CN103685463A - Access control method and system in cloud computing system - Google Patents
Access control method and system in cloud computing system Download PDFInfo
- Publication number
- CN103685463A CN103685463A CN201310554151.7A CN201310554151A CN103685463A CN 103685463 A CN103685463 A CN 103685463A CN 201310554151 A CN201310554151 A CN 201310554151A CN 103685463 A CN103685463 A CN 103685463A
- Authority
- CN
- China
- Prior art keywords
- described user
- user
- resource
- certificate
- authority
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention provides an access control method and system in a cloud computing system. The method comprises: receiving an access request of the could computing system from a user, wherein the access request comprises identify information of the user; according to the identify information of the user, determining the role of the user in the could computing system, and according to the role of the user, checking the operation authority of the roll in the could computing system; according to the identity information of the user, determining resources accessible to the user in the could computing system; according to the operation authority of the roll of the user and the resources accessible to the user, obtaining an authorization certificate, wherein the authorization certificate records the user's operation authority over the accessible resources; and after obtaining the access request of the user, according to the authorization certificate of the user, controlling the access request of the user.
Description
Technical field
The present invention relates to computer application field, relate in particular to the method and system of access control in a kind of cloud computing system.
Background technology
Along with the rise of cloud computing, just there is deep change in computer realm.China's cloud computing service market is in the starting stage, and cloud computing technology and equipment have possessed certain development foundation.China's cloud computing service market in general scale is less, but it is obvious to catch up with the impetus.According to Gartner, estimate, portion is less than 3% in the cloud computing service market in approximately 90,000,000,000 dollars, the whole world for China in 2011, but a year speedup reaches 40%, expects that following China and external gap aspect cloud computing will dwindle gradually.
Sum up cloud computing and there is following feature:
(1) ultra-large: " cloud " has suitable scale, Google cloud computing has had more than 100 ten thousand station servers, and Amazon, IBM, Microsoft, Yahoo etc. " cloud " all has hundreds of thousands station server.The privately owned cloud of enterprise generally has hundreds of thousands of station servers." cloud " can give user unprecedented computing capability.
(2) virtual: cloud computing support user at an arbitrary position, use various terminals to obtain application service.Requested resource is from " cloud ", rather than fixing tangible entity.Be applied in somewhere operation in " cloud ", but in fact user without the particular location of understanding, also do not worry application operation.Only need a notebook or a mobile phone, just can realize all that we need by network service, even comprise the task that supercomputing is such.
(3) high reliability: " cloud " used the measures such as the many copies of data are fault-tolerant, computing node isomorphism is interchangeable to ensure the high reliability of service, uses cloud computing more reliable than using local computer.
(4) versatility: cloud computing, not for specific application, can construct Protean application under the support of " cloud ", same " cloud " can support different application operations simultaneously.
(5) enhanced scalability: the scale of " cloud " can dynamic retractility, meets the needs of application and userbase growth.
(6) on-demand service: " cloud " is a huge resource pool, and you buy as required; Cloud can look like running water, electricity, the such charging of coal gas.
(7) it is extremely cheap: because the special fault-tolerant measure of " cloud " can adopt extremely cheap node to form cloud, the automation centralized management of " cloud " makes a large amount of enterprises without the day by day high data center's management cost of burden, the versatility of " cloud " makes the utilance of resource significantly promote than legacy system, therefore user can enjoy the low-cost advantage of " cloud " to the full, often as long as cost hundreds of dollar, several days time need the task that tens thousand of dollars, time several months just can complete before just completing.
According to IDC, at a survey report of the issue end of the year in 2009, show, first three large market challenges that cloud computing service faces is respectively service safe, stability and performance performance.The cloud computing service research conclusion that this three challenges rank is carried out in 2008 with IDC is in full accord.In November, 2009, the investigation result of Forrester Research company shows, has 51% medium-sized and small enterprises to think that fail safe and privacy concern are the main reasons that they not yet use cloud service.Overriding concern factor when as can be seen here, fail safe is customer selecting cloud computing.
Cloud computing is due to the high concentration of its user, information resources, and the security incident consequence of bringing and risk also more traditional application exceed a lot.In 2009, all there is significant trouble in the cloud computing service of the companies such as Google, Microsoft, Amazon, causes thousands of clients' information service to be affected, and further aggravated the worry of industry to cloud computing application safety.
The development of cloud computing provides powerful redundant storage and fault tolerant mechanism, and more reliable data physical store safety, but the scheme that but has a kind of safe enough aspect access control, safety problem referred to above is all also that access control safety causes.Access control is the important means that realizes user data confidentiality and carry out secret protection; because the access main body mobility to same object in cloud computing is larger; need access control mechanisms more flexibly, therefore how flexibly access being controlled is technical problem urgently to be resolved hurrily.
Summary of the invention
The invention provides the method and system of access control in a kind of cloud computing system, the technical problem that solve is how to control flexibly user's access.
For solving the problems of the technologies described above, the invention provides following technical scheme:
A method for access control in cloud computing system, comprising:
Receive the access request of user to cloud computing system, wherein said access request comprises described user's identity information;
According to described user's identity information, determine the role of described user in described cloud computing system, and according to described user's role, inquire about the operating right of described role in described cloud computing system;
And, according to described user's identity information, determine the resource that described user can access in described cloud computing system;
The resource that can access according to described user's role's operating right and described user, authorized certificate, the wherein said certificate of authority records the operating right of described user to the resource that can access;
After obtaining described user's access request, according to described user's the certificate of authority, described user's access request is controlled.
Wherein, described method also has following features:
Described role comprises system manager, organization and administration person and system user;
Described resource comprises virtual machine, memory cell, Internet resources and application.
Wherein, described method also has following features: described method also comprises:
When described user's role changes, according to described user's new role, upgrade the operating right of described user in described cloud computing system, obtain new operating right;
The resource that can access according to new operating right and described user, generates the new certificate of authority.
Wherein, described method also has following features: described method also comprises:
When described user's resource changes, described user's resource is upgraded to the resource information after being upgraded;
According to the resource information after described renewal and described user's operating right, generate the new certificate of authority.
Wherein, described method also has following features: described method also comprises:
After obtaining described user's the certificate of authority, send described user's the certificate of authority to user;
According to described user's the certificate of authority, described user's access request is controlled, comprising:
Receive the described access request of described user's transmission and described user's the certificate of authority;
The certificate of authority sending according to described user, controls described user's access request.
A system for access control in cloud computing system, comprising:
First receiving device, for receiving the access request of user to cloud computing system, wherein said access request comprises described user's identity information;
The first determining device, is connected with described first receiving device, for according to described user's identity information, determines the role of described user in described cloud computing system;
Inquiry unit, with described the first inquiry unit, for inquiring about the role according to described user, inquires about the operating right of described role in described cloud computing system;
The second determining device, is connected with described first receiving device, for according to described user's identity information, determines the resource that described user can access in described cloud computing system;
Acquisition device, be connected with described the second determining device with described the first determining device, for the resource that can access according to described user's role's operating right and described user, authorized certificate, the wherein said certificate of authority records the operating right of described user to the resource that can access;
Control device, is connected with described acquisition device, for after obtaining described user's access request, according to described user's the certificate of authority, described user's access request is controlled.
Wherein, described system also has following features: described role comprises system manager, organization and administration person and system user;
Described resource comprises virtual machine, memory cell, Internet resources and application.
Wherein, described system also has following features: described system also comprises:
The first update module, while changing for the role as described user, according to described user's new role, upgrades the operating right of described user in described cloud computing system, obtains new operating right;
The first generation module, the resource for accessing according to new operating right and described user, generates the new certificate of authority.
Wherein, described system also has following features: described system also comprises:
The second update module, while changing for the resource as described user, upgrades the resource information after being upgraded to described user's resource;
The second generation module, for according to the resource information after described renewal and described user's operating right, generates the new certificate of authority.
Wherein, described system also has following features: described system also comprises:
Sending module, is connected with described acquisition module, for after obtaining described user's the certificate of authority, sends described user's the certificate of authority to user;
Described control device comprises:
Receiver module, for receiving the described access request of described user's transmission and described user's the certificate of authority;
Control module, for the certificate of authority sending according to described user, controls described user's access request.
Embodiment provided by the invention, inherit the feature of role's access control, and form a more perfect cloud computing access control model based on Resource Role by resource dynamic authorization, than traditional mode, can realize the more fine-grained control of user access resources, thereby built the cloud computing access control scheme of a safety, for realizing the Reliable guarantee to cloud computing system safety under extensive cloud computing environment.
Accompanying drawing explanation
Fig. 1 is the schematic flow sheet of the embodiment of the method for access control in cloud computing system provided by the invention;
The schematic diagram that Fig. 2 is the RBAC model that provides in the present invention;
Fig. 3 is the schematic diagram that in RBAC model provided by the invention, resource authorization is controlled;
Fig. 4 is the schematic diagram of the database table of access authorization for resource in RBAC model provided by the invention;
Fig. 5 is the schematic flow sheet of the method application example of cloud computing system access control provided by the invention;
Fig. 6 is the structural representation of the system embodiment of access control in cloud computing system provided by the invention.
Embodiment
For making the object, technical solutions and advantages of the present invention clearer, the present invention is described in further detail below in conjunction with the accompanying drawings and the specific embodiments.It should be noted that, in the situation that not conflicting, the embodiment in the application and the feature in embodiment be combination in any mutually.
Fig. 1 is the schematic flow sheet of the embodiment of the method for access control in cloud computing system provided by the invention.Embodiment of the method shown in Fig. 1, comprising:
Described user's identity information can described user name or id information.
Wherein, user can have different system actors, such as being system manager, organization and administration person, system user; Resource authorization is controlled for realizing the access authorization of user to all resources of cloud computing platform, and its resource comprises the resource that all cloud computing service platforms of virtual machine, storage, network, application etc. provide.Resource authorization can be realized the flexible control to user access resources by licensing to unique user or role's mode by the authority of resource access;
Wherein, different system actors can have different operating rights.Meanwhile different users or system actor also have different access authorization for resource, such as the user who has only has the administration authority to resource virtual machine, what have only has the administration authority to network, only have the authority of the existing resource of system user to there is again the authority of operation simultaneously, can really to the resource in cloud computing, operate.
Wherein, access control scheme is following two kinds:
Mode one:
After obtaining described user's the certificate of authority, send described user's the certificate of authority to user;
And corresponding, according to described user's the certificate of authority, described user's access request is controlled, comprising:
Receive the described access request of described user's transmission and described user's the certificate of authority;
The certificate of authority sending according to described user, controls described user's access request.
Mode one, by user's the certificate of authority is fed back to user, is preserved the certificate of authority of a large number of users without server end, reduced maintenance cost, when processing access request, without searching, has improved treatment effeciency from a large amount of certificate of authoritys.
Mode two:
In local memory space, preserve described user's the certificate of authority;
After receiving the described access request of described user's transmission, according to described user's identity information, inquire about described user's the certificate of authority;
According to the certificate of authority inquiring, described user's access request is controlled.
In mode two, the certificate of authority is preserved by this locality, does not have the premeditated situation about changing by user, has guaranteed the safety of the certificate of authority, can control exactly user's access request.
In addition, when described user's role changes, according to described user's new role, upgrade the operating right of described user in described cloud computing system, obtain new operating right; The resource that can access according to new operating right and described user, generates the new certificate of authority; And/or,
When described user's resource changes, described user's resource is upgraded to the resource information after being upgraded; According to the resource information after described renewal and described user's operating right, generate the new certificate of authority.
By detecting affecting the factor (resource and operating right) of subscriber authorisation certificate in real time, guarantee that the service condition that the certificate of authority is in real time corresponding with user is consistent, thereby realize accurately, control.
Certainly, if the certificate of authority is preserved by user,, after generating the new certificate of authority, also the new certificate of authority to be sent to user, to guarantee user's normal access.
Below embodiment of the method provided by the invention is described further:
The schematic diagram that Fig. 2 is the RBAC model that provides in the present invention.This model comprises 4 entities, be respectively user (User), role (Role), resource (Resource) and authority (Permission), it is that expansion realizes on the basis of RBAC basic model, inherit the feature of RBAC, authority is distributed to role by resource, rather than directly distribute to role, thereby realize a kind of active safety model of dynamic authorization, thereby realize the Reliable guarantee to cloud computing system safety under extensive cloud computing environment.
Fig. 3 is the schematic diagram that in RBAC model provided by the invention, resource authorization is controlled.This resource control is for realizing the access authorization of user to all resources of cloud computing platform, and its resource comprises the resource that all cloud computing service platforms of virtual machine, storage, network, application etc. provide.Resource authorization can be realized the flexible control to user access resources by licensing to unique user or role's mode by the authority of resource access.
Fig. 4 is the schematic diagram of the database table of access authorization for resource in RBAC model provided by the invention.Wherein can pass through resource, resource group, user/role and three data table packs of resource and control user/role to using the access control of resource.
With a concrete application example, describe below:
Fig. 5 is the schematic flow sheet of the method application example of cloud computing system access control provided by the invention.Method shown in Fig. 5 comprises:
Step 1: the request that certain user in system user sends access system such as system manager.
Step 2: system is obtained the role of user in system according to user's title or ID.
Step 3: which operating right first obtains this role according to user's role has in system.
Step 4: the resource of simultaneously obtaining user-accessible by user's name or ID
Step 5: read this user or the addressable resource information of role from the addressable control of authority of resource.
Step 6: generating role can operating right and the addressable permission grant certificate of resource.
Step 7: the resource in cloud computing is conducted interviews and operated according to the certificate of authority.
Step 8: backward reference and operating result.
In sum, method provided by the invention, inherit access control (the Resource-role-based Access Control of Resource Role, R-RBAC) feature, and form a more perfect cloud computing access control model based on Resource Role by resource dynamic authorization, than traditional mode, can realize the more fine-grained control of user access resources, thereby built the cloud computing access control scheme of a safety, for realizing the Reliable guarantee to cloud computing system safety under extensive cloud computing environment.
Fig. 6 is the structural representation of the system embodiment of access control in cloud computing system provided by the invention.System shown in Figure 6 embodiment comprises:
First receiving device 601, for receiving the access request of user to cloud computing system, wherein said access request comprises described user's identity information;
The first determining device 602, is connected with described first receiving device, for according to described user's identity information, determines the role of described user in described cloud computing system;
Inquiry unit 603, with described the first inquiry unit 603, for inquiring about the role according to described user, inquires about the operating right of described role in described cloud computing system;
The second determining device 604, is connected with described first receiving device 601, for according to described user's identity information, determines the resource that described user can access in described cloud computing system;
Acquisition device 605, be connected with described the second determining device 404 with described the first determining device 603, for the resource that can access according to described user's role's operating right and described user, authorized certificate, the wherein said certificate of authority records the operating right of described user to the resource that can access;
Control device 606, is connected with described acquisition device 605, for after obtaining described user's access request, according to described user's the certificate of authority, described user's access request is controlled.
Wherein, described role comprises system manager, organization and administration person and system user;
Described resource comprises virtual machine, memory cell, Internet resources and application.
Wherein, described system also comprises:
The first update module, while changing for the role as described user, according to described user's new role, upgrades the operating right of described user in described cloud computing system, obtains new operating right;
The first generation module, the resource for accessing according to new operating right and described user, generates the new certificate of authority.
Wherein, described system also comprises:
The second update module, while changing for the resource as described user, upgrades the resource information after being upgraded to described user's resource;
The second generation module, for according to the resource information after described renewal and described user's operating right, generates the new certificate of authority.
Wherein, described system also comprises:
Sending module, is connected with described acquisition module, for after obtaining described user's the certificate of authority, sends described user's the certificate of authority to user;
Described control device comprises:
Receiver module, for receiving the described access request of described user's transmission and described user's the certificate of authority;
Control module, for the certificate of authority sending according to described user, controls described user's access request.
In sum, system embodiment provided by the invention, inherit the feature of role's access control, and form a more perfect cloud computing access control model based on Resource Role by resource dynamic authorization, than traditional mode, can realize the more fine-grained control of user access resources, thereby build the cloud computing access control scheme of a safety, for realizing the Reliable guarantee to cloud computing system safety under extensive cloud computing environment.
The all or part of step that one of ordinary skill in the art will appreciate that above-described embodiment can realize by computer program flow process, described computer program can be stored in a computer-readable recording medium, described computer program (as system, unit, device etc.) on corresponding hardware platform is carried out, when carrying out, comprise step of embodiment of the method one or a combination set of.
Alternatively, all or part of step of above-described embodiment also can realize with integrated circuit, and these steps can be made into respectively integrated circuit modules one by one, or a plurality of modules in them or step are made into single integrated circuit module realize.Like this, the present invention is not restricted to any specific hardware and software combination.
Each device/functional module/functional unit in above-described embodiment can adopt general calculation element to realize, and they can concentrate on single calculation element, also can be distributed on the network that a plurality of calculation elements form.
The form of software function module of usining each device/functional module/functional unit in above-described embodiment realizes and during as production marketing independently or use, can be stored in a computer read/write memory medium.The above-mentioned computer read/write memory medium of mentioning can be read-only memory, disk or CD etc.
The above; be only the specific embodiment of the present invention, but protection scope of the present invention is not limited to this, is anyly familiar with those skilled in the art in the technical scope that the present invention discloses; can expect easily changing or replacing, within all should being encompassed in protection scope of the present invention.Therefore, protection scope of the present invention should be as the criterion with the protection range described in claim.
Claims (10)
1. a method for access control in cloud computing system, is characterized in that, comprising:
Receive the access request of user to cloud computing system, wherein said access request comprises described user's identity information;
According to described user's identity information, determine the role of described user in described cloud computing system, and according to described user's role, inquire about the operating right of described role in described cloud computing system;
And, according to described user's identity information, determine the resource that described user can access in described cloud computing system;
The resource that can access according to described user's role's operating right and described user, authorized certificate, the wherein said certificate of authority records the operating right of described user to the resource that can access;
After obtaining described user's access request, according to described user's the certificate of authority, described user's access request is controlled.
2. method according to claim 1, is characterized in that:
Described role comprises system manager, organization and administration person and system user;
Described resource comprises virtual machine, memory cell, Internet resources and application.
3. method according to claim 1, is characterized in that, described method also comprises:
When described user's role changes, according to described user's new role, upgrade the operating right of described user in described cloud computing system, obtain new operating right;
The resource that can access according to new operating right and described user, generates the new certificate of authority.
4. method according to claim 1, is characterized in that, described method also comprises:
When described user's resource changes, described user's resource is upgraded to the resource information after being upgraded;
According to the resource information after described renewal and described user's operating right, generate the new certificate of authority.
5. method according to claim 1, is characterized in that:
Described method also comprises:
After obtaining described user's the certificate of authority, send described user's the certificate of authority to user;
According to described user's the certificate of authority, described user's access request is controlled, comprising:
Receive the described access request of described user's transmission and described user's the certificate of authority;
The certificate of authority sending according to described user, controls described user's access request.
6. a system for access control in cloud computing system, is characterized in that, comprising:
First receiving device, for receiving the access request of user to cloud computing system, wherein said access request comprises described user's identity information;
The first determining device, is connected with described first receiving device, for according to described user's identity information, determines the role of described user in described cloud computing system;
Inquiry unit, with described the first inquiry unit, for inquiring about the role according to described user, inquires about the operating right of described role in described cloud computing system;
The second determining device, is connected with described first receiving device, for according to described user's identity information, determines the resource that described user can access in described cloud computing system;
Acquisition device, be connected with described the second determining device with described the first determining device, for the resource that can access according to described user's role's operating right and described user, authorized certificate, the wherein said certificate of authority records the operating right of described user to the resource that can access;
Control device, is connected with described acquisition device, for after obtaining described user's access request, according to described user's the certificate of authority, described user's access request is controlled.
7. system according to claim 1, is characterized in that:
Described role comprises system manager, organization and administration person and system user;
Described resource comprises virtual machine, memory cell, Internet resources and application.
8. system according to claim 6, is characterized in that, described method also comprises:
The first update module, while changing for the role as described user, according to described user's new role, upgrades the operating right of described user in described cloud computing system, obtains new operating right;
The first generation module, the resource for accessing according to new operating right and described user, generates the new certificate of authority.
9. system according to claim 1, is characterized in that, described system also comprises:
The second update module, while changing for the resource as described user, upgrades the resource information after being upgraded to described user's resource;
The second generation module, for according to the resource information after described renewal and described user's operating right, generates the new certificate of authority.
10. system according to claim 6, is characterized in that:
Described system also comprises:
Sending module, is connected with described acquisition module, for after obtaining described user's the certificate of authority, sends described user's the certificate of authority to user;
Described control device comprises:
Receiver module, for receiving the described access request of described user's transmission and described user's the certificate of authority;
Control module, for the certificate of authority sending according to described user, controls described user's access request.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310554151.7A CN103685463A (en) | 2013-11-08 | 2013-11-08 | Access control method and system in cloud computing system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310554151.7A CN103685463A (en) | 2013-11-08 | 2013-11-08 | Access control method and system in cloud computing system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103685463A true CN103685463A (en) | 2014-03-26 |
Family
ID=50321739
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310554151.7A Pending CN103685463A (en) | 2013-11-08 | 2013-11-08 | Access control method and system in cloud computing system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103685463A (en) |
Cited By (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104301328A (en) * | 2014-10-29 | 2015-01-21 | 北京思特奇信息技术股份有限公司 | Resource operation safety authentication method and system under cloud calculation environment |
| CN104333459A (en) * | 2014-07-28 | 2015-02-04 | 浪潮(北京)电子信息产业有限公司 | Method and device for fault management of cloud data center |
| CN105072183A (en) * | 2015-08-10 | 2015-11-18 | 浪潮(北京)电子信息产业有限公司 | Management method and management device for cloud operation system (OS) software repository |
| CN106096976A (en) * | 2016-06-03 | 2016-11-09 | 成都镜杰科技有限责任公司 | Small business's client relation management method |
| WO2016188153A1 (en) * | 2015-05-22 | 2016-12-01 | 中兴通讯股份有限公司 | Access role acquiring method, device and system |
| CN106446716A (en) * | 2016-10-14 | 2017-02-22 | 郑州云海信息技术有限公司 | Cloud storage safety management device |
| CN106446638A (en) * | 2016-10-14 | 2017-02-22 | 郑州云海信息技术有限公司 | Cloud computing operation system security access method and device |
| CN106815685A (en) * | 2017-01-22 | 2017-06-09 | 杭州纳戒科技有限公司 | Full industrial chain is shared in the benefit the construction method and system of contract |
| WO2017143975A1 (en) * | 2016-02-23 | 2017-08-31 | 中兴通讯股份有限公司 | Access control method and platform |
| CN109246143A (en) * | 2018-10-29 | 2019-01-18 | 航天信息股份有限公司 | Identity authentication method, device and storage medium based on digital certificate |
| CN110457932A (en) * | 2019-08-19 | 2019-11-15 | 赛尔网络有限公司 | Determine the method, apparatus, equipment and medium of resource access authority |
| CN110650139A (en) * | 2019-09-25 | 2020-01-03 | 四川师范大学 | Resource access control method and system of cloud platform |
| CN111625866A (en) * | 2020-05-28 | 2020-09-04 | 广东浪潮大数据研究有限公司 | Authority management method, system, equipment and storage medium |
| CN112866386A (en) * | 2021-01-19 | 2021-05-28 | 青岛越超传媒有限公司 | Data storage data construction method based on cloud computing |
| CN113411295A (en) * | 2021-05-07 | 2021-09-17 | 上海纽盾科技股份有限公司 | Role-based access control situation awareness defense method and system |
| CN111625866B (en) * | 2020-05-28 | 2024-04-19 | 广东浪潮大数据研究有限公司 | Authority management method, system, equipment and storage medium |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102724221A (en) * | 2011-03-30 | 2012-10-10 | 上海微河信息科技有限公司 | Enterprise information system using cloud computing and method for setting user authority thereof |
-
2013
- 2013-11-08 CN CN201310554151.7A patent/CN103685463A/en active Pending
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102724221A (en) * | 2011-03-30 | 2012-10-10 | 上海微河信息科技有限公司 | Enterprise information system using cloud computing and method for setting user authority thereof |
Cited By (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104333459A (en) * | 2014-07-28 | 2015-02-04 | 浪潮(北京)电子信息产业有限公司 | Method and device for fault management of cloud data center |
| CN104301328A (en) * | 2014-10-29 | 2015-01-21 | 北京思特奇信息技术股份有限公司 | Resource operation safety authentication method and system under cloud calculation environment |
| WO2016188153A1 (en) * | 2015-05-22 | 2016-12-01 | 中兴通讯股份有限公司 | Access role acquiring method, device and system |
| CN105072183A (en) * | 2015-08-10 | 2015-11-18 | 浪潮(北京)电子信息产业有限公司 | Management method and management device for cloud operation system (OS) software repository |
| WO2017143975A1 (en) * | 2016-02-23 | 2017-08-31 | 中兴通讯股份有限公司 | Access control method and platform |
| CN106096976A (en) * | 2016-06-03 | 2016-11-09 | 成都镜杰科技有限责任公司 | Small business's client relation management method |
| CN106446716A (en) * | 2016-10-14 | 2017-02-22 | 郑州云海信息技术有限公司 | Cloud storage safety management device |
| CN106446638A (en) * | 2016-10-14 | 2017-02-22 | 郑州云海信息技术有限公司 | Cloud computing operation system security access method and device |
| CN106815685A (en) * | 2017-01-22 | 2017-06-09 | 杭州纳戒科技有限公司 | Full industrial chain is shared in the benefit the construction method and system of contract |
| CN109246143A (en) * | 2018-10-29 | 2019-01-18 | 航天信息股份有限公司 | Identity authentication method, device and storage medium based on digital certificate |
| CN110457932A (en) * | 2019-08-19 | 2019-11-15 | 赛尔网络有限公司 | Determine the method, apparatus, equipment and medium of resource access authority |
| CN110650139A (en) * | 2019-09-25 | 2020-01-03 | 四川师范大学 | Resource access control method and system of cloud platform |
| CN110650139B (en) * | 2019-09-25 | 2022-08-30 | 四川师范大学 | Resource access control method and system for cloud platform |
| CN111625866A (en) * | 2020-05-28 | 2020-09-04 | 广东浪潮大数据研究有限公司 | Authority management method, system, equipment and storage medium |
| CN111625866B (en) * | 2020-05-28 | 2024-04-19 | 广东浪潮大数据研究有限公司 | Authority management method, system, equipment and storage medium |
| CN112866386A (en) * | 2021-01-19 | 2021-05-28 | 青岛越超传媒有限公司 | Data storage data construction method based on cloud computing |
| CN113411295A (en) * | 2021-05-07 | 2021-09-17 | 上海纽盾科技股份有限公司 | Role-based access control situation awareness defense method and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103685463A (en) | Access control method and system in cloud computing system | |
| CN102571948B (en) | Cloud-computing-based platform as a service (PaaS) platform system and implementation method thereof | |
| US9432350B2 (en) | System and method for intelligent workload management | |
| Gopalakrishnan | Cloud computing identity management | |
| KR101431333B1 (en) | System and method of data federation module for sociality storage service on cloud computing | |
| CN103152336A (en) | Distributed authorization and authentication method in cloud computing environment | |
| US9270703B1 (en) | Enhanced control-plane security for network-accessible services | |
| CN103095720B (en) | A kind of method for managing security of cloud storage system of dialogue-based management server | |
| CN103369022A (en) | Method and system for communication with memory device | |
| Chiang et al. | Authentication, authorization and file synchronization in hybrid cloud: On case of Google Docs, Hadoop and Linux local hosts | |
| Wang | An efficient cloud storage model for heterogeneous cloud infrastructures | |
| Sarga | Cloud computing: An overview. | |
| CN104580081A (en) | Integrated SSO (single sign on) system | |
| Shen et al. | Securing data services: a security architecture design for private storage cloud based on HDFS | |
| US8903889B2 (en) | Method, system and article for mobile metadata software agent in a data-centric computing environment | |
| CN114595467A (en) | Multi-stage protection for data center objects | |
| Huo et al. | Design and implementation of private cloud storage platform based on OpenStack | |
| Yan | Cloud Storage Services | |
| CN103685537A (en) | Data read-write method for realizing SaaS service mode | |
| Cao | Design of digital library service platform based on cloud computing | |
| US9092397B1 (en) | Development server with hot standby capabilities | |
| CN108322421B (en) | Computer system safety management method and device | |
| Chiang | Authentication, authorization and file synchronization for hybrid cloud—the development centric to google apps, hadoop and linux local hosts | |
| Wang et al. | The application of cloud computing in the digital library | |
| US11593498B2 (en) | Distribution of user specific data elements in a replication environment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20140326 |