CN106713365A - Cloud environment-based network security system - Google Patents
Cloud environment-based network security system Download PDFInfo
- Publication number
- CN106713365A CN106713365A CN201710113584.7A CN201710113584A CN106713365A CN 106713365 A CN106713365 A CN 106713365A CN 201710113584 A CN201710113584 A CN 201710113584A CN 106713365 A CN106713365 A CN 106713365A
- Authority
- CN
- China
- Prior art keywords
- cloud
- environment
- cloud environment
- security
- protection
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/56—Provisioning of proxy services
Abstract
The present invention discloses a cloud environment-based network security system. The cloud environment-based network security system comprises an extra-cloud control module, in-cloud protection module, and an intra-cloud reinforcing module. The extra-cloud control module is used for deploying a preset security component in the border of a target cloud environment in a form of a virtual machine so as to perform security detection on external access data. The in-cloud protection module is used for monitoring and controlling internal security of the target cloud environment. The intra-cloud reinforcing module is used for performing antivirus protection and reinforcement on a virtual host in the target cloud environment. According to extra-cloud control, external security of the cloud environment is controlled and bidirectional protection is provided between the cloud environment and the internet environment. According to in-cloud protection, various resources in the cloud environment are protected. According to intra-cloud reinforcement, the virtual machine is protected, and the cloud service applications are protected. The advantages of cloud computing and virtualization are fully exerted, the cloud environment is safer, a security system architecture of the cloud computing environment is standardized, and the security system architecture is easy to develop, expand and maintain.
Description
Technical field
The present invention relates to field of cloud computer technology, more particularly to a kind of network safety system based on cloud environment.
Background technology
With the development of Information technology, cloud computing progressively turns into the Hot spots for development of industry, the cloud meter of domestic and international all big enterprises
Service platform is calculated to also begin to put into science, education, culture, health, government, high-performance calculation, ecommerce, Internet of Things one after another
Used etc. multiple fields.
One of maximum risk of cloud computing comes from its property:It allows data to be transmitted and be stored in substantially any place,
Even it is separately maintained in the diverse location in the world.With the maturation of cloud computing technology, the safety problem of cloud computing is increasingly subject to close
Note.Data privacy and Network Security Issues must be taken seriously using the enterprise of cloud computing, cloud computing is played a role
Time, place and produced risk are assessed.Although each security firm proposes safety product miscellaneous, at present
The integration cloud security scheme of maturation is not formed.
Therefore, in order to more fully play the advantage of cloud computing and virtualization, the more preferable safety of protection cloud environment,
The security system framework of cloud computing environment is standardized, how a kind of easy exploiting, easily extension, the cloud environment network of easy care is provided and is pacified
Total system, is the current technical issues that need to address of those skilled in the art.
The content of the invention
It is an object of the invention to provide a kind of network safety system based on cloud environment, cloud meter can be more fully played
The advantage calculated and virtualize, preferably the safety of protection cloud environment, standardizes the security system framework of cloud computing environment, and makes
Obtain security system framework easy exploiting, easily extension, easy care.
In order to solve the above technical problems, the invention provides following technical scheme:
A kind of network safety system based on cloud environment, including:
The outer management and control module of cloud, the side for default security component to be deployed in target cloud environment in the form of virtual machine
Boundary, access data to external world carry out safety detection;
Protection module in cloud, is monitored and controls for the internal security to the target cloud environment;
Module is reinforced in cloud, for carrying out kill virus protection and reinforcing to the fictitious host computer in the target cloud environment.
Preferably, the outer management and control module of the cloud includes:Virtual firewall unit, for tectonic network layer protective barrier, enters
Row zone isolation and formulation access control rule, define whether different access requests meet safety requirements, and isolate not same district
The security risk in domain.
Preferably, the outer management and control module of the cloud also includes:IPS units, attack for carrying out leak to the target cloud environment
Hit and intrusion behavior detection.
Preferably, the outer management and control module of the cloud also includes:VPN units, for the identity according to different user to each access
User carries out corresponding access mandate.
Preferably, protection module includes in the cloud:Isolation monitoring unit, for virtual in the target cloud environment
Machine carries out the monitoring analysis of East and West direction flow, and synchronism output monitoring journal and form.
Preferably, protection module also includes in the cloud:Fort machine unit, for the use to accessing the target cloud environment
Family is authenticated, and journal record and management daily record and the verification of serve log audit are carried out to the access process of user.
Preferably, protection module also includes in the cloud:DEU data encryption unit, for the target cloud environment and the external world
The interaction data of user is encrypted;Data backup unit, for carrying out disaster-tolerant backup to the data in the target cloud environment.
Preferably, module is reinforced in the cloud includes:Antivirus unit, for the virtual machine in the target cloud environment
Operating system carries out checking and killing virus scanning and security protection;Trust calculation unit, for building trust computing Pooled resources and credible
Dummy machine system;Reinforcement elements, for setting up on the normal and abnormal behaviour of the virtual machine in the target cloud environment
Model, to recognize the security threat of each virtual machine end points, and responds to attack.
Compared with prior art, above-mentioned technical proposal has advantages below:
A kind of network safety system based on cloud environment provided by the present invention, including:The outer management and control module of cloud, for by advance
If security component the border of target cloud environment is deployed in the form of virtual machine, access data to external world carry out safe inspection
Survey;Protection module in cloud, is monitored and controls for the internal security to target cloud environment;Module is reinforced in cloud, for right
Fictitious host computer in target cloud environment carries out kill virus protection and reinforcing.In the technical program, answering for cloud computing has been considered
With environment, the characteristics of give full play to virtualization, in the form of virtual secure component, overall management and control is inside and outside, middle part cloud environment,
Supported for cloud computing environment provides safety guarantee.Wherein, the security control outside cloud environment is realized in the outer management and control of cloud, is that cloud environment is arrived
Two-way prevention is provided between internet environment;The protection between all kinds of resources of cloud environmental interior is realized in protection in cloud;Reinforced in cloud
The security protection of virtual machine itself is realized, the security of cloud service application is protected.Can more fully play cloud computing and
The advantage of virtualization, preferably the safety of protection cloud environment, standardizes the security system framework of cloud computing environment, and cause peace
All system structure easy exploitings, easily extension, easy care.
Brief description of the drawings
In order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, below will be to embodiment or existing
The accompanying drawing to be used needed for having technology description is briefly described, it should be apparent that, drawings in the following description are the present invention
Some embodiments, for those of ordinary skill in the art, on the premise of not paying creative work, can also basis
These accompanying drawings obtain other accompanying drawings.
Fig. 1 is illustrated by the Security Architecture based on cloud environment that a kind of specific embodiment of the invention is provided
Figure.
Specific embodiment
Core of the invention is to provide a kind of network safety system based on cloud environment, can more fully play cloud meter
The advantage calculated and virtualize, preferably the safety of protection cloud environment, standardizes the security system framework of cloud computing environment, and makes
Obtain security system framework easy exploiting, easily extension, easy care.
In order that the above objects, features and advantages of the present invention can become apparent it is understandable, below in conjunction with the accompanying drawings to this hair
Bright specific embodiment is described in detail.
Elaborate detail in order to fully understand the present invention in the following description.But the present invention can with it is various not
It is same as other manner described here to implement, those skilled in the art can do class in the case of without prejudice to intension of the present invention
Like popularization.Therefore the present invention is not limited by following public specific implementation.
Refer to Fig. 1, the network safety system based on cloud environment that Fig. 1 is provided by a kind of specific embodiment of the invention
Structural representation.
A kind of specific embodiment of the invention includes there is provided a kind of network safety system based on cloud environment:Cloud outer tube
Control module 11, the border for default security component to be deployed in target cloud environment in the form of virtual machine, visit to external world
Ask that data carry out safety detection, it can use for reference traditional data center's Border Protection scheme, the border to cloud environment is carried out
Security protection, strong adaptability;Protection module 12 in cloud, are monitored and control for the internal security to target cloud environment, fill
Divide the characteristics of using cloud computing and virtualization, using virtual secure equipment simulating security hardware, cloud basic environment is entered
Row protection, compatibility is high, and autgmentability is strong;Module 13 is reinforced in cloud, for being killed virus to the fictitious host computer in target cloud environment
Protection and reinforcing, are host and VME operating system interior customization security procedure etc., realize that the gas defence of service application is reinforced,
It is practical, flexible, reliable.
In the present embodiment, the applied environment of cloud computing has been considered, the characteristics of give full play to virtualization, with virtual
The form of security component, overall management and control is inside and outside, middle part cloud environment, is supported for cloud computing environment provides safety guarantee.Wherein,
The security control outside cloud environment is realized in the outer management and control of cloud, is cloud environment to providing two-way prevention between internet environment;Yun Zhongfang
Shield realizes the protection between all kinds of resources of cloud environmental interior;The security protection for realizing virtual machine itself is reinforced in cloud, cloud is protected
The security of service application.The advantage of cloud computing and virtualization can be more fully played, cloud environment is preferably protected
Safety, standardizes the security system framework of cloud computing environment, and cause security system framework easy exploiting, easily extension, easy care.
In one embodiment of the invention, the outer management and control module of cloud utilizes Intel Virtualization Technology, by security component with virtual
The form of machine is deployed in cloud environment border, and it includes:Virtual firewall unit, for providing Internet, application layer, content-level
Risk monitoring and control ability, serves as security postures analysis, network log-in management, the Antivirus gateway in north-south, tectonic network layer protection screen
Barrier, carries out zone isolation and formulates access control rule, defines whether different access requests meet safety requirements, and isolate not
With the security risk in region.
IPS units, for target cloud environment is carried out leak attack and intrusion behavior detection, such as detection leak attack and
Intrusion behavior, including various first floor system leak invasions, abnormal flow, malicious code, DoS (refusal service) etc. are various threatens row
For.Protect web security threats primary challenge, including attacks of anti-SQL injection, anti-XSS cross-site scripting attacks, anti-CSRF attack,
HTTP abnormality detections, buffer overflow detection etc..
VPN units, corresponding access mandate is carried out for the identity according to different user to each access user.It provides base
In the control of authority of user role, control the user of different role to access different resources, realize the secure access to resource.For
The safety issue of cloud platform internal applications system is ensured, and realizes the seamless access of terminal-pair business, by cloud security resource pool
Virtual VPN device, realize cloud application mandate access, ensure remote access safety, it is ensured that legal identity pass through lawful acts
Access valid system.
Further, protection module is responsible for controlling the safety of cloud environmental interior in cloud, and it includes:
Isolation monitoring unit, in East and West direction, being that different tenant's flows stamps VXLAN labels, is realized by VXLAN
Isolation between tenant.Inside same tenant, from secure group component, the isolation and interconnection between tenant's virtual machine are realized
Control.By on the traffic mirroring of band VXLAN labels to specific vSwitch ports, by flow analysis virtual machine to target cloud
Virtual machine in environment carries out the monitoring analysis of East and West direction flow, and synchronism output monitoring journal and form.
Fort machine unit, is authenticated for the user to access target cloud environment, and access process to user is carried out
Journal record and management daily record and the verification of serve log audit.Accomplish Prior Control, inspecting in process, trace afterwards.In industry
When business system needs to provide secure accessing, user is carried out using modes such as hardware characteristics code, short message certification, dynamic token cards and is recognized
Card.During application system is accessed, realize considering access, the safety of reading process.Journal record is carried out to access process,
There is provided management daily record and serve log carries out verification audit.Wherein, user access logses provide information when user accesses and (log in
IP, access resource, time, authentication mode), user's active degree, user/user's group flow seniority among brothers and sisters and inquiry, user/user's group
Flow velocity trend and inquiry;Alarm log provides and (breaks login attack record, CPU long-times cruelly and take too high record, device memory not
Foot), user cruelly break log in, master-slave user name unauthorized access record etc..
DEU data encryption unit, is encrypted for the interaction data to target cloud environment and extraneous user;Data backup list
Unit, for carrying out disaster-tolerant backup to the data in target cloud environment.Sensitive data in transmitting procedure should be encrypted, and carry out
Cipher mode has three kinds of modes:1) client/application encryption:Data are first encrypted in terminal or server end, are then led to again
Network transmission is crossed, or is stored with appropriate encryption format.Using encryption equipment or can be integrated among application program
Encryption mechanism;2) link/network encryption mode:The network encryption technique of standard includes SSL, VPN and SSH.Both can be hardware
Encryption, or software cryptography;3) encryption based on agency:Data transfer is carried out by proxy server, and data are being carried out
Encryption is completed before transmission.
Data backup can additionally be carried out, there is provided data disaster tolerance, such as using RAID, the synchronous technology of time delay, to code,
Distributed storage and database carry out real-time Hot Spare and time delay cold standby, it is ensured that even if data are deleted in device damage and mistake
Extreme case under also can be safe and sound.Data strange land calamity is set up for environment, it is ensured that the completeness of core data.
And WAF, Web application firewall protect each website Web server to be invaded from application layer, realize HTTP request
Abnormality detection, prevents the hostile networks such as webpage tamper, information leakage, wooden horse implantation, SQL injection, XSS cross-site attacks from invading row
To protect Web malicious codes, there is provided rule-based protection and the protection based on exception, condition managing etc. is carried out.
The service security that module is responsible for controlling based on fictitious host computer is reinforced in cloud, killed virus in virtual machine internal,
Reinforce, it includes:Antivirus unit, checking and killing virus scanning and peace are carried out for the operating system to the virtual machine in target cloud environment
Full protection, is VME operating system customization antivirus software, and the protection technique based on virus base carries out security protection and looked into virus
Kill scanning;Based on system and the minimum operation authority of application program, active protection is carried out to internal memory, file system, process etc., prevented
Senior malicious attack enters system using system 0day leaks and raising operation authority.
Trust calculation unit, for building trust computing Pooled resources and credible virtual machine system, preferably with secure hardware
And based on cryptography, trust to build trust chain by safe and reliable hardware, it is ensured that the integrality of virtual machine calculating platform,
The function such as calculating platform proof of identification and data safety storage is provided.Based on trusted servers build trust computing Pooled resources with can
Letter dummy machine system, for service application provides the support of virtual credible resource.
Reinforcement elements, for setting up normal and abnormal behaviour the model on the virtual machine in target cloud environment, with
The security threat of each virtual machine end points is recognized, and attack is responded, application endpoints are detected and response technology, record virtual machine
All operations in node, such as user/program/network store the record into peace to file, process, registration table operation
In full big data platform, by setting up normal and abnormal behaviour model, persistently these data are analyzed using machine learning,
To recognize the security threat of end points, and quick attack is responded.
In sum, a kind of network safety system based on cloud environment provided by the present invention, has considered cloud computing
Applied environment, the characteristics of give full play to virtualization, in the form of virtual secure component, overall management and control is inside and outside, middle part cloud ring
Border, supports for cloud computing environment provides safety guarantee.Wherein, the security control outside cloud environment is realized in the outer management and control of cloud, is cloud ring
Border is to providing two-way prevention between internet environment;The protection between all kinds of resources of cloud environmental interior is realized in protection in cloud;In cloud
The security protection of virtual machine itself is realized in reinforcing, protects the security of cloud service application.Cloud meter can more fully be played
The advantage calculated and virtualize, preferably the safety of protection cloud environment, standardizes the security system framework of cloud computing environment, and makes
Obtain security system framework easy exploiting, easily extension, easy care.
A kind of network safety system based on cloud environment provided by the present invention is described in detail above.Herein
Apply specific case to be set forth principle of the invention and implementation method, the explanation of above example is only intended to help
Understand the method for the present invention and its core concept.It should be pointed out that for those skilled in the art, not taking off
On the premise of the principle of the invention, some improvement and modification can also be carried out to the present invention, these are improved and modification also falls into this
In invention scope of the claims.
Claims (8)
1. a kind of network safety system based on cloud environment, it is characterised in that including:
The outer management and control module of cloud, the border for default security component to be deployed in target cloud environment in the form of virtual machine is right
Extraneous access data carry out safety detection;
Protection module in cloud, is monitored and controls for the internal security to the target cloud environment;
Module is reinforced in cloud, for carrying out kill virus protection and reinforcing to the fictitious host computer in the target cloud environment.
2. system according to claim 1, it is characterised in that the outer management and control module of the cloud includes:Virtual firewall unit,
For tectonic network layer protective barrier, carry out zone isolation and formulate access control rule, whether define different access requests
Meet safety requirements, and isolate the security risk of different zones.
3. system according to claim 2, it is characterised in that the outer management and control module of the cloud also includes:IPS units, are used for
Leak attack and intrusion behavior detection are carried out to the target cloud environment.
4. system according to claim 3, it is characterised in that the outer management and control module of the cloud also includes:VPN units, are used for
Identity according to different user carries out corresponding access mandate to each access user.
5. the system according to any one of Claims 1-4, it is characterised in that protection module includes in the cloud:Isolation prison
Control unit, the monitoring for carrying out East and West direction flow to the virtual machine in the target cloud environment is analyzed, and synchronism output is monitored
Daily record and form.
6. system according to claim 5, it is characterised in that protection module also includes in the cloud:Fort machine unit, uses
It is authenticated in the user to accessing the target cloud environment, and access process to user carries out journal record and management day
The verification audit of will and serve log.
7. system according to claim 6, it is characterised in that protection module also includes in the cloud:DEU data encryption unit,
It is encrypted for the interaction data to the target cloud environment and extraneous user;Data backup unit, for the target
Data in cloud environment carry out disaster-tolerant backup.
8. system according to claim 7, it is characterised in that module is reinforced in the cloud to be included:Antivirus unit, for right
The operating system of the virtual machine in the target cloud environment carries out checking and killing virus scanning and security protection;Trust calculation unit, uses
In structure trust computing Pooled resources and credible virtual machine system;Reinforcement elements, for setting up in the target cloud environment
Normal and abnormal behaviour the model of virtual machine, to recognize the security threat of each virtual machine end points, and is carried out to attack
Response.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710113584.7A CN106713365A (en) | 2017-02-28 | 2017-02-28 | Cloud environment-based network security system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710113584.7A CN106713365A (en) | 2017-02-28 | 2017-02-28 | Cloud environment-based network security system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106713365A true CN106713365A (en) | 2017-05-24 |
Family
ID=58911977
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710113584.7A Pending CN106713365A (en) | 2017-02-28 | 2017-02-28 | Cloud environment-based network security system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106713365A (en) |
Cited By (19)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108121912A (en) * | 2017-12-13 | 2018-06-05 | 中国科学院软件研究所 | A kind of malice cloud tenant recognition methods and device based on neutral net |
CN108200073A (en) * | 2018-01-12 | 2018-06-22 | 阳光保险集团股份有限公司 | A kind of sensitive data safety system |
CN108683498A (en) * | 2018-05-14 | 2018-10-19 | 国网江西省电力有限公司电力科学研究院 | A kind of cloud terminal management-control method based on changeable key national secret algorithm |
CN108810027A (en) * | 2018-07-20 | 2018-11-13 | 深圳点猫科技有限公司 | A kind of network safety control method and electronic equipment of education resource platform |
CN109274756A (en) * | 2018-10-12 | 2019-01-25 | 湖北邮电规划设计有限公司 | A kind of intelligent environment protection monitoring management system |
CN109361652A (en) * | 2018-09-12 | 2019-02-19 | 北京精友世纪软件技术有限公司 | A kind of vehicle insurance Claims Resolution safety system |
CN109861972A (en) * | 2018-12-21 | 2019-06-07 | 陕西商洛发电有限公司 | A kind of security architecture system of industrial information control unified platform |
CN110213346A (en) * | 2019-05-14 | 2019-09-06 | 北京思源互联科技有限公司 | The transmission method and device of encryption information |
CN110611637A (en) * | 2018-06-14 | 2019-12-24 | 北京安天网络安全技术有限公司 | Online network threat detection method and system based on VPN flow traction |
CN111008376A (en) * | 2019-12-09 | 2020-04-14 | 国网山东省电力公司电力科学研究院 | Mobile application source code safety audit system based on code dynamic analysis |
CN111224922A (en) * | 2018-11-26 | 2020-06-02 | 顺丰科技有限公司 | Distributed security group module access control method and system |
CN112286639A (en) * | 2020-11-08 | 2021-01-29 | 国家电网有限公司 | Method for reducing CPU occupancy rate of security component |
CN112714103A (en) * | 2020-12-03 | 2021-04-27 | 南京暴走团电子商务有限公司 | Safety control system based on network engineering |
CN112948204A (en) * | 2021-02-07 | 2021-06-11 | 上海汉询软件有限公司 | Data processing system based on DataRobot technology |
CN113612785A (en) * | 2021-08-09 | 2021-11-05 | 华云数据控股集团有限公司 | SDN-based protection system and control method thereof |
CN113742735A (en) * | 2021-09-18 | 2021-12-03 | 合肥力拓云计算科技有限公司 | Big data-based energy balance analysis platform safety system and use method thereof |
CN113824745A (en) * | 2021-11-24 | 2021-12-21 | 武汉大学 | Network safety emergency disposal system based on recurrent neural network model |
CN114780301A (en) * | 2022-06-22 | 2022-07-22 | 深圳市木浪云科技有限公司 | Disaster recovery method and system supporting multi-cloud production environment |
CN117014214A (en) * | 2023-08-21 | 2023-11-07 | 中山市智牛电子有限公司 | Intelligent control system and control method for LED display screen |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2012027472A2 (en) * | 2010-08-24 | 2012-03-01 | Copiun, Inc. | Constant access gateway and de-duplicated data cache server |
CN102438026A (en) * | 2012-01-12 | 2012-05-02 | 冶金自动化研究设计院 | Industrial control network security protection method and system |
EP2569693A2 (en) * | 2010-05-09 | 2013-03-20 | Madhav Chinta | Methods and systems for forcing an application to store data in a secure storage location |
CN103400226A (en) * | 2013-07-31 | 2013-11-20 | 湖南省烟草公司永州市公司 | Integrated tobacco industry information security, operation and maintenance application platform system |
CN104504538A (en) * | 2015-01-09 | 2015-04-08 | 河北斯博思创新科技有限公司 | Distributed personnel file management system |
CN104660610A (en) * | 2015-03-13 | 2015-05-27 | 华存数据信息技术有限公司 | Cloud computing environment based intelligent security defending system and defending method thereof |
CN104994089A (en) * | 2015-06-29 | 2015-10-21 | 浪潮(北京)电子信息产业有限公司 | Security system for cloud data center |
CN205486301U (en) * | 2016-01-04 | 2016-08-17 | 重庆市规划信息服务中心 | E -Government platform data management system |
-
2017
- 2017-02-28 CN CN201710113584.7A patent/CN106713365A/en active Pending
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2569693A2 (en) * | 2010-05-09 | 2013-03-20 | Madhav Chinta | Methods and systems for forcing an application to store data in a secure storage location |
WO2012027472A2 (en) * | 2010-08-24 | 2012-03-01 | Copiun, Inc. | Constant access gateway and de-duplicated data cache server |
CN102438026A (en) * | 2012-01-12 | 2012-05-02 | 冶金自动化研究设计院 | Industrial control network security protection method and system |
CN103400226A (en) * | 2013-07-31 | 2013-11-20 | 湖南省烟草公司永州市公司 | Integrated tobacco industry information security, operation and maintenance application platform system |
CN104504538A (en) * | 2015-01-09 | 2015-04-08 | 河北斯博思创新科技有限公司 | Distributed personnel file management system |
CN104660610A (en) * | 2015-03-13 | 2015-05-27 | 华存数据信息技术有限公司 | Cloud computing environment based intelligent security defending system and defending method thereof |
CN104994089A (en) * | 2015-06-29 | 2015-10-21 | 浪潮(北京)电子信息产业有限公司 | Security system for cloud data center |
CN205486301U (en) * | 2016-01-04 | 2016-08-17 | 重庆市规划信息服务中心 | E -Government platform data management system |
Cited By (24)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108121912A (en) * | 2017-12-13 | 2018-06-05 | 中国科学院软件研究所 | A kind of malice cloud tenant recognition methods and device based on neutral net |
CN108200073A (en) * | 2018-01-12 | 2018-06-22 | 阳光保险集团股份有限公司 | A kind of sensitive data safety system |
CN108683498A (en) * | 2018-05-14 | 2018-10-19 | 国网江西省电力有限公司电力科学研究院 | A kind of cloud terminal management-control method based on changeable key national secret algorithm |
CN110611637A (en) * | 2018-06-14 | 2019-12-24 | 北京安天网络安全技术有限公司 | Online network threat detection method and system based on VPN flow traction |
CN108810027A (en) * | 2018-07-20 | 2018-11-13 | 深圳点猫科技有限公司 | A kind of network safety control method and electronic equipment of education resource platform |
CN109361652A (en) * | 2018-09-12 | 2019-02-19 | 北京精友世纪软件技术有限公司 | A kind of vehicle insurance Claims Resolution safety system |
CN109361652B (en) * | 2018-09-12 | 2020-11-13 | 北京精友世纪软件技术有限公司 | Car insurance claim settlement safety protection system |
CN109274756A (en) * | 2018-10-12 | 2019-01-25 | 湖北邮电规划设计有限公司 | A kind of intelligent environment protection monitoring management system |
CN111224922A (en) * | 2018-11-26 | 2020-06-02 | 顺丰科技有限公司 | Distributed security group module access control method and system |
CN109861972A (en) * | 2018-12-21 | 2019-06-07 | 陕西商洛发电有限公司 | A kind of security architecture system of industrial information control unified platform |
CN109861972B (en) * | 2018-12-21 | 2022-09-09 | 陕西商洛发电有限公司 | Safety architecture system of industrial information control integrated platform |
CN110213346A (en) * | 2019-05-14 | 2019-09-06 | 北京思源互联科技有限公司 | The transmission method and device of encryption information |
CN111008376A (en) * | 2019-12-09 | 2020-04-14 | 国网山东省电力公司电力科学研究院 | Mobile application source code safety audit system based on code dynamic analysis |
CN111008376B (en) * | 2019-12-09 | 2021-11-05 | 国网山东省电力公司电力科学研究院 | Mobile application source code safety audit system based on code dynamic analysis |
CN112286639A (en) * | 2020-11-08 | 2021-01-29 | 国家电网有限公司 | Method for reducing CPU occupancy rate of security component |
CN112286639B (en) * | 2020-11-08 | 2024-02-23 | 国家电网有限公司 | Method for reducing CPU occupancy rate of safety component |
CN112714103A (en) * | 2020-12-03 | 2021-04-27 | 南京暴走团电子商务有限公司 | Safety control system based on network engineering |
CN112948204A (en) * | 2021-02-07 | 2021-06-11 | 上海汉询软件有限公司 | Data processing system based on DataRobot technology |
CN113612785A (en) * | 2021-08-09 | 2021-11-05 | 华云数据控股集团有限公司 | SDN-based protection system and control method thereof |
CN113742735A (en) * | 2021-09-18 | 2021-12-03 | 合肥力拓云计算科技有限公司 | Big data-based energy balance analysis platform safety system and use method thereof |
CN113824745A (en) * | 2021-11-24 | 2021-12-21 | 武汉大学 | Network safety emergency disposal system based on recurrent neural network model |
CN114780301A (en) * | 2022-06-22 | 2022-07-22 | 深圳市木浪云科技有限公司 | Disaster recovery method and system supporting multi-cloud production environment |
CN117014214A (en) * | 2023-08-21 | 2023-11-07 | 中山市智牛电子有限公司 | Intelligent control system and control method for LED display screen |
CN117014214B (en) * | 2023-08-21 | 2024-04-02 | 中山市智牛电子有限公司 | Intelligent control system and control method for LED display screen |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106713365A (en) | Cloud environment-based network security system | |
US9288223B2 (en) | Potential attack detection based on dummy network traffic | |
Williams | A risk assessment on Raspberry Pi using NIST standards | |
Soares et al. | Cloud security: state of the art | |
Itradat et al. | Developing an ISO27001 Information Security Management System for an Educational Institute: Hashemite University as a Case Study. | |
Alam et al. | Review on security aspects for cloud architecture | |
Miloslavskaya et al. | Taxonomy for unsecure big data processing in security operations centers | |
Alrasheed et al. | Cloud Computing Security and Challenges: Issues, Threats, and Solutions | |
Gerža et al. | Security of ISES measureserver® module for remote experiments against malign attacks | |
Rawal et al. | Cybersecurity and Identity Access Management | |
Aljawarneh et al. | Security Issues in Cloud Computing: A Perspective | |
Oka et al. | Analysis of Current Preventive Approaches in the Context of Cybersecurity | |
Sharma et al. | Categorizing threat types and cyber-assaults over Internet of Things-equipped gadgets | |
Xiao | Research on Cyberspace Security System Based on Cloud Computing Environment | |
Igbinovia et al. | Cyber security in university libraries and implication for library and information science education in Nigeria | |
Krasniqi et al. | Vulnerability Assessment & Penetration Testing: Case study on web application security | |
Zare et al. | Cybersecurity vulnerabilities assessment (a systematic review approach) | |
Tang | The Research on Cloud computing security model and Countermeasures | |
Ma | Research on website penetration test | |
Yacob | Securing Sensitive Data in the Cloud: A New Era of Security Through Zero Trust Principles | |
JP5359292B2 (en) | ACCESS CONTROL SYSTEM, ACCESS CONTROL DEVICE, ACCESS CONTROL METHOD, AND PROGRAM | |
Abduvaliyevich et al. | Creation and Security of the Cloud Platform for Educational Technologies | |
Fgee et al. | My Security for Dynamic Websites in Educational Institution | |
Indu et al. | Early work vis-à-vis current trends in internet of things security | |
Hu | Security Problems and Countermeasures of Network Accounting Information System |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170524 |
|
RJ01 | Rejection of invention patent application after publication |