CN109150976A - The method, apparatus and storage medium of security service are provided - Google Patents

The method, apparatus and storage medium of security service are provided Download PDF

Info

Publication number
CN109150976A
CN109150976A CN201810809729.1A CN201810809729A CN109150976A CN 109150976 A CN109150976 A CN 109150976A CN 201810809729 A CN201810809729 A CN 201810809729A CN 109150976 A CN109150976 A CN 109150976A
Authority
CN
China
Prior art keywords
security
service
cloud
cloud computing
service provider
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201810809729.1A
Other languages
Chinese (zh)
Inventor
申罕骥
万巍
龙春
杨帆
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Computer Network Information Center of CAS
Original Assignee
Computer Network Information Center of CAS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Computer Network Information Center of CAS filed Critical Computer Network Information Center of CAS
Priority to CN201810809729.1A priority Critical patent/CN109150976A/en
Publication of CN109150976A publication Critical patent/CN109150976A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/51Discovery or management thereof, e.g. service location protocol [SLP] or web services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/50Network service management, e.g. ensuring proper service fulfilment according to agreements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Abstract

The method, apparatus and storage medium of security service are provided the embodiment of the invention discloses a kind of, is related to network security fields.The method comprise the steps that passing through the demand for security for obtaining cloud computing service provider;According to the demand for security of the cloud computing service provider, between the cloud computing service provider and its corresponding user, the safe cloud service platform of on-premise network;When receiving Client-initiated security service request, it is based on the network security cloud service platform, provides corresponding security service to the user.The present invention can be improved the safety of cloud computing service provider.

Description

The method, apparatus and storage medium of security service are provided
Technical field
The present invention relates to network safety filed more particularly to a kind of method, apparatus and storage medium of offer security service.
Background technique
With the continuous development of network security technology and the in-depth of security service mode, it is by cloud computing service provider The mode that user provides required security service is more prevalent.Security service quilt provided by current cloud computing service provider User directly accesses, and due to lacking necessary safety prevention measure, i.e. the cloud of cloud computing service provider is directly exposed to user, This results in the safe moment of cloud computing service provider to be on the hazard.
Summary of the invention
The embodiment of the present invention provides the method, apparatus and storage medium of a kind of offer security service, is able to solve at present The safety issue of cloud computing service provider.
In order to achieve the above objectives, the embodiment of the present invention adopts the following technical scheme that
In a first aspect, the embodiment of the present invention provides a kind of method of offer security service, comprising:
Obtain the demand for security of cloud computing service provider;
According to the demand for security of the cloud computing service provider, in cloud computing service provider use corresponding with its Between family, the safe cloud service platform of on-premise network;
When receiving Client-initiated security service request, it is based on the network security cloud service platform, to institute It states user and corresponding security service is provided.
With reference to first aspect, in the first possible implementation of the first aspect, the network security cloud service is flat Platform includes: configuration interface, technology platform interface module and any one or any multinomial in visual presentation module.
The possible implementation of with reference to first aspect the first, in second of possible implementation of first aspect In, the configuration interface is docked with the cloud computing service provider;The method also includes:
Demand for security and/or own service scale based on the cloud computing service provider, the configuration interface into The description of row content to be configured, the content to be configured include: cloud scale, service type, security level, appointing in access way Meaning one is any multinomial;
Wherein, the scale for the cloud that the cloud scale is used to illustrate that the cloud computing service provider is possessed;It is described Service type is used to illustrate the property of the cloud computing service provider;The security level is for illustrating the cloud computing service The protection abilities that provider's expectation obtains;The access way is for illustrating the cloud computing service provider selection access The mode of security service cloud, the access way include direct tandem and bypass monitoring mode.
The possible implementation of with reference to first aspect the first, in the third possible implementation of first aspect In, the network security cloud service further includes Floor layer Technology platform, the Floor layer Technology platform and the technology platform interface pair It connects, the technology platform interface is also docked with the user;The method also includes:
Based on the technology platform interface, the configuration information that the user submits is obtained, and the configuration information is provided To the control module on the Floor layer Technology platform.
The possible implementation of with reference to first aspect the first, in the 4th kind of possible implementation of first aspect In, the visual presentation module is docked with the technology platform interface, the method also includes:
The module that visualizes obtains the real-time ground shield data of the technology platform interface feedback, and is based on institute State real-time ground shield data, the real-time network security postures of cloud computing service provider described in simulation shows.
In a first aspect, the embodiment of the present invention provides a kind of device of offer security service, comprising:
Demand obtains module, for obtaining the demand for security of cloud computing service provider;
Platform deployment module, for the demand for security according to the cloud computing service provider, in the cloud computing service Between provider and its corresponding user, the safe cloud service platform of on-premise network;
Service providing module, for being pacified based on the network when receiving Client-initiated security service request Full cloud service platform provides corresponding security service to the user.
In conjunction with second aspect, in the first possible implementation of the second aspect,
The network security cloud service platform of Platform deployment module deployment includes: that configuration interface, technology platform connect Mouth mold block and any one or any multinomial in visual presentation module.
In conjunction with the first possible implementation of second aspect, in second of possible implementation of second aspect In,
The configuration interface of the Platform deployment module deployment is docked with the cloud computing service provider;
Described device further include:
Content describing module, for demand for security and/or own service scale based on the cloud computing service provider, The description of content to be configured is carried out in the configuration interface, the content to be configured includes: cloud scale, service type, safety etc. Grade, any one in access way or any multinomial;
Wherein, the scale for the cloud that the cloud scale is used to illustrate that the cloud computing service provider is possessed;It is described Service type is used to illustrate the property of the cloud computing service provider;The security level is for illustrating the cloud computing service The protection abilities that provider's expectation obtains;The access way is for illustrating the cloud computing service provider selection access The mode of security service cloud, the access way include direct tandem and bypass monitoring mode.
In conjunction with the first possible implementation of second aspect, in the third possible implementation of second aspect In,
The network security cloud service of the Platform deployment module deployment further includes Floor layer Technology platform;
The Floor layer Technology platform of the Platform deployment module deployment is docked with the technology platform interface, the technology Platform interface is also docked with the user;
Described device further include:
User configuration obtains module, for obtaining the configuration information that the user submits based on the technology platform interface, And the configuration information is supplied to the control module on the Floor layer Technology platform.
In conjunction with the first possible implementation of second aspect, in the 4th kind of possible implementation of second aspect In,
The visual presentation module of the Platform deployment module deployment is docked with the technology platform interface;
The visual presentation module, for obtaining the real-time ground shield data of the technology platform interface feedback, and Based on the real-time ground shield data, the real-time network security postures of cloud computing service provider described in simulation shows.
The third aspect, the embodiment of the present invention provide a kind of computer readable storage medium, are stored thereon with computer journey Sequence, which is characterized in that the step of method that first aspect provides is realized when described program is executed by processor.
It is provided in an embodiment of the present invention that the method, apparatus and storage medium of security service are provided, by obtaining cloud computing clothes The demand for security of business provider;According to the demand for security of the cloud computing service provider, in the cloud computing service provider Between its corresponding user, the safe cloud service platform of on-premise network;It is requested when receiving the Client-initiated security service When, it is based on the network security cloud service platform, provides corresponding security service to the user.It can be mentioned in cloud computing service For between quotient and its corresponding user, the safe cloud service platform of on-premise network can be provided to avoid cloud computing service provider Security service directly accessed by user, so as to mention in the case where avoiding the overhead of cloud computing service provider The safety of high cloud computing service provider.
Detailed description of the invention
It to describe the technical solutions in the embodiments of the present invention more clearly, below will be to needed in the embodiment Attached drawing is briefly described, it should be apparent that, drawings in the following description are only some embodiments of the invention, for ability For the those of ordinary skill of domain, without creative efforts, it can also be obtained according to these attached drawings other attached Figure.
Fig. 1 is the flow diagram of the method for the offer security service of the embodiment of the present invention;
Fig. 2 is another flow diagram of the method for the offer security service of the embodiment of the present invention;
Fig. 3 is the network security cloud service platform schematic diagram of the embodiment of the present invention;
Fig. 4 is another schematic diagram of the network security cloud service platform of the embodiment of the present invention;
Fig. 5 is the apparatus structure schematic diagram of the offer security service of the embodiment of the present invention;
Fig. 6 is another structural schematic diagram of the device of the offer security service of the embodiment of the present invention;
Fig. 7 is the structural schematic diagram of the device 700 of the offer security service of the embodiment of the present invention.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts all other Embodiment shall fall within the protection scope of the present invention.
One embodiment of the invention provides a kind of method method of offer security service, as shown in Figure 1, which comprises
101, the demand for security of cloud computing service provider is obtained.
102, according to the demand for security of the cloud computing service provider, in the cloud computing service provider and its correspondence User between, the safe cloud service platform of on-premise network.
103, when receiving Client-initiated security service request, it is based on the network security cloud service platform, Corresponding security service is provided to the user.
Compared with prior art, the embodiment of the present invention can between cloud computing service provider and its corresponding user, The safe cloud service platform of on-premise network, can directly be visited to avoid security service provided by cloud computing service provider by user It asks, so as to improve the peace of cloud computing service provider in the case where avoiding the overhead of cloud computing service provider Quan Xing.
Further embodiment of this invention provides a kind of method of offer security service, as shown in Figure 2, which comprises
201, the demand for security of cloud computing service provider is obtained.
202, according to the demand for security of the cloud computing service provider, in the cloud computing service provider and its correspondence User between, the safe cloud service platform of on-premise network.
As shown in figure 3, the network security cloud service platform includes: configuration interface, technology platform interface module and visual Change any one or any multinomial in display module.
203, demand for security and/or own service scale based on the cloud computing service provider, in configuration circle Face carries out the description of content to be configured.
Wherein, the configuration interface is docked with the cloud computing service provider.
As shown in figure 4, the content to be configured includes: cloud scale, service type, security level, appointing in access way Meaning one is any multinomial.
Wherein, the scale for the cloud that the cloud scale is used to illustrate that the cloud computing service provider is possessed, cloud rule Mould can distribute security service stock number for technology platform and provide foundation;The service type is for illustrating the cloud computing service The property of provider, service type can distribute security service resource type for technology platform and provide foundation;The security level The protection abilities obtained for illustrating the cloud computing service provider expectation, security level can construct for technology platform Which kind of security service chain provides foundation;The access way is for illustrating the cloud computing service provider selection access safety clothes The mode of business cloud, the access way include direct tandem and bypass monitoring mode.
In embodiments of the present invention, user only needs to register by range of information and security service configures, and expresses oneself Demand for security, can be obtained expected security protection ability, thus realize cloud computing service quotient class user a keyization safety Protection service.
204, it is based on the technology platform interface, obtains the configuration information that the user submits, and by the configuration information The control module being supplied on the Floor layer Technology platform.
Wherein, the network security cloud service further includes Floor layer Technology platform, the Floor layer Technology platform and the technology Platform interface docking, the technology platform interface are also docked with the user.
In embodiments of the present invention, technology platform interface is located under configuration interface, provides and network security cloud service bottom The mating interface of layer technology platform.It is mainly responsible for and the configuration information that user submits is submitted into technology platform correlation control module, Play connection function.Meanwhile in real time to the security protection information for visualizing module feedback technology platform.
205, the real-time ground shield data for visualizing module and obtaining the technology platform interface feedback, and base In the real-time ground shield data, the real-time network security postures of cloud computing service provider described in simulation shows.
Wherein, the visual presentation module is docked with the technology platform interface.In embodiments of the present invention, by can It, can intuitive simulation shows cloud computing service quotient receives in real time security protection effect depending on changing display module.
In embodiments of the present invention, by technology platform interface Real-time Feedback ground shield data, simulation shows are protected Cloud computing service quotient real-time network security postures, network attack situation, network protection situation and network protection measure etc. Content.Promoted network safety prevention there are senses, enhance the safe self-confidence of user.
206, when receiving Client-initiated security service request, it is based on the network security cloud service platform, Corresponding security service is provided to the user.
For the embodiment of the present invention, user is to meet hierarchical protection demand or system demand for security, needs to pass through safety clothes Business application selection or customization meet the Security Service Model of self-demand.Security Service Model is one and meets security service agreement Service chaining, be made of one group of security service, cloud safety service platform will according to customized Security Service Model be user Corresponding security service is provided.
Using there is two kinds of options of universal model and customizing model.After user enters application, application will utilize service-oriented Semantic Interoperation means guide user to describe self-demand according to certain specification, and thus provide universal model suggestion.Universal Die Type is the security service chain designed according to some existing agreements or criterion, is the complete solution party for meeting professional standard and convention Case.For general demand and problem, user can directly select generic service model.For there is personalized service to need User rapidly establishes oneself at visual model customizing interface using convenient navigation mechanism guidance user is additionally provided Security Service Model.
Customizing model can be modified on the basis of universal model, can also re-create complete model, in the process user's energy It enough completes the customization of model level and services the customization of level.The customization of model level refer to according to user demand by Services Composition at Satisfactory service chaining.It applies and provides all workable services in model customizing interface, and each service is all provided Complete and detailed definition, service are presented to the user in the form of control.User is according to service definition by pulling safety clothes The mode of business control comes the security service content of tissue oneself, the Security Service Model to be met individual requirements.For tool There is the user of profound customized demand, can also be customized in service level.It applies and provides in Custom Interface to service The editor space of control, user is modified using api interface by programmable mode or defines new service control, according to service Quality and service-level agreement set the grade of service and relevant parameter of oneself demand, and then customized service control is added to Customization operations are completed in Security Service Model.
Compared with prior art, the embodiment of the present invention can between cloud computing service provider and its corresponding user, The safe cloud service platform of on-premise network, can directly be visited to avoid security service provided by cloud computing service provider by user It asks, so as to improve the peace of cloud computing service provider in the case where avoiding the overhead of cloud computing service provider Quan Xing.
Further embodiment of this invention provides a kind of device of offer security service, as shown in figure 5, described device includes:
Demand obtains module 51, for obtaining the demand for security of cloud computing service provider;
Platform deployment module 52 takes for the demand for security according to the cloud computing service provider in the cloud computing It is engaged between provider and its corresponding user, the safe cloud service platform of on-premise network;
Service providing module 53, for being based on the network when receiving Client-initiated security service request Safe cloud service platform provides corresponding security service to the user.
The network security cloud service platform that the Platform deployment module 52 is disposed includes: configuration interface, technology platform Interface module and any one or any multinomial in visual presentation module.
The configuration interface that the Platform deployment module 52 is disposed is docked with the cloud computing service provider;
Further, as shown in fig. 6, described device further include: content describing module 61, user configuration obtain module 62, The visual presentation module 63;
Content describing module 61, for based on the cloud computing service provider demand for security and/or own service rule Mould carries out the description of content to be configured in the configuration interface, and the content to be configured includes: cloud scale, service type, safety Any one or any multinomial in grade, access way;
Wherein, the scale for the cloud that the cloud scale is used to illustrate that the cloud computing service provider is possessed;It is described Service type is used to illustrate the property of the cloud computing service provider;The security level is for illustrating the cloud computing service The protection abilities that provider's expectation obtains;The access way is for illustrating the cloud computing service provider selection access The mode of security service cloud, the access way include direct tandem and bypass monitoring mode.
The network security cloud service that the Platform deployment module 52 is disposed further includes Floor layer Technology platform;
The Floor layer Technology platform that the Platform deployment module 52 is disposed is docked with the technology platform interface, the skill Art platform interface is also docked with the user;
User configuration obtains module 62, and for being based on the technology platform interface, obtain user's submission matches confidence Breath, and the configuration information is supplied to the control module on the Floor layer Technology platform.
The visual presentation module that the Platform deployment module 52 is disposed is docked with the technology platform interface;
The visual presentation module 63, for obtaining the real-time ground shield data of the technology platform interface feedback, And the real-time ground shield data are based on, the real-time network security postures of cloud computing service provider described in simulation shows.
Compared with prior art, the embodiment of the present invention can between cloud computing service provider and its corresponding user, The safe cloud service platform of on-premise network, can directly be visited to avoid security service provided by cloud computing service provider by user It asks, so as to improve the peace of cloud computing service provider in the case where avoiding the overhead of cloud computing service provider Quan Xing.
The embodiment of the present invention also provides another computer readable storage medium, which can be Computer readable storage medium included in memory in above-described embodiment;It is also possible to individualism, eventually without supplying Computer readable storage medium in end.The computer-readable recording medium storage has one or more than one program, institute State that one or more than one program by one or more than one processor are used to execute Fig. 1, embodiment illustrated in fig. 2 provides Offer security service method.
The embodiment of the method for above-mentioned offer may be implemented in the device provided in an embodiment of the present invention for providing security service, specifically Function realizes the explanation referred in embodiment of the method, and details are not described herein.Offer security service provided in an embodiment of the present invention Method, apparatus and storage medium can be adapted for the safety for improving cloud computing service provider, but be not limited only to this.
As shown in figure Fig. 7, the device 700 for providing security service may include following one or more components: processing component 702, memory 704, power supply module 706, multimedia component 708, audio component 710, the interface 712 of input/output (I/O), Sensor module 714 and communication component 716.
Processing component 702 usually control unmanned aerial vehicle (UAV) control device 700 integrated operation, such as with display, call, number According to communication, camera operation and record operate associated operation.Processing component 702 may include one or more processors 720 To execute instruction.
In addition, processing component 702 may include one or more modules, convenient between processing component 702 and other assemblies Interaction.For example, processing component 702 may include multi-media module, with facilitate multimedia component 708 and processing component 702 it Between interaction.
Memory 704 is configured as storing various types of data to support the operation in unmanned aerial vehicle (UAV) control device 700.This The example of a little data includes the instruction of any application or method for operating on unmanned aerial vehicle (UAV) control device 700, connection Personal data, telephone book data, message, picture, video etc..Memory 704 can be by any kind of volatibility or non-volatile It stores equipment or their combination is realized, such as static random access memory (SRAM), the read-only storage of electrically erasable Device (EEPROM), Erasable Programmable Read Only Memory EPROM (EPROM), programmable read only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, disk or CD.
Power supply module 706 provides electric power for the various assemblies of unmanned aerial vehicle (UAV) control device 700.Power supply module 706 may include Power-supply management system, one or more power supplys and other with for unmanned aerial vehicle (UAV) control device 700 generate, manage, and distribute electric power phase Associated component.
Multimedia component 708 includes one output interface of offer between the unmanned aerial vehicle (UAV) control device 700 and user Screen.In some embodiments, screen may include liquid crystal display (LCD) and touch panel (TP).If screen includes Touch panel, screen may be implemented as touch screen, to receive input signal from the user.Touch panel includes one or more A touch sensor is to sense the gesture on touch, slide, and touch panel.The touch sensor can not only sense touch Or the boundary of sliding action, but also detect duration and pressure associated with the touch or slide operation.In some realities It applies in example, multimedia component 708 includes a front camera and/or rear camera.When unmanned aerial vehicle (UAV) control device 700 is in Operation mode, such as in a shooting mode or a video mode, front camera and/or rear camera can receive external multimedia Data.Each front camera and rear camera can be a fixed optical lens system or there is focal length and optics to become Burnt ability.
Audio component 710 is configured as output and/or input audio signal.For example, audio component 710 includes a Mike Wind (MIC), when unmanned aerial vehicle (UAV) control device 700 is in operation mode, when such as call mode, recording mode, and voice recognition mode, Microphone is configured as receiving external audio signal.The received audio signal can be further stored in memory 704 or It is sent via communication component 716.In some embodiments, audio component 710 further includes a loudspeaker, for exporting audio letter Number.
I/O interface 712 provides interface between processing component 702 and peripheral interface module, and above-mentioned peripheral interface module can To be keyboard, click wheel, button etc..These buttons may include, but are not limited to: home button, volume button, start button and lock Determine button.
Sensor module 714 includes one or more sensors, for providing various aspects for unmanned aerial vehicle (UAV) control device 700 Status assessment.For example, sensor module 714 can detecte the state that opens/closes of unmanned aerial vehicle (UAV) control device 700, component Relative positioning, such as the component is the display and keypad of unmanned aerial vehicle (UAV) control device 700, and sensor module 714 may be used also To detect the position change of 700 1 components of unmanned aerial vehicle (UAV) control device 700 or unmanned aerial vehicle (UAV) control device, user and unmanned aerial vehicle (UAV) control The existence or non-existence that device 700 contacts, 700 orientation of unmanned aerial vehicle (UAV) control device or acceleration/deceleration and unmanned aerial vehicle (UAV) control device 700 Temperature change.Sensor module 714 may include proximity sensor, be configured to examine without any physical contact Survey presence of nearby objects.Sensor module 714 can also include that optical sensor is used for such as CMOS or ccd image sensor It is used in imaging applications.In some embodiments, which can also include acceleration transducer, and gyroscope passes Sensor, Magnetic Sensor, pressure sensor or temperature sensor.
Communication component 716 is configured to facilitate wired or wireless way between unmanned aerial vehicle (UAV) control device 700 and other equipment Communication.Unmanned aerial vehicle (UAV) control device 700 can access the wireless network based on communication standard, such as WiFi, 2G or 3G or they Combination.In one exemplary embodiment, communication component 716 is received via broadcast channel from the wide of external broadcasting management system Broadcast signal or broadcast related information.In one exemplary embodiment, the communication component 716 further includes near-field communication (NFC) Module, to promote short range communication.For example, radio frequency identification (RFID) technology, Infrared Data Association (IrDA) can be based in NFC module Technology, ultra wide band (UWB) technology, bluetooth (BT) technology and other technologies are realized.
In the exemplary embodiment, unmanned aerial vehicle (UAV) control device 700 can be by one or more application specific integrated circuit (ASIC), digital signal processor (DSP), digital signal processing appts (DSPD), programmable logic device (PLD), scene can Gate array (FPGA), controller, microcontroller, microprocessor or other electronic components are programmed to realize.
All the embodiments in this specification are described in a progressive manner, same and similar portion between each embodiment Dividing may refer to each other, and each embodiment focuses on the differences from other embodiments.Especially for equipment reality For applying example, since it is substantially similar to the method embodiment, so describing fairly simple, related place is referring to embodiment of the method Part explanation.
Those of ordinary skill in the art will appreciate that realizing all or part of the process in above-described embodiment method, being can be with Relevant hardware is instructed to complete by computer program, the program can be stored in a computer-readable storage medium In, the program is when being executed, it may include such as the process of the embodiment of above-mentioned each method.Wherein, the storage medium can be magnetic Dish, CD, read-only memory (Read-Only Memory, ROM) or random access memory (Random Access Memory, RAM) etc..
The above description is merely a specific embodiment, but scope of protection of the present invention is not limited thereto, any In the technical scope disclosed by the present invention, any changes or substitutions that can be easily thought of by those familiar with the art, all answers It is included within the scope of the present invention.Therefore, protection scope of the present invention should be subject to the protection scope in claims.

Claims (11)

1. a kind of provide the method for security service characterized by comprising
Obtain the demand for security of cloud computing service provider;
According to the demand for security of the cloud computing service provider, cloud computing service provider user corresponding with its it Between, the safe cloud service platform of on-premise network;
When receiving Client-initiated security service request, it is based on the network security cloud service platform, to the use Family provides corresponding security service.
2. according to claim 1 provide the method for security service, which is characterized in that the network security cloud service platform It include: configuration interface, technology platform interface module and any one or any multinomial in visual presentation module.
3. according to claim 2 provide the method for security service, which is characterized in that the configuration interface and the cloud meter Calculate service provider's docking;The method also includes:
Demand for security and/or own service scale based on the cloud computing service provider, the configuration interface carry out to Configure the description of content, the content to be configured includes: cloud scale, service type, security level, any one in access way Item is any multinomial;
Wherein, the scale for the cloud that the cloud scale is used to illustrate that the cloud computing service provider is possessed;The service Type is used to illustrate the property of the cloud computing service provider;The security level is for illustrating that the cloud computing service provides Quotient it is expected the protection abilities obtained;The access way is for illustrating the cloud computing service provider selection access safety The mode of service cloud, the access way include direct tandem and bypass monitoring mode.
4. according to claim 2 provide the method for security service, which is characterized in that the network security cloud service is also wrapped Include Floor layer Technology platform, the Floor layer Technology platform is docked with the technology platform interface, the technology platform interface also with institute State user's docking;The method also includes:
Based on the technology platform interface, the configuration information that the user submits is obtained, and the configuration information is supplied to institute State the control module on Floor layer Technology platform.
5. according to claim 2 provide the method for security service, which is characterized in that the visual presentation module and institute The docking of technology platform interface is stated, the method also includes:
The module that visualizes obtains the real-time ground shield data of the technology platform interface feedback, and is based on the reality When ground shield data, the real-time network security postures of cloud computing service provider described in simulation shows.
6. a kind of provide the device of security service characterized by comprising
Demand obtains module, for obtaining the demand for security of cloud computing service provider;
Platform deployment module is provided for the demand for security according to the cloud computing service provider in the cloud computing service Between quotient and its corresponding user, the safe cloud service platform of on-premise network;
Service providing module, for being based on the network security cloud when receiving Client-initiated security service request Service platform provides corresponding security service to the user.
7. according to claim 6 provide the device of security service, which is characterized in that
The network security cloud service platform of the Platform deployment module deployment includes: configuration interface, technology platform interface mould Block and any one or any multinomial in visual presentation module.
8. according to claim 7 provide the device of security service, which is characterized in that
The configuration interface of the Platform deployment module deployment is docked with the cloud computing service provider;
Described device further include:
Content describing module, for demand for security and/or own service scale based on the cloud computing service provider, in institute The description that configuration interface carries out content to be configured is stated, the content to be configured includes: cloud scale, service type, security level, connects Enter any one or any multinomial in mode;
Wherein, the scale for the cloud that the cloud scale is used to illustrate that the cloud computing service provider is possessed;The service Type is used to illustrate the property of the cloud computing service provider;The security level is for illustrating that the cloud computing service provides Quotient it is expected the protection abilities obtained;The access way is for illustrating the cloud computing service provider selection access safety The mode of service cloud, the access way include direct tandem and bypass monitoring mode.
9. according to claim 7 provide the device of security service, which is characterized in that
The network security cloud service of the Platform deployment module deployment further includes Floor layer Technology platform;
The Floor layer Technology platform of the Platform deployment module deployment is docked with the technology platform interface, the technology platform Interface is also docked with the user;
Described device further include:
User configuration obtains module, for being based on the technology platform interface, obtains the configuration information that the user submits, and will The configuration information is supplied to the control module on the Floor layer Technology platform.
10. according to claim 7 provide the device of security service, which is characterized in that
The visual presentation module of the Platform deployment module deployment is docked with the technology platform interface;
The visual presentation module for obtaining the real-time ground shield data of the technology platform interface feedback, and is based on The real-time ground shield data, the real-time network security postures of cloud computing service provider described in simulation shows.
11. a kind of computer readable storage medium, is stored thereon with computer program, which is characterized in that described program is processed The step of claim 1-5 the method is realized when device executes.
CN201810809729.1A 2018-07-23 2018-07-23 The method, apparatus and storage medium of security service are provided Pending CN109150976A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810809729.1A CN109150976A (en) 2018-07-23 2018-07-23 The method, apparatus and storage medium of security service are provided

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810809729.1A CN109150976A (en) 2018-07-23 2018-07-23 The method, apparatus and storage medium of security service are provided

Publications (1)

Publication Number Publication Date
CN109150976A true CN109150976A (en) 2019-01-04

Family

ID=64801294

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810809729.1A Pending CN109150976A (en) 2018-07-23 2018-07-23 The method, apparatus and storage medium of security service are provided

Country Status (1)

Country Link
CN (1) CN109150976A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116418699A (en) * 2023-06-12 2023-07-11 北京天融信网络安全技术有限公司 Cloud service provider network security capability assessment system, method, equipment and medium
WO2023201914A1 (en) * 2022-04-18 2023-10-26 浙江大学 Service mode optimization method based on confidence awareness

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103139159A (en) * 2011-11-28 2013-06-05 上海贝尔股份有限公司 Safety communication among virtual machines in cloud computing framework
CN103368983A (en) * 2012-03-27 2013-10-23 中兴通讯股份有限公司 Security demand query method, security demand feedback method and security demand query device
US20140196113A1 (en) * 2011-08-08 2014-07-10 Zte Corporation Secure on-demand supply method and system and traffic type acquisition method
US20160182524A1 (en) * 2014-12-18 2016-06-23 Intel Corporation System platform for context-based configuration of communication channels
CN107483472A (en) * 2017-09-05 2017-12-15 中国科学院计算机网络信息中心 A kind of method, apparatus of network security monitoring, storage medium and server

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140196113A1 (en) * 2011-08-08 2014-07-10 Zte Corporation Secure on-demand supply method and system and traffic type acquisition method
CN103139159A (en) * 2011-11-28 2013-06-05 上海贝尔股份有限公司 Safety communication among virtual machines in cloud computing framework
CN103368983A (en) * 2012-03-27 2013-10-23 中兴通讯股份有限公司 Security demand query method, security demand feedback method and security demand query device
US20160182524A1 (en) * 2014-12-18 2016-06-23 Intel Corporation System platform for context-based configuration of communication channels
CN107483472A (en) * 2017-09-05 2017-12-15 中国科学院计算机网络信息中心 A kind of method, apparatus of network security monitoring, storage medium and server

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
宋丹劼,等: "中国科技网网络安全平台及应用", 《科研信息化技术与应用》 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2023201914A1 (en) * 2022-04-18 2023-10-26 浙江大学 Service mode optimization method based on confidence awareness
CN116418699A (en) * 2023-06-12 2023-07-11 北京天融信网络安全技术有限公司 Cloud service provider network security capability assessment system, method, equipment and medium

Similar Documents

Publication Publication Date Title
WO2021135655A1 (en) Method and device for generating multimedia resources
US20170060354A1 (en) Method and device for changing emoticons in a chat interface
CN106126420B (en) Application program adjustment method and device
CN106791893A (en) Net cast method and device
WO2021135678A1 (en) Editing template generating method and apparatus, electronic device, and storage medium
CN104063655A (en) Child mode processing method and device
CN106528709A (en) Social information recommendation method and apparatus
CN109658927A (en) Wake-up processing method, device and the management equipment of smart machine
KR102282544B1 (en) Product display method and device
US10248855B2 (en) Method and apparatus for identifying gesture
CN103927081A (en) Method and device for processing notification events
CN104166689A (en) Presentation method and device for electronic book
EP4276605A2 (en) Program orchestration method and electronic device
EP2988205A1 (en) Method and device for transmitting image
CN110109608B (en) Text display method, text display device, text display terminal and storage medium
US20170054713A1 (en) Method and device for guiding an operation and electronic apparatus
CN107798309B (en) Fingerprint input method and device and computer readable storage medium
CN106157602A (en) The method and apparatus of calling vehicle
CN107820131A (en) Share the method and device of comment information
CN107426088A (en) Pictorial information processing method and processing device
CN104020924A (en) Label establishing method and device and terminal
CN104219714B (en) The flow control methods and device of mobile router
CN104461283A (en) Network view screen shooting method and device and electronic device
CN108108671A (en) Description of product information acquisition method and device
CN107943550A (en) Method for showing interface and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20190104

RJ01 Rejection of invention patent application after publication