CN105208012A - Cloud computing-based cloud authentication method and system - Google Patents
Cloud computing-based cloud authentication method and system Download PDFInfo
- Publication number
- CN105208012A CN105208012A CN201510547290.6A CN201510547290A CN105208012A CN 105208012 A CN105208012 A CN 105208012A CN 201510547290 A CN201510547290 A CN 201510547290A CN 105208012 A CN105208012 A CN 105208012A
- Authority
- CN
- China
- Prior art keywords
- cloud
- cloud computing
- terminal
- virtual machine
- computing terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0853—Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to a cloud computing-based cloud authentication method. The method includes the following steps that: A, a cloud computing terminal generates a unique equipment serial number; B, the identity of a user is read, and an identity authentication server connected with the cloud computing terminal verifies the identity of the user, if the user does not exist, the cloud computing terminal restores initial settings, the method returns the step A; and the cloud computing terminal is connected with and starts a cloud virtual machine cluster server through a client end connection protocol; D, whether the cloud virtual machine cluster server is started normally is judged, if the cloud virtual machine cluster server is started normally, step F is executed, if the cloud virtual machine cluster server is started abnormally, step E is operated. With the cloud computing-based cloud authentication method of the invention adopted, the problem of user information weak caused by weak protective measures of the cloud computing terminal can be effectively solved, and potential safety hazards in various aspects, such as identity confidentiality loss, data interception and information loss can be effectively avoided; a complete cloud identity and cloud data trusted protection chain can be formed; and the problem of unsafety of information and the problem of incapability of realizing confidentiality of the information under a cloud computing environment can be effectively avoided.
Description
Technical field
The present invention relates to a kind of cloud terminal authentication based on cloud computing and system.
Background technology
Along with the arrival of cloud terminal, also there is a lot of problem thereupon, the safety that topmost or user is often concerned about and protection problem, comprising the protection of privacy of user, the protection of user data, the protection etc. of cloud computing terminal facility, these problems all need stronger technological means to go to solve, the link that terminal is the weakest in whole enterprise often, many hackers and invader are normal with the springboard of terminal as attack high in the clouds, the high ongoing Security of a new generation threatens (APT), all start with from terminal, to steal user knowledge property right and sensitive information, even attack important people's livelihood infrastructure.Therefore, terminal security is the ring that cloud computing environment security protection can not be ignored.
The popularization of cloud computing and use, its biggest obstacle is not function, but the safety problem that user worries, cloud computing is once be broken, and destructive power can be larger.Therefore, talk cloud computing must pay attention to cloud terminal because data and service on " cloud ", but final user to access these services will by terminal, therefore terminal security is extremely important.But along with the terminal being connected to high in the clouds is on the increase, expose many-sided potential safety hazards such as identity is given away secrets, data theft, information dropout gradually, the safety guarantee of cloud terminal is in urgent need of strengthening.Need the authentication method that a kind of new cloud computing terminal is provided, avoid the generation of the problems referred to above.
Summary of the invention
In view of the above problems, the invention provides a kind of cloud terminal authentication based on cloud computing and system, the method is run simple, and fail safe is high, and maintenance cost is low, and when carrying out the method certification, reliability is high.
The invention provides a kind of cloud terminal authentication based on cloud computing, comprising:
A, cloud computing terminal generate Unique Device sequence number;
B, reading user identity, the authentication server be connected with cloud computing terminal, verifies user identity, if user does not exist, cloud computing terminal recovers initial setting up, returns steps A;
C, by client's side link agreement, connect and start cloud virtual machine server cluster;
D, judge whether normal startup, if normal startup optimization step 6, if improper startup optimization step 5.
In some embodiments, in steps A, store IC unit by digital certificate computing and generate equipment serial number.
In some embodiments, in step B, read user identity by fingerprint identification unit.
In some embodiments, step D comprises following two kinds of situations:
D1, cloud computing terminal recover initial setting up, return steps A;
D2, cloud computing terminal access cloud virtual machine server cluster.
In some embodiments, in step D2, cloud computing terminal, by network signal processing unit, USB interface and optical fiber electric transducer, accesses cloud virtual machine server cluster.
The present invention also provides a kind of high in the clouds Verification System based on cloud computing, comprise terminal, authentication server and cloud virtual machine server, wherein, cloud computing terminal is connected with authentication server and cloud virtual machine server cluster respectively by publicly-owned cloud or privately owned cloud.
In some embodiments, between cloud computing terminal and authentication server and cloud virtual machine server cluster to transmitting data acquisition encryption.
In some embodiments, cloud computing terminal comprises: shell, arranges mainboard in the enclosure, mainboard is integrated with finger print identifying unit, digital certificate computing stores IC unit, network signal processing unit, USB interface, optical fiber electric transducer.
The present invention effectively solves the feature of situation that cloud computing terminal safeguard procedures weakness causes user profile to reveal, and can effectively avoid identity to give away secrets, many-sided potential safety hazard such as data theft, information dropout.Form complete cloud identity and the credible protection chain of cloud data, the dangerous and problem that cannot maintain secrecy of the information under cloud computing environment that effectively prevent.
Accompanying drawing explanation
Fig. 1 is the structural representation of a kind of high in the clouds Verification System based on cloud computing of the present invention.
Fig. 2 is the flow chart of a kind of cloud terminal authentication based on cloud computing of the present invention.
Embodiment
Below in conjunction with the drawings and specific embodiments, the invention will be further described.
As shown in Figure 1, a kind of high in the clouds Verification System based on cloud computing comprises, cloud computing terminal, and cloud computing terminal is connected with authentication server, and cloud computing terminal is connected with cloud virtual machine server cluster.
Cloud computing terminal comprises: shell, arranges mainboard in the enclosure, mainboard is integrated with finger print identifying unit, digital certificate computing stores IC unit, network signal processing unit, USB interface, optical fiber electric transducer; Cloud computing terminal is connected with authentication server and cloud virtual machine server cluster with optical fiber electric transducer respectively by USB interface, network signal processing unit.
In the present embodiment, mainboard is the mainboard based on X86 and ARM framework of low-power consumption, micro-volume; Mainboard and computing store IC unit matching, uniquely know ID for generation of equipment; Described mainboard coordinates with fingerprint identification unit module, for differentiating user's identity; Mainboard coordinates with network signal processing unit, USB interface, controllable optical fibre optical-electrical converter, for the intensive management of different safety class protection.
In the present embodiment, fingerprint identification unit is fingerprint equipment instrument or bioassay equipment.Network signal processing unit is wireless transmitter or controlled wifi.
As shown in Figure 2, cloud computing terminal authentication method, comprises the following steps:
S100, cloud computing terminal generates Unique Device sequence number.
S200, read user identity, the authentication server be connected with cloud computing terminal, verifies user identity, if user does not exist, cloud computing terminal recovers initial setting up, returns step S100.
S300, by client's side link agreement, connects and starts cloud virtual machine server cluster.
S400, judges whether normal startup, if normal startup optimization step S600, if improper startup optimization step S500.
S500, cloud computing terminal recovers initial setting up, returns step S100.
S600, cloud computing terminal access cloud virtual machine server cluster.
The cloud computing terminal authentication method of the present embodiment, in step S100, stores IC unit by digital certificate computing and generates equipment serial number.
The cloud computing terminal authentication method of the present embodiment, in step S200, reads user identity by fingerprint identification unit 13.
The cloud computing terminal authentication method of the present embodiment, in step S600, cloud computing terminal, by network signal processing unit, USB interface and optical fiber electric transducer, accesses cloud virtual machine server cluster.
The cloud computing terminal authentication method of the present embodiment, cloud computing terminal is connected with authentication server and cloud virtual machine server cluster respectively by publicly-owned cloud or privately owned cloud.
The cloud computing terminal authentication method of the present embodiment, to transmitting data acquisition encryption between cloud computing terminal and authentication server and cloud virtual machine server cluster.
The cloud computing system structure of the present embodiment is simple, effectively solves the feature of the situation that cloud computing terminal safeguard procedures weakness causes user profile to reveal, can effectively avoid identity to give away secrets, many-sided potential safety hazard such as data theft, information dropout.Mainboard and fingerprint identification unit, digital certificate computing are stored IC unit, network signal processing unit, USB interface, optical fiber electric transducer and are connected with authentication server, cloud virtual machine server cluster by publicly-owned cloud or privately owned cloud network; form complete cloud identity and the credible protection chain of cloud data, ensure that cloud computing is in security context.
These are only some embodiments of the present invention, to those skilled in the art, under the prerequisite not departing from scope, also can carry out some distortion and improvement, these all belong to scope.
Claims (8)
1., based on a cloud terminal authentication for cloud computing, comprising:
A, cloud computing terminal generate Unique Device sequence number;
B, reading user identity, the authentication server be connected with cloud computing terminal, verifies user identity, if user does not exist, cloud computing terminal recovers initial setting up, returns steps A;
C, by client's side link agreement, connect and start cloud virtual machine server cluster;
D, judge whether normal startup, if normal startup optimization step 6, if improper startup optimization step 5.
2. a kind of cloud terminal authentication based on cloud computing according to claim 1, is characterized in that: in steps A, stores IC unit generate equipment serial number by digital certificate computing.
3. a kind of cloud terminal authentication based on cloud computing according to claim 1, is characterized in that: in step B, reads user identity by fingerprint identification unit.
4. a kind of cloud terminal authentication based on cloud computing according to claim 1, is characterized in that: step D comprises following two kinds of situations:
D1, cloud computing terminal recover initial setting up, return steps A;
D2, cloud computing terminal access cloud virtual machine server cluster.
5. a kind of cloud terminal authentication based on cloud computing according to claim 4, is characterized in that: in step D2, and cloud computing terminal, by network signal processing unit, USB interface and optical fiber electric transducer, accesses cloud virtual machine server cluster.
6. based on a high in the clouds Verification System for cloud computing, comprise terminal, authentication server and cloud virtual machine server, wherein, cloud computing terminal is connected with authentication server and cloud virtual machine server cluster respectively by publicly-owned cloud or privately owned cloud.
7. a kind of high in the clouds Verification System based on cloud computing according to claim 4, is characterized in that: to transmitting data acquisition encryption between cloud computing terminal and authentication server and cloud virtual machine server cluster.
8. a kind of high in the clouds Verification System based on cloud computing according to claim 4, it is characterized in that: cloud computing terminal comprises: shell, mainboard is in the enclosure set, mainboard is integrated with finger print identifying unit, digital certificate computing stores IC unit, network signal processing unit, USB interface, optical fiber electric transducer.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510547290.6A CN105208012A (en) | 2015-08-31 | 2015-08-31 | Cloud computing-based cloud authentication method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510547290.6A CN105208012A (en) | 2015-08-31 | 2015-08-31 | Cloud computing-based cloud authentication method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105208012A true CN105208012A (en) | 2015-12-30 |
Family
ID=54955446
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510547290.6A Pending CN105208012A (en) | 2015-08-31 | 2015-08-31 | Cloud computing-based cloud authentication method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105208012A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106487804A (en) * | 2016-11-17 | 2017-03-08 | 南通芯电物联网科技有限责任公司 | High in the clouds secret authentication platform and its method for building up |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102045353A (en) * | 2010-12-13 | 2011-05-04 | 北京交通大学 | Distributed network security control method of public cloud service |
| CN103780583A (en) * | 2012-10-22 | 2014-05-07 | 上海俊悦智能科技有限公司 | Protection method for secure cloud computing terminal |
| CN104320389A (en) * | 2014-10-11 | 2015-01-28 | 南京邮电大学 | Fusion identify protection system and fusion identify protection method based on cloud computing |
| CN104468106A (en) * | 2013-09-17 | 2015-03-25 | 上海俊悦光纤网络科技有限公司 | Cloud computing terminal authentication method |
| WO2015188568A1 (en) * | 2014-06-12 | 2015-12-17 | 中兴通讯股份有限公司 | Public cloud-based authentication method, security authentication middleware and cloud computing resource pool |
-
2015
- 2015-08-31 CN CN201510547290.6A patent/CN105208012A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102045353A (en) * | 2010-12-13 | 2011-05-04 | 北京交通大学 | Distributed network security control method of public cloud service |
| CN103780583A (en) * | 2012-10-22 | 2014-05-07 | 上海俊悦智能科技有限公司 | Protection method for secure cloud computing terminal |
| CN104468106A (en) * | 2013-09-17 | 2015-03-25 | 上海俊悦光纤网络科技有限公司 | Cloud computing terminal authentication method |
| WO2015188568A1 (en) * | 2014-06-12 | 2015-12-17 | 中兴通讯股份有限公司 | Public cloud-based authentication method, security authentication middleware and cloud computing resource pool |
| CN104320389A (en) * | 2014-10-11 | 2015-01-28 | 南京邮电大学 | Fusion identify protection system and fusion identify protection method based on cloud computing |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106487804A (en) * | 2016-11-17 | 2017-03-08 | 南通芯电物联网科技有限责任公司 | High in the clouds secret authentication platform and its method for building up |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN208580402U (en) | Store equipment and the station for storing equipment | |
| CA3054268C (en) | Method and apparatus for securing kvm matrix | |
| CN101112039B (en) | Wireless network system and communication method for external device to temporarily access wireless network | |
| CN104811455B (en) | A kind of cloud computing identity identifying method | |
| CN103780583A (en) | Protection method for secure cloud computing terminal | |
| CN103733206B (en) | Method and apparatus for the keystroke that protection receives from the keyboard the platform comprising embedded controller | |
| CN102255109B (en) | Authentication method for mobile terminal battery, and mobile terminal thereof | |
| CN104081408A (en) | System and method for bidirectional trust between downloaded applications and mobile devices including a secure charger and malware scanner | |
| CN104012034A (en) | Authentication for network access related applications | |
| CN104320389A (en) | Fusion identify protection system and fusion identify protection method based on cloud computing | |
| CN105099705B (en) | A kind of safety communicating method and its system based on usb protocol | |
| WO2016064041A1 (en) | User terminal using hash value to detect whether application program has been tampered and method for tamper detection using the user terminal | |
| US8307055B2 (en) | Secure platform management device | |
| CN104468106A (en) | Cloud computing terminal authentication method | |
| CN107835162B (en) | Software digital permit server gives the method and software digital permit server that permission is signed and issued in the license of software developer's software digital | |
| CN109117638A (en) | A kind of credible and secure mainboard of height and its control method based on physics switching | |
| CN103902882B (en) | A kind of prevent user profile from leaking terminal and method | |
| CN101594354B (en) | Method and system for improving account transfer safety | |
| CN105357194A (en) | Password updating method and password updating system | |
| CN103824014A (en) | Isolation certificating and monitoring method of USB (universal serial bus) port within local area network | |
| KR101518689B1 (en) | User Terminal to Detect the Tampering of the Applications Using Core Code and Method for Tamper Detection Using the Same | |
| KR101566141B1 (en) | User Terminal to Detect the Tampering of the Applications Using Signature Information and Method for Tamper Detection Using the Same | |
| CN105208012A (en) | Cloud computing-based cloud authentication method and system | |
| CN109087102A (en) | Transaction protection robot system based on block chain | |
| CN106817385A (en) | Cloud terminal network access system based on high speed reliable hardware module |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20151230 |
|
| WD01 | Invention patent application deemed withdrawn after publication |