CN107612932A - A kind of cloud security Rights Management System - Google Patents
A kind of cloud security Rights Management System Download PDFInfo
- Publication number
- CN107612932A CN107612932A CN201710985347.XA CN201710985347A CN107612932A CN 107612932 A CN107612932 A CN 107612932A CN 201710985347 A CN201710985347 A CN 201710985347A CN 107612932 A CN107612932 A CN 107612932A
- Authority
- CN
- China
- Prior art keywords
- management system
- cloud security
- management
- safety
- cloud
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of cloud security Rights Management System, including:Platform class keeper, functional level keeper, service management account and common account;Platform class keeper is used to control cloud security management system;Functional level keeper is used for the safety management ability for adjusting cloud security management system;Service management account is used to distribute demand for security and strategy corresponding to specific transactions and management specific transactions;Common account is used for the safety management information for obtaining cloud security management system, solve cloud security management in the prior art and once safety leak often occur, according to the shared advantage of cloud computing security platform, it is easy for current leak experience being shared with whole safety means, therefore, those skilled in the art need to design the technical problem of a set of strict rights management framework.
Description
Technical field
The present invention relates to cloud security technical field, more particularly to a kind of cloud security Rights Management System.
Background technology
Cloud computing is to develop a highly important foundation stone of intelligent use, and self-learning capability caused by device intercommunicating allows
Cloud computing inherently has been provided with quite powerful feature.Pre- place of the data analysis system in data of core is all with Yunan County
Reason, the storage of data and quickly suffer from significant functional promotion in terms of the response.In pretreatment stage, the bursting tube
Platform can carry out quickly orientation for abnormal data and catch, and then call powerful safety management database, timely
Repaired.The related safe handling method of cloud computing also has a variety of distributed and centralization data analysing method.These clouds
The processing platform of calculating can carry out implementation analysis, express statistic form, attack path analysis and mass data to big data
Visual Graphization displaying etc..
Cloud security management is to combine big data technology, cloud computing technology and information security from the dimension of global design
The integration scenario of technology.Wherein, one of design attributes of cloud platform are exactly " associativity ", will all data contacts all with cloud pipe
The mode of reason is tied, and whether the cloud security management platform moment exception can occur in each security component parameter of background monitoring
Phenomenon, and science positioning is carried out for there is abnormal security component, and corrected, sub- safety zone even some basic units
Security component because the core top layer management of cloud security, the security interoperability between strengthening, therefore cloud security manage it is past
Toward there is once safety leak, according to the shared advantage of cloud computing security platform, it is easy to current leak experience will be shared
On safety means to whole, therefore, it is that those skilled in the art need to solve to design a set of strict rights management framework
Technical problem.
The content of the invention
The invention provides a kind of cloud security Rights Management System, often goes out for solving cloud security management in the prior art
Existing once safety leak, according to the shared advantage of cloud computing security platform, it is easy to current leak experience will be shared with entirely
On the safety means in portion, therefore, those skilled in the art need to design the technical problem of a set of strict rights management framework.
A kind of cloud security Rights Management System provided by the invention, including:
Platform class keeper, functional level keeper, service management account and common account;
The platform class keeper is used to control cloud security management system;
The functional level keeper is used for the safety management ability for adjusting the cloud security management system;
The service management account is used to distribute specific transactions and manages demand for security and plan corresponding to the specific transactions
Slightly;
The common account is used for the safety management information for obtaining the cloud security management system;
Preferably, the safety management resource includes:Firewall resources and intrusion detection resource;
Preferably, the safety management information is fire wall warning information.
As can be seen from the above technical solutions, the present invention has advantages below:
A kind of cloud security Rights Management System provided by the invention, including:Platform class keeper, functional level keeper, industry
Business account executive and common account;The platform class keeper is used to control cloud security management system;The functional level keeper
For adjusting the safety management ability of the cloud security management system;The service management account is used to distribute specific transactions and pipe
Manage demand for security and strategy corresponding to the specific transactions;The common account is used for the peace for obtaining the cloud security management system
Full management information.
In the present invention, a kind of cloud security rights management system with four levels is devised for cloud security management system
System, reduce the safety-relevant between different levels in cloud platform, avoid in cloud platform there is once safety leak will
Infect whole safety means, it is ensured that the security of cloud security management system.
Brief description of the drawings
In order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, below will be to embodiment or existing
There is the required accompanying drawing used in technology description to be briefly described, it should be apparent that, drawings in the following description are only this
Some embodiments of invention, for those of ordinary skill in the art, without having to pay creative labor, may be used also
To obtain other accompanying drawings according to these accompanying drawings.
Fig. 1 is a kind of structural representation of one embodiment of cloud security Rights Management System provided by the invention;
Wherein, reference is as follows:
101st, platform class keeper;102nd, functional level keeper;103rd, service management account;104th, common account.
Embodiment
The embodiments of the invention provide a kind of cloud security Rights Management System, solve cloud security in the prior art manage it is past
Toward there is once safety leak, according to the shared advantage of cloud computing security platform, it is easy to current leak experience will be shared
On safety means to whole, therefore, the technology that those skilled in the art need to design a set of strict rights management framework is asked
Topic.
To enable goal of the invention, feature, the advantage of the present invention more obvious and understandable, below in conjunction with the present invention
Accompanying drawing in embodiment, the technical scheme in the embodiment of the present invention is clearly and completely described, it is clear that disclosed below
Embodiment be only part of the embodiment of the present invention, and not all embodiment.Based on the embodiment in the present invention, this area
All other embodiment that those of ordinary skill is obtained under the premise of creative work is not made, belongs to protection of the present invention
Scope.
Referring to Fig. 1, a kind of cloud security Rights Management System provided in an embodiment of the present invention, including:
Platform class keeper 101, functional level keeper 102, service management account 103 and common account 104;
Platform class keeper 101 is used to control cloud security management system;
In the present embodiment, cloud security Rights Management System framework is divided into four layers, that positioned at top layer is platform class keeper
101, possess the complete control ability to cloud security management system.
Functional level keeper 102 is used for the safety management ability for adjusting cloud security management system;
The second layer is functional level keeper 102, can adjust the cloud security management platform safety management ability of itself.
Service management account 103 is used to distribute demand for security and strategy corresponding to specific transactions and management specific transactions;
Third layer is service management account 103, and the account is allocated according to specific transactions, manages the safety of specific transactions
Demand and strategy.
Common account 104 is used for the safety management information for obtaining cloud security management system.
4th layer, that is, the account of the bottom is common account 104, is only capable of checking the management letter of cloud security management system
Breath.
The embodiment of the present invention devises a kind of cloud security rights management with four levels for cloud security management system
System, the safety-relevant between different levels in cloud platform is reduced, avoids in cloud platform and once safety leak occurs just
Whole safety means can be infected, it is ensured that the security of cloud security management system, solve cloud security in the prior art manage it is past
Toward there is once safety leak, according to the shared advantage of cloud computing security platform, it is easy to current leak experience will be shared
On safety means to whole, therefore, the technology that those skilled in the art need to design a set of strict rights management framework is asked
Topic.
Above is the description carried out to a kind of one embodiment of cloud security Rights Management System, below will be to a kind of Yunan County
Another embodiment of full Rights Management System is described in detail.
It refer to Fig. 1, a kind of cloud security Rights Management System provided in an embodiment of the present invention, including:
Platform class keeper 101, functional level keeper 102, service management account 103 and common account 104;
Platform class keeper 101 is used to control cloud security management system;
In the present embodiment, cloud security Rights Management System framework is divided into four layers, that positioned at top layer is platform class keeper
101, possess the complete control ability to cloud security management system.
Functional level keeper 102 is used for the safety management ability for adjusting cloud security management system;
The second layer is functional level keeper 102, can adjust the cloud security management platform safety management ability of itself, such as anti-
Wall with flues resource, intrusion detection resource etc..
Service management account 103 is used to distribute demand for security and strategy corresponding to specific transactions and management specific transactions;
Third layer is service management account 103, and such account is allocated according to specific transactions, manages the peace of specific transactions
Full demand and strategy.
Common account 104 is used for the safety management information for obtaining cloud security management system.
4th layer, i.e. the account of the bottom is common account 104, is only capable of checking the safety management letter of cloud security management system
Breath, such as fire wall alarm etc., do not possess the power of change systemic-function.
Further, safety management resource includes:Firewall resources and intrusion detection resource.
Further, safety management information is fire wall warning information.
The embodiment of the present invention devises a kind of cloud security rights management with four levels for cloud security management system
System, the safety-relevant between different levels in cloud platform is reduced, avoids in cloud platform and once safety leak occurs just
Whole safety means can be infected, it is ensured that the security of cloud security management system, solve cloud security in the prior art manage it is past
Toward there is once safety leak, according to the shared advantage of cloud computing security platform, it is easy to current leak experience will be shared
On safety means to whole, therefore, the technology that those skilled in the art need to design a set of strict rights management framework is asked
Topic.
It is apparent to those skilled in the art that for convenience and simplicity of description, the system of foregoing description,
The specific work process of system and unit, the corresponding process in preceding method embodiment is may be referred to, will not be repeated here.
In several embodiments provided herein, it should be understood that disclosed system, apparatus and method can be with
Realize by another way.For example, device embodiment described above is only schematical, for example, the division of unit,
Only a kind of division of logic function, can there is an other dividing mode when actually realizing, such as multiple units or component can be with
With reference to or be desirably integrated into another system, or some features can be ignored, or not perform.It is another, it is shown or discussed
Mutual coupling or direct-coupling or communication connection can be by some interfaces, the INDIRECT COUPLING of device or unit or
Communication connection, can be electrical, mechanical or other forms.
The unit illustrated as separating component can be or may not be physically separate, be shown as unit
Part can be or may not be physical location, you can with positioned at a place, or can also be distributed to multiple networks
On unit.Some or all of unit therein can be selected to realize the purpose of this embodiment scheme according to the actual needs.
In addition, each functional unit in each embodiment of the present invention can be integrated in a processing unit, can also
That unit is individually physically present, can also two or more units it is integrated in a unit.Above-mentioned integrated list
Member can both be realized in the form of hardware, can also be realized in the form of SFU software functional unit.
Described above, the above embodiments are merely illustrative of the technical solutions of the present invention, rather than its limitations;Although with reference to before
Embodiment is stated the present invention is described in detail, it will be understood by those within the art that:It still can be to preceding
State the technical scheme described in each embodiment to modify, or equivalent substitution is carried out to which part technical characteristic;And these
Modification is replaced, and the essence of appropriate technical solution is departed from the spirit and scope of various embodiments of the present invention technical scheme.
Claims (3)
1. a kind of cloud security Rights Management System, its feature are, including:
Platform class keeper, functional level keeper, service management account and common account;
The platform class keeper is used to control cloud security management system;
The functional level keeper is used for the safety management ability for adjusting the cloud security management system;
The service management account is used to distribute specific transactions and manages demand for security and strategy corresponding to the specific transactions;
The common account is used for the safety management information for obtaining the cloud security management system.
2. cloud security Rights Management System according to claim 1, it is characterised in that the safety management resource includes:
Firewall resources and intrusion detection resource.
3. cloud security Rights Management System according to claim 2, it is characterised in that the safety management information is fire prevention
Wall warning information.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710985347.XA CN107612932A (en) | 2017-10-20 | 2017-10-20 | A kind of cloud security Rights Management System |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710985347.XA CN107612932A (en) | 2017-10-20 | 2017-10-20 | A kind of cloud security Rights Management System |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107612932A true CN107612932A (en) | 2018-01-19 |
Family
ID=61077785
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710985347.XA Pending CN107612932A (en) | 2017-10-20 | 2017-10-20 | A kind of cloud security Rights Management System |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107612932A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109450717A (en) * | 2018-12-27 | 2019-03-08 | 深信服科技股份有限公司 | A kind of management strategy setting method, system and the associated component of cloud platform |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102148712A (en) * | 2011-04-21 | 2011-08-10 | 天讯天网(福建)网络科技有限公司 | Cloud computing-based service management system |
CN104901948A (en) * | 2015-04-15 | 2015-09-09 | 南方电网科学研究院有限责任公司 | Hierarchic attribute based encryption access control system and method in smart grid |
CN106209821A (en) * | 2016-07-07 | 2016-12-07 | 何钟柱 | The big data management system of information security based on credible cloud computing |
CN106445399A (en) * | 2015-08-05 | 2017-02-22 | 中兴通讯股份有限公司 | Control method of storage system, and storage system |
CN106572120A (en) * | 2016-11-11 | 2017-04-19 | 中国南方电网有限责任公司 | Access control method and system based on mixed cloud |
-
2017
- 2017-10-20 CN CN201710985347.XA patent/CN107612932A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102148712A (en) * | 2011-04-21 | 2011-08-10 | 天讯天网(福建)网络科技有限公司 | Cloud computing-based service management system |
CN104901948A (en) * | 2015-04-15 | 2015-09-09 | 南方电网科学研究院有限责任公司 | Hierarchic attribute based encryption access control system and method in smart grid |
CN106445399A (en) * | 2015-08-05 | 2017-02-22 | 中兴通讯股份有限公司 | Control method of storage system, and storage system |
CN106209821A (en) * | 2016-07-07 | 2016-12-07 | 何钟柱 | The big data management system of information security based on credible cloud computing |
CN106572120A (en) * | 2016-11-11 | 2017-04-19 | 中国南方电网有限责任公司 | Access control method and system based on mixed cloud |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109450717A (en) * | 2018-12-27 | 2019-03-08 | 深信服科技股份有限公司 | A kind of management strategy setting method, system and the associated component of cloud platform |
CN109450717B (en) * | 2018-12-27 | 2021-08-13 | 深信服科技股份有限公司 | Management strategy setting method and system of cloud platform and related components |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108063753A (en) | A kind of information safety monitoring method and system | |
CN104333551A (en) | Active security defense system of power secondary system | |
CN102663274B (en) | A kind of method and system detecting the behavior of long-range invasion computing machine | |
CN104202303A (en) | Policy conflict detection method and system for SDN (Software Defined Network) application | |
US10944720B2 (en) | Methods and systems for network security | |
CN108055261A (en) | Industrial network security system deployment method and security system | |
JP2013073631A (en) | Methods, apparatus, and articles of manufacture to provide firewalls for process control systems | |
CN107135127A (en) | A kind of network flow abnormal detecting method and device | |
CN103888282A (en) | Network intrusion alarm method and system based on nuclear power plant | |
CN103916397A (en) | Safety monitoring method under distributed network environment | |
CN105447385B (en) | A kind of applied database honey jar detected at many levels realizes system and method | |
CN107240302A (en) | Air station flight release status monitoring method | |
CN106603551A (en) | Industrial personal computer safety protection system and industrial personal computer safety protection method based on security baseline | |
CN110817633A (en) | Elevator thing networking cloud platform monitoring system | |
CN107612932A (en) | A kind of cloud security Rights Management System | |
CN115208887A (en) | Chemical plant safety monitoring system based on cloud edge cooperation | |
CN109041090B (en) | Base station-based exception handling method and device and electronic equipment | |
CN107370724A (en) | A kind of distributed cloud computing system | |
CN104378354A (en) | Internet of things security model method based on classification | |
CN110472839A (en) | Thermal power plant's control system Information Security Evaluation system based on SA-PSO-AHP | |
CN109309678A (en) | Network risks method for early warning based on artificial intelligence | |
CN107124425A (en) | The method and computing device of monitoring device safety | |
CN107241307A (en) | The Network Isolation safety device and method of a kind of self study based on message content | |
CN107195031A (en) | Smart cloud gate inhibition reports the loss reservation service system | |
CN106657148A (en) | Architecture for internet of things |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180119 |