CN106911721B - Entrepreneurship registration data processing platform based on cloud computing - Google Patents
Entrepreneurship registration data processing platform based on cloud computing Download PDFInfo
- Publication number
- CN106911721B CN106911721B CN201710269419.0A CN201710269419A CN106911721B CN 106911721 B CN106911721 B CN 106911721B CN 201710269419 A CN201710269419 A CN 201710269419A CN 106911721 B CN106911721 B CN 106911721B
- Authority
- CN
- China
- Prior art keywords
- module
- data processing
- registration data
- encryption
- cloud
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000012545 processing Methods 0.000 title claims abstract description 106
- 238000002955 isolation Methods 0.000 claims abstract description 14
- 230000006399 behavior Effects 0.000 claims abstract description 5
- 238000003860 storage Methods 0.000 claims description 20
- 238000007726 management method Methods 0.000 claims description 11
- 238000013468 resource allocation Methods 0.000 claims description 10
- 238000006243 chemical reaction Methods 0.000 claims description 9
- 238000000034 method Methods 0.000 description 12
- 230000008569 process Effects 0.000 description 7
- 238000005516 engineering process Methods 0.000 description 6
- 238000012550 audit Methods 0.000 description 4
- 238000004891 communication Methods 0.000 description 4
- 238000010586 diagram Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 230000015654 memory Effects 0.000 description 3
- 230000000694 effects Effects 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 230000002452 interceptive effect Effects 0.000 description 2
- 230000009471 action Effects 0.000 description 1
- 230000004913 activation Effects 0.000 description 1
- 230000006378 damage Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 230000014759 maintenance of location Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000005192 partition Methods 0.000 description 1
- 238000012552 review Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention relates to a data processing platform for entrepreneurship registration based on cloud computing, which comprises: the system comprises a cloud operating system, an entrepreneurial registration data processing system and a security wall system; the cloud operating system is used for performing hardware virtualization on the server cluster to form a plurality of virtual servers and distributing hardware resources for each virtual server; the entrepreneurship registration data processing system is deployed on at least one virtual server and is used for processing the manpower resource data; the safety wall system is deployed in the entrepreneurship registration data processing system and used for encrypting user behaviors and user data of the entrepreneurship registration data processing system and isolating an internal network and an external network where the virtual server is located. The cloud operating system dynamically adjusts and distributes resources of the virtual server, data processing efficiency of the entrepreneurship registration data processing system is effectively improved, the security wall system can provide comprehensive encryption and isolation means for the entrepreneurship registration data processing system, and user data leakage is avoided.
Description
Technical Field
The invention relates to the technical field of cloud computing, in particular to a startup registration data processing platform based on cloud computing.
Background
Cloud Computing (Cloud Computing) is a result of hybrid evolution and leap of Virtualization (Virtualization) and utility Computing (utility Computing), and includes three forms of IaaS (Infrastructure as a Service), PaaS (Platform as a Service), SaaS (Software as a Service). The cloud computing model provides available, convenient, on-demand network access into a shared pool of configurable computing resources (resources including networks, servers, storage, applications, services) that can be provisioned quickly, with little administrative effort, or interaction with service providers. Cloud computing has three significant features: firstly, renting according to needs; secondly, the users in a wide range cooperate and share the resources extensively; and thirdly, the resources are effectively allocated.
The entrepreneur platform is used for matching entrepreneur, the user provides entrepreneur consultation and provides entrepreneur guidance, the user can search entrepreneur resources through the platform, in addition, the user can also register on the platform and becomes the entrepreneur, the entrepreneur platform needs to exchange a large amount of data as an interactive platform, the method has the characteristics of uncertain concurrency quantity and random concurrency time, the traditional server cannot meet the interactive concurrency requirement of the entrepreneur platform due to fixed hardware resources, in addition, because the safety strategy of the traditional server is relatively fixed, the flexible safety strategy is lacked, the complicated and variable network environment and the burst problem cannot be faced, the entrepreneur platform has potential safety hazards, and the data leakage is easily caused.
Disclosure of Invention
On the basis, it is necessary to provide a data processing platform for entrepreneur registration based on cloud computing, aiming at the defects that the traditional server cannot meet the concurrent requirements of interaction of an entrepreneur platform due to fixed hardware resources, the traditional server is relatively fixed in security policy, flexible security policy is lacked, the entrepreneur platform cannot face complicated and changeable network environments and burst problems, potential safety hazards exist, and data leakage is easily caused.
A data processing platform for entrepreneurial registration based on cloud computing comprises: the system comprises a cloud operating system, an entrepreneurial registration data processing system and a security wall system;
the cloud operating system is used for performing hardware virtualization on the server cluster to form a plurality of virtual servers, configuring an operating system and a resource space for each virtual server, and distributing hardware resources for each virtual server; the entrepreneurship registration data processing system is deployed on at least one virtual server and is used for processing manpower resource data;
the safety wall system is deployed in the entrepreneurship registration data processing system and is used for encrypting user behaviors and user data of the entrepreneurship registration data processing system and isolating an internal network and an external network where the virtual server is located;
the cloud operating system comprises a virtualization module, a configuration module and a resource management module; the virtualization module is used for performing hardware virtualization on the server cluster into a plurality of virtual servers; the configuration module is used for configuring an operating system and a resource space for each virtual server; the resource allocation module is used for allocating hardware resources for each virtual server.
In one embodiment, the security wall system comprises a real-time encryption module, an encryption attribute inheritance module, an encryption data and machine isolation module and an encryption file blacking module;
the real-time encryption module is used for encrypting the user instant data in real time;
the encryption attribute inheritance module is used for detecting whether the user attribute value is larger than a preset threshold value or not, and endowing a user with decryption authority when the user attribute value is larger than the preset threshold value;
the encrypted data and machine isolation module is used for isolating a storage space into a public area and a safe area and executing different safety strategies on the public area and the safe area;
the encrypted file blackening module is used for isolating the internal network where the virtual server is located from the external network.
In one embodiment, the real-time encryption module includes an active encryption sub-module, and the active encryption sub-module is configured to detect a flow direction of encrypted data, detect that the encrypted data is subjected to format conversion, and encrypt the encrypted data after the format conversion again when the encrypted data is subjected to format conversion.
In one embodiment, the security wall system further comprises an encrypted file network sharing module and a multi-channel encryption module;
the encrypted file network sharing module is used for realizing file sharing among the virtual servers in the intranet;
the multi-channel encryption module is used for carrying out port jump access when communicating with an external network.
In one embodiment, the security wall system further comprises an email encryption module and a large data encryption support module;
the electronic mail encryption module is used for encrypting the electronic mail;
the large data encryption support module is used for encrypting large data.
In one embodiment, the cloud operating system is based on an IaaS mode.
In one embodiment, the startup registration data processing system is based on a SaaS model.
In one embodiment, the cloud operating system is further configured to perform dynamic hardware resource allocation on each of the virtual servers according to the application requirement of each of the virtual servers.
In one embodiment, the hardware resources include computing resources, storage resources, and network resources.
According to the entrepreneurship registration data processing platform based on cloud computing, the entrepreneurship registration data processing system is deployed on the virtual server based on the cloud operating system, the cloud operating system dynamically adjusts and distributes resources of the virtual server, data processing efficiency of the entrepreneurship registration data processing system is effectively improved, concurrence requirements of the entrepreneurship registration data processing system can be met by dynamic adjustment of hardware resources of the virtual server in real time, in addition, the safety wall system can provide flexible and comprehensive encryption and isolation means for the entrepreneurship registration data processing system, potential safety hazards are effectively eliminated, and user data leakage is avoided.
Drawings
FIG. 1 is a block diagram of an embodiment of a cloud computing-based startup registration data processing platform;
fig. 2 is a block diagram of a data processing platform for entrepreneurial registration based on cloud computing according to another embodiment;
fig. 3 is a block diagram of a data processing platform for entrepreneurial registration based on cloud computing according to another embodiment.
Detailed Description
To facilitate an understanding of the invention, the invention will now be described more fully with reference to the accompanying drawings. Preferred embodiments of the present invention are shown in the drawings. This invention may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete.
For example, a cloud computing-based startup registration data processing platform includes: the system comprises a cloud operating system, an entrepreneurial registration data processing system and a security wall system; the cloud operating system is used for performing hardware virtualization on the server cluster to form a plurality of virtual servers, configuring an operating system and a resource space for each virtual server, and distributing hardware resources for each virtual server; the entrepreneurship registration data processing system is deployed on at least one virtual server and is used for processing manpower resource data; the safety wall system is deployed in the startup registration data processing system and used for encrypting user behaviors and user data of the startup registration data processing system and isolating an internal network and an external network where the virtual server is located.
In the embodiment, the startup registration data processing system is deployed on the virtual server based on the cloud operating system, the cloud operating system dynamically adjusts and distributes resources of the virtual server, the data processing efficiency of the startup registration data processing system is effectively improved, the concurrent requirements of the startup registration data processing system can be met in real time through dynamic adjustment of hardware resources of the virtual server, in addition, the safety wall system can provide flexible and comprehensive encryption and isolation means for the startup registration data processing system, potential safety hazards are effectively eliminated, and user data leakage is avoided.
In one embodiment, as shown in fig. 1, there is provided a cloud computing-based startup registration data processing platform, including: a cloud operating system 100, a startup registration data processing system 200, and a security wall system 300; the cloud operating system 100 is configured to perform hardware virtualization on a server cluster to form a plurality of virtual servers, configure an operating system and a resource space for each virtual server, and allocate hardware resources for each virtual server; the startup registration data processing system 200 is deployed on at least one virtual server, and the startup registration data processing system 200 is used for processing manpower resource data; the security wall system 300 is deployed in the startup registration data processing system 200, and the security wall system 300 is configured to encrypt user behaviors and user data of the startup registration data processing system 200 and isolate an intranet where the virtual server is located from an extranet.
For example, the cloud operating system is based on an IaaS mode, that is, the cloud operating system is a cloud computing operating system based on the IaaS mode, the server cluster includes a plurality of servers, and the servers in the server cluster are hardware servers, for example, the servers in the server cluster are entity servers, specifically, the entity servers are hardware servers, and are referred to as entity servers in this embodiment because they have hardware of entities, as compared with the virtualization of the virtual servers. For example, the servers in the server cluster are connected to each other through a network to form the server cluster. The cloud operating system runs in the server cluster and uniformly distributes all server hardware resources in the server cluster.
The intranet in this embodiment is a network composed of virtual servers, or a local area network where the virtual servers are located, and the extranet is a network having a different network IP address from the intranet, with respect to the intranet.
For example, the cloud operating system is configured to virtualize hardware of a server cluster, such that the server cluster is virtualized into a plurality of virtual servers configured to invoke hardware resources of the hardware servers to provide processing capabilities and storage capabilities to the startup registration data processing system. For example, the startup registration data processing system is based on the SaaS mode, that is, the startup registration data processing system is a system based on the SaaS mode. Therefore, the entrepreneurship registration data processing system is convenient to optimize and expand so as to improve the processing capacity of the entrepreneurship registration data processing system.
It should be understood that there may be multiple virtual servers, each for implementing different functions. Specifically, the startup registration data processing system is deployed in one virtual server or a plurality of servers. Therefore, when the entrepreneurship registration data processing system runs, the cloud operating system uniformly distributes the hardware resources of each virtual server according to the resources required by the operation of the entrepreneurship registration data processing system, so that the hardware resources are reasonably applied, the excessive consumption of the resources is avoided, and the processing efficiency of the entrepreneurship registration data processing system can be effectively improved.
For example, the security wall system is deployed on a virtual server and is connected with the startup registration data processing system, so that when the startup registration data processing system is communicated with a client or an extranet, data of the startup registration data processing system is transmitted to the extranet or the client through the security wall, and data of the client or the extranet enters the startup registration data processing system through the security wall system. Because the data of the entrepreneurship registration data processing system and the client or the data of the external network are encrypted by the security wall system, the user data are safer, and the user data leakage is effectively avoided.
In order to better encrypt the user data and improve the security of the startup registration data processing system, in one embodiment, as shown in fig. 2, the security wall system 300 includes a real-time encryption module 310, an encryption attribute inheritance module 320, an encryption data and machine isolation module 330, and an encryption file blacking module 340; the real-time encryption module 310 is configured to encrypt the user instant data in real time; the encryption attribute inheritance module 320 is configured to detect whether the user attribute value is greater than a preset threshold value, and when the user attribute value is greater than the preset threshold value, assign a decryption right to the user; the encrypted data and machine isolation module 330 is configured to isolate a storage space into a public area and a secure area, and to implement different security policies for the public area and the secure area; the encrypted file blackening module 340 is configured to isolate the internal network where the virtual server is located from the external network.
Specifically, the user instant data is one of user data, namely data generated in real time in communication between a user and the entrepreneurship registration data processing system through a client, the real-time encryption module can process encryption and decryption requirements of the user data in real time in normal communication of the user, the encryption and decryption processes are not displayed, the encryption process is invisible for the user, temporary files are not generated, and the storage space of the encrypted data is saved. The real-time encryption module provides transparent operation experience for users, avoids repeated encryption and decryption processes of data on a storage medium, and solves the problems of complex operation and low efficiency of the traditional encryption and decryption technology.
In the encryption attribute inheritance module, the user attribute value is a numeralization of an attribute that a user has, and the attribute is used for distinguishing different users, for example, the attribute is an identity and is used for distinguishing different users. A decryptor in an IBE (Identity based encryption) can decrypt information encrypted by the encryptor only if the Identity information of the user and the information described by the information encryptor are identical. In the present application, different from the conventional IBE, after the attribute-based encryption is adopted, when the attribute value of the attribute owned by the user is greater than the preset threshold value set by the encryptor, the user has the decryption right and can perform decryption.
In the encrypted data and machine isolation module, the storage space may be a hard disk, or may be other memories or storage media. The encrypted data and machine isolation module is used for isolating the hard disk into a public area and a safe area, for example, the public area is used for storing unencrypted data, for example, the safe area is used for storing encrypted data, and specifically, the public area and the safe area are isolated on a physical layer, so that the encrypted data can be fully protected, and the encrypted data can be effectively prevented from being leaked. For example, the encrypted data and machine isolation module is used for isolating the hard disk into a public area and a safe area, and hard disk data protection is performed through a hard disk isolation card, so that the data security can be further improved.
In the encrypted file blacking module, the internal network where the virtual server is located is isolated from the external network to achieve "physical isolation", and specifically, in this embodiment, the internal network where the virtual server is located is not directly or indirectly connected to a public network (external network), and the encrypted file blacking module is further configured to protect hardware entities and communication links, such as routers, various network servers of workstations, and the like, from being attacked by man-made destruction and wiretapping, so that the internal information network is not attacked by an external network.
In order to further improve the security of the user data, in an embodiment, as shown in fig. 3, the real-time encryption module 310 includes an active encryption sub-module 311, and the active encryption sub-module 311 is configured to detect the flow direction of the encrypted data, detect that the encrypted data is subjected to format conversion, and encrypt the encrypted data after the format conversion again when the encrypted data is subjected to format conversion. Specifically, the active encryption sub-module 311 is implemented based on the fact encryption module 310, and the active encryption is an encrypted information self-protection means based on a real-time encryption and decryption technology. The real-time encryption and decryption module provides real-time encryption and decryption service in work and monitors the flow direction of all ciphertext data, and when the ciphertext is converted into other data forms and is combined with other non-confidential data to generate new data, or when other non-confidential data quotes part of ciphertext, the data related to the ciphertext can be automatically encrypted.
In order to realize the secure sharing of files between the virtual servers in the intranet and the secure communication with the extranet, in one embodiment, please refer to fig. 3 again, the security wall system 300 further includes an encrypted file network sharing module 350 and a multi-channel encryption module 360; the encrypted file network sharing module 350 is configured to implement file sharing between the virtual servers in the intranet; the multi-channel encryption module 360 is used for performing port jump access when communicating with an external network.
Specifically, the encrypted file network sharing module 350 makes file sharing between the virtual servers safer, and the multi-channel encryption module 360 makes the ports of the virtual servers perform port hopping when the virtual servers communicate with an external network, and the ports hop through the non-through ports of one or more hopping machines (virtual servers) to access the external network, so that attacks from the external network cannot query accurate source ports of data, and further the attacks are disabled.
In order to encrypt the mails and the large data files and further improve the data security of the startup registration data processing system, in one embodiment, referring to fig. 3 again, the security wall system 300 further includes an e-mail encryption module 370 and a large data encryption support module 380; the e-mail encryption module 370 is used for encrypting the e-mail; the large data encryption support module 380 is used for encrypting large data. In the embodiment, the encryption of the files of the startup registration data processing system is further improved by encrypting the e-mails and the large data, and the data security of the startup registration data processing system is further improved.
For example, as shown in fig. 2, the startup registration data processing system 200 includes a user registration module, a user login module, a user center module, a personal data module, a password management module, a user management module, an activity management module, a news management module, a notification and announcement management module, an activity audit module, an incubator recommendation module, a public space recommendation module, a service type management module, a startup director registration application module, a process audit module, a startup director query module
In order to make the hardware resources be reasonably applied to improve the processing performance of the startup registration data processing system, in one embodiment, the cloud operating system is further configured to perform dynamic hardware resource allocation on each virtual server according to the running state of each virtual server. For example, the cloud operating system is configured to detect resource utilization rates of the virtual servers in real time, and perform dynamic hardware resource allocation according to the resource utilization rates of the virtual servers. For example, the resource utilization is a ratio of resources occupied by the virtual server currently running to resources actually allocated to the virtual server, for example, the resource utilization is a hardware resource utilization. Specifically, the resource utilization rate is used for embodying an operation state of a virtual server, or embodying a load condition of the virtual server, for example, the cloud operating system is used for allocating more hardware resources to a virtual server when the resource utilization rate of the virtual server is higher, for example, the cloud operating system is used for allocating smaller hardware resources to the virtual server when the resource utilization rate of the virtual server is lower, and by the above dynamic allocation, the hardware resources of each virtual server more meet the own operation state and service requirements, so that the hardware resources are reasonably applied, each virtual server can operate more efficiently, and further, the processing performance of the startup registration data processing system is improved.
In order to make the operation of each virtual server more stable, for example, the cloud operating system is further configured to perform dynamic hardware resource allocation on each virtual server according to the application requirement of each virtual server. Specifically, the application in this embodiment includes application software, where the application software includes middleware software, database software, and the like, and for example, the application further includes System software, where the System software includes Operating System (OS) software, and in this embodiment, the cloud Operating System dynamically allocates hardware resources of each virtual server according to resources required by each software on each virtual server, so that the hardware resources better meet the operation requirements of the virtual servers, and the operation of each virtual server is more stable, so that the operation of the startup registration data processing System is more efficient.
For example, the hardware resources include computing resources, storage resources, and network resources. For example, the computing resource is the Processing capacity of a CPU (Central Processing Unit), which can be quantified by the number of CPUs or the number of CPU cores, the storage resource includes a storage space, and the network resource includes a network bandwidth, an IP address, and a network port.
In one embodiment, referring to fig. 2 and 3, the cloud operating system 100 includes a virtualization module 110, a configuration module 120, and a resource management module 130; the virtualization module 110 is configured to perform hardware virtualization on a server cluster into a plurality of virtual servers; the configuration module 120 is configured to configure an operating system and a resource space for each of the virtual servers; the resource allocation module is used for allocating hardware resources for each virtual server.
Specifically, the virtualization module 110 virtualizes hardware of each physical server in the server cluster to a plurality of virtual servers, where the plurality of virtual servers have virtual CPUs, memories and storages, and the resources of the virtual servers are provided by the physical servers. The configuration module 120 is configured to configure an operating system for each virtual server, where the operating system is configured to manage and control hardware and software resources of the virtual server, and the resource space is a storage space occupied by the operating system, for example, the resource space also includes a partition space of a memory of the virtual server; the resource allocation module is used for dynamically allocating hardware resources including computing resources, storage resources and network resources for each virtual server, so that the hardware resources of each virtual server are reasonably allocated, and the processing capacity of the entrepreneurship registration data processing system is further improved.
In one embodiment, a deployment method of a data processing platform based on the entrepreneurial registration of cloud computing is provided, which comprises the following steps:
step 501, the cloud operating system deployment comprises installation and configuration of a front-end agent, a portal, a cloud controller, a cloud storage controller and a shared storage server.
Step 502, virtualizing a plurality of virtual servers including two apache servers and two database servers by using a virtualization technology provided by a cloud operating system, where the two apache servers are used as cluster servers and the two database servers are used as cluster servers.
Step 503, installing a database on the database server, making a database cluster and initializing a database script.
Step 504, respectively deploying startup registration data processing systems on the apache servers, and performing cluster and load balancing configuration.
And 505, encrypting the user data of the startup registration data processing by adopting a real-time encryption and decryption technology, an active encryption technology and a large database encryption support technology.
In one embodiment, there is also provided a data decryption method for a security wall, including:
step 601, acquiring a decryption request file, analyzing the decryption request file, and acquiring the decryption file.
Specifically, the decryption request file is initiated by the decryption applicant, and the decryption request file is used for requesting decryption of the decryption file. For example, the decryption request file includes a confidential-file-processing record sheet.
Step 603, obtaining an outgoing judgment instruction for the decrypted file, and sending the decrypted file to an administrator account with decryption authority according to the outgoing judgment instruction.
Specifically, the outgoing judgment instruction is sent by an auditor, and the outgoing judgment instruction is used for indicating whether to send the decrypted file to an administrator account with the decryption authority. When the system receives the outgoing judgment instruction, the decrypted file can be sent out, and then the decrypted file is forwarded to the administrator account for processing.
Step 605, acquiring a decryption instruction of the management account, and decrypting the decrypted file.
In this step, the administrator account has a decryption authority, for example, the attribute value of the administrator account is greater than a preset threshold set by the encryptor, and the decrypted file can be decrypted.
Step 607, saving the decryption request file.
And after the decryption file is decrypted, the white decryption request file is stored, and the decryption request file is archived.
In one embodiment, the specific process of data decryption is as follows:
a. requesting a decryption applicant to fill in a secret-related file processing record sheet, writing up files and contents requested to be decrypted, and submitting to an auditor for auditing;
b. the auditor audits the document to be decrypted to see whether the document can be decrypted or not, if not, the process is ended, and if so, the document is decrypted by the decryption operator found by the decryption request applicant;
c. the decryption operator decrypts the specified file according to the content of the 'confidential file processing record sheet';
d. the document manager performs archive management on the confidential file processing record sheet.
In one embodiment, a method for a user to interact with a cloud computing-based startup registration data processing platform is also provided, comprising:
A. and the user inputs the website of the entrepreneurship registration data processing platform through the browser.
B. Clicking [ register account ] in a login page;
C. the system opens a registration page, and role selection is carried out: the entrepreneur inputs a mail box, a password and an authentication code, and clicks (register) to complete a register submitting action;
D. the system sends a registration activation mail to a registration mailbox, and a guide activates an account through a click link of the mailbox to enter an information perfecting interface;
E. after the personal information is stored completely, entering a personal desktop, displaying an entrance of a function module of < startup guide registration >, basic information of the startup guide, backlog and related downloads on the personal desktop;
F. clicking the < entrepreneur registration > icon, entering an entrepreneur registration page, filling basic information, a personal resume and guiding enterprise conditions, and clicking a [ submit review ] button to submit a registration application after selecting a recommendation unit list;
G. after the approval of the recommended incubator or the public creation space and the approval of the provincial incubator association are passed, a corresponding entrepreneur record number is generated;
H. and (4) the user checks whether the application of the entrepreneur guide is approved or not through the audit record.
It should be noted that, in the above embodiments, the included modules are only divided according to functional logic, but are not limited to the above division as long as the corresponding functions can be implemented; in addition, the specific names of the functional modules are only for convenience of distinguishing from each other and are not used for limiting the protection scope of the present invention.
In addition, it can be understood by those skilled in the art that all or part of the steps in the method for implementing the embodiments described above may be implemented by instructing the relevant hardware through a program, and the corresponding program may be stored in a readable storage medium.
The technical features of the embodiments described above may be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the embodiments described above are not described, but should be considered as being within the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present invention, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the inventive concept, which falls within the scope of the present invention. Therefore, the protection scope of the present patent shall be subject to the appended claims.
Claims (10)
1. A data processing platform for entrepreneurial registration based on cloud computing is characterized by comprising: the system comprises a cloud operating system, an entrepreneurial registration data processing system and a security wall system;
the cloud operating system is used for performing hardware virtualization on the server cluster to form a plurality of virtual servers, configuring an operating system and a resource space for each virtual server, and distributing hardware resources for each virtual server; the cloud operating system is used for detecting the resource utilization rate of each virtual server in real time and performing dynamic hardware resource allocation according to the resource utilization rate of each virtual server; the entrepreneurship registration data processing system is deployed on at least one virtual server and is used for processing manpower resource data;
the safety wall system is deployed in the entrepreneurship registration data processing system, and is used for encrypting user behaviors and user data of the entrepreneurship registration data processing system and isolating an internal network and an external network where the virtual servers are located, wherein the internal network is a network formed by the virtual servers, the external network is a network with a different network IP address from the internal network, and the entrepreneurship registration data processing system is located in the internal network; the security wall system comprises an encryption attribute inheritance module, wherein the encryption attribute inheritance module is used for detecting whether a user attribute value is larger than a preset threshold value or not, and when the user attribute value is larger than the preset threshold value, a user is endowed with decryption authority.
2. The cloud computing-based startup registration data processing platform according to claim 1, wherein the security wall system comprises a real-time encryption module, an encrypted data on-line isolation module, and an encrypted file blacking module;
the real-time encryption module is used for encrypting the user instant data in real time;
the encrypted data and machine isolation module is used for isolating a storage space into a public area and a safe area and executing different safety strategies on the public area and the safe area;
the encrypted file blackening module is used for isolating the internal network where the virtual server is located from the external network.
3. The cloud computing-based startup registration data processing platform according to claim 2, wherein the real-time encryption module comprises an active encryption sub-module, the active encryption sub-module is configured to detect the flow direction of encrypted data and perform format conversion on the encrypted data, and when the format conversion is performed on the encrypted data, the encrypted data after format conversion is encrypted again; the real-time encryption and decryption module provides real-time encryption and decryption service in work and monitors the flow direction of all ciphertext data, and when the ciphertext is converted into other data forms and is combined with other non-confidential data to generate new data, or when other non-confidential data quotes part of ciphertext, the data related to the ciphertext can be automatically encrypted.
4. The cloud-computing-based startup registration data processing platform according to claim 2, wherein the security wall system further comprises an encrypted file network sharing module and a multi-channel encryption module;
the encrypted file network sharing module is used for realizing file sharing among the virtual servers in the intranet;
the multi-channel encryption module is used for carrying out port jump access when communicating with an external network.
5. The cloud computing-based startup registration data processing platform according to claim 2, wherein the security wall system further comprises an email encryption module and a large data encryption support module;
the electronic mail encryption module is used for encrypting the electronic mail;
the large data encryption support module is used for encrypting large data.
6. The cloud computing-based startup registration data processing platform according to claim 1, wherein the cloud operating system is based on an IaaS model.
7. The cloud-computing-based startup registration data processing platform according to claim 1, wherein the startup registration data processing system is based on a SaaS model.
8. The cloud-computing-based startup registration data processing platform according to claim 1, wherein the cloud operating system is further configured to perform dynamic hardware resource allocation on each of the virtual servers according to application requirements of each of the virtual servers.
9. The cloud computing-based startup registration data processing platform according to claim 8, wherein the cloud operating system comprises a virtualization module, a configuration module and a resource management module; the virtualization module is used for performing hardware virtualization on the server cluster into a plurality of virtual servers; the configuration module is used for configuring an operating system and a resource space for each virtual server; the resource allocation module is used for allocating hardware resources for each virtual server.
10. The cloud computing-based startup registration data processing platform according to claim 9, wherein the hardware resources include computing resources, storage resources, and network resources.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710269419.0A CN106911721B (en) | 2017-04-24 | 2017-04-24 | Entrepreneurship registration data processing platform based on cloud computing |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710269419.0A CN106911721B (en) | 2017-04-24 | 2017-04-24 | Entrepreneurship registration data processing platform based on cloud computing |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106911721A CN106911721A (en) | 2017-06-30 |
CN106911721B true CN106911721B (en) | 2020-05-05 |
Family
ID=59209638
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710269419.0A Expired - Fee Related CN106911721B (en) | 2017-04-24 | 2017-04-24 | Entrepreneurship registration data processing platform based on cloud computing |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106911721B (en) |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108960375A (en) * | 2018-07-27 | 2018-12-07 | 成都众悦创业孵化器有限公司 | A kind of foundation simulation system |
CN108694568A (en) * | 2018-07-28 | 2018-10-23 | 成都众悦创业孵化器有限公司 | A kind of foundation Message Entry System |
CN110659877A (en) * | 2019-09-19 | 2020-01-07 | 汤勤 | Entrepreneurship registration data management platform based on cloud computing |
CN116112223A (en) * | 2022-12-28 | 2023-05-12 | 浙江海瑞网络科技有限公司 | Data center safety monitoring system and method based on data driving |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102571948A (en) * | 2011-12-29 | 2012-07-11 | 国云科技股份有限公司 | Cloud-computing-based platform as a service (PaaS) platform system and implementation method thereof |
CN104994089A (en) * | 2015-06-29 | 2015-10-21 | 浪潮(北京)电子信息产业有限公司 | Security system for cloud data center |
CN105359486A (en) * | 2013-05-03 | 2016-02-24 | 思杰系统有限公司 | Secured access to resources using a proxy |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8397138B2 (en) * | 2009-12-08 | 2013-03-12 | At & T Intellectual Property I, Lp | Method and system for network latency virtualization in a cloud transport environment |
US11038954B2 (en) * | 2013-09-18 | 2021-06-15 | Verizon Patent And Licensing Inc. | Secure public connectivity to virtual machines of a cloud computing environment |
-
2017
- 2017-04-24 CN CN201710269419.0A patent/CN106911721B/en not_active Expired - Fee Related
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102571948A (en) * | 2011-12-29 | 2012-07-11 | 国云科技股份有限公司 | Cloud-computing-based platform as a service (PaaS) platform system and implementation method thereof |
CN105359486A (en) * | 2013-05-03 | 2016-02-24 | 思杰系统有限公司 | Secured access to resources using a proxy |
CN104994089A (en) * | 2015-06-29 | 2015-10-21 | 浪潮(北京)电子信息产业有限公司 | Security system for cloud data center |
Also Published As
Publication number | Publication date |
---|---|
CN106911721A (en) | 2017-06-30 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10432592B2 (en) | Password encryption for hybrid cloud services | |
US11734635B2 (en) | Deploying and implementing enterprise policies that control augmented reality computing functions | |
US10735426B2 (en) | Secure asynchronous retrieval of data behind a firewall | |
US11438421B2 (en) | Accessing resources in a remote access or cloud-based network environment | |
CA3040631C (en) | Providing devices as a service | |
US11062041B2 (en) | Scrubbing log files using scrubbing engines | |
US11675914B2 (en) | Secure information storage | |
CN106911721B (en) | Entrepreneurship registration data processing platform based on cloud computing | |
US10027669B2 (en) | Authorization to access a server in the cloud without obtaining an initial secret | |
CN111066307B (en) | Wrapping continuation tokens to support paging across multiple servers in different geographic locations | |
US10721719B2 (en) | Optimizing caching of data in a network of nodes using a data mapping table by storing data requested at a cache location internal to a server node and updating the mapping table at a shared cache external to the server node | |
US11481104B2 (en) | Using pressure sensor data in a remote access environment | |
US11349663B2 (en) | Secure workload configuration | |
CN113574837A (en) | Tracking image senders on client devices | |
US10070195B1 (en) | Computing resource service security method | |
US20210281561A1 (en) | Certification for connection of virtual communication endpoints | |
US20240211625A1 (en) | Systems and Methods for Providing Improved Account Management Services | |
Mishra et al. | An Assessment of cloud computing: Evolution |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20200505 Termination date: 20210424 |