is the timestamp of client, and T' is the timestamp of certificate server end, and h (.) represents hash function, || the expression attended operation, X-〉Y:M represents that information M sends to Y by non-encrypted channel by X, X=〉Y:M represents that information M sends to Y by encrypting channel by X
The expression xor operation;
The cloud client user has user name ID, password PW, and preserves corresponding user name, cipher list in the unified certification service system, and the user has identical hash function with the certificate server end, is designated as h (.);
1). in the architecture of unified certification, user A use is searched client and is logined the cloud platform by cloud web door;
2). user's request is redirected to unified certification service system S, comes the logging request of process user by it;
3). unified certification service system S returns to user's dialog boxes for login, the user inputs user name ID, password PW check information, unified certification service system then is from User Information Database center real user information correctness, if the information of user's input correctly just continues next step, otherwise authentification failure returns login failed for user message;
4) if. the user inputs the success of user name ID, password PW information checking, and then unified certification service system S arbitrarily generates a number x arbitrarily, and calculates cryptographic Hash
, S=then〉and A:x, S-〉A:I, i.e. unified certification service system S sends to the terminal use by encrypting channel with x, by non-encrypted channel I is sent to the terminal use;
5). user A will calculate by local hash function behind the I at the x that receives that service end is sent
, and judge whether I' equates with I, if the two is unequal then to the server-side certificate failure, otherwise next step;
6). if the server-side certificate success of user A, then user A calculates J'=h (ID||h (PW||T)), A=then according to time stamp T〉S:T, A-〉S:J', be that user A sends to the certificate server end by encrypting channel with time stamp T, by non-encrypted channel J' sent to the terminal use;
7). unified certification service system S judges at first whether T'-T≤△ T sets up, and wherein T' is the timestamp of certificate server end after receiving the time stamp T and J' that the terminal use sends, △ T is that the effective maximum delay of the authen session of a network system is poor; If set up and enter next step, otherwise authentification failure;
8) if. T'-T≤△ T sets up, and then calculates J=h (ID||h (PW||T)), and relatively whether J equates with J', if equate, then finishes server end to client certificate;
9). the S of unified certification service system then generates the voucher S of authentication success
k, wherein
, return to user user A;
10). user A obtains credential information S
kAfter just remove computational resource on other cloud platforms such as accesses virtual machine, the application and service on the cloud platform will remove to examine in the unified certification service system voucher after the request that obtains user's visit validity;
11). the cloud platform checks whether the user has the authority of visit respective application and service, if having, just permits the user corresponding cloud platform application and service are just conducted interviews.
Beneficial effect:
1. allow the cloud computing user only to input a user name password with regard to all addressable resources in the addressable cloud, save and repeatedly inputed the worry that user name and password bring.
2. owing to the scheme that adopts user and server to authenticate mutually, guarantee the reliability of verification process, reduced the possibility of phishing attack simultaneously;
3. owing to only need user name of input and password, reduced because of the password that causes of repeatedly inputing user name and password and revealed, improved fail safe.
4. because the user is unified management and formulation access authorization strategy, it is more convenient to make when the keeper safeguards user profile, has reduced maintenance cost, has improved efficient.
Description of drawings
Frame diagram is always carried by Fig. 1 unified identity authentication system,
Fig. 2 unified identity authentication flow process,
Fig. 3 unified certification process sequential chart.
Embodiment
Cloud computing is compared traditional mode many advantages is provided, for example, information sharing in virtual environment, dynamic extensibility, software, platform, storage virtual etc.Yet cloud computing has also produced many problems bringing outside the many benefits of people, as: performance issue, fault-tolerance, interoperability, migration and the conversion etc. of data from Legacy System, wherein subject matter is exactly fail safe, virtual safety for example, application security, Identity Management, access control and authentication, and the management of authentication and access control is the core requirement of cloud computing, therefore, safety problem as above impels us that cloud environment is proposed a kind of reliable and strong authentication frame diagram, guarantees to have only the user through authentication just can enter in the cloud environment.We propose a kind of architecture of the user's unified certification based on cloud computing safety for this reason, in architecture as shown in Figure 1, unified certification manage module authentication user identity when the user visits the cloud resource by Yunmen family, identity information unified certification system searching user profile correctness according to user's input, if the information of user's input is correct, then need to show by the double probate process both sides' legitimacy again, be that subscriber authentication server and server are to user's authentication, if authentication by server is returned to user's authentication ticket information, user's resource such as access application and service and virtual machine intra vires then.The benefit of this architecture has been single-sign-on integrated, the user does not need repeatedly to input the user name password again and visits different application and service, user experience is better, simultaneously, architecture effectively prevents undelegated visit by centralized management user's authentication and delegated strategy, and therefore the fail safe of whole cloud platform is improved.
Based on the user's uniform authentication method under a kind of cloud computing environment of cloud computing safety, solved user's the repeatedly complexity of authentication, maintenance and management user profile under the cloud environment, the process that adopts user and server to authenticate mutually simultaneously, guarantee the reliability of verification process, the more effective and safety of process that makes authentication, below be the verification process of cloud platform architecture, the identifying procedure figure that it is corresponding and verification process sequential chart are shown in Fig. 2 and 3, and the authentication detailed process is as follows:
(1) process of user log-in authentication
Concrete steps are as follows:
1. at first symbol and the publicity of using in the present architecture made an explanation:
A specifically refers to a cloud service end subscriber, S represents the certificate server end, ID represents user name, PW represents user cipher, big prime number of p, and h (.) represents hash function, || the expression attended operation, X-〉Y:M represents that information M sends to Y by non-encrypted channel by X, X=〉Y:M represents that information M sends to Y by encrypting channel by X
The expression xor operation;
2. the cloud client user has user name (ID), password (PW), and preserves corresponding user name, cipher list in objective unified certification service system, and the user has identical hash function with the certificate server end, is designated as h (.);
3. in this architecture, user A logins the cloud platform by using thin-client by cloud web door;
4. user's request is redirected to unified certification service system S, comes the logging request of process user by it;
5. unified certification service system S returns to user's dialog boxes for login, the user inputs user name (ID), password check informations such as (PW), unified certification service system then is from User Information Database center real user information correctness, if the information of user's input correctly just continues next step, otherwise authentification failure returns login failed for user message;
6. if the user inputs user name (ID), the success of password information checkings such as (PW), then unified certification service system S arbitrarily generates a number x arbitrarily, and calculates cryptographic Hash
, S=then〉and A:x, S-〉A:I, i.e. unified certification service system S sends to the terminal use by encrypting channel with x, by non-encrypted channel I is sent to the terminal use;
7. user A will calculate by local hash function behind the I at the x that receives that service end is sent
, and judge whether I' equates with I, if the two is unequal then to the server-side certificate failure, otherwise next step;
8. if the server-side certificate success of user A, then user A calculates J'=h (ID||h (PW||T)), A=then according to time stamp T〉S:T, A-〉S:J', be that user A sends to the certificate server end by encrypting channel with time stamp T, by non-encrypted channel J' sent to the terminal use;
9. unified certification service system S judges at first whether T'-T≤△ T sets up, and wherein T' is the timestamp of certificate server end after receiving the time stamp T and J' that the terminal use sends, △ T is that the effective maximum delay of the authen session of a network system is poor; If set up and enter next step, otherwise authentification failure;
10. if T'-T≤△ T sets up, then calculate J=h (ID||h (PW||T)), and relatively whether J is equal with J', if equate, then finishes server end to client certificate;
11. the S of unified certification service system then generates the voucher S of authentication success
k, wherein
, return to user user A
12. user A obtains credential information S
kAfter just remove computational resource on other cloud platforms such as accesses virtual machine, the application and service on the cloud platform will remove to examine in the unified certification service system voucher after the request that obtains user's visit validity;
13. if the unified certification service system finds that user A voucher is effective, go then to check whether user A has the authority of the corresponding cloud platform application of visit and service, if having, just permit the user corresponding cloud platform application and service are just conducted interviews.
Claims (1)
1. the user's uniform authentication method under the cloud computing environment is characterized in that concrete verification process is:
A specifically refers to a cloud service end subscriber, S represents the certificate server end, and ID represents user name, and PW represents user cipher, x represents that unified certification service system S arbitrarily generates a number arbitrarily, T is the timestamp of client, and T' is the timestamp of certificate server end, and h (.) represents hash function, || the expression attended operation, X-〉Y:M represents that information M sends to Y by non-encrypted channel by X, X=〉Y:M represents that information M sends to Y by encrypting channel by X
The expression xor operation;
The cloud client user has user name ID, password PW, and preserves corresponding user name, cipher list in the unified certification service system, and the user has identical hash function with the certificate server end, is designated as h (.);
1). in the architecture of unified certification, user A use is searched client and is logined the cloud platform by cloud web door;
2). user's request is redirected to unified certification service system S, comes the logging request of process user by it;
3). unified certification service system S returns to user's dialog boxes for login, the user inputs user name ID, password PW check information, unified certification service system then is from User Information Database center real user information correctness, if the information of user's input correctly just continues next step, otherwise authentification failure returns login failed for user message;
4) if. the user inputs the success of user name ID, password PW information checking, and then unified certification service system S arbitrarily generates a number x arbitrarily, and calculates cryptographic Hash
, S=then〉and A:x, S-〉A:I, i.e. unified certification service system S sends to the terminal use by encrypting channel with x, by non-encrypted channel I is sent to the terminal use;
5). user A will calculate by local hash function behind the I at the x that receives that service end is sent
, and judge whether I' equates with I, if the two is unequal then to the server-side certificate failure, otherwise next step;
6). if the server-side certificate success of user A, then user A calculates J'=h (ID||h (PW||T)), A=then according to time stamp T〉S:T, A-〉S:J', be that user A sends to the certificate server end by encrypting channel with time stamp T, by non-encrypted channel J' sent to the terminal use;
7). unified certification service system S judges at first whether T'-T≤△ T sets up, and wherein T' is the timestamp of certificate server end after receiving the time stamp T and J' that the terminal use sends, △ T is that the effective maximum delay of the authen session of a network system is poor; If set up and enter next step, otherwise authentification failure;
8) if. T'-T≤△ T sets up, and then calculates J=h (ID||h (PW||T)), and relatively whether J equates with J', if equate, then finishes server end to client certificate;
9). the S of unified certification service system then generates the voucher S of authentication success
k, wherein
, return to user user A;
10). user A obtains credential information S
kAfter just remove computational resource on other cloud platforms such as accesses virtual machine, the application and service on the cloud platform will remove to examine in the unified certification service system voucher after the request that obtains user's visit validity;
11). the cloud platform checks whether the user has the authority of visit respective application and service, if having, just permits the user corresponding cloud platform application and service are just conducted interviews.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2013101660625A CN103259663A (en) | 2013-05-07 | 2013-05-07 | User unified authentication method in cloud computing environment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2013101660625A CN103259663A (en) | 2013-05-07 | 2013-05-07 | User unified authentication method in cloud computing environment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103259663A true CN103259663A (en) | 2013-08-21 |
Family
ID=48963380
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2013101660625A Pending CN103259663A (en) | 2013-05-07 | 2013-05-07 | User unified authentication method in cloud computing environment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103259663A (en) |
Cited By (44)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103532966A (en) * | 2013-10-23 | 2014-01-22 | 成都卫士通信息产业股份有限公司 | Device and method supporting USB-KEY-based SSO (single sign on) of virtual desktop |
| CN103731475A (en) * | 2013-12-06 | 2014-04-16 | 中国科学院深圳先进技术研究院 | Data protection system |
| CN103747076A (en) * | 2013-12-31 | 2014-04-23 | 曙光云计算技术有限公司 | Cloud platform access method and device |
| CN103944882A (en) * | 2014-03-19 | 2014-07-23 | 华存数据信息技术有限公司 | Cloud desktop authorization management method under cloud computing environment |
| CN104320389A (en) * | 2014-10-11 | 2015-01-28 | 南京邮电大学 | Fusion identify protection system and fusion identify protection method based on cloud computing |
| CN104333580A (en) * | 2014-10-23 | 2015-02-04 | 张勇平 | Account management system and method based on cloud service |
| CN104469977A (en) * | 2014-09-10 | 2015-03-25 | 北京佰才邦技术有限公司 | Mobile communication method, device and system |
| CN104539654A (en) * | 2014-12-05 | 2015-04-22 | 江苏大学 | Personal data filling system solving method based on privacy protection |
| CN104579691A (en) * | 2015-01-28 | 2015-04-29 | 中科创达软件股份有限公司 | BYOD mode control method, mobile device and system |
| CN104639325A (en) * | 2014-12-31 | 2015-05-20 | 广州蓝海彤翔网络科技有限公司 | Cloud game system and cloud game method based on unified certification |
| CN104717261A (en) * | 2013-12-17 | 2015-06-17 | 华为技术有限公司 | Login method and desktop management device |
| WO2015103972A1 (en) * | 2014-01-10 | 2015-07-16 | Tencent Technology (Shenzhen) Company Limited | Method and system for facilitating collaboration across multiple platforms |
| CN104954463A (en) * | 2015-06-12 | 2015-09-30 | 华为技术有限公司 | Method, equipment and system for user information management of application |
| CN105072138A (en) * | 2015-01-16 | 2015-11-18 | 北京科技大学 | Cloud system safe access method, device and system |
| CN105357197A (en) * | 2015-11-03 | 2016-02-24 | 浪潮集团有限公司 | Identity authentication and authority management system and method for cloud computing platform |
| CN105656942A (en) * | 2016-03-15 | 2016-06-08 | 山东超越数控电子有限公司 | Method for user identity authentication in authentication service cloud |
| CN105743854A (en) * | 2014-12-11 | 2016-07-06 | 深圳富泰宏精密工业有限公司 | Security authentication system and method |
| CN103812865B (en) * | 2014-01-28 | 2017-02-01 | 北京仿真中心 | Method of realizing transparent user login under cloud resource platform |
| CN106452772A (en) * | 2016-11-16 | 2017-02-22 | 华为技术有限公司 | Terminal authentication method and device |
| WO2017054444A1 (en) * | 2015-09-30 | 2017-04-06 | 深圳市先河系统技术有限公司 | System login method, server, system, and network attached storage device |
| CN107204995A (en) * | 2017-07-28 | 2017-09-26 | 郑州云海信息技术有限公司 | A kind of system, certificate server and the method for control access rights |
| CN107301022A (en) * | 2017-06-27 | 2017-10-27 | 北京溢思得瑞智能科技研究院有限公司 | A kind of storage access method and system based on container technique |
| CN107454086A (en) * | 2017-08-11 | 2017-12-08 | 杭州邦睿科技有限公司 | A kind of automatic processing method for verifying gateway |
| CN107528844A (en) * | 2017-08-31 | 2017-12-29 | 北京无字天书科技有限公司 | A kind of method that full dynamic password is generated for multiservice system |
| CN107911383A (en) * | 2017-12-04 | 2018-04-13 | 鼎点视讯科技有限公司 | A kind of cryptographic check method and apparatus |
| CN108028758A (en) * | 2015-08-31 | 2018-05-11 | 三星电子株式会社 | The method and apparatus of download profile in a communications system |
| CN108471426A (en) * | 2018-06-25 | 2018-08-31 | 联想(北京)有限公司 | Authentication method, login method, server and client side |
| CN108491500A (en) * | 2018-03-20 | 2018-09-04 | 新华三云计算技术有限公司 | Database cut-in method and device |
| CN109063457A (en) * | 2018-06-22 | 2018-12-21 | 杭州才云科技有限公司 | The cross-platform login unified certification interconnection method of one kind, storage medium, electronic equipment |
| CN109862030A (en) * | 2019-03-05 | 2019-06-07 | 浙江邦盛科技有限公司 | A method of verification transmission Information Security |
| CN110417804A (en) * | 2019-08-07 | 2019-11-05 | 济南新吉纳远程测控股份有限公司 | A kind of bidirectional identity authentication encryption communication method and system suitable for chip microcontroller |
| CN110602139A (en) * | 2019-09-27 | 2019-12-20 | 成都九曲互动科技有限公司 | Recharge login access method and system based on Tencent cloud |
| CN110881039A (en) * | 2019-11-27 | 2020-03-13 | 杭州安恒信息技术股份有限公司 | Cloud security management system |
| CN111107044A (en) * | 2018-10-26 | 2020-05-05 | 珠海格力电器股份有限公司 | Data security management method and information management platform |
| CN111193776A (en) * | 2019-12-11 | 2020-05-22 | 福建升腾资讯有限公司 | Method, device, equipment and medium for automatically logging in client under cloud desktop environment |
| CN111585967A (en) * | 2020-04-08 | 2020-08-25 | 上海蓝云网络科技有限公司 | Cloud service authentication connection method, system, computer and storage medium |
| CN111614673A (en) * | 2017-05-26 | 2020-09-01 | 朱海燕 | Operation method of authority authentication system based on CAS |
| CN111783071A (en) * | 2020-07-07 | 2020-10-16 | 支付宝(杭州)信息技术有限公司 | Password-based and privacy data-based verification method, device, equipment and system |
| CN111800417A (en) * | 2020-07-06 | 2020-10-20 | 中电万维信息技术有限责任公司 | ESB-based unified identity authentication method |
| CN112035809A (en) * | 2020-08-13 | 2020-12-04 | 刘乾春 | Unified access authorization platform based on education cloud |
| CN112749382A (en) * | 2021-01-19 | 2021-05-04 | 赖庭坤 | Single sign-on management system based on cloud service |
| CN113660192A (en) * | 2021-06-23 | 2021-11-16 | 云南昆钢电子信息科技有限公司 | Web system identity authentication system and method |
| CN114372254A (en) * | 2021-08-16 | 2022-04-19 | 中电长城网际系统应用有限公司 | Authentication method, data access control method, server, equipment and system |
| CN114915463A (en) * | 2022-04-29 | 2022-08-16 | 杭州赛赋科技有限公司 | Computer system account management device and method based on cloud computing |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102622619A (en) * | 2012-01-10 | 2012-08-01 | 上海交通大学 | Safety wireless identification system and authentication method thereof |
| CN102869010A (en) * | 2011-07-04 | 2013-01-09 | 中兴通讯股份有限公司 | Method and system for single sign-on |
| CN103051631A (en) * | 2012-12-21 | 2013-04-17 | 国云科技股份有限公司 | Unified security authentication method for PaaS (Platform as a Service) platform and SaaS (Software as a Service) application system |
| WO2013091196A1 (en) * | 2011-12-21 | 2013-06-27 | 华为技术有限公司 | Method, device, and system for setting user's right to access virtual machine |
-
2013
- 2013-05-07 CN CN2013101660625A patent/CN103259663A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102869010A (en) * | 2011-07-04 | 2013-01-09 | 中兴通讯股份有限公司 | Method and system for single sign-on |
| WO2013091196A1 (en) * | 2011-12-21 | 2013-06-27 | 华为技术有限公司 | Method, device, and system for setting user's right to access virtual machine |
| CN102622619A (en) * | 2012-01-10 | 2012-08-01 | 上海交通大学 | Safety wireless identification system and authentication method thereof |
| CN103051631A (en) * | 2012-12-21 | 2013-04-17 | 国云科技股份有限公司 | Unified security authentication method for PaaS (Platform as a Service) platform and SaaS (Software as a Service) application system |
Cited By (65)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103532966A (en) * | 2013-10-23 | 2014-01-22 | 成都卫士通信息产业股份有限公司 | Device and method supporting USB-KEY-based SSO (single sign on) of virtual desktop |
| CN103731475B (en) * | 2013-12-06 | 2018-03-30 | 中国科学院深圳先进技术研究院 | A kind of data protection system |
| CN103731475A (en) * | 2013-12-06 | 2014-04-16 | 中国科学院深圳先进技术研究院 | Data protection system |
| CN104717261A (en) * | 2013-12-17 | 2015-06-17 | 华为技术有限公司 | Login method and desktop management device |
| CN104717261B (en) * | 2013-12-17 | 2018-05-29 | 华为技术有限公司 | A kind of login method and desktop management equipment |
| WO2015090116A1 (en) * | 2013-12-17 | 2015-06-25 | 华为技术有限公司 | Login method and desktop management device |
| CN103747076B (en) * | 2013-12-31 | 2017-07-07 | 曙光云计算技术有限公司 | Cloud platform access method and device |
| CN103747076A (en) * | 2013-12-31 | 2014-04-23 | 曙光云计算技术有限公司 | Cloud platform access method and device |
| WO2015103972A1 (en) * | 2014-01-10 | 2015-07-16 | Tencent Technology (Shenzhen) Company Limited | Method and system for facilitating collaboration across multiple platforms |
| US9565179B2 (en) | 2014-01-10 | 2017-02-07 | Tencent Technology (Shenzhen) Company Limited | Method and system for facilitating collaboration across multiple platforms |
| CN103812865B (en) * | 2014-01-28 | 2017-02-01 | 北京仿真中心 | Method of realizing transparent user login under cloud resource platform |
| CN103944882A (en) * | 2014-03-19 | 2014-07-23 | 华存数据信息技术有限公司 | Cloud desktop authorization management method under cloud computing environment |
| CN104469977A (en) * | 2014-09-10 | 2015-03-25 | 北京佰才邦技术有限公司 | Mobile communication method, device and system |
| CN104469977B (en) * | 2014-09-10 | 2019-01-25 | 北京佰才邦技术有限公司 | Method of mobile communication, device and system |
| CN104320389A (en) * | 2014-10-11 | 2015-01-28 | 南京邮电大学 | Fusion identify protection system and fusion identify protection method based on cloud computing |
| CN104320389B (en) * | 2014-10-11 | 2018-04-27 | 南京邮电大学 | A kind of fusion identity protection system and method based on cloud computing |
| CN104333580B (en) * | 2014-10-23 | 2018-05-01 | 安徽家家猫科技有限责任公司 | A kind of account management system and its method based on cloud service |
| CN104333580A (en) * | 2014-10-23 | 2015-02-04 | 张勇平 | Account management system and method based on cloud service |
| CN104539654A (en) * | 2014-12-05 | 2015-04-22 | 江苏大学 | Personal data filling system solving method based on privacy protection |
| CN105743854A (en) * | 2014-12-11 | 2016-07-06 | 深圳富泰宏精密工业有限公司 | Security authentication system and method |
| CN104639325A (en) * | 2014-12-31 | 2015-05-20 | 广州蓝海彤翔网络科技有限公司 | Cloud game system and cloud game method based on unified certification |
| CN105072138A (en) * | 2015-01-16 | 2015-11-18 | 北京科技大学 | Cloud system safe access method, device and system |
| CN105072138B (en) * | 2015-01-16 | 2018-07-10 | 北京科技大学 | A kind of cloud system safety access method |
| CN104579691A (en) * | 2015-01-28 | 2015-04-29 | 中科创达软件股份有限公司 | BYOD mode control method, mobile device and system |
| US10986166B2 (en) | 2015-06-12 | 2021-04-20 | Huawei Technologies Co., Ltd. | Method for managing user information of application, device, and system |
| US11388224B2 (en) | 2015-06-12 | 2022-07-12 | Huawei Technologies Co., Ltd. | Method for managing user information of application, device, and system |
| CN104954463B (en) * | 2015-06-12 | 2018-05-18 | 华为技术有限公司 | A kind of method, equipment and the system of the subscriber information management of application |
| CN104954463A (en) * | 2015-06-12 | 2015-09-30 | 华为技术有限公司 | Method, equipment and system for user information management of application |
| US11039311B2 (en) | 2015-08-31 | 2021-06-15 | Samsung Electronics Co., Ltd. | Profile download method and apparatus for use in wireless communication system |
| CN108028758A (en) * | 2015-08-31 | 2018-05-11 | 三星电子株式会社 | The method and apparatus of download profile in a communications system |
| WO2017054444A1 (en) * | 2015-09-30 | 2017-04-06 | 深圳市先河系统技术有限公司 | System login method, server, system, and network attached storage device |
| CN105357197A (en) * | 2015-11-03 | 2016-02-24 | 浪潮集团有限公司 | Identity authentication and authority management system and method for cloud computing platform |
| CN105656942A (en) * | 2016-03-15 | 2016-06-08 | 山东超越数控电子有限公司 | Method for user identity authentication in authentication service cloud |
| CN106452772B (en) * | 2016-11-16 | 2019-10-25 | 华为技术有限公司 | Terminal authentication method and device |
| CN106452772A (en) * | 2016-11-16 | 2017-02-22 | 华为技术有限公司 | Terminal authentication method and device |
| CN111614673A (en) * | 2017-05-26 | 2020-09-01 | 朱海燕 | Operation method of authority authentication system based on CAS |
| CN107301022A (en) * | 2017-06-27 | 2017-10-27 | 北京溢思得瑞智能科技研究院有限公司 | A kind of storage access method and system based on container technique |
| CN107204995A (en) * | 2017-07-28 | 2017-09-26 | 郑州云海信息技术有限公司 | A kind of system, certificate server and the method for control access rights |
| CN107454086B (en) * | 2017-08-11 | 2019-11-08 | 杭州邦睿科技有限公司 | A kind of automatic processing method for verifying gateway |
| CN107454086A (en) * | 2017-08-11 | 2017-12-08 | 杭州邦睿科技有限公司 | A kind of automatic processing method for verifying gateway |
| CN107528844A (en) * | 2017-08-31 | 2017-12-29 | 北京无字天书科技有限公司 | A kind of method that full dynamic password is generated for multiservice system |
| CN107911383A (en) * | 2017-12-04 | 2018-04-13 | 鼎点视讯科技有限公司 | A kind of cryptographic check method and apparatus |
| CN108491500A (en) * | 2018-03-20 | 2018-09-04 | 新华三云计算技术有限公司 | Database cut-in method and device |
| CN109063457B (en) * | 2018-06-22 | 2021-05-28 | 杭州才云科技有限公司 | Cross-platform login unified authentication docking method, storage medium and electronic equipment |
| CN109063457A (en) * | 2018-06-22 | 2018-12-21 | 杭州才云科技有限公司 | The cross-platform login unified certification interconnection method of one kind, storage medium, electronic equipment |
| CN108471426A (en) * | 2018-06-25 | 2018-08-31 | 联想(北京)有限公司 | Authentication method, login method, server and client side |
| CN111107044A (en) * | 2018-10-26 | 2020-05-05 | 珠海格力电器股份有限公司 | Data security management method and information management platform |
| CN109862030A (en) * | 2019-03-05 | 2019-06-07 | 浙江邦盛科技有限公司 | A method of verification transmission Information Security |
| CN110417804B (en) * | 2019-08-07 | 2021-11-26 | 济南新吉纳远程测控股份有限公司 | Bidirectional identity authentication encryption communication method and system suitable for single-chip microcomputer implementation |
| CN110417804A (en) * | 2019-08-07 | 2019-11-05 | 济南新吉纳远程测控股份有限公司 | A kind of bidirectional identity authentication encryption communication method and system suitable for chip microcontroller |
| CN110602139A (en) * | 2019-09-27 | 2019-12-20 | 成都九曲互动科技有限公司 | Recharge login access method and system based on Tencent cloud |
| CN110881039B (en) * | 2019-11-27 | 2022-06-21 | 杭州安恒信息技术股份有限公司 | Cloud security management system |
| CN110881039A (en) * | 2019-11-27 | 2020-03-13 | 杭州安恒信息技术股份有限公司 | Cloud security management system |
| CN111193776A (en) * | 2019-12-11 | 2020-05-22 | 福建升腾资讯有限公司 | Method, device, equipment and medium for automatically logging in client under cloud desktop environment |
| CN111193776B (en) * | 2019-12-11 | 2022-02-25 | 福建升腾资讯有限公司 | Method, device, equipment and medium for automatically logging in client under cloud desktop environment |
| CN111585967A (en) * | 2020-04-08 | 2020-08-25 | 上海蓝云网络科技有限公司 | Cloud service authentication connection method, system, computer and storage medium |
| CN111800417A (en) * | 2020-07-06 | 2020-10-20 | 中电万维信息技术有限责任公司 | ESB-based unified identity authentication method |
| CN111783071B (en) * | 2020-07-07 | 2024-04-19 | 支付宝(杭州)信息技术有限公司 | Verification method, device, equipment and system based on password and privacy data |
| CN111783071A (en) * | 2020-07-07 | 2020-10-16 | 支付宝(杭州)信息技术有限公司 | Password-based and privacy data-based verification method, device, equipment and system |
| CN112035809A (en) * | 2020-08-13 | 2020-12-04 | 刘乾春 | Unified access authorization platform based on education cloud |
| CN112035809B (en) * | 2020-08-13 | 2024-01-12 | 陕西碧宝教育科技有限公司 | Unified access authorization platform based on education cloud |
| CN112749382A (en) * | 2021-01-19 | 2021-05-04 | 赖庭坤 | Single sign-on management system based on cloud service |
| CN113660192A (en) * | 2021-06-23 | 2021-11-16 | 云南昆钢电子信息科技有限公司 | Web system identity authentication system and method |
| CN114372254A (en) * | 2021-08-16 | 2022-04-19 | 中电长城网际系统应用有限公司 | Authentication method, data access control method, server, equipment and system |
| CN114915463A (en) * | 2022-04-29 | 2022-08-16 | 杭州赛赋科技有限公司 | Computer system account management device and method based on cloud computing |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103259663A (en) | User unified authentication method in cloud computing environment | |
| Lim et al. | Blockchain technology the identity management and authentication service disruptor: a survey | |
| CN103475666B (en) | A kind of digital signature authentication method of Internet of Things resource | |
| US20180270065A1 (en) | Methods and systems for universal storage and access to user-owned credentials for trans-institutional digital authentication | |
| US20230370265A1 (en) | Method, Apparatus and Device for Constructing Token for Cloud Platform Resource Access Control | |
| CN110572258B (en) | Cloud password computing platform and computing service method | |
| CN103051631A (en) | Unified security authentication method for PaaS (Platform as a Service) platform and SaaS (Software as a Service) application system | |
| US20110283106A1 (en) | Method for realizing authentication center and authentication system | |
| US11757640B2 (en) | Non-fungible token authentication | |
| US20120072972A1 (en) | Secondary credentials for batch system | |
| CN109587100A (en) | A kind of cloud computing platform user authentication process method and system | |
| Tian et al. | Research on distributed blockchain‐based privacy‐preserving and data security framework in IoT | |
| Hong et al. | Service outsourcing in F2C architecture with attribute-based anonymous access control and bounded service number | |
| Rana et al. | Secure and ubiquitous authenticated content distribution framework for IoT enabled DRM system | |
| CN113872992B (en) | Method for realizing remote Web access strong security authentication in BMC system | |
| Kumar et al. | Multi-authentication for cloud security: A framework | |
| Tiwari et al. | Design and Implementation of Enhanced Security Algorithm for Hybrid Cloud using Kerberos | |
| Otta et al. | Cloud identity and access management solution with blockchain | |
| Chen et al. | Cloud service platform of electronic identity in cyberspace | |
| Hammami et al. | Security issues in cloud computing and associated alleviation approaches | |
| Arya et al. | An authentication approach for data sharing in cloud environment for dynamic group | |
| Rech et al. | A decentralized service-platform towards cross-domain entitlement handling | |
| Dong et al. | Tiger tally: cross-domain scheme for different authentication mechanism | |
| Chang et al. | A dependable storage service system in cloud environment | |
| US20240143730A1 (en) | Multi-factor authentication using blockchain |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20130821 |