CN104158795A - Registration system and registration method for full hardware terminal in cloud desktop system - Google Patents
Registration system and registration method for full hardware terminal in cloud desktop system Download PDFInfo
- Publication number
- CN104158795A CN104158795A CN201410326064.0A CN201410326064A CN104158795A CN 104158795 A CN104158795 A CN 104158795A CN 201410326064 A CN201410326064 A CN 201410326064A CN 104158795 A CN104158795 A CN 104158795A
- Authority
- CN
- China
- Prior art keywords
- terminal
- information
- module
- registration
- identity
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Abstract
The invention provides a registration system and a registration method for a full hardware terminal in a cloud desktop system. The registration system comprises a terminal identity information module, a terminal identity management module, a registration server and a registration information database; the terminal identity information module and the registration information database are both connected with the registration server; the terminal identity information module and the terminal identity management module are both connected with the registration information database; the terminal identity information module is positioned above terminal equipment, is composed of hardware of the terminal equipment as well as configuration and certification information stored inside the terminal equipment, and is used for authentication of the terminal equipment; the terminal identity management module is used for managing identity information, and is used for creating, registering, authenticating and managing terminal identity information. According to the system and the method provided by the invention, the registration of the terminal equipment and the storage of the configuration information of the terminal equipment are realized, so that the terminal equipment has unforgeability, and the safety and the reliability of the terminal equipment in the cloud desktop system are improved.
Description
Technical field
The present invention relates to a kind of cloud desktop system and register method thereof, particularly, relate to Accreditation System and the register method thereof of devices at full hardware terminal in a kind of cloud desktop system.
Background technology
Desktop cloud is a kind of new cloud computing application model, and it is also in the another popular solution form in virtual field after Server Consolidation is virtual.Desktop cloud calculates by computing capability is moved to server end, and the form with virtual desktop substitutes PC simultaneously, not only greatly reduces entreprise cost, and has the user experience same with conventional personal computer.Therefore, desktop cloud calculates and has very high using value and user's attraction.
At current desktop cloud, calculate in solution, Virtual Desktop Infrastructure (VDI, virtual desktop infrastructure) is framework and the deployment way of main flow.Its hardware resource based on bottom and the virtualization software in intermediate layer, by the desktop virtual application software on upper strata, for terminal use provides virtual desktop delivery mode.The desktop virtual providing in VDI solution not only takes full advantage of the computing capability of server end, and provide powerful and user PC managerial ability flexibly, there is very strong extensibility and significant energy conservation advantage simultaneously, eliminated a lot of shortcomings in conventional personal computer management mode.
In desktop virtual, it is the desktop virtual solution of current main flow for VDI.In simple terms, the main design idea of VDI solution is to pass through Intel Virtualization Technology, traditional individual physics PC is converted to the virtual desktop one by one (Virtual Desktop) operating on virtualized server, by centralized management and the linkage function to the basic resources such as bottom storage, network and upper strata virtual desktop is provided, to terminal use, provide flexible and good virtual desktop to pay.Terminal use need to use virtual desktop with terminal equipment, can be understood as all lower PC (or miniature PC) of a functional performance volume cost, is only responsible for virtual desktop to show.The emphasis place that is exactly this patent for registration and the authentication of terminal equipment.
In current cloud desktop system, service end is mostly IP (Internet Protocol, procotol) address and MAC (Media Access Control, the medium access control) address verification to terminal equipment to the authentication of terminal equipment.And IP address and MAC Address can be easily be smelt to visit by local area network (LAN) and obtained, and be easy to forge, fail safe and reliability are all low.
Summary of the invention
For defect of the prior art, the Accreditation System and the register method thereof that the object of this invention is to provide devices at full hardware terminal in a kind of cloud desktop system, its registering terminal equipment also stores terminal equipment configuration information, make terminal equipment there is unforgeable, improve terminal equipment fail safe and reliability in cloud desktop system.
According to an aspect of the present invention, the Accreditation System of devices at full hardware terminal in a kind of cloud desktop system is provided, it is characterized in that, it comprises terminal identity information module, terminal identity administration module, registrar, registration information database, terminal identity information module, registration information database are all connected with registrar, and terminal identity information module, terminal identity administration module are all connected with registration information database; Terminal identity information module is positioned on terminal equipment, consists of, for terminal equipment authentication the hardware of terminal equipment and the configuration of storage inside, authentication information; Terminal identity administration module, for office terminal identity information, carries out establishment, registration, authentication and the management of terminal identity information.
Preferably, between described terminal identity information module, terminal identity administration module and registration information database, be provided with a certificate server.
Preferably, described terminal identity information module comprises as lower module: end message storage chip: be the specialized hardware storage chip that is independent of conventional memory device, for storage terminal configuration information and authentication information, by terminal identity administration module, revised only, terminal use is read-only to this module, cannot change voluntarily content; Terminal configuration information module: by the local configuration of terminal and connect parameter and be independent of operating system and store, memory location is on end message storage chip; User cannot change terminal configuration information, guarantees that terminal can only connect with specific network configuration the cloud system of appointment; Terminal identity information bank: terminal identity information bank is for unique expression terminal identity, and memory location is on end message storage chip, for carry out terminal identity checking when connecting cloud system.
Preferably, described terminal identity administration module comprises as lower module: endpoint registration module: for carrying out the identification of terminal equipment, the generation of terminal configuration information and identity information, terminal configuration information and identity information that devices at full hardware realizes write, and the storage of terminal identity information; Terminal authentication module: for verification terminal equipment identities, by with terminal identity data storehouse in information contrast judgement terminal equipment authority, and provide respective service; Terminal identity data storehouse: for storing terminal identity data, provide the inquiry service of terminal authentication module.
Preferably, described endpoint registration module comprises following submodule: TIM terminal identification module: for identification terminal hardware information and system information; Terminal configuration generation module: according to terminal hardware information and system information, in conjunction with the cloud system being registered to, provide the local network configuration information of terminal, generate terminal identity information; This information will write end message storage chip and terminal identity data storehouse; Terminal configuration writing module: terminal configuration information and identity information are write to end message storage chip in devices at full hardware mode.
The present invention also provides the register method of the Accreditation System of devices at full hardware terminal in a kind of cloud desktop system, and described register method comprises the following steps:
Step 1, terminal connects registrar, and terminal sends registration terminal request to registrar;
Step 2, registrar receives registration request, and guiding terminal enters registration mode;
Step 3, the hardware information of registrar end of scan and operating system;
Step 4, user specifies VDI cloud system and the on-position of registration in registrar for terminal;
Step 5, the IP address of terminal allocation table in registrar inquiry VDI cloud system, is that terminal is chosen available local network configuration information according to on-position;
Step 6, the cloud system in registrar inquiry VDI cloud system connects configuration information, for terminal is chosen available connection configuration information;
Step 7, registrar generates the terminal identity information of distributing to terminal;
Step 8, registrar writes the end message storage chip in terminal by local network configuration information and connection configuration information;
Step 9, registrar is saved to terminal identity data storehouse by local network configuration information and connection configuration information.
Compared with prior art, the present invention has following beneficial effect: registering terminal equipment of the present invention also stores terminal equipment configuration information, makes terminal equipment have unforgeable, improves terminal equipment fail safe and reliability in cloud desktop system.The present invention gets a promotion endpoint registration process safety, and terminal equipment information is difficult for being tampered, and terminal equipment information is difficult for being replicated.
Accompanying drawing explanation
By reading the detailed description of non-limiting example being done with reference to the following drawings, it is more obvious that other features, objects and advantages of the present invention will become:
Fig. 1 is the theory diagram of the Accreditation System of devices at full hardware terminal in cloud desktop system of the present invention.
Fig. 2 is the flow chart of the register method of the Accreditation System of devices at full hardware terminal in cloud desktop system of the present invention.
Embodiment
Below in conjunction with specific embodiment, the present invention is described in detail.Following examples will contribute to those skilled in the art further to understand the present invention, but not limit in any form the present invention.It should be pointed out that to those skilled in the art, without departing from the inventive concept of the premise, can also make some distortion and improvement.These all belong to protection scope of the present invention.
As shown in Figure 1, in cloud desktop system of the present invention, the Accreditation System of devices at full hardware terminal comprises terminal identity information module, terminal identity administration module, registrar, registration information database, terminal identity information module, registration information database are all connected with registrar, and terminal identity information module, terminal identity administration module are all connected with registration information database; Terminal identity information module is positioned on terminal equipment, consists of, for terminal equipment authentication the hardware of terminal equipment and the configuration of storage inside, authentication information; Terminal identity administration module, for office terminal identity information, carries out establishment, registration, authentication and the management of terminal identity information.
Between terminal identity information module, terminal identity administration module and registration information database, can be provided with a certificate server, so conveniently authenticate, improve fail safe.
Terminal identity information module comprises as lower module:
End message storage chip: be the specialized hardware storage chip that is independent of conventional memory device, practical function as follows: for storage terminal configuration information and authentication information, by terminal identity administration module, revised only, terminal use is read-only to this module, cannot change voluntarily content; End message storage chip can be EEPROM (Electrically Erasable Programmable Read-Only Memory, the read-only storage of electric erazable programmable) chip.
Terminal configuration information module: by the local configuration of terminal and connect parameter and be independent of operating system and store, memory location is on end message storage chip; User cannot change terminal configuration information, guarantees that terminal can only connect with specific network configuration the cloud system of appointment; Practical function, obtain data and data are follow-up as follows: configuration information comprises IP address of terminal, terminating gateway, terminal subnet mask; Target cloud system IP address, target cloud system connectivity port.When terminal starts, use configuration information to carry out local network configuration and connect configuration.
Terminal identity information bank: terminal identity information bank is for unique expression terminal identity, and memory location is on end message storage chip, for carry out terminal identity checking when connecting cloud system; Practical function, obtain data and data are follow-up as follows: the unique identity that represents terminal of terminal identity information, this information is write by registrar, when terminal connects, terminal identity information is sent to cloud system as terminal identity sign, realizes differentiation and the confirmation of terminal identity.
Terminal identity administration module comprises as lower module:
Endpoint registration module: for carrying out the identification of terminal equipment, the generation of terminal configuration information and identity information, terminal configuration information and identity information that devices at full hardware realizes write, and the storage of terminal identity information; Practical function is as follows: the identification of terminal hardware and system information, the generation of terminal configuration information, identity information, writes.
Terminal authentication module: for verification terminal equipment identities, by with terminal identity data storehouse in information contrast judgement terminal equipment authority, and provide respective service; Practical function is as follows: by parsing, apply for the identity information of the terminal of connection, judgement terminal authority also provides respective service.Obtain data as follows: obtain the identity information that terminal sends, obtain terminal identity information corresponding to Zhong GaiIP address, terminal identity data storehouse, terminal identity is determined in contrast.
Terminal identity data storehouse: for storing terminal identity data, provide the inquiry service of terminal authentication module.Practical function is as follows: the terminal configuration information and the terminal identity information that during storage terminal registration, generate; The terminal identity information of the required counterpart terminal configuration information of terminal authentication module is provided.Obtain data as follows: the terminal configuration information generating during endpoint registration and terminal identity information.
Endpoint registration module comprises following submodule: TIM terminal identification module: for identification terminal hardware information and system information; Terminal configuration generation module: according to terminal hardware information and system information, in conjunction with the cloud system being registered to, provide the local network configuration information of terminal by information algorithm, generate terminal identity information.This information will write end message storage chip and terminal identity data storehouse.Terminal configuration writing module: terminal configuration information and identity information are write to end message storage chip in devices at full hardware mode.The particular content of information algorithm is as follows: each specific cloud system is safeguarded its supported IP address of terminal set, forms a terminal equipment address pool; Terminal equipment address pool comprises supported terminal device IP, the subnet mask while using this IP and the gateway while using this IP.While having new terminal registration at every turn, according to termination function demand and on-position, distribute IP address, subnet mask and the gateway (this three is relevant with on-position) that meet its use, and this IP of mark is used in address pool, can not reallocate to other-end; During terminal log-down in this cloud system, discharge and be marked as the IP address of having used, be convenient to distribute to next terminal.
Registering terminal equipment of the present invention also stores terminal equipment configuration information, makes terminal equipment have unforgeable, improves terminal equipment fail safe and reliability in cloud desktop system.The present invention gets a promotion endpoint registration process safety, and terminal equipment information is difficult for being tampered, and terminal equipment information is difficult for being replicated.
As shown in Figure 2, in cloud desktop system of the present invention, the register method of the Accreditation System of devices at full hardware terminal comprises the following steps:
Step 1, terminal connects registrar, and terminal sends registration terminal request to registrar;
Step 2, registrar receives registration request, and guiding terminal enters registration mode;
Step 3, the hardware information of registrar end of scan and operating system;
Step 4, user specifies VDI cloud system and the on-position of registration in registrar for terminal;
Step 5, the IP address of terminal allocation table in registrar inquiry VDI cloud system, is that terminal is chosen available local network configuration information according to on-position;
Step 6, the cloud system in registrar inquiry VDI cloud system connects configuration information, for terminal is chosen available connection configuration information;
Step 7, registrar generates the terminal identity information of distributing to terminal;
Step 8, registrar writes the end message storage chip in terminal by local network configuration information and connection configuration information;
Step 9, registrar is saved to terminal identity data storehouse by local network configuration information and connection configuration information.
Above specific embodiments of the invention are described.It will be appreciated that, the present invention is not limited to above-mentioned specific implementations, and those skilled in the art can make various distortion or modification within the scope of the claims, and this does not affect flesh and blood of the present invention.
Claims (6)
1. the Accreditation System of devices at full hardware terminal in a cloud desktop system, it is characterized in that, it comprises terminal identity information module, terminal identity administration module, registrar, registration information database, terminal identity information module, registration information database are all connected with registrar, and terminal identity information module, terminal identity administration module are all connected with registration information database; Terminal identity information module is positioned on terminal equipment, consists of, for terminal equipment authentication the hardware of terminal equipment and the configuration of storage inside, authentication information; Terminal identity administration module, for office terminal identity information, carries out establishment, registration, authentication and the management of terminal identity information.
2. the Accreditation System of devices at full hardware terminal in cloud desktop system according to claim 1, is characterized in that, is provided with a certificate server between described terminal identity information module, terminal identity administration module and registration information database.
3. the Accreditation System of devices at full hardware terminal in cloud desktop system according to claim 1, is characterized in that, described terminal identity information module comprises as lower module:
End message storage chip: be the specialized hardware storage chip that is independent of conventional memory device, for storage terminal configuration information and authentication information, revised only by terminal identity administration module, terminal use is read-only to this module, cannot change voluntarily content;
Terminal configuration information module: by the local configuration of terminal and connect parameter and be independent of operating system and store, memory location is on end message storage chip; User cannot change terminal configuration information, guarantees that terminal can only connect with specific network configuration the cloud system of appointment;
Terminal identity information bank: terminal identity information bank is for unique expression terminal identity, and memory location is on end message storage chip, for carry out terminal identity checking when connecting cloud system.
4. the Accreditation System of devices at full hardware terminal in cloud desktop system according to claim 1, is characterized in that, described terminal identity administration module comprises as lower module:
Endpoint registration module: for carrying out the identification of terminal equipment, the generation of terminal configuration information and identity information, terminal configuration information and identity information that devices at full hardware realizes write, and the storage of terminal identity information;
Terminal authentication module: for verification terminal equipment identities, by with terminal identity data storehouse in information contrast judgement terminal equipment authority, and provide respective service;
Terminal identity data storehouse: for storing terminal identity data, provide the inquiry service of terminal authentication module.
5. the Accreditation System of devices at full hardware terminal in cloud desktop system according to claim 4, is characterized in that, described endpoint registration module comprises following submodule: TIM terminal identification module: for identification terminal hardware information and system information; Terminal configuration generation module: according to terminal hardware information and system information, in conjunction with the cloud system being registered to, provide the local network configuration information of terminal, generate terminal identity information; This information will write end message storage chip and terminal identity data storehouse; Terminal configuration writing module: terminal configuration information and identity information are write to end message storage chip in devices at full hardware mode.
6. a register method for the Accreditation System of devices at full hardware terminal in cloud desktop system, is characterized in that, described register method comprises the following steps:
Step 1, terminal connects registrar, and terminal sends registration terminal request to registrar;
Step 2, registrar receives registration request, and guiding terminal enters registration mode;
Step 3, the hardware information of registrar end of scan and operating system;
Step 4, user specifies VDI cloud system and the on-position of registration in registrar for terminal;
Step 5, the IP address of terminal allocation table in registrar inquiry VDI cloud system, is that terminal is chosen available local network configuration information according to on-position;
Step 6, the cloud system in registrar inquiry VDI cloud system connects configuration information, for terminal is chosen available connection configuration information;
Step 7, registrar generates the terminal identity information of distributing to terminal;
Step 8, registrar writes the end message storage chip in terminal by local network configuration information and connection configuration information;
Step 9, registrar is saved to terminal identity data storehouse by local network configuration information and connection configuration information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410326064.0A CN104158795B (en) | 2014-07-09 | 2014-07-09 | The Accreditation System and its register method of devices at full hardware terminal in cloud desktop system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410326064.0A CN104158795B (en) | 2014-07-09 | 2014-07-09 | The Accreditation System and its register method of devices at full hardware terminal in cloud desktop system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104158795A true CN104158795A (en) | 2014-11-19 |
| CN104158795B CN104158795B (en) | 2017-06-13 |
Family
ID=51884200
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410326064.0A Active CN104158795B (en) | 2014-07-09 | 2014-07-09 | The Accreditation System and its register method of devices at full hardware terminal in cloud desktop system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104158795B (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104468603A (en) * | 2014-12-22 | 2015-03-25 | 齐玉田 | Internet of things terminal access method and system |
| CN104601559A (en) * | 2014-12-26 | 2015-05-06 | 中电科华云信息技术有限公司 | Cloud terminal data protection system and method |
| CN105763532A (en) * | 2016-01-05 | 2016-07-13 | 杭州华三通信技术有限公司 | Method and device for logging in to virtual desktop |
| CN112383501A (en) * | 2020-09-03 | 2021-02-19 | 岭博科技(北京)有限公司 | Method and system for cloud registration of terminal equipment based on position information |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102413138A (en) * | 2011-11-24 | 2012-04-11 | 宇龙计算机通信科技(深圳)有限公司 | Method and device for realizing registration and popularization of cloud services |
| CN102882968A (en) * | 2012-09-27 | 2013-01-16 | 广东电子工业研究院有限公司 | Method for dynamically distributing cloud desktops |
| CN103780641A (en) * | 2012-10-17 | 2014-05-07 | 中国电信股份有限公司 | Cloud desktop access method, home gateway and system |
-
2014
- 2014-07-09 CN CN201410326064.0A patent/CN104158795B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102413138A (en) * | 2011-11-24 | 2012-04-11 | 宇龙计算机通信科技(深圳)有限公司 | Method and device for realizing registration and popularization of cloud services |
| CN102882968A (en) * | 2012-09-27 | 2013-01-16 | 广东电子工业研究院有限公司 | Method for dynamically distributing cloud desktops |
| CN103780641A (en) * | 2012-10-17 | 2014-05-07 | 中国电信股份有限公司 | Cloud desktop access method, home gateway and system |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104468603A (en) * | 2014-12-22 | 2015-03-25 | 齐玉田 | Internet of things terminal access method and system |
| CN104468603B (en) * | 2014-12-22 | 2017-12-15 | 齐玉田 | Method and system for internet-of-things terminal access |
| CN104601559A (en) * | 2014-12-26 | 2015-05-06 | 中电科华云信息技术有限公司 | Cloud terminal data protection system and method |
| CN104601559B (en) * | 2014-12-26 | 2018-03-23 | 中电科华云信息技术有限公司 | Cloud terminal data guard system and means of defence |
| CN105763532A (en) * | 2016-01-05 | 2016-07-13 | 杭州华三通信技术有限公司 | Method and device for logging in to virtual desktop |
| CN105763532B (en) * | 2016-01-05 | 2019-05-07 | 新华三技术有限公司 | A kind of method and device logging in virtual desktop |
| CN112383501A (en) * | 2020-09-03 | 2021-02-19 | 岭博科技(北京)有限公司 | Method and system for cloud registration of terminal equipment based on position information |
| CN112383501B (en) * | 2020-09-03 | 2022-10-04 | 岭博科技(北京)有限公司 | Method and system for cloud registration of terminal equipment based on position information |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104158795B (en) | 2017-06-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109819061B (en) | Method, device and equipment for processing cloud service in cloud system | |
| CN103580980B (en) | The method and device thereof that virtual network finds and automatically configures automatically | |
| CN111934918A (en) | Network isolation method and device for container instances in same container cluster | |
| US20110314520A1 (en) | Online service access controls using scale out directory features | |
| CN103581279B (en) | Access system, method and device for third-party developer | |
| CN106506620A (en) | A kind of cloud desktop intelligent terminal's management system | |
| CN103369038B (en) | Platform serves PaaS management platform and method | |
| CN104158795A (en) | Registration system and registration method for full hardware terminal in cloud desktop system | |
| CN102571916A (en) | Framework of leasing software of cloud storage space and operating method of framework | |
| CN106506710A (en) | A kind of PaaS cloud platforms suitable for media business | |
| CN106878199A (en) | The collocation method and device of a kind of access information | |
| CN109194651A (en) | A kind of identity identifying method, device, equipment and storage medium | |
| CN109617906A (en) | A kind of cut-in method and device of mixed cloud | |
| CN109474467A (en) | Network automatically management method, device, storage medium and electronic equipment | |
| CN102255983A (en) | Entity identifier allocation system, source tracing and authentication methods and server | |
| CN204695386U (en) | Towards the management information system of many tenants | |
| CN101436936A (en) | Access authentication method and system based on DHCP protocol | |
| CN103874092A (en) | Scheme and system for active sharing of private network through mobile terminal remote management based on internet | |
| CN106708573A (en) | System and method used for automatic installation of Hadoop cluster | |
| CN101548263A (en) | Method and system for modeling options for opaque management data for a user and/or an owner | |
| CN110839007B (en) | Cloud network security processing method and device and computer storage medium | |
| CN103297514A (en) | Virtual machine management platform and virtual machine management method based on cloud infrastructure | |
| CN104967515B (en) | A kind of identity identifying method and server | |
| CN106878052A (en) | A kind of customer shift method and device | |
| CN106878030A (en) | A kind of charging method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |