CN105262741A - Method for login-free access with permission between clouds - Google Patents
Method for login-free access with permission between clouds Download PDFInfo
- Publication number
- CN105262741A CN105262741A CN201510630431.0A CN201510630431A CN105262741A CN 105262741 A CN105262741 A CN 105262741A CN 201510630431 A CN201510630431 A CN 201510630431A CN 105262741 A CN105262741 A CN 105262741A
- Authority
- CN
- China
- Prior art keywords
- role
- cloud
- corresponding relation
- user
- access
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a method for login-free access with permission between clouds, and belongs to the technical field of communication access management. According to the method, the corresponding relation between a user role and role permission is established between different clouds, the corresponding relation between the role and the role permission is mutually provided for a user between different clouds via a corresponding relation interface at the cloud so that the user has the permission to log in one cloud and obtains the corresponding role and the permission corresponding to the role in another cloud; login-free inter-access with permission between different clouds is realized, login-free access between different clouds is realized, the effect of login at one position and free-login at multiple positions is achieved, the production efficiency is improved, and user experience is optimized.
Description
Technical field
The present invention discloses a kind of method exempting to log in cum rights access between cloud, belongs to communications access administrative skill field.
Background technology
Along with cloud computing is fast-developing, grow out of nothing, from a small amount of cloud, occur to a large amount of large stretch of cloud.And this just enterprise only rely on single cloud or supplier never.Enterprise is the technological accumulation and inheritance of complicated isomery, inevitably needs multiple technologies, means the more cloud environment of needs, and the task of corporate IT departments disposes the Governance framework of the cloud environment can crossed in all uses.Especially the flexible environment of new situations is transferred to from traditional static calculation environment.Each new platform can both solve the shortcoming of previous generation platform, and each new platform also will bring the shortcoming of oneself.Cloud computing is no exception, and therefore the frequent login of multiple different cloud platform and access just become inevitable, but frequently logs in and the restriction of access rights, reduces the utilization ratio of resource, is unfavorable for that enterprise or other colonies are to the utilization of cloud resource.The invention provides a kind of method exempting between cloud to log in cum rights access, by throwing interface mutually between different cloud, can when user go out cloud, obtain the load right of the other side's cloud and role and application permission.Reach between different cloud and exempt to log in cum rights exchanging visit, realize exempting between different cloud and log in access, reach a place and log in, the effect logged in is exempted from many places, and improving production efficiency optimizes Consumer's Experience.
Summary of the invention
The present invention is directed to user to the frequent login of multiple different cloud platform and authority access, reduce the utilization ratio of resource, be unfavorable for the problem of user to the utilization of cloud resource, a kind of method exempting to log in cum rights access between cloud is provided, reaches between different cloud and exempt to log in cum rights exchanging visit, realize exempting between different cloud and log in access, reach a place to log in, the effect logged in is exempted from many places, and improving production efficiency optimizes Consumer's Experience.
The concrete scheme that the present invention proposes is:
The method logging in cum rights access is exempted between a kind of cloud, user role and role-security corresponding relation is set up between different cloud, by being arranged on the corresponding relation interface in high in the clouds, to refinforce each other between different cloud family type ascribed role and role-security corresponding relation, user is logged in a cloud and has authority, in another cloud, also obtain corresponding role and the corresponding authority of role.Namely the corresponding relation interface of mutual corresponding role is provided between different cloud, the authority levels that role is corresponding with role, i.e. role-security corresponding relation.
Carry out grade classification to the role in different cloud or role-security corresponding relation, different brackets accesses the data of corresponding different brackets, and higher level can access the data of lower grade, and lower grade does not allow the data of accessing higher level.
Different clouds composition set user logged in, to form with role-security corresponding relation gather setting up user role between different cloud, user logs in a cloud, and the different clouds converged in conjunction are refinforced each other the set that family type ascribed role and role-security corresponding relation form.
When user's access is not converging the new cloud in conjunction, new cloud gives the role of user in this cloud and role-security corresponding relation according to this user at original role in conjunction and the role-security corresponding relation of converging, and makes user access the data of this cloud.
User logs in and has authority in a cloud, the process obtaining the corresponding authority of corresponding role and role in another cloud is: the cloud formerly logged in by corresponding relation interface with the role of the cloud in rear login and role-security corresponding relation for input parameter, return role and the role-security corresponding relation of its inside; Rear login cloud equally by corresponding relation interface with the role of the cloud formerly logged in and role-security corresponding relation for input parameter, return role and the role-security corresponding relation of its inside; User calls corresponding relation interface acquisition authority between cloud and logs in posterior cloud.
Usefulness of the present invention is:
The invention provides a kind of method exempting to log in cum rights access between cloud, user role and role-security corresponding relation is set up between different cloud, by being arranged on the corresponding relation interface in high in the clouds, to refinforce each other between different cloud family type ascribed role and role-security corresponding relation, user is logged in a cloud and has authority, in another cloud, also obtain corresponding role and the corresponding authority of role; By the corresponding relation interface between different cloud, when user goes out cloud, role and the role-security corresponding relation of the other side's cloud can be obtained, reach the object exempting to log in cum rights exchanging visit between different cloud.Improve interconnecting between different cloud, promote operating efficiency, optimize Consumer's Experience.
Embodiment
The method logging in cum rights access is exempted between a kind of cloud, user role and role-security corresponding relation is set up between different cloud, by being arranged on the corresponding relation interface in high in the clouds, to refinforce each other between different cloud family type ascribed role and role-security corresponding relation, user is logged in a cloud and has authority, in another cloud, also obtain corresponding role and the corresponding authority of role.
Utilize said method, the present invention will be further described.
The corresponding relation interface of mutual corresponding role is provided between different cloud.Based on role and the role-security corresponding relation corresponding with role, by the mode of this corresponding relation of dynamic call, eliminate the barrier that role is mutually isolated and not corresponding, reach the object exempting to log in cum rights access between different cloud.
Wherein set up user role and role-security corresponding relation between different cloud, by being arranged on the corresponding relation interface in high in the clouds, to refinforce each other between different cloud family type ascribed role and role-security corresponding relation, user is logged in a cloud and has authority, in another cloud, also obtain corresponding role and the corresponding authority of role.
Carry out grade classification to the role in different cloud or role-security corresponding relation, different brackets accesses the data of corresponding different brackets, and higher level can access the data of lower grade, and lower grade does not allow the data of accessing higher level.The such as role-security corresponding relation 1 of role 1 correspondence, just determines that grade access 1 logs in for not allowing; The role-security corresponding relation 2 of role 2 correspondence, just determines that grade access 2 is for can access public's resource data; The role-security corresponding relation 3 of role 3 correspondence, just determines that grade access 3 is for can access premium resource data; The role-security corresponding relation 4 of role 4 correspondence, just determines that grade access 4 is for can access customization resource data; Etc..
The different cloud composition set such as user logged in, such as set comprises cloud 1, cloud 2, cloud 3; Converge the different clouds in conjunction, namely cloud 1-cloud 3 refinforce each other family type ascribed role and role-security corresponding relation composition set;
If user logs in cloud 1 have authority, 1 cloud by corresponding relation interface with the role of cloud 2 and role-security corresponding relation for input parameter, return role and the role-security corresponding relation of its inside; Cloud 2 equally by corresponding relation interface with the role of cloud 1 and role-security corresponding relation for input parameter, return role and the role-security corresponding relation of its inside; User calls corresponding relation interface acquisition authority between cloud and logs in cloud 2;
Cloud 1 is logged in for user, wants the authority obtaining cloud 3, identical with said process.
When user's access is not converging the new cloud in conjunction, such as cloud 4, cloud 4 can converge role in conjunction and role-security corresponding relation according to this user original, namely according to cloud 1, cloud 2, cloud 3 gives the role of user and role-security corresponding relation and actual conditions, selects the role of user in this cloud and role-security corresponding relation, makes user access the data of this cloud.
To sum up, the corresponding relation interface that mutual corresponding role is provided between the different cloud of the inventive method is utilized.Based on role and the authority levels corresponding with role, by the mode of this corresponding relation of dynamic call, eliminate the barrier that role is mutually isolated and not corresponding, reach agile and all-purpose object.
Claims (5)
1. between a cloud, exempt from the method logging in cum rights access, it is characterized in that between different cloud, setting up user role and role-security corresponding relation, by being arranged on the corresponding relation interface in high in the clouds, to refinforce each other between different cloud family type ascribed role and role-security corresponding relation, user is logged in a cloud and has authority, in another cloud, also obtain corresponding role and the corresponding authority of role.
2. between a kind of cloud according to claim 1, exempt from the method logging in cum rights access, it is characterized in that carrying out grade classification to the role in different cloud or role-security corresponding relation, different brackets accesses the data of corresponding different brackets, higher level can access the data of lower grade, and lower grade does not allow the data of accessing higher level.
3. between a kind of cloud according to claim 1 and 2, exempt from the method logging in cum rights access, it is characterized in that different cloud composition set user logged in, form gather setting up user role and role-security corresponding relation between different cloud, user logs in a cloud, the different clouds converged in conjunction refinforce each other family type ascribed role and role-security corresponding relation composition set.
4. between a kind of cloud according to claim 3, exempt from the method logging in cum rights access, it is characterized in that when user's access is not converging the new cloud in conjunction, new cloud gives the role of user in this cloud and role-security corresponding relation according to this user at original role in conjunction and the role-security corresponding relation of converging, and makes user access the data of this cloud.
5. between a kind of cloud according to claim 1 or 4, exempt from the method logging in cum rights access, it is characterized in that user logs in a cloud and have authority, the process obtaining the corresponding authority of corresponding role and role in another cloud is: the cloud formerly logged in by corresponding relation interface with the role of the cloud in rear login and role-security corresponding relation for input parameter, return role and the role-security corresponding relation of its inside; Rear login cloud equally by corresponding relation interface with the role of the cloud formerly logged in and role-security corresponding relation for input parameter, return role and the role-security corresponding relation of its inside; User calls corresponding relation interface acquisition authority between cloud and logs in posterior cloud.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510630431.0A CN105262741A (en) | 2015-09-29 | 2015-09-29 | Method for login-free access with permission between clouds |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510630431.0A CN105262741A (en) | 2015-09-29 | 2015-09-29 | Method for login-free access with permission between clouds |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105262741A true CN105262741A (en) | 2016-01-20 |
Family
ID=55102246
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510630431.0A Pending CN105262741A (en) | 2015-09-29 | 2015-09-29 | Method for login-free access with permission between clouds |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105262741A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110245176A (en) * | 2019-06-20 | 2019-09-17 | 中移电子商务有限公司 | A kind of data capture method, device, equipment and medium |
| CN112711697A (en) * | 2020-12-25 | 2021-04-27 | 河南工业和信息化职业学院 | Electronic information inquiry system convenient to operate |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102664908A (en) * | 2011-11-25 | 2012-09-12 | 浪潮电子信息产业股份有限公司 | Data security access model based on cloud computing |
| CN102664912A (en) * | 2012-03-20 | 2012-09-12 | 浪潮电子信息产业股份有限公司 | Shared method for roles between different clouds |
| CN103067406A (en) * | 2013-01-14 | 2013-04-24 | 暨南大学 | Access control system and access control method between public cloud and private cloud |
| CN103237019A (en) * | 2013-04-03 | 2013-08-07 | 中国科学院合肥物质科学研究院 | Cloud service accessing gateway system and cloud service accessing method |
-
2015
- 2015-09-29 CN CN201510630431.0A patent/CN105262741A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102664908A (en) * | 2011-11-25 | 2012-09-12 | 浪潮电子信息产业股份有限公司 | Data security access model based on cloud computing |
| CN102664912A (en) * | 2012-03-20 | 2012-09-12 | 浪潮电子信息产业股份有限公司 | Shared method for roles between different clouds |
| CN103067406A (en) * | 2013-01-14 | 2013-04-24 | 暨南大学 | Access control system and access control method between public cloud and private cloud |
| CN103237019A (en) * | 2013-04-03 | 2013-08-07 | 中国科学院合肥物质科学研究院 | Cloud service accessing gateway system and cloud service accessing method |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110245176A (en) * | 2019-06-20 | 2019-09-17 | 中移电子商务有限公司 | A kind of data capture method, device, equipment and medium |
| CN112711697A (en) * | 2020-12-25 | 2021-04-27 | 河南工业和信息化职业学院 | Electronic information inquiry system convenient to operate |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105262741A (en) | Method for login-free access with permission between clouds | |
| CN105451241A (en) | Maximum and minimum fairness resource distribution method in heterogeneous network based on interference coordination | |
| Tushar et al. | Energy management for a user interactive smart community: A Stackelberg game approach | |
| Gkaidatzis et al. | Optimal distributed generation placement problem for renewable and DG units: An innovative approach | |
| Heilig et al. | Metaheuristics in cloud computing. | |
| Imiefoh | Knowledgeâ?? based economy in Nigeria: the role of ICT | |
| Nair et al. | Distributed energy integration and transactive energy framework for a developing economy | |
| Liu | Cloud technology in the security management of enterprise document | |
| Chen et al. | The Development of China’s Digital Economy and its Implications for China-ASEAN Cooperation | |
| Zotos | Mind the Gap-Navigating a customer focused transition July 2023 | |
| Gao et al. | Contract-based trading on parallel computing resources for cellular networks with virtualized base stations | |
| Niu | China, People's Republic of: Yangtze River Green Ecological Corridor Comprehensive Agriculture Development Project | |
| Sampath et al. | Peer-to-Peer Power Trading with Voltage and Congestion Management for Distribution Grids | |
| Patel | CONTENTS-GDP growth-EDITORIAL TEAM | |
| Miller | Assessment of Powerco’s Network Evolution Plans | |
| Soumeli | Cyprus: Representativeness of the European social partner organisations in the electricity sector | |
| Maria | Working document for CITES CoP18 | |
| Zhi et al. | Study on Internet of Things Industry Based on Patent Data | |
| Pyrog | STRUCTURAL CHANGES AT THE NATIONAL ECONOMY OF UKRAINE UNDER INFLUENCE OF POSTINDUSTRIALIZATION | |
| Maroney | MEETING NOTES–EMERGING GENERATION AND ENERGY STORAGE-1. Meeting objective | |
| CN115526020A (en) | Wind power system design method, device, equipment and storage medium | |
| Zhang | Study on Security and Protection Strategy of Computer Network Information | |
| Fishman | Comments of UTC, American Petroleum Institute, American Public Power Association, American Water Wor | |
| Legominova | PROBLEMS OF REGULATION OF THE TELECOMMUNICATION INDUSTRY IN UKRAINE | |
| Khojaev | Tajikistan: Wholesale Metering and Transmission Reinforcement Project |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20160120 |