CN106850612A - The cipher management method and system of a kind of facing cloud system - Google Patents
The cipher management method and system of a kind of facing cloud system Download PDFInfo
- Publication number
- CN106850612A CN106850612A CN201710058702.9A CN201710058702A CN106850612A CN 106850612 A CN106850612 A CN 106850612A CN 201710058702 A CN201710058702 A CN 201710058702A CN 106850612 A CN106850612 A CN 106850612A
- Authority
- CN
- China
- Prior art keywords
- password
- application
- cryptogam
- encryption
- cloud system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/06—Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
Abstract
The present invention relates to the cipher management method and system of a kind of facing cloud system, belong to cloud system O&M field, the batch modification of server and database password can be realized, cloud system need not change any configuration after password modification, influence of the password modification to system is reduced, and farthest ensures cryptosecurity.In the present invention, applied described in the registration request post-registration for receiving application, the password type with the association will be set using Password Management system is included;It is, using generation cryptogam, the cryptogam to be updated onto the main frame for disposing the application;Encryption and decryption service on main frame receives the request that application obtains password, and the request according to the acquisition password obtains the password corresponding with the password type that the application is associated from the cryptogam and returns to application.For improving the O&M efficiency of cloud system, and improve Password Management security.
Description
Technical field
The present invention relates to cloud system O&M field.
Background technology
As telecom operators constantly develop, system gradually cloud, in addition to core database, using accessing bottom kimonos
Business integrated layer is progressively migrated to X86 servers, thus brings number of servers to increase severely with more than ten times of speed, and typically
Enterprise internal management system requirement server password must be changed once every 90 days, therefore all applications password relevant configuration
Modification is required for, maintenance workload increased decades of times, and safeguard resource-constrained and cannot double therewith, existing O&M means
Stern challenge will be faced with instrument.
The content of the invention
The technical problems to be solved by the invention are directed to the deficiencies in the prior art, there is provided a kind of facing cloud system it is close
Code management method and system, realize the batch modification of server and database password, and cloud system need not be repaiied after password modification
Changing to, what is configured, and reduces influence of the password modification to system, and farthest ensure cryptosecurity.
The technical scheme that the present invention solves above-mentioned technical problem is as follows:
A kind of cipher management method of facing cloud system, comprises the following steps:
S1, receives and is applied described in the registration request post-registration applied;
S2, sets the password type with the association;
S3, is, using generation cryptogam, the cryptogam to be updated onto the main frame for disposing the application;
S4, on main frame encryption and decryption service receive application obtain password request, according to it is described acquisition password request from
The password corresponding with the password type that the application is associated is obtained in the cryptogam and returns to application.
The beneficial effects of the invention are as follows:Cipher management method in the present embodiment is reduced using the mode of cryptogam
To apply configuration, according to application request password is obtained from cryptogam automatically, effectively prevent password when in use due to
Human negligence causes leakage, substantially increases the O&M efficiency to applying, and also improves and uses the security of password;Reduce and repair
Change the maintenance work amoun of application configuration, improve the O&M efficiency of cloud system, and improve Password Management security.
On the basis of above-mentioned technical proposal, the present invention can also do following improvement:
Further, the S3 also includes:The periodic modification password corresponding with the password type of the association, and
It is using regenerating cryptogam and update onto the main frame for disposing the application cryptogam after the completion of modification.
Beneficial effect using above-mentioned further scheme is:After being modified to the password of main frame and database, automatically more
The cryptogam of new opplication, then eliminate the process modified to the password configured in application.Realize main frame (server)
Any configuration need not be changed with the batch modification of the password of database, and application after password modification in cloud system, is subtracted
Influence of few password modification to being applied in cloud system, and cryptosecurity has been ensured, improve O&M efficiency.
Further, the process that cryptogam is generated described in the S3 includes:The mandate for being used for verifying application permission is set
Information, is each application distribution key information, with the key information pair password encryption corresponding with the password type of association
After obtain encrypted message, and the authorization message, key information and encrypted message are put into the cryptogam of the application;Institute
Stating authorization message includes herein below:Application file list information and award that encryption and decryption described in host information, Internet access is serviced
Power period of validity information.
Beneficial effect using above-mentioned further scheme is:Password is encrypted and preserves into encrypted message, introduced and authorize
Whether information further increases the Password Management security of cloud system for verifying using having the authority for obtaining password.
Further, the S4 also includes:After the encryption and decryption service receives the request that application obtains password, obtain described close
Authorization message in code file, application permission is verified according to the authorization message for getting, and password is obtained after being verified and is returned to
Using checking is not by obtaining password then and returning to error message to application.
Beneficial effect using above-mentioned further scheme is:Authority before acquisition password first to applying is verified, improved
The security of Password Management.
Further, password is obtained described in the S4 returning to the process of application includes:The encryption and decryption service is from described
The key information and encrypted message are obtained in cryptogam, clear-text passwords is obtained according to key information clear crytpographic key information, will
Clear-text passwords returns to application.
Beneficial effect using above-mentioned further scheme is:Password in cryptogam is by preserving into password after encryption
Information, the security of Password Management is improve to greatest extent.
A kind of password management system of facing cloud system, including:
Application management module, applies for receiving described in the registration request post-registration applied;
Password Management module, is using generation cryptogam, by institute for setting the password type with the association
Cryptogam is stated to update onto the main frame for disposing the application;
Encryption/decryption module, the main frame for being located at application deployment receives the request that application obtains password, is obtained according to described
The request for taking password obtains the corresponding password of password type being associated with the application from the cryptogam and returns to
Using.
The beneficial effects of the invention are as follows:Password management system in the present embodiment is reduced using the mode of cryptogam
To apply configuration, according to application request password is obtained from cryptogam automatically, effectively prevent password when in use due to
Human negligence causes leakage, substantially increases the O&M efficiency to applying, and also improves and uses the security of password;Reduce and repair
Change the maintenance work amoun of application configuration, improve the O&M efficiency of cloud system, and improve Password Management security.
On the basis of above-mentioned technical proposal, the present invention can also do following improvement:
Further, to be additionally operable to periodic modification corresponding with the password type of the association for the Password Management module
Password, and be using regenerating cryptogam and update onto the main frame of application deployment cryptogam after the completion of modification.
Beneficial effect using above-mentioned further scheme is:After being modified to the password of main frame and database, automatically more
The cryptogam of new opplication, then eliminate the process modified to the password configured in application.Realize main frame (server)
Any configuration need not be changed with the batch modification of the password of database, and application after password modification in cloud system, is subtracted
Influence of few password modification to being applied in cloud system, and cryptosecurity has been ensured, improve O&M efficiency.
Further, the Password Management module is additionally operable to set for verifying the authorization message of application permission, is that each should
With distribution key information, with obtaining message in cipher after the key information pair password encryption corresponding with the password type of association
Breath, and the authorization message, key information and encrypted message are put into the cryptogam of the application;The authorization message bag
Include herein below:The application file list information and mandate period of validity letter of encryption/decryption module described in host information, Internet access
Breath.
Beneficial effect using above-mentioned further scheme is:Password is encrypted and preserves into encrypted message, introduced and authorize
Whether information further increases the Password Management security of cloud system for verifying using having the authority for obtaining password.
Further, after the encryption/decryption module is additionally operable to receive the request that application obtains password, the cryptogam is obtained
In authorization message, application permission is verified according to the authorization message that gets, password is obtained after being verified and returns to application, test
Card is not by obtaining password then and returning to error message to application.
Beneficial effect using above-mentioned further scheme is:Authority before acquisition password first to applying is verified, improved
The security of Password Management.
Further, the encryption/decryption module is additionally operable to obtain the key information and message in cipher from the cryptogam
Breath, clear-text passwords is obtained according to key information clear crytpographic key information, and clear-text passwords is returned into application.
Beneficial effect using above-mentioned further scheme is:Password in cryptogam is by preserving into password after encryption
Information, the security of Password Management is improve to greatest extent.
Brief description of the drawings
Fig. 1 is a kind of cipher management method flow chart of facing cloud system in the embodiment of the present invention 1;
Fig. 2 is application of a kind of password management system of facing cloud system in cloud system in the embodiment of the present invention 2
Structure chart.
Specific embodiment
Principle of the invention and feature are described below in conjunction with accompanying drawing, example is served only for explaining the present invention, and
It is non-for limiting the scope of the present invention.
Embodiment 1
As shown in figure 1, a kind of cipher management method of facing cloud system, comprises the following steps:
S1, receives the registration request post-registration application of application;
S2, sets the password type with association;
S3, is, using generation cryptogam, cryptogam to be updated onto the main frame of application deployment;
S4, the encryption and decryption service on main frame receives the request that application obtains password, according to obtaining the request of password from password
The corresponding password of the password type associated with application is obtained in file and returns to application.
Specifically, registered using active, applied host machine information, Apply Names etc. are submitted to, the application can be using
The cipher management method of facing cloud system in the present embodiment.Typically there are host cryptographic and data with the password type of association
Storehouse password etc., during using needing to access the resource in main frame and database, is required for configuring the main frame for needing to access in the application
With the password of database.
Cipher management method in the present embodiment reduces the configuration to applying using the mode of cryptogam, according to should
Request obtains password from cryptogam automatically, effectively prevents password when in use because human negligence causes leakage, greatly
The big O&M efficiency that improve to applying, also improves and uses the security of password;Reduce the O&M work of modification application configuration
Measure, improve the O&M efficiency of cloud system, and improve Password Management security.
Further, S3 also includes:The periodic modification password corresponding with the password type of association, and completed in modification
It is afterwards using regenerating cryptogam and update on the main frame of application deployment cryptogam.
Specifically, typically in O&M field in order to the safety of maintenance host and database is, it is necessary to periodic modification main frame sum
According to the password in storehouse, the mode of the periodically password of automatic modification main frame and database is taken in the present embodiment, password is according to safe plan
Slightly random generation, general set host cryptographic length as 8, database password is 10, password must include upper and lower case letter+
Numeral+spcial character.
In the improvement, after being modified to the password of main frame and database, the cryptogam of application is automatically updated, then saved
The process modified to the password configured in application.The batch for realizing the password of main frame (server) and database is repaiied
Change, and application after password modification in cloud system need not change any configuration, reduce password modification in cloud system
The influence of application, and cryptosecurity has been ensured, improve O&M efficiency.
Further, the process that cryptogam is generated in S3 includes:The authorization message for being used for verifying application permission is set, is every
Individual application distributes key information, with obtaining password after the key information pair password encryption corresponding with the password type of association
Information, and authorization message, key information and encrypted message are put into the cryptogam of application;Authorization message is included in following
Hold:Host information, the application file list information of Internet access encryption and decryption service and mandate period of validity information.
Specifically, be each application different key of distribution, the encrypted message of the preservation in the cryptogam of application be through
Encrypting storing is crossed, the security of O&M is improve;The authorization message of checking application permission is also preserved in cryptogam, is used for
In each acquisition request password of application, whether this request of checking application has permission.
For example, creating Password Management user by the linux main frames and database of pipe, Password Management user is named as
Cloud, is that, using establishment cryptogam, file entitled " .pwcf " (small letter, containing " ") deposits in main frame/etc/ mesh on main frame
Under record, owner is cloud user, and the access limit of setting code file is 644.
Cryptogam can be defined as below:
Database user password is configured
[self-defined] name section cannot be repeated more between being applied using self-defined mode is applied,
DBURL=XX1 XX1:Url (URL) during user accesses data storehouse
DBUSER=XX2 XX2:Ciphertext, database user name
DBPASSWD=XX3 XX3:Ciphertext, database user correspondence password
Host subscriber's password is configured
[self-defined] name section cannot be repeated more between being applied using self-defined mode is applied,
HOSTIP=YY1 YY1:Host IP address
HOSTUSER=YY2 YY2:Ciphertext, host subscriber's name
HOSTPASSWD=YY3 YY3:Ciphertext, the corresponding password of platform user
Authorization message is configured
[APP_ applications ID] section name is using APP_+ applications ID
HOSTIP=ZZ1 ZZ1:Ciphertext, host IP address
KEY=ZZ2 ZZ2:Using key
EXPIREDATE=ZZ3 ZZ3:Ciphertext, authorizes expired time
FILES=ZZ4 ZZ4:Ciphertext, authority list (multiple), the absolute path of application file
An example of content and form in cryptogam is above.
In the improvement, password is encrypted and preserves into encrypted message, introduced authorization message and be used for verifying applying whether have
The authority of password is obtained, the Password Management security of cloud system is further increased.
Further, S4 also includes:After encryption and decryption service receives the request that application obtains password, awarding in acquisition cryptogam
Power information, application permission is verified according to the authorization message for getting, and password is obtained after being verified and returns to application, is verified obstructed
Cross, password is not obtained and error message is returned to application.
Specifically, encryption and decryption service obtains authorization message from cryptogam, verify main frame authority, file permission and award
Whether power is expired.After purview certification passes through, acquisition password returns to application from cryptogam.Enumerated in being improved such as previous step
Shown in cryptogam definition, authorization message can also be preserved in the form of ciphertext, and encryption and decryption service gets according to key awards
Power information, applies whether corresponding main frame I P addresses carry out source host I P addresses with using this request in checking authorization message
It is consistent, judges main frame authority, judges using whether the authority of password is accessed in the term of validity, by authorizing according to expired time is authorized
Listed files information, judges whether the application file used using this request has the right to obtain password.
In the improvement, the authority before acquisition password first to applying is verified, improves the security of Password Management.
Further, password is obtained in S4 returning to the process of application includes:Encryption and decryption service obtains close from cryptogam
Key information and encrypted message, clear-text passwords is obtained according to key information clear crytpographic key information, and clear-text passwords is returned into application.
Specifically, because the key for each application distribution is different, even if the cryptogam for taking other application also cannot
By Authority Verification, and clear-text passwords cannot be decrypted, make management more added with conditioning, security is higher.
In the improvement, the password in cryptogam is by preserving into encrypted message after encryption, to improve to greatest extent
The security of Password Management.
Embodiment 2
As shown in Fig. 2 a kind of password management system of facing cloud system, including:
Application management module, the registration request post-registration application for receiving application;
Password Management module, is using generation cryptogam, by password text for setting the password type with association
Part is updated onto the main frame of application deployment;
Encryption/decryption module, the main frame for being located at application deployment receives the request that application obtains password, close according to obtaining
The request of code obtains the corresponding password of the password type associated with application from cryptogam and returns to application.
Specifically, using Active Registration to password management system, submitting applied host machine information, Apply Names etc., the application to
Can typically there is main frame with the password type of association with the password management system of facing cloud system in use the present embodiment
Password and database password etc., during using needing to access the resource in main frame and database, are required for configuring needs in the application
The main frame of access and the password of database.
Password management system in the present embodiment reduces the configuration to applying using the mode of cryptogam, according to should
Request obtains password from cryptogam automatically, effectively prevents password when in use because human negligence causes leakage, greatly
The big O&M efficiency that improve to applying, also improves and uses the security of password;Reduce the O&M work of modification application configuration
Measure, improve the O&M efficiency of cloud system, and improve Password Management security.
Further, Password Management module is additionally operable to the periodic modification password corresponding with the password type of association, and
It is using regenerating cryptogam and update on the main frame of application deployment cryptogam after the completion of modification.
Specifically, typically in O&M field in order to the safety of maintenance host and database is, it is necessary to periodic modification main frame sum
According to the password in storehouse, Password Management module periodically changes the mode of the password of main frame and database, password root automatically in the present embodiment
Generated at random according to security strategy, general to set host cryptographic length as 8, database password is 10, and password must be comprising big
Lowercase+numeral+spcial character.
In the improvement, after being modified to the password of main frame and database, the cryptogam of application is automatically updated, then saved
The process modified to the password configured in application.The batch for realizing the password of main frame (server) and database is repaiied
Change, and application after password modification in cloud system need not change any configuration, reduce password modification in cloud system
The influence of application, and cryptosecurity has been ensured, improve O&M efficiency.
Further, Password Management module is additionally operable to set for verifying the authorization message of application permission, is each application point
With key information, with obtaining encrypted message after the key information pair password encryption corresponding with the password type of association, and
Authorization message, key information and encrypted message are put into the cryptogam of application;Authorization message includes herein below:Main frame is believed
Breath, the application file list information of Internet access encryption/decryption module and mandate period of validity information.
Specifically, be each application different key of distribution, the encrypted message of the preservation in the cryptogam of application be through
Encrypting storing is crossed, the security of O&M is improve;The authorization message of checking application permission is also preserved in cryptogam, is used for
In each acquisition request password of application, whether this request of checking application has permission.
For example, creating Password Management user by the linux main frames and database of pipe, Password Management user is named as
Cloud, is that, using establishment cryptogam, file entitled " .pwcf " (small letter, containing " ") deposits in main frame/etc/ mesh on main frame
Under record, owner is cloud user, and the access limit of setting code file is 644.
Cryptogam can be defined as below:
Database user password is configured
[self-defined] name section cannot be repeated more between being applied using self-defined mode is applied,
DBURL=XX1 XX1:User java accesses url during database
DBUSER=XX2 XX2:Ciphertext, database user name
DBPASSWD=XX3 XX3:Ciphertext, database user correspondence password
Host subscriber's password is configured
[self-defined] name section cannot be repeated more between being applied using self-defined mode is applied,
HOSTIP=YY1 YY1:Host IP address
HOSTUSER=YY2 YY2:Ciphertext, host subscriber's name
HOSTPASSWD=YY3 YY3:Ciphertext, the corresponding password of platform user
Authorization message is configured
[APP_ applications ID] section name is using APP_+ applications ID
HOSTIP=ZZ1 ZZ1:Ciphertext, host IP address
KEY=ZZ2 ZZ2:Using key
EXPIREDATE=ZZ3 ZZ3:Ciphertext, authorizes expired time
FILES=ZZ4 ZZ4:Ciphertext, authority list (multiple), the absolute path of application file
An example of content and form in cryptogam is above.
In the improvement, password is encrypted and preserves into encrypted message, introduced authorization message and be used for verifying applying whether have
The authority of password is obtained, the Password Management security of cloud system is further increased.
Further, after encryption/decryption module is additionally operable to receive the request that application obtains password, the mandate in cryptogam is obtained
Information, application permission is verified according to the authorization message for getting, and password is obtained after being verified and returns to application, and checking does not pass through
Do not obtain password then and return to error message to application.
Specifically, encryption/decryption module obtains authorization message from cryptogam, verify main frame authority, file permission and award
Whether power is expired.After purview certification passes through, acquisition password returns to application from cryptogam.Enumerated in being improved such as previous step
Shown in cryptogam definition, authorization message can also be preserved in the form of ciphertext, and encryption/decryption module gets according to key and awards
Power information, checking authorization message in using corresponding host IP address whether with application this request source host IP address phase
Symbol, judges main frame authority, judges using whether the authority of password is accessed in the term of validity, by authorizing text according to expired time is authorized
Part list information, judges whether the application file used using this request has the right to obtain password.
In the improvement, the authority before acquisition password first to applying is verified, improves the security of Password Management.
Further, encryption/decryption module is additionally operable to obtain key information and encrypted message from cryptogam, is believed according to key
Breath clear crytpographic key information obtains clear-text passwords, and clear-text passwords is returned into application.
Specifically, because the key for each application distribution is different, even if the cryptogam for taking other application also cannot
By Authority Verification, and clear-text passwords cannot be decrypted, make management more added with conditioning, security is higher.
In the improvement, the password in cryptogam is by preserving into encrypted message after encryption, to improve to greatest extent
The security of Password Management.
Unified management is realized based on cryptogam, key, encryption and decryption service (module) in the present invention, can from management
By three's separate management and preservation, to ensure the security of password.All cloud applications must lead to using encryption and decryption service (mould
Block), key and cryptogam could obtain corresponding password, application program must not be separately configured close in the application in use
Code.New cryptogam can be generated after password is changed, and is issued to using on deployment main frame.Maintenance work amoun can be reduced,
O&M efficiency is improved, cryptosecurity is ensured, cloud system stable operation is ensured.To ensure security, decompiling, encryption and decryption are prevented
Service (module) is developed using C language, and cryptogam is encrypted content, needs to be verified by Certificate Authority during decryption, by rear
Clear-text passwords can just be taken.
The foregoing is only presently preferred embodiments of the present invention, be not intended to limit the invention, it is all it is of the invention spirit and
Within principle, any modification, equivalent substitution and improvements made etc. should be included within the scope of the present invention.
Claims (10)
1. a kind of cipher management method of facing cloud system, it is characterised in that comprise the following steps:
S1, receives and is applied described in the registration request post-registration applied;
S2, sets the password type with the association;
S3, is, using generation cryptogam, the cryptogam to be updated onto the main frame for disposing the application;
S4, the encryption and decryption service on main frame receives the request that application obtains password, and the request according to the acquisition password is from described
The password corresponding with the password type that the application is associated is obtained in cryptogam and returns to application.
2. the cipher management method of facing cloud system according to claim 1, it is characterised in that the S3 also includes:
The periodic modification password corresponding with the password type of the association, and be using regenerating password after the completion of modification
File and cryptogam is updated onto the main frame for disposing the application.
3. the cipher management method of facing cloud system according to claim 2, it is characterised in that raw described in the S3
Process into cryptogam includes:The authorization message for being used for verifying application permission is set, is each application distribution key information, use
Encrypted message is obtained after the key information pair password encryption corresponding with the password type of association, and described mandate is believed
Breath, key information and encrypted message are put into the cryptogam of the application;The authorization message includes herein below:Main frame is believed
Breath, the application file list information of encryption and decryption service described in Internet access and mandate period of validity information.
4. the cipher management method of facing cloud system according to claim 3, it is characterised in that the S4 also includes:
After the encryption and decryption service receives the request that application obtains password, the authorization message in the cryptogam is obtained, according to acquisition
The authorization message checking application permission for arriving, obtains password and returns to application after being verified, checking is not by obtaining password then
And return to error message to application.
5. the cipher management method of the facing cloud system according to claim 3 or 4, it is characterised in that institute in the S4
Stating to obtain password and return to the process of application includes:The encryption and decryption service obtains the key information from the cryptogam
And encrypted message, clear-text passwords is obtained according to key information clear crytpographic key information, clear-text passwords is returned into application.
6. a kind of password management system of facing cloud system, it is characterised in that the system includes:
Application management module, applies for receiving described in the registration request post-registration applied;
Password Management module, for setting the password type with the association, be using generation cryptogam, will be described close
Code file is updated onto the main frame for disposing the application;
Encryption/decryption module, the main frame for being located at application deployment receives the request that application obtains password, obtains close according to described
The request of code obtains the corresponding password of the password type associated with the application from the cryptogam and returns to application.
7. the password management system of facing cloud system according to claim 6, it is characterised in that the Password Management mould
Block is additionally operable to the periodic modification password corresponding with the password type of the association, and is using again after the completion of modification
Generate cryptogam and update onto the main frame of application deployment cryptogam.
8. the password management system of facing cloud system according to claim 7, it is characterised in that the Password Management mould
Block is additionally operable to set for verifying the authorization message of application permission, is each application distribution key information, with key information pair with
Obtain encrypted message after the corresponding password encryption of the password type of association, and by the authorization message, key information and
Encrypted message is put into the cryptogam of the application;The authorization message includes herein below:Host information, Internet access institute
State the application file list information of encryption/decryption module and authorize period of validity information.
9. the password management system of facing cloud system according to claim 8, it is characterised in that the encryption/decryption module
After being additionally operable to receive the request that application obtains password, the authorization message in the cryptogam is obtained, according to the mandate for getting
Information Authentication application permission, obtains password and returns to application after being verified, checking is not by obtaining password then and to application
Return to error message.
10. the password management system of facing cloud system according to claim 8 or claim 9, it is characterised in that the encryption and decryption
Module is additionally operable to obtain the key information and encrypted message from the cryptogam, according to key information clear crytpographic key information
Clear-text passwords is obtained, clear-text passwords is returned into application.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710058702.9A CN106850612A (en) | 2017-01-23 | 2017-01-23 | The cipher management method and system of a kind of facing cloud system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710058702.9A CN106850612A (en) | 2017-01-23 | 2017-01-23 | The cipher management method and system of a kind of facing cloud system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106850612A true CN106850612A (en) | 2017-06-13 |
Family
ID=59121831
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710058702.9A Pending CN106850612A (en) | 2017-01-23 | 2017-01-23 | The cipher management method and system of a kind of facing cloud system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106850612A (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108282484A (en) * | 2018-01-30 | 2018-07-13 | 平安普惠企业管理有限公司 | Password acquisition methods, device, computer equipment and storage medium |
CN108875409A (en) * | 2018-06-28 | 2018-11-23 | 中国建设银行股份有限公司 | User information concentrates modification system and method |
CN108900539A (en) * | 2018-08-09 | 2018-11-27 | 深圳伊泉净品科技有限公司 | Ensure the method and computer readable storage medium of batch jobs host cryptographic safety |
CN108965472A (en) * | 2018-08-23 | 2018-12-07 | 珠海格力电器股份有限公司 | A kind of method and apparatus of account information push |
CN113792304A (en) * | 2021-08-12 | 2021-12-14 | 青岛海尔科技有限公司 | Database access system and method |
CN117540364A (en) * | 2023-11-22 | 2024-02-09 | 国电南瑞南京控制系统有限公司 | Cloud ECS (electronic control system) operating system password intelligent generation batch modification system and method |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20090327740A1 (en) * | 2008-05-29 | 2009-12-31 | James Paul Schneider | Securing a password database |
CN101877157A (en) * | 2010-02-09 | 2010-11-03 | 北京江南博仁科技有限公司 | Key management system and method for bank terminal security equipment |
US20100325707A1 (en) * | 2009-06-22 | 2010-12-23 | Gyle Iverson | Systems and Methods for Automatic Discovery of Systems and Accounts |
CN102118247A (en) * | 2011-01-04 | 2011-07-06 | 中兴通讯股份有限公司 | System and method for password management |
CN102480726A (en) * | 2010-11-24 | 2012-05-30 | 比亚迪股份有限公司 | Password protection method, password protection system and mobile terminal with same |
CN102866998A (en) * | 2011-07-05 | 2013-01-09 | 中兴通讯股份有限公司 | Centralized password management method and centralized password management system in synchronous system |
CN103618705A (en) * | 2013-11-20 | 2014-03-05 | 浪潮电子信息产业股份有限公司 | Personal code managing tool and method under open cloud platform |
CN104182680A (en) * | 2014-08-27 | 2014-12-03 | 上海斐讯数据通信技术有限公司 | User name password management and user name password input method and system |
CN104717195A (en) * | 2013-12-17 | 2015-06-17 | 中国移动通信集团福建有限公司 | Service system password management method and device |
-
2017
- 2017-01-23 CN CN201710058702.9A patent/CN106850612A/en active Pending
Patent Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20090327740A1 (en) * | 2008-05-29 | 2009-12-31 | James Paul Schneider | Securing a password database |
US20100325707A1 (en) * | 2009-06-22 | 2010-12-23 | Gyle Iverson | Systems and Methods for Automatic Discovery of Systems and Accounts |
CN101877157A (en) * | 2010-02-09 | 2010-11-03 | 北京江南博仁科技有限公司 | Key management system and method for bank terminal security equipment |
CN102480726A (en) * | 2010-11-24 | 2012-05-30 | 比亚迪股份有限公司 | Password protection method, password protection system and mobile terminal with same |
CN102118247A (en) * | 2011-01-04 | 2011-07-06 | 中兴通讯股份有限公司 | System and method for password management |
CN102866998A (en) * | 2011-07-05 | 2013-01-09 | 中兴通讯股份有限公司 | Centralized password management method and centralized password management system in synchronous system |
CN103618705A (en) * | 2013-11-20 | 2014-03-05 | 浪潮电子信息产业股份有限公司 | Personal code managing tool and method under open cloud platform |
CN104717195A (en) * | 2013-12-17 | 2015-06-17 | 中国移动通信集团福建有限公司 | Service system password management method and device |
CN104182680A (en) * | 2014-08-27 | 2014-12-03 | 上海斐讯数据通信技术有限公司 | User name password management and user name password input method and system |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108282484A (en) * | 2018-01-30 | 2018-07-13 | 平安普惠企业管理有限公司 | Password acquisition methods, device, computer equipment and storage medium |
CN108282484B (en) * | 2018-01-30 | 2021-03-02 | 平安普惠企业管理有限公司 | Password acquisition method and device, computer equipment and storage medium |
CN108875409A (en) * | 2018-06-28 | 2018-11-23 | 中国建设银行股份有限公司 | User information concentrates modification system and method |
CN108900539A (en) * | 2018-08-09 | 2018-11-27 | 深圳伊泉净品科技有限公司 | Ensure the method and computer readable storage medium of batch jobs host cryptographic safety |
CN108965472A (en) * | 2018-08-23 | 2018-12-07 | 珠海格力电器股份有限公司 | A kind of method and apparatus of account information push |
CN108965472B (en) * | 2018-08-23 | 2020-11-20 | 珠海格力电器股份有限公司 | Account information pushing method and device |
CN113792304A (en) * | 2021-08-12 | 2021-12-14 | 青岛海尔科技有限公司 | Database access system and method |
CN113792304B (en) * | 2021-08-12 | 2023-11-17 | 青岛海尔科技有限公司 | Database access system and method |
CN117540364A (en) * | 2023-11-22 | 2024-02-09 | 国电南瑞南京控制系统有限公司 | Cloud ECS (electronic control system) operating system password intelligent generation batch modification system and method |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11606352B2 (en) | Time-based one time password (TOTP) for network authentication | |
CN106850612A (en) | The cipher management method and system of a kind of facing cloud system | |
CN101207485B (en) | System and method of unification identification safety authentication for users | |
CN106534175B (en) | Open platform authorization identifying system and method based on OAuth agreement | |
US10027670B2 (en) | Distributed authentication | |
US9996679B2 (en) | Methods and apparatus for device authentication and secure data exchange between a server application and a device | |
EP2160864B1 (en) | Authentication system and method | |
CN104767731B (en) | A kind of Restful move transactions system identity certification means of defence | |
CN105812350B (en) | Cross-platform single sign-on system | |
CN106295394A (en) | Resource authorization method and system and authorization server and method of work | |
CN103384198B (en) | A kind of authenticating user identification method of servicing based on mailbox and system | |
KR20100045442A (en) | Transferable restricted security tokens | |
CN105577835B (en) | Cross-platform single sign-on system based on cloud computing | |
CN106302606B (en) | Across the application access method and device of one kind | |
CN104580184A (en) | Identity authentication method for mutual-trust application systems | |
CN106936588A (en) | A kind of trustship method, the apparatus and system of hardware controls lock | |
CN103986734B (en) | Authentication management method and authentication management system applicable to high-security service system | |
CN111062023A (en) | Method and device for realizing single sign-on of multiple application systems | |
CN105262590A (en) | Method and system for safely insulating keys in virtual environment | |
CN111010396A (en) | Internet identity authentication management method | |
EP3062254B1 (en) | License management for device management system | |
CN106529216B (en) | Software authorization system and software authorization method based on public storage platform | |
CN107276966B (en) | Control method and login system of distributed system | |
US20230164130A1 (en) | User authentication system | |
CN107919958A (en) | A kind of processing method of data encryption, device and equipment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170613 |