CN108881327A - A kind of computer internet information safety control system based on cloud computing - Google Patents

A kind of computer internet information safety control system based on cloud computing Download PDF

Info

Publication number
CN108881327A
CN108881327A CN201811150038.1A CN201811150038A CN108881327A CN 108881327 A CN108881327 A CN 108881327A CN 201811150038 A CN201811150038 A CN 201811150038A CN 108881327 A CN108881327 A CN 108881327A
Authority
CN
China
Prior art keywords
module
server
cloud computing
access path
access
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201811150038.1A
Other languages
Chinese (zh)
Inventor
牟思
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Dezhou Career Technical College (dezhou Technician College)
Dezhou Vocational and Technical College
Original Assignee
Dezhou Career Technical College (dezhou Technician College)
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Dezhou Career Technical College (dezhou Technician College) filed Critical Dezhou Career Technical College (dezhou Technician College)
Priority to CN201811150038.1A priority Critical patent/CN108881327A/en
Publication of CN108881327A publication Critical patent/CN108881327A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a kind of computer internet information safety control system based on cloud computing, including server, client and conversion module, mutually independent binary channels link block is provided between client and conversion module, an encrypting module is each provided in client and conversion module, an authentication module is additionally provided in conversion module, after authentication passes through, access path builds module and builds corresponding access path, conversion module connects server by the access path, is equipped with an emergency switching-off module on each access path;A monitoring server module is deployed on the server in the form of static jar packet, the monitoring modular carries out the recording and assessment of server contention states during data access by way of script recording, and sends access path for assessment result and build module, emergency switching-off module and corresponding monitor terminal.Performance loss caused by the present invention is also avoided other than the safety for ensureing Database Systems because of attack.

Description

A kind of computer internet information safety control system based on cloud computing
Technical field
The present invention relates to computer data management fields, and in particular to a kind of computer internet information based on cloud computing Safety control system.
Background technique
With the development of information technology and the arrival of data age, data circulation becomes the master of release data bonus and value Want means and approach.In the case where support on policy, technology humanized, market are led, data share exchange industry flourishes, and data are cashed Ability is obviously improved, and data share exchange platform construction enters the blowout phase.
Currently, data share exchange platform can be divided into two classes:One kind is based on data production, data service class enterprise It leads, the shared switching plane based on commercial presence transaction;It is another kind of be combined with government other main bodys be it is leading, towards government affairs believe Cease the shared switching plane based on resource-sharing exchange.
The problem that above two data share exchange platform is poor in the prevalence of managerial flexibility, safety is low, data It is much in transmission process to be easy to cause the attack of hacker, the safety of data is difficult to by data exposure on internet To guarantee.
Summary of the invention
To solve the above problems, the present invention provides a kind of computer internet information security control system based on cloud computing A possibility that system, is not directed through Internet network to the access of database, has blocked hacker's direct attack database system, Performance loss caused by being also avoided in addition to the safety for ensureing Database Systems because of attack, system carry system safety monitoring Function further ensures the safety of data.
To achieve the above object, the technical scheme adopted by the invention is as follows:
A kind of computer internet information safety control system based on cloud computing, including server, client and conversion Module, is provided with mutually independent binary channels link block between client and conversion module, each in client and conversion module It is provided with an encrypting module, an authentication module, after authentication passes through, access path are additionally provided in conversion module It builds module and builds corresponding access path, conversion module connects server by the access path, on each access path Equipped with an emergency switching-off module;A monitoring server module, the monitoring are deployed on the server in the form of static jar packet Module carries out the recording and assessment of server contention states during data access by way of script recording, and by assessment result It is sent to access path and builds module, emergency switching-off module and corresponding monitor terminal.
Further, further include a cloud computing module, divide for calculate by the working condition to each access path Analysis, and send access path for the result for calculating analysis and build module, emergency switching-off module and corresponding monitor terminal.
Further, the configuration file of disparate databases in access server, the configuration are stored in the conversion module File uses XML format.
Further, user inputs user name and identification information by client, after encrypting module encrypts, It is transmitted in conversion module and decrypts, authentication is carried out by authentication module;If authentication mistake, denied access; If authentication is correct, according to user right, access path builds module and builds corresponding access path, and conversion module passes through The access path connects server.
Further, access request is sent by client by the user of authentication, access request passes through encryption mould Conversion module decryption is transmitted to after block encryption, conversion module is by calling configuration file to carry out the database with access authority Access after access result is encrypted by encrypting module, is sent to client modules decryption, checks for user;Conversion module will be every The record of secondary access is stored.
Further, when any one channel in binary channels link block is communicated, another alternate channel is carried out Key updating.
It further, further include data output interface cutting module, for according to monitoring server module and cloud computing The assessment result that module obtains carries out the opening and closing of server data output interface function.
Further, the monitoring server module uses the support vector machine method (GS-SVM) of grid type searching method Carry out the assessment of server contention states.
Further, the cloud computing module enters net flow and statistics integrated flow by monitoring, is then based on and builds Vertical polymorphic response to network anomaly assessment model accesses the monitoring of channels operation state.
Further, the encrypting step of the encrypting module is:
I, a random number is extracted from key obtain several plaintext sections using random number to being split in plain text;
II, a specific plaintext section is selected based on preset extraction operation rule, it will be special based on preset Encryption Algorithm Determine plaintext section and random number carries out cryptographic calculation, obtains specific cipher text section;
III, using specific cipher text section as specific key, a specific random numbers is extracted, are generated using specific random numbers operation Then specific cipher text section, remaining plaintext section and redundant segments are carried out cryptographic calculation, obtain final ciphertext by one redundant segments.
The invention has the advantages that:
Internet network is not directed through to the access of database, blocked the direct attack database system of hacker can Energy property, performance loss caused by being also avoided in addition to the safety for ensureing Database Systems because of attack;Pass through access path The safety that building realizes in server in data permission with cutting is shared, and system carries services status monitoring, assessment function Energy and emergency protection mechanism, further ensure the safety of data.
Detailed description of the invention
Fig. 1 is a kind of system frame of the computer internet information safety control system based on cloud computing of the embodiment of the present invention Figure.
Specific embodiment
In order to which objects and advantages of the present invention are more clearly understood, the present invention is carried out with reference to embodiments further It is described in detail.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, it is not used to limit this hair It is bright.
As shown in Figure 1, the embodiment of the invention provides a kind of computer internet information security control based on cloud computing System, including server, client, conversion module, cloud computing module and data output interface cut off module, client and conversion It is provided with mutually independent binary channels link block between module, an encryption mould is each provided in client and conversion module Block is additionally provided with an authentication module in conversion module, and after authentication passes through, access path is built module and built accordingly Access path, conversion module connects server by the access path, is equipped with an emergency switching-off mould on each access path Block;A monitoring server module is deployed on the server in the form of static jar packet, which is recorded by script Mode carries out the recording and assessment of server contention states during data access, and sends access path for assessment result and take Model block, emergency switching-off module and corresponding monitor terminal.The cloud computing module, for passing through the work shape to each access path State carries out calculating analysis, and sends access path for the result for calculating analysis and build module, emergency switching-off module and corresponding prison Control terminal.The data output interface cuts off module, the assessment for obtaining according to monitoring server module and cloud computing module As a result the opening and closing of server data output interface function is carried out.
The access of database in server is completed in this specific implementation by following steps:
S1, storage accesses the configuration file of disparate databases in server, the configuration file in the conversion module Using XML format;
S2, user input user name and identification information by client, after encrypting module encrypts, are transmitted to It is decrypted in conversion module, authentication is carried out by authentication module;If authentication mistake, denied access;If identity Verifying is correct, then according to user right, access path builds module and builds corresponding access path, and conversion module passes through the access Channel connects server;
S3, access request is sent by client by the user of authentication, the action statement of access request is deposited in In the database of client and server;Access request is transmitted to conversion module decryption, modulus of conversion after encrypting by encrypting module Block is by calling configuration file to access the database with access authority, after access result is encrypted by encrypting module, It is sent to client modules decryption, is checked for user;Conversion module stores the record accessed every time;
In entire access process, monitoring server module uses the support vector machine method (GS- of grid type searching method SVM the assessment of server contention states) is carried out;Cloud computing module enters net flow and statistics integrated flow by monitoring, so The polymorphic response to network anomaly assessment model based on foundation accesses the monitoring of channels operation state afterwards;And analysis will be calculated As a result it is sent to access path and builds module, emergency switching-off module and corresponding monitor terminal;
It is worth noting that, when any one channel in binary channels link block is communicated, another alternate channel Carry out key updating.
In the present embodiment, the encrypting step of the encrypting module is:
I, a random number is extracted from key obtain several plaintext sections using random number to being split in plain text;
II, a specific plaintext section is selected based on preset extraction operation rule, it will be special based on preset Encryption Algorithm Determine plaintext section and random number carries out cryptographic calculation, obtains specific cipher text section;
III, using specific cipher text section as specific key, a specific random numbers is extracted, are generated using specific random numbers operation Then specific cipher text section, remaining plaintext section and redundant segments are carried out cryptographic calculation, obtain final ciphertext by one redundant segments.
The above is only a preferred embodiment of the present invention, it is noted that for the ordinary skill people of the art For member, without departing from the principle of the present invention, it can also make several improvements and retouch, these improvements and modifications are also answered It is considered as protection scope of the present invention.

Claims (10)

1. a kind of computer internet information safety control system based on cloud computing, including server, client and modulus of conversion Block, it is characterised in that:Mutually independent binary channels link block, client and conversion are provided between client and conversion module It is each provided with an encrypting module in module, an authentication module is additionally provided in conversion module, after authentication passes through, Access path builds module and builds corresponding access path, and conversion module connects server, each access by the access path An emergency switching-off module is equipped on channel;A monitoring server mould is deployed on the server in the form of static jar packet Block, the monitoring modular carry out the recording and assessment of server contention states during data access by way of script recording, and Access path, which is sent, by assessment result builds module, emergency switching-off module and corresponding monitor terminal.
2. a kind of computer internet information safety control system based on cloud computing as described in claim 1, feature exist In:Further include a cloud computing module, for carrying out calculating analysis by the working condition to each access path, and is analyzed calculating Result be sent to access path and build module, emergency switching-off module and corresponding monitor terminal.
3. a kind of computer internet information safety control system based on cloud computing as described in claim 1, feature exist In:Storage accesses the configuration file of disparate databases in server in the conversion module, and the configuration file uses XML lattice Formula.
4. a kind of computer internet information safety control system based on cloud computing as described in claim 1, feature exist In:User inputs user name and identification information by client, after encrypting module encrypts, is transmitted to conversion module Middle decryption carries out authentication by authentication module;If authentication mistake, denied access;If authentication is correct, Then according to user right, access path builds module and builds corresponding access path, and conversion module is connected by the access path Server.
5. a kind of computer internet information safety control system based on cloud computing as described in claim 1, feature exist In:Access request is sent by client by the user of authentication, access request is transmitted to after encrypting by encrypting module Conversion module decryption, conversion module access result by calling configuration file to access the database with access authority After being encrypted by encrypting module, it is sent to client modules decryption, is checked for user;Conversion module by the record accessed every time into Row storage.
6. a kind of computer internet information safety control system based on cloud computing as described in claim 1, feature exist In:When any one channel in binary channels link block is communicated, another alternate channel carries out key updating.
7. a kind of computer internet information safety control system based on cloud computing as described in claim 1, feature exist In:It further include data output interface cutting module, the assessment for being obtained according to monitoring server module and cloud computing module As a result the opening and closing of server data output interface function is carried out.
8. a kind of computer internet information safety control system based on cloud computing as described in claim 1, feature exist In:The monitoring server module carries out server work using the support vector machine method (GS-SVM) of grid type searching method The assessment of state.
9. a kind of computer internet information safety control system based on cloud computing as claimed in claim 2, feature exist In:The cloud computing module enters net flow and statistics integrated flow by monitoring, is then based on the polymorphic response net of foundation Network anomaly assessment model accesses the monitoring of channels operation state.
10. a kind of computer internet information safety control system based on cloud computing as described in claim 1, feature exist In:The encrypting step of the encrypting module is:
I, a random number is extracted from key obtain several plaintext sections using random number to being split in plain text;
II, a specific plaintext section is selected based on preset extraction operation rule, it will be specific bright based on preset Encryption Algorithm Literary section and random number carry out cryptographic calculation, obtain specific cipher text section;
III, using specific cipher text section as specific key, a specific random numbers are extracted, generate one using specific random numbers operation Then specific cipher text section, remaining plaintext section and redundant segments are carried out cryptographic calculation, obtain final ciphertext by redundant segments.
CN201811150038.1A 2018-09-29 2018-09-29 A kind of computer internet information safety control system based on cloud computing Pending CN108881327A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811150038.1A CN108881327A (en) 2018-09-29 2018-09-29 A kind of computer internet information safety control system based on cloud computing

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811150038.1A CN108881327A (en) 2018-09-29 2018-09-29 A kind of computer internet information safety control system based on cloud computing

Publications (1)

Publication Number Publication Date
CN108881327A true CN108881327A (en) 2018-11-23

Family

ID=64324825

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811150038.1A Pending CN108881327A (en) 2018-09-29 2018-09-29 A kind of computer internet information safety control system based on cloud computing

Country Status (1)

Country Link
CN (1) CN108881327A (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109856999A (en) * 2018-12-14 2019-06-07 北京立思辰计算机技术有限公司 Determine the method and system whether status information relevant to equipment is executed is tampered
CN111245786A (en) * 2019-12-31 2020-06-05 深圳前海智安信息科技有限公司 DDoS attack prevention method
CN111614515A (en) * 2020-05-06 2020-09-01 南京信息职业技术学院 Computer network communication method and system
CN111865998A (en) * 2020-07-24 2020-10-30 广西科技大学 Network security zone login method and device
CN112104668A (en) * 2020-11-10 2020-12-18 成都掌控者网络科技有限公司 Distributed authority process separation control method and device
CN112153076A (en) * 2020-10-20 2020-12-29 台州学院 Computer network safety intrusion detection system
CN112559995A (en) * 2021-01-31 2021-03-26 河南工业职业技术学院 Computer data safety intelligent management system
CN113311768A (en) * 2021-06-04 2021-08-27 安徽云图信息技术有限公司 Data security operation management platform

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101425903A (en) * 2008-07-16 2009-05-06 冯振周 Trusted network architecture based on identity
CN103684798A (en) * 2013-12-31 2014-03-26 南京理工大学连云港研究院 Authentication system used in distributed user service
CN104660551A (en) * 2013-11-20 2015-05-27 上海海典软件有限公司 Webservice-based database access device and method
CN104765995A (en) * 2015-04-24 2015-07-08 福建师范大学 Intelligent device identity authentication method and client side based on touch screen operation
CN105930264A (en) * 2016-04-03 2016-09-07 郑州升达经贸管理学院 Computer software performance test method
CN108256321A (en) * 2018-01-16 2018-07-06 吉林财经大学 A kind of big data safety precaution supervision and aware platform

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101425903A (en) * 2008-07-16 2009-05-06 冯振周 Trusted network architecture based on identity
CN104660551A (en) * 2013-11-20 2015-05-27 上海海典软件有限公司 Webservice-based database access device and method
CN103684798A (en) * 2013-12-31 2014-03-26 南京理工大学连云港研究院 Authentication system used in distributed user service
CN104765995A (en) * 2015-04-24 2015-07-08 福建师范大学 Intelligent device identity authentication method and client side based on touch screen operation
CN105930264A (en) * 2016-04-03 2016-09-07 郑州升达经贸管理学院 Computer software performance test method
CN108256321A (en) * 2018-01-16 2018-07-06 吉林财经大学 A kind of big data safety precaution supervision and aware platform

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109856999A (en) * 2018-12-14 2019-06-07 北京立思辰计算机技术有限公司 Determine the method and system whether status information relevant to equipment is executed is tampered
CN111245786A (en) * 2019-12-31 2020-06-05 深圳前海智安信息科技有限公司 DDoS attack prevention method
CN111245786B (en) * 2019-12-31 2023-02-28 深圳前海智安信息科技有限公司 DDoS attack prevention method
CN111614515A (en) * 2020-05-06 2020-09-01 南京信息职业技术学院 Computer network communication method and system
CN111865998A (en) * 2020-07-24 2020-10-30 广西科技大学 Network security zone login method and device
CN112153076A (en) * 2020-10-20 2020-12-29 台州学院 Computer network safety intrusion detection system
CN112104668A (en) * 2020-11-10 2020-12-18 成都掌控者网络科技有限公司 Distributed authority process separation control method and device
CN112559995A (en) * 2021-01-31 2021-03-26 河南工业职业技术学院 Computer data safety intelligent management system
CN113311768A (en) * 2021-06-04 2021-08-27 安徽云图信息技术有限公司 Data security operation management platform
CN113311768B (en) * 2021-06-04 2022-07-19 安徽云图信息技术有限公司 Data security operation management platform

Similar Documents

Publication Publication Date Title
CN108881327A (en) A kind of computer internet information safety control system based on cloud computing
US10903982B2 (en) Smart contract-based data transfer method and system
US11615213B2 (en) Encrypted data storage system and method based on offsite key storage
CN105873031B (en) Distributed unmanned plane cryptographic key negotiation method based on credible platform
CN110069918A (en) A kind of efficient double factor cross-domain authentication method based on block chain technology
CN105610837B (en) For identity authentication method and system between SCADA system main website and slave station
CN104660551B (en) A kind of database access device and method based on webservice
CN109995530B (en) Safe distributed database interaction system suitable for mobile positioning system
CN113595735B (en) Supervised privacy protection block chain crossing system based on CP-ABE
CN112865965B (en) Train service data processing method and system based on quantum key
CN108882030A (en) A kind of monitor video classification encryption and decryption method and system based on time-domain information
CN104219077A (en) Information management system for middle and small-sized enterprises
CN108881240B (en) Member privacy data protection method based on block chain
Marian et al. Experimenting with digital signatures over a DNP3 protocol in a multitenant cloud-based SCADA architecture
WO2021170049A1 (en) Method and apparatus for recording access behavior
Adelin et al. Facing emerging challenges in connected vehicles: a formally proven, legislation compliant, and post-quantum ready security protocol
CN114362998B (en) Network security protection method based on edge cloud system
CN113676446B (en) Communication network safety error-proof control method, system, electronic equipment and medium
Zhang et al. Design and implementation of IEC61850 communication security protection scheme for smart substation based on bilinear function
CN114663234A (en) System and method for supervising abnormal transactions on block chain
CN111327624B (en) On-chain detection method and system for key information system
CN114866244A (en) Controllable anonymous authentication method, system and device based on ciphertext block chaining encryption
CN113676330A (en) Digital certificate application system and method based on secondary key
CN115883211B (en) File transfer system oriented to enterprise data security
Joseph et al. Protecting information stored inside the cloud with A new CCA-EBO protocol designed on hive technology

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20181123