CN108960456A - Private clound secure, integral operation platform - Google Patents
Private clound secure, integral operation platform Download PDFInfo
- Publication number
- CN108960456A CN108960456A CN201810925138.0A CN201810925138A CN108960456A CN 108960456 A CN108960456 A CN 108960456A CN 201810925138 A CN201810925138 A CN 201810925138A CN 108960456 A CN108960456 A CN 108960456A
- Authority
- CN
- China
- Prior art keywords
- module
- data
- layer
- unit
- management
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/20—Administration of product repair or maintenance
Landscapes
- Business, Economics & Management (AREA)
- Human Resources & Organizations (AREA)
- Engineering & Computer Science (AREA)
- Economics (AREA)
- Entrepreneurship & Innovation (AREA)
- Marketing (AREA)
- Operations Research (AREA)
- Quality & Reliability (AREA)
- Strategic Management (AREA)
- Tourism & Hospitality (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The present invention relates to a kind of private clound secure, integral operation platforms.The platform includes acquisition interface layer, data storage calculation layer, core function layer, service offer layer and management subsystem;Acquisition interface layer is located at bottom, communicates for being acquired to security log and storing up calculation layer with data;Layer is calculated in data storage, between acquisition interface layer and core function layer, for obtaining data by communicating with acquisition interface layer, and provides data by communicating to communicate to core function layer with core function layer;Core function layer, is located at that layer is calculated in data storage and service is provided between layer, for obtaining data by storing up to calculate layer and communicate with data, and is communicated by providing layer with service to the corresponding function of service offer layer offer;Service provide layer, be located at top layer, for by communicate with core function layer obtain function and based on acquisition function offer service.Calculating layer, core function layer, service offer layer and management subsystem by acquisition interface layer, data storage realizes the integrated O&M under cloud environment.
Description
Technical field
The present invention relates to cloud field more particularly to a kind of private clound secure, integral operation platforms.
Background technique
Equipment scale, system diversification under cloud computing environment, determine that conventional security O&M means are unable to cope with number
Measure so so high situation of huge, complexity.
In addition, cloud computing tenant is related to more units, infrastructure is changed under traditional environment as sole user, support is provided
Operation mode.Infrastructure and service application adhere to different institutions separately, the contradiction being bound to cause between restricting and cooperating each other.
Under traditional environment, by artificial detection baseline, it is periodically executed vulnerability scanning, the side of tracking rectification reinforcing progress under line
Method is difficult to obtain good result under cloud computing environment.
Summary of the invention
(1) technical problems to be solved
The technical issues of in order to solve the prior art, the present invention provide a kind of private clound secure, integral operation platform, packet
Include acquisition interface layer, layer is calculated in data storage, core function layer, services offer layer and management subsystem;Acquisition interface layer is located at bottom
Layer is communicated for being acquired to security log and storing up calculation layer with data;Layer is calculated in data storage, is located at acquisition interface layer and core function
Between ergosphere, for obtaining data by communicating with acquisition interface layer, and by communicating with core function layer to core function layer
Communication provides data;Core function layer, is located at data storage calculation layer and service is provided between layer, for logical by storing up calculation layer with data
Believe and obtain data, and communicates function corresponding to service offer layer offer by providing layer with service;Service provides layer, is located at top
Layer, for by communicate with core function layer obtain function and based on acquisition function offer service.Pass through acquisition interface layer, number
Calculating layer, core function layer, service offer layer and management subsystem according to storage realizes the integrated O&M under cloud environment.
(2) technical solution
In order to achieve the above object, the main technical schemes that the present invention uses include:
A kind of private clound secure, integral operation platform, the platform, comprising: layer, core are calculated in acquisition interface layer, data storage
Functional layer, service provide layer and management subsystem;
The acquisition interface layer is located at bottom, communicates for being acquired to security log and storing up calculation layer with the data;
The acquisition interface layer, including acquisition and sync cap subsystem, the acquisition include: with sync cap subsystem
Data mart modeling/ETL module, acquisition interface, system synchronous mating interface, data source;
Layer is calculated in data storage, positioned at the acquisition interface layer and the core function layer between, be used for by with it is described
The communication of acquisition interface layer obtains data, and provides number by communicating to communicate to the core function layer with the core function layer
According to;
Layer is calculated in the data storage, including intensive data stores up operator platform, and the intensive data storage operator platform includes public
Data sharing and service bus, Hadoop cluster and data-base cluster;
The core function layer, is located at data storage and calculates layer and the service and provide between layer, be used for by with it is described
Data, which are stored up, calculates layer communication acquisition data, and communicates function corresponding to service offer layer offer by providing layer with the service
Energy;
The core function layer, including data-mining module, audit analysis module, asset source module, data safety mould
Block, security management and control module;
The data-mining module, including intelligent O&M analysis engine and data interactive mode explore query unit;
The data interaction formula is explored query unit and is communicated with the intelligent O&M analysis engine;
The audit analysis module, including behavior auditing subsystem and log audit subsystem;
The asset source module, including asset management subsystem and the automatic management subsystem of security risk;
The asset management subsystem, including asset source administrative unit and IP trace to the source engine;
The data security module, including data safety subsystem;
The data safety subsystem, comprising: uniform data extraction engine and sensitive data are blurred engine;
The security management and control module, including private clound gateway and network flow intelligent scheduling;
The service provides layer, is located at top layer, for by communicating acquisition function with the core function layer and being based on obtaining
The function of taking provides service;
The service provides layer, including the open module of united portal subsystem SaaS service ability;
The open module of the SaaS service ability, including privately owned cloud platform cloud security service and capacity unit;
The united portal subsystem, including concentrate and show in function view unit, security incident Alarm Unit, comprehensive clothes
Business responding process unit, intelligent O&M automatic flow unit;
The security incident Alarm Unit and the concentration show in function view unit communication;
The security incident Alarm Unit and the integrated service responding process unit communication;
The intelligence O&M automatic flow unit and the concentration show in function view unit communication;
The intelligence O&M automatic flow unit and the integrated service responding process unit communication;
The integrated service responding process unit and the concentration show in function view unit communication;
The management subsystem calculates layer, core function layer and service through acquisition interface layer, data storage and provides layer;
The management subsystem, including audit strategy module, security management and control policy module, configuration management module, concentration day
Will management module, standardized management module, account management module, entitlement management module and authentication management module.
Optionally, the data source, including configuration management database/IT service management data source, building environment data source,
Host data source, storing data source, network data source, security audit data source, service application data source, platform software data
Source.
Optionally, the intercommunication of the Hadoop cluster and data-base cluster;
The Hadoop cluster is communicated by the way that the common data is shared with service bus with the core function layer;
The data-base cluster is communicated by the way that the common data is shared with service bus with the core function layer.
Optionally, the private clound gateway, comprising: closed loop management module, service ability open module, authentication module, account
Number module, authorization module, Audit Module, asset source module, log concentrated collection and analysis module;
The closed loop management module, connect with office workflow workform management, for carrying out the management of access application process, synthesis
Alert perception management, response service procedure management;
The closed loop management module, including access application process administrative unit, comprehensive warning perception management unit, response clothes
Business workflow management unit;
The open module of the service ability, connect with enterprise-level private clound, for carrying out O&M single sign-on authentication, audit
Analytical statement, the management of work order responding process, data synchronous query;
The open module of the service ability, including O&M single sign-on authentication unit, audit analysis report unit, work order are rung
Answer workflow management unit, data synchronous query unit;
The authentication module is connect with office side personnel Light Directory Access Protocol LDAP;
The authentication module is connect with third party personnel LDAP;
The authentication module, for carrying out single-sign-on SSO unified certification;
The authentication module, including SSO unified certification unit;
The account module is connect with office side personnel's account information library;
The account module is connect with third party's personnel's account information library;
The account module, for primary account number management, from account management and franchise account password strong-room management;
The account module, including primary account number administrative unit, from account management unit and feature account password strong-room;
The authorization module, including O&M access mandate unit and franchise account authorization unit;
The Audit Module is connect with configuration management database CMDB Asset Allocation management library;
The Audit Module is connect with IP Metropolitan Area Network (MAN) IPMAN address administration library;
The Audit Module is connect with IT terminal full dose management library;
The Audit Module is connect with domain control domain name system DNS/dynamic host configuration protocol DHCP;
The Audit Module is traced to the source for audit of detouring in real time, operation behavior audit, data desensitization audit and IP;
The Audit Module, including the auditable unit that detours in real time, operation behavior auditable unit, data desensitization auditable unit and
IP traces to the source engine;
The asset source module is connect, for carrying out asset source management and assets with CMDB Asset Allocation management library
Automatic discovery;
The asset source module, including asset source administrative unit and assets find unit automatically;
The log concentrated collection and analysis module, for abnormal behaviour analysis, account management analysis and security risk sense
Know analysis;
The log concentrated collection and analysis module, including abnormal behaviour analytical unit, account management analytical unit and peace
Full blast danger sension unit.
Optionally, the account module is connect by primary account number administrative unit with office side personnel's account information library;
The account module is connect by primary account number administrative unit with third party's personnel's account information library.
Optionally, the Audit Module is managed library and is connect by trace to the source engine and CMDB Asset Allocation of the IP;
The Audit Module is connect by IP engine of tracing to the source with IPMAN address administration library;
The Audit Module is managed library and is connect by trace to the source engine and IT terminal full dose of the IP;
The Audit Module is controlled DNS/DHCP and is connect by trace to the source engine and the domain the IP.
Optionally, the asset source module manages library by the asset source administrative unit and CMDB Asset Allocation and connects
It connects.
Optionally, the behavior auditing subsystem, for the behavior of audit database O&M operation exception, audit host O&M
Operation exception behavior and auditing the network O&M operation exception behavior;
The behavior auditing subsystem, including the operation of database O&M operation exception behavior auditing unit, host O&M are different
Normal behavior auditing unit and network O&M operation exception behavior auditing unit;
The database O&M operation exception behavior auditing unit is used for the operation exception behavior of audit database O&M;
The database O&M operation exception behavior auditing unit, including system administration audit strategy subelement and business make
With audit strategy subelement;
The system administration audit strategy subelement, operated for global illegal operation of auditing, audit administrator irregularity,
Audit non-administrator's unauthorized operation;
The business uses audit strategy subelement, for sensitive table sensitivity field abnormal access behavior of auditing;
The host O&M operation exception behavior auditing unit, for host O&M operation exception behavior of auditing;The master
Machine O&M operation exception behavior include host O&M operation time anomaly behavior, host O&M operation personnel's abnormal behaviour,
The operation exception behavior of host O&M operation;
The network O&M operation exception behavior auditing unit is used for the operation exception behavior of auditing the network O&M;The net
Network O&M operation exception behavior include network O&M operation time anomaly behavior, network O&M operation personnel's abnormal behaviour,
The operation exception behavior of network O&M operation.
Optionally, layer is calculated in the data storage, further includes model analysis module and storage computing module;
The model analysis module is located at common data and shares between service bus and the storage computing module, described
Computing module is stored between model analysis module and Hadoop cluster and data-base cluster;
The model analysis module, for abnormal behaviour analysis, risk track to be traced to the source, account management is analyzed and security risk
Perception;
The model analysis module, including anomaly analysis unit, analysis track trace to the source unit, account management analytical unit,
Security risk sension unit, data mining engine and machine learning engine;
The storage computing module is used for data label, data storage, data auditing, distributed computing and stream calculation;
The storage computing module, including data label unit, data storage cell, data auditing unit, distributed meter
Calculate unit and stream calculation unit.
Optionally, the acquisition interface layer further includes data convergence exchange, real-time stream acquisition and message queue;
The data source further includes security gateway operation log and Network Mirror data capture engine.
(3) beneficial effect
The beneficial effects of the present invention are: private clound secure, integral operation platform, including the storage of acquisition interface layer, data are calculated
Layer, core function layer, service provide layer and management subsystem;Acquisition interface layer is located at bottom, for adopting to security log
Collect and store up calculation layer with data and communicates;Data storage calculate layer, positioned at acquisition interface layer and core function layer between, be used for by with acquisition
Interface layer communication obtains data, and provides data by communicating to communicate to core function layer with core function layer;Core function layer,
Positioned at data store up calculate layer and service provide layer between, for by with data store up calculate layer communicate acquisition data, and by with service
Layer is provided to communicate to the corresponding function of service offer layer offer;Service provide layer, be located at top layer, for by with core function layer
Communication obtains function and the function based on acquisition provides service.Layer, core function layer, clothes are calculated by acquisition interface layer, data storage
Business, which provides layer and management subsystem, realizes the integrated O&M under cloud environment.
Detailed description of the invention
Fig. 1 is a kind of structural schematic diagram of private clound secure, integral operation platform provided by the invention;
Fig. 2 is a kind of structural schematic diagram of private clound gateway provided by the invention;
Fig. 3 is using a kind of structural schematic diagram of behavior auditing subsystem provided by the invention.
Specific embodiment
In order to preferably explain the present invention, in order to understand, with reference to the accompanying drawing, by specific embodiment, to this hair
It is bright to be described in detail.
The present invention provides a kind of private clound secure, integral operation platform, including layer, core are calculated in the storage of acquisition interface layer, data
Functional layer, service provide layer and management subsystem;Acquisition interface layer, be located at bottom, for security log is acquired and with
Layer communication is calculated in data storage;Data storage calculate layer, positioned at acquisition interface layer and core function layer between, be used for by with acquisition interface layer
Communication obtains data, and provides data by communicating to communicate to core function layer with core function layer;Core function layer is located at number
It is provided between layer according to storing up to calculate layer and service, for communicating acquisition data by calculating layer with data storage, and by providing layer with service
Communicating to service provides layer offer corresponding function;Service provides layer, is located at top layer, for obtaining by communicating with core function layer
It takes function and the function based on acquisition provides service.Layer, core function layer, service offer are calculated by acquisition interface layer, data storage
Layer and management subsystem realize the integrated O&M under cloud environment.
Specifically, private clound secure, integral operation platform provided by the invention is as shown in Figure 1, comprising: acquisition interface layer,
Layer, core function layer, service offer layer and management subsystem are calculated in data storage.
Wherein,
1, acquisition interface layer
Acquisition interface layer is located at bottom, communicates for being acquired to security log and storing up calculation layer with data.
Acquisition interface layer, including acquisition and sync cap subsystem, acquisition include: that data add with sync cap subsystem
Work/ETL (Extract-Transform-Load, extraction-interaction conversion-load) module, acquisition interface, system synchronization connect
Mouth, data source.
Data source, including configuration management database/IT service management data source, building environment data source, host data source,
Storing data source, network data source, security audit data source, service application data source, platform software data source.
Wherein, configuration management database, such as CMD (Configuration Management Database, configuration management
Database).IT service management data source, such as ITSM (IT service management system).
2, layer is calculated in data storage
Layer is calculated in data storage, between acquisition interface layer and core function layer, for being obtained by communicating with acquisition interface layer
Access evidence, and data are provided by communicating to communicate to core function layer with core function layer.
Layer is calculated in data storage, including intensive data stores up operator platform, and intensive data storage operator platform includes that common data is shared
With service bus, Hadoop cluster and data-base cluster.
The intercommunication of Hadoop cluster and data-base cluster.
Hadoop cluster is communicated by the way that common data is shared with service bus with core function layer.
Data-base cluster is communicated by the way that common data is shared with service bus with core function layer.
3, core function layer
Core function layer is stored up positioned at data and is calculated between layer and service offer layer, for being obtained by communicating with data storage calculation layer
Access evidence, and function corresponding to service offer layer offer is communicated by providing layer with service.
Core function layer, including data-mining module, audit analysis module, asset source module, data security module, peace
Full control module.
Data-mining module, including intelligent O&M analysis engine and data interactive mode explore query unit.
Data interaction formula is explored query unit and is communicated with intelligent O&M analysis engine.
Audit analysis module, including behavior auditing subsystem and log audit subsystem.
Asset source module, including asset management subsystem and the automatic management subsystem of security risk.
Asset management subsystem, including asset source administrative unit and IP trace to the source engine.
Data security module, including data safety subsystem.
Data safety subsystem, comprising: uniform data extraction engine and sensitive data are blurred engine.
Security management and control module, including private clound gateway and network flow intelligent scheduling.
Intelligent data mining, audit analysis, cloud asset source, cloud data safety and Yunan County may be implemented in the core function layer
The functions such as full control.
4, service provides layer
Service provides layer, is located at top layer, for obtaining function and based on the function of acquisition by communicating with core function layer
Service is provided.
Service provides layer, including united portal subsystem and the open module of SaaS service ability.
SaaS service ability opens module, including privately owned cloud platform cloud security service and capacity unit.
United portal subsystem, including concentrate to show and be rung in function view unit, security incident Alarm Unit, integrated service
Answer flow elements, intelligent O&M automatic flow unit.
Security incident Alarm Unit and concentration show in function view unit communication.
Security incident Alarm Unit and integrated service responding process unit communication.
Intelligent O&M automatic flow unit and concentration show in function view unit communication.
Intelligent O&M automatic flow unit and integrated service responding process unit communication.
Integrated service responding process unit and concentration show in function view unit communication.
The service, which provides layer, may be implemented security incident alarm function, O&M automatic flow, comprehensive response service, the whole network
Security information concentration shows function, united portal and the opening of security service function etc..
5, management subsystem
Management subsystem calculates layer, core function layer and service through acquisition interface layer, data storage and provides layer.
Management subsystem, including audit strategy module, security management and control policy module, configuration management module, concentration log pipe
Manage module, standardized management module, account management module, entitlement management module and authentication management module.
Wherein, referring to fig. 2, the private clound gateway of core function layer, comprising: the open mould of closed loop management module, service ability
Block, authentication module, account module, authorization module, Audit Module, asset source module, log concentrated collection and analysis module.
Closed loop management module is connect with office workflow workform management, for carrying out the management of access application process, comprehensive warning
Perception management, response service procedure management.
Closed loop management module, including access application process administrative unit, comprehensive warning perception management unit respond service flow
Thread management unit.
Service ability opens module, connect with enterprise-level private clound, for carrying out O&M single sign-on authentication, audit analysis
Report, the management of work order responding process, data synchronous query.
Service ability opens module, including O&M single sign-on authentication unit, audit analysis report unit, work order response stream
Thread management unit, data synchronous query unit.
Authentication module, with office side personnel LDAP (Lightweight Directory Access Protocol, light weight mesh
Record access protocol) connection;
Authentication module is connect with third party personnel LDAP;
Authentication module, for carrying out SSO (Single Sign On, single-sign-on) unified certification;
Authentication module, including SSO unified certification unit;
Account module is connect with office side personnel's account information library;
Account module is connect with third party's personnel's account information library;
Account module, for primary account number management, from account management and franchise account password strong-room management;
Account module, including primary account number administrative unit, from account management unit and feature account password strong-room;
Authorization module, including O&M access mandate unit and franchise account authorization unit;
Audit Module, with CMDB (Configuration Management Database, configuration management database) assets
Configuration management system/library connection;
Audit Module is connect with IPMAN (IP Metropolitan Area Network (MAN)) address administration library;
Audit Module is connect with IT terminal full dose management library;
Audit Module controls DNS (Domain Name System, domain name system)/DHCP (Dynamic Host with domain
Configuration Protocol, dynamic host configuration protocol) connection;
Audit Module is traced to the source for audit of detouring in real time, operation behavior audit, data desensitization audit and IP;
Audit Module, including the auditable unit that detours in real time, operation behavior auditable unit, data desensitization auditable unit and IP trace back
Source engine;
Asset source module is connect with CMDB Asset Allocation management library, automatic for carrying out asset source management and assets
It was found that;
Asset source module, including asset source administrative unit and assets find unit automatically;
Log concentrated collection and analysis module, for abnormal behaviour analysis, account management analysis and security risk perception point
Analysis;
Log concentrated collection and analysis module, including abnormal behaviour analytical unit, account management analytical unit and safety wind
Dangerous sension unit.
Wherein, account module is connect by primary account number administrative unit with office side personnel's account information library;
Account module is connect by primary account number administrative unit with third party's personnel's account information library.
Wherein, Audit Module is managed library and is connect by trace to the source engine and CMDB Asset Allocation of IP;
Audit Module is connect by IP engine of tracing to the source with IPMAN address administration library;
Audit Module is managed library and is connect by trace to the source engine and IT terminal full dose of IP;
Audit Module is controlled DNS/DHCP and is connect by trace to the source engine and the domain IP.
Wherein, asset source module manages library with CMDB Asset Allocation by asset source administrative unit and connect.
Private clound gateway shown in Fig. 2, can based on agreement positive supply realize, to SSH, Windows remote desktop,
The data flow of the common O&M agreement such as SFTP carries out whole record, then records a video back in such a way that protocol data-flow recombinates
It puts.
On the basis of optimization and upgrading tradition 4A gateway function, by big data technology, abnormal behaviour audit, account are realized
Administrative analysis, privilege account number cipher management and permission control, detour audits and precisely traces to the source, safety permission and risk respond in real time
The technological innovations function such as process closed loop management.
Realize centralization, the O&M principal and subordinate account of based role and the fine granularity authority distribution and pipe of role attribute rank
Reason.Realize authentication and the access entrance of centralization.It is needed to select different identification authentication modes according to safe O&M, be increased
Strong identity authentication means, final realization authentication means and application being relatively isolated and flexibly using.Realize central access authorization, base
In the access control of centralized management security strategy and the empowerment management of role, perfect resource is established to the authorization pipe of natural person
Reason.
In addition, behavior auditing subsystem shown in Fig. 3, for the behavior of audit database O&M operation exception, audit host
The behavior of O&M operation exception and auditing the network O&M operation exception behavior;
Behavior auditing subsystem, including database O&M operation exception behavior auditing unit, host O&M operation exception row
For auditable unit and network O&M operation exception behavior auditing unit;
Database O&M operation exception behavior auditing unit is used for the operation exception behavior of audit database O&M;
Database O&M operation exception behavior auditing unit, including system administration audit strategy subelement and business are used and are examined
Stratagem omits subelement;
System administration audit strategy subelement, for global illegal operation of auditing, the operation of audit administrator irregularity, audit
Non-administrator's unauthorized operation;
Business uses audit strategy subelement, for sensitive table sensitivity field abnormal access behavior of auditing;
Host O&M operation exception behavior auditing unit, for host O&M operation exception behavior of auditing;Host O&M behaviour
It include the time anomaly behavior of host O&M operation, personnel's abnormal behaviour of host O&M operation, host O&M as abnormal behaviour
The operation exception behavior of operation;
Network O&M operation exception behavior auditing unit is used for the operation exception behavior of auditing the network O&M;Network O&M behaviour
It include the time anomaly behavior of network O&M operation, personnel's abnormal behaviour of network O&M operation, network O&M as abnormal behaviour
The operation exception behavior of operation.
In order to realize the function of behavior auditing subsystem, corresponding data storage calculation layer further includes model analysis module and is deposited
Store up computing module;
Model analysis module is located between shared common data and service bus and storage computing module, stores computing module
Between model analysis module and Hadoop cluster and data-base cluster;
Model analysis module, for abnormal behaviour analysis, risk track to be traced to the source, account management is analyzed and security risk sense
Know;
Model analysis module, including anomaly analysis unit, analysis track are traced to the source unit, account management analytical unit, safety
Risk perceptions unit, data mining engine and machine learning engine;
Computing module is stored, data label, data storage, data auditing, distributed computing and stream calculation are used for;
Store computing module, including data label unit, data storage cell, data auditing unit, distributed computing list
Member and stream calculation unit.
In order to realize the function of behavior auditing subsystem, corresponding acquisition interface layer further includes data convergence exchange, real-time
Data flow acquisition and message queue (being not shown in Fig. 3 and module identical in Fig. 1);
In order to realize that the function of behavior auditing subsystem, corresponding data source further include security gateway operation log and net
Network mirror image data acquisition engine (is not shown and module identical in Fig. 1) in Fig. 3.
Behavior auditing subsystem shown in Fig. 3 may be implemented to carry out User action log acquisition to private clound security gateway,
Real-time mirror image is carried out to network access traffic, by integrated relational analysis technology and big data algorithm analysis model, and combines number
It draws a portrait according to asset configuration information and user behavior characteristics, analyzes and determine abnormal user behavior, detection and perception private clound assets
With data safety risk.It is intelligently disposed using cloud security risk and protects engine, according to set Safeguard tactics, privately owned
It audits to the abnormal behaviour of user on Yunan County's full gateway, alert or intelligently blocks respectively, intelligent mould is carried out to sensitive data
Gelatinization processing etc..
By association analysis to full dose operation log and behavior auditing, realize to abnormal behaviour, network penetration, safe prestige
The monitoring of the side of body, precisely identification and early warning.It can provide:
Association analysis based on assets: it is associated, sentences with the loophole in the sensibility and underlying assets of underlying assets
Disconnected security incident causes dysgenic degree.
Association analysis based on statistics: to the event setup threshold values of the classifications such as time, personnel, sensitive operation, by appearance
Event is cached and is counted, and within certain a period of time, counting reaches the threshold values, can produce the higher safety of rank
Event.
Rule-based association analysis: 1, the customized relevant rules of visual editor;2, occurred according to security incident
Causality, carry out association analysis in logic, the comparison of support logic with it is nested;3, support previous rule output as latter
Union and intersection processing between the input and rule of rule.
Human behavior track portrait: by the security factor information capture based on personnel, the thinking mould of " big data " is used for reference
Formula, the value for carrying out deep layer to related network elements log are excavated, and form human behavior track and assets security situation is drawn a portrait.
In addition, private clound secure, integral operation platform provided by the invention, can also carry out linkage delivery.Such as private clound
Tenant is by submitting asset creation request slip and resource people used in connection in cloud platform, with electronic flow model automatically in cloud net
It puts row assets into and builds account and asset jurisdiction creation, finally feedback and user security application creation feelings in the form of electronic process list
Condition.In privately owned cloud platform, user can be immediately seen related resource single-sign-on button on the asset delivery page.
In addition, private clound secure, integral operation platform provided by the invention, can also precisely be traced to the source.Such as it is based on net
Network IP plans physical message, and cloud assets, terminal use information and external the Internet practical information, quickly to the safety occurred
Event carries out source IP and Target IP carries out the accurate translation of physical message and practical information, helps safe operation management person to carry out fast
Speed positioning incident target and event cause source.
IP traces to the source engine: IP resource visualized management realizes accurate security management and control.
IP traces to the source engine by CMDB, IT terminal full dose management system, IPMAN address management system, DHCP and AD
The information linkage processing of the domain (Active Directory) control etc., realizes the accurate of IP resource visualized management and security risk
It traces to the source function.
As standalone module, web access interface is provided, is looked into each functional module in private clound inside and external system offer
It askes and calls service, be that there is the IT resource information of corporate identity to trace to the source engine.
In addition, private clound secure, integral operation platform provided by the invention, can also carry out a key disposition.It such as will be original
Manual O&M carries out template tool, automatically selects operation and maintenance tools in a manner of message according to security incident occurrence type and pushes to
Whether administrator needs to carry out security alarm disposing task.Such as: WAF (the Web Application from internet
Firewall, website application layer intrusion prevention system) attack is that WAF belongs to network administrator's processing to event type
Scope automatically selects and pushes to network administrator based on network attack block tool, when network administrator agrees to dispose this event
When, system obtains event source IP automatically and Target IP is passed to the automatic block of block execution of instrument.
The private clound secure, integral operation platform can be based on the safe O&M demand of actual platform, trace to the source in fast accurate
On the basis of, cooperation is effectively promoted risk and disposes response speed, reduced safety with tool, a key disposal process of procedure
Maintenance work intensity.
In addition, private clound secure, integral operation platform provided by the invention, can also carry out automation cloud security risk
Scanning.It is such as directed to magnanimity cloud fictitious assets, by the automatic management subsystem of intelligent cloud security risk, realizes routine safety O&M work
The inspection of system security baseline, security scan, weak passwurd inspection, wooden horse killing, abnormal investigation, abnormal behaviour are sentenced in work
It is fixed to carry out automatic dispatching processing with work such as processing, promote the automatic inspection of security risk and the pipe of security risk life cycle
Reason ability, realize private clound safety risk management work it is visual, can manage, controllably.Push routine safety maintenance work technology and
Management is effectively combined and lands.
In addition, private clound secure, integral operation platform provided by the invention, can also carry out the full life of cloud security O&M
The closed loop management in period.Dynamic sensing and user's abnormal behaviour of detecting and alarm discovery, attack are such as threatened into security incident, received
Enter to respond service flow engine and be managed collectively.It realizes from risk identification, event alarm, automatic distributing, response disposition, confirmation
The security incident response work of the links such as reply.
To security baseline inspection, security scan, weak passwurd inspection, the killing of WEBSHELL wooden horse, abnormal investigation
It is manually or automatically dispatched etc. safe maintenance work.And be associated with CMDB and Responsibility of Staff matrix, closed loop realizes risk
Classification, profession identification, work order distribution, reinforces the safe maintenance works such as disposition, repetition measurement confirmation at grade classification.Make automatic flow
Engine specifically includes:
1) security incident and sweep loophole or risk triggering security risk control flow engine formed work order example;
2) engine splits rule by sub- work order, and the operation system and personnel specialty line responsibility being associated in CMDB form son
Work order distributes automatically;
3) each department administrator claims and disposes to work order;
4) safety officer is to being completed safe work order and event carries out review confirmation;
In addition, private clound secure, integral operation platform provided by the invention, can also carry out franchise account number cipher management
It is controlled with high permission.Account Administration in Unified Set is such as provided, supports that the resource of management includes that the operating system of mainstream, network are set
Standby and application system;The Account Administrations life cycle institute such as it can not only realize the creation of managed resource account number, delete and synchronize
The basic function for including, and cloud assets account is synchronized to automatically by franchise account number cipher library by account management work order process,
Receive pipe in order to which cloud assets account can follow resource account number safety management method.
By disposing control process in private clound secure, integral operation platform, obtain to critical system privilege account
Power is controlled, realizes and is transmitted without decodement, password leakage risk is not present.Administrator right principal and subordinate's account is faced based on auditing result
Shi Jianli authorization, is finished recycling, to effectively be managed to resources of production administrator right:
1) work order application privilege access: operation maintenance personnel fills in and initiates franchise account access application, after administrative staff's examination & approval
It carries out franchise account and assigns power.
2) franchise account assigns power: to application main account and being applied to carry out from account privileges account on intelligent and safe gateway
Temporary Authorization access operation deletes temporary Authorization access association after the completion of the time is overdue or work order state confirmation.
3) cipher inquiry: providing interface, and administrator's account number cipher of specified target resource is inquired for system manager.
4) password unloading: franchise account number cipher modification is synchronous to be saved, can first support in strong-room failure.
5) task schedule: modification strategy, the recycling of franchise account can be set in the task schedule of configuration trigger password modification
Franchise account number cipher meets the requirement in safety management specification to password complexity and modification period.
Layer, core function are calculated in private clound secure, integral operation platform provided by the invention, including the storage of acquisition interface layer, data
Ergosphere, service provide layer and management subsystem;Acquisition interface layer, be located at bottom, for security log is acquired and with number
Layer communication is calculated according to storage;Layer is calculated in data storage, between acquisition interface layer and core function layer, for by logical with acquisition interface layer
Letter obtains data, and provides data by communicating to communicate to core function layer with core function layer;Core function layer is located at data
It stores up to calculate layer and service and provide between layer, for communicating acquisition data by calculating layer with data storage, and led to by providing layer with service
Believe that providing layer to service provides corresponding function;Service provides layer, is located at top layer, for by communicating acquisition with core function layer
Function and function based on acquisition provides service.Layer, core function layer, service offer layer are calculated by acquisition interface layer, data storage
The integrated O&M under cloud environment is realized with management subsystem.
It should be clear that the invention is not limited to specific configuration described above and shown in figure and processing.
For brevity, it is omitted here the detailed description to known method.In the above-described embodiments, several tools have been described and illustrated
The step of body, is as example.But method process of the invention is not limited to described and illustrated specific steps, this field
Technical staff can be variously modified, modification and addition after understanding spirit of the invention, or suitable between changing the step
Sequence.
It should also be noted that, the exemplary embodiment referred in the present invention, is retouched based on a series of step or device
State certain methods or system.But the present invention is not limited to the sequence of above-mentioned steps, that is to say, that can be according in embodiment
The sequence referred to executes step, may also be distinct from that the sequence in embodiment or several steps are performed simultaneously.
Finally, it should be noted that above-described embodiments are merely to illustrate the technical scheme, rather than to it
Limitation;Although the present invention is described in detail referring to the foregoing embodiments, those skilled in the art should understand that:
It can still modify to technical solution documented by previous embodiment, or to part of or all technical features into
Row equivalent replacement;And these modifications or substitutions, it does not separate the essence of the corresponding technical solution various embodiments of the present invention technical side
The range of case.
Claims (10)
1. a kind of private clound secure, integral operation platform, which is characterized in that the platform, comprising: acquisition interface layer, data storage
Layer, core function layer, service offer layer and management subsystem are provided;
The acquisition interface layer is located at bottom, communicates for being acquired to security log and storing up calculation layer with the data;
The acquisition interface layer, including acquisition and sync cap subsystem, the acquisition and sync cap subsystem include: data
Processing/ETL module, acquisition interface, system synchronous mating interface, data source;
Layer is calculated in data storage, positioned at the acquisition interface layer and the core function layer between, be used for by with the acquisition
Interface layer communication obtains data, and provides data by communicating to communicate to the core function layer with the core function layer;
Layer is calculated in the data storage, including intensive data stores up operator platform, and the intensive data storage operator platform includes common data
Shared and service bus, Hadoop cluster and data-base cluster;
The core function layer, is located at data storage and calculates layer and the service and provide between layer, be used for by with the data
It stores up and calculates layer communication acquisition data, and communicate function corresponding to service offer layer offer by providing layer with the service;
The core function layer, including data-mining module, audit analysis module, asset source module, data security module, peace
Full control module;
The data-mining module, including intelligent O&M analysis engine and data interactive mode explore query unit;
The data interaction formula is explored query unit and is communicated with the intelligent O&M analysis engine;
The audit analysis module, including behavior auditing subsystem and log audit subsystem;
The asset source module, including asset management subsystem and the automatic management subsystem of security risk;
The asset management subsystem, including asset source administrative unit and IP trace to the source engine;
The data security module, including data safety subsystem;
The data safety subsystem, comprising: uniform data extraction engine and sensitive data are blurred engine;
The security management and control module, including private clound gateway and network flow intelligent scheduling;
The service provides layer, is located at top layer, for obtaining function and based on acquisition by communicating with the core function layer
Function provides service;
The service provides layer, including united portal subsystem and the open module of SaaS service ability;
The open module of the SaaS service ability, including privately owned cloud platform cloud security service and capacity unit;
The united portal subsystem, including concentrate to show and be rung in function view unit, security incident Alarm Unit, integrated service
Answer flow elements, intelligent O&M automatic flow unit;
The security incident Alarm Unit and the concentration show in function view unit communication;
The security incident Alarm Unit and the integrated service responding process unit communication;
The intelligence O&M automatic flow unit and the concentration show in function view unit communication;
The intelligence O&M automatic flow unit and the integrated service responding process unit communication;
The integrated service responding process unit and the concentration show in function view unit communication;
The management subsystem calculates layer, core function layer and service through acquisition interface layer, data storage and provides layer;
The management subsystem, including audit strategy module, security management and control policy module, configuration management module, concentration log pipe
Manage module, standardized management module, account management module, entitlement management module and authentication management module.
2. platform according to claim 1, which is characterized in that the data source, including configuration management database/IT service
Manage data source, building environment data source, host data source, storing data source, network data source, security audit data source, industry
Business application data source, platform software data source.
3. platform according to claim 2, which is characterized in that phase intercommunication between the Hadoop cluster and data-base cluster
Letter;
The Hadoop cluster is communicated by the way that the common data is shared with service bus with the core function layer;
The data-base cluster is communicated by the way that the common data is shared with service bus with the core function layer.
4. platform according to claim 3, which is characterized in that the private clound gateway, comprising: closed loop management module, clothes
Business ability opens module, authentication module, account module, authorization module, Audit Module, asset source module, log concentrated collection
With analysis module;
The closed loop management module, connect with office workflow workform management, for carrying out the management of access application process, comprehensive warning
Perception management, response service procedure management;
The closed loop management module, including access application process administrative unit, comprehensive warning perception management unit respond service flow
Thread management unit;
The open module of the service ability, connect, for carrying out O&M single sign-on authentication, audit analysis with enterprise-level private clound
Report, the management of work order responding process, data synchronous query;
The open module of the service ability, including O&M single sign-on authentication unit, audit analysis report unit, work order response stream
Thread management unit, data synchronous query unit;
The authentication module is connect with office side personnel Light Directory Access Protocol LDAP;
The authentication module is connect with third party personnel LDAP;
The authentication module, for carrying out single-sign-on SSO unified certification;
The authentication module, including SSO unified certification unit;
The account module is connect with office side personnel's account information library;
The account module is connect with third party's personnel's account information library;
The account module, for primary account number management, from account management and franchise account password strong-room management;
The account module, including primary account number administrative unit, from account management unit and feature account password strong-room;
The authorization module, including O&M access mandate unit and franchise account authorization unit;
The Audit Module is connect with configuration management database CMDB Asset Allocation management library;
The Audit Module is connect with IP Metropolitan Area Network (MAN) IPMAN address administration library;
The Audit Module is connect with IT terminal full dose management library;
The Audit Module is connect with domain control domain name system DNS/dynamic host configuration protocol DHCP;
The Audit Module is traced to the source for audit of detouring in real time, operation behavior audit, data desensitization audit and IP;
The Audit Module, including the auditable unit that detours in real time, operation behavior auditable unit, data desensitization auditable unit and IP trace back
Source engine;
The asset source module is connect with CMDB Asset Allocation management library, automatic for carrying out asset source management and assets
It was found that;
The asset source module, including asset source administrative unit and assets find unit automatically;
The log concentrated collection and analysis module, for abnormal behaviour analysis, account management analysis and security risk perception point
Analysis;
The log concentrated collection and analysis module, including abnormal behaviour analytical unit, account management analytical unit and safety wind
Dangerous sension unit.
5. platform according to claim 4, which is characterized in that the account module passes through primary account number administrative unit and office side
The connection of personnel's account information library;
The account module is connect by primary account number administrative unit with third party's personnel's account information library.
6. platform according to claim 4, which is characterized in that the Audit Module is traced to the source engine and CMDB by the IP
Asset Allocation manages library connection;
The Audit Module is connect by IP engine of tracing to the source with IPMAN address administration library;
The Audit Module is managed library and is connect by trace to the source engine and IT terminal full dose of the IP;
The Audit Module is controlled DNS/DHCP and is connect by trace to the source engine and the domain the IP.
7. platform according to claim 4, which is characterized in that the asset source module is managed by the asset source
Unit is connect with CMDB Asset Allocation management library.
8. platform according to claim 3, which is characterized in that the behavior auditing subsystem is transported for audit database
Tie up operation exception behavior, audit host O&M operation exception behavior and auditing the network O&M operation exception behavior;
The behavior auditing subsystem, including database O&M operation exception behavior auditing unit, host O&M operation exception row
For auditable unit and network O&M operation exception behavior auditing unit;
The database O&M operation exception behavior auditing unit is used for the operation exception behavior of audit database O&M;
The database O&M operation exception behavior auditing unit, including system administration audit strategy subelement and business are used and are examined
Stratagem omits subelement;
The system administration audit strategy subelement, for global illegal operation of auditing, the operation of audit administrator irregularity, audit
Non-administrator's unauthorized operation;
The business uses audit strategy subelement, for sensitive table sensitivity field abnormal access behavior of auditing;
The host O&M operation exception behavior auditing unit, for host O&M operation exception behavior of auditing;The host fortune
Dimension operation exception behavior includes the time anomaly behavior of host O&M operation, personnel's abnormal behaviour of host O&M operation, host
The operation exception behavior of O&M operation;
The network O&M operation exception behavior auditing unit is used for the operation exception behavior of auditing the network O&M;The network fortune
Dimension operation exception behavior includes the time anomaly behavior of network O&M operation, personnel's abnormal behaviour of network O&M operation, network
The operation exception behavior of O&M operation.
9. platform according to claim 8, which is characterized in that layer is calculated in data storage, further include model analysis module and
Store computing module;
The model analysis module is located at common data and shares the storage between service bus and the storage computing module
Computing module is between model analysis module and Hadoop cluster and data-base cluster;
The model analysis module, for abnormal behaviour analysis, risk track to be traced to the source, account management is analyzed and security risk sense
Know;
The model analysis module, including anomaly analysis unit, analysis track are traced to the source unit, account management analytical unit, safety
Risk perceptions unit, data mining engine and machine learning engine;
The storage computing module is used for data label, data storage, data auditing, distributed computing and stream calculation;
The storage computing module, including data label unit, data storage cell, data auditing unit, distributed computing list
Member and stream calculation unit.
10. platform according to claim 9, which is characterized in that the acquisition interface layer, further include data convergence exchange,
Real-time stream acquisition and message queue;
The data source further includes security gateway operation log and Network Mirror data capture engine.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810925138.0A CN108960456A (en) | 2018-08-14 | 2018-08-14 | Private clound secure, integral operation platform |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810925138.0A CN108960456A (en) | 2018-08-14 | 2018-08-14 | Private clound secure, integral operation platform |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN108960456A true CN108960456A (en) | 2018-12-07 |
Family
ID=64469332
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810925138.0A Pending CN108960456A (en) | 2018-08-14 | 2018-08-14 | Private clound secure, integral operation platform |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108960456A (en) |
Cited By (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109600269A (en) * | 2019-01-21 | 2019-04-09 | 云南电网有限责任公司信息中心 | A kind of cloud management platform based on DCOS |
| CN110611594A (en) * | 2019-09-23 | 2019-12-24 | 广州海颐信息安全技术有限公司 | Method and device for multiple access and fault switching of main node of privileged system |
| CN110708299A (en) * | 2019-09-23 | 2020-01-17 | 广州海颐信息安全技术有限公司 | Method and device for privilege centralized management and realization of dynamic host mutual trust authentication |
| CN110798660A (en) * | 2019-09-30 | 2020-02-14 | 武汉兴图新科电子股份有限公司 | Integrated operation and maintenance system based on cloud federal audio and video fusion platform |
| CN110881039A (en) * | 2019-11-27 | 2020-03-13 | 杭州安恒信息技术股份有限公司 | Cloud security management system |
| CN111274569A (en) * | 2019-12-24 | 2020-06-12 | 中国科学院电子学研究所苏州研究院 | Research, development, operation and maintenance integrated system for unified login authentication and login authentication method thereof |
| CN111343263A (en) * | 2020-02-21 | 2020-06-26 | 北京京东尚科信息技术有限公司 | Operation and maintenance system and operation and maintenance method for batch private cloud |
| CN111600856A (en) * | 2020-03-07 | 2020-08-28 | 浙江齐治科技股份有限公司 | Safety system of operation and maintenance of data center |
| CN112328300A (en) * | 2020-11-24 | 2021-02-05 | 科大国创云网科技有限公司 | IT (information technology) automatic operation and maintenance system based on batch control tool |
| CN112462724A (en) * | 2020-12-11 | 2021-03-09 | 四川川能智网实业有限公司 | Data monitoring system based on industrial internet |
| CN112651433A (en) * | 2020-12-17 | 2021-04-13 | 广州锦行网络科技有限公司 | Abnormal behavior analysis method for privileged account |
| CN112765600A (en) * | 2020-12-28 | 2021-05-07 | 中国人寿保险股份有限公司上海数据中心 | Control method for collecting automatic synchronization CMDB based on HIDS intrusion detection |
| CN113313280A (en) * | 2021-03-31 | 2021-08-27 | 阿里巴巴新加坡控股有限公司 | Cloud platform inspection method, electronic equipment and nonvolatile storage medium |
| CN113556348A (en) * | 2021-07-23 | 2021-10-26 | 中能融合智慧科技有限公司 | Server asset management system based on integrated monitoring |
| CN114979281A (en) * | 2022-07-11 | 2022-08-30 | 成都信息工程大学 | Data interaction method applied to industrial internet cloud service platform |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103400226A (en) * | 2013-07-31 | 2013-11-20 | 湖南省烟草公司永州市公司 | Integrated tobacco industry information security, operation and maintenance application platform system |
| US20150134727A1 (en) * | 2013-11-12 | 2015-05-14 | Konkuk University Industrial Cooperation Corp. | Cloud-based data server providing home appliance management service and method thereof |
| CN105119750A (en) * | 2015-09-08 | 2015-12-02 | 南京联成科技发展有限公司 | Distributed information security operation and maintenance management platform based on massive data |
| CN105335273A (en) * | 2015-09-25 | 2016-02-17 | 浪潮(北京)电子信息产业有限公司 | Cloud management platform facing private cloud |
| CN107302529A (en) * | 2017-06-14 | 2017-10-27 | 苏州海加网络科技股份有限公司 | Database security auditing system and method based on scene perception |
| CN108243040A (en) * | 2016-12-23 | 2018-07-03 | 南京联成科技发展股份有限公司 | A kind of authentication of cloud computing and the realization framework for accessing management security service |
-
2018
- 2018-08-14 CN CN201810925138.0A patent/CN108960456A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103400226A (en) * | 2013-07-31 | 2013-11-20 | 湖南省烟草公司永州市公司 | Integrated tobacco industry information security, operation and maintenance application platform system |
| US20150134727A1 (en) * | 2013-11-12 | 2015-05-14 | Konkuk University Industrial Cooperation Corp. | Cloud-based data server providing home appliance management service and method thereof |
| CN105119750A (en) * | 2015-09-08 | 2015-12-02 | 南京联成科技发展有限公司 | Distributed information security operation and maintenance management platform based on massive data |
| CN105335273A (en) * | 2015-09-25 | 2016-02-17 | 浪潮(北京)电子信息产业有限公司 | Cloud management platform facing private cloud |
| CN108243040A (en) * | 2016-12-23 | 2018-07-03 | 南京联成科技发展股份有限公司 | A kind of authentication of cloud computing and the realization framework for accessing management security service |
| CN107302529A (en) * | 2017-06-14 | 2017-10-27 | 苏州海加网络科技股份有限公司 | Database security auditing system and method based on scene perception |
Cited By (22)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109600269A (en) * | 2019-01-21 | 2019-04-09 | 云南电网有限责任公司信息中心 | A kind of cloud management platform based on DCOS |
| CN110611594A (en) * | 2019-09-23 | 2019-12-24 | 广州海颐信息安全技术有限公司 | Method and device for multiple access and fault switching of main node of privileged system |
| CN110708299A (en) * | 2019-09-23 | 2020-01-17 | 广州海颐信息安全技术有限公司 | Method and device for privilege centralized management and realization of dynamic host mutual trust authentication |
| CN110798660B (en) * | 2019-09-30 | 2020-12-29 | 武汉兴图新科电子股份有限公司 | Integrated operation and maintenance system based on cloud federal audio and video fusion platform |
| CN110798660A (en) * | 2019-09-30 | 2020-02-14 | 武汉兴图新科电子股份有限公司 | Integrated operation and maintenance system based on cloud federal audio and video fusion platform |
| CN110881039A (en) * | 2019-11-27 | 2020-03-13 | 杭州安恒信息技术股份有限公司 | Cloud security management system |
| CN110881039B (en) * | 2019-11-27 | 2022-06-21 | 杭州安恒信息技术股份有限公司 | Cloud security management system |
| CN111274569A (en) * | 2019-12-24 | 2020-06-12 | 中国科学院电子学研究所苏州研究院 | Research, development, operation and maintenance integrated system for unified login authentication and login authentication method thereof |
| CN111343263A (en) * | 2020-02-21 | 2020-06-26 | 北京京东尚科信息技术有限公司 | Operation and maintenance system and operation and maintenance method for batch private cloud |
| CN111343263B (en) * | 2020-02-21 | 2022-01-11 | 北京京东尚科信息技术有限公司 | Operation and maintenance system and operation and maintenance method for batch private cloud |
| CN111600856A (en) * | 2020-03-07 | 2020-08-28 | 浙江齐治科技股份有限公司 | Safety system of operation and maintenance of data center |
| CN111600856B (en) * | 2020-03-07 | 2023-03-31 | 浙江齐治科技股份有限公司 | Safety system of operation and maintenance of data center |
| CN112328300A (en) * | 2020-11-24 | 2021-02-05 | 科大国创云网科技有限公司 | IT (information technology) automatic operation and maintenance system based on batch control tool |
| CN112462724A (en) * | 2020-12-11 | 2021-03-09 | 四川川能智网实业有限公司 | Data monitoring system based on industrial internet |
| CN112651433B (en) * | 2020-12-17 | 2021-12-14 | 广州锦行网络科技有限公司 | Abnormal behavior analysis method for privileged account |
| CN112651433A (en) * | 2020-12-17 | 2021-04-13 | 广州锦行网络科技有限公司 | Abnormal behavior analysis method for privileged account |
| CN112765600A (en) * | 2020-12-28 | 2021-05-07 | 中国人寿保险股份有限公司上海数据中心 | Control method for collecting automatic synchronization CMDB based on HIDS intrusion detection |
| CN113313280A (en) * | 2021-03-31 | 2021-08-27 | 阿里巴巴新加坡控股有限公司 | Cloud platform inspection method, electronic equipment and nonvolatile storage medium |
| CN113313280B (en) * | 2021-03-31 | 2023-09-19 | 阿里巴巴新加坡控股有限公司 | Cloud platform inspection method, electronic equipment and nonvolatile storage medium |
| CN113556348A (en) * | 2021-07-23 | 2021-10-26 | 中能融合智慧科技有限公司 | Server asset management system based on integrated monitoring |
| CN114979281A (en) * | 2022-07-11 | 2022-08-30 | 成都信息工程大学 | Data interaction method applied to industrial internet cloud service platform |
| CN114979281B (en) * | 2022-07-11 | 2022-11-08 | 成都信息工程大学 | Data interaction method applied to industrial internet cloud service platform |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108960456A (en) | Private clound secure, integral operation platform | |
| CN109729168B (en) | Data sharing exchange system and method based on block chain | |
| CN110648120B (en) | Online forest resource supervision method based on mobile internet | |
| CN103400226A (en) | Integrated tobacco industry information security, operation and maintenance application platform system | |
| CN109861995A (en) | A kind of safe big data intelligent analysis method of cyberspace, computer-readable medium | |
| CN110335187A (en) | A kind of smart city operating system | |
| CN104240342B (en) | Access control method and device based on identity authentication | |
| CN109885562A (en) | A kind of big data intelligent analysis system based on cyberspace safety | |
| CN107798466A (en) | A kind of Urban Operation administrative center system | |
| CN107871204A (en) | A kind of Urban Operation centric system architecture and engineering system | |
| CN105989443A (en) | Intelligent-mobile-terminal-based communication line inspection system | |
| CN110533789B (en) | Equipment inspection management method and device based on block chain | |
| CN105991734A (en) | Cloud platform management method and system | |
| CN106055984A (en) | Classified management method applied to security baseline software | |
| CN109189844A (en) | A kind of inspection examining report business management system | |
| CN107194281B (en) | A kind of anti-fake system based on block chain technology | |
| CN110795422B (en) | Data service management method and system | |
| CN113592680A (en) | Service platform based on regional education big data | |
| CN106779485A (en) | Total management system and data processing method based on SOA framework | |
| CN113722301A (en) | Big data processing method, device and system based on education information and storage medium | |
| CN112150122A (en) | Agile network resource positioning and decision-making system | |
| CN105447631A (en) | Subway engineering tri-network intelligent control system and method thereof | |
| CN109801416A (en) | A kind of total dimension computer lab management method of building together based on big data analysis | |
| CN110097486A (en) | A kind of movable police verification core recording system | |
| CN113808757A (en) | Infectious disease registration traceability system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20181207 |