CN116167029B - Computer system account management method based on cloud computing - Google Patents
Computer system account management method based on cloud computing Download PDFInfo
- Publication number
- CN116167029B CN116167029B CN202310436946.1A CN202310436946A CN116167029B CN 116167029 B CN116167029 B CN 116167029B CN 202310436946 A CN202310436946 A CN 202310436946A CN 116167029 B CN116167029 B CN 116167029B
- Authority
- CN
- China
- Prior art keywords
- user
- threshold
- account management
- abnormal
- cloud platform
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Databases & Information Systems (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention discloses a computer system account management method based on cloud computing, which relates to the technical field of account management, and comprises the following steps: an administrator creates a new account for a user on an account management system of a cloud platform, sets account information and grants corresponding rights according to user types, the user needs to carry out identity verification through the account management system of the cloud platform before accessing cloud platform resources, when different users operate on the cloud platform, the account management system acquires multiple items of data of the user in real time, the multiple items of data are comprehensively processed to acquire abnormal coefficients, and a user management scheme is generated according to a comparison result of the abnormal coefficients and gradient thresholds. According to the cloud platform operation monitoring method and the cloud platform operation monitoring system, the behavior of the user is monitored in the user operation process, so that the operation safety of the cloud platform is guaranteed.
Description
Technical Field
The invention relates to the technical field of account management, in particular to a computer system account management method based on cloud computing.
Background
The account management of the computer system refers to a series of operations for managing and maintaining user accounts in the computer system, each user needs an account to access system resources to perform tasks such as file operation, software installation and network connection, so that the account management is very important for protecting the safety, confidentiality and usability of the system;
account management generally comprises operations of creating, modifying and deleting accounts, setting account passwords, authority, access control and the like, an administrator can limit the access range of users to a system through account management, access and data leakage of unauthorized users are prevented, operation records and log information of the users can be tracked, and timely response and repair of security holes are performed.
The prior art has the following defects:
when the existing computer cloud platform account is registered, the user creates the account, and then the administrator grants the authority after the user creates the account, however, in practical application, the administrator forgets to grant the authority, so that the user authority is insufficient, the user experiences with heart, and the account management system does not monitor the behavior of the user when the user operates the cloud platform, so that the security of the cloud platform is reduced when the user operates beyond the authority range or has abnormality.
Disclosure of Invention
The invention aims to provide a computer system account management method based on cloud computing, which aims to solve the defects in the background technology.
In order to achieve the above object, the present invention provides the following technical solutions: a computer system account management method based on cloud computing, the management method comprising the steps of:
s1: an administrator creates a new account for a user on an account management system of the cloud platform, sets account information according to the user category and grants corresponding rights;
s2: before accessing cloud platform resources, a user needs to carry out identity verification through an account management system of a cloud platform;
s3: when different users operate on the cloud platform, the account management system acquires multiple items of data of the users in real time, and the multiple items of data are comprehensively processed to acquire abnormal coefficients;
s4: and generating a user management scheme according to the comparison result of the anomaly coefficient and the gradient threshold value.
In a preferred embodiment, the account management system acquires multiple data of the user in real time, the multiple data includes an operation parameter and a network parameter, the operation parameter includes an operation anomaly frequency, the network parameter includes a network attacked frequency and a system vulnerability rate, and the operation anomaly frequency, the network attacked frequency and the system vulnerability rate are calculated by a formula to acquire anomaly coefficients, where the expression is:the method comprises the steps of carrying out a first treatment on the surface of the In (1) the->Is an abnormal coefficient->To operate abnormallyFrequency (F)>For the number of abnormal operations>For the duration of the user operating the cloud platform,for network parameters +.>For the frequency of network attack, +.>For system vulnerability rate->For correction factor, the values 2.168, < >>Proportional coefficients of the operating anomaly frequency and the network parameters, respectively, and +.>。
In a preferred embodiment, the operating anomaly frequencyIn (I)>Numbering libraries for different operational behaviors and +.>For {1, 2..and n }, n is a positive integer greater than 0, and the operation exception includes login times, access exceeding authority resources times, falsification exceeding authority data times and exception file uploading times, and the updated operation exception frequency ++>The expression is: />The method comprises the steps of carrying out a first treatment on the surface of the In (1) the->For the sum of login times, ++>For accessing the sum of the number of times of exceeding the authority resource, +.>For falsifying the sum of times beyond the rights data, +.>And the total number of times of uploading the abnormal file.
In a preferred embodiment, the network attacked frequency is monitored by the intrusion detection system, and the calculation expression of the network attacked frequency is:the method comprises the steps of carrying out a first treatment on the surface of the In (1) the->For the number of times the network is attacked +.>The time period is monitored.
In a preferred embodiment, the system vulnerability rate is monitored online by Qualys, and the calculation expression of the system vulnerability rate is:the method comprises the steps of carrying out a first treatment on the surface of the In (1) the->For the number of loopholes, the->The time period is monitored.
In a preferred embodiment, the gradient threshold comprises a first thresholdA second threshold +.>And a first threshold +.>Second threshold->Obtaining abnormality coefficient->After that, the abnormality coefficient is->Is>A second threshold +.>And (5) comparing.
In a preferred embodiment, the anomaly coefficientSecond threshold->The account management system judges that the user is excessively abnormal and generates a first management scheme;
first threshold valueAbnormality factor->Second threshold->The account management system judges that the user is slightly abnormal and generates a second management scheme;
coefficient of abnormalityFirst threshold->The account management system judges that the user operation is not abnormal, and a management scheme is not generated.
In a preferred embodiment, the account management system relies on anomaly coefficientsIs>A second threshold +.>Predicting the use state of the cloud platform within a period of time, and acquiring the anomaly coefficient of all logged-in users on the cloud platform within the period of time>Calculating early warning value +.>The expression is: />The method comprises the steps of carrying out a first treatment on the surface of the In (1) the->Is an abnormality coefficient->Second threshold->Is>For a first threshold->Coefficient of abnormalitySecond threshold->Is>Is an abnormality coefficient->First threshold->Is a function of the number of times that the number of times is equal to the number of times.
In a preferred embodiment, the pre-warning valueAnd early warning threshold->Comparing, if the early warning valueEarly warning threshold->The account management system sends out an early warning signal; if the early warning value->Early warning threshold->The account management system does not send out an early warning signal.
In the technical scheme, the invention has the technical effects and advantages that:
1. according to the cloud platform operation safety monitoring method, a manager creates a new account for a user on an account management system of the cloud platform, sets account information and grants corresponding rights according to user types, so that excessive grants of rights to the user are avoided, and when different users operate on the cloud platform, the account management system acquires multiple items of data of the user in real time, comprehensively processes the multiple items of data to acquire abnormal coefficients, generates a user management scheme according to a comparison result of the abnormal coefficients and gradient thresholds, monitors behaviors of the user in the process of user operation, and therefore ensures operation safety of the cloud platform;
2. according to the invention, the abnormal operation frequency, the network attacked frequency and the system vulnerability rate are calculated through the formula to obtain the abnormal coefficient, the multiple data are comprehensively analyzed through the formula, the processing efficiency of the data is effectively improved, and after the abnormal coefficient is obtained, a corresponding management scheme is generated according to the comparison result of the abnormal coefficient and the gradient threshold value, so that the management of a user account is facilitated, and the management efficiency is improved;
3. the invention is implemented by using anomaly coefficientSecond threshold->All times marked +.>A first threshold valueAbnormality factor->Second threshold->All times marked +.>Abnormality factor->First threshold valueAll times marked +.>And will->Obtaining an early warning value through formula calculation>Finally, through the early warning value->And early warning threshold->And (3) judging whether the cloud platform is abnormally used or not according to the comparison result, and effectively guaranteeing safe use of the cloud platform.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings that are needed in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments described in the present invention, and other drawings may be obtained according to these drawings for a person having ordinary skill in the art.
FIG. 1 is a flow chart of the method of the present invention.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is apparent that the described embodiments are some embodiments of the present invention, but not all embodiments of the present invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Example 1
Referring to fig. 1, the method for managing accounts of a computer system based on cloud computing according to the present embodiment includes the following steps:
an administrator creates a new account for a user on an account management system of a cloud platform, sets account information and grants corresponding rights according to user types, when the rights are set, only grants the rights necessary for the user according to a minimum grant principle so as to avoid excessive grants, the user needs to carry out identity verification through the account management system of the cloud platform before accessing the cloud platform resources, the identity verification can be carried out in various modes such as passwords, multi-factor authentication and the like, when the identity is verified, whether the user has the rights of accessing the resources or not can also be checked, when different users operate on the cloud platform, the account management system acquires multiple items of data of the user in real time, comprehensively processes the multiple items of data to acquire abnormal coefficients, and generates a user management scheme according to comparison results of the abnormal coefficients and gradient thresholds;
according to the cloud platform operation security monitoring method and system, a new account is created for a user on the account management system of the cloud platform through an administrator, account information is set according to user types, corresponding authorities are granted, excessive granting of the user authorities is avoided, when different users operate on the cloud platform, the account management system acquires multiple items of data of the user in real time, the multiple items of data are comprehensively processed to acquire abnormal coefficients, a user management scheme is generated according to the comparison result of the abnormal coefficients and gradient thresholds, and the behavior of the user is monitored in the user operation process, so that the cloud platform operation security is guaranteed.
In this embodiment, an administrator creates a new account for a user on an account management system of the cloud platform, sets account information and grants corresponding rights according to a user category, and when the rights are set, only rights necessary for the user are granted to avoid excessive rights by following a minimum authorization principle.
The administrator creates a new account for the user on the account management system of the cloud platform, which comprises the following steps:
(1) An administrator firstly needs to log in to an account management system of a cloud platform to obtain management rights;
(2) In the account management system, an administrator can create a new user account through a corresponding interface or command line tool, and when a new user is created, the administrator needs to provide basic information of the user, such as a user name, an email address, a mobile phone number and the like;
(3) An administrator needs to set a password and an authentication mode of a user so as to ensure the security of an account; the administrator can choose to use the default password or the custom password and configure security measures such as two-factor authentication for the user;
(4) The administrator sends notifications and welcome mails to the user, introducing the method and notice of use of the platform, to help the user get up quickly and make full use of the platform resources.
After the new account is created, setting account information and granting corresponding rights according to the user category comprises the following steps:
(1) Determining the user category: the administrator needs to determine the user category of the new account according to the actual situation, such as common users, developers, administrators, etc.;
(2) Setting account information: according to the user category and the actual demand, the administrator needs to set corresponding account information including names, email addresses, telephone numbers, departments, positions and the like, and the information can be used for subsequent user management and authority control;
(3) Assigning roles and rights: an administrator needs to allocate corresponding roles and authorities for the new account so as to control the access and the operation range of the user, and can select a predefined role or a custom role according to the user category and the work responsibility and allocate different authorities for the roles;
(4) Configuring an authentication mode and a password: an administrator needs to configure an authentication mode and a password for a new account to ensure the security of the account, and can select to use a default password or a custom password and configure security measures such as double-factor authentication for a user.
Before accessing cloud platform resources, a user needs to perform identity verification through an account management system of a cloud platform, and the method comprises the following steps:
(1) Inputting a user name and a password: when a user accesses the cloud platform, the registered user name and password are required to be input to verify the identity, and some cloud platforms also support other identity verification modes, such as mobile phone verification codes, double-factor authentication and the like;
(2) Sending an authentication request: after a user inputs a user name and a password, an account management system of the cloud platform receives an identity verification request and performs identity verification;
(3) Checking identity information: the account management system checks the identity information stored in the account database according to the user name and the password input by the user, if the identity information is matched, the identity authentication is passed, the user can access the platform resource, and if the identity information is not matched, the identity authentication fails, and the user cannot access the platform resource;
(4) The access rights are granted: once the authentication is passed, the account management system of the cloud platform authorizes the user with access rights according to the role and rights of the user, and the user can only access the authorized resources and data, but cannot access the unauthorized resources and data.
Example 2
When different users operate on the cloud platform, the account management system acquires multiple items of data of the users in real time, comprehensively processes the multiple items of data to acquire abnormal coefficients, and generates a user management scheme according to the comparison result of the abnormal coefficients and the gradient threshold.
When different users operate on the cloud platform, the account management system acquires multiple items of data of the users in real time, and the method for comprehensively processing the multiple items of data to acquire abnormal coefficients comprises the following steps:
the account management system acquires multiple items of data of a user in real time, wherein the multiple items of data comprise operation parameters and network parameters, the operation parameters comprise abnormal operation frequencies, and the network parameters comprise network attacked frequencies and system vulnerability rates;
obtaining an abnormal coefficient after calculating the operation abnormal frequency, the network attacked frequency and the system vulnerability rate through a formula, wherein the expression is as follows:
in the method, in the process of the invention,is an abnormal coefficient->For the abnormal frequency of operation, +.>For the number of abnormal operations>For the duration of user operation of the cloud platform, +.>For network parameters +.>For the frequency of network attack, +.>For system vulnerability rate->For correction factor, the values 2.168, < >>Proportional coefficients of the operating anomaly frequency and the network parameters, respectively, and +.>。
The abnormal frequency of operationIn (I)>Numbering libraries for different operational behaviors and +.>For {1, 2..and n }, n is a positive integer greater than 0, and the operation exception includes login times, access exceeding authority resources times, falsification exceeding authority data times and exception file uploading times, where n=4, and the updated operation exception is performedFrequency->The expression is:
in the method, in the process of the invention,for the sum of login times, ++>For accessing the sum of the number of times of exceeding the authority resource, +.>For falsifying the sum of times beyond the rights data, +.>For the sum of the uploading times of the abnormal files, because the operation anomalies included in different cloud platforms are different, the other cloud platforms possibly further include frequent replacement of ip addresses and the like, and the larger the operation anomaly frequency is, the operation anomaly frequency is in a direct proportion relation with the anomaly coefficient.
The network attacked frequency is monitored by an Intrusion Detection System (IDS), wherein the intrusion detection system is a network security device, can detect intrusion and abnormal activities by monitoring network traffic, can monitor the network traffic in real time, detect network attacks and give an alarm to an administrator, and the calculation expression of the network attacked frequency is as follows:the method comprises the steps of carrying out a first treatment on the surface of the In (1) the->For the number of times the network is attacked +.>The greater the frequency of network attack during the monitoring period, the more the system is indicatedThe worse the network security, the proportional relation between the attack frequency and the anomaly coefficient.
The system vulnerability rate is monitored on line through a Qualys, which is a cloud vulnerability scanning tool capable of scanning vulnerabilities in various operating systems, application programs and network equipment, and the computing expression of the system vulnerability rate is as follows:the method comprises the steps of carrying out a first treatment on the surface of the In (1) the->For the number of loopholes, the->In the monitoring time period, the larger the system vulnerability rate is, the worse the network security of the system is, and the system vulnerability rate and the anomaly coefficient are in a direct proportion relation.
Generating a user management scheme according to the comparison result of the anomaly coefficient and the gradient threshold value comprises the following steps:
the gradient threshold value includes a first threshold valueA second threshold +.>And a first threshold +.>Second threshold->Obtaining abnormality coefficient->After that, the abnormality coefficient is->Is>A second threshold +.>Comparing;
if abnormal coefficientSecond threshold->The account management system judges that the user is excessively abnormal and generates a first management scheme;
if the first threshold valueAbnormality factor->Second threshold->The account management system judges that the user is slightly abnormal and generates a second management scheme;
if abnormal coefficientFirst threshold->The account management system judges that the user operation is not abnormal, and a management scheme is not generated.
Specifically, the first management scheme generated by the account management system is as follows: the user account is forced to log out, the user account is frozen, and the user can continue to use the account after the user passes the verification of an actual person;
the second management scheme generated by the account management system is as follows: the supervision of the user is enhanced, and the user can continue to use the account after face recognition authentication is carried out.
According to the method and the device, the abnormal coefficient is obtained after the abnormal operation frequency, the network attacked frequency and the system vulnerability rate are calculated through the formula, the processing efficiency of the data is effectively improved through the formula comprehensive analysis of the multiple data, and after the abnormal coefficient is obtained, a corresponding management scheme is generated according to the comparison result of the abnormal coefficient and the gradient threshold value, so that the user account can be managed conveniently, and the management efficiency is improved.
Example 3
The account management system can also be used for managing the account according to the anomaly coefficientIs>A second threshold valuePredicting the use state of the cloud platform within a period of time according to the comparison result of the cloud platform;
the account management system can also be used for managing the account according to the anomaly coefficientIs>A second threshold +.>Predicting that a time period of the cloud platform is 2h according to the comparison result of the cloud platform, and acquiring abnormal coefficients of all logged-in users on the cloud platform within 2h;
Coefficient of anomalySecond threshold->All times marked +.>First threshold->Abnormality factor->Second threshold->All times marked +.>Abnormality factor->First threshold->All times marked +.>And will->Obtaining an early warning value through formula calculation>The expression is:
in the method, in the process of the invention,is an abnormality coefficient->Second threshold->Is>For a first threshold->Abnormality factor->Second threshold->Is>Is an abnormality coefficient->First threshold->All times marked +.>。
If the number of abnormal behaviors of the user of the cloud platform is too large in a period of time, the cloud platform can be predicted to be attacked by hackers, and maintenance personnel can manage the cloud platform in advance after early warning signals are sent out in advance.
Will give an early warning valueAnd early warning threshold->Comparing, if the early warning value +.>Early warning threshold->The account management system predicts that the use of the cloud platform is abnormal within 2 hours, sends out an early warning signal, and when a cloud platform maintainer receives the early warning signal, the cloud platform is maintained, and the maintenance scheme comprises closing and maintaining a cloud platform server and the like.
If the early warning valueEarly warning threshold->The account management system predicts that the use of the cloud platform is not abnormal within 2 hours, and does not send out an early warning signal.
The application is implemented by combining anomaly coefficientsSecond threshold->All times marked +.>A first threshold valueAbnormality factor->Second threshold->All times marked +.>Abnormality factor->First threshold valueAll times marked +.>And will->Obtaining an early warning value through formula calculation>Finally, through the early warning value->And early warning threshold->And (3) judging whether the cloud platform is abnormally used or not according to the comparison result, and effectively guaranteeing safe use of the cloud platform.
Example 4
The embodiment of the invention relates to a computer system account management system based on cloud computing, which comprises an account establishment module, an authorization module, a verification module and a supervision module;
wherein:
an account establishment module: the system comprises a cloud platform, an authorization module, a user management module, a cloud platform and a cloud platform, wherein the cloud platform is used for creating a new account for the user by an administrator, and sending account information to the authorization module;
and an authorization module: the method comprises the steps that an administrator sets account information and grants corresponding rights according to user types, and when the rights are set, only rights necessary for users are granted according to minimum authorization principles so as to avoid excessive authorization;
and (3) a verification module: before accessing the cloud platform resource, the user needs to carry out identity verification through a verification module, the identity verification can be carried out in various modes, such as passwords, multi-factor authentication and the like, and when the user verifies the identity, whether the user has the authority to access the resource can be checked;
and a supervision module: when different users operate on the cloud platform, the supervision module acquires multiple items of data of the users in real time, comprehensively processes the multiple items of data to acquire abnormal coefficients, and generates a user management scheme according to the comparison result of the abnormal coefficients and the gradient threshold.
The above formulas are all formulas with dimensions removed and numerical values calculated, the formulas are formulas with a large amount of data collected for software simulation to obtain the latest real situation, and preset parameters in the formulas are set by those skilled in the art according to the actual situation.
The above embodiments may be implemented in whole or in part by software, hardware, firmware, or any other combination. When implemented in software, the above-described embodiments may be implemented in whole or in part in the form of a computer program product. The computer program product comprises one or more computer instructions or computer programs. When the computer instructions or computer program are loaded or executed on a computer, the processes or functions described in accordance with the embodiments of the present application are all or partially produced. The computer may be a general purpose computer, a special purpose computer, a computer network, or other programmable apparatus. The computer instructions may be stored in a computer-readable storage medium or transmitted from one computer-readable storage medium to another computer-readable storage medium, for example, the computer instructions may be transmitted from one website site, computer, server, or data center to another website site, computer, server, or data center by wired or wireless means (e.g., infrared, wireless, microwave, etc.). The computer readable storage medium may be any available medium that can be accessed by a computer or a data storage device such as a server, data center, etc. that contains one or more sets of available media. The usable medium may be a magnetic medium (e.g., floppy disk, hard disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium. The semiconductor medium may be a solid state disk.
It should be understood that the term "and/or" is merely an association relationship describing the associated object, and means that three relationships may exist, for example, a and/or B may mean: there are three cases, a alone, a and B together, and B alone, wherein a, B may be singular or plural. In addition, the character "/" herein generally indicates that the associated object is an "or" relationship, but may also indicate an "and/or" relationship, and may be understood by referring to the context.
In the present application, "at least one" means one or more, and "a plurality" means two or more. "at least one of" or the like means any combination of these items, including any combination of single item(s) or plural items(s). For example, at least one (one) of a, b, or c may represent: a, b, c, a-b, a-c, b-c, or a-b-c, wherein a, b, c may be single or plural.
It should be understood that, in various embodiments of the present application, the sequence numbers of the foregoing processes do not mean the order of execution, and the order of execution of the processes should be determined by the functions and internal logic thereof, and should not constitute any limitation on the implementation process of the embodiments of the present application.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
It will be clear to those skilled in the art that, for convenience and brevity of description, specific working procedures of the above-described systems, apparatuses and units may refer to corresponding procedures in the foregoing method embodiments, and are not repeated herein.
In the several embodiments provided in this application, it should be understood that the disclosed systems, devices, and methods may be implemented in other manners. For example, the apparatus embodiments described above are merely illustrative, e.g., the division of the units is merely a logical function division, and there may be additional divisions when actually implemented, e.g., multiple units or components may be combined or integrated into another system, or some features may be omitted or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be an indirect coupling or communication connection via some interfaces, devices or units, which may be in electrical, mechanical or other form.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in each embodiment of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer-readable storage medium. Based on such understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution, in the form of a software product stored in a storage medium, including several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to perform all or part of the steps of the methods described in the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a read-only memory (ROM), a random access memory (random access memory, RAM), a magnetic disk, or an optical disk, or other various media capable of storing program codes.
The foregoing is merely specific embodiments of the present application, but the scope of the present application is not limited thereto, and any person skilled in the art can easily think about changes or substitutions within the technical scope of the present application, and the changes and substitutions are intended to be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
Claims (7)
1. A computer system account management method based on cloud computing is characterized in that: the management method comprises the following steps:
s1: an administrator creates a new account for a user on an account management system of the cloud platform, sets account information according to the user category and grants corresponding rights;
s2: before accessing cloud platform resources, a user needs to carry out identity verification through an account management system of a cloud platform;
s3: when different users operate on the cloud platform, the account management system acquires multiple items of data of the users in real time, and the multiple items of data are comprehensively processed to acquire abnormal coefficients;
s4: generating a user management scheme according to a comparison result of the anomaly coefficient and the gradient threshold value;
the account management system acquires multiple items of data of a user in real time, wherein the multiple items of data comprise operation parameters and network parameters, the operation parameters comprise operation abnormal frequencies, the network parameters comprise network attacked frequencies and system vulnerability rates, the operation abnormal frequencies, the network attacked frequencies and the system vulnerability rates are calculated through formulas to acquire abnormal coefficients, and the expression is as follows: in the formula yc x Is an abnormal coefficient->To operate the abnormal frequency, cz i For the abnormal operation times, T is the time length of operating the cloud platform by the user, and +.>Gj is a network parameter w For the network attack frequency, ld w For the system vulnerability rate, C is a correction coefficient, the values 2.168, alpha and beta are the scaling coefficients of the abnormal operating frequency and the network parameters, respectively, and alpha>β>0;
The abnormal frequency of operationWherein i is a number library of different operation behaviors, i is {1, 2, & gt, n }, n is a positive integer greater than 0, and the operation abnormality comprises login times, access exceeding authority resources times, tamper exceeding authority data times and abnormal file uploading times, and the updated operation abnormality frequency is ++>The expression is:wherein cz is 1 To sum up the login times, cz 2 To access the sum of the number of out-of-authority resources, cz 3 To tamper with the sum of the number of times the rights data is exceeded, cz 4 And the total number of times of uploading the abnormal file.
2. The cloud computing-based computer system account management method of claim 1, wherein: the network attacked frequency is monitored by the intrusion detection system, and the calculation expression of the network attacked frequency is as follows: gj w =gj cs T; wherein gj cs And (5) monitoring a time period for the number of times the network is attacked.
3. The cloud computing-based computer system account management method of claim 2, wherein: the system vulnerability rate is monitored on line through Qualys, and the calculation expression of the system vulnerability rate is as follows: ld (ld) w =ld cs T; in ld cs And (5) monitoring time period t for the vulnerability monitoring times.
4. A method for managing accounts of a computer system based on cloud computing as recited in claim 3, wherein: the gradient threshold value comprises a first threshold value yz o Second threshold yz p And a first threshold yz o <Second threshold yz p Obtaining an anomaly coefficient yc x After that, the anomaly coefficient yc x And a first threshold yz o Second threshold yz p And (5) comparing.
5. The cloud computing-based computer system account management method of claim 4, wherein: the anomaly coefficient yc x >Second threshold yz p The account management system judges that the user is excessively abnormal and generates a first management scheme;
first oneThreshold yz o <Anomaly coefficient yc x A second threshold yz of less than or equal to p The account management system judges that the user is slightly abnormal and generates a second management scheme;
anomaly coefficient yc x A first threshold yz of less than or equal to o The account management system judges that the user operation is not abnormal, and a management scheme is not generated.
6. The cloud computing-based computer system account management method of claim 5, wherein: the account management system is based on the abnormal coefficient yc x And a first threshold yz o Second threshold yz p Predicting the use state of the cloud platform within a period of time, and acquiring abnormal coefficients yc of all logged-in users on the cloud platform within the period of time x Calculating an early warning value yj z The expression is:in the formula yc d Is an anomaly coefficient yc x >Second threshold yz p Is of the order yc q Is a first threshold yz o <Anomaly coefficient yc x A second threshold yz of less than or equal to p Is of the order yc w Is an anomaly coefficient yc x A first threshold yz of less than or equal to o Is a function of the number of times that the number of times is equal to the number of times.
7. The cloud computing-based computer system account management method of claim 6, wherein: the early warning value yj z And the early warning threshold yj x Comparing, if the early warning value yj z >Early warning threshold yj x The account management system sends out an early warning signal; if the early warning value yj z Early warning threshold yj less than or equal to x The account management system does not send out an early warning signal.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202310436946.1A CN116167029B (en) | 2023-04-23 | 2023-04-23 | Computer system account management method based on cloud computing |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202310436946.1A CN116167029B (en) | 2023-04-23 | 2023-04-23 | Computer system account management method based on cloud computing |
Publications (2)
Publication Number | Publication Date |
---|---|
CN116167029A CN116167029A (en) | 2023-05-26 |
CN116167029B true CN116167029B (en) | 2023-06-30 |
Family
ID=86413486
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202310436946.1A Active CN116167029B (en) | 2023-04-23 | 2023-04-23 | Computer system account management method based on cloud computing |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN116167029B (en) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116545781B (en) * | 2023-07-06 | 2023-11-24 | 广东维信智联科技有限公司 | Cloud access data security management system |
CN117556414A (en) * | 2024-01-11 | 2024-02-13 | 邯郸鉴晨网络科技有限公司 | Cloud computing-based software management method and system |
CN117609974B (en) * | 2024-01-24 | 2024-04-19 | 普利泽信(滨州)科技咨询中心 | Service management system and method for technical transaction platform |
Family Cites Families (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106790008B (en) * | 2016-12-13 | 2018-08-24 | 浙江中都信息技术有限公司 | Machine learning system for detecting abnormal host in enterprise network |
US11637844B2 (en) * | 2017-09-28 | 2023-04-25 | Oracle International Corporation | Cloud-based threat detection |
CN109117650B (en) * | 2018-07-25 | 2022-03-18 | 华为云计算技术有限公司 | Enterprise cloud creation method and management platform |
CN110868403B (en) * | 2019-10-29 | 2021-08-27 | 泰康保险集团股份有限公司 | Method and equipment for identifying advanced persistent Attack (APT) |
US11269978B2 (en) * | 2020-05-07 | 2022-03-08 | Microsoft Technology Licensing, Llc | Detection of slow brute force attacks based on user-level time series analysis |
US11553036B2 (en) * | 2020-05-08 | 2023-01-10 | Kpmg Llp | System and method for cloud security monitoring |
-
2023
- 2023-04-23 CN CN202310436946.1A patent/CN116167029B/en active Active
Also Published As
Publication number | Publication date |
---|---|
CN116167029A (en) | 2023-05-26 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN116167029B (en) | Computer system account management method based on cloud computing | |
CN110691064B (en) | Safety access protection and detection system for field operation terminal | |
EP3586259B1 (en) | Systems and methods for context-based mitigation of computer security risks | |
US10063594B2 (en) | Network access control with compliance policy check | |
US9344457B2 (en) | Automated feedback for proposed security rules | |
US20160127417A1 (en) | Systems, methods, and devices for improved cybersecurity | |
EP2866411A1 (en) | Method and system for detecting unauthorized access to and use of network resources with targeted analytics | |
WO2017177077A2 (en) | Method and system to detect discrepancy in infrastructure security configurations from translated security best practice configurations in heterogeneous environments | |
KR102024142B1 (en) | A access control system for detecting and controlling abnormal users by users’ pattern of server access | |
KR20060010741A (en) | Network security system based on physical location | |
KR20060109001A (en) | Network security apparatus and method thereof | |
WO2017209952A2 (en) | System and method for auditing file access to secure media by nodes of a protected system | |
CN114003943A (en) | Safe double-control management platform for computer room trusteeship management | |
EP3738064B1 (en) | System and method for implementing secure media exchange on a single board computer | |
JP3973563B2 (en) | Login request receiving apparatus, login request receiving method, and program therefor | |
JP2009048317A (en) | Security evaluation method, security evaluation apparatus | |
CN110493200B (en) | Industrial control system risk quantitative analysis method based on threat map | |
Talukder et al. | Mobile technology in healthcare environment: Security vulnerabilities and countermeasures | |
CN113239349B (en) | Network security testing method for power monitoring system | |
JP3934062B2 (en) | Unauthorized access detection device | |
JP2007226827A (en) | Log-in request receiving device and access management device | |
Badea et al. | Computer networks security based on the detection of user's behavior | |
Hakkoymaz | Classifying Database Users for Intrusion Prediction and Detection in Data Security | |
CN113422776A (en) | Active defense method and system for information network security | |
Pandian et al. | Security challenges of iot and medical devices in healthcare |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |