CN105847423A - Cloud platform capable of unified safety monitoring and management - Google Patents
Cloud platform capable of unified safety monitoring and management Download PDFInfo
- Publication number
- CN105847423A CN105847423A CN201610324283.4A CN201610324283A CN105847423A CN 105847423 A CN105847423 A CN 105847423A CN 201610324283 A CN201610324283 A CN 201610324283A CN 105847423 A CN105847423 A CN 105847423A
- Authority
- CN
- China
- Prior art keywords
- module
- cloud platform
- platform
- management
- layer
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45504—Abstract machines for programme code execution, e.g. Java virtual machine [JVM], interpreters, emulators
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1491—Countermeasures against malicious traffic using deception as countermeasure, e.g. honeypots, honeynets, decoys or entrapment
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1001—Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
- H04L67/1004—Server selection for load balancing
- H04L67/1008—Server selection for load balancing based on parameters of servers, e.g. available memory or workload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
Abstract
The invention provides a cloud platform capable of unified safety monitoring and management. The cloud platform comprises an infrastructure layer, an infrastructure management layer, a platform control layer, a platform presentation layer and a platform application layer that are orderly arranged in a bottom to top manner. The cloud platform capable of unified safety monitoring and management provided in the invention can provide a safe cloud platform network architecture.
Description
Technical field
The present invention relates to network communication technology field, particularly relate to a kind of unified security that realizes and monitor and management
Cloud platform.
Background technology
In the cloud computing epoch, service is for user.Developer uses cloud platform, and cloud platform is just
It is to serve developer.Service in cloud platform, refers to application-oriented some the provided energy of cloud platform
Power, such as data base, daily record, storage etc., user can directly use on platform when carrying out application and development
Service realize quickly developing.
The production procedure environment of whole software development is supplied to user as one service by cloud platform, and it leads to
The mode of the service of crossing, provides the user a series of convenient tool, with realize applying in cloud platform, service
Life cycle management, such as deployment, the trustship of application;Service is integrated, issue etc..Around application developer,
ISPs etc. use object, and cloud platform provides the ecosystem end to end of complete set.Its target
It is to reach the standard grade application to realize application developer rapid deployment, ISP's trustship easily and fast and issue
Service etc..On platform, there are substantial amounts of application developer and developer of services.Developer of services develops respectively
Planting service and integrated trustship has been arrived in cloud platform, the users of these services are exactly the developer of application.Application is opened
Originator utilizes all types of service provided on platform, carries out the quick exploitation of cloud application.Give an example,
The application of a ruby in cloud platform, mysql data base to be used.Developer can be with oneself installation and deployment one
Individual mysql, then should spend this mysql of use;The mysql service that cloud platform provides can also be used,
So application developer just can not go to be concerned about the situations such as the installation and deployment of mysql, and O&M, as long as closing
Note ruby program self.
Cloud platform provides certain safeguard protection, but as isolation network, it still network security,
All many-sides such as application programming interface API, authentication, AES face security threat, equally
Be faced with the severe challenge in terms of resource isolation, security incident management and data protection (include virtual machine isolation,
Secure virtual machine migration, virtual network isolation and security incident and access monitoring).Therefore for cloud platform
Unified security monitoring and management propose brand-new requirement.
Summary of the invention
It is an object of the invention to provide a kind of cloud platform realizing unified security monitoring and management, to provide more
Add the safe cloud platform network architecture.
For achieving the above object, the invention provides a kind of cloud platform realizing unified security monitoring and management,
Infrastructure layer that described cloud platform includes being sequentially distributed from bottom to top, infrastructure management layer, platform courses
Layer, platform presentation layer and platform application layer, wherein, described infrastructure layer include virtual machine server,
Database server and application server;Described infrastructure management layer include cloud controller, cluster controller,
Storage control, Node Controller and memory management module, described cloud controller passes through described clustered control
Virtual machine and virtual machine bunch are allocated and manage by device, and described memory management module is by described node control
Memory node is allocated and manages by device;Described platform courses layer includes resource management module, task management
Module and safety management module, wherein, described resource management module is for monitoring the money in described cloud platform
Source, and described resource is registered, distributes and called, described task management module is used for monitoring described
Task in cloud platform, and described task is submitted to, decomposes and performed, described safety management module
For the node logging in described cloud platform is conducted interviews control and to the load in described cloud platform, daily record with
And data are managed;Described platform presentation layer passes through Services Oriented Achitecture SOA technology and work
Stream workflow technology, is supplied to the user on upper strata by the business of bottom and resource;Described platform application layer should
For presetting in application system, to provide the service of described cloud platform to described default application system.
Further, also including secure subsystem in described cloud platform, described secure subsystem includes that load is adjusted
Mould preparation block, load monitoring module, core processing module, anti-distributed denial of service DDoS module, counter monitor
Scan module and platform filtering module.
Further, described core processing module includes strategy controller, queue management device and communication adaptation
Module, wherein, described strategy controller includes strategy selection module, load balancing module and hook
Sub-HOOKS processing module.
Further, described cloud platform by by described load monitoring module, described adjustment of load module and
The load-balancing algorithm of described strategy controller cooperative achievement, the load to the operation in described cloud platform is carried out
Equilibrium treatment.
Further, described anti-distributed denial of service DDoS module utilizes and presets packet filtering algorithm to transmission
Packet to described cloud platform filters, and wherein, suffered default packet filtering algorithm includes entrance message
Filter algorithm and route packet filtering algorithm, described entrance message filter algorithm is used for filtering forgery source IP address
Packet, described route packet filtering algorithm for filter source IP address be not belonging to preset client region number
According to bag.
Further, described anti-distributed denial of service DDoS module is for by untapped in described cloud platform
Port numbers is closed.
Further, described platform filtering module specifically includes blocking module, deception module and policy service
Device, wherein, described blocking module is for intercepting the access request of invader, and described deception module is for institute
Stating invader and send default spoofing, in described strategic server, storage has and can be visited by described blocking module
The policy instructions of the predetermined number asked.
Further, described blocking module includes behavior module and decision-making module, the described row interconnected
Being connected with described deception module for module, described decision-making module is connected with described strategic server, works as institute
When stating the access request that platform filtering module receives user, described decision-making module is by accessing described strategy clothes
Policy instructions in business device, to determine the processing mode to described access request, when the described process side determined
When formula is deception mode, described decision-making module calls described deception module, and is performed by described behavior module
The deception instruction corresponding with described deception mode.
Technical scheme by above the application is visible, and the application builds cloud environment by infrastructure layer,
To support deployment and the operation of the cloud platforms such as cloud computing, cloud storage, cloud service, by infrastructure management layer
Build the cluster environment in cloud platform and memory node be allocated and management and control, can by platform courses layer
To realize the functions such as resource management, task management and safety management, cloud can be put down by platform presentation layer
In platform, the business of bottom and resource are supplied to the user on upper strata, eventually through being applied to multiple by platform application layer
Preset in application system, such that it is able to provide the service of described cloud platform to described default application system.This Shen
Please be by modular cloud platform framework, it is possible to realize unified security monitoring and management, such that it is able to provide
The safer cloud platform network architecture.
Accompanying drawing explanation
The model schematic of the cloud platform that Fig. 1 provides for the present invention;
The configuration diagram of the cloud platform that Fig. 2 provides for the present invention;
The configuration diagram of the secure subsystem that Fig. 3 provides for the present invention;
Fig. 4 is the configuration diagram of platform filtering module in the present invention.
Detailed description of the invention
For the technical scheme making those skilled in the art be more fully understood that in the application, below in conjunction with this
Accompanying drawing in application embodiment, clearly and completely retouches the technical scheme in the application embodiment
State, it is clear that described embodiment is only a part of embodiment of the application rather than whole realities
Execute mode.Based on the embodiment in the application, those of ordinary skill in the art are not making creative labor
Other embodiments all obtained under dynamic premise, all should belong to the scope of the application protection.
The model schematic of the cloud platform that Fig. 1 provides for the present invention.From figure 1 it appears that described cloud is put down
Platform model can include user side, business side and resource/data side.Described user side can include accessing
Control module, single-sign-on module, trust management module and filtration, anti-monitor scanning and the most distributed refuse
Service (DDoS) module absolutely;Described business side can include task management module, Mission Monitor module and day
Will management module;Described resource/data side can include monitoring resource module, load balancing module and data
Encryption/decryption module.In the present invention, cloud platform on the basis of user certificate certification and login feature are provided,
Access control, data encrypting and deciphering and log management, filtration and anti-monitoring, anti-DDOS function guarantee can be utilized
The safety of cloud platform and vigorousness, to improve the credibility of user, strengthen particular user and access cloud platform
Safety management.
The configuration diagram of the cloud platform that Fig. 2 provides for the present invention.As in figure 2 it is shown, described cloud platform includes
The infrastructure layer that is sequentially distributed from bottom to top, infrastructure management layer, platform courses layer, platform presentation layer
And platform application layer, wherein, described infrastructure layer include virtual machine server, database server and
Application server;Described infrastructure management layer include cloud controller, cluster controller, storage control,
Node Controller and memory management module, described cloud controller by described cluster controller to virtual machine and
Virtual machine bunch is allocated and manages, and described memory management module passes through described Node Controller to memory node
It is allocated and manages;Described platform courses layer includes resource management module, task management module and safety
Management module, wherein, described resource management module is used for monitoring the resource in described cloud platform, and to described
Resource carries out registering, distribute and calling, and described task management module is for monitoring appointing in described cloud platform
Business, and described task is submitted to, decomposes and performed, described safety management module is for logging in
State the node of cloud platform to conduct interviews control the load in described cloud platform, daily record and data are managed
Reason;Described platform presentation layer passes through Services Oriented Achitecture SOA technology and workflow workflow skill
Art, is supplied to the user on upper strata by the business of bottom and resource;Described platform application layer is applied to preset application
In system, to provide the service of described cloud platform to described default application system.
In the present embodiment, infrastructure layer mainly includes various virtual machine server, database server
And application server, build cloud environment by them, support cloud computing, cloud storage, cloud service and Yun Ping
The deployment of platform and operation.
Infrastructure device management level are substantially carried out the management of virtual machine and storage, wherein, described cloud controller module
Virtual machine and the distribution of virtual machine bunch can be carried out, monitor and manage, thus build cluster environment.Described deposit
Memory node can be allocated, monitors and manage by storage management module.
Platform courses layer can realize lightweight, safety, the cloud platform of flexible deployment, at described platform
Key-course can include this three big module of resource management module, task management module and safety management module.Three
Big module has embodied a concentrated reflection of the multi-level safety security function shown in Fig. 2.Resource management module is except monitoring resource
Outward, it is also possible to carry out the registration of resource, distribute and call.Task management module is in addition to Mission Monitor, also
The submission of task can be carried out, decompose and perform.Safety management module achieve single-sign-on access control,
Calculate and load balancing, log management, the encryption and decryption of data, Data Migration and the trust management function of storage.
Platform presentation layer mainly relies on Services Oriented Achitecture SOA technology and workflow technology, with Web
The business of door form performance bottom and resource, such that it is able to be supplied to upper strata by business and the resource of bottom
User.
Platform application layer be mainly used in customer account management resource system (CRM), ERP (ERP),
In information visualization management tens default application systems such as platform, national grid quality online monitoring system,
To provide the service of described cloud platform to described default application system.
In the application one preferred implementation, in order to improve the safety of cloud platform, in described cloud platform also
Secure subsystem can be included.Referring to Fig. 3, described secure subsystem includes adjustment of load module, load
Monitoring module, core processing module, anti-distributed denial of service DDoS module, anti-monitor scan module and
Platform filtering module.Wherein, described core processing module includes strategy controller, queue management device and leads to
Letter adaptation module, wherein, described strategy controller includes strategy selection module, load balancing module
And hook HOOKS processing module.Described load balancing module can be by data structure set command set
Support.
In the present embodiment, described cloud platform is by by described load monitoring module, described adjustment of load mould
Block and the load-balancing algorithm of described strategy controller cooperative achievement, bearing the operation in described cloud platform
It is loaded into row equilibrium treatment.Described anti-distributed denial of service DDoS module utilizes presets packet filtering algorithm to sending out
The packet delivering to described cloud platform filters, and wherein, suffered default packet filtering algorithm includes entrance report
Literary composition filter algorithm and route packet filtering algorithm, described entrance message filter algorithm is used for filtering forgery source IP ground
The packet of location, described route packet filtering algorithm is not belonging to preset client region for filtering source IP address
Packet.In described anti-distributed denial of service DDoS module, firewall system can be installed additional, thus can
So that the data either entering or sending fire wall all can filter through strict, meanwhile, described anti-point
Untapped port numbers in described cloud platform can be closed by cloth refusal service DDoS module, to prevent cloud from putting down
Platform is invaded from outside.
In recent years, network monitoring and TCP are always the sensitive subjects of computer network security, and it can be made
Becoming greatly harm, network monitoring refers to the data capture of transmission over networks the behavior that is analyzed, end
Mouthful, scanning time a kind of very important pre-attack detection means, by TCP it is known that destination host
On opened which port, run which service, these are all the possible approaches of intrusion system.
In the present embodiment, can be by anti-scan module of monitoring to prevent network monitoring and TCP, it
Take 3 kinds of methods to prevent network monitoring and TCP:
(1). utilize the tool analysis networks such as SATAN in a solution, thus identify some and network phase
The safety problem closed;
(2). monitored by firewall technology in cloud platform, limit and change the data stream crossing over fire wall,
As much as possible to outside net mask about the information of protected network, structure, it is achieved the safeguard protection of network;
(3). in cloud platform, the information to transmission is encrypted, and makes listener not effectively obtain to be monitored
Information so that even if listener can obtain all of network service bag, still can not obtain useful information.
Refer to Fig. 4, in the present embodiment, described platform filtering module specifically can include blocking module,
Deception module and strategic server, wherein, described blocking module is used for intercepting the access request of invader,
Described deception module, for described invader sends default spoofing, stores in described strategic server
There is the policy instructions of the predetermined number that can be accessed by described blocking module.
Specifically, described blocking module includes behavior module and decision-making module, the described behavior interconnected
Module is connected with described deception module, and described decision-making module is connected with described strategic server, when described
When platform filtering module receives the access request of user, described decision-making module is by accessing described policy service
Policy instructions in device, to determine the processing mode to described access request, when the described processing mode determined
During for deception mode, described decision-making module calls described deception module, and performed by described behavior module and
The deception instruction that described deception mode is corresponding, the most just can be effectively prevented the malicious attack of invader.
Therefore, the application builds cloud environment by infrastructure layer, with support cloud computing, cloud storage,
The deployment of the cloud platforms such as cloud service and operation, build the collection group rings in cloud platform by infrastructure management layer
Memory node is also allocated and management and control by border, can realize resource management, task pipe by platform courses layer
The functions such as reason and safety management, can be carried business and the resource of bottom in cloud platform by platform presentation layer
The user on supply upper strata, is applied in multiple default application system eventually through by platform application layer, thus can
To provide the service of described cloud platform to described default application system.The application is by modular cloud platform frame
Structure, it is possible to realize unified security monitoring and management, such that it is able to provide safer cloud platform network rack
Structure.
Above the describing of various embodiments of the application is supplied to people in the art with the purpose described
Member.It is not intended to exhaustive or is not intended to limit the invention to single disclosed embodiment.As
Upper described, various replacements and the change of the application will be aobvious for above-mentioned technology one of ordinary skill in the art
And be clear to.Therefore, although specifically discuss some alternative embodiments, but other embodiment party
Formula will be apparent from, or those skilled in the art relatively easily draw.The application is intended to be included in this
All replacements of the present invention discussed, amendment and change, and fall above-mentioned application spirit and
In the range of other embodiment.
Each embodiment in this specification all uses the mode gone forward one by one to describe, phase between each embodiment
As homophase part see mutually, each embodiment stress with other embodiments
Difference.Although depicting the application by embodiment, it will be appreciated by the skilled addressee that this Shen
Please there be many deformation and change without deviating from spirit herein, it is desirable to appended claim includes that these become
Shape and change are without deviating from spirit herein.
Claims (8)
1. the cloud platform realizing unified security monitoring and management, it is characterised in that described cloud platform includes
The infrastructure layer that is sequentially distributed from bottom to top, infrastructure management layer, platform courses layer, platform presentation layer
And platform application layer, wherein, described infrastructure layer include virtual machine server, database server and
Application server;Described infrastructure management layer include cloud controller, cluster controller, storage control,
Node Controller and memory management module, described cloud controller by described cluster controller to virtual machine and
Virtual machine bunch is allocated and manages, and described memory management module passes through described Node Controller to memory node
It is allocated and manages;Described platform courses layer includes resource management module, task management module and safety
Management module, wherein, described resource management module is used for monitoring the resource in described cloud platform, and to described
Resource carries out registering, distribute and calling, and described task management module is for monitoring appointing in described cloud platform
Business, and described task is submitted to, decomposes and performed, described safety management module is for logging in
State the node of cloud platform to conduct interviews control the load in described cloud platform, daily record and data are managed
Reason;Described platform presentation layer passes through Services Oriented Achitecture SOA technology and workflow workflow skill
Art, is supplied to the user on upper strata by the business of bottom and resource;Described platform application layer is applied to preset application
In system, to provide the service of described cloud platform to described default application system.
Cloud platform the most according to claim 1, it is characterised in that also include safety in described cloud platform
Subsystem, described secure subsystem include adjustment of load module, load monitoring module, core processing module,
Anti-distributed denial of service DDoS module, anti-monitoring scan module and platform filtering module.
Cloud platform the most according to claim 2, it is characterised in that described core processing module includes plan
Slightly controller, queue management device and communication adaptation module, wherein, described strategy controller includes strategy
Select module, load balancing module and hook HOOKS processing module.
Cloud platform the most according to claim 3, it is characterised in that described cloud platform is by by described negative
Carry monitoring module, described adjustment of load module and the load-balancing algorithm of described strategy controller cooperative achievement,
Load to the operation in described cloud platform carries out equilibrium treatment.
Cloud platform the most according to claim 2, it is characterised in that described anti-distributed denial of service DDoS
Module utilizes default packet filtering algorithm to filter the packet sent to described cloud platform, wherein, and institute
Entrance message filter algorithm and route packet filtering algorithm, described entrance report is included by presetting packet filtering algorithm
Literary composition filter algorithm is for filtering the packet forging source IP address, and described route packet filtering algorithm is used for filtering
Source IP address is not belonging to preset the packet of client region.
Cloud platform the most according to claim 2, it is characterised in that described anti-distributed denial of service DDoS
Module is for closing untapped port numbers in described cloud platform.
Cloud platform the most according to claim 2, it is characterised in that described platform filtering module specifically wraps
Including blocking module, deception module and strategic server, wherein, described blocking module is used for intercepting invader
Access request, described deception module for sending default spoofing, described strategy to described invader
In server, storage has the policy instructions of the predetermined number that can be accessed by described blocking module.
Cloud platform the most according to claim 7, it is characterised in that described blocking module includes mutually
The behavior module connected and decision-making module, described behavior module is connected with described deception module, described decision-making
Module is connected with described strategic server, when described platform filtering module receives the access request of user,
Described decision-making module is by accessing the policy instructions in described strategic server, to determine described access request
Processing mode, when the described processing mode determined is deception mode, described decision-making module call described in take advantage of
Deceive module, and perform the deception instruction corresponding with described deception mode by described behavior module.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610324283.4A CN105847423A (en) | 2016-05-16 | 2016-05-16 | Cloud platform capable of unified safety monitoring and management |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610324283.4A CN105847423A (en) | 2016-05-16 | 2016-05-16 | Cloud platform capable of unified safety monitoring and management |
Publications (1)
Publication Number | Publication Date |
---|---|
CN105847423A true CN105847423A (en) | 2016-08-10 |
Family
ID=56592528
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610324283.4A Pending CN105847423A (en) | 2016-05-16 | 2016-05-16 | Cloud platform capable of unified safety monitoring and management |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105847423A (en) |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106603284A (en) * | 2016-12-14 | 2017-04-26 | 国网天津市电力公司 | Docker virtual container micro-application platform system and operation method |
CN107733704A (en) * | 2017-09-29 | 2018-02-23 | 中国石油化工股份有限公司 | A kind of system and method for the exploration and development cloud based on virtualization and container technique |
CN107872479A (en) * | 2016-09-26 | 2018-04-03 | 中国电信股份有限公司 | Cloud management platform and controller integrated approach and system and correlation module |
CN108197252A (en) * | 2017-12-29 | 2018-06-22 | 武汉烽理光电技术有限公司 | The integrated management of bridge life-cycle and analysis cloud platform system |
CN108881434A (en) * | 2018-06-16 | 2018-11-23 | 武汉商启网络信息有限公司 | A kind of management control system of on-demand bulk management cloud resource |
CN109951320A (en) * | 2019-02-25 | 2019-06-28 | 武汉大学 | A kind of expansible multi layer monitoing frame and its monitoring method of facing cloud platform |
CN111831609A (en) * | 2020-06-18 | 2020-10-27 | 中国科学院数据与通信保护研究教育中心 | Method and system for unified management and distribution of binary file metric values in virtualization environment |
CN112612417A (en) * | 2020-12-24 | 2021-04-06 | 深圳市科力锐科技有限公司 | Data migration method, device, equipment and storage medium |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102291280A (en) * | 2011-08-19 | 2011-12-21 | 深圳市合广测控技术有限公司 | Intelligent measuring and controlling Internet of things platform based on cloud computing and measuring and controlling method thereof |
CN102982408A (en) * | 2012-11-05 | 2013-03-20 | 中国电力科学研究院 | Large-scale electric car operation monitoring platform based on cloud computing |
CN103401917A (en) * | 2013-07-29 | 2013-11-20 | 华南理工大学 | Hybrid cloud computing system based on cloud bus and realization method of hybrid cloud computing system |
CN105205729A (en) * | 2015-09-22 | 2015-12-30 | 许继集团有限公司 | Power system energy efficiency public service cloud platform based on cloud computing |
CN105577727A (en) * | 2014-10-16 | 2016-05-11 | 南京瀚和软件技术有限公司 | Cloud-computing virtual machine management platform system |
-
2016
- 2016-05-16 CN CN201610324283.4A patent/CN105847423A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102291280A (en) * | 2011-08-19 | 2011-12-21 | 深圳市合广测控技术有限公司 | Intelligent measuring and controlling Internet of things platform based on cloud computing and measuring and controlling method thereof |
CN102982408A (en) * | 2012-11-05 | 2013-03-20 | 中国电力科学研究院 | Large-scale electric car operation monitoring platform based on cloud computing |
CN103401917A (en) * | 2013-07-29 | 2013-11-20 | 华南理工大学 | Hybrid cloud computing system based on cloud bus and realization method of hybrid cloud computing system |
CN105577727A (en) * | 2014-10-16 | 2016-05-11 | 南京瀚和软件技术有限公司 | Cloud-computing virtual machine management platform system |
CN105205729A (en) * | 2015-09-22 | 2015-12-30 | 许继集团有限公司 | Power system energy efficiency public service cloud platform based on cloud computing |
Cited By (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107872479A (en) * | 2016-09-26 | 2018-04-03 | 中国电信股份有限公司 | Cloud management platform and controller integrated approach and system and correlation module |
CN107872479B (en) * | 2016-09-26 | 2021-06-18 | 中国电信股份有限公司 | Cloud management platform and controller integration method and system and related modules |
CN106603284A (en) * | 2016-12-14 | 2017-04-26 | 国网天津市电力公司 | Docker virtual container micro-application platform system and operation method |
CN107733704A (en) * | 2017-09-29 | 2018-02-23 | 中国石油化工股份有限公司 | A kind of system and method for the exploration and development cloud based on virtualization and container technique |
CN107733704B (en) * | 2017-09-29 | 2021-02-26 | 中国石油化工股份有限公司 | Virtualization and container technology-based cloud exploration and development system and method |
CN108197252A (en) * | 2017-12-29 | 2018-06-22 | 武汉烽理光电技术有限公司 | The integrated management of bridge life-cycle and analysis cloud platform system |
CN108881434A (en) * | 2018-06-16 | 2018-11-23 | 武汉商启网络信息有限公司 | A kind of management control system of on-demand bulk management cloud resource |
CN109951320A (en) * | 2019-02-25 | 2019-06-28 | 武汉大学 | A kind of expansible multi layer monitoing frame and its monitoring method of facing cloud platform |
CN111831609A (en) * | 2020-06-18 | 2020-10-27 | 中国科学院数据与通信保护研究教育中心 | Method and system for unified management and distribution of binary file metric values in virtualization environment |
CN111831609B (en) * | 2020-06-18 | 2024-01-02 | 中国科学院数据与通信保护研究教育中心 | Method and system for unified management and distribution of binary metric values in virtualized environments |
CN112612417A (en) * | 2020-12-24 | 2021-04-06 | 深圳市科力锐科技有限公司 | Data migration method, device, equipment and storage medium |
CN112612417B (en) * | 2020-12-24 | 2023-08-08 | 深圳市科力锐科技有限公司 | Data migration method, device, equipment and storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN105847423A (en) | Cloud platform capable of unified safety monitoring and management | |
US10341383B2 (en) | Cloud protection techniques | |
US11888897B2 (en) | Implementing decoys in a network environment | |
US8806593B1 (en) | Guest account management using cloud based security services | |
CN112765639B (en) | Security micro-service architecture based on zero trust access strategy and implementation method | |
US11792008B2 (en) | Actively monitoring encrypted traffic by inspecting logs | |
US9881304B2 (en) | Risk-based control of application interface transactions | |
CN102833256B (en) | The method of registered set group control server, node control server and cloud system | |
US8656154B1 (en) | Cloud based service logout using cryptographic challenge response | |
CN104104679A (en) | Data processing method based on private cloud | |
Hershey et al. | System of systems for quality-of-service observation and response in cloud computing environments | |
US10333977B1 (en) | Deceiving an attacker who is harvesting credentials | |
CN112115484B (en) | Access control method, device, system and medium for application program | |
Alli et al. | Secure fog-cloud of things: architectures, opportunities and challenges | |
Waqas et al. | A security-based survey and classification of Cloud Architectures, State of Art and Future Directions | |
Waqas et al. | Sharing of attacks information across clouds for improving security: A conceptual framework | |
Vistro et al. | A literature review on security issues in cloud computing: Opportunities and challenges | |
Ferdous et al. | Threat taxonomy for Cloud of Things | |
CN114466038B (en) | Communication protection system of electric power thing networking | |
Narang et al. | A review on different security issues and challenges in cloud computing | |
Bendahmane et al. | Grid computing security mechanisms: State-of-the-art | |
Waqas et al. | Fault tolerant cloud auditing | |
Cangea | A Comparative Analysis of Internet of Things Security Strategies. | |
CN100411361C (en) | Safety structure of all-around protecting mobile proxy network management application | |
Petcu et al. | Security risks of cloud computing services from the new cybernetics’ threats perspective |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20160810 |
|
RJ01 | Rejection of invention patent application after publication |