CN106375436A - Cloud computing solar energy utilization intelligent information system - Google Patents
Cloud computing solar energy utilization intelligent information system Download PDFInfo
- Publication number
- CN106375436A CN106375436A CN201610794498.2A CN201610794498A CN106375436A CN 106375436 A CN106375436 A CN 106375436A CN 201610794498 A CN201610794498 A CN 201610794498A CN 106375436 A CN106375436 A CN 106375436A
- Authority
- CN
- China
- Prior art keywords
- cloud
- service
- private clound
- cloud computing
- access
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0869—Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0884—Network architectures or network communication protocols for network security for authentication of entities by delegation of authentication, e.g. a proxy authenticates an entity to be authenticated on behalf of this entity vis-à-vis an authentication entity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/105—Multiple levels of security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
- H04L67/025—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP] for remote control or remote monitoring of applications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
- H04L9/3213—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
Abstract
The invention provides a cloud computing solar energy utilization intelligent information system. The system comprises a solar system client, a controller and a cloud computing platform, wherein the controller is in wireless connection with the solar system client and the cloud computing platform, the controller transmits measured data to the cloud computing platform, and the cloud computing platform processes the data to acquire control programs and parameters, and feeds back the control programs and the parameters to the solar system client through the controller. The intelligent information system provided by the invention has the beneficial effects that when an operation scheme does not satisfy on-site demands, the controller can transmit the measured data to the cloud computing platform according to the on-site demands, the cloud computing platform acquires new control programs and parameters and then feeds back the control programs and parameters to the solar system client through the controller so as to control the system, and maintenance personnel do not need to go to the site to adjust the control programs or parameters, so that the flexibility is strong.
Description
Technical field
The present invention relates to technical field of solar is and in particular to a kind of cloud computing Solar use intelligent information system.
Background technology
Solar energy system in correlation technique includes home server.Home server receives the information that controller sends,
Obtain operating scheme by pre-set control programs in home server and parameter, the operation that controller obtains according to home server
Scheme controls residual heat system to run, i.e. the operation of solar energy system can only be according to control program default in home server and ginseng
The operating scheme that number obtains runs.However, system for field complex is changeable, when the operating scheme that home server obtains cannot
Meet field conditions demand when, need attendant to arrive at scene and update the control program of home server and parameter so that
Home server is met the operating scheme of field conditions it is impossible to neatly adjust control program and the ginseng in home server
Number.
Content of the invention
For solving the above problems, the present invention provides a kind of cloud computing Solar use intelligent information system.
The purpose of the present invention employs the following technical solutions to realize:
A kind of cloud computing Solar use intelligent information system, puts down including solar energy system user side, controller, cloud computing
Platform, controller is wirelessly connected with solar energy system user side, cloud computing platform, wherein controller by measure data transfer to cloud
Calculating platform, cloud computing platform is processed to described data, obtains control program and parameter, is then fed back to by controller
Solar energy system user side.
The invention has the benefit that when operating scheme is unsatisfactory for field demand, can be according to field demand, controller
By the data transfer of measurement to cloud computing platform, cloud computing platform is processed to described data, obtain new control program and
Parameter, then feeds back to solar energy system user side by controller, thus reaching the control to system it is not necessary to attendant
Go to scene adjustment control program and parameter, motility is strong.
Brief description
Using accompanying drawing, the invention will be further described, but the embodiment in accompanying drawing does not constitute any limit to the present invention
System, for those of ordinary skill in the art, on the premise of not paying creative work, can also obtain according to the following drawings
Other accompanying drawings.
Fig. 1 is present configuration connection diagram.
During Fig. 2, the present invention is across the structure connection diagram of cloud customer certification system.
Reference:
Solar energy system user side 1, controller 2, cloud computing platform 3, across cloud customer certification system 4, service request terminal 41,
Mixed cloud management system 42, across cloud authentication administrative system 43, access monitoring system 44, information storage system 45, mixed cloud identity
Management module 421, mixed cloud administration by different levels module 422, across cloud authentication module 431, alarm module 432.
Specific embodiment
The invention will be further described with the following Examples.
Application scenarios 1
Referring to Fig. 1, Fig. 2, the cloud computing Solar use intelligent information system of an embodiment of this application scene, including
Solar energy system user side 1, controller 2, cloud computing platform 3, controller 2 and solar energy system user side 1, cloud computing platform 3
Wireless connect, wherein controller 2 by the data transfer measuring to cloud computing platform 3, cloud computing platform 3 to described data at
Reason, obtains control program and parameter, then feeds back to solar energy system user side 1 by controller 2.
Preferably, described controller 2 is Programmable Logic Controller.
The above embodiment of the present invention have the beneficial effect that when operating scheme is unsatisfactory for field demand, can be according to scene
Demand, by the data transfer measuring to cloud computing platform 3, cloud computing platform 3 is processed controller 2 to described data, obtains
New control program and parameter, then feed back to solar energy system user side 1 by controller 2, thus reaching the control to system
, it is not necessary to attendant goes to scene adjustment control program and parameter, motility is strong for system.
Preferably, described cloud computing platform 3 includes multiple mixed clouds for storing control program and parameter.
This preferred embodiment is controlled program and parameter storage by mixed cloud, has not only saved money but also safety.
Preferably, described cloud computing platform 3 includes across cloud customer certification system 4, and described across cloud customer certification system 4 is used for
Across cloud checking between each private clound in the mixed cloud of management cloud computing platform 3, described across cloud customer certification system 4 includes servicing
Request end 41, mixed cloud management system 42, across cloud authentication administrative system 43, access monitoring system 44 and information storage system 45;
The privately owned cloud service that described service request terminal 41 is used for accessing for service requester in mixed cloud provides access interface;
Described mixed cloud management system 42 includes mixed cloud identity management module 421, mixed cloud administration by different levels module 422;
Described mixed cloud identity management module 421 is used for based on Certificate Authentication Mechanism, the private clound adding mixed cloud being managed, and
Set up the trusting relationship between each private clound;Described mixed cloud administration by different levels module 422 is used for the security classification according to private clound
Private clound is divided into open level, confidential and confidential, and takes different security strategies to be managed for different brackets;
Described across cloud authentication administrative system 43 includes across cloud authentication module 431 and alarm module 432;Described across cloud certification mould
Block 431 be used for when service requester carries out across cloud accesss obtain service requester attribute token, and be based on self-defining across
The service requester that cloud authentication protocol realizes local private clound carries out recognizing across cloud during across cloud access to the service of other private clounds
Card;Described alarm module 432 is used for the alert when obtaining attribute token failure or deciphering unsuccessfully;
The described monitoring system 44 that accesses is monitored for the process that service requester is accessed across cloud;
Described information storage system 45 is used for access information and the warning message of storage service requestor.
Preferably, the described attribute token obtaining service requester when service requester carries out across cloud access, comprising:
(1) service requester sends access service request to the service s of other private clounds that will access across cloud;
(2), after service s response access service request, send attribute request to service requester;
(3) service requester inputs self-defined password, and described self-defined password digit have to be larger than 6, and will be self-defined
Password and its identity send jointly to the certification of private clound after encrypted signature together with described attribute request as message
Agency, authentication proxy is decrypted checking by the private key of oneself and the public key of user to message, after being verified, according to user
Attribute request dependence memory module in extract attribute corresponding with attribute request sign and issue attribute token, generation session is close
Key, is sent to user after encrypted signature together with described attribute token and self-defined password;
(4), after user receives message, using the private key of oneself and the public key certificate of authentication proxy, message is decrypted, if
Contain self-defined password in information, then have authenticated the identity of described authentication proxy, also obtain attribute token simultaneously.
Preferably, the described alert when obtaining attribute token failure or deciphering unsuccessfully, comprising:
(1) service requester sends access service request to the service s of other private clounds that will access across cloud;
(2), after service s response access service request, send attribute request to service requester;
(3) service requester inputs self-defined code error, obtains attribute token failure, and alarm module 432 sends alarm
Information, attribute token obtains after being sent to user, and user cannot be decrypted it is impossible to complete authentication to information, alarm module
432 also alerts.
The above embodiment of the present invention devises the acquisition modes of attribute token, improve attribute token acquisition safety and
Efficiency;Construct across the cloud Verification System towards mixed cloud, user under mixing cloud environment can be met and adhere to different private clounds separately
Authenticated domain, service access frequently demand.
Preferably, described mixed cloud identity management module 421 includes:
(1) certificate issuance unit: for adding or when exiting mixed cloud being that the authentication proxy of this private clound is signed in private clound
Send out or revoked public key certificate, and the public key certificate signed and issued in mixed cloud is managed collectively;
(2) Yun Jian authentication proxy unit: for receiving the registration of the private clound of new addition, the new private clound adding of management
The log-on message of authentication proxy, thus set up itself trusting relationship and private clound between.
Preferably, the authentication proxy of described private clound supports ID authentication mechanism and Certificate Authentication Mechanism, for managing private
There is signing and issuing of the authentication in cloud and attribute token, and when across cloud authentication module 431 carries out across cloud certification, by described registration
Information is submitted to mixed cloud identity management module 421 and is registered, and receives the public key card that mixed cloud identity management module 421 is signed and issued
Book;The log-on message of the authentication proxy of private clound that described management newly adds, comprising: the certification generation of the new private clound adding of examination & verification
The log-on message of reason, receive the new log-on message of the authentication proxy of private clound adding, log-on message is stored in safety database,
Delete the log-on message of the private clound exiting when private clound exits mixed cloud.
Above-mentioned two preferred embodiment achieves the management to the private clound in mixed cloud, and the authentication proxy of private clound supports
ID authentication mechanism and Certificate Authentication Mechanism, make the management more science to the private clound in mixed cloud, safe.
Preferably, private clound is divided into open level, confidential and confidential, bag by the described security classification according to private clound
Include:
(1) if certain private clound only allows this private clound founder itself to access, this private clound is confidential;
(2) if certain private clound allows the user that this private clound founder authorizes to access, this private clound is confidential;
(3) if certain private clound allows all users setting up trusting relationship with this private clound to access, this private clound is public affairs
Open level.
Preferably, described security strategy includes:
(1) for confidential private clound, it is encrypted using elliptic curve cipher system, visitor needs to carry out fingerprint inspection
Card could send access request;
(2) for confidential private clound, it is encrypted using rsa AES, visitor needs to authorize u shield could visit
Ask;
(3) for open level private clound, it is encrypted using des AES, the visitor setting up trusting relationship is permissible
Directly transmit access request.
This preferred embodiment divides security classification to different private clounds and designs corresponding security strategy, is ensureing safety
On the premise of different private clounds can be conducted interviews.
Preferably, described information storage system 45 is stored to information using multilayered model, including accumulation layer, management level
And interface layer, described accumulation layer is in the bottom of memory module, is made up of different equipment, described management level be located at accumulation layer it
On, by various softwares, storage device is managed, described interface layer user oriented provides service, can be according to client's need
Ask, different service interfaces are provided.
This preferred embodiment is easy to be easy to manager's queried access information and warning message, is easy to subsequent examination.
Preferably, described self-defining across cloud authentication protocol is:
(1) service requester randomly selects self-defined numeral as fresh number, the attribute token obtaining with service requester
Return to the random number of service requester together as message with carrying out service s during across cloud access, after encrypted signature, be sent to clothes
Business s;
(2) after service s receives message, close to message solution label with the private key of oneself and the public key of service requester, if message
Return to the random number of service requester containing described service s, then service requester authentication is passed through, service s and then generation
Another random number, carries out encrypted signature to described another random number and described self-defined numeral, forms feedback information, is sent to clothes
Business requestor;
(3) after service requester receives described feedback information, with the public key of the private key of oneself and service s to feedback information solution
Sign close, if feedback information contains described self-defined numeral, have authenticated the identity of service s, it is achieved thereby that both sides' mutually recognizes each other
Card.
This preferred embodiment devises self-defining across cloud authentication protocol it is achieved that two-way between service requester and service
Certification, improves safety and the efficiency across cloud certification of system.
Preferably, described access monitoring system 44 is by access process vector x=(a1、a2、a3) be indicated, a1Represent
A situation arises for warning message, a2Represent user accesses whether meet security strategy, a3Represent running situation;Work as warning message
When not occurring, a1Take 1, otherwise take 0;User accesses when meeting security strategy, a2Take 1, otherwise take 0;The a when system operation is normal3
Take 1, otherwise take 0;Only when x=(1,1,1), monitoring system identification accesses successfully;Access monitoring system 44 at work to visit
Ask that unsuccessful time and number of times are recorded, reach set point number when accessing unsuccessful number of times in setting time section, access prison
Examining system 44 sends warning information.
This preferred embodiment achieves the monitoring to user's access process, improves the safety of system.
In this application scenarios, described self-defined password digit is 11, and certification speed improves 10%, and safety improves
12%.
Application scenarios 2
Referring to Fig. 1, Fig. 2, the cloud computing Solar use intelligent information system of an embodiment of this application scene, including
Solar energy system user side 1, controller 2, cloud computing platform 3, controller 2 and solar energy system user side 1, cloud computing platform 3
Wireless connect, wherein controller 2 by the data transfer measuring to cloud computing platform 3, cloud computing platform 3 to described data at
Reason, obtains control program and parameter, then feeds back to solar energy system user side 1 by controller 2.
Preferably, described controller 2 is Programmable Logic Controller.
The above embodiment of the present invention have the beneficial effect that when operating scheme is unsatisfactory for field demand, can be according to scene
Demand, by the data transfer measuring to cloud computing platform 3, cloud computing platform 3 is processed controller 2 to described data, obtains
New control program and parameter, then feed back to solar energy system user side 1 by controller 2, thus reaching the control to system
, it is not necessary to attendant goes to scene adjustment control program and parameter, motility is strong for system.
Preferably, described cloud computing platform 3 includes multiple mixed clouds for storing control program and parameter.
This preferred embodiment is controlled program and parameter storage by mixed cloud, has not only saved money but also safety.
Preferably, described cloud computing platform 3 includes across cloud customer certification system 4, and described across cloud customer certification system 4 is used for
Across cloud checking between each private clound in the mixed cloud of management cloud computing platform 3, described across cloud customer certification system 4 includes servicing
Request end 41, mixed cloud management system 42, across cloud authentication administrative system 43, access monitoring system 44 and information storage system 45;
The privately owned cloud service that described service request terminal 41 is used for accessing for service requester in mixed cloud provides access interface;
Described mixed cloud management system 42 includes mixed cloud identity management module 421, mixed cloud administration by different levels module 422;
Described mixed cloud identity management module 421 is used for based on Certificate Authentication Mechanism, the private clound adding mixed cloud being managed, and
Set up the trusting relationship between each private clound;Described mixed cloud administration by different levels module 422 is used for the security classification according to private clound
Private clound is divided into open level, confidential and confidential, and takes different security strategies to be managed for different brackets;
Described across cloud authentication administrative system 43 includes across cloud authentication module 431 and alarm module 432;Described across cloud certification mould
Block 431 be used for when service requester carries out across cloud accesss obtain service requester attribute token, and be based on self-defining across
The service requester that cloud authentication protocol realizes local private clound carries out recognizing across cloud during across cloud access to the service of other private clounds
Card;Described alarm module 432 is used for the alert when obtaining attribute token failure or deciphering unsuccessfully;
The described monitoring system 44 that accesses is monitored for the process that service requester is accessed across cloud;
Described information storage system 45 is used for access information and the warning message of storage service requestor.
Preferably, the described attribute token obtaining service requester when service requester carries out across cloud access, comprising:
(1) service requester sends access service request to the service s of other private clounds that will access across cloud;
(2), after service s response access service request, send attribute request to service requester;
(3) service requester inputs self-defined password, and described self-defined password digit have to be larger than 6, and will be self-defined
Password and its identity send jointly to the certification of private clound after encrypted signature together with described attribute request as message
Agency, authentication proxy is decrypted checking by the private key of oneself and the public key of user to message, after being verified, according to user
Attribute request dependence memory module in extract attribute corresponding with attribute request sign and issue attribute token, generation session is close
Key, is sent to user after encrypted signature together with described attribute token and self-defined password;
(4), after user receives message, using the private key of oneself and the public key certificate of authentication proxy, message is decrypted, if
Contain self-defined password in information, then have authenticated the identity of described authentication proxy, also obtain attribute token simultaneously.
Preferably, the described alert when obtaining attribute token failure or deciphering unsuccessfully, comprising:
(1) service requester sends access service request to the service s of other private clounds that will access across cloud;
(2), after service s response access service request, send attribute request to service requester;
(3) service requester inputs self-defined code error, obtains attribute token failure, and alarm module 432 sends alarm
Information, attribute token obtains after being sent to user, and user cannot be decrypted it is impossible to complete authentication to information, alarm module
432 also alerts.
The above embodiment of the present invention devises the acquisition modes of attribute token, improve attribute token acquisition safety and
Efficiency;Construct across the cloud Verification System towards mixed cloud, user under mixing cloud environment can be met and adhere to different private clounds separately
Authenticated domain, service access frequently demand.
Preferably, described mixed cloud identity management module 421 includes:
(1) certificate issuance unit: for adding or when exiting mixed cloud being that the authentication proxy of this private clound is signed in private clound
Send out or revoked public key certificate, and the public key certificate signed and issued in mixed cloud is managed collectively;
(2) Yun Jian authentication proxy unit: for receiving the registration of the private clound of new addition, the new private clound adding of management
The log-on message of authentication proxy, thus set up itself trusting relationship and private clound between.
Preferably, the authentication proxy of described private clound supports ID authentication mechanism and Certificate Authentication Mechanism, for managing private
There is signing and issuing of the authentication in cloud and attribute token, and when across cloud authentication module 431 carries out across cloud certification, by described registration
Information is submitted to mixed cloud identity management module 421 and is registered, and receives the public key card that mixed cloud identity management module 421 is signed and issued
Book;The log-on message of the authentication proxy of private clound that described management newly adds, comprising: the certification generation of the new private clound adding of examination & verification
The log-on message of reason, receive the new log-on message of the authentication proxy of private clound adding, log-on message is stored in safety database,
Delete the log-on message of the private clound exiting when private clound exits mixed cloud.
Above-mentioned two preferred embodiment achieves the management to the private clound in mixed cloud, and the authentication proxy of private clound supports
ID authentication mechanism and Certificate Authentication Mechanism, make the management more science to the private clound in mixed cloud, safe.
Preferably, private clound is divided into open level, confidential and confidential, bag by the described security classification according to private clound
Include:
(1) if certain private clound only allows this private clound founder itself to access, this private clound is confidential;
(2) if certain private clound allows the user that this private clound founder authorizes to access, this private clound is confidential;
(3) if certain private clound allows all users setting up trusting relationship with this private clound to access, this private clound is public affairs
Open level.
Preferably, described security strategy includes:
(1) for confidential private clound, it is encrypted using elliptic curve cipher system, visitor needs to carry out fingerprint inspection
Card could send access request;
(2) for confidential private clound, it is encrypted using rsa AES, visitor needs to authorize u shield could visit
Ask;
(3) for open level private clound, it is encrypted using des AES, the visitor setting up trusting relationship is permissible
Directly transmit access request.
This preferred embodiment divides security classification to different private clounds and designs corresponding security strategy, is ensureing safety
On the premise of different private clounds can be conducted interviews.
Preferably, described information storage system 45 is stored to information using multilayered model, including accumulation layer, management level
And interface layer, described accumulation layer is in the bottom of memory module, is made up of different equipment, described management level be located at accumulation layer it
On, by various softwares, storage device is managed, described interface layer user oriented provides service, can be according to client's need
Ask, different service interfaces are provided.
This preferred embodiment is easy to be easy to manager's queried access information and warning message, is easy to subsequent examination.
Preferably, described self-defining across cloud authentication protocol is:
(1) service requester randomly selects self-defined numeral as fresh number, the attribute token obtaining with service requester
Return to the random number of service requester together as message with carrying out service s during across cloud access, after encrypted signature, be sent to clothes
Business s;
(2) after service s receives message, close to message solution label with the private key of oneself and the public key of service requester, if message
Return to the random number of service requester containing described service s, then service requester authentication is passed through, service s and then generation
Another random number, carries out encrypted signature to described another random number and described self-defined numeral, forms feedback information, is sent to clothes
Business requestor;
(3) after service requester receives described feedback information, with the public key of the private key of oneself and service s to feedback information solution
Sign close, if feedback information contains described self-defined numeral, have authenticated the identity of service s, it is achieved thereby that both sides' mutually recognizes each other
Card.
This preferred embodiment devises self-defining across cloud authentication protocol it is achieved that two-way between service requester and service
Certification, improves safety and the efficiency across cloud certification of system.
Preferably, described access monitoring system 44 is by access process vector x=(a1、a2、a3) be indicated, a1Represent
A situation arises for warning message, a2Represent user accesses whether meet security strategy, a3Represent running situation;Work as warning message
When not occurring, a1Take 1, otherwise take 0;User accesses when meeting security strategy, a2Take 1, otherwise take 0;The a when system operation is normal3
Take 1, otherwise take 0;Only when x=(1,1,1), monitoring system identification accesses successfully;Access monitoring system 44 at work to visit
Ask that unsuccessful time and number of times are recorded, reach set point number when accessing unsuccessful number of times in setting time section, access prison
Examining system 44 sends warning information.
This preferred embodiment achieves the monitoring to user's access process, improves the safety of system.
In this application scenarios, described self-defined password digit is 10, and certification speed improves 11%, and safety improves
11%.
Application scenarios 3
Referring to Fig. 1, Fig. 2, the cloud computing Solar use intelligent information system of an embodiment of this application scene, including
Solar energy system user side 1, controller 2, cloud computing platform 3, controller 2 and solar energy system user side 1, cloud computing platform 3
Wireless connect, wherein controller 2 by the data transfer measuring to cloud computing platform 3, cloud computing platform 3 to described data at
Reason, obtains control program and parameter, then feeds back to solar energy system user side 1 by controller 2.
Preferably, described controller 2 is Programmable Logic Controller.
The above embodiment of the present invention have the beneficial effect that when operating scheme is unsatisfactory for field demand, can be according to scene
Demand, by the data transfer measuring to cloud computing platform 3, cloud computing platform 3 is processed controller 2 to described data, obtains
New control program and parameter, then feed back to solar energy system user side 1 by controller 2, thus reaching the control to system
, it is not necessary to attendant goes to scene adjustment control program and parameter, motility is strong for system.
Preferably, described cloud computing platform 3 includes multiple mixed clouds for storing control program and parameter.
This preferred embodiment is controlled program and parameter storage by mixed cloud, has not only saved money but also safety.
Preferably, described cloud computing platform 3 includes across cloud customer certification system 4, and described across cloud customer certification system 4 is used for
Across cloud checking between each private clound in the mixed cloud of management cloud computing platform 3, described across cloud customer certification system 4 includes servicing
Request end 41, mixed cloud management system 42, across cloud authentication administrative system 43, access monitoring system 44 and information storage system 45;
The privately owned cloud service that described service request terminal 41 is used for accessing for service requester in mixed cloud provides access interface;
Described mixed cloud management system 42 includes mixed cloud identity management module 421, mixed cloud administration by different levels module 422;
Described mixed cloud identity management module 421 is used for based on Certificate Authentication Mechanism, the private clound adding mixed cloud being managed, and
Set up the trusting relationship between each private clound;Described mixed cloud administration by different levels module 422 is used for the security classification according to private clound
Private clound is divided into open level, confidential and confidential, and takes different security strategies to be managed for different brackets;
Described across cloud authentication administrative system 43 includes across cloud authentication module 431 and alarm module 432;Described across cloud certification mould
Block 431 be used for when service requester carries out across cloud accesss obtain service requester attribute token, and be based on self-defining across
The service requester that cloud authentication protocol realizes local private clound carries out recognizing across cloud during across cloud access to the service of other private clounds
Card;Described alarm module 432 is used for the alert when obtaining attribute token failure or deciphering unsuccessfully;
The described monitoring system 44 that accesses is monitored for the process that service requester is accessed across cloud;
Described information storage system 45 is used for access information and the warning message of storage service requestor.
Preferably, the described attribute token obtaining service requester when service requester carries out across cloud access, comprising:
(1) service requester sends access service request to the service s of other private clounds that will access across cloud;
(2), after service s response access service request, send attribute request to service requester;
(3) service requester inputs self-defined password, and described self-defined password digit have to be larger than 6, and will be self-defined
Password and its identity send jointly to the certification of private clound after encrypted signature together with described attribute request as message
Agency, authentication proxy is decrypted checking by the private key of oneself and the public key of user to message, after being verified, according to user
Attribute request dependence memory module in extract attribute corresponding with attribute request sign and issue attribute token, generation session is close
Key, is sent to user after encrypted signature together with described attribute token and self-defined password;
(4), after user receives message, using the private key of oneself and the public key certificate of authentication proxy, message is decrypted, if
Contain self-defined password in information, then have authenticated the identity of described authentication proxy, also obtain attribute token simultaneously.
Preferably, the described alert when obtaining attribute token failure or deciphering unsuccessfully, comprising:
(1) service requester sends access service request to the service s of other private clounds that will access across cloud;
(2), after service s response access service request, send attribute request to service requester;
(3) service requester inputs self-defined code error, obtains attribute token failure, and alarm module 432 sends alarm
Information, attribute token obtains after being sent to user, and user cannot be decrypted it is impossible to complete authentication to information, alarm module
432 also alerts.
The above embodiment of the present invention devises the acquisition modes of attribute token, improve attribute token acquisition safety and
Efficiency;Construct across the cloud Verification System towards mixed cloud, user under mixing cloud environment can be met and adhere to different private clounds separately
Authenticated domain, service access frequently demand.
Preferably, described mixed cloud identity management module 421 includes:
(1) certificate issuance unit: for adding or when exiting mixed cloud being that the authentication proxy of this private clound is signed in private clound
Send out or revoked public key certificate, and the public key certificate signed and issued in mixed cloud is managed collectively;
(2) Yun Jian authentication proxy unit: for receiving the registration of the private clound of new addition, the new private clound adding of management
The log-on message of authentication proxy, thus set up itself trusting relationship and private clound between.
Preferably, the authentication proxy of described private clound supports ID authentication mechanism and Certificate Authentication Mechanism, for managing private
There is signing and issuing of the authentication in cloud and attribute token, and when across cloud authentication module 431 carries out across cloud certification, by described registration
Information is submitted to mixed cloud identity management module 421 and is registered, and receives the public key card that mixed cloud identity management module 421 is signed and issued
Book;The log-on message of the authentication proxy of private clound that described management newly adds, comprising: the certification generation of the new private clound adding of examination & verification
The log-on message of reason, receive the new log-on message of the authentication proxy of private clound adding, log-on message is stored in safety database,
Delete the log-on message of the private clound exiting when private clound exits mixed cloud.
Above-mentioned two preferred embodiment achieves the management to the private clound in mixed cloud, and the authentication proxy of private clound supports
ID authentication mechanism and Certificate Authentication Mechanism, make the management more science to the private clound in mixed cloud, safe.
Preferably, private clound is divided into open level, confidential and confidential, bag by the described security classification according to private clound
Include:
(1) if certain private clound only allows this private clound founder itself to access, this private clound is confidential;
(2) if certain private clound allows the user that this private clound founder authorizes to access, this private clound is confidential;
(3) if certain private clound allows all users setting up trusting relationship with this private clound to access, this private clound is public affairs
Open level.
Preferably, described security strategy includes:
(1) for confidential private clound, it is encrypted using elliptic curve cipher system, visitor needs to carry out fingerprint inspection
Card could send access request;
(2) for confidential private clound, it is encrypted using rsa AES, visitor needs to authorize u shield could visit
Ask;
(3) for open level private clound, it is encrypted using des AES, the visitor setting up trusting relationship is permissible
Directly transmit access request.
This preferred embodiment divides security classification to different private clounds and designs corresponding security strategy, is ensureing safety
On the premise of different private clounds can be conducted interviews.
Preferably, described information storage system 45 is stored to information using multilayered model, including accumulation layer, management level
And interface layer, described accumulation layer is in the bottom of memory module, is made up of different equipment, described management level be located at accumulation layer it
On, by various softwares, storage device is managed, described interface layer user oriented provides service, can be according to client's need
Ask, different service interfaces are provided.
This preferred embodiment is easy to be easy to manager's queried access information and warning message, is easy to subsequent examination.
Preferably, described self-defining across cloud authentication protocol is:
(1) service requester randomly selects self-defined numeral as fresh number, the attribute token obtaining with service requester
Return to the random number of service requester together as message with carrying out service s during across cloud access, after encrypted signature, be sent to clothes
Business s;
(2) after service s receives message, close to message solution label with the private key of oneself and the public key of service requester, if message
Return to the random number of service requester containing described service s, then service requester authentication is passed through, service s and then generation
Another random number, carries out encrypted signature to described another random number and described self-defined numeral, forms feedback information, is sent to clothes
Business requestor;
(3) after service requester receives described feedback information, with the public key of the private key of oneself and service s to feedback information solution
Sign close, if feedback information contains described self-defined numeral, have authenticated the identity of service s, it is achieved thereby that both sides' mutually recognizes each other
Card.
This preferred embodiment devises self-defining across cloud authentication protocol it is achieved that two-way between service requester and service
Certification, improves safety and the efficiency across cloud certification of system.
Preferably, described access monitoring system 44 is by access process vector x=(a1、a2、a3) be indicated, a1Represent
A situation arises for warning message, a2Represent user accesses whether meet security strategy, a3Represent running situation;Work as warning message
When not occurring, a1Take 1, otherwise take 0;User accesses when meeting security strategy, a2Take 1, otherwise take 0;The a when system operation is normal3
Take 1, otherwise take 0;Only when x=(1,1,1), monitoring system identification accesses successfully;Access monitoring system 44 at work to visit
Ask that unsuccessful time and number of times are recorded, reach set point number when accessing unsuccessful number of times in setting time section, access prison
Examining system 44 sends warning information.
This preferred embodiment achieves the monitoring to user's access process, improves the safety of system.
In this application scenarios, described self-defined password digit is 9, and certification speed improves 12%, and safety improves
10%.
Application scenarios 4
Referring to Fig. 1, Fig. 2, the cloud computing Solar use intelligent information system of an embodiment of this application scene, including
Solar energy system user side 1, controller 2, cloud computing platform 3, controller 2 and solar energy system user side 1, cloud computing platform 3
Wireless connect, wherein controller 2 by the data transfer measuring to cloud computing platform 3, cloud computing platform 3 to described data at
Reason, obtains control program and parameter, then feeds back to solar energy system user side 1 by controller 2.
Preferably, described controller 2 is Programmable Logic Controller.
The above embodiment of the present invention have the beneficial effect that when operating scheme is unsatisfactory for field demand, can be according to scene
Demand, by the data transfer measuring to cloud computing platform 3, cloud computing platform 3 is processed controller 2 to described data, obtains
New control program and parameter, then feed back to solar energy system user side 1 by controller 2, thus reaching the control to system
, it is not necessary to attendant goes to scene adjustment control program and parameter, motility is strong for system.
Preferably, described cloud computing platform 3 includes multiple mixed clouds for storing control program and parameter.
This preferred embodiment is controlled program and parameter storage by mixed cloud, has not only saved money but also safety.
Preferably, described cloud computing platform 3 includes across cloud customer certification system 4, and described across cloud customer certification system 4 is used for
Across cloud checking between each private clound in the mixed cloud of management cloud computing platform 3, described across cloud customer certification system 4 includes servicing
Request end 41, mixed cloud management system 42, across cloud authentication administrative system 43, access monitoring system 44 and information storage system 45;
The privately owned cloud service that described service request terminal 41 is used for accessing for service requester in mixed cloud provides access interface;
Described mixed cloud management system 42 includes mixed cloud identity management module 421, mixed cloud administration by different levels module 422;
Described mixed cloud identity management module 421 is used for based on Certificate Authentication Mechanism, the private clound adding mixed cloud being managed, and
Set up the trusting relationship between each private clound;Described mixed cloud administration by different levels module 422 is used for the security classification according to private clound
Private clound is divided into open level, confidential and confidential, and takes different security strategies to be managed for different brackets;
Described across cloud authentication administrative system 43 includes across cloud authentication module 431 and alarm module 432;Described across cloud certification mould
Block 431 be used for when service requester carries out across cloud accesss obtain service requester attribute token, and be based on self-defining across
The service requester that cloud authentication protocol realizes local private clound carries out recognizing across cloud during across cloud access to the service of other private clounds
Card;Described alarm module 432 is used for the alert when obtaining attribute token failure or deciphering unsuccessfully;
The described monitoring system 44 that accesses is monitored for the process that service requester is accessed across cloud;
Described information storage system 45 is used for access information and the warning message of storage service requestor.
Preferably, the described attribute token obtaining service requester when service requester carries out across cloud access, comprising:
(1) service requester sends access service request to the service s of other private clounds that will access across cloud;
(2), after service s response access service request, send attribute request to service requester;
(3) service requester inputs self-defined password, and described self-defined password digit have to be larger than 6, and will be self-defined
Password and its identity send jointly to the certification of private clound after encrypted signature together with described attribute request as message
Agency, authentication proxy is decrypted checking by the private key of oneself and the public key of user to message, after being verified, according to user
Attribute request dependence memory module in extract attribute corresponding with attribute request sign and issue attribute token, generation session is close
Key, is sent to user after encrypted signature together with described attribute token and self-defined password;
(4), after user receives message, using the private key of oneself and the public key certificate of authentication proxy, message is decrypted, if
Contain self-defined password in information, then have authenticated the identity of described authentication proxy, also obtain attribute token simultaneously.
Preferably, the described alert when obtaining attribute token failure or deciphering unsuccessfully, comprising:
(1) service requester sends access service request to the service s of other private clounds that will access across cloud;
(2), after service s response access service request, send attribute request to service requester;
(3) service requester inputs self-defined code error, obtains attribute token failure, and alarm module 432 sends alarm
Information, attribute token obtains after being sent to user, and user cannot be decrypted it is impossible to complete authentication to information, alarm module
432 also alerts.
The above embodiment of the present invention devises the acquisition modes of attribute token, improve attribute token acquisition safety and
Efficiency;Construct across the cloud Verification System towards mixed cloud, user under mixing cloud environment can be met and adhere to different private clounds separately
Authenticated domain, service access frequently demand.
Preferably, described mixed cloud identity management module 421 includes:
(1) certificate issuance unit: for adding or when exiting mixed cloud being that the authentication proxy of this private clound is signed in private clound
Send out or revoked public key certificate, and the public key certificate signed and issued in mixed cloud is managed collectively;
(2) Yun Jian authentication proxy unit: for receiving the registration of the private clound of new addition, the new private clound adding of management
The log-on message of authentication proxy, thus set up itself trusting relationship and private clound between.
Preferably, the authentication proxy of described private clound supports ID authentication mechanism and Certificate Authentication Mechanism, for managing private
There is signing and issuing of the authentication in cloud and attribute token, and when across cloud authentication module 431 carries out across cloud certification, by described registration
Information is submitted to mixed cloud identity management module 421 and is registered, and receives the public key card that mixed cloud identity management module 421 is signed and issued
Book;The log-on message of the authentication proxy of private clound that described management newly adds, comprising: the certification generation of the new private clound adding of examination & verification
The log-on message of reason, receive the new log-on message of the authentication proxy of private clound adding, log-on message is stored in safety database,
Delete the log-on message of the private clound exiting when private clound exits mixed cloud.
Above-mentioned two preferred embodiment achieves the management to the private clound in mixed cloud, and the authentication proxy of private clound supports
ID authentication mechanism and Certificate Authentication Mechanism, make the management more science to the private clound in mixed cloud, safe.
Preferably, private clound is divided into open level, confidential and confidential, bag by the described security classification according to private clound
Include:
(1) if certain private clound only allows this private clound founder itself to access, this private clound is confidential;
(2) if certain private clound allows the user that this private clound founder authorizes to access, this private clound is confidential;
(3) if certain private clound allows all users setting up trusting relationship with this private clound to access, this private clound is public affairs
Open level.
Preferably, described security strategy includes:
(1) for confidential private clound, it is encrypted using elliptic curve cipher system, visitor needs to carry out fingerprint inspection
Card could send access request;
(2) for confidential private clound, it is encrypted using rsa AES, visitor needs to authorize u shield could visit
Ask;
(3) for open level private clound, it is encrypted using des AES, the visitor setting up trusting relationship is permissible
Directly transmit access request.
This preferred embodiment divides security classification to different private clounds and designs corresponding security strategy, is ensureing safety
On the premise of different private clounds can be conducted interviews.
Preferably, described information storage system 45 is stored to information using multilayered model, including accumulation layer, management level
And interface layer, described accumulation layer is in the bottom of memory module, is made up of different equipment, described management level be located at accumulation layer it
On, by various softwares, storage device is managed, described interface layer user oriented provides service, can be according to client's need
Ask, different service interfaces are provided.
This preferred embodiment is easy to be easy to manager's queried access information and warning message, is easy to subsequent examination.
Preferably, described self-defining across cloud authentication protocol is:
(1) service requester randomly selects self-defined numeral as fresh number, the attribute token obtaining with service requester
Return to the random number of service requester together as message with carrying out service s during across cloud access, after encrypted signature, be sent to clothes
Business s;
(2) after service s receives message, close to message solution label with the private key of oneself and the public key of service requester, if message
Return to the random number of service requester containing described service s, then service requester authentication is passed through, service s and then generation
Another random number, carries out encrypted signature to described another random number and described self-defined numeral, forms feedback information, is sent to clothes
Business requestor;
(3) after service requester receives described feedback information, with the public key of the private key of oneself and service s to feedback information solution
Sign close, if feedback information contains described self-defined numeral, have authenticated the identity of service s, it is achieved thereby that both sides' mutually recognizes each other
Card.
This preferred embodiment devises self-defining across cloud authentication protocol it is achieved that two-way between service requester and service
Certification, improves safety and the efficiency across cloud certification of system.
Preferably, described access monitoring system 44 is by access process vector x=(a1、a2、a3) be indicated, a1Represent
A situation arises for warning message, a2Represent user accesses whether meet security strategy, a3Represent running situation;Work as warning message
When not occurring, a1Take 1, otherwise take 0;User accesses when meeting security strategy, a2Take 1, otherwise take 0;The a when system operation is normal3
Take 1, otherwise take 0;Only when x=(1,1,1), monitoring system identification accesses successfully;Access monitoring system 44 at work to visit
Ask that unsuccessful time and number of times are recorded, reach set point number when accessing unsuccessful number of times in setting time section, access prison
Examining system 44 sends warning information.
This preferred embodiment achieves the monitoring to user's access process, improves the safety of system.
In this application scenarios, described self-defined password digit is 8, and certification speed improves 13%, and safety improves
9%.
Application scenarios 5
Referring to Fig. 1, Fig. 2, the cloud computing Solar use intelligent information system of an embodiment of this application scene, including
Solar energy system user side 1, controller 2, cloud computing platform 3, controller 2 and solar energy system user side 1, cloud computing platform 3
Wireless connect, wherein controller 2 by the data transfer measuring to cloud computing platform 3, cloud computing platform 3 to described data at
Reason, obtains control program and parameter, then feeds back to solar energy system user side 1 by controller 2.
Preferably, described controller 2 is Programmable Logic Controller.
The above embodiment of the present invention have the beneficial effect that when operating scheme is unsatisfactory for field demand, can be according to scene
Demand, by the data transfer measuring to cloud computing platform 3, cloud computing platform 3 is processed controller 2 to described data, obtains
New control program and parameter, then feed back to solar energy system user side 1 by controller 2, thus reaching the control to system
, it is not necessary to attendant goes to scene adjustment control program and parameter, motility is strong for system.
Preferably, described cloud computing platform 3 includes multiple mixed clouds for storing control program and parameter.
This preferred embodiment is controlled program and parameter storage by mixed cloud, has not only saved money but also safety.
Preferably, described cloud computing platform 3 includes across cloud customer certification system 4, and described across cloud customer certification system 4 is used for
Across cloud checking between each private clound in the mixed cloud of management cloud computing platform 3, described across cloud customer certification system 4 includes servicing
Request end 41, mixed cloud management system 42, across cloud authentication administrative system 43, access monitoring system 44 and information storage system 45;
The privately owned cloud service that described service request terminal 41 is used for accessing for service requester in mixed cloud provides access interface;
Described mixed cloud management system 42 includes mixed cloud identity management module 421, mixed cloud administration by different levels module 422;
Described mixed cloud identity management module 421 is used for based on Certificate Authentication Mechanism, the private clound adding mixed cloud being managed, and
Set up the trusting relationship between each private clound;Described mixed cloud administration by different levels module 422 is used for the security classification according to private clound
Private clound is divided into open level, confidential and confidential, and takes different security strategies to be managed for different brackets;
Described across cloud authentication administrative system 43 includes across cloud authentication module 431 and alarm module 432;Described across cloud certification mould
Block 431 be used for when service requester carries out across cloud accesss obtain service requester attribute token, and be based on self-defining across
The service requester that cloud authentication protocol realizes local private clound carries out recognizing across cloud during across cloud access to the service of other private clounds
Card;Described alarm module 432 is used for the alert when obtaining attribute token failure or deciphering unsuccessfully;
The described monitoring system 44 that accesses is monitored for the process that service requester is accessed across cloud;
Described information storage system 45 is used for access information and the warning message of storage service requestor.
Preferably, the described attribute token obtaining service requester when service requester carries out across cloud access, comprising:
(1) service requester sends access service request to the service s of other private clounds that will access across cloud;
(2), after service s response access service request, send attribute request to service requester;
(3) service requester inputs self-defined password, and described self-defined password digit have to be larger than 6, and will be self-defined
Password and its identity send jointly to the certification of private clound after encrypted signature together with described attribute request as message
Agency, authentication proxy is decrypted checking by the private key of oneself and the public key of user to message, after being verified, according to user
Attribute request dependence memory module in extract attribute corresponding with attribute request sign and issue attribute token, generation session is close
Key, is sent to user after encrypted signature together with described attribute token and self-defined password;
(4), after user receives message, using the private key of oneself and the public key certificate of authentication proxy, message is decrypted, if
Contain self-defined password in information, then have authenticated the identity of described authentication proxy, also obtain attribute token simultaneously.
Preferably, the described alert when obtaining attribute token failure or deciphering unsuccessfully, comprising:
(1) service requester sends access service request to the service s of other private clounds that will access across cloud;
(2), after service s response access service request, send attribute request to service requester;
(3) service requester inputs self-defined code error, obtains attribute token failure, and alarm module 432 sends alarm
Information, attribute token obtains after being sent to user, and user cannot be decrypted it is impossible to complete authentication to information, alarm module
432 also alerts.
The above embodiment of the present invention devises the acquisition modes of attribute token, improve attribute token acquisition safety and
Efficiency;Construct across the cloud Verification System towards mixed cloud, user under mixing cloud environment can be met and adhere to different private clounds separately
Authenticated domain, service access frequently demand.
Preferably, described mixed cloud identity management module 421 includes:
(1) certificate issuance unit: for adding or when exiting mixed cloud being that the authentication proxy of this private clound is signed in private clound
Send out or revoked public key certificate, and the public key certificate signed and issued in mixed cloud is managed collectively;
(2) Yun Jian authentication proxy unit: for receiving the registration of the private clound of new addition, the new private clound adding of management
The log-on message of authentication proxy, thus set up itself trusting relationship and private clound between.
Preferably, the authentication proxy of described private clound supports ID authentication mechanism and Certificate Authentication Mechanism, for managing private
There is signing and issuing of the authentication in cloud and attribute token, and when across cloud authentication module 431 carries out across cloud certification, by described registration
Information is submitted to mixed cloud identity management module 421 and is registered, and receives the public key card that mixed cloud identity management module 421 is signed and issued
Book;The log-on message of the authentication proxy of private clound that described management newly adds, comprising: the certification generation of the new private clound adding of examination & verification
The log-on message of reason, receive the new log-on message of the authentication proxy of private clound adding, log-on message is stored in safety database,
Delete the log-on message of the private clound exiting when private clound exits mixed cloud.
Above-mentioned two preferred embodiment achieves the management to the private clound in mixed cloud, and the authentication proxy of private clound supports
ID authentication mechanism and Certificate Authentication Mechanism, make the management more science to the private clound in mixed cloud, safe.
Preferably, private clound is divided into open level, confidential and confidential, bag by the described security classification according to private clound
Include:
(1) if certain private clound only allows this private clound founder itself to access, this private clound is confidential;
(2) if certain private clound allows the user that this private clound founder authorizes to access, this private clound is confidential;
(3) if certain private clound allows all users setting up trusting relationship with this private clound to access, this private clound is public affairs
Open level.
Preferably, described security strategy includes:
(1) for confidential private clound, it is encrypted using elliptic curve cipher system, visitor needs to carry out fingerprint inspection
Card could send access request;
(2) for confidential private clound, it is encrypted using rsa AES, visitor needs to authorize u shield could visit
Ask;
(3) for open level private clound, it is encrypted using des AES, the visitor setting up trusting relationship is permissible
Directly transmit access request.
This preferred embodiment divides security classification to different private clounds and designs corresponding security strategy, is ensureing safety
On the premise of different private clounds can be conducted interviews.
Preferably, described information storage system 45 is stored to information using multilayered model, including accumulation layer, management level
And interface layer, described accumulation layer is in the bottom of memory module, is made up of different equipment, described management level be located at accumulation layer it
On, by various softwares, storage device is managed, described interface layer user oriented provides service, can be according to client's need
Ask, different service interfaces are provided.
This preferred embodiment is easy to be easy to manager's queried access information and warning message, is easy to subsequent examination.
Preferably, described self-defining across cloud authentication protocol is:
(1) service requester randomly selects self-defined numeral as fresh number, the attribute token obtaining with service requester
Return to the random number of service requester together as message with carrying out service s during across cloud access, after encrypted signature, be sent to clothes
Business s;
(2) after service s receives message, close to message solution label with the private key of oneself and the public key of service requester, if message
Return to the random number of service requester containing described service s, then service requester authentication is passed through, service s and then generation
Another random number, carries out encrypted signature to described another random number and described self-defined numeral, forms feedback information, is sent to clothes
Business requestor;
(3) after service requester receives described feedback information, with the public key of the private key of oneself and service s to feedback information solution
Sign close, if feedback information contains described self-defined numeral, have authenticated the identity of service s, it is achieved thereby that both sides' mutually recognizes each other
Card.
This preferred embodiment devises self-defining across cloud authentication protocol it is achieved that two-way between service requester and service
Certification, improves safety and the efficiency across cloud certification of system.
Preferably, described access monitoring system 44 is by access process vector x=(a1、a2、a3) be indicated, a1Represent
A situation arises for warning message, a2Represent user accesses whether meet security strategy, a3Represent running situation;Work as warning message
When not occurring, a1Take 1, otherwise take 0;User accesses when meeting security strategy, a2Take 1, otherwise take 0;The a when system operation is normal3
Take 1, otherwise take 0;Only when x=(1,1,1), monitoring system identification accesses successfully;Access monitoring system 44 at work to visit
Ask that unsuccessful time and number of times are recorded, reach set point number when accessing unsuccessful number of times in setting time section, access prison
Examining system 44 sends warning information.
This preferred embodiment achieves the monitoring to user's access process, improves the safety of system.
In this application scenarios, described self-defined password digit is 7, and certification speed improves 14%, and safety improves
8%.
Finally it should be noted that above example is only in order to illustrating technical scheme, rather than the present invention is protected
The restriction of shield scope, although having made to explain to the present invention with reference to preferred embodiment, those of ordinary skill in the art should
Work as understanding, technical scheme can be modified or equivalent, without deviating from the reality of technical solution of the present invention
Matter and scope.
Claims (3)
1. a kind of cloud computing Solar use intelligent information system is it is characterised in that include solar energy system user side, control
Device, cloud computing platform, controller is wirelessly connected with solar energy system user side, cloud computing platform, wherein controller by measure
Data transfer is processed to described data to cloud computing platform, cloud computing platform, obtains control program and parameter, then passes through
Controller feeds back to solar energy system user side.
2. a kind of cloud computing Solar use intelligent information system according to claim 1 is it is characterised in that described control
Device is Programmable Logic Controller.
3. a kind of cloud computing Solar use intelligent information system according to claim 2 is it is characterised in that described cloud meter
Calculate platform and include multiple mixed clouds for storing control program and parameter.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610794498.2A CN106375436A (en) | 2016-08-31 | 2016-08-31 | Cloud computing solar energy utilization intelligent information system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610794498.2A CN106375436A (en) | 2016-08-31 | 2016-08-31 | Cloud computing solar energy utilization intelligent information system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106375436A true CN106375436A (en) | 2017-02-01 |
Family
ID=57899859
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610794498.2A Pending CN106375436A (en) | 2016-08-31 | 2016-08-31 | Cloud computing solar energy utilization intelligent information system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106375436A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107332737A (en) * | 2017-07-12 | 2017-11-07 | 上海斐讯数据通信技术有限公司 | A kind of method and device of management and control router third-party application |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20110289134A1 (en) * | 2010-05-18 | 2011-11-24 | At&T Intellectual Property I, L.P. | End-To-End Secure Cloud Computing |
CN203413703U (en) * | 2013-06-04 | 2014-01-29 | 北京合创三众能源科技股份有限公司 | Ground source heat pump control system based on cloud computing |
CN203413765U (en) * | 2013-06-04 | 2014-01-29 | 北京合创三众能源科技股份有限公司 | Ice storage control system based on cloud computing |
CN104676725A (en) * | 2015-04-03 | 2015-06-03 | 山东理工大学 | Intelligent solar information system controlled by cloud computing |
CN104728913A (en) * | 2015-04-03 | 2015-06-24 | 山东理工大学 | Solar energy heating supply system based on cloud computing intelligent control |
CN104833107A (en) * | 2015-04-03 | 2015-08-12 | 山东理工大学 | Cloud computing solar system of intelligent starting auxiliary heating equipment |
-
2016
- 2016-08-31 CN CN201610794498.2A patent/CN106375436A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20110289134A1 (en) * | 2010-05-18 | 2011-11-24 | At&T Intellectual Property I, L.P. | End-To-End Secure Cloud Computing |
CN203413703U (en) * | 2013-06-04 | 2014-01-29 | 北京合创三众能源科技股份有限公司 | Ground source heat pump control system based on cloud computing |
CN203413765U (en) * | 2013-06-04 | 2014-01-29 | 北京合创三众能源科技股份有限公司 | Ice storage control system based on cloud computing |
CN104676725A (en) * | 2015-04-03 | 2015-06-03 | 山东理工大学 | Intelligent solar information system controlled by cloud computing |
CN104728913A (en) * | 2015-04-03 | 2015-06-24 | 山东理工大学 | Solar energy heating supply system based on cloud computing intelligent control |
CN104833107A (en) * | 2015-04-03 | 2015-08-12 | 山东理工大学 | Cloud computing solar system of intelligent starting auxiliary heating equipment |
Non-Patent Citations (1)
Title |
---|
朱智强: "混合云服务安全若干理论与关键技术研究", 《中国博士学位论文全文数据库》 * |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107332737A (en) * | 2017-07-12 | 2017-11-07 | 上海斐讯数据通信技术有限公司 | A kind of method and device of management and control router third-party application |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN105577665B (en) | Identity and access control management system and method under a kind of cloud environment | |
CN110213246B (en) | Wide-area multi-factor identity authentication system | |
CN104115464B (en) | Control is accessed | |
CN106411528B (en) | Lightweight authentication key negotiation method based on implicit certificate | |
CN107277079A (en) | A kind of across cloud customer certification system towards mixed cloud | |
CN101547095B (en) | Application service management system and management method based on digital certificate | |
CN103747036B (en) | Trusted security enhancement method in desktop virtualization environment | |
CN108111473B (en) | Unified management method, device and system for hybrid cloud | |
CN107948201A (en) | The purview certification method and system in Docker mirror images warehouse | |
CN108880822A (en) | A kind of identity identifying method, device, system and a kind of intelligent wireless device | |
US20110004764A1 (en) | Secure meter access from a mobile reader | |
CN106790034B (en) | A kind of method of internet of things equipment certification and secure accessing | |
CN103647788B (en) | A kind of node security authentication method in intelligent grid | |
CN109347831A (en) | A kind of double authentication safety access system and method based on UKey certification | |
CN103077461B (en) | System and method for applying for financial document using mobile communication device | |
CN101547097B (en) | Digital media management system and management method based on digital certificate | |
CN110401613A (en) | A kind of authentication management method and relevant device | |
CN106339597A (en) | Intelligent medical remote monitor system based on cloud computing | |
CN107223328A (en) | A kind of method and system of Root authority management and control | |
CN102571874A (en) | On-line audit method and device in distributed system | |
CN206878870U (en) | A kind of safe single-sign-on accesses system | |
CN112260275B (en) | Non-invasive load decomposition method and system based on blockchain technology | |
CN106331136A (en) | Health record information processing system | |
CN103532961A (en) | Method and system for authenticating identity of power grid website based on trusted crypto modules | |
CN106230976A (en) | The social intercourse system for intelligent residential district based on cloud platform |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170201 |