CN108347426B - Teaching system information security management system based on big data and access method - Google Patents

Teaching system information security management system based on big data and access method Download PDF

Info

Publication number
CN108347426B
CN108347426B CN201711464618.3A CN201711464618A CN108347426B CN 108347426 B CN108347426 B CN 108347426B CN 201711464618 A CN201711464618 A CN 201711464618A CN 108347426 B CN108347426 B CN 108347426B
Authority
CN
China
Prior art keywords
access
server
authentication
information
terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201711464618.3A
Other languages
Chinese (zh)
Other versions
CN108347426A (en
Inventor
辜彦隆
蔡佳麟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangzhou Huaxia Vocational College
Original Assignee
Guangzhou Huaxia Vocational College
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangzhou Huaxia Vocational College filed Critical Guangzhou Huaxia Vocational College
Priority to CN201711464618.3A priority Critical patent/CN108347426B/en
Publication of CN108347426A publication Critical patent/CN108347426A/en
Application granted granted Critical
Publication of CN108347426B publication Critical patent/CN108347426B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload

Abstract

The invention discloses a teaching system information safety management system based on big data, which comprises an access monitoring terminal attached to a management terminal, a system authentication module used for a computer terminal and a big data acquisition module positioned at the system terminal, wherein the access monitoring terminal divides a secret network through a subnet switching device, when the system transmits data access information to a main server, the main server simultaneously provides a cluster agent module to access a local cluster server, and performs relation trust through a VCN gateway before access, simultaneously, the access information and the main server perform data acquisition through the big data acquisition module and simultaneously transfer the data to the local cluster server, the main information and the access information of the system are synchronously transferred to a cloud server through the big data acquisition module, a control console and an authentication server are arranged on an access path of the access monitoring terminal and the main server, the data base and the execution means of the system authentication module are provided by the authentication server.

Description

Teaching system information security management system based on big data and access method
Technical Field
The invention relates to the field of big data information security, in particular to a teaching system information security management system and an access method based on big data.
Background
The teaching system is a subsystem of the education system, which is an integral body organically combined by various teaching elements and having a certain teaching function for realizing a certain teaching purpose, along with the development of scientific technology and global informatization, the teaching system has more and more types and larger information content, and the big data environment of the teaching information is the integrated embodiment of the teaching information under the mature development of a computer network and various terminals, simultaneously relates to different technologies and different fields of the teaching system, generally makes more sufficient consideration on the security during the construction of the information network, but the traditional network security mainly has boundary protection, virus protection, system maintenance and simple identity authentication measures, along with the gradual increase of the information content of the teaching system, more and more valuable information is dispersed on each intranet host and server, the information security of the intranet becomes one of the key matters for network security and construction, the computer terminal is a main component of an information-based computer network, and is also a main environment for user operation and data use, and for internal information, the origin of security threats is mainly concentrated in the computer terminal.
Disclosure of Invention
In order to overcome the defects of the prior art, the invention provides a teaching system information security management system and an access method based on big data, which can effectively solve the problems provided by the background technology.
The technical scheme adopted by the invention for solving the technical problems is as follows:
a teaching system information safety management system based on big data comprises an access monitoring terminal attached to a management terminal, a system authentication module used for a computer terminal and a big data acquisition module positioned at the system terminal, wherein the access monitoring terminal divides a secret network through a subnet switching device, when the system transmits data access information to a main server, the main server simultaneously provides a cluster agent module to access a local cluster server and carries out relationship trust through a VCN gateway before access, simultaneously, the access information and the main server carry out data acquisition through the big data acquisition module and simultaneously transfer the data to the local cluster server, the main information and the access information of the system are synchronously transferred to a cloud server through the big data acquisition module, a control console and an authentication server are arranged on a path accessed by the access monitoring terminal and the main server, the data base and the execution means of the system authentication module are provided by the authentication server.
Further, the system authentication module confirms the user identity through USBKey hardware and realizes authentication and authorization on the basis of data reading from the authentication server, the system authentication module divides a computer terminal accessed to a network into an authenticated area and an unauthenticated area, and the unauthenticated area is transferred to a temporary registration authorization module in the authentication server.
Furthermore, the access monitoring terminal comprises real-time monitoring, peripheral monitoring, application monitoring and network monitoring, and is managed by using an offline state and an online state through detection of the client state.
Further, the subnet switching device divides the computer terminal access information of the authenticated area and the unauthenticated area into different confidential subnets and switches the unauthenticated area to the temporary registration authorization module.
Furthermore, the big data acquisition module carries out statistics on short-time access information and access types of the computer terminal temporarily registered with the authorization module, and gives a request authentication of the short-time system-free authentication module through the analysis of the cloud server, but the access authority of the server must be acquired through the authentication information of the VCN gateway.
Furthermore, the big data acquisition module can automatically record the detailed information of the use of the mobile storage device on the computer terminal in the authenticated area, generate a log file and store the log file in the cloud server, and meanwhile, the computer terminal in the non-authenticated area and the mobile storage device of the computer terminal user authorized by the temporary registration authorization module are prohibited from accessing.
Furthermore, the system is based on a network security platform of a trusted third party, system data and a user key are provided by the platform, the user key is distinguished by using GID information as an identity, the user key can generate a corresponding attribute function by the network security platform of the third party in the process of accessing the cloud server by the management terminal and part of authorized computer terminals, the attribute function is generated randomly, and the final plaintext is obtained in an encryption and decryption mode.
In addition, the invention also designs an access method of the teaching system information security management system based on big data, which is characterized in that: the method comprises the following steps:
s001, inserting user USBKey hardware into a computer terminal, and keying in a correct USBKey with a PIN code;
s002, the agent of the computer terminal initiates an authentication request and sends the certificate information of the hardware to the authentication server through the system authentication module;
s003, the authentication server verifies the authentication information sent by the user and confirms the consistency of the identity information and the authentication server data through interaction;
and S004, the authentication server authenticates that the user obtains legal access authorization, logs in the computer terminal and accesses related network resources.
And S005, when the computer terminal accesses network resources, the access authorization of the server is realized through the VCN gateway.
Compared with the prior art, the invention has the beneficial effects that:
(1) the dual authentication measures of the invention realize the user authentication of the unified computer terminal and the access control of the mobile terminal equipment, the identity and the access authorization of the built-in computer terminal are determined by USBKey hardware, the domain-division hierarchical management of the information center is realized by dividing a virtual security domain, namely an authenticated region and an unauthenticated region, in an authorized network, all intranet terminals are managed in a unified way, the unauthenticated terminals are isolated, and the management authority of the mobile equipment is provided.
(2) The invention carries out centralized resource and user behavior authorization management on the computer terminal of the internal network based on the technical support of the trusted network platform of the third party, realizes detailed data record backup through terminal data acquisition of the big data acquisition module, is convenient to check through the management terminal, and divides differential access of the cloud server, the local server and the local cluster server, and intelligent statistical calculation of the big data acquisition module and the cloud server, provides access right change of the service terminal, and provides temporary system high-level authentication in a short time, thereby avoiding the condition that higher-level data information cannot be accessed under the condition that the access level cannot be improved, improving higher-level security of information management, reducing the risks of security loophole and information leakage and stealing of the internal network, and improving management efficiency.
Drawings
FIG. 1 is a schematic view of an overall system of the present invention;
reference numbers in the figures:
1-a management terminal; 2-accessing the monitoring terminal; 3-a computer terminal; 4-a system authentication module; 5-big data acquisition module; 6-subnet switching means; 7-a principal server; 8-cluster agent module; 9-local cluster server; 10-VCN gateway; 11-cloud server; 12-a console; 13-an authentication server; 14-USBKey hardware; 15-temporary registration authorization module; 16-authenticated area; 17-unauthenticated area; 18-a mobile terminal device;
201-real-time monitoring; 202-peripheral monitoring; 203-application monitoring; 204-network monitoring.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
As shown in figure 1, the invention provides a teaching system information security management system based on big data, which comprises an access monitoring terminal 2 attached to a management terminal 1, a system authentication module 4 used for a computer terminal 3, and a big data acquisition module 5 located at a system terminal, wherein the access monitoring terminal 2 divides a secret network through a subnet switching device 6, when the system transmits data access information to a main server 7, the main server 7 simultaneously provides a cluster agent module 8 to access a local cluster server 9, and carries out relationship trust through a VCN gateway 11 before access, simultaneously the access information and the main server 7 carry out data acquisition through the big data acquisition module 5 and simultaneously transfer the data to the local cluster server 9, the main information and the access information of the system are synchronously transferred to a cloud server 11 through the big data acquisition module 5, a console 12 and an authentication server 13 are provided on a path accessed by the access monitoring terminal 2 and the main body server 7, and a data base and an execution means of the system authentication module 4 are provided by the authentication server 13.
The system authentication module 4 confirms the user identity through USBKey hardware 14, and realizes authentication and authorization on the basis of data reading from the authentication server 13, the system authentication module 4 divides the computer terminal accessing the network into an authenticated area 16 and an unauthenticated area 17, the unauthenticated area 17 is transferred to a temporary registration authorization module 15 in the authentication server 13, and the computer terminal 3 in the authenticated area (16) accesses the connection system through the network, comprising the following steps:
s001, inserting user USBKey hardware into a computer terminal, and keying in a correct USBKey with a PIN code;
s002, the agent of the computer terminal initiates an authentication request and sends the certificate information of the hardware to the authentication server through the system authentication module;
s003, the authentication server verifies the authentication information sent by the user and confirms the consistency of the identity information and the authentication server data through interaction;
and S004, the authentication server authenticates that the user obtains legal access authorization, logs in the computer terminal and accesses related network resources.
And S005, when the computer terminal accesses network resources, the access authorization of the server is realized through the VCN gateway.
If the access of the computer terminal 3 is authorized, the server behind the VCN gateway can be accessed to obtain corresponding authorization and smoothly passes through the VCN gateway, otherwise, effective network connection cannot be established, and the built-in part has USBKey hardware support, so that different forms of hierarchical access hierarchy limitation are realized in the access process of the intranet, and the risk that the computer terminal 3 with built-in authentication is stolen is avoided by having the USBKey hardware and inputting a correct attached PIN code.
The access monitoring terminal 2 comprises a real-time monitor 201, a peripheral monitor 202, an application monitor 203 and a network monitor 204, and the access monitoring terminal 2 manages by detecting the client state by using an off-line state and an on-line state, wherein the on-line state refers to the state that a client computer can receive the management of a server in real time in a real-time management network of an authentication server and a system authentication module, for example, when accessing an internal network of a unit, the on-line state is automatically started at the moment, the off-line state refers to the state that the computer terminal can not access the network where the server is located, based on the two strategy modes, the management terminal can set different user using strategies according to different environments of the computer terminal, the real-time monitor 201 comprises the network connection state of the management terminal 2 to the computer terminal 3, computer data access records and program process records opened by installation, the cloud server (11) records backup, records file operation records including copying and creating of the computer terminal 3 on the access server in the management terminal 2 and prohibits and allows operation of the printing program of the computer terminal in the application monitor 203.
The subnet switching device 6 divides the access information of the computer terminals 3 in the authenticated region 16 and the unauthenticated region 17 and switches the unauthenticated region 17 to the temporary registration authorization module 15 to be divided into different confidential subnets, so that the computer terminals 3 in the same confidential subnet can realize free data exchange with each other, and the computer terminals 3 which are not in the same confidential subnet can not normally exchange data.
The big data acquisition module 5 counts the short-time access information and the access type of the computer terminal 3 temporarily registered with the authorization module 15, and gives a request authentication of the short-time system-free authentication module 4 through the analysis of the cloud server 11, but the access authority of the server must be acquired through the authentication information of the VCN gateway 10, through the division of the confidential subnets, effective data isolation can be realized on the information on the premise of guaranteeing the uniform maintenance of the network, and through the confidential subnets, illegal external connection or illegal access can be effectively prevented, and the illegal external connection can be effectively prevented whether being based on Modem, ADSL dialing or double network cards; the illegal access can be effectively prevented whether the two computers are connected directly through a switch or a network cable, and the trust relationship can be set between different secret subnets through the management terminal 2, so that the data exchange between the computers is allowed.
Meanwhile, the big data acquisition module 5 automatically records the detailed information of the use of the mobile storage device 18 on the computer terminal 3 in the authenticated area, generates a log file and stores the log file in the cloud server 11, and simultaneously forbids the computer terminal 3 in the unauthenticated area 17 and the mobile storage device 18 of the user of the computer terminal 3 authorized by the temporary registration authorization module 15 to access.
The system is based onTrusting the network security platform 19 of the third party, and provide system data and user's cipher key by this platform, the user's cipher key distinguishes as the identity through GID information, in the management terminal and some authorized computer terminal access course to the cloud end server, the user's cipher key can produce the corresponding attribute function by the network security platform of the third party, and produce arbitrarily, and obtain the final plaintext through the form of encrypting and deciphering, wherein: property i private key is authorized party in ZpThe attribute public key is calculated as follows:
Figure GDA0001642315510000071
user attribute key determination function: for the user identity information GID and the target attribute i, the user attribute key corresponds to:
Figure GDA0001642315510000072
encryption function: let Γ be the access control represented by (M, p), which corresponds to a protocol LSSS. The rows and attributes in the matrix M are related by a function p, where l is set as a row representing M, n represents the number of columns, and first, one vector v ═ s, y is arbitrarily selected2,…,yn) Then the expression of the ciphertext is
Figure GDA0001642315510000073
In the formula (PK)i)-sCalculating to obtain a generator
Figure GDA0001642315510000074
A decryption function: the attribute set A of the control structure gamma satisfies the condition construction set I ═ I:ρ(i)E.g., a } {1, 2. Obtaining a set of constants w corresponding to the LSSS protocoliI ∈ I } such that
s=∑i∈Iμiwi
Derived by a decryption algorithm
m=C/e(g,g)αs
And finally, a plaintext is obtained, a model combining a trusted mechanism and roles is introduced when the database needs to be accessed, so that good access control is realized, the data security of the database is protected to the greatest extent, the security management of database access information is completed, the security performance of data access is improved, and a large amount of network congestion caused when the database is accessed is also solved.
It will be evident to those skilled in the art that the invention is not limited to the details of the foregoing illustrative embodiments, and that the present invention may be embodied in other specific forms without departing from the spirit or essential attributes thereof. The present embodiments are therefore to be considered in all respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference sign in a claim should not be construed as limiting the claim concerned.

Claims (6)

1. The utility model provides a teaching system information security management system based on big data which characterized in that: the system comprises an access monitoring terminal (2) attached to a management terminal (1), a system authentication module (4) used for a computer terminal (3) and a big data acquisition module (5) positioned at the system terminal, wherein the access monitoring terminal (2) divides a confidential network through a subnet switching device (6), the subnet switching device (6) divides the computer terminals (3) of an authenticated area (16) and an unauthenticated area (17) and the computer terminals (3) of the unauthenticated area (17) which are turned to a temporary registration authorization module (15) into different confidential subnets, the computer terminals (3) in the same subnet can realize free data exchange, and the computer terminals (3) which are not in the same subnet cannot perform normal data exchange; trust relations can be set between different secret subnets through the management terminal (1) so as to allow computers of the secret subnets to exchange data, when the system transmits data access information to the main server (7), the main server (7) simultaneously provides the cluster agent module (8) to access the local cluster server (9), and performs relation trust through the VCN gateway (10) before access, simultaneously the access information and the main server (7) perform data acquisition through the big data acquisition module (5) and simultaneously transfer the data to the local cluster server (9), the main information and the access information of the system are synchronously transferred to the cloud server (11) through the big data acquisition module (5), the big data acquisition module (5) performs statistics on short-time access information and access types of the computer terminals (3) temporarily registered with the authorization module (15), and through the analysis of the cloud server (11), the request authentication of the system authentication module (4) is given for a short time, but the access authority of the server must be acquired through the authentication information of the VCN gateway (10), a console (12) and an authentication server (13) are arranged on the access path of the access monitoring terminal (2) and the main body server (7), and the data base and the execution means of the system authentication module (4) are provided through the authentication server (13).
2. The big data-based teaching system information security management system according to claim 1, wherein: the system authentication module (4) confirms the user identity through USBKey hardware (14), and realizes authentication and authorization again on the basis of data reading of the authentication server (13), the system authentication module (4) divides a computer terminal (3) accessing a network into an authenticated area (16) and an unauthenticated area (17), and the unauthenticated area (17) is transferred to a temporary registration authorization module (15) in the authentication server (13).
3. The big data-based teaching system information security management system according to claim 1, wherein: the access monitoring terminal (2) comprises a real-time monitor (201), a peripheral monitor (202), an application monitor (203) and a network monitor (204), and the access monitoring terminal (2) manages the client state by using an offline state and an online state through detection of the client state.
4. The big data-based teaching system information security management system according to claim 1, wherein: meanwhile, the big data acquisition module (5) can automatically record the detailed information of the use of the mobile storage device (18) on the computer terminal (3) in the authenticated area, generate a log file and store the log file in the cloud server (11), and meanwhile, the computer terminal (3) in the unauthenticated area (17) and the mobile storage device (18) of the user of the computer terminal (3) authorized by the temporary registration authorization module (15) are prohibited from accessing.
5. The big data-based teaching system information security management system according to claim 1, wherein: the system is based on a network security platform (19) of a trusted third party, system data and a user key are provided by the platform, the user key is distinguished by using GID information as an identity, the user key can generate a corresponding attribute function by the network security platform of the third party in the process of accessing a cloud server by a management terminal and a part of authorized computer terminals, the attribute function can be generated randomly, and a final plaintext can be obtained in an encryption and decryption mode.
6. An access method based on the system of claim 1, characterized in that: the method comprises the following steps:
s001, inserting user USBKey hardware into a computer terminal, and keying in a correct USBKey with a PIN code;
s002, the agent of the computer terminal initiates an authentication request and sends the certificate information of the hardware to the authentication server through the system authentication module;
s003, the authentication server verifies the authentication information sent by the user and confirms the consistency of the identity information and the authentication server data through interaction;
s004, the authentication server authenticates that the user obtains legal access authorization, logs in the computer terminal and accesses related network resources;
and S005, when the computer terminal accesses network resources, the access authorization of the server is realized through the VCN gateway.
CN201711464618.3A 2017-12-28 2017-12-28 Teaching system information security management system based on big data and access method Active CN108347426B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711464618.3A CN108347426B (en) 2017-12-28 2017-12-28 Teaching system information security management system based on big data and access method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711464618.3A CN108347426B (en) 2017-12-28 2017-12-28 Teaching system information security management system based on big data and access method

Publications (2)

Publication Number Publication Date
CN108347426A CN108347426A (en) 2018-07-31
CN108347426B true CN108347426B (en) 2021-10-26

Family

ID=62963304

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711464618.3A Active CN108347426B (en) 2017-12-28 2017-12-28 Teaching system information security management system based on big data and access method

Country Status (1)

Country Link
CN (1) CN108347426B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108879966A (en) * 2018-09-14 2018-11-23 南京理工技术转移中心有限公司 A kind of electric power cabinet use environment monitoring system and its working method
CN109186040A (en) * 2018-09-14 2019-01-11 南京理工技术转移中心有限公司 A kind of metro environment remote monitoring system and its working method
CN108944377A (en) * 2018-09-14 2018-12-07 南京理工技术转移中心有限公司 A kind of environment inside car regulating system and its working method

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101765108A (en) * 2009-07-01 2010-06-30 北京华胜天成科技股份有限公司 Safety certification service platform system, device and method based on mobile terminal
CN103491054A (en) * 2012-06-12 2014-01-01 珠海市鸿瑞信息技术有限公司 SAM access system
CN104135729A (en) * 2014-07-30 2014-11-05 国家电网公司 System and method of security access of wireless terminal in information intranet
CN104468490A (en) * 2013-09-25 2015-03-25 无锡华御信息技术有限公司 Control method for network access admittance
CN104901942A (en) * 2015-03-10 2015-09-09 重庆邮电大学 Distributed access control method for attribute-based encryption
CN106128200A (en) * 2016-08-31 2016-11-16 孟玲 A kind of teleeducation system based on cloud computing

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170331821A1 (en) * 2016-05-16 2017-11-16 4Mt Sa Secure gateway system and method

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101765108A (en) * 2009-07-01 2010-06-30 北京华胜天成科技股份有限公司 Safety certification service platform system, device and method based on mobile terminal
CN103491054A (en) * 2012-06-12 2014-01-01 珠海市鸿瑞信息技术有限公司 SAM access system
CN104468490A (en) * 2013-09-25 2015-03-25 无锡华御信息技术有限公司 Control method for network access admittance
CN104135729A (en) * 2014-07-30 2014-11-05 国家电网公司 System and method of security access of wireless terminal in information intranet
CN104901942A (en) * 2015-03-10 2015-09-09 重庆邮电大学 Distributed access control method for attribute-based encryption
CN106128200A (en) * 2016-08-31 2016-11-16 孟玲 A kind of teleeducation system based on cloud computing

Also Published As

Publication number Publication date
CN108347426A (en) 2018-07-31

Similar Documents

Publication Publication Date Title
CN103310161B (en) A kind of means of defence for Database Systems and system
CN103747036B (en) Trusted security enhancement method in desktop virtualization environment
CN106888084B (en) Quantum fort machine system and authentication method thereof
CN105430000A (en) Cloud computing security management system
CN103780393B (en) Virtual-desktop security certification system and method facing multiple security levels
CN101355459B (en) Method for monitoring network based on credible protocol
US10735188B2 (en) System and method for secure electronic communications through security hardware based on threshold cryptography
CN104767731A (en) Identity authentication protection method of Restful mobile transaction system
CN101827101A (en) Information asset protection method based on credible isolated operating environment
CN111954211B (en) Novel authentication key negotiation system of mobile terminal
CN108347426B (en) Teaching system information security management system based on big data and access method
CN104506480A (en) Cross-domain access control method and system based on marking and auditing combination
CN114760118A (en) Trust evaluation method with privacy protection in zero-trust architecture
Duan et al. BSAF: A blockchain-based secure access framework with privacy protection for cloud-device service collaborations
CN106992978A (en) Network safety managing method and server
Zhou et al. Research on multi-authority CP-ABE access control model in multicloud
CN113259137A (en) Power grid access control method, system and storage medium based on user attributes
Chi et al. Design and implementation of OpenStack cloud platform identity management scheme
CN111538973A (en) Personal authorization access control system based on state cryptographic algorithm
Benenson et al. An algorithmic framework for robust access control in wireless sensor networks
CN114124392B (en) Data controlled circulation method, system, device and medium supporting access control
CN116208401A (en) Cloud master station access control method and device based on zero trust
CN116192481A (en) Analysis method for secure communication mechanism between cloud computing server models
Yu et al. Research on zero trust access control model and formalization based on rail transit data platform
CN106230769B (en) Mobile cloud data staging connection control method based on mobile terminal degree of belief

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant