CN117240457A - Password computing service method and system based on third party infrastructure - Google Patents

Password computing service method and system based on third party infrastructure Download PDF

Info

Publication number
CN117240457A
CN117240457A CN202311414884.0A CN202311414884A CN117240457A CN 117240457 A CN117240457 A CN 117240457A CN 202311414884 A CN202311414884 A CN 202311414884A CN 117240457 A CN117240457 A CN 117240457A
Authority
CN
China
Prior art keywords
service
password
party infrastructure
cryptographic
component
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311414884.0A
Other languages
Chinese (zh)
Inventor
李聪聪
崔久强
徐祺
李文斌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Digital Certificate Certification Center Co ltd
Original Assignee
Shanghai Digital Certificate Certification Center Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Digital Certificate Certification Center Co ltd filed Critical Shanghai Digital Certificate Certification Center Co ltd
Priority to CN202311414884.0A priority Critical patent/CN117240457A/en
Publication of CN117240457A publication Critical patent/CN117240457A/en
Pending legal-status Critical Current

Links

Landscapes

  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The application relates to the technical field of network security, in particular to a password computing service system and method based on a third party infrastructure. The application provides a password computing service system based on a third party infrastructure, which comprises a public cloud platform deployed at a cloud end, the third party infrastructure, a password service component and a service system deployed locally: the public cloud platform is used for providing a basic cloud computing framework; the third party infrastructure for providing cryptographic service capabilities; the password service component obtains password service capability from a third party infrastructure; the business system realizes corresponding password service calculation through the password service component. The application can obtain the password calculation service through the third party infrastructure, can meet the password calculation requirement of a service system without self-deploying and maintaining the password calculation module, and promotes the co-building sharing and resource sharing in the password calculation field.

Description

Password computing service method and system based on third party infrastructure
Technical Field
The application relates to the technical field of network security, in particular to a password computing service system and method based on a third party infrastructure.
Background
In recent years, network security issues have become a focus of global attention. The network security has important significance for national security and social stability, and is more relevant to the body-building benefits of masses. As a core technology and a basic support for network and information security, the cryptographic technology plays an indispensable important role in maintaining national security, promoting economic and social development and protecting the benefits of people.
With the continuous development of cloud computing technology, infrastructure construction based on cloud computing is continuously perfected, and public cloud and private cloud construction is actively carried out in all areas. Therefore, more demands are also put on the way the cryptographic technique is applied. Conventional cryptographic service modes have been difficult to accommodate for new business demand changes, requiring upgrades and modifications.
The traditional password service mode relies on an integration mode based on various password devices, so that password application service on the tenant side in cloud computing is realized. However, in an environment where application services are diversified, it is difficult for such a mode to flexibly adapt to new demands caused by the change in service demands.
In addition, in the traditional password equipment integration mode, the expertise of application developers is different, so that the application key management and the use are scattered, the cost of the application integration password development and the user operation and maintenance is greatly increased, and the possibility of system security risk is increased.
In summary, with the continuous development of cloud computing technology, more requirements are put on the application mode of the cryptographic technology. The traditional password service mode is difficult to adapt to new service demand changes, and needs to be explored to adapt to continuously changing service demands, so that the cost of application integrated password development and operation and maintenance of users is reduced, and the safety of the system is improved.
Disclosure of Invention
The application aims to provide a password computing service system and method based on a third party infrastructure, which solve the problems of low integration level, poor flexibility and poor expandability of the password computing service in the prior art.
In order to achieve the above objective, the present application provides a cryptographic computing service system based on a third party infrastructure, which includes a public cloud platform deployed in a cloud, a third party infrastructure, and a cryptographic service component and a service system deployed locally:
the public cloud platform is used for providing a basic cloud computing framework;
the third party infrastructure for providing cryptographic service capabilities;
the password service component obtains password service capability from a third party infrastructure;
the business system realizes corresponding password service calculation through the password service component.
In one embodiment, the cryptographic computing service system further comprises a locally deployed proxy pre-component:
the agent pre-assembly is used for providing an encryption channel crossing networks and connecting a third party infrastructure and/or a public cloud platform.
In one embodiment, the cryptographic service capabilities include cryptographic service capabilities including cryptographic encryption and decryption, time stamping services, signature verification, key management systems, user registration authorities, and security authentication gateways.
In one embodiment, the cryptographic service component sets up a secure authentication gateway;
the safety authentication gateway is connected to various identity authentication sources to realize user identity authentication and authorization management.
In one embodiment, the cryptographic service component is deployed locally based on an installation mode of the software system.
In an embodiment, when the password service component is installed on the hardware server, the corresponding deployment mode is installed in an installation package mode;
the password service component is installed in a cloud server in a corresponding deployment mode of virtual containerized mirror image installation or installation package installation;
when the password service component is installed in the cloud container cluster, the corresponding deployment mode is to upload the image file, and the container is installed in an instantiation mode.
In order to achieve the above object, the present application provides a cryptographic computing service method based on a third party infrastructure, comprising the steps of:
deploying a password service component locally;
the password service component obtains password service capability through a third party infrastructure;
the business system realizes corresponding password service calculation through the password service component.
In an embodiment, the method further comprises the steps of:
and (3) an encryption channel is established between the local deployment agent front-end component and the public cloud platform and the third party infrastructure.
In one embodiment, the cryptographic service capabilities include cryptographic encryption and decryption, time stamp service, signature verification, key management system, user registration authority, and security authentication gateway.
In an embodiment, the method further comprises the steps of:
and setting a security authentication gateway in the password service component, wherein the security authentication gateway is used for being connected to various identity authentication sources to realize user identity authentication and authorization management.
In an embodiment, the locally deploying the cryptographic service component further includes the steps of:
the installation mode based software system is deployed locally.
In an embodiment, the locally deploying the cryptographic service component further includes the steps of:
when the password service component is installed on the hardware server, the corresponding deployment mode is installed in an installation package mode;
when the password service component is installed on the cloud server, the corresponding deployment mode is virtual container mirror image installation or installation package installation;
when the password service component is installed in the cloud container cluster, the corresponding deployment mode is uploading an image file, and the container is installed in an instantiation mode.
According to the password computing service system and method based on the third-party infrastructure, the password computing service can be acquired through the third-party infrastructure, and the password computing module does not need to be deployed and maintained by oneself, so that the password computing service system and method based on the third-party infrastructure have the advantages of being high in resource sharing, expansibility and reliability, high in safety, good in flexibility, strong in sustainability, low in threshold and the like, and the co-building sharing and resource sharing in the password computing field are promoted.
Drawings
The above and other features, properties and advantages of the present application will become more apparent from the following description of embodiments taken in conjunction with the accompanying drawings in which like reference characters designate like features throughout the drawings, and in which:
FIG. 1 discloses a functional block diagram of a third party infrastructure-based cryptographic computing service system in accordance with an embodiment of the present application;
FIG. 2 discloses a deployment diagram of a third party infrastructure-based cryptographic computing service system in accordance with an embodiment of the application;
fig. 3 discloses a step diagram of a third party infrastructure-based cryptographic computing service method according to an embodiment of the application.
The meaning of the reference numerals in the figures is as follows:
100 cloud end;
a 110 public cloud platform;
120 a third party infrastructure;
200 local;
a proxy pre-component 210;
220 a cryptographic service component;
230 service system.
Detailed Description
The present application will be described in further detail with reference to the drawings and examples, in order to make the objects, technical solutions and advantages of the present application more apparent. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the application.
The application provides a password computing service system and a password computing service method based on a third party infrastructure, which provide a set of controllable and manageable password service system based on a public cloud platform and the third party infrastructure, provide password application service based on a software layer for the cloud computing facility through the password service provided by the third party infrastructure, effectively solve a plurality of problems faced by traditional password computing, realize co-building sharing of the system password infrastructure, integral deployment of an information system, convergence sharing of data resources and effective collaboration of business applications, and further provide a definite construction direction for unified design, unified service, unified linkage and unified command of industry applications.
The third party infrastructure refers to an organization that deploys a cryptographic service background, and may generally be a (CA, certification Authority) certificate authority.
Fig. 1 discloses a schematic block diagram of a third party infrastructure-based cryptographic computing service system according to an embodiment of the present application, and as shown in fig. 1, the third party infrastructure-based cryptographic computing service system provided by the present application includes a public cloud platform 110 deployed at a cloud end 100, a third party infrastructure 120, a cryptographic service component 220 deployed at a local area 200, and a service system 230:
the public cloud platform 110 is configured to provide a basic cloud computing framework;
the third party infrastructure 120 is configured to provide a cryptographic service capability, and the user may obtain the cryptographic service capability through the third party infrastructure 120;
the cryptographic service component 220 obtains cryptographic service capabilities from the third party infrastructure 120;
the business system 230 implements corresponding cryptographic service computation through the cryptographic service component 220.
Still further, the third party infrastructure-based cryptographic computing service system as shown in fig. 1 further includes a locally deployed proxy pre-component 210:
the agent pre-component 210 is configured to provide an encryption channel across networks, connect to the third party infrastructure 120 and/or the public cloud platform 110, and ensure security of data transmission.
The password service component 220 realizes the core password service capability of password encryption and decryption, signature verification, security authentication gateway and the like based on local resources.
In this embodiment, the cryptographic service capabilities include, but are not limited to, cryptographic encryption and decryption, time stamp service, signature verification, key management system, user registration authority, and security authentication gateway.
The password service component 220 sets up a security authentication gateway;
the safety authentication gateway is connected to various identity authentication sources to realize user identity authentication and authorization management.
The cryptographic service component 220 is deployed locally based on the installation mode of the software system.
The password service component 220 is installed in an installation package mode when installed on a hardware server;
the password service component 220 is installed in a virtual containerized mirror image installation or installation package mode when installed on a cloud server;
the password service component 220 is installed in the cloud container cluster in a corresponding deployment mode of uploading an image file, and the container is installed in an instantiation mode.
The password service component 220 can intensively provide password service, is applicable to different password calculation algorithms and application protocols, realizes application development of various scenes, provides unified service capability based on terminals, and improves flexibility and expansibility.
According to the password computing service system based on the third-party infrastructure, password computing capability acquisition is achieved through the password service capability provided by the public cloud platform 110 and the third-party infrastructure 120, a proxy pre-component 210 deployed locally is connected with the third-party infrastructure 120 to achieve an encryption channel between networks, and a service system 230 subsequently achieves password encrypting and decrypting, signature verification, security authentication gateway and other password service capabilities through a password service component 220 deployed locally, so that the password computing requirements of applications are met.
FIG. 2 discloses a deployment diagram of a third party infrastructure-based cryptographic computing service system in accordance with an embodiment of the application, and the third party infrastructure-based cryptographic computing service system shown in FIG. 1 is further described below in conjunction with FIG. 2.
A cryptographic services platform, third party infrastructure 120, as shown in fig. 2, is used to provide cryptographic services capabilities to users.
The cryptographic service platform is in the form of user-oriented PaaS (Platform as a Service ) platform
Cryptographic service capability is a broad concept including, but not limited to, such as time stamp services, signature verification, key management systems, RA (Registration Authority, user registration authorities), and the like.
The proxy pre-component 210 establishes an encrypted channel using a secure trusted channel encryption gateway device. Typically such devices are hardware devices, deployed on either side of the peer-to-peer network, one on the cloud as shown in fig. 2, and one on the local "application service area".
The main function of the proxy pre-component 210 is to function in the network layer (e.g., IPsec protocol), which creates an encrypted communication tunnel under the transport layer, encrypts the entire packet, and maintains the encrypted state during transmission, which means that all traffic passing through the communication tunnel is encrypted, including the various communication layers of the application layer, transport layer, etc.
The cryptographic service component 220 is, for example, a cryptographic service module in fig. 2, and is configured to implement cryptographic service capabilities such as cryptographic encryption and decryption, signature verification, and security authentication gateway.
The proxy pre-component 210 and the cryptographic service module are both deployed locally, installed in the server resources of the "application service area" on the right-hand side of fig. 2.
The server resource may be a hardware server, or may be a cloud server or a cloud container cluster resource.
In some embodiments, the cryptographic service module is a set of software systems conforming to the national cryptographic GM/T0028 software cryptographic module standard, deployed locally based on the installation mode of the software system.
More specifically, the deployment mode of the password service module includes:
1) If the local application service area provides hardware server resources, the installation package mode is adopted for installation
2) If the local application service area provides cloud server resources, the cloud server resources are generally installed by adopting virtual containerized mirror images, and the cloud server resources can also be installed in a secure package mode.
3) If the local "application service area" provides cloud container cluster resources, then uploading image files can be employed, and the containers can be installed in an instantiated manner.
And the service system invokes hardware resources through the password service module to realize corresponding password service calculation such as password calculation, encryption and decryption, signature verification, authentication and the like.
And setting a security authentication gateway in an application service area through a password service module, so as to realize user identity authentication and authorization management and ensure the security of the system.
In the embodiment shown in fig. 2, the secure authentication gateway is typically a hardware encryption device. The key function of the method is to be used as a centralized authentication center for users to access network resources, and the security of the network resources is ensured through encryption technology. Its primary function is to verify the identity of a user and grant him access to a specific resource, ensuring that only authorized users can access the protected resource. In addition, the secure authentication gateway may connect to a variety of authentication sources, such as LDAP (lightweight Directory access protocol), active Directory, etc., to ensure that the user's credentials are validated and to control access to particular resources according to authorization levels and policies. This will help ensure that only authorized users can access the network resources.
The password service module provides secondary development capability based on the client, and realizes development and access of various password scene applications based on the terminal, such as local application, file, encryption of data, signature and the like.
For example, if a business system of an "application service area" wants to obtain a time stamp cryptographic capability, it is necessary to first apply the time stamp cryptographic capability to the "cryptographic service platform". After the time stamp password function of the password service platform side is opened, the time stamp password capability is endowed to a service system of an application service area through a password service module.
The "log audit system", "SSL VPN gateway", "fort machine", etc. as in fig. 2 are all conventional in the art and will not be described further herein.
The application also provides a third-party infrastructure-based password computing service method which can be realized by adopting the third-party infrastructure-based password computing service system shown in fig. 1 and 2. Fig. 3 discloses a step diagram of a third party infrastructure-based password calculation service method according to an embodiment of the present application, and as shown in fig. 3, the third party infrastructure-based password calculation service method according to the present application includes the following steps:
step S1, deploying a password service component locally;
s2, the password service component acquires password service capability through a third party infrastructure;
and S3, the business system realizes corresponding password service calculation through the password service component.
Further, the step S1 further includes the following steps:
and (3) an encryption channel is established between the local deployment agent front-end component and the public cloud platform and the third party infrastructure.
Further, the step S1 further includes the following steps:
the installation mode based software system is deployed locally.
Further, the step S1 further includes the following steps:
when the password service component is installed on the hardware server, the corresponding deployment mode is installed in an installation package mode;
when the password service component is installed on the cloud server, the corresponding deployment mode is virtual container mirror image installation or installation package installation;
when the password service component is installed in the cloud container cluster, the corresponding deployment mode is uploading an image file, and the container is installed in an instantiation mode.
Still further, the cryptographic service capabilities include cryptographic encryption and decryption, time stamp service, signature verification, key management system, user registration authority, and security authentication gateway.
Further, the step S2 further includes the following steps:
and setting a security authentication gateway in the password service component, wherein the security authentication gateway is used for being connected to various identity authentication sources to realize user identity authentication and authorization management.
The specific implementation details of the third-party infrastructure-based cryptographic computing service method correspond to the aforementioned third-party infrastructure-based cryptographic computing service system, so that the specific details are not repeated here.
While, for purposes of simplicity of explanation, the methodologies are shown and described as a series of acts, it is to be understood and appreciated that the methodologies are not limited by the order of acts, as some acts may, in accordance with one or more embodiments, occur in different orders and/or concurrently with other acts from that shown and described herein or not shown and described herein, as would be understood and appreciated by those skilled in the art.
According to the password computing service system and method based on the third-party infrastructure, the public cloud-based cloud password service is used for realizing the resource sharing of password computing and the effective coordination of business application.
Compared with the traditional password calculation mode, the password calculation service system and method based on the third-party infrastructure provided by the application have the following beneficial effects:
1) Resource sharing: the user can obtain the password calculation service through the third-party infrastructure, and does not need to self-deploy and maintain the password calculation module, so that the cost of manpower and material resources is saved;
2) The expansibility is strong: the computing resources of the third-party infrastructure have excellent expansibility, can easily meet various service demands, and are upgraded and expanded along with the development of the service;
3) The reliability is high: the cloud password service provider of the third party infrastructure generally has strong technical support and operation and maintenance team, ensures high availability and stability of the system, and provides strong guarantee for stable operation of the service;
4) The safety is high: by adopting security mechanisms such as an encryption channel, a security authentication gateway and the like, the security of data transmission and processing is ensured, and the security of a system and the privacy of a user are effectively protected;
5) The flexibility is good: the method can flexibly adapt to different service scenes and application requirements, supports various cryptographic calculation algorithms and application protocols, and has high flexibility and expandability;
6) The sustainability is strong: the cloud password service based on the third-party infrastructure can effectively promote co-building sharing and resource sharing in the password computing field, and provide sustainable support and guarantee for development of the password computing technology;
7) And (3) lowering a threshold: the cloud password service provider of the third party infrastructure generally provides rich development tools and documents, so that a user is helped to develop and deploy application programs quickly, the technical threshold of password calculation is reduced, and the development efficiency and quality are improved.
As used in the specification and in the claims, the terms "a," "an," "the," and/or "the" are not specific to a singular, but may include a plurality, unless the context clearly dictates otherwise. In general, the terms "comprises" and "comprising" merely indicate that the steps and elements are explicitly identified, and they do not constitute an exclusive list, as other steps or elements may be included in a method or apparatus.
Those of skill in the art would understand that information, signals, and data may be represented using any of a variety of different technologies and techniques. For example, data, instructions, commands, information, signals, bits, symbols, and chips that may be referenced throughout the above description may be represented by voltages, currents, electromagnetic waves, magnetic fields or particles, optical fields or particles, or any combination thereof.
Those of skill would further appreciate that the various illustrative logical blocks, components, modules, circuits, and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both. To clearly illustrate this interchangeability of hardware and software, various illustrative components, blocks, modules, circuits, and steps have been described above generally in terms of their functionality. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the overall system. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
The various illustrative logical modules, and circuits described in connection with the embodiments disclosed herein may be implemented or performed with a general purpose processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other programmable logic device, discrete gate or transistor logic, discrete hardware components, or any combination thereof designed to perform the functions described herein. A general purpose processor may be a microprocessor, but in the alternative, the processor may be any conventional processor, controller, microcontroller, or state machine. A processor may also be implemented as a combination of computing devices, e.g., a combination of a DSP and a microprocessor, a plurality of microprocessors, one or more microprocessors in conjunction with a DSP core, or any other such configuration.
The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied directly in hardware, in a software module executed by a processor, or in a combination of the two. A software module may reside in RAM memory, flash memory, ROM memory, EPROM memory, EEPROM memory, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art. An exemplary storage medium is coupled to the processor such the processor can read information from, and write information to, the storage medium. In the alternative, the storage medium may be integral to the processor. The processor and the storage medium may reside in an ASIC. The ASIC may reside in a user terminal. In the alternative, the processor and the storage medium may reside as discrete components in a user terminal.
In one or more exemplary embodiments, the functions described may be implemented in hardware, software, firmware, or any combination thereof. If implemented in software as a computer program product, the functions may be stored on or transmitted over as one or more instructions or code on a computer-readable medium. Computer-readable media includes both computer storage media and communication media including any medium that facilitates transfer of a computer program from one place to another. A storage media may be any available media that can be accessed by a computer. By way of example, and not limitation, such computer-readable media can comprise RAM, ROM, EEPROM, CD-ROM or other optical disk storage, magnetic disk storage or other magnetic storage devices, or any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer. Any connection is properly termed a computer-readable medium. For example, if the software is transmitted from a web site, server, or other remote source using a coaxial cable, fiber optic cable, twisted pair, digital Subscriber Line (DSL), or wireless technologies such as infrared, radio, and microwave, then the coaxial cable, fiber optic cable, twisted pair, DSL, or wireless technologies such as infrared, radio, and microwave are included in the definition of medium. Disk (disc) and disc (disc) as used herein include compact discs
(CD), laser disc, optical disc, digital Versatile Disc (DVD), floppy disk and blu-ray disc where disks (disks) usually reproduce data magnetically, while discs (disks) reproduce data optically with lasers. Combinations of the above should also be included within the scope of computer-readable media.
The embodiments described above are intended to provide those skilled in the art with a full range of modifications and variations to the embodiments described above without departing from the inventive concept thereof, and therefore the scope of the application is not limited by the embodiments described above, but is to be accorded the broadest scope consistent with the innovative features recited in the claims.

Claims (12)

1. The password computing service system based on the third-party infrastructure is characterized by comprising a public cloud platform deployed in the cloud, the third-party infrastructure, a password service component deployed locally and a service system:
the public cloud platform is used for providing a basic cloud computing framework;
the third party infrastructure for providing cryptographic service capabilities;
the password service component obtains password service capability from a third party infrastructure;
the business system realizes corresponding password service calculation through the password service component.
2. The third party infrastructure-based cryptographic computing service system according to claim 1, further comprising a locally deployed proxy pre-component:
the agent pre-assembly is used for providing an encryption channel crossing networks and connecting a third party infrastructure and/or a public cloud platform.
3. The third party infrastructure based cryptographic computing service system according to claim 1, wherein the cryptographic service capabilities include cryptographic encryption and decryption, time stamping services, signature verification, key management systems, user registration authorities, and security authentication gateways.
4. The third party infrastructure-based cryptographic computing service system according to claim 1, wherein the cryptographic service component sets up a secure authentication gateway;
the safety authentication gateway is connected to various identity authentication sources to realize user identity authentication and authorization management.
5. The third party infrastructure based cryptographic computing service system according to claim 1, wherein the cryptographic service component is deployed locally based on an installation mode of the software system.
6. The third party infrastructure-based cryptographic computing service system according to claim 5, wherein the cryptographic service component, when installed on a hardware server, is installed in a corresponding deployment manner as an installation package manner;
the password service component is installed in a cloud server in a corresponding deployment mode of virtual containerized mirror image installation or installation package installation;
when the password service component is installed in the cloud container cluster, the corresponding deployment mode is to upload the image file, and the container is installed in an instantiation mode.
7. A third party infrastructure-based cryptographic computing service method, comprising the steps of:
deploying a password service component locally;
the password service component obtains password service capability through a third party infrastructure;
the business system realizes corresponding password service calculation through the password service component.
8. The third party infrastructure-based cryptographic computing service method according to claim 7, further comprising the steps of:
and (3) an encryption channel is established between the local deployment agent front-end component and the public cloud platform and the third party infrastructure.
9. The third party infrastructure based cryptographic computing service method according to claim 7, wherein the cryptographic service capabilities include cryptographic encryption and decryption, time stamp service, signature verification, key management system, user registration authority, and security authentication gateway.
10. The third party infrastructure-based cryptographic computing service method according to claim 7, further comprising the steps of:
and setting a security authentication gateway in the password service component, wherein the security authentication gateway is used for being connected to various identity authentication sources to realize user identity authentication and authorization management.
11. The third party infrastructure based cryptographic computing service method according to claim 7, wherein the locally deploying cryptographic service component further comprises the steps of:
the installation mode based software system is deployed locally.
12. The third party infrastructure based cryptographic computing service method according to claim 11, wherein the locally deploying cryptographic service component further comprises the steps of:
when the password service component is installed on the hardware server, the corresponding deployment mode is installed in an installation package mode;
when the password service component is installed on the cloud server, the corresponding deployment mode is virtual container mirror image installation or installation package installation;
when the password service component is installed in the cloud container cluster, the corresponding deployment mode is uploading an image file, and the container is installed in an instantiation mode.
CN202311414884.0A 2023-10-27 2023-10-27 Password computing service method and system based on third party infrastructure Pending CN117240457A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311414884.0A CN117240457A (en) 2023-10-27 2023-10-27 Password computing service method and system based on third party infrastructure

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311414884.0A CN117240457A (en) 2023-10-27 2023-10-27 Password computing service method and system based on third party infrastructure

Publications (1)

Publication Number Publication Date
CN117240457A true CN117240457A (en) 2023-12-15

Family

ID=89094935

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311414884.0A Pending CN117240457A (en) 2023-10-27 2023-10-27 Password computing service method and system based on third party infrastructure

Country Status (1)

Country Link
CN (1) CN117240457A (en)

Similar Documents

Publication Publication Date Title
JP7415186B2 (en) Platform for computing at the mobile edge
US11509645B2 (en) Device authentication based upon tunnel client network requests
US9948619B2 (en) System and method for encryption key management in a mixed infrastructure stream processing framework
US11848962B2 (en) Device authentication based upon tunnel client network requests
US10587579B2 (en) Varying encryption level of traffic through network tunnels
JP2004180280A (en) Method and system for adaptive authorization
US10785196B2 (en) Encryption key management of client devices and endpoints within a protected network
US10218704B2 (en) Resource access control using named capabilities
US10375055B2 (en) Device authentication based upon tunnel client network requests
CN117240457A (en) Password computing service method and system based on third party infrastructure
US11611541B2 (en) Secure method to replicate on-premise secrets in a cloud environment
CN116996879A (en) Public Key Infrastructure (PKI) -based civil aircraft flash image service (FLS) remote loading security authentication and encryption system
Falk et al. A Comprehensive and Flexible Security Concept for CDNs in Heterogeneous Environments

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination