CN110826055B - Tenant safety automatic intelligent detection method and system based on service load - Google Patents
Tenant safety automatic intelligent detection method and system based on service load Download PDFInfo
- Publication number
- CN110826055B CN110826055B CN201911076387.8A CN201911076387A CN110826055B CN 110826055 B CN110826055 B CN 110826055B CN 201911076387 A CN201911076387 A CN 201911076387A CN 110826055 B CN110826055 B CN 110826055B
- Authority
- CN
- China
- Prior art keywords
- tenants
- tenant
- safety
- server
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 43
- 238000000034 method Methods 0.000 claims description 10
- 230000003993 interaction Effects 0.000 claims description 6
- 230000004044 response Effects 0.000 abstract description 6
- 238000011156 evaluation Methods 0.000 description 6
- 230000008569 process Effects 0.000 description 5
- 238000012545 processing Methods 0.000 description 4
- 238000004364 calculation method Methods 0.000 description 2
- 238000007689 inspection Methods 0.000 description 2
- 238000012417 linear regression Methods 0.000 description 2
- 238000012423 maintenance Methods 0.000 description 2
- 238000010606 normalization Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000011084 recovery Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a tenant safety automatic intelligent detection method based on service load, which comprises the following steps: detecting the service load and the safety condition of a tenant; selecting the tenants meeting the safety standard as alternative tenants; sorting the alternative tenants from large to small according to the service load capacity, and selecting the top N sorted tenants as primary tenants; taking non-primary tenants in all tenants as secondary tenants; and establishing a tenant cache in all the first-level tenants, and interacting the second-level tenants with the server through the tenant cache. The invention also discloses a tenant safety automatic intelligent detection system based on the service load. The tenant safety automatic intelligent detection method and system based on the service load enable some aggressive data not to reach the server at the first time, give the server certain response time, and small-scale attack can be directly intercepted by the selected tenant, so that the server load can be reduced, and the safety of the server can be improved.
Description
Technical Field
The invention relates to a cloud service technology, in particular to a tenant safety automatic intelligent detection method and system based on a service load.
Background
Generally, a plurality of tenants build and use a single application program instance to serve a plurality of clients relying on the elastic environment of cloud computing, each client is called as a tenant to share the same software or service, much like the existing intense sharing economy, the clients only rent a system to charge on time, the clients do not need to provide or care about the running environment of software, and the system can be used only by opening an account number, so that the system is convenient and fast. For example, a financial software can provide a financial management function for an enterprise, according to a traditional deployment method, components such as a program and a database are generally deployed on a client server, the enterprise needs to have a machine room and a server of the enterprise and is equipped with operation and maintenance personnel with related professional knowledge, but if the program or other components have serious faults such as bug, an engineer needs to be dispatched to a client site to perform rescue and recovery work, time and labor are consumed, and if the cloud computing is adopted as the supported multi-tenant architecture software, the financial software can be deployed in the machine room of the enterprise, so long as a tenant registers an account number, the system can be accessed through the internet, meanwhile, data of the tenant are isolated from each other, only data of the tenant can be seen, and the safety of the software is guaranteed. Most importantly, when the system fails, engineers can quickly locate problems, the latest patches are applied to the system, and the 'tenant' service interruption time is compressed to the minimum without spending a large amount of time on site for debugging, and meanwhile, engineers do not need to be dispatched to go on a business, so that the cost is reduced for enterprise operation and maintenance. Therefore, the software of the multi-tenant architecture is an important direction for software development in the cloud computing era, convenience is provided for customers, the cost of enterprises is saved, and the method is a win-win scheme.
However, in the prior art, the security environments of different tenants are different, and for the server, when different tenants interact simultaneously, all security levels need to be adjusted to the highest level to cope with all tenants, which greatly increases the server pressure and reduces the information interaction efficiency.
Disclosure of Invention
The technical problem to be solved by the invention is that the safety environments of different tenants are different, and when different tenants are interacted with a server at the same time, all safety levels need to be adjusted to be the highest to deal with all the tenants, so that the pressure of the server is greatly increased, the information interaction efficiency is reduced, and the invention aims to provide the tenant safety automatic intelligent detection method and system based on the service load to solve the problems.
The invention is realized by the following technical scheme:
the tenant safety automatic intelligent detection method based on the service load comprises the following steps: s1: detecting the service load and the safety condition of all tenants requesting services from the server; s2: selecting all tenants with safety conditions meeting the safety standard as alternative tenants; s3: sorting all the alternative tenants according to the service load from large to small, and selecting the top N sorted tenants as primary tenants; taking non-primary tenants in all tenants as secondary tenants; s4: and establishing a tenant cache in all the first-level tenants, wherein the first-level tenants directly interact with the server, and the second-level tenants interact with the server through the tenant cache.
When the invention is applied, the inventor finds that a large amount of server resources are needed when all tenants are managed and protected simultaneously, so a new strategy is adopted. Firstly, detecting the service load and the safety condition of all tenants requesting services from a server, wherein the detection mode can be realized through data packets and flow conditions; secondly, all tenants with security conditions meeting the security standard are selected as alternative tenants, the main idea of the invention is to select some tenants with higher security as transit, and some tenants have the similar functions as bastion machines, so that some aggressive data can not reach the server at the first time, a certain response time is given to the server, and small-scale attacks can be directly intercepted by the selected tenants; sorting all the alternative tenants from large to small according to the service load capacity, and selecting the top N tenants after sorting as first-level tenants; taking non-primary tenants in all tenants as secondary tenants; generally, the higher the service load is, the more the tenant pays attention to the security, so that the security can be further improved by taking the tenants as primary tenants, and meanwhile, the higher the service load is, the more resources need to be separated by the server, and the experience with the tenants can be improved by taking the tenants as the primary tenants; and a tenant cache is established in all the first-level tenants again, the first-level tenants directly interact with the server, the second-level tenants interact with the server through the tenant cache, and the second-level tenants can interact with each other through the caches in a mode of establishing the cache in the first-level tenants, so that the first-level tenants form a complete protection wall on the periphery of the server, the load of the server can be reduced, and the safety of the server can be improved. According to the invention, through the steps, some offensive data cannot reach the server at the first time, a certain response time is given to the server, and small-scale attacks can be directly intercepted by the selected tenant, so that the load of the server can be reduced, and the safety of the server can be improved.
Further, step S1 includes the following sub-steps:
s11: vulnerability detection and baseline scanning are carried out on the tenants to obtain vulnerability data and baseline scanning data;
s12: normalizing the vulnerability data of all tenants to obtain normalized vulnerability data; normalizing the baseline scanning data of the tenants to obtain normalized baseline scanning data;
s13: and acquiring the safety condition of the tenant according to the normalized vulnerability data and the normalized baseline scanning data.
When the method is applied, a quick and effective means is lacked for safety problem evaluation of tenants, and in the method, the safety evaluation is divided into two parts, wherein one part is vulnerability inspection, and the other part is baseline scanning; after the data acquisition of the two parts is completed, all tenants are subjected to normalization processing together, so that the overall evaluation is facilitated, then the two data are processed, the safety condition of the tenants can be acquired, the processing mode can be realized by the simplest linear regression, and the calculation amount of the server is reduced.
Further, step S13 obtains the security status of the tenant by using the following formula:
Mi=αiQi+βiPi
in the formula MiEvaluating the safety condition of the ith user; qiThe normalized vulnerability data for the ith user; piThe normalized baseline scan data for an ith user; alpha is alphaiThe vulnerability weight of the ith user; beta is aiIs the baseline scan weight of the ith user.
Further, step S2 includes the following sub-steps:
when said M isiSatisfies Mi≤MGWhen the safety condition of the ith user reaches the safety standard, wherein MGIs a safety standard threshold.
Further, step S4 includes the following sub-steps:
the tenant cache is an elastic container, and the capacity of the elastic container changes according to the load of the elastic container.
Tenant safety automatic intelligent detection system based on service load includes:
a detection unit: the system comprises a server, a server and a server, wherein the server is used for detecting the service load and the security condition of all tenants requesting services from the server;
a selecting unit: the tenant selection module is used for selecting all tenants with safety conditions meeting the safety standard as alternative tenants;
a storage unit: the system is used for storing all alternative tenant data;
a sorting unit: the system is used for sorting all the alternative tenants according to the service load from large to small, and selecting the top N sorted tenants as primary tenants; taking non-primary tenants in all tenants as secondary tenants;
an interaction unit: the tenant cache is established in all the first-level tenants;
the first-level tenant directly interacts with the server, and the second-level tenant interacts with the server through the tenant cache.
Further, the detection unit performs vulnerability detection and baseline scanning on the tenants to obtain vulnerability data and baseline scanning data; the detection unit normalizes the vulnerability data of all tenants to obtain normalized vulnerability data; normalizing the baseline scanning data of the tenants to obtain normalized baseline scanning data; and the detection unit acquires the safety condition of the tenant according to the normalized vulnerability data and the normalized baseline scanning data.
Further, the detection unit obtains the security condition of the tenant by using the following formula:
Mi=αiQi+βiPi
in the formula MiEvaluating the safety condition of the ith user; qiThe normalized vulnerability data for the ith user; piThe normalized baseline scan data for an ith user; alpha is alphaiThe vulnerability weight of the ith user; beta is aiIs the baseline scan weight of the ith user.
Further, the selecting unit is the MiSatisfies Mi≤MGWhen the safety condition of the ith user reaches the safety standard,wherein M isGIs a safety standard threshold.
Further, the tenant cache is an elastic container, and the capacity of the elastic container changes according to the load size of the elastic container.
Compared with the prior art, the invention has the following advantages and beneficial effects:
the tenant safety automatic intelligent detection method and system based on the service load enable some aggressive data not to reach the server at the first time, give the server certain response time, and small-scale attack can be directly intercepted by the selected tenant, so that the server load can be reduced, and the safety of the server can be improved.
Drawings
The accompanying drawings, which are included to provide a further understanding of the embodiments of the invention and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the invention and together with the description serve to explain the principles of the invention. In the drawings:
FIG. 1 is a schematic diagram of the system of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail below with reference to examples and accompanying drawings, and the exemplary embodiments and descriptions thereof are only used for explaining the present invention and are not meant to limit the present invention.
Examples
As shown in fig. 1, the tenant safety automatic intelligent detection method based on the service load of the present invention includes the following steps: s1: detecting the service load and the safety condition of all tenants requesting services from the server; s2: selecting all tenants with safety conditions meeting the safety standard as alternative tenants; s3: sorting all the alternative tenants according to the service load from large to small, and selecting the top N sorted tenants as primary tenants; taking non-primary tenants in all tenants as secondary tenants; s4: and establishing a tenant cache in all the first-level tenants, wherein the first-level tenants directly interact with the server, and the second-level tenants interact with the server through the tenant cache.
In the implementation of this embodiment, the inventor finds that a large amount of server resources are needed when performing simultaneous management and security protection on all tenants, and therefore a new policy is adopted. Firstly, detecting the service load and the safety condition of all tenants requesting services from a server, wherein the detection mode can be realized through data packets and flow conditions; secondly, all tenants with security conditions meeting the security standard are selected as alternative tenants, the main idea of the invention is to select some tenants with higher security as transit, and some tenants have the similar functions as bastion machines, so that some aggressive data can not reach the server at the first time, a certain response time is given to the server, and small-scale attacks can be directly intercepted by the selected tenants; sorting all the alternative tenants from large to small according to the service load capacity, and selecting the top N tenants after sorting as first-level tenants; taking non-primary tenants in all tenants as secondary tenants; generally, the higher the service load is, the more the tenant pays attention to the security, so that the security can be further improved by taking the tenants as primary tenants, and meanwhile, the higher the service load is, the more resources need to be separated by the server, and the experience with the tenants can be improved by taking the tenants as the primary tenants; and a tenant cache is established in all the first-level tenants again, the first-level tenants directly interact with the server, the second-level tenants interact with the server through the tenant cache, and the second-level tenants can interact with each other through the caches in a mode of establishing the cache in the first-level tenants, so that the first-level tenants form a complete protection wall on the periphery of the server, the load of the server can be reduced, and the safety of the server can be improved. According to the invention, through the steps, some offensive data cannot reach the server at the first time, a certain response time is given to the server, and small-scale attacks can be directly intercepted by the selected tenant, so that the load of the server can be reduced, and the safety of the server can be improved.
To further explain the operation of the present embodiment, step S1 includes the following sub-steps:
s11: vulnerability detection and baseline scanning are carried out on the tenants to obtain vulnerability data and baseline scanning data;
s12: normalizing the vulnerability data of all tenants to obtain normalized vulnerability data; normalizing the baseline scanning data of the tenants to obtain normalized baseline scanning data;
s13: and acquiring the safety condition of the tenant according to the normalized vulnerability data and the normalized baseline scanning data.
In the implementation of the embodiment, a quick and effective means is always lacked for safety problem evaluation of tenants, and in the invention, the safety evaluation is divided into two parts, one is vulnerability inspection, and the other is baseline scanning; after the data acquisition of the two parts is completed, all tenants are subjected to normalization processing together, so that the overall evaluation is facilitated, then the two data are processed, the safety condition of the tenants can be acquired, the processing mode can be realized by the simplest linear regression, and the calculation amount of the server is reduced.
To further illustrate the working process of this embodiment, step S13 uses the following formula to obtain the security status of the tenant:
Mi=αiQi+βiPi
in the formula MiEvaluating the safety condition of the ith user; qiThe normalized vulnerability data for the ith user; piThe normalized baseline scan data for an ith user; alpha is alphaiThe vulnerability weight of the ith user; beta is aiIs the baseline scan weight of the ith user.
To further explain the operation of the present embodiment, step S2 includes the following sub-steps:
when said M isiSatisfies Mi≤MGWhen the safety condition of the ith user reaches the safety standard, wherein MGIs a safety standard threshold.
To further explain the operation of the present embodiment, step S4 includes the following sub-steps:
the tenant cache is an elastic container, and the capacity of the elastic container changes according to the load of the elastic container.
Tenant safety automatic intelligent detection system based on service load includes:
a detection unit: the system comprises a server, a server and a server, wherein the server is used for detecting the service load and the security condition of all tenants requesting services from the server;
a selecting unit: the tenant selection module is used for selecting all tenants with safety conditions meeting the safety standard as alternative tenants;
a storage unit: the system is used for storing all alternative tenant data;
a sorting unit: the system is used for sorting all the alternative tenants according to the service load from large to small, and selecting the top N sorted tenants as primary tenants; taking non-primary tenants in all tenants as secondary tenants;
an interaction unit: the tenant cache is established in all the first-level tenants;
the first-level tenant directly interacts with the server, and the second-level tenant interacts with the server through the tenant cache.
For further explaining the working process of this embodiment, the detection unit performs vulnerability detection and baseline scanning on the tenant to obtain vulnerability data and baseline scanning data; the detection unit normalizes the vulnerability data of all tenants to obtain normalized vulnerability data; normalizing the baseline scanning data of the tenants to obtain normalized baseline scanning data; and the detection unit acquires the safety condition of the tenant according to the normalized vulnerability data and the normalized baseline scanning data.
To further illustrate the working process of this embodiment, the detection unit obtains the security status of the tenant by using the following formula:
Mi=αiQi+βiPi
in the formula MiEvaluating the safety condition of the ith user; qiAs the ith userThe normalized vulnerability data of (a); piThe normalized baseline scan data for an ith user; alpha is alphaiThe vulnerability weight of the ith user; beta is aiIs the baseline scan weight of the ith user.
To further illustrate the operation of this embodiment, the selecting unit is the MiSatisfies Mi≤MGWhen the safety condition of the ith user reaches the safety standard, wherein MGIs a safety standard threshold.
To further illustrate the working process of this embodiment, the tenant cache is an elastic container, and the capacity of the elastic container varies according to the load size of the elastic container.
To further illustrate the working process of this embodiment, as shown in fig. 1, as an implementation manner of the present invention, this embodiment sets a tenant configuration module, all servers interact with tenants through the tenant configuration module, and the tenant configuration module includes a detection unit, a selection unit, a storage unit, a sorting unit, and an interaction unit;
first, a first-level tenant is selected, namely, tenant 11, tenant 12 and tenant 13 in fig. 1; secondary tenants are tenant 21, tenant 22 and tenant 23; at the moment, all secondary tenants interact with the tenant configuration module through the primary tenants and then interact with the server through the tenant configuration module.
The above-mentioned embodiments are intended to illustrate the objects, technical solutions and advantages of the present invention in further detail, and it should be understood that the above-mentioned embodiments are merely exemplary embodiments of the present invention, and are not intended to limit the scope of the present invention, and any modifications, equivalent substitutions, improvements and the like made within the spirit and principle of the present invention should be included in the scope of the present invention.
Claims (10)
1. The tenant safety automatic intelligent detection method based on the service load is characterized by comprising the following steps:
s1: detecting the service load and the safety condition of all tenants requesting services from the server;
s2: selecting all tenants with safety conditions meeting the safety standard as alternative tenants;
s3: sorting all the alternative tenants according to the service load from large to small, and selecting the top N sorted tenants as primary tenants; taking non-primary tenants in all tenants as secondary tenants;
s4: and establishing a tenant cache in all the first-level tenants, wherein the first-level tenants directly interact with the server, and the second-level tenants interact with the server through the tenant cache.
2. The tenant safety automation intelligent detection method based on the traffic load according to the claim 1, characterized in that the step S1 includes the following sub-steps:
s11: vulnerability detection and baseline scanning are carried out on the tenants to obtain vulnerability data and baseline scanning data;
s12: normalizing the vulnerability data of all tenants to obtain normalized vulnerability data; normalizing the baseline scanning data of the tenants to obtain normalized baseline scanning data;
s13: and acquiring the safety condition of the tenant according to the normalized vulnerability data and the normalized baseline scanning data.
3. The method for automatically and intelligently detecting the safety of the tenant based on the traffic load as claimed in claim 2, wherein step S13 adopts the following formula to obtain the safety condition of the tenant:
4. The tenant safety automation intelligent detection method based on the traffic load according to the claim 3, characterized in that the step S2 includes the following sub-steps:
5. The tenant safety automation intelligent detection method based on the traffic load according to the claim 1, characterized in that the step S4 includes the following sub-steps: the tenant cache is an elastic container, and the capacity of the elastic container changes along with the load of the elastic container.
6. Tenant safety automatic intelligent detection system based on service load, which is characterized by comprising:
a detection unit: the system comprises a server, a server and a server, wherein the server is used for detecting the service load and the security condition of all tenants requesting services from the server;
a selecting unit: the tenant selection module is used for selecting all tenants with safety conditions meeting the safety standard as alternative tenants;
a storage unit: the system is used for storing all alternative tenant data;
a sorting unit: the system is used for sorting all the alternative tenants according to the service load from large to small, and selecting the top N sorted tenants as primary tenants; taking non-primary tenants in all tenants as secondary tenants;
an interaction unit: the tenant cache is established in all the first-level tenants;
the first-level tenant directly interacts with the server, and the second-level tenant interacts with the server through the tenant cache.
7. The tenant safety automation intelligent detection system based on the service load as claimed in claim 6, wherein the detection unit performs vulnerability detection and baseline scanning on the tenant to obtain vulnerability data and baseline scanning data; the detection unit normalizes the vulnerability data of all tenants to obtain normalized vulnerability data; normalizing the baseline scanning data of the tenants to obtain normalized baseline scanning data; and the detection unit acquires the safety condition of the tenant according to the normalized vulnerability data and the normalized baseline scanning data.
8. The system according to claim 7, wherein the detection unit obtains the security status of the tenant by using the following formula:
10. The system according to claim 6, wherein the tenant cache is an elastic container, and the capacity of the elastic container varies with the load of the elastic container.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911076387.8A CN110826055B (en) | 2019-11-06 | 2019-11-06 | Tenant safety automatic intelligent detection method and system based on service load |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911076387.8A CN110826055B (en) | 2019-11-06 | 2019-11-06 | Tenant safety automatic intelligent detection method and system based on service load |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110826055A CN110826055A (en) | 2020-02-21 |
CN110826055B true CN110826055B (en) | 2021-07-30 |
Family
ID=69552998
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201911076387.8A Expired - Fee Related CN110826055B (en) | 2019-11-06 | 2019-11-06 | Tenant safety automatic intelligent detection method and system based on service load |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110826055B (en) |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103218175A (en) * | 2013-04-01 | 2013-07-24 | 无锡成电科大科技发展有限公司 | Multi-tenant cloud storage platform access control system |
CN106453665A (en) * | 2016-12-16 | 2017-02-22 | 东软集团股份有限公司 | Data caching method, server and system based on distributed caching system |
CN108701059A (en) * | 2016-02-19 | 2018-10-23 | 华为技术有限公司 | Multi-tenant resource allocation methods and system |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10635491B2 (en) * | 2014-01-21 | 2020-04-28 | Oracle International Corporation | System and method for use of a multi-tenant application server with a multitasking virtual machine |
-
2019
- 2019-11-06 CN CN201911076387.8A patent/CN110826055B/en not_active Expired - Fee Related
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103218175A (en) * | 2013-04-01 | 2013-07-24 | 无锡成电科大科技发展有限公司 | Multi-tenant cloud storage platform access control system |
CN108701059A (en) * | 2016-02-19 | 2018-10-23 | 华为技术有限公司 | Multi-tenant resource allocation methods and system |
CN106453665A (en) * | 2016-12-16 | 2017-02-22 | 东软集团股份有限公司 | Data caching method, server and system based on distributed caching system |
Non-Patent Citations (1)
Title |
---|
一种多租户云数据存储缓存管理机制;史玉良,王捷;《计算机研究与发展》;20141130;全文 * |
Also Published As
Publication number | Publication date |
---|---|
CN110826055A (en) | 2020-02-21 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10904277B1 (en) | Threat intelligence system measuring network threat levels | |
WO2021017279A1 (en) | Cluster security management method and apparatus based on kubernetes and network domain, and storage medium | |
US10320813B1 (en) | Threat detection and mitigation in a virtualized computing environment | |
US9306962B1 (en) | Systems and methods for classifying malicious network events | |
CN103399812B (en) | Based on disk file operation supervise and control system and the method for supervising of Xen hardware virtualization | |
US11818014B2 (en) | Multi-baseline unsupervised security-incident and network behavioral anomaly detection in cloud-based compute environments | |
CN103902885A (en) | Virtual machine security isolation system and method oriented to multi-security-level virtual desktop system | |
CN107800565A (en) | Method for inspecting, device, system, computer equipment and storage medium | |
CN108416665B (en) | Data interaction method and device, computer equipment and storage medium | |
US10425273B2 (en) | Data processing system and data processing method | |
CN107347078B (en) | Operating system weak password security detection method based on cloud service | |
CN108632111A (en) | Service link monitoring method based on log | |
US20160269428A1 (en) | Data processing | |
CN109766694A (en) | Program protocol white list linkage method and device of industrial control host | |
US11126468B2 (en) | Agent driven cluster gating for service management | |
CN107004088A (en) | Determining device, determine method and determination program | |
CN105072115A (en) | Information system invasion detection method based on Docker virtualization | |
US10929389B2 (en) | Data provenance using distributed ledgers | |
CN111159702B (en) | Process list generation method and device | |
CN113382010B (en) | Large-scale network security defense system based on cooperative intrusion detection | |
CN113923028A (en) | Network micro-isolation strategy self-generation method and system | |
US20200057677A1 (en) | Security-aware partitioning of processes | |
US11677758B2 (en) | Minimizing data flow between computing infrastructures for email security | |
CN110826055B (en) | Tenant safety automatic intelligent detection method and system based on service load | |
CN105260193A (en) | Self healing frame and healing method of large software |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20210730 |