CN116167029B - Computer system account management method based on cloud computing - Google Patents

Computer system account management method based on cloud computing Download PDF

Info

Publication number
CN116167029B
CN116167029B CN202310436946.1A CN202310436946A CN116167029B CN 116167029 B CN116167029 B CN 116167029B CN 202310436946 A CN202310436946 A CN 202310436946A CN 116167029 B CN116167029 B CN 116167029B
Authority
CN
China
Prior art keywords
user
threshold
account management
abnormal
cloud platform
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202310436946.1A
Other languages
Chinese (zh)
Other versions
CN116167029A (en
Inventor
郑烁
黄淑芬
黄航
刘佳洁
马瑞芳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SHANTOU LINBAIXIN SCIENCE AND
Original Assignee
SHANTOU LINBAIXIN SCIENCE AND
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by SHANTOU LINBAIXIN SCIENCE AND filed Critical SHANTOU LINBAIXIN SCIENCE AND
Priority to CN202310436946.1A priority Critical patent/CN116167029B/en
Publication of CN116167029A publication Critical patent/CN116167029A/en
Application granted granted Critical
Publication of CN116167029B publication Critical patent/CN116167029B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Databases & Information Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention discloses a computer system account management method based on cloud computing, which relates to the technical field of account management, and comprises the following steps: an administrator creates a new account for a user on an account management system of a cloud platform, sets account information and grants corresponding rights according to user types, the user needs to carry out identity verification through the account management system of the cloud platform before accessing cloud platform resources, when different users operate on the cloud platform, the account management system acquires multiple items of data of the user in real time, the multiple items of data are comprehensively processed to acquire abnormal coefficients, and a user management scheme is generated according to a comparison result of the abnormal coefficients and gradient thresholds. According to the cloud platform operation monitoring method and the cloud platform operation monitoring system, the behavior of the user is monitored in the user operation process, so that the operation safety of the cloud platform is guaranteed.

Description

Computer system account management method based on cloud computing
Technical Field
The invention relates to the technical field of account management, in particular to a computer system account management method based on cloud computing.
Background
The account management of the computer system refers to a series of operations for managing and maintaining user accounts in the computer system, each user needs an account to access system resources to perform tasks such as file operation, software installation and network connection, so that the account management is very important for protecting the safety, confidentiality and usability of the system;
account management generally comprises operations of creating, modifying and deleting accounts, setting account passwords, authority, access control and the like, an administrator can limit the access range of users to a system through account management, access and data leakage of unauthorized users are prevented, operation records and log information of the users can be tracked, and timely response and repair of security holes are performed.
The prior art has the following defects:
when the existing computer cloud platform account is registered, the user creates the account, and then the administrator grants the authority after the user creates the account, however, in practical application, the administrator forgets to grant the authority, so that the user authority is insufficient, the user experiences with heart, and the account management system does not monitor the behavior of the user when the user operates the cloud platform, so that the security of the cloud platform is reduced when the user operates beyond the authority range or has abnormality.
Disclosure of Invention
The invention aims to provide a computer system account management method based on cloud computing, which aims to solve the defects in the background technology.
In order to achieve the above object, the present invention provides the following technical solutions: a computer system account management method based on cloud computing, the management method comprising the steps of:
s1: an administrator creates a new account for a user on an account management system of the cloud platform, sets account information according to the user category and grants corresponding rights;
s2: before accessing cloud platform resources, a user needs to carry out identity verification through an account management system of a cloud platform;
s3: when different users operate on the cloud platform, the account management system acquires multiple items of data of the users in real time, and the multiple items of data are comprehensively processed to acquire abnormal coefficients;
s4: and generating a user management scheme according to the comparison result of the anomaly coefficient and the gradient threshold value.
In a preferred embodiment, the account management system acquires multiple data of the user in real time, the multiple data includes an operation parameter and a network parameter, the operation parameter includes an operation anomaly frequency, the network parameter includes a network attacked frequency and a system vulnerability rate, and the operation anomaly frequency, the network attacked frequency and the system vulnerability rate are calculated by a formula to acquire anomaly coefficients, where the expression is:
Figure SMS_1
the method comprises the steps of carrying out a first treatment on the surface of the In (1) the->
Figure SMS_4
Is an abnormal coefficient->
Figure SMS_5
To operate abnormallyFrequency (F)>
Figure SMS_7
For the number of abnormal operations>
Figure SMS_8
For the duration of the user operating the cloud platform,
Figure SMS_10
for network parameters +.>
Figure SMS_11
For the frequency of network attack, +.>
Figure SMS_2
For system vulnerability rate->
Figure SMS_3
For correction factor, the values 2.168, < >>
Figure SMS_6
Proportional coefficients of the operating anomaly frequency and the network parameters, respectively, and +.>
Figure SMS_9
In a preferred embodiment, the operating anomaly frequency
Figure SMS_13
In (I)>
Figure SMS_15
Numbering libraries for different operational behaviors and +.>
Figure SMS_16
For {1, 2..and n }, n is a positive integer greater than 0, and the operation exception includes login times, access exceeding authority resources times, falsification exceeding authority data times and exception file uploading times, and the updated operation exception frequency ++>
Figure SMS_17
The expression is: />
Figure SMS_18
The method comprises the steps of carrying out a first treatment on the surface of the In (1) the->
Figure SMS_19
For the sum of login times, ++>
Figure SMS_20
For accessing the sum of the number of times of exceeding the authority resource, +.>
Figure SMS_12
For falsifying the sum of times beyond the rights data, +.>
Figure SMS_14
And the total number of times of uploading the abnormal file.
In a preferred embodiment, the network attacked frequency is monitored by the intrusion detection system, and the calculation expression of the network attacked frequency is:
Figure SMS_21
the method comprises the steps of carrying out a first treatment on the surface of the In (1) the->
Figure SMS_22
For the number of times the network is attacked +.>
Figure SMS_23
The time period is monitored.
In a preferred embodiment, the system vulnerability rate is monitored online by Qualys, and the calculation expression of the system vulnerability rate is:
Figure SMS_24
the method comprises the steps of carrying out a first treatment on the surface of the In (1) the->
Figure SMS_25
For the number of loopholes, the->
Figure SMS_26
The time period is monitored.
In a preferred embodiment, the gradient threshold comprises a first threshold
Figure SMS_28
A second threshold +.>
Figure SMS_29
And a first threshold +.>
Figure SMS_30
Second threshold->
Figure SMS_31
Obtaining abnormality coefficient->
Figure SMS_32
After that, the abnormality coefficient is->
Figure SMS_33
Is>
Figure SMS_34
A second threshold +.>
Figure SMS_27
And (5) comparing.
In a preferred embodiment, the anomaly coefficient
Figure SMS_35
Second threshold->
Figure SMS_36
The account management system judges that the user is excessively abnormal and generates a first management scheme;
first threshold value
Figure SMS_37
Abnormality factor->
Figure SMS_38
Second threshold->
Figure SMS_39
The account management system judges that the user is slightly abnormal and generates a second management scheme;
coefficient of abnormality
Figure SMS_40
First threshold->
Figure SMS_41
The account management system judges that the user operation is not abnormal, and a management scheme is not generated.
In a preferred embodiment, the account management system relies on anomaly coefficients
Figure SMS_44
Is>
Figure SMS_46
A second threshold +.>
Figure SMS_48
Predicting the use state of the cloud platform within a period of time, and acquiring the anomaly coefficient of all logged-in users on the cloud platform within the period of time>
Figure SMS_50
Calculating early warning value +.>
Figure SMS_52
The expression is: />
Figure SMS_54
The method comprises the steps of carrying out a first treatment on the surface of the In (1) the->
Figure SMS_56
Is an abnormality coefficient->
Figure SMS_42
Second threshold->
Figure SMS_45
Is>
Figure SMS_47
For a first threshold->
Figure SMS_49
Coefficient of abnormality
Figure SMS_51
Second threshold->
Figure SMS_53
Is>
Figure SMS_55
Is an abnormality coefficient->
Figure SMS_57
First threshold->
Figure SMS_43
Is a function of the number of times that the number of times is equal to the number of times.
In a preferred embodiment, the pre-warning value
Figure SMS_58
And early warning threshold->
Figure SMS_59
Comparing, if the early warning value
Figure SMS_60
Early warning threshold->
Figure SMS_61
The account management system sends out an early warning signal; if the early warning value->
Figure SMS_62
Early warning threshold->
Figure SMS_63
The account management system does not send out an early warning signal.
In the technical scheme, the invention has the technical effects and advantages that:
1. according to the cloud platform operation safety monitoring method, a manager creates a new account for a user on an account management system of the cloud platform, sets account information and grants corresponding rights according to user types, so that excessive grants of rights to the user are avoided, and when different users operate on the cloud platform, the account management system acquires multiple items of data of the user in real time, comprehensively processes the multiple items of data to acquire abnormal coefficients, generates a user management scheme according to a comparison result of the abnormal coefficients and gradient thresholds, monitors behaviors of the user in the process of user operation, and therefore ensures operation safety of the cloud platform;
2. according to the invention, the abnormal operation frequency, the network attacked frequency and the system vulnerability rate are calculated through the formula to obtain the abnormal coefficient, the multiple data are comprehensively analyzed through the formula, the processing efficiency of the data is effectively improved, and after the abnormal coefficient is obtained, a corresponding management scheme is generated according to the comparison result of the abnormal coefficient and the gradient threshold value, so that the management of a user account is facilitated, and the management efficiency is improved;
3. the invention is implemented by using anomaly coefficient
Figure SMS_64
Second threshold->
Figure SMS_66
All times marked +.>
Figure SMS_68
A first threshold value
Figure SMS_70
Abnormality factor->
Figure SMS_73
Second threshold->
Figure SMS_75
All times marked +.>
Figure SMS_77
Abnormality factor->
Figure SMS_65
First threshold value
Figure SMS_67
All times marked +.>
Figure SMS_69
And will->
Figure SMS_71
Obtaining an early warning value through formula calculation>
Figure SMS_72
Finally, through the early warning value->
Figure SMS_74
And early warning threshold->
Figure SMS_76
And (3) judging whether the cloud platform is abnormally used or not according to the comparison result, and effectively guaranteeing safe use of the cloud platform.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings that are needed in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments described in the present invention, and other drawings may be obtained according to these drawings for a person having ordinary skill in the art.
FIG. 1 is a flow chart of the method of the present invention.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is apparent that the described embodiments are some embodiments of the present invention, but not all embodiments of the present invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Example 1
Referring to fig. 1, the method for managing accounts of a computer system based on cloud computing according to the present embodiment includes the following steps:
an administrator creates a new account for a user on an account management system of a cloud platform, sets account information and grants corresponding rights according to user types, when the rights are set, only grants the rights necessary for the user according to a minimum grant principle so as to avoid excessive grants, the user needs to carry out identity verification through the account management system of the cloud platform before accessing the cloud platform resources, the identity verification can be carried out in various modes such as passwords, multi-factor authentication and the like, when the identity is verified, whether the user has the rights of accessing the resources or not can also be checked, when different users operate on the cloud platform, the account management system acquires multiple items of data of the user in real time, comprehensively processes the multiple items of data to acquire abnormal coefficients, and generates a user management scheme according to comparison results of the abnormal coefficients and gradient thresholds;
according to the cloud platform operation security monitoring method and system, a new account is created for a user on the account management system of the cloud platform through an administrator, account information is set according to user types, corresponding authorities are granted, excessive granting of the user authorities is avoided, when different users operate on the cloud platform, the account management system acquires multiple items of data of the user in real time, the multiple items of data are comprehensively processed to acquire abnormal coefficients, a user management scheme is generated according to the comparison result of the abnormal coefficients and gradient thresholds, and the behavior of the user is monitored in the user operation process, so that the cloud platform operation security is guaranteed.
In this embodiment, an administrator creates a new account for a user on an account management system of the cloud platform, sets account information and grants corresponding rights according to a user category, and when the rights are set, only rights necessary for the user are granted to avoid excessive rights by following a minimum authorization principle.
The administrator creates a new account for the user on the account management system of the cloud platform, which comprises the following steps:
(1) An administrator firstly needs to log in to an account management system of a cloud platform to obtain management rights;
(2) In the account management system, an administrator can create a new user account through a corresponding interface or command line tool, and when a new user is created, the administrator needs to provide basic information of the user, such as a user name, an email address, a mobile phone number and the like;
(3) An administrator needs to set a password and an authentication mode of a user so as to ensure the security of an account; the administrator can choose to use the default password or the custom password and configure security measures such as two-factor authentication for the user;
(4) The administrator sends notifications and welcome mails to the user, introducing the method and notice of use of the platform, to help the user get up quickly and make full use of the platform resources.
After the new account is created, setting account information and granting corresponding rights according to the user category comprises the following steps:
(1) Determining the user category: the administrator needs to determine the user category of the new account according to the actual situation, such as common users, developers, administrators, etc.;
(2) Setting account information: according to the user category and the actual demand, the administrator needs to set corresponding account information including names, email addresses, telephone numbers, departments, positions and the like, and the information can be used for subsequent user management and authority control;
(3) Assigning roles and rights: an administrator needs to allocate corresponding roles and authorities for the new account so as to control the access and the operation range of the user, and can select a predefined role or a custom role according to the user category and the work responsibility and allocate different authorities for the roles;
(4) Configuring an authentication mode and a password: an administrator needs to configure an authentication mode and a password for a new account to ensure the security of the account, and can select to use a default password or a custom password and configure security measures such as double-factor authentication for a user.
Before accessing cloud platform resources, a user needs to perform identity verification through an account management system of a cloud platform, and the method comprises the following steps:
(1) Inputting a user name and a password: when a user accesses the cloud platform, the registered user name and password are required to be input to verify the identity, and some cloud platforms also support other identity verification modes, such as mobile phone verification codes, double-factor authentication and the like;
(2) Sending an authentication request: after a user inputs a user name and a password, an account management system of the cloud platform receives an identity verification request and performs identity verification;
(3) Checking identity information: the account management system checks the identity information stored in the account database according to the user name and the password input by the user, if the identity information is matched, the identity authentication is passed, the user can access the platform resource, and if the identity information is not matched, the identity authentication fails, and the user cannot access the platform resource;
(4) The access rights are granted: once the authentication is passed, the account management system of the cloud platform authorizes the user with access rights according to the role and rights of the user, and the user can only access the authorized resources and data, but cannot access the unauthorized resources and data.
Example 2
When different users operate on the cloud platform, the account management system acquires multiple items of data of the users in real time, comprehensively processes the multiple items of data to acquire abnormal coefficients, and generates a user management scheme according to the comparison result of the abnormal coefficients and the gradient threshold.
When different users operate on the cloud platform, the account management system acquires multiple items of data of the users in real time, and the method for comprehensively processing the multiple items of data to acquire abnormal coefficients comprises the following steps:
the account management system acquires multiple items of data of a user in real time, wherein the multiple items of data comprise operation parameters and network parameters, the operation parameters comprise abnormal operation frequencies, and the network parameters comprise network attacked frequencies and system vulnerability rates;
obtaining an abnormal coefficient after calculating the operation abnormal frequency, the network attacked frequency and the system vulnerability rate through a formula, wherein the expression is as follows:
Figure SMS_78
in the method, in the process of the invention,
Figure SMS_80
is an abnormal coefficient->
Figure SMS_81
For the abnormal frequency of operation, +.>
Figure SMS_82
For the number of abnormal operations>
Figure SMS_84
For the duration of user operation of the cloud platform, +.>
Figure SMS_86
For network parameters +.>
Figure SMS_87
For the frequency of network attack, +.>
Figure SMS_88
For system vulnerability rate->
Figure SMS_79
For correction factor, the values 2.168, < >>
Figure SMS_83
Proportional coefficients of the operating anomaly frequency and the network parameters, respectively, and +.>
Figure SMS_85
The abnormal frequency of operation
Figure SMS_89
In (I)>
Figure SMS_90
Numbering libraries for different operational behaviors and +.>
Figure SMS_91
For {1, 2..and n }, n is a positive integer greater than 0, and the operation exception includes login times, access exceeding authority resources times, falsification exceeding authority data times and exception file uploading times, where n=4, and the updated operation exception is performedFrequency->
Figure SMS_92
The expression is:
Figure SMS_93
in the method, in the process of the invention,
Figure SMS_94
for the sum of login times, ++>
Figure SMS_95
For accessing the sum of the number of times of exceeding the authority resource, +.>
Figure SMS_96
For falsifying the sum of times beyond the rights data, +.>
Figure SMS_97
For the sum of the uploading times of the abnormal files, because the operation anomalies included in different cloud platforms are different, the other cloud platforms possibly further include frequent replacement of ip addresses and the like, and the larger the operation anomaly frequency is, the operation anomaly frequency is in a direct proportion relation with the anomaly coefficient.
The network attacked frequency is monitored by an Intrusion Detection System (IDS), wherein the intrusion detection system is a network security device, can detect intrusion and abnormal activities by monitoring network traffic, can monitor the network traffic in real time, detect network attacks and give an alarm to an administrator, and the calculation expression of the network attacked frequency is as follows:
Figure SMS_98
the method comprises the steps of carrying out a first treatment on the surface of the In (1) the->
Figure SMS_99
For the number of times the network is attacked +.>
Figure SMS_100
The greater the frequency of network attack during the monitoring period, the more the system is indicatedThe worse the network security, the proportional relation between the attack frequency and the anomaly coefficient.
The system vulnerability rate is monitored on line through a Qualys, which is a cloud vulnerability scanning tool capable of scanning vulnerabilities in various operating systems, application programs and network equipment, and the computing expression of the system vulnerability rate is as follows:
Figure SMS_101
the method comprises the steps of carrying out a first treatment on the surface of the In (1) the->
Figure SMS_102
For the number of loopholes, the->
Figure SMS_103
In the monitoring time period, the larger the system vulnerability rate is, the worse the network security of the system is, and the system vulnerability rate and the anomaly coefficient are in a direct proportion relation.
Generating a user management scheme according to the comparison result of the anomaly coefficient and the gradient threshold value comprises the following steps:
the gradient threshold value includes a first threshold value
Figure SMS_105
A second threshold +.>
Figure SMS_106
And a first threshold +.>
Figure SMS_107
Second threshold->
Figure SMS_108
Obtaining abnormality coefficient->
Figure SMS_109
After that, the abnormality coefficient is->
Figure SMS_110
Is>
Figure SMS_111
A second threshold +.>
Figure SMS_104
Comparing;
if abnormal coefficient
Figure SMS_112
Second threshold->
Figure SMS_113
The account management system judges that the user is excessively abnormal and generates a first management scheme;
if the first threshold value
Figure SMS_114
Abnormality factor->
Figure SMS_115
Second threshold->
Figure SMS_116
The account management system judges that the user is slightly abnormal and generates a second management scheme;
if abnormal coefficient
Figure SMS_117
First threshold->
Figure SMS_118
The account management system judges that the user operation is not abnormal, and a management scheme is not generated.
Specifically, the first management scheme generated by the account management system is as follows: the user account is forced to log out, the user account is frozen, and the user can continue to use the account after the user passes the verification of an actual person;
the second management scheme generated by the account management system is as follows: the supervision of the user is enhanced, and the user can continue to use the account after face recognition authentication is carried out.
According to the method and the device, the abnormal coefficient is obtained after the abnormal operation frequency, the network attacked frequency and the system vulnerability rate are calculated through the formula, the processing efficiency of the data is effectively improved through the formula comprehensive analysis of the multiple data, and after the abnormal coefficient is obtained, a corresponding management scheme is generated according to the comparison result of the abnormal coefficient and the gradient threshold value, so that the user account can be managed conveniently, and the management efficiency is improved.
Example 3
The account management system can also be used for managing the account according to the anomaly coefficient
Figure SMS_119
Is>
Figure SMS_120
A second threshold value
Figure SMS_121
Predicting the use state of the cloud platform within a period of time according to the comparison result of the cloud platform;
the account management system can also be used for managing the account according to the anomaly coefficient
Figure SMS_122
Is>
Figure SMS_123
A second threshold +.>
Figure SMS_124
Predicting that a time period of the cloud platform is 2h according to the comparison result of the cloud platform, and acquiring abnormal coefficients of all logged-in users on the cloud platform within 2h
Figure SMS_125
Coefficient of anomaly
Figure SMS_127
Second threshold->
Figure SMS_129
All times marked +.>
Figure SMS_131
First threshold->
Figure SMS_133
Abnormality factor->
Figure SMS_135
Second threshold->
Figure SMS_136
All times marked +.>
Figure SMS_137
Abnormality factor->
Figure SMS_126
First threshold->
Figure SMS_128
All times marked +.>
Figure SMS_130
And will->
Figure SMS_132
Obtaining an early warning value through formula calculation>
Figure SMS_134
The expression is:
Figure SMS_138
in the method, in the process of the invention,
Figure SMS_140
is an abnormality coefficient->
Figure SMS_142
Second threshold->
Figure SMS_144
Is>
Figure SMS_146
For a first threshold->
Figure SMS_147
Abnormality factor->
Figure SMS_148
Second threshold->
Figure SMS_149
Is>
Figure SMS_139
Is an abnormality coefficient->
Figure SMS_141
First threshold->
Figure SMS_143
All times marked +.>
Figure SMS_145
If the number of abnormal behaviors of the user of the cloud platform is too large in a period of time, the cloud platform can be predicted to be attacked by hackers, and maintenance personnel can manage the cloud platform in advance after early warning signals are sent out in advance.
Will give an early warning value
Figure SMS_150
And early warning threshold->
Figure SMS_151
Comparing, if the early warning value +.>
Figure SMS_152
Early warning threshold->
Figure SMS_153
The account management system predicts that the use of the cloud platform is abnormal within 2 hours, sends out an early warning signal, and when a cloud platform maintainer receives the early warning signal, the cloud platform is maintained, and the maintenance scheme comprises closing and maintaining a cloud platform server and the like.
If the early warning value
Figure SMS_154
Early warning threshold->
Figure SMS_155
The account management system predicts that the use of the cloud platform is not abnormal within 2 hours, and does not send out an early warning signal.
The application is implemented by combining anomaly coefficients
Figure SMS_157
Second threshold->
Figure SMS_159
All times marked +.>
Figure SMS_161
A first threshold value
Figure SMS_163
Abnormality factor->
Figure SMS_165
Second threshold->
Figure SMS_167
All times marked +.>
Figure SMS_169
Abnormality factor->
Figure SMS_156
First threshold value
Figure SMS_158
All times marked +.>
Figure SMS_160
And will->
Figure SMS_162
Obtaining an early warning value through formula calculation>
Figure SMS_164
Finally, through the early warning value->
Figure SMS_166
And early warning threshold->
Figure SMS_168
And (3) judging whether the cloud platform is abnormally used or not according to the comparison result, and effectively guaranteeing safe use of the cloud platform.
Example 4
The embodiment of the invention relates to a computer system account management system based on cloud computing, which comprises an account establishment module, an authorization module, a verification module and a supervision module;
wherein:
an account establishment module: the system comprises a cloud platform, an authorization module, a user management module, a cloud platform and a cloud platform, wherein the cloud platform is used for creating a new account for the user by an administrator, and sending account information to the authorization module;
and an authorization module: the method comprises the steps that an administrator sets account information and grants corresponding rights according to user types, and when the rights are set, only rights necessary for users are granted according to minimum authorization principles so as to avoid excessive authorization;
and (3) a verification module: before accessing the cloud platform resource, the user needs to carry out identity verification through a verification module, the identity verification can be carried out in various modes, such as passwords, multi-factor authentication and the like, and when the user verifies the identity, whether the user has the authority to access the resource can be checked;
and a supervision module: when different users operate on the cloud platform, the supervision module acquires multiple items of data of the users in real time, comprehensively processes the multiple items of data to acquire abnormal coefficients, and generates a user management scheme according to the comparison result of the abnormal coefficients and the gradient threshold.
The above formulas are all formulas with dimensions removed and numerical values calculated, the formulas are formulas with a large amount of data collected for software simulation to obtain the latest real situation, and preset parameters in the formulas are set by those skilled in the art according to the actual situation.
The above embodiments may be implemented in whole or in part by software, hardware, firmware, or any other combination. When implemented in software, the above-described embodiments may be implemented in whole or in part in the form of a computer program product. The computer program product comprises one or more computer instructions or computer programs. When the computer instructions or computer program are loaded or executed on a computer, the processes or functions described in accordance with the embodiments of the present application are all or partially produced. The computer may be a general purpose computer, a special purpose computer, a computer network, or other programmable apparatus. The computer instructions may be stored in a computer-readable storage medium or transmitted from one computer-readable storage medium to another computer-readable storage medium, for example, the computer instructions may be transmitted from one website site, computer, server, or data center to another website site, computer, server, or data center by wired or wireless means (e.g., infrared, wireless, microwave, etc.). The computer readable storage medium may be any available medium that can be accessed by a computer or a data storage device such as a server, data center, etc. that contains one or more sets of available media. The usable medium may be a magnetic medium (e.g., floppy disk, hard disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium. The semiconductor medium may be a solid state disk.
It should be understood that the term "and/or" is merely an association relationship describing the associated object, and means that three relationships may exist, for example, a and/or B may mean: there are three cases, a alone, a and B together, and B alone, wherein a, B may be singular or plural. In addition, the character "/" herein generally indicates that the associated object is an "or" relationship, but may also indicate an "and/or" relationship, and may be understood by referring to the context.
In the present application, "at least one" means one or more, and "a plurality" means two or more. "at least one of" or the like means any combination of these items, including any combination of single item(s) or plural items(s). For example, at least one (one) of a, b, or c may represent: a, b, c, a-b, a-c, b-c, or a-b-c, wherein a, b, c may be single or plural.
It should be understood that, in various embodiments of the present application, the sequence numbers of the foregoing processes do not mean the order of execution, and the order of execution of the processes should be determined by the functions and internal logic thereof, and should not constitute any limitation on the implementation process of the embodiments of the present application.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
It will be clear to those skilled in the art that, for convenience and brevity of description, specific working procedures of the above-described systems, apparatuses and units may refer to corresponding procedures in the foregoing method embodiments, and are not repeated herein.
In the several embodiments provided in this application, it should be understood that the disclosed systems, devices, and methods may be implemented in other manners. For example, the apparatus embodiments described above are merely illustrative, e.g., the division of the units is merely a logical function division, and there may be additional divisions when actually implemented, e.g., multiple units or components may be combined or integrated into another system, or some features may be omitted or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be an indirect coupling or communication connection via some interfaces, devices or units, which may be in electrical, mechanical or other form.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in each embodiment of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer-readable storage medium. Based on such understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution, in the form of a software product stored in a storage medium, including several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to perform all or part of the steps of the methods described in the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a read-only memory (ROM), a random access memory (random access memory, RAM), a magnetic disk, or an optical disk, or other various media capable of storing program codes.
The foregoing is merely specific embodiments of the present application, but the scope of the present application is not limited thereto, and any person skilled in the art can easily think about changes or substitutions within the technical scope of the present application, and the changes and substitutions are intended to be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.

Claims (7)

1. A computer system account management method based on cloud computing is characterized in that: the management method comprises the following steps:
s1: an administrator creates a new account for a user on an account management system of the cloud platform, sets account information according to the user category and grants corresponding rights;
s2: before accessing cloud platform resources, a user needs to carry out identity verification through an account management system of a cloud platform;
s3: when different users operate on the cloud platform, the account management system acquires multiple items of data of the users in real time, and the multiple items of data are comprehensively processed to acquire abnormal coefficients;
s4: generating a user management scheme according to a comparison result of the anomaly coefficient and the gradient threshold value;
the account management system acquires multiple items of data of a user in real time, wherein the multiple items of data comprise operation parameters and network parameters, the operation parameters comprise operation abnormal frequencies, the network parameters comprise network attacked frequencies and system vulnerability rates, the operation abnormal frequencies, the network attacked frequencies and the system vulnerability rates are calculated through formulas to acquire abnormal coefficients, and the expression is as follows:
Figure FDA0004263627760000011
Figure FDA0004263627760000012
in the formula yc x Is an abnormal coefficient->
Figure FDA0004263627760000013
To operate the abnormal frequency, cz i For the abnormal operation times, T is the time length of operating the cloud platform by the user, and +.>
Figure FDA0004263627760000014
Gj is a network parameter w For the network attack frequency, ld w For the system vulnerability rate, C is a correction coefficient, the values 2.168, alpha and beta are the scaling coefficients of the abnormal operating frequency and the network parameters, respectively, and alpha>β>0;
The abnormal frequency of operation
Figure FDA0004263627760000015
Wherein i is a number library of different operation behaviors, i is {1, 2, & gt, n }, n is a positive integer greater than 0, and the operation abnormality comprises login times, access exceeding authority resources times, tamper exceeding authority data times and abnormal file uploading times, and the updated operation abnormality frequency is ++>
Figure FDA0004263627760000016
The expression is:
Figure FDA0004263627760000017
wherein cz is 1 To sum up the login times, cz 2 To access the sum of the number of out-of-authority resources, cz 3 To tamper with the sum of the number of times the rights data is exceeded, cz 4 And the total number of times of uploading the abnormal file.
2. The cloud computing-based computer system account management method of claim 1, wherein: the network attacked frequency is monitored by the intrusion detection system, and the calculation expression of the network attacked frequency is as follows: gj w =gj cs T; wherein gj cs And (5) monitoring a time period for the number of times the network is attacked.
3. The cloud computing-based computer system account management method of claim 2, wherein: the system vulnerability rate is monitored on line through Qualys, and the calculation expression of the system vulnerability rate is as follows: ld (ld) w =ld cs T; in ld cs And (5) monitoring time period t for the vulnerability monitoring times.
4. A method for managing accounts of a computer system based on cloud computing as recited in claim 3, wherein: the gradient threshold value comprises a first threshold value yz o Second threshold yz p And a first threshold yz o <Second threshold yz p Obtaining an anomaly coefficient yc x After that, the anomaly coefficient yc x And a first threshold yz o Second threshold yz p And (5) comparing.
5. The cloud computing-based computer system account management method of claim 4, wherein: the anomaly coefficient yc x >Second threshold yz p The account management system judges that the user is excessively abnormal and generates a first management scheme;
first oneThreshold yz o <Anomaly coefficient yc x A second threshold yz of less than or equal to p The account management system judges that the user is slightly abnormal and generates a second management scheme;
anomaly coefficient yc x A first threshold yz of less than or equal to o The account management system judges that the user operation is not abnormal, and a management scheme is not generated.
6. The cloud computing-based computer system account management method of claim 5, wherein: the account management system is based on the abnormal coefficient yc x And a first threshold yz o Second threshold yz p Predicting the use state of the cloud platform within a period of time, and acquiring abnormal coefficients yc of all logged-in users on the cloud platform within the period of time x Calculating an early warning value yj z The expression is:
Figure FDA0004263627760000021
in the formula yc d Is an anomaly coefficient yc x >Second threshold yz p Is of the order yc q Is a first threshold yz o <Anomaly coefficient yc x A second threshold yz of less than or equal to p Is of the order yc w Is an anomaly coefficient yc x A first threshold yz of less than or equal to o Is a function of the number of times that the number of times is equal to the number of times.
7. The cloud computing-based computer system account management method of claim 6, wherein: the early warning value yj z And the early warning threshold yj x Comparing, if the early warning value yj z >Early warning threshold yj x The account management system sends out an early warning signal; if the early warning value yj z Early warning threshold yj less than or equal to x The account management system does not send out an early warning signal.
CN202310436946.1A 2023-04-23 2023-04-23 Computer system account management method based on cloud computing Active CN116167029B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310436946.1A CN116167029B (en) 2023-04-23 2023-04-23 Computer system account management method based on cloud computing

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310436946.1A CN116167029B (en) 2023-04-23 2023-04-23 Computer system account management method based on cloud computing

Publications (2)

Publication Number Publication Date
CN116167029A CN116167029A (en) 2023-05-26
CN116167029B true CN116167029B (en) 2023-06-30

Family

ID=86413486

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310436946.1A Active CN116167029B (en) 2023-04-23 2023-04-23 Computer system account management method based on cloud computing

Country Status (1)

Country Link
CN (1) CN116167029B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116545781B (en) * 2023-07-06 2023-11-24 广东维信智联科技有限公司 Cloud access data security management system
CN117556414A (en) * 2024-01-11 2024-02-13 邯郸鉴晨网络科技有限公司 Cloud computing-based software management method and system
CN117609974B (en) * 2024-01-24 2024-04-19 普利泽信(滨州)科技咨询中心 Service management system and method for technical transaction platform

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106790008B (en) * 2016-12-13 2018-08-24 浙江中都信息技术有限公司 Machine learning system for detecting abnormal host in enterprise network
US11637844B2 (en) * 2017-09-28 2023-04-25 Oracle International Corporation Cloud-based threat detection
CN109117650B (en) * 2018-07-25 2022-03-18 华为云计算技术有限公司 Enterprise cloud creation method and management platform
CN110868403B (en) * 2019-10-29 2021-08-27 泰康保险集团股份有限公司 Method and equipment for identifying advanced persistent Attack (APT)
US11269978B2 (en) * 2020-05-07 2022-03-08 Microsoft Technology Licensing, Llc Detection of slow brute force attacks based on user-level time series analysis
US11553036B2 (en) * 2020-05-08 2023-01-10 Kpmg Llp System and method for cloud security monitoring

Also Published As

Publication number Publication date
CN116167029A (en) 2023-05-26

Similar Documents

Publication Publication Date Title
CN116167029B (en) Computer system account management method based on cloud computing
CN110691064B (en) Safety access protection and detection system for field operation terminal
EP3586259B1 (en) Systems and methods for context-based mitigation of computer security risks
US10063594B2 (en) Network access control with compliance policy check
US9344457B2 (en) Automated feedback for proposed security rules
US20160127417A1 (en) Systems, methods, and devices for improved cybersecurity
EP2866411A1 (en) Method and system for detecting unauthorized access to and use of network resources with targeted analytics
WO2017177077A2 (en) Method and system to detect discrepancy in infrastructure security configurations from translated security best practice configurations in heterogeneous environments
KR102024142B1 (en) A access control system for detecting and controlling abnormal users by users’ pattern of server access
KR20060010741A (en) Network security system based on physical location
KR20060109001A (en) Network security apparatus and method thereof
WO2017209952A2 (en) System and method for auditing file access to secure media by nodes of a protected system
CN114003943A (en) Safe double-control management platform for computer room trusteeship management
EP3738064B1 (en) System and method for implementing secure media exchange on a single board computer
JP3973563B2 (en) Login request receiving apparatus, login request receiving method, and program therefor
JP2009048317A (en) Security evaluation method, security evaluation apparatus
CN110493200B (en) Industrial control system risk quantitative analysis method based on threat map
Talukder et al. Mobile technology in healthcare environment: Security vulnerabilities and countermeasures
CN113239349B (en) Network security testing method for power monitoring system
JP3934062B2 (en) Unauthorized access detection device
JP2007226827A (en) Log-in request receiving device and access management device
Badea et al. Computer networks security based on the detection of user's behavior
Hakkoymaz Classifying Database Users for Intrusion Prediction and Detection in Data Security
CN113422776A (en) Active defense method and system for information network security
Pandian et al. Security challenges of iot and medical devices in healthcare

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant