CN109150976A - The method, apparatus and storage medium of security service are provided - Google Patents
The method, apparatus and storage medium of security service are provided Download PDFInfo
- Publication number
- CN109150976A CN109150976A CN201810809729.1A CN201810809729A CN109150976A CN 109150976 A CN109150976 A CN 109150976A CN 201810809729 A CN201810809729 A CN 201810809729A CN 109150976 A CN109150976 A CN 109150976A
- Authority
- CN
- China
- Prior art keywords
- security
- service
- cloud
- cloud computing
- service provider
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/51—Discovery or management thereof, e.g. service location protocol [SLP] or web services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/50—Network service management, e.g. ensuring proper service fulfilment according to agreements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- Bioethics (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Computing Systems (AREA)
- User Interface Of Digital Computer (AREA)
Abstract
The method, apparatus and storage medium of security service are provided the embodiment of the invention discloses a kind of, is related to network security fields.The method comprise the steps that passing through the demand for security for obtaining cloud computing service provider;According to the demand for security of the cloud computing service provider, between the cloud computing service provider and its corresponding user, the safe cloud service platform of on-premise network;When receiving Client-initiated security service request, it is based on the network security cloud service platform, provides corresponding security service to the user.The present invention can be improved the safety of cloud computing service provider.
Description
Technical field
The present invention relates to network safety filed more particularly to a kind of method, apparatus and storage medium of offer security service.
Background technique
With the continuous development of network security technology and the in-depth of security service mode, it is by cloud computing service provider
The mode that user provides required security service is more prevalent.Security service quilt provided by current cloud computing service provider
User directly accesses, and due to lacking necessary safety prevention measure, i.e. the cloud of cloud computing service provider is directly exposed to user,
This results in the safe moment of cloud computing service provider to be on the hazard.
Summary of the invention
The embodiment of the present invention provides the method, apparatus and storage medium of a kind of offer security service, is able to solve at present
The safety issue of cloud computing service provider.
In order to achieve the above objectives, the embodiment of the present invention adopts the following technical scheme that
In a first aspect, the embodiment of the present invention provides a kind of method of offer security service, comprising:
Obtain the demand for security of cloud computing service provider;
According to the demand for security of the cloud computing service provider, in cloud computing service provider use corresponding with its
Between family, the safe cloud service platform of on-premise network;
When receiving Client-initiated security service request, it is based on the network security cloud service platform, to institute
It states user and corresponding security service is provided.
With reference to first aspect, in the first possible implementation of the first aspect, the network security cloud service is flat
Platform includes: configuration interface, technology platform interface module and any one or any multinomial in visual presentation module.
The possible implementation of with reference to first aspect the first, in second of possible implementation of first aspect
In, the configuration interface is docked with the cloud computing service provider;The method also includes:
Demand for security and/or own service scale based on the cloud computing service provider, the configuration interface into
The description of row content to be configured, the content to be configured include: cloud scale, service type, security level, appointing in access way
Meaning one is any multinomial;
Wherein, the scale for the cloud that the cloud scale is used to illustrate that the cloud computing service provider is possessed;It is described
Service type is used to illustrate the property of the cloud computing service provider;The security level is for illustrating the cloud computing service
The protection abilities that provider's expectation obtains;The access way is for illustrating the cloud computing service provider selection access
The mode of security service cloud, the access way include direct tandem and bypass monitoring mode.
The possible implementation of with reference to first aspect the first, in the third possible implementation of first aspect
In, the network security cloud service further includes Floor layer Technology platform, the Floor layer Technology platform and the technology platform interface pair
It connects, the technology platform interface is also docked with the user;The method also includes:
Based on the technology platform interface, the configuration information that the user submits is obtained, and the configuration information is provided
To the control module on the Floor layer Technology platform.
The possible implementation of with reference to first aspect the first, in the 4th kind of possible implementation of first aspect
In, the visual presentation module is docked with the technology platform interface, the method also includes:
The module that visualizes obtains the real-time ground shield data of the technology platform interface feedback, and is based on institute
State real-time ground shield data, the real-time network security postures of cloud computing service provider described in simulation shows.
In a first aspect, the embodiment of the present invention provides a kind of device of offer security service, comprising:
Demand obtains module, for obtaining the demand for security of cloud computing service provider;
Platform deployment module, for the demand for security according to the cloud computing service provider, in the cloud computing service
Between provider and its corresponding user, the safe cloud service platform of on-premise network;
Service providing module, for being pacified based on the network when receiving Client-initiated security service request
Full cloud service platform provides corresponding security service to the user.
In conjunction with second aspect, in the first possible implementation of the second aspect,
The network security cloud service platform of Platform deployment module deployment includes: that configuration interface, technology platform connect
Mouth mold block and any one or any multinomial in visual presentation module.
In conjunction with the first possible implementation of second aspect, in second of possible implementation of second aspect
In,
The configuration interface of the Platform deployment module deployment is docked with the cloud computing service provider;
Described device further include:
Content describing module, for demand for security and/or own service scale based on the cloud computing service provider,
The description of content to be configured is carried out in the configuration interface, the content to be configured includes: cloud scale, service type, safety etc.
Grade, any one in access way or any multinomial;
Wherein, the scale for the cloud that the cloud scale is used to illustrate that the cloud computing service provider is possessed;It is described
Service type is used to illustrate the property of the cloud computing service provider;The security level is for illustrating the cloud computing service
The protection abilities that provider's expectation obtains;The access way is for illustrating the cloud computing service provider selection access
The mode of security service cloud, the access way include direct tandem and bypass monitoring mode.
In conjunction with the first possible implementation of second aspect, in the third possible implementation of second aspect
In,
The network security cloud service of the Platform deployment module deployment further includes Floor layer Technology platform;
The Floor layer Technology platform of the Platform deployment module deployment is docked with the technology platform interface, the technology
Platform interface is also docked with the user;
Described device further include:
User configuration obtains module, for obtaining the configuration information that the user submits based on the technology platform interface,
And the configuration information is supplied to the control module on the Floor layer Technology platform.
In conjunction with the first possible implementation of second aspect, in the 4th kind of possible implementation of second aspect
In,
The visual presentation module of the Platform deployment module deployment is docked with the technology platform interface;
The visual presentation module, for obtaining the real-time ground shield data of the technology platform interface feedback, and
Based on the real-time ground shield data, the real-time network security postures of cloud computing service provider described in simulation shows.
The third aspect, the embodiment of the present invention provide a kind of computer readable storage medium, are stored thereon with computer journey
Sequence, which is characterized in that the step of method that first aspect provides is realized when described program is executed by processor.
It is provided in an embodiment of the present invention that the method, apparatus and storage medium of security service are provided, by obtaining cloud computing clothes
The demand for security of business provider;According to the demand for security of the cloud computing service provider, in the cloud computing service provider
Between its corresponding user, the safe cloud service platform of on-premise network;It is requested when receiving the Client-initiated security service
When, it is based on the network security cloud service platform, provides corresponding security service to the user.It can be mentioned in cloud computing service
For between quotient and its corresponding user, the safe cloud service platform of on-premise network can be provided to avoid cloud computing service provider
Security service directly accessed by user, so as to mention in the case where avoiding the overhead of cloud computing service provider
The safety of high cloud computing service provider.
Detailed description of the invention
It to describe the technical solutions in the embodiments of the present invention more clearly, below will be to needed in the embodiment
Attached drawing is briefly described, it should be apparent that, drawings in the following description are only some embodiments of the invention, for ability
For the those of ordinary skill of domain, without creative efforts, it can also be obtained according to these attached drawings other attached
Figure.
Fig. 1 is the flow diagram of the method for the offer security service of the embodiment of the present invention;
Fig. 2 is another flow diagram of the method for the offer security service of the embodiment of the present invention;
Fig. 3 is the network security cloud service platform schematic diagram of the embodiment of the present invention;
Fig. 4 is another schematic diagram of the network security cloud service platform of the embodiment of the present invention;
Fig. 5 is the apparatus structure schematic diagram of the offer security service of the embodiment of the present invention;
Fig. 6 is another structural schematic diagram of the device of the offer security service of the embodiment of the present invention;
Fig. 7 is the structural schematic diagram of the device 700 of the offer security service of the embodiment of the present invention.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on
Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts all other
Embodiment shall fall within the protection scope of the present invention.
One embodiment of the invention provides a kind of method method of offer security service, as shown in Figure 1, which comprises
101, the demand for security of cloud computing service provider is obtained.
102, according to the demand for security of the cloud computing service provider, in the cloud computing service provider and its correspondence
User between, the safe cloud service platform of on-premise network.
103, when receiving Client-initiated security service request, it is based on the network security cloud service platform,
Corresponding security service is provided to the user.
Compared with prior art, the embodiment of the present invention can between cloud computing service provider and its corresponding user,
The safe cloud service platform of on-premise network, can directly be visited to avoid security service provided by cloud computing service provider by user
It asks, so as to improve the peace of cloud computing service provider in the case where avoiding the overhead of cloud computing service provider
Quan Xing.
Further embodiment of this invention provides a kind of method of offer security service, as shown in Figure 2, which comprises
201, the demand for security of cloud computing service provider is obtained.
202, according to the demand for security of the cloud computing service provider, in the cloud computing service provider and its correspondence
User between, the safe cloud service platform of on-premise network.
As shown in figure 3, the network security cloud service platform includes: configuration interface, technology platform interface module and visual
Change any one or any multinomial in display module.
203, demand for security and/or own service scale based on the cloud computing service provider, in configuration circle
Face carries out the description of content to be configured.
Wherein, the configuration interface is docked with the cloud computing service provider.
As shown in figure 4, the content to be configured includes: cloud scale, service type, security level, appointing in access way
Meaning one is any multinomial.
Wherein, the scale for the cloud that the cloud scale is used to illustrate that the cloud computing service provider is possessed, cloud rule
Mould can distribute security service stock number for technology platform and provide foundation;The service type is for illustrating the cloud computing service
The property of provider, service type can distribute security service resource type for technology platform and provide foundation;The security level
The protection abilities obtained for illustrating the cloud computing service provider expectation, security level can construct for technology platform
Which kind of security service chain provides foundation;The access way is for illustrating the cloud computing service provider selection access safety clothes
The mode of business cloud, the access way include direct tandem and bypass monitoring mode.
In embodiments of the present invention, user only needs to register by range of information and security service configures, and expresses oneself
Demand for security, can be obtained expected security protection ability, thus realize cloud computing service quotient class user a keyization safety
Protection service.
204, it is based on the technology platform interface, obtains the configuration information that the user submits, and by the configuration information
The control module being supplied on the Floor layer Technology platform.
Wherein, the network security cloud service further includes Floor layer Technology platform, the Floor layer Technology platform and the technology
Platform interface docking, the technology platform interface are also docked with the user.
In embodiments of the present invention, technology platform interface is located under configuration interface, provides and network security cloud service bottom
The mating interface of layer technology platform.It is mainly responsible for and the configuration information that user submits is submitted into technology platform correlation control module,
Play connection function.Meanwhile in real time to the security protection information for visualizing module feedback technology platform.
205, the real-time ground shield data for visualizing module and obtaining the technology platform interface feedback, and base
In the real-time ground shield data, the real-time network security postures of cloud computing service provider described in simulation shows.
Wherein, the visual presentation module is docked with the technology platform interface.In embodiments of the present invention, by can
It, can intuitive simulation shows cloud computing service quotient receives in real time security protection effect depending on changing display module.
In embodiments of the present invention, by technology platform interface Real-time Feedback ground shield data, simulation shows are protected
Cloud computing service quotient real-time network security postures, network attack situation, network protection situation and network protection measure etc.
Content.Promoted network safety prevention there are senses, enhance the safe self-confidence of user.
206, when receiving Client-initiated security service request, it is based on the network security cloud service platform,
Corresponding security service is provided to the user.
For the embodiment of the present invention, user is to meet hierarchical protection demand or system demand for security, needs to pass through safety clothes
Business application selection or customization meet the Security Service Model of self-demand.Security Service Model is one and meets security service agreement
Service chaining, be made of one group of security service, cloud safety service platform will according to customized Security Service Model be user
Corresponding security service is provided.
Using there is two kinds of options of universal model and customizing model.After user enters application, application will utilize service-oriented
Semantic Interoperation means guide user to describe self-demand according to certain specification, and thus provide universal model suggestion.Universal Die
Type is the security service chain designed according to some existing agreements or criterion, is the complete solution party for meeting professional standard and convention
Case.For general demand and problem, user can directly select generic service model.For there is personalized service to need
User rapidly establishes oneself at visual model customizing interface using convenient navigation mechanism guidance user is additionally provided
Security Service Model.
Customizing model can be modified on the basis of universal model, can also re-create complete model, in the process user's energy
It enough completes the customization of model level and services the customization of level.The customization of model level refer to according to user demand by Services Composition at
Satisfactory service chaining.It applies and provides all workable services in model customizing interface, and each service is all provided
Complete and detailed definition, service are presented to the user in the form of control.User is according to service definition by pulling safety clothes
The mode of business control comes the security service content of tissue oneself, the Security Service Model to be met individual requirements.For tool
There is the user of profound customized demand, can also be customized in service level.It applies and provides in Custom Interface to service
The editor space of control, user is modified using api interface by programmable mode or defines new service control, according to service
Quality and service-level agreement set the grade of service and relevant parameter of oneself demand, and then customized service control is added to
Customization operations are completed in Security Service Model.
Compared with prior art, the embodiment of the present invention can between cloud computing service provider and its corresponding user,
The safe cloud service platform of on-premise network, can directly be visited to avoid security service provided by cloud computing service provider by user
It asks, so as to improve the peace of cloud computing service provider in the case where avoiding the overhead of cloud computing service provider
Quan Xing.
Further embodiment of this invention provides a kind of device of offer security service, as shown in figure 5, described device includes:
Demand obtains module 51, for obtaining the demand for security of cloud computing service provider;
Platform deployment module 52 takes for the demand for security according to the cloud computing service provider in the cloud computing
It is engaged between provider and its corresponding user, the safe cloud service platform of on-premise network;
Service providing module 53, for being based on the network when receiving Client-initiated security service request
Safe cloud service platform provides corresponding security service to the user.
The network security cloud service platform that the Platform deployment module 52 is disposed includes: configuration interface, technology platform
Interface module and any one or any multinomial in visual presentation module.
The configuration interface that the Platform deployment module 52 is disposed is docked with the cloud computing service provider;
Further, as shown in fig. 6, described device further include: content describing module 61, user configuration obtain module 62,
The visual presentation module 63;
Content describing module 61, for based on the cloud computing service provider demand for security and/or own service rule
Mould carries out the description of content to be configured in the configuration interface, and the content to be configured includes: cloud scale, service type, safety
Any one or any multinomial in grade, access way;
Wherein, the scale for the cloud that the cloud scale is used to illustrate that the cloud computing service provider is possessed;It is described
Service type is used to illustrate the property of the cloud computing service provider;The security level is for illustrating the cloud computing service
The protection abilities that provider's expectation obtains;The access way is for illustrating the cloud computing service provider selection access
The mode of security service cloud, the access way include direct tandem and bypass monitoring mode.
The network security cloud service that the Platform deployment module 52 is disposed further includes Floor layer Technology platform;
The Floor layer Technology platform that the Platform deployment module 52 is disposed is docked with the technology platform interface, the skill
Art platform interface is also docked with the user;
User configuration obtains module 62, and for being based on the technology platform interface, obtain user's submission matches confidence
Breath, and the configuration information is supplied to the control module on the Floor layer Technology platform.
The visual presentation module that the Platform deployment module 52 is disposed is docked with the technology platform interface;
The visual presentation module 63, for obtaining the real-time ground shield data of the technology platform interface feedback,
And the real-time ground shield data are based on, the real-time network security postures of cloud computing service provider described in simulation shows.
Compared with prior art, the embodiment of the present invention can between cloud computing service provider and its corresponding user,
The safe cloud service platform of on-premise network, can directly be visited to avoid security service provided by cloud computing service provider by user
It asks, so as to improve the peace of cloud computing service provider in the case where avoiding the overhead of cloud computing service provider
Quan Xing.
The embodiment of the present invention also provides another computer readable storage medium, which can be
Computer readable storage medium included in memory in above-described embodiment;It is also possible to individualism, eventually without supplying
Computer readable storage medium in end.The computer-readable recording medium storage has one or more than one program, institute
State that one or more than one program by one or more than one processor are used to execute Fig. 1, embodiment illustrated in fig. 2 provides
Offer security service method.
The embodiment of the method for above-mentioned offer may be implemented in the device provided in an embodiment of the present invention for providing security service, specifically
Function realizes the explanation referred in embodiment of the method, and details are not described herein.Offer security service provided in an embodiment of the present invention
Method, apparatus and storage medium can be adapted for the safety for improving cloud computing service provider, but be not limited only to this.
As shown in figure Fig. 7, the device 700 for providing security service may include following one or more components: processing component
702, memory 704, power supply module 706, multimedia component 708, audio component 710, the interface 712 of input/output (I/O),
Sensor module 714 and communication component 716.
Processing component 702 usually control unmanned aerial vehicle (UAV) control device 700 integrated operation, such as with display, call, number
According to communication, camera operation and record operate associated operation.Processing component 702 may include one or more processors 720
To execute instruction.
In addition, processing component 702 may include one or more modules, convenient between processing component 702 and other assemblies
Interaction.For example, processing component 702 may include multi-media module, with facilitate multimedia component 708 and processing component 702 it
Between interaction.
Memory 704 is configured as storing various types of data to support the operation in unmanned aerial vehicle (UAV) control device 700.This
The example of a little data includes the instruction of any application or method for operating on unmanned aerial vehicle (UAV) control device 700, connection
Personal data, telephone book data, message, picture, video etc..Memory 704 can be by any kind of volatibility or non-volatile
It stores equipment or their combination is realized, such as static random access memory (SRAM), the read-only storage of electrically erasable
Device (EEPROM), Erasable Programmable Read Only Memory EPROM (EPROM), programmable read only memory (PROM), read-only memory
(ROM), magnetic memory, flash memory, disk or CD.
Power supply module 706 provides electric power for the various assemblies of unmanned aerial vehicle (UAV) control device 700.Power supply module 706 may include
Power-supply management system, one or more power supplys and other with for unmanned aerial vehicle (UAV) control device 700 generate, manage, and distribute electric power phase
Associated component.
Multimedia component 708 includes one output interface of offer between the unmanned aerial vehicle (UAV) control device 700 and user
Screen.In some embodiments, screen may include liquid crystal display (LCD) and touch panel (TP).If screen includes
Touch panel, screen may be implemented as touch screen, to receive input signal from the user.Touch panel includes one or more
A touch sensor is to sense the gesture on touch, slide, and touch panel.The touch sensor can not only sense touch
Or the boundary of sliding action, but also detect duration and pressure associated with the touch or slide operation.In some realities
It applies in example, multimedia component 708 includes a front camera and/or rear camera.When unmanned aerial vehicle (UAV) control device 700 is in
Operation mode, such as in a shooting mode or a video mode, front camera and/or rear camera can receive external multimedia
Data.Each front camera and rear camera can be a fixed optical lens system or there is focal length and optics to become
Burnt ability.
Audio component 710 is configured as output and/or input audio signal.For example, audio component 710 includes a Mike
Wind (MIC), when unmanned aerial vehicle (UAV) control device 700 is in operation mode, when such as call mode, recording mode, and voice recognition mode,
Microphone is configured as receiving external audio signal.The received audio signal can be further stored in memory 704 or
It is sent via communication component 716.In some embodiments, audio component 710 further includes a loudspeaker, for exporting audio letter
Number.
I/O interface 712 provides interface between processing component 702 and peripheral interface module, and above-mentioned peripheral interface module can
To be keyboard, click wheel, button etc..These buttons may include, but are not limited to: home button, volume button, start button and lock
Determine button.
Sensor module 714 includes one or more sensors, for providing various aspects for unmanned aerial vehicle (UAV) control device 700
Status assessment.For example, sensor module 714 can detecte the state that opens/closes of unmanned aerial vehicle (UAV) control device 700, component
Relative positioning, such as the component is the display and keypad of unmanned aerial vehicle (UAV) control device 700, and sensor module 714 may be used also
To detect the position change of 700 1 components of unmanned aerial vehicle (UAV) control device 700 or unmanned aerial vehicle (UAV) control device, user and unmanned aerial vehicle (UAV) control
The existence or non-existence that device 700 contacts, 700 orientation of unmanned aerial vehicle (UAV) control device or acceleration/deceleration and unmanned aerial vehicle (UAV) control device 700
Temperature change.Sensor module 714 may include proximity sensor, be configured to examine without any physical contact
Survey presence of nearby objects.Sensor module 714 can also include that optical sensor is used for such as CMOS or ccd image sensor
It is used in imaging applications.In some embodiments, which can also include acceleration transducer, and gyroscope passes
Sensor, Magnetic Sensor, pressure sensor or temperature sensor.
Communication component 716 is configured to facilitate wired or wireless way between unmanned aerial vehicle (UAV) control device 700 and other equipment
Communication.Unmanned aerial vehicle (UAV) control device 700 can access the wireless network based on communication standard, such as WiFi, 2G or 3G or they
Combination.In one exemplary embodiment, communication component 716 is received via broadcast channel from the wide of external broadcasting management system
Broadcast signal or broadcast related information.In one exemplary embodiment, the communication component 716 further includes near-field communication (NFC)
Module, to promote short range communication.For example, radio frequency identification (RFID) technology, Infrared Data Association (IrDA) can be based in NFC module
Technology, ultra wide band (UWB) technology, bluetooth (BT) technology and other technologies are realized.
In the exemplary embodiment, unmanned aerial vehicle (UAV) control device 700 can be by one or more application specific integrated circuit
(ASIC), digital signal processor (DSP), digital signal processing appts (DSPD), programmable logic device (PLD), scene can
Gate array (FPGA), controller, microcontroller, microprocessor or other electronic components are programmed to realize.
All the embodiments in this specification are described in a progressive manner, same and similar portion between each embodiment
Dividing may refer to each other, and each embodiment focuses on the differences from other embodiments.Especially for equipment reality
For applying example, since it is substantially similar to the method embodiment, so describing fairly simple, related place is referring to embodiment of the method
Part explanation.
Those of ordinary skill in the art will appreciate that realizing all or part of the process in above-described embodiment method, being can be with
Relevant hardware is instructed to complete by computer program, the program can be stored in a computer-readable storage medium
In, the program is when being executed, it may include such as the process of the embodiment of above-mentioned each method.Wherein, the storage medium can be magnetic
Dish, CD, read-only memory (Read-Only Memory, ROM) or random access memory (Random Access
Memory, RAM) etc..
The above description is merely a specific embodiment, but scope of protection of the present invention is not limited thereto, any
In the technical scope disclosed by the present invention, any changes or substitutions that can be easily thought of by those familiar with the art, all answers
It is included within the scope of the present invention.Therefore, protection scope of the present invention should be subject to the protection scope in claims.
Claims (11)
1. a kind of provide the method for security service characterized by comprising
Obtain the demand for security of cloud computing service provider;
According to the demand for security of the cloud computing service provider, cloud computing service provider user corresponding with its it
Between, the safe cloud service platform of on-premise network;
When receiving Client-initiated security service request, it is based on the network security cloud service platform, to the use
Family provides corresponding security service.
2. according to claim 1 provide the method for security service, which is characterized in that the network security cloud service platform
It include: configuration interface, technology platform interface module and any one or any multinomial in visual presentation module.
3. according to claim 2 provide the method for security service, which is characterized in that the configuration interface and the cloud meter
Calculate service provider's docking;The method also includes:
Demand for security and/or own service scale based on the cloud computing service provider, the configuration interface carry out to
Configure the description of content, the content to be configured includes: cloud scale, service type, security level, any one in access way
Item is any multinomial;
Wherein, the scale for the cloud that the cloud scale is used to illustrate that the cloud computing service provider is possessed;The service
Type is used to illustrate the property of the cloud computing service provider;The security level is for illustrating that the cloud computing service provides
Quotient it is expected the protection abilities obtained;The access way is for illustrating the cloud computing service provider selection access safety
The mode of service cloud, the access way include direct tandem and bypass monitoring mode.
4. according to claim 2 provide the method for security service, which is characterized in that the network security cloud service is also wrapped
Include Floor layer Technology platform, the Floor layer Technology platform is docked with the technology platform interface, the technology platform interface also with institute
State user's docking;The method also includes:
Based on the technology platform interface, the configuration information that the user submits is obtained, and the configuration information is supplied to institute
State the control module on Floor layer Technology platform.
5. according to claim 2 provide the method for security service, which is characterized in that the visual presentation module and institute
The docking of technology platform interface is stated, the method also includes:
The module that visualizes obtains the real-time ground shield data of the technology platform interface feedback, and is based on the reality
When ground shield data, the real-time network security postures of cloud computing service provider described in simulation shows.
6. a kind of provide the device of security service characterized by comprising
Demand obtains module, for obtaining the demand for security of cloud computing service provider;
Platform deployment module is provided for the demand for security according to the cloud computing service provider in the cloud computing service
Between quotient and its corresponding user, the safe cloud service platform of on-premise network;
Service providing module, for being based on the network security cloud when receiving Client-initiated security service request
Service platform provides corresponding security service to the user.
7. according to claim 6 provide the device of security service, which is characterized in that
The network security cloud service platform of the Platform deployment module deployment includes: configuration interface, technology platform interface mould
Block and any one or any multinomial in visual presentation module.
8. according to claim 7 provide the device of security service, which is characterized in that
The configuration interface of the Platform deployment module deployment is docked with the cloud computing service provider;
Described device further include:
Content describing module, for demand for security and/or own service scale based on the cloud computing service provider, in institute
The description that configuration interface carries out content to be configured is stated, the content to be configured includes: cloud scale, service type, security level, connects
Enter any one or any multinomial in mode;
Wherein, the scale for the cloud that the cloud scale is used to illustrate that the cloud computing service provider is possessed;The service
Type is used to illustrate the property of the cloud computing service provider;The security level is for illustrating that the cloud computing service provides
Quotient it is expected the protection abilities obtained;The access way is for illustrating the cloud computing service provider selection access safety
The mode of service cloud, the access way include direct tandem and bypass monitoring mode.
9. according to claim 7 provide the device of security service, which is characterized in that
The network security cloud service of the Platform deployment module deployment further includes Floor layer Technology platform;
The Floor layer Technology platform of the Platform deployment module deployment is docked with the technology platform interface, the technology platform
Interface is also docked with the user;
Described device further include:
User configuration obtains module, for being based on the technology platform interface, obtains the configuration information that the user submits, and will
The configuration information is supplied to the control module on the Floor layer Technology platform.
10. according to claim 7 provide the device of security service, which is characterized in that
The visual presentation module of the Platform deployment module deployment is docked with the technology platform interface;
The visual presentation module for obtaining the real-time ground shield data of the technology platform interface feedback, and is based on
The real-time ground shield data, the real-time network security postures of cloud computing service provider described in simulation shows.
11. a kind of computer readable storage medium, is stored thereon with computer program, which is characterized in that described program is processed
The step of claim 1-5 the method is realized when device executes.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810809729.1A CN109150976A (en) | 2018-07-23 | 2018-07-23 | The method, apparatus and storage medium of security service are provided |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810809729.1A CN109150976A (en) | 2018-07-23 | 2018-07-23 | The method, apparatus and storage medium of security service are provided |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109150976A true CN109150976A (en) | 2019-01-04 |
Family
ID=64801294
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810809729.1A Pending CN109150976A (en) | 2018-07-23 | 2018-07-23 | The method, apparatus and storage medium of security service are provided |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109150976A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116418699A (en) * | 2023-06-12 | 2023-07-11 | 北京天融信网络安全技术有限公司 | Cloud service provider network security capability assessment system, method, equipment and medium |
WO2023201914A1 (en) * | 2022-04-18 | 2023-10-26 | 浙江大学 | Service mode optimization method based on confidence awareness |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103139159A (en) * | 2011-11-28 | 2013-06-05 | 上海贝尔股份有限公司 | Safety communication among virtual machines in cloud computing framework |
CN103368983A (en) * | 2012-03-27 | 2013-10-23 | 中兴通讯股份有限公司 | Security demand query method, security demand feedback method and security demand query device |
US20140196113A1 (en) * | 2011-08-08 | 2014-07-10 | Zte Corporation | Secure on-demand supply method and system and traffic type acquisition method |
US20160182524A1 (en) * | 2014-12-18 | 2016-06-23 | Intel Corporation | System platform for context-based configuration of communication channels |
CN107483472A (en) * | 2017-09-05 | 2017-12-15 | 中国科学院计算机网络信息中心 | A kind of method, apparatus of network security monitoring, storage medium and server |
-
2018
- 2018-07-23 CN CN201810809729.1A patent/CN109150976A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20140196113A1 (en) * | 2011-08-08 | 2014-07-10 | Zte Corporation | Secure on-demand supply method and system and traffic type acquisition method |
CN103139159A (en) * | 2011-11-28 | 2013-06-05 | 上海贝尔股份有限公司 | Safety communication among virtual machines in cloud computing framework |
CN103368983A (en) * | 2012-03-27 | 2013-10-23 | 中兴通讯股份有限公司 | Security demand query method, security demand feedback method and security demand query device |
US20160182524A1 (en) * | 2014-12-18 | 2016-06-23 | Intel Corporation | System platform for context-based configuration of communication channels |
CN107483472A (en) * | 2017-09-05 | 2017-12-15 | 中国科学院计算机网络信息中心 | A kind of method, apparatus of network security monitoring, storage medium and server |
Non-Patent Citations (1)
Title |
---|
宋丹劼,等: "中国科技网网络安全平台及应用", 《科研信息化技术与应用》 * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2023201914A1 (en) * | 2022-04-18 | 2023-10-26 | 浙江大学 | Service mode optimization method based on confidence awareness |
CN116418699A (en) * | 2023-06-12 | 2023-07-11 | 北京天融信网络安全技术有限公司 | Cloud service provider network security capability assessment system, method, equipment and medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2021135655A1 (en) | Method and device for generating multimedia resources | |
US20170060354A1 (en) | Method and device for changing emoticons in a chat interface | |
CN106126420B (en) | Application program adjustment method and device | |
CN106791893A (en) | Net cast method and device | |
WO2021135678A1 (en) | Editing template generating method and apparatus, electronic device, and storage medium | |
CN104063655A (en) | Child mode processing method and device | |
WO2022247208A1 (en) | Live broadcast data processing method and terminal | |
CN109658927A (en) | Wake-up processing method, device and the management equipment of smart machine | |
CN103927081A (en) | Method and device for processing notification events | |
CN107798309B (en) | Fingerprint input method and device and computer readable storage medium | |
EP4276605A2 (en) | Program orchestration method and electronic device | |
EP2988205A1 (en) | Method and device for transmitting image | |
CN110109608B (en) | Text display method, text display device, text display terminal and storage medium | |
US20170054713A1 (en) | Method and device for guiding an operation and electronic apparatus | |
CN106157602A (en) | The method and apparatus of calling vehicle | |
KR20200012699A (en) | Product display method and device | |
CN107820131A (en) | Share the method and device of comment information | |
CN104020924A (en) | Label establishing method and device and terminal | |
CN108108671A (en) | Description of product information acquisition method and device | |
CN104219714B (en) | The flow control methods and device of mobile router | |
CN107943550A (en) | Method for showing interface and device | |
CN107330391A (en) | Product information reminding method and device | |
CN104881342B (en) | terminal test method and device | |
CN109154967A (en) | The method and device of hiden application icon | |
CN103885678A (en) | Method and device for displaying object |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190104 |
|
RJ01 | Rejection of invention patent application after publication |