CN110247927A - A kind of right management method and device of cloud computing resources - Google Patents
A kind of right management method and device of cloud computing resources Download PDFInfo
- Publication number
- CN110247927A CN110247927A CN201910580117.4A CN201910580117A CN110247927A CN 110247927 A CN110247927 A CN 110247927A CN 201910580117 A CN201910580117 A CN 201910580117A CN 110247927 A CN110247927 A CN 110247927A
- Authority
- CN
- China
- Prior art keywords
- target
- account
- sub
- cloud computing
- computing resources
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Power Engineering (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The embodiment of the present application provides the right management method and device of a kind of cloud computing resources, belong to computer field, the method is applied to the server of management cloud computing resources, the described method includes: after the sub- account of primary account number successfully logs in predetermined registration operation interface, it obtains for requesting the operation requests operated to cloud computing resources, the resource identification of the sub- account of target and target cloud computing resources to be obtained is carried in operation requests;Sub- account has all or part of permission of primary account number operation cloud computing resources;According to the sub- account of target, the resource identification of target cloud computing resources, pre-stored sub- account and resource identification corresponding relationship, determine whether the sub- account of target has the operating right of target cloud computing resources;In the case where determining has operating right, then the sub- account of target is allowed to operate target cloud computing resources.Using technical solution provided by the embodiments of the present application, the efficiency of management of cloud computing resources operating right can be improved.
Description
Technical field
This application involves field of computer technology, more particularly to the right management method and dress of a kind of cloud computing resources
It sets.
Background technique
In cloud computing resources management, if a certain enterprise has the operating right of a certain cloud computing resources, cloud meter is managed
The server for calculating resource can store the corresponding relationship of the primary account number of the enterprise and the resource identification of the cloud computing resources.Cloud computing
Resource such as RDS (Relational Database Service, relevant database service) example, SLB (Server Load
Balance, load balancing) example.
In the related technology, when the staff of enterprise wants using a certain cloud computing resources, which can be
The primary account number of the enterprise and the password of primary account number are filled in preset login interface, to log in the management application of cloud computing resources
Program.Then, which can execute predetermined registration operation, and to generate the acquisition request for obtaining the cloud computing resources, acquisition is asked
Seek the target resource identifier for carrying primary account number, cloud computing resources to be obtained.Server is after receiving acquisition request, Ke Yigen
According to the corresponding relationship of pre-stored primary account number and resource identification, judge whether target resource identifier is the corresponding money of the primary account number
Source mark.If target resource identifier is the corresponding resource identification of the primary account number, server can be confirmed that the primary account number has
The available cloud computing resources of the operating right of the cloud computing resources, the i.e. staff.
However, operating right of the staff of different departments when using cloud computing resources is different in same enterprise, altogether
The staff that primary account number uses cloud computing resources to each is enjoyed, is not easy to enterprise for the pipe of cloud computing resources operating right
Reason.
Summary of the invention
The right management method and device for being designed to provide a kind of cloud computing resources of the embodiment of the present application, to improve cloud
The efficiency of management of computing resource operating right.Specific technical solution is as follows:
In a first aspect, providing a kind of right management method of cloud computing resources, the method is applied to management cloud computing
The server of resource, which comprises
After the sub- account of primary account number successfully logs in predetermined registration operation interface, obtain for requesting to carry out cloud computing resources
The operation requests of operation, wherein the sub- account of target and target cloud computing resources to be obtained are carried in the operation requests
Resource identification;Wherein, the sub- account has all or part of permission of primary account number operation cloud computing resources;
According to the sub- account of the target, the resource identification of the target cloud computing resources, pre-stored sub- account and money
The corresponding relationship of source mark, determines whether the sub- account of the target has the operating right of the target cloud computing resources;
In the case where determining has the operating right, then the sub- account of the target is allowed to provide the target cloud computing
Source is operated.
Optionally, the method also includes:
Receive the logging request that the sub- account logs in the predetermined registration operation interface, wherein carry in the logging request
The password of the sub- account of target primary account number, target and the sub- account of the target;
If the target primary account number is pre-stored primary account number, according to the target primary account number, pre-stored
The corresponding relationship of primary account number and sub- account judges whether the sub- account of the target is the corresponding sub- account of the target primary account number;
If the sub- account of target be the corresponding sub- account of the target primary account number, according to the sub- account of the target,
The corresponding relationship of pre-stored sub- account and password verifies the password of the sub- account of the target;
If the password of the sub- account of target is correct, the predetermined registration operation interface is successfully logged in.
Optionally, it is obtaining for before requesting the operation requests operated to cloud computing resources, the method also to be wrapped
It includes:
Receive the setting request of sub- account, wherein setting request carrying target primary account number, the sub- account of target and
The password of the sub- account of target;
According to the target primary account number, the corresponding relationship of pre-stored primary account number and resource identification, it is determined as the mesh
The target resource identifier of the cloud computing resources of sub- account distribution is marked, the target resource identifier is arranged for the sub- account of the target
The operating right of affiliated cloud computing resources;
It is corresponding to store the target primary account number and the sub- account of the target, obtain the corresponding relationship of primary account number Yu sub- account;
The corresponding password for storing the target sub- account and the sub- account of the target, obtains the corresponding relationship of sub- account and password;It is corresponding
The sub- account of the target and the target resource identifier are stored, the corresponding relationship of sub- account and resource identification is obtained.
Optionally, described according to the target primary account number, the corresponding relationship of pre-stored primary account number and resource identification, really
The target resource identifier for being set to the cloud computing resources of the target sub- account distribution includes:
According to the target primary account number, the corresponding relationship of pre-stored primary account number and resource identification, the target is determined
The resource identification of the corresponding cloud computing resources of primary account number;
The resource identification of the corresponding cloud computing resources of the target primary account number is sent to the terminal of the target primary account number,
So that the terminal shows the resource identification of the corresponding cloud computing resources of the target primary account number in display interface;
In response to the distribution request for batch operation permission, the target resource identifier that the distribution request carries is obtained,
Wherein, the distribution request is to act on the selection operation of the display interface to be triggered, and the selection operation is used for from institute
It states and selects the target resource identifier in the resource identification of the corresponding cloud computing resources of target primary account number.
Optionally, after obtaining the target resource identifier that the distribution request carries, the method also includes:
If the target resource identifier corresponding with the sub- account of the target has been locally stored, what deletion was locally stored
The target resource identifier, to cancel the behaviour for distributing the affiliated cloud computing resources of the target resource identifier for the sub- account of the target
Make permission;
If the local not stored target resource identifier corresponding with the sub- account of the target, executes the correspondence and deposits
The sub- account of the target and the target resource identifier are stored up, the corresponding relationship step of sub- account and resource identification is obtained.
Second aspect, provides a kind of rights management device of cloud computing resources, and described device is applied to management cloud computing
The server of resource, described device include:
Module is obtained, after successfully logging in predetermined registration operation interface for the sub- account in primary account number, is obtained for request pair
The operation requests that cloud computing resources are operated, wherein the sub- account of target and mesh to be obtained are carried in the operation requests
Mark the resource identification of cloud computing resources;Wherein, the sub- account has whole or the portion of primary account number operation cloud computing resources
Fraction limit;
First determining module, for according to the resource identification of the sub- account of the target, the target cloud computing resources, in advance
The sub- account of storage and the corresponding relationship of resource identification, determine whether the sub- account of the target has the target cloud computing resources
Operating right;
Execution module, in the case where determining has the operating right, then allowing the sub- account of the target to institute
Target cloud computing resources are stated to be operated.
Optionally, described device further include:
First receiving module logs in the logging request at the predetermined registration operation interface for receiving the sub- account, wherein institute
State the password that target primary account number, the sub- account of target and the sub- account of the target are carried in logging request;
First judgment module is used for when the target primary account number is pre-stored primary account number, according to the target master
The corresponding relationship of account, pre-stored primary account number and sub- account judges whether the sub- account of the target is the main account of the target
Number corresponding sub- account;
Second judgment module is used for when the sub- account of the target sub- account corresponding for the target primary account number, according to
The corresponding relationship of the sub- account of the target, pre-stored sub- account and password, tests the password of the sub- account of the target
Card;
Login module, for successfully logging in the predetermined registration operation interface when the password of the sub- account of the target is correct.
Optionally, described device further include:
Second receiving module, the setting for receiving sub- account are requested, wherein the setting request carries the main account of target
Number, the password of the sub- account of target and the sub- account of the target;
Second determining module, for corresponding with resource identification according to the target primary account number, pre-stored primary account number
Relationship is determined as the target resource identifier of the cloud computing resources of the sub- account distribution of the target, to set for the sub- account of the target
Set the operating right of the affiliated cloud computing resources of the target resource identifier;
Memory module stores the target primary account number and the sub- account of the target for corresponding, obtains primary account number and sub- account
Number corresponding relationship;The corresponding password for storing the target sub- account and the sub- account of the target obtains sub- account and password
Corresponding relationship;It is corresponding to store the sub- account of target and the target resource identifier, it is corresponding with resource identification to obtain sub- account
Relationship.
Optionally, second determining module includes:
Submodule is determined, for according to the target primary account number, pre-stored primary account number pass corresponding with resource identification
System, determines the resource identification of the corresponding cloud computing resources of the target primary account number;
Sending submodule, for the resource identification of the corresponding cloud computing resources of the target primary account number to be sent to the mesh
The terminal for marking primary account number, so that the terminal shows the resource of the corresponding cloud computing resources of the target primary account number in display interface
Mark;
Acquisition submodule, for obtaining the distribution request and carrying in response to the distribution request for batch operation permission
Target resource identifier, wherein the distribution request is to act on the selection operation of the display interface to be triggered, the choosing
Operation is selected for selecting the target resource identifier from the resource identification of the corresponding cloud computing resources of the target primary account number.
Optionally, described device further include:
Removing module, for deleting when the target resource identifier corresponding with the sub- account of the target has been locally stored
It is that the sub- account of the target distributes the affiliated cloud of target resource identifier to cancel except the target resource identifier being locally stored
The operating right of computing resource;
The memory module is also used to when the local not stored target resource identifier corresponding with the sub- account of the target
When, the corresponding storage sub- account of target and the target resource identifier are executed, pair of sub- account and resource identification is obtained
Answer relationship step.
The third aspect provides a kind of server, including processor, communication interface, memory and communication bus, wherein
Processor, communication interface, memory complete mutual communication by communication bus;
Memory, for storing computer program;
Processor when for executing the program stored on memory, realizes method and step described in any first aspect.
Fourth aspect provides a kind of computer readable storage medium, is stored in the computer readable storage medium
Computer program, the computer program realize method and step described in any first aspect when being executed by processor.
The right management method and device of a kind of cloud computing resources provided by the embodiments of the present application, can be in the son of primary account number
After account successfully logs in predetermined registration operation interface, obtain for requesting the operation requests operated to cloud computing resources, operation
The resource identification of the sub- account of target and target cloud computing resources to be obtained is carried in request;Sub- account is grasped with primary account number
Make all or part of permission of cloud computing resources.Then, according to the sub- account of target, the resource identification, pre- of target cloud computing resources
The corresponding relationship of the sub- account and resource identification that first store, determines whether the sub- account of target has the operation of target cloud computing resources
Permission.If the sub- account of target has the operating right of target cloud computing resources, allow the sub- account of target to target cloud computing
Resource is operated.Due to allowing the sub- account of target after determining the operating right that the sub- account of target has target cloud computing resources
Number target cloud computing resources are operated, can be avoided and obtain the cloud computing resources that the sub- account of target does not have operating right,
It can be improved the efficiency of management of cloud computing resources operating right.
Certainly, implement the application any product or method it is not absolutely required to and meanwhile reach all the above excellent
Point.
Detailed description of the invention
In order to illustrate the technical solutions in the embodiments of the present application or in the prior art more clearly, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
Some embodiments of application for those of ordinary skill in the art without creative efforts, can be with
It obtains other drawings based on these drawings.
Fig. 1 is a kind of flow chart of the right management method of cloud computing resources provided by the embodiments of the present application;
Fig. 2 is a kind of flow chart of the right management method of cloud computing resources provided by the embodiments of the present application;
Fig. 3 is a kind of flow chart of the right management method of cloud computing resources provided by the embodiments of the present application;
Fig. 4 is a kind of flow chart of the right management method of cloud computing resources provided by the embodiments of the present application;
Fig. 5 is a kind of structural schematic diagram of the rights management device of cloud computing resources provided by the embodiments of the present application;
Fig. 6 is a kind of structural schematic diagram of server provided by the embodiments of the present application.
Specific embodiment
Below in conjunction with the attached drawing in the embodiment of the present application, technical solutions in the embodiments of the present application carries out clear, complete
Site preparation description, it is clear that described embodiments are only a part of embodiments of the present application, instead of all the embodiments.It is based on
Embodiment in the application, it is obtained by those of ordinary skill in the art without making creative efforts every other
Embodiment shall fall in the protection scope of this application.
The embodiment of the present application provides a kind of right management method of cloud computing resources, and this method is applied to management cloud computing
The server of resource, server can be the electronic equipment with store function, function of search, in a kind of feasible implementation
In, it can store cloud computing resources in server.For the enterprise of purchase cloud computing resources, this can store in server
Pair of the resource identification for the cloud computing resources that the primary account number of enterprise, the account number cipher of the primary account number and the enterprise have bought
It should be related to.
It, can be according to the cloud computing resources that staff has after buying cloud computing resources in the embodiment of the present application
Different sub- accounts is arranged in the difference of operating right, for example, chief engineer has the operation of all cloud computing resources bought
Permission, then primary account number can be used in chief engineer;The operating right for the cloud computing resources that there is junior engineer part to have bought,
Then preset sub- account can be used in junior engineer.Thereby, it is possible to avoid sharing the behaviour of all cloud computing resources bought
Make permission to different staff, another aspect can be by the operation note of the sub- account of inquiry, to the cloud meter of staff
The history usage record for calculating resource is tracked.
As shown in Figure 1, the concrete processing procedure that sub- account is arranged in server may include:
Step 101, the setting request of sub- account is received.
Wherein, setting request carries the password of the sub- account of target primary account number, target and the sub- account of target.
In an implementation, when a certain staff needs using a certain cloud computing resources, if the staff does not make
When with the qualification of primary account number and without the sub- account of the operating right with the cloud computing resources, the administrative staff of enterprise can be with
The first predetermined registration operation is executed, so that server receives setting request, thus one new sub- account of setting.Alternatively, when needing
When changing the operating right for the cloud computing resources that a certain sub- account has, the first predetermined registration operation can be executed, so that server connects
Setting request is received, to change the operating right of the corresponding cloud computing resources of the sub- account.
Administrative staff can log in boundary default by being equipped with the user terminal of the management application program of cloud computing resources
The target primary account number of the enterprise, the password of target primary account number are filled in face, to log in the management application program of cloud computing resources.So
Afterwards, administrative staff can execute the first predetermined registration operation, generate the setting request of sub- account.It is pre- that the first predetermined registration operation can be click
If set interface in for indicating the icon of " sub- account is arranged ".The first predetermined registration operation, which is also possible to input, to be indicated to generate sub- account
Number character.
The available target primary account number currently logged in of user terminal, the sub- account of target of input and target as a result,
The password of account generates setting request.Then, setting request can be sent to server by user terminal.
In a kind of feasible implementation, server may include display unit, and administrative staff can pass through server
The display unit for including fills in the target primary account number of the enterprise, the password of target primary account number in default login interface, to log in
The management application program of cloud computing resources.Then, administrative staff can execute the first predetermined registration operation, so that server receives son
The setting of account is requested.
Later, it is requested in response to the setting of the sub- account received, the target that the available setting request of server carries
The password of the sub- account of primary account number, target and the sub- account of target.
In the embodiment of the present application, the sub- account of target includes at least one of self-defined title, mailbox, cell-phone number, difference
The password of sub- account answers difference.
Step 102, according to target primary account number, the corresponding relationship of pre-stored primary account number and resource identification, it is determined as mesh
The target resource identifier for marking the cloud computing resources of sub- account distribution, to be arranged in terms of the affiliated cloud of target resource identifier for the sub- account of target
Calculate the operating right of resource.
In an implementation, server can be in the corresponding relationship of pre-stored primary account number and resource identification, determining and mesh
The identical primary account number of primary account number is marked, and by the corresponding resource identification of the primary account number, as the corresponding cloud computing money of target primary account number
The resource identification in source.Then, server can be determined as mesh according to the resource identification of the corresponding cloud computing resources of target primary account number
Mark the target resource identifier of the cloud computing resources of sub- account distribution.
Server is determined as the sub- account distribution of target according to the resource identification of the corresponding cloud computing resources of target primary account number
The mode of the target resource identifier of cloud computing resources may is that administrative staff can input in set interface wait be target
The resource identification of the cloud computing resources of account distribution, as a result, setting request can also carry resource identification.Then, server
May determine that setting request carry resource identification whether be the corresponding cloud computing resources of target primary account number resource identification, if
Judging result be it is yes, then server can will setting request carry resource identification as target resource identifier;If it is determined that knot
Fruit be it is no, then server can send preset sub- account setup failed message, not make subsequent processing.
In the embodiment of the present application, server can also be determined as the cloud computing money of the sub- account distribution of target by other means
The target resource identifier in source, concrete processing procedure is subsequent to will do it detailed description.
Step 103, corresponding storage target primary account number and the sub- account of target, obtain the corresponding relationship of primary account number Yu sub- account;
The password of corresponding storage target sub- account and the sub- account of target, obtains the corresponding relationship of sub- account and password;Corresponding storage target
Sub- account and target resource identifier obtain the corresponding relationship of sub- account and resource identification.
In an implementation, after being determined as the target resource identifier of cloud computing resources of the sub- account distribution of target, server can
With corresponding storage target primary account number and the sub- account of target, the corresponding relationship of primary account number Yu sub- account is obtained;Corresponding storage target
The password of account and the sub- account of target, obtains the corresponding relationship of sub- account and password;It is corresponding to store the sub- account of target and target money
Source mark, obtains the corresponding relationship of sub- account and resource identification.
In the embodiment of the present application, server can receive the setting request of sub- account, obtain the target that setting request carries
The password of the sub- account of primary account number, target and the sub- account of target.Then, according to target primary account number, pre-stored primary account number with
The corresponding relationship of resource identification is determined as the target resource identifier of the cloud computing resources of the sub- account distribution of target, for target
The operating right of the account setting affiliated cloud computing resources of target resource identifier.After determining target resource identifier, corresponding storage mesh
Primary account number and the sub- account of target are marked, the corresponding relationship of primary account number Yu sub- account is obtained;It is corresponding to store the sub- account of target and target
The password of account obtains the corresponding relationship of sub- account and password;It is corresponding to store the sub- account of target and target resource identifier, obtain son
The corresponding relationship of account and resource identification.
Due to being provided with the sub- account of target, and therefore the sub- account of corresponding storage target and target resource identifier can be mesh
The operating right for marking the sub- account distribution affiliated cloud computing resources of target resource identifier, is easy to use the work of different cloud computing resources
Personnel obtain cloud computing resources, can be improved the efficiency of management of cloud computing resources operating right by the sub- account of corresponding target.
It, can be to different operating personnel based on a kind of right management method of cloud computing resources provided by the embodiments of the present application
The operating rights of cloud computing resources carry out minimum distribution, on the one hand, pass through the operation note of each sub- account of storage, Neng Gouji
The cloud computing resources service condition for recording the staff of different departments in enterprise, carries out convenient for the usage record to cloud computing resources
Management.On the other hand, it can reduce and share all operating rights for having bought cloud computing resources to the wind of different staff
Danger.In addition, establishing associated with primary account number account does not need other expenses, can save the management of cloud computing resources at
This.
Optionally, it is requested in response to the setting of the sub- account received, it is corresponding that server can also export target primary account number
Whole cloud computing resources resource identification, so that administrative staff are therefrom selected as the cloud computing resources of target sub- account distribution
Target resource identifier, concrete processing procedure include:
Step 1, according to target primary account number, the corresponding relationship of pre-stored primary account number and resource identification, determine target master
The resource identification of the corresponding cloud computing resources of account.
In an implementation, server can be according to target primary account number, pre-stored primary account number pass corresponding with resource identification
System, determines the resource identification of the corresponding cloud computing resources of target primary account number.
Step 2, the resource identification of the corresponding cloud computing resources of target primary account number is sent to the terminal of target primary account number, with
Make terminal in the resource identification of the corresponding cloud computing resources of display interface displaying target primary account number.
It should be noted that above-mentioned display interface can be the same interface with above-mentioned predetermined registration operation interface, it is also possible to
Different interfaces, however it is not limited to this.Above-mentioned display interface is the interface that above-mentioned target primary account number logs in.
In a kind of feasible implementation, for the resource identification of each cloud computing resources, selection interface (shows boundary
Face) in corresponding position choice box can be set, such administrative staff can click choice box, and user terminal is available
The corresponding resource identification of selected choice box generates the distribution request of the resource identification comprising obtaining, and distribution request is for asking
The operating right for the affiliated cloud computing resources of resource identification for asking distribution to obtain.In another feasible implementation, boundary is selected
Character input column can be set in face, such administrative staff can input the resource identification of cloud computing resources to be allocated, use
The resource identification of the available input of family terminal generates the distribution request of the resource identification comprising input, and distribution request is for asking
The operating right for the affiliated cloud computing resources of resource identification for asking distribution to input.Then, user terminal can send distribution request
To server.
Include display unit for above-mentioned server, sub- account is arranged by the realization that interacts between administrative staff and server
Number and the case where batch operation permission, server can be by display unit, the main account of displaying target in preset selection interface
The resource identification of number corresponding cloud computing resources.Administrative staff can click choice box or input cloud computing resources to be allocated
Resource identification so that server receives the distribution request for batch operation permission.
Step 3, the distribution request for batch operation permission in response to receiving obtain the target that distribution request carries
Resource identification.Wherein, the distribution request is to act on the selection operation of the display interface to be triggered, the selection operation
For selecting the target resource identifier from the resource identification of the corresponding cloud computing resources of the target primary account number.
In an implementation, the resource identification carried in response to the distribution request received, the available distribution request of server,
As the target resource identifier to the cloud computing resources for the sub- account setting of target.
In the embodiment of the present application, server can export the resource identification of the corresponding cloud computing resources of target primary account number, so
Afterwards, in response to the distribution request received, it is determined as the target resource identifier of the cloud computing resources of the sub- account setting of target, is convenient for
Administrative staff are selected as the target resource identifier of the cloud computing resources of the sub- account distribution of target, further increase cloud computing resources behaviour
Make the efficiency of management of permission.
Optionally, after sub- account is arranged in server, which can log in cloud computing resources by the sub- account
Application program is managed, as shown in Fig. 2, the concrete processing procedure of server includes:
Step 201, the logging request that sub- account logs in predetermined registration operation interface is received.
Wherein, the password of target primary account number, the sub- account of target and the sub- account of target is carried in logging request.
In an implementation, staff can by being equipped with the user terminal of the management application program of cloud computing resources,
The target primary account number of the enterprise, the password of the sub- account of target and the sub- account of target are filled in preset login interface, to log in
The management application program of cloud computing resources.Then, staff can execute second predetermined registration operation, generate logging request.
Second predetermined registration operation, which can be, to be clicked in predetermined registration operation interface for indicating the icon of " logging in sub- account ".Second is pre-
If operation, which is also possible to input, to be indicated to log in the character of sub- account.As a result, the target primary account number of the available input of user terminal,
The password of the sub- account of target and the sub- account of target generates logging request, and logging request is sent to server.
Later, server is after the logging request for receiving sub- account, the main account of target of available logging request carrying
Number, the password of the sub- account of target and the sub- account of target.Server may determine that whether target primary account number is pre-stored master
Account, with test-target primary account number whether be mistake registered in advance effective primary account number.
If target primary account number is pre-stored primary account number, server can execute step 202.If the main account of target
It number is not pre-stored primary account number, then server can send preset the first mistake for indicating the input error of target primary account number
Message does not make subsequent processing.
Step 202, according to target primary account number, the corresponding relationship of pre-stored primary account number and sub- account, judge target
Whether account is the corresponding sub- account of target primary account number.
In an implementation, server can according to target primary account number, the corresponding relationship of pre-stored primary account number and sub- account,
Judge whether the sub- account of target is the corresponding sub- account of target primary account number, whether is mistake registered in advance with the sub- account of test-target
Effective sub- account.
If the sub- account of target is the corresponding sub- account of target primary account number, server can execute step 203.If mesh
Marking sub- account not is the corresponding sub- account of target primary account number, then server can send the preset sub- account input error of expression
Second error message, does not make subsequent processing.
Step 203, according to the corresponding relationship of the sub- account of target, pre-stored sub- account and password, to the sub- account of target
Password verified.
In an implementation, server can be according to the corresponding relationship of the sub- account of target, pre-stored sub- account and password, really
The corresponding password of the sub- account that sets the goal, then, server may determine that the corresponding password of the sub- account of target and the sub- account of target
Whether password is identical, is verified with the password to the sub- account of target.
Password phase such as fruit account password corresponding with the sub- account of target in the corresponding relationship of password, with the sub- account of target
Together, then server can be determined that the password of the sub- account of target is correct, and then, server can execute step 204.Such as fruit account
Password corresponding with the sub- account of target in the corresponding relationship of password, different from the password of the sub- account of target, then server can be sentenced
The password mistake for the sub- account that sets the goal, then server can send preset Password Input error message, not make subsequent processing.
Step 204, predetermined registration operation interface is successfully logged in.
In the embodiment of the present application, server can obtain logging request and carry after the logging request for receiving sub- account
Target primary account number, the sub- account of target and the sub- account of target password, then, successively to target primary account number, the sub- account of target
Number and the password of the sub- account of target verified.When target primary account number, the password of the sub- account of target and the sub- account of target
When all verifying is correct, predetermined registration operation interface, the safety used thereby, it is possible to ensure sub- account, convenient for making just successfully are logged in
Pass through corresponding sub- account with the staff of different cloud computing resources, obtains cloud computing resources, can be improved cloud computing resources
The efficiency of management of operating right.
Optionally, after the management application program that staff successfully logs in cloud computing resources by sub- account, server
Cloud computing money can be provided for staff according to receiving for requesting the operation requests operated to cloud computing resources
Source, as shown in figure 3, the concrete processing procedure of server includes:
Step 301, it after the sub- account of primary account number successfully logs in predetermined registration operation interface, obtains for requesting to provide cloud computing
The operation requests that source is operated.
Wherein, the resource identification of the sub- account of target and target cloud computing resources to be obtained, son are carried in operation requests
Account has all or part of permission of primary account number operation cloud computing resources.
In an implementation, staff can execute third predetermined registration operation in predetermined registration operation interface, and third predetermined registration operation can
Be input target cloud computing resources resource identification, third predetermined registration operation be also possible to click for indicate target cloud computing provide
The icon of the resource identification in source.Then, the available sub- account of target currently logged in of user terminal and target cloud computing money
The resource identification in source generates operation requests, and operation requests is sent to server.
Later, server can receive the operation requests of cloud computing resources, and the available operation requests of server are taken
The resource identification of the sub- account of the target of band and target cloud computing resources to be obtained.
Step 302, according to the sub- account of target, the resource identification of target cloud computing resources, pre-stored sub- account and money
The corresponding relationship of source mark, determines whether the sub- account of target has the operating right of target cloud computing resources.
In an implementation, server can be in the corresponding relationship of pre-stored sub- account and resource identification, will be with target
The corresponding resource identification of the identical sub- account of sub- account, as the corresponding resource identification of the sub- account of target.
Then, server may determine that whether the resource identification of target cloud computing resources is the corresponding resource of the sub- account of target
Mark, if the resource identification of target cloud computing resources is the corresponding resource identification of the sub- account of target, server can be determined
The sub- account of target has the operating right of target cloud computing resources, and then, server can execute step 303.If target cloud
The resource identification of computing resource is not the corresponding resource identification of the sub- account of target, then server can send preset without behaviour
Make entitlement messages, does not make subsequent processing.
Step 303, the sub- account of target is allowed to operate target cloud computing resources.
In an implementation, the mode that server allows the sub- account of target to operate target cloud computing resources can be a variety of
Multiplicity, in a kind of feasible implementation, server can be with the acquisition address of displaying target cloud computing resources.In another kind
In feasible implementation, server can be with the acquisition password of displaying target cloud computing resources.
In the embodiment of the present application, server can obtain after the sub- account of primary account number successfully logs in predetermined registration operation interface
Operation requests for requesting to operate cloud computing resources.Then, according to the sub- account of target, the money of target cloud computing resources
The corresponding relationship of source mark, pre-stored sub- account and resource identification, determines whether the sub- account of target has target cloud computing
The operating right of resource.If the sub- account of target has the operating right of target cloud computing resources, allow the sub- account pair of target
Target cloud computing resources are operated.Thereby, it is possible to avoid obtaining cloud computing resources of the sub- account of target without operating right,
It can be improved the efficiency of management of cloud computing resources operating right.
Optionally, when it has been the operating right of cloud computing resources of the sub- account distribution of target that administrative staff, which want to cancel,
The administrative staff can send the setting request of sub- account, as shown in figure 4, server can be in the mesh for obtaining distribution request carrying
After marking resource identification, following steps are executed:
Step 401, judge locally whether be stored with target resource identifier corresponding with the sub- account of target.
In an implementation, server can judge target with the corresponding relationship of sub- account and resource identification according to the pre-stored data
Whether resource identification is resource identification corresponding with the sub- account of target.
If target resource identifier is not resource identification corresponding with the sub- account of target, server can be determined locally not
Target resource identifier corresponding with the sub- account of target is stored, then, server can execute step 402.If target resource mark
Knowing is resource identification corresponding with the sub- account of target, then server, which can determine, has been locally stored mesh corresponding with the sub- account of target
Resource identification is marked, then, server can execute step 403.
Step 402, the sub- account of corresponding storage target and target resource identifier, it is corresponding with resource identification to establish sub- account
Relationship.
In an implementation, the concrete processing procedure of this step is referred to the treatment process of step 103, and details are not described herein again.
Server can be implemented as the operation of the sub- account distribution corresponding cloud computing resources of target resource identifier of target as a result,
Permission.
Step 403, the target resource identifier being locally stored is deleted, is that the sub- account of target distributes target resource identifier to cancel
The operating right of corresponding cloud computing resources.
In an implementation, server can delete the corresponding target resource identifier of the sub- account of the target being locally stored, to cancel
The operating right of the corresponding cloud computing resources of target resource identifier is distributed for the sub- account of target.
In the embodiment of the present application, it is the main account of target that server, which can determine the target resource identifier that request is arranged and carries,
After the resource identification of number corresponding cloud computing resources, by judging local whether be stored with target corresponding with the sub- account of target and provide
Source mark, determines and stores the target resource identifier, to be embodied as the operating right that sub- account distributes corresponding cloud computing resources, or
The target resource identifier is deleted, is that sub- account distributes the operating right to cancel.Thereby, it is possible to flexibly complete operating right
It assigns and recycles, the efficiency of management of cloud computing resources operating right can be improved.
The embodiment of the present application also provides a kind of rights management devices of cloud computing resources, as shown in figure 5, described device is answered
For managing the server of cloud computing resources, described device includes:
Module 510 is obtained, after successfully logging in predetermined registration operation interface for the sub- account in primary account number, is obtained for requesting
The operation requests that cloud computing resources are operated, wherein the sub- account of target and to be obtained is carried in the operation requests
The resource identification of target cloud computing resources;Wherein, the sub- account have the primary account number operation cloud computing resources whole or
Part permission;
First determining module 520, for according to the resource identification of the sub- account of the target, the target cloud computing resources,
The corresponding relationship of pre-stored sub- account and resource identification, determines whether the sub- account of the target has the target cloud computing
The operating right of resource;
Execution module 530, in the case where determining has the operating right, then allowing the sub- account pair of the target
The target cloud computing resources are operated.
Optionally, described device further include:
First receiving module logs in the logging request at the predetermined registration operation interface for receiving the sub- account, wherein institute
State the password that target primary account number, the sub- account of target and the sub- account of the target are carried in logging request;
First judgment module is used for when the target primary account number is pre-stored primary account number, according to the target master
The corresponding relationship of account, pre-stored primary account number and sub- account judges whether the sub- account of the target is the main account of the target
Number corresponding sub- account;
Second judgment module is used for when the sub- account of the target sub- account corresponding for the target primary account number, according to
The corresponding relationship of the sub- account of the target, pre-stored sub- account and password, tests the password of the sub- account of the target
Card;
Login module, for successfully logging in the predetermined registration operation interface when the password of the sub- account of the target is correct.
Optionally, described device further include:
Second receiving module, the setting for receiving sub- account are requested, wherein the setting request carries the main account of target
Number, the password of the sub- account of target and the sub- account of the target;
Second determining module, for corresponding with resource identification according to the target primary account number, pre-stored primary account number
Relationship is determined as the target resource identifier of the cloud computing resources of the sub- account distribution of the target, to set for the sub- account of the target
Set the operating right of the affiliated cloud computing resources of the target resource identifier;
Memory module stores the target primary account number and the sub- account of the target for corresponding, obtains primary account number and sub- account
Number corresponding relationship;The corresponding password for storing the target sub- account and the sub- account of the target obtains sub- account and password
Corresponding relationship;It is corresponding to store the sub- account of target and the target resource identifier, it is corresponding with resource identification to obtain sub- account
Relationship.
Optionally, second determining module includes:
Submodule is determined, for according to the target primary account number, pre-stored primary account number pass corresponding with resource identification
System, determines the resource identification of the corresponding cloud computing resources of the target primary account number;
Sending submodule, for the resource identification of the corresponding cloud computing resources of the target primary account number to be sent to the mesh
The terminal for marking primary account number, so that the terminal shows the resource of the corresponding cloud computing resources of the target primary account number in display interface
Mark;
Acquisition submodule, for obtaining the distribution request and carrying in response to the distribution request for batch operation permission
Target resource identifier, wherein the distribution request is to act on the selection operation of the display interface to be triggered, the choosing
Operation is selected for selecting the target resource identifier from the resource identification of the corresponding cloud computing resources of the target primary account number.
Optionally, described device further include:
Removing module, for deleting when the target resource identifier corresponding with the sub- account of the target has been locally stored
It is that the sub- account of the target distributes the affiliated cloud of target resource identifier to cancel except the target resource identifier being locally stored
The operating right of computing resource;
The memory module is also used to when the local not stored target resource identifier corresponding with the sub- account of the target
When, the corresponding storage sub- account of target and the target resource identifier are executed, pair of sub- account and resource identification is obtained
Answer relationship step.
A kind of rights management device of cloud computing resources provided by the embodiments of the present application, can primary account number sub- account at
After function logs in predetermined registration operation interface, obtain for requesting the operation requests that are operated to cloud computing resources, in operation requests
Carry the resource identification of the sub- account of target and target cloud computing resources to be obtained;There is sub- account primary account number to operate cloud meter
Calculate all or part of permission of resource.Then, according to the sub- account of target, target cloud computing resources resource identification, be stored in advance
Sub- account and resource identification corresponding relationship, determine whether the sub- account of target has the operating right of target cloud computing resources.
If the sub- account of target have target cloud computing resources operating right, allow the sub- account of target to target cloud computing resources into
Row operation.Due to allowing the sub- account of target to mesh after determining the operating right that the sub- account of target has target cloud computing resources
Mark cloud computing resources are operated, and be can be avoided and are obtained the cloud computing resources that the sub- account of target does not have operating right, Neng Gouti
The efficiency of management of high cloud computing resources operating right.
The embodiment of the present application also provides a kind of servers, as shown in fig. 6, including processor 601, communication interface 602, depositing
Reservoir 603 and communication bus 604, wherein processor 601, communication interface 602, memory 603 are completed by communication bus 604
Mutual communication,
Memory 603, for storing computer program;
Processor 601 when for executing the program stored on memory 603, realizes following steps:
After the sub- account of primary account number successfully logs in predetermined registration operation interface, obtain for requesting to carry out cloud computing resources
The operation requests of operation, wherein the sub- account of target and target cloud computing resources to be obtained are carried in the operation requests
Resource identification;Wherein, the sub- account has all or part of permission of primary account number operation cloud computing resources;
According to the sub- account of the target, the resource identification of the target cloud computing resources, pre-stored sub- account and money
The corresponding relationship of source mark, determines whether the sub- account of the target has the operating right of the target cloud computing resources;
In the case where determining has the operating right, then the sub- account of the target is allowed to provide the target cloud computing
Source is operated.
Optionally, the method also includes:
Receive the logging request that the sub- account logs in the predetermined registration operation interface, wherein carry in the logging request
The password of the sub- account of target primary account number, target and the sub- account of the target;
If the target primary account number is pre-stored primary account number, according to the target primary account number, pre-stored
The corresponding relationship of primary account number and sub- account judges whether the sub- account of the target is the corresponding sub- account of the target primary account number;
If the sub- account of target be the corresponding sub- account of the target primary account number, according to the sub- account of the target,
The corresponding relationship of pre-stored sub- account and password verifies the password of the sub- account of the target;
If the password of the sub- account of target is correct, the predetermined registration operation interface is successfully logged in.
Optionally, it is obtaining for before requesting the operation requests operated to cloud computing resources, the method also to be wrapped
It includes:
Receive the setting request of sub- account, wherein setting request carrying target primary account number, the sub- account of target and
The password of the sub- account of target;
According to the target primary account number, the corresponding relationship of pre-stored primary account number and resource identification, it is determined as the mesh
The target resource identifier of the cloud computing resources of sub- account distribution is marked, the target resource identifier is arranged for the sub- account of the target
The operating right of affiliated cloud computing resources;
It is corresponding to store the target primary account number and the sub- account of the target, obtain the corresponding relationship of primary account number Yu sub- account;
The corresponding password for storing the target sub- account and the sub- account of the target, obtains the corresponding relationship of sub- account and password;It is corresponding
The sub- account of the target and the target resource identifier are stored, the corresponding relationship of sub- account and resource identification is obtained.
Optionally, described according to the target primary account number, the corresponding relationship of pre-stored primary account number and resource identification, really
The target resource identifier for being set to the cloud computing resources of the target sub- account distribution includes:
According to the target primary account number, the corresponding relationship of pre-stored primary account number and resource identification, the target is determined
The resource identification of the corresponding cloud computing resources of primary account number;
The resource identification of the corresponding cloud computing resources of the target primary account number is sent to the terminal of the target primary account number,
So that the terminal shows the resource identification of the corresponding cloud computing resources of the target primary account number in display interface;
In response to the distribution request for batch operation permission, the target resource identifier that the distribution request carries is obtained,
Wherein, the distribution request is to act on the selection operation of the display interface to be triggered, and the selection operation is used for from institute
It states and selects the target resource identifier in the resource identification of the corresponding cloud computing resources of target primary account number.
Optionally, after obtaining the target resource identifier that the distribution request carries, the method also includes:
If the target resource identifier corresponding with the sub- account of the target has been locally stored, what deletion was locally stored
The target resource identifier, to cancel the behaviour for distributing the affiliated cloud computing resources of the target resource identifier for the sub- account of the target
Make permission;
If the local not stored target resource identifier corresponding with the sub- account of the target, executes the correspondence and deposits
The sub- account of the target and the target resource identifier are stored up, the corresponding relationship step of sub- account and resource identification is obtained.
The communication bus that above-mentioned server is mentioned can be Peripheral Component Interconnect standard (Peripheral Component
Interconnect, PCI) bus or expanding the industrial standard structure (Extended Industry Standard
Architecture, EISA) bus etc..The communication bus can be divided into address bus, data/address bus, control bus etc..For just
It is only indicated with a thick line in expression, figure, it is not intended that an only bus or a type of bus.
Communication interface is for the communication between above-mentioned server and other equipment.
Memory may include random access memory (Random Access Memory, RAM), also may include non-easy
The property lost memory (Non-Volatile Memory, NVM), for example, at least a magnetic disk storage.Optionally, memory may be used also
To be storage device that at least one is located remotely from aforementioned processor.
Above-mentioned processor can be general processor, including central processing unit (Central Processing Unit,
CPU), network processing unit (Network Processor, NP) etc.;It can also be digital signal processor (Digital Signal
Processing, DSP), it is specific integrated circuit (Application Specific Integrated Circuit, ASIC), existing
It is field programmable gate array (Field-Programmable Gate Array, FPGA) or other programmable logic device, discrete
Door or transistor logic, discrete hardware components.
A kind of server provided by the embodiments of the present application can successfully log in predetermined registration operation interface in the sub- account of primary account number
Later, obtain for request the operation requests that are operated to cloud computing resources, in operation requests the sub- account of carrying target and
The resource identification of target cloud computing resources to be obtained;Sub- account has all or part of power of primary account number operation cloud computing resources
Limit.Then, according to the sub- account of target, the resource identification of target cloud computing resources, pre-stored sub- account and resource identification
Corresponding relationship, determines whether the sub- account of target has the operating right of target cloud computing resources.If the sub- account of target has mesh
The operating right for marking cloud computing resources, then allow the sub- account of target to operate target cloud computing resources.Due to determining mesh
After sub- account is marked with the operating right of target cloud computing resources, the sub- account of target is allowed to grasp target cloud computing resources
Make, can be avoided and obtain the cloud computing resources that the sub- account of target does not have operating right, can be improved cloud computing resources operating rights
The efficiency of management of limit.
In another embodiment provided by the present application, a kind of computer readable storage medium is additionally provided, which can
It reads to be stored with computer program in storage medium, the computer program realizes any of the above-described cloud computing money when being executed by processor
The step of right management method in source.
In another embodiment provided by the present application, a kind of computer program product comprising instruction is additionally provided, when it
When running on computers, so that computer executes the right management method of any cloud computing resources in above-described embodiment.
In the above-described embodiments, can come wholly or partly by software, hardware, firmware or any combination thereof real
It is existing.When implemented in software, it can entirely or partly realize in the form of a computer program product.The computer program
Product includes one or more computer instructions.When loading on computers and executing the computer program instructions, all or
It partly generates according to process or function described in the embodiment of the present application.The computer can be general purpose computer, dedicated meter
Calculation machine, computer network or other programmable devices.The computer instruction can store in computer readable storage medium
In, or from a computer readable storage medium to the transmission of another computer readable storage medium, for example, the computer
Instruction can pass through wired (such as coaxial cable, optical fiber, number from a web-site, computer, server or data center
User's line (DSL)) or wireless (such as infrared, wireless, microwave etc.) mode to another web-site, computer, server or
Data center is transmitted.The computer readable storage medium can be any usable medium that computer can access or
It is comprising data storage devices such as one or more usable mediums integrated server, data centers.The usable medium can be with
It is magnetic medium, (for example, floppy disk, hard disk, tape), optical medium (for example, DVD) or semiconductor medium (such as solid state hard disk
Solid State Disk (SSD)) etc..
It should be noted that, in this document, relational terms such as first and second and the like are used merely to a reality
Body or operation are distinguished with another entity or operation, are deposited without necessarily requiring or implying between these entities or operation
In any actual relationship or order or sequence.Moreover, the terms "include", "comprise" or its any other variant are intended to
Non-exclusive inclusion, so that the process, method, article or equipment including a series of elements is not only wanted including those
Element, but also including other elements that are not explicitly listed, or further include for this process, method, article or equipment
Intrinsic element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that
There is also other identical elements in process, method, article or equipment including the element.
Each embodiment in this specification is all made of relevant mode and describes, same and similar portion between each embodiment
Dividing may refer to each other, and each embodiment focuses on the differences from other embodiments.Especially for device reality
For applying example, since it is substantially similar to the method embodiment, so being described relatively simple, related place is referring to embodiment of the method
Part explanation.
The foregoing is merely the preferred embodiments of the application, are not intended to limit the protection scope of the application.It is all
Any modification, equivalent replacement, improvement and so within spirit herein and principle are all contained in the protection scope of the application
It is interior.
Claims (12)
1. a kind of right management method of cloud computing resources, which is characterized in that the method is applied to management cloud computing resources
Server, which comprises
After the sub- account of primary account number successfully logs in predetermined registration operation interface, obtain for requesting to operate cloud computing resources
Operation requests, wherein the resource of the sub- account of target and target cloud computing resources to be obtained is carried in the operation requests
Mark;Wherein, the sub- account has all or part of permission of primary account number operation cloud computing resources;
According to the sub- account of the target, the resource identification of the target cloud computing resources, pre-stored sub- account and resource mark
The corresponding relationship of knowledge, determines whether the sub- account of the target has the operating right of the target cloud computing resources;
Determine have the operating right in the case where, then allow the sub- account of the target to the target cloud computing resources into
Row operation.
2. the method according to claim 1, wherein the method also includes:
Receive the logging request that the sub- account logs in the predetermined registration operation interface, wherein carry target in the logging request
The password of the sub- account of primary account number, target and the sub- account of the target;
If the target primary account number is pre-stored primary account number, according to the target primary account number, pre-stored main account
Number and sub- account corresponding relationship, judge whether the sub- account of the target is the corresponding sub- account of the target primary account number;
If the sub- account of target is the corresponding sub- account of the target primary account number, according to the sub- account of the target, in advance
The sub- account of storage and the corresponding relationship of password, verify the password of the sub- account of the target;
If the password of the sub- account of target is correct, the predetermined registration operation interface is successfully logged in.
3. method according to claim 1 or 2, which is characterized in that obtaining for requesting to grasp cloud computing resources
Before the operation requests of work, the method also includes:
Receive the setting request of sub- account, wherein setting request carrying target primary account number, the sub- account of target and described
The password of the sub- account of target;
According to the target primary account number, the corresponding relationship of pre-stored primary account number and resource identification, it is determined as target
The target resource identifier of the cloud computing resources of account distribution, to be arranged belonging to the target resource identifier for the sub- account of the target
The operating right of cloud computing resources;
It is corresponding to store the target primary account number and the sub- account of the target, obtain the corresponding relationship of primary account number Yu sub- account;It is corresponding
The password for storing the sub- account of the target and the sub- account of the target, obtains the corresponding relationship of sub- account and password;Corresponding storage
The sub- account of target and the target resource identifier, obtain the corresponding relationship of sub- account and resource identification.
4. according to the method described in claim 3, it is characterized in that, described according to the target primary account number, pre-stored master
The corresponding relationship of account and resource identification is determined as the target resource identifier packet of the cloud computing resources of the sub- account distribution of the target
It includes:
According to the target primary account number, the corresponding relationship of pre-stored primary account number and resource identification, the main account of the target is determined
The resource identification of number corresponding cloud computing resources;
The resource identification of the corresponding cloud computing resources of the target primary account number is sent to the terminal of the target primary account number, so that
The terminal shows the resource identification of the corresponding cloud computing resources of the target primary account number in display interface;
In response to the distribution request for batch operation permission, the target resource identifier that the distribution request carries is obtained, wherein
The distribution request is to act on the selection operation of the display interface to be triggered, and the selection operation is used for from the target
The target resource identifier is selected in the resource identification of the corresponding cloud computing resources of primary account number.
5. according to the method described in claim 4, it is characterized in that, in the target resource identifier for obtaining the distribution request carrying
Later, the method also includes:
If the target resource identifier corresponding with the sub- account of the target has been locally stored, delete be locally stored it is described
Target resource identifier, to cancel the operating rights for distributing the affiliated cloud computing resources of the target resource identifier for the sub- account of the target
Limit;
If the local not stored target resource identifier corresponding with the sub- account of the target, the corresponding storage institute is executed
The sub- account of target and the target resource identifier are stated, the corresponding relationship step of sub- account and resource identification is obtained.
6. a kind of rights management device of cloud computing resources, which is characterized in that described device is applied to management cloud computing resources
Server, described device include:
Module is obtained, after successfully logging in predetermined registration operation interface for the sub- account in primary account number, is obtained by requesting based on to cloud
Calculate the operation requests that resource is operated, wherein the sub- account of target and target cloud to be obtained are carried in the operation requests
The resource identification of computing resource;Wherein, the sub- account has all or part of power of primary account number operation cloud computing resources
Limit;
First determining module, for according to the resource identification of the sub- account of the target, the target cloud computing resources, be stored in advance
Sub- account and resource identification corresponding relationship, determine whether the sub- account of the target has the behaviour of the target cloud computing resources
Make permission;
Execution module, in the case where determining has the operating right, then allowing the sub- account of the target to the mesh
Mark cloud computing resources are operated.
7. device according to claim 6, which is characterized in that described device further include:
First receiving module logs in the logging request at the predetermined registration operation interface for receiving the sub- account, wherein described to step on
The password of target primary account number, the sub- account of target and the sub- account of the target is carried in record request;
First judgment module, for when the target primary account number be pre-stored primary account number when, according to the target primary account number,
The corresponding relationship of pre-stored primary account number and sub- account judges whether the sub- account of the target is that the target primary account number is corresponding
Sub- account;
Second judgment module is used for when the sub- account of the target sub- account corresponding for the target primary account number, according to described
The corresponding relationship of the sub- account of target, pre-stored sub- account and password verifies the password of the sub- account of the target;
Login module, for successfully logging in the predetermined registration operation interface when the password of the sub- account of the target is correct.
8. device according to claim 6 or 7, which is characterized in that described device further include:
Second receiving module, the setting for receiving sub- account are requested, wherein the setting request carries target primary account number, mesh
Mark the password of sub- account and the sub- account of the target;
Second determining module, for the corresponding relationship according to the target primary account number, pre-stored primary account number and resource identification,
It is determined as the target resource identifier of the cloud computing resources of the sub- account distribution of the target, for described in the sub- account setting of the target
The operating right of the affiliated cloud computing resources of target resource identifier;
Memory module stores the target primary account number and the sub- account of the target for corresponding, obtains primary account number and sub- account
Corresponding relationship;The corresponding password for storing the target sub- account and the sub- account of the target, it is corresponding with password to obtain sub- account
Relationship;It is corresponding to store the sub- account of target and the target resource identifier, obtain the corresponding relationship of sub- account and resource identification.
9. device according to claim 8, which is characterized in that second determining module includes:
Determine submodule, for the corresponding relationship according to the target primary account number, pre-stored primary account number and resource identification, really
Determine the resource identification of the corresponding cloud computing resources of the target primary account number;
Sending submodule, for the resource identification of the corresponding cloud computing resources of the target primary account number to be sent to the target master
The terminal of account, so that the terminal shows the resource mark of the corresponding cloud computing resources of the target primary account number in display interface
Know;
Acquisition submodule, for obtaining the mesh that the distribution request carries in response to the distribution request for batch operation permission
Mark resource identification, wherein the distribution request is to act on the selection operation of the display interface to be triggered, and the selection is grasped
It acts on and selects the target resource identifier from the resource identification of the corresponding cloud computing resources of the target primary account number.
10. device according to claim 9, which is characterized in that described device further include:
Removing module, for deleting this when the target resource identifier corresponding with the sub- account of the target has been locally stored
The target resource identifier of ground storage is that the sub- account of the target distributes the affiliated cloud computing of target resource identifier to cancel
The operating right of resource;
The memory module is also used to when the local not stored target resource identifier corresponding with the sub- account of the target,
The corresponding storage sub- account of target and the target resource identifier are executed, sub- account pass corresponding with resource identification is obtained
It is step.
11. a kind of server, which is characterized in that including processor, communication interface, memory and communication bus, wherein processing
Device, communication interface, memory complete mutual communication by communication bus;
Memory, for storing computer program;
Processor when for executing the program stored on memory, realizes any method and step of claim 1-5.
12. a kind of computer readable storage medium, which is characterized in that be stored with computer in the computer readable storage medium
Program realizes claim 1-5 any method and step when the computer program is executed by processor.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910580117.4A CN110247927B (en) | 2019-06-28 | 2019-06-28 | Method and device for managing authority of cloud computing resources |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910580117.4A CN110247927B (en) | 2019-06-28 | 2019-06-28 | Method and device for managing authority of cloud computing resources |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110247927A true CN110247927A (en) | 2019-09-17 |
CN110247927B CN110247927B (en) | 2021-12-03 |
Family
ID=67890404
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910580117.4A Active CN110247927B (en) | 2019-06-28 | 2019-06-28 | Method and device for managing authority of cloud computing resources |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110247927B (en) |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112437123A (en) * | 2020-11-09 | 2021-03-02 | 北京京东尚科信息技术有限公司 | Resource management method, device, computer system and readable storage medium |
CN112667399A (en) * | 2020-12-28 | 2021-04-16 | 紫光云技术有限公司 | Method for resource management of cloud platform main and sub account numbers |
CN112866212A (en) * | 2021-01-04 | 2021-05-28 | 北京金山云网络技术有限公司 | Access control method and device for cloud computing resources, computer equipment and medium |
CN112948777A (en) * | 2019-11-26 | 2021-06-11 | 联易软件有限公司 | Unified management method, device and system for multi-service system permission |
CN113312144A (en) * | 2021-04-29 | 2021-08-27 | 青岛盛世影云影视科技有限公司 | Data processing method, device, equipment and medium based on child-mother cloud |
CN113438232A (en) * | 2021-06-24 | 2021-09-24 | 树根互联股份有限公司 | Method and device for determining data authorization form, electronic equipment and storage medium |
CN114362966A (en) * | 2022-02-28 | 2022-04-15 | 携程商旅信息服务(上海)有限公司 | Pseudo test login method, system, electronic device and medium |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102033901A (en) * | 2009-09-25 | 2011-04-27 | 叶高 | Citizen information management system method |
US20120136936A1 (en) * | 2010-11-30 | 2012-05-31 | France Telecom | System and method for implementing dynamic access control rules to personal cloud information |
CN104283874A (en) * | 2014-09-28 | 2015-01-14 | 小米科技有限责任公司 | Data authority control method and device based on cloud server |
CN105099983A (en) * | 2014-04-16 | 2015-11-25 | 阿里巴巴集团控股有限公司 | Authorization method, authority setting method and devices |
CN106209955A (en) * | 2015-05-08 | 2016-12-07 | 腾讯科技(深圳)有限公司 | A kind of account management method, Apparatus and system |
US20170048114A1 (en) * | 2015-08-10 | 2017-02-16 | Alibaba Group Holding Limited | Method and device for managing resources with an external account |
CN109510849A (en) * | 2017-09-14 | 2019-03-22 | 腾讯科技(深圳)有限公司 | The account number method for authenticating and device of cloud storage |
CN109525605A (en) * | 2019-01-03 | 2019-03-26 | 杭州数梦工场科技有限公司 | A kind of account management method, device, system and computer readable storage medium |
-
2019
- 2019-06-28 CN CN201910580117.4A patent/CN110247927B/en active Active
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102033901A (en) * | 2009-09-25 | 2011-04-27 | 叶高 | Citizen information management system method |
US20120136936A1 (en) * | 2010-11-30 | 2012-05-31 | France Telecom | System and method for implementing dynamic access control rules to personal cloud information |
CN105099983A (en) * | 2014-04-16 | 2015-11-25 | 阿里巴巴集团控股有限公司 | Authorization method, authority setting method and devices |
CN104283874A (en) * | 2014-09-28 | 2015-01-14 | 小米科技有限责任公司 | Data authority control method and device based on cloud server |
CN106209955A (en) * | 2015-05-08 | 2016-12-07 | 腾讯科技(深圳)有限公司 | A kind of account management method, Apparatus and system |
US20170048114A1 (en) * | 2015-08-10 | 2017-02-16 | Alibaba Group Holding Limited | Method and device for managing resources with an external account |
CN109510849A (en) * | 2017-09-14 | 2019-03-22 | 腾讯科技(深圳)有限公司 | The account number method for authenticating and device of cloud storage |
CN109525605A (en) * | 2019-01-03 | 2019-03-26 | 杭州数梦工场科技有限公司 | A kind of account management method, device, system and computer readable storage medium |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112948777A (en) * | 2019-11-26 | 2021-06-11 | 联易软件有限公司 | Unified management method, device and system for multi-service system permission |
CN112437123A (en) * | 2020-11-09 | 2021-03-02 | 北京京东尚科信息技术有限公司 | Resource management method, device, computer system and readable storage medium |
CN112437123B (en) * | 2020-11-09 | 2024-04-09 | 北京京东尚科信息技术有限公司 | Resource management method, device, computer system and readable storage medium |
CN112667399A (en) * | 2020-12-28 | 2021-04-16 | 紫光云技术有限公司 | Method for resource management of cloud platform main and sub account numbers |
CN112866212A (en) * | 2021-01-04 | 2021-05-28 | 北京金山云网络技术有限公司 | Access control method and device for cloud computing resources, computer equipment and medium |
CN113312144A (en) * | 2021-04-29 | 2021-08-27 | 青岛盛世影云影视科技有限公司 | Data processing method, device, equipment and medium based on child-mother cloud |
CN113438232A (en) * | 2021-06-24 | 2021-09-24 | 树根互联股份有限公司 | Method and device for determining data authorization form, electronic equipment and storage medium |
CN113438232B (en) * | 2021-06-24 | 2022-06-28 | 树根互联股份有限公司 | Method and device for determining data authorization form, electronic equipment and storage medium |
CN114362966A (en) * | 2022-02-28 | 2022-04-15 | 携程商旅信息服务(上海)有限公司 | Pseudo test login method, system, electronic device and medium |
Also Published As
Publication number | Publication date |
---|---|
CN110247927B (en) | 2021-12-03 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110247927A (en) | A kind of right management method and device of cloud computing resources | |
US11368374B1 (en) | System and method for managing virtual and dedicated servers | |
CN105579965B (en) | Via the client guard station resources control of provider's defining interface | |
CN103369022B (en) | Method and system for communication with memory device | |
US11178049B2 (en) | Device deployment and net work management using a self-service portal | |
US9298732B2 (en) | Searching cloud-based distributed storage resources using a set of expendable probes | |
US9262498B2 (en) | Generating optimized host placement of data payload in cloud-based storage network | |
CN105556919B (en) | Dual factor anthentication is carried out using service request bill | |
JP2021526751A (en) | Secure consensus endorsement for self-monitoring blockchain | |
CN102045337A (en) | Apparatus and methods for managing network resources | |
US20200097961A1 (en) | Decentralized smart resource sharing between different resource providers | |
CN105593866B (en) | Terminal authentication and register system, terminal authentication and register method and storage medium | |
CN109889517A (en) | Data processing method, permissions data collection creation method, device and electronic equipment | |
CN105939362A (en) | User account management method and device | |
JP2016126743A (en) | Cloud service providing method and system | |
CN110276184A (en) | A kind of cloud computing resources authorization method and device | |
US11329957B2 (en) | Centralized management of remote endpoint devices | |
US20150281006A1 (en) | Method and apparatus distributed multi- cloud resident elastic analytics engine | |
WO2012132124A1 (en) | Security-level visualization device | |
CN108616574A (en) | Manage storage method, equipment and the storage medium of data | |
CN110289999A (en) | A kind of data processing method, system and device | |
CN104917794A (en) | Data sharing method, device and system | |
CN113761552A (en) | Access control method, device, system, server and storage medium | |
KR101697118B1 (en) | Cloud service system and method | |
US20180136929A1 (en) | Content driven automated upgrade of running web applications in on-premise environments |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |