CN112528285B - Security protection method and device for cloud computing platform, electronic equipment and storage medium - Google Patents

Security protection method and device for cloud computing platform, electronic equipment and storage medium Download PDF

Info

Publication number
CN112528285B
CN112528285B CN202011510763.2A CN202011510763A CN112528285B CN 112528285 B CN112528285 B CN 112528285B CN 202011510763 A CN202011510763 A CN 202011510763A CN 112528285 B CN112528285 B CN 112528285B
Authority
CN
China
Prior art keywords
file data
identified
cloud computing
computing platform
operating system
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011510763.2A
Other languages
Chinese (zh)
Other versions
CN112528285A (en
Inventor
伍晓泉
胡春潮
尤毅
曾杰
曾智勇
林丹生
唐升卫
刘菲
张晓悦
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Southern Power Grid Power Technology Co Ltd
Original Assignee
China Southern Power Grid Power Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Southern Power Grid Power Technology Co Ltd filed Critical China Southern Power Grid Power Technology Co Ltd
Priority to CN202011510763.2A priority Critical patent/CN112528285B/en
Publication of CN112528285A publication Critical patent/CN112528285A/en
Application granted granted Critical
Publication of CN112528285B publication Critical patent/CN112528285B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data

Abstract

The invention discloses a safety protection method and device of a cloud computing platform, electronic equipment and a storage medium, wherein the method is applied to a cloud computing platform protection system which is provided with two transmission interfaces; the method comprises the following steps: determining the file data to be identified which needs to be transferred in response to a transfer instruction, wherein the transfer instruction is generated when the first transmission interface is connected with the external equipment; carrying out risk identification on the file data to be identified to obtain safe file data; creating a virtual drive letter on the second transmission interface, and storing the security file data in the virtual drive letter; and transferring the file data from the virtual drive to the control terminal through a second transmission interface. The protection system is added for the cloud computing platform, safety protection is established under the condition that data interaction among the cloud computing platform, the industrial control terminal and the mobile medium is not influenced, unsafe file data possibly existing in the mobile medium are filtered, and existing viruses are isolated, so that the safety of the cloud computing platform and a host thereof is protected.

Description

Security protection method and device for cloud computing platform, electronic equipment and storage medium
Technical Field
The invention relates to the technical field of network security, in particular to a security protection method and device for a cloud computing platform, electronic equipment and a storage medium.
Background
In the business process of a production system in the power industry, a cloud computing platform of an industrial control system often needs to be connected with various industrial control terminals, such as: and communication connection is established among the power generation equipment, the power distribution terminal, the intelligent electric meter and the like so as to collect various service data and issue various industrial control instructions according to service requirements. But when using moving media such as: under the condition that a mobile hard disk or a U disk and the like are connected with a cloud computing platform and data interaction occurs, if viruses exist in a mobile medium, the cloud computing platform is easily infected by the viruses, and therefore a host of the cloud computing platform is damaged.
For a general host, the main method for virus prevention and control is to perform virus killing and isolation by deploying security software on the host. However, in the industrial control system, the types of the devices of the cloud computing platform are various, and the host of the cloud computing platform has no general software and hardware model, and further has no security protection software suitable for the host of the cloud computing platform.
In view of the fact that the industrial control system cloud computing platform bears the industrial control function, safety protection is established among the cloud computing platform, the industrial control terminal and the mobile medium, and therefore safety of the cloud computing platform is improved, and the method and the system have great significance.
Disclosure of Invention
The invention provides a safety protection method and device for a cloud computing platform, electronic equipment and a storage medium, which are used for establishing safety protection under the condition that data interaction between the cloud computing platform and an industrial control terminal is not influenced, so that the safety of the cloud computing platform and a host thereof is protected.
In a first aspect, the invention provides a security protection method for a cloud computing platform, which is applied to a cloud computing platform protection system, wherein the cloud computing platform protection system is configured with two transmission interfaces; the method comprises the following steps:
determining file data to be identified which needs to be transferred in response to a transfer instruction, wherein the transfer instruction is generated when the first transmission interface is connected with external equipment;
carrying out risk identification on the file data to be identified to obtain safe file data;
creating a virtual drive letter on a second transmission interface, and storing the security file data in the virtual drive letter;
and transferring the file data from the virtual drive to a control terminal through the second transmission interface.
Optionally, performing risk identification on the file data to be identified to obtain identified file data, including:
determining the type of an operating system;
screening out executable files with virus transmission risks from the file data to be identified based on the system type;
and comparing the content contained in the executable file with a virus characteristic library to determine the safety data.
Optionally, based on the system type, screening out an executable file with a virus propagation risk from the file data to be identified includes:
step S1, judging whether the file data to be identified is a binary file; if yes, go to step S2, otherwise go to step S3;
step S2, determining whether the file data to be identified can be executed in the operating system; if yes, screening out executable files with virus propagation risks from the file data to be identified; if not, go to step S3;
and step S3, determining the file data to be identified as safe file data.
Optionally, before determining the operating system type, the method further includes:
disabling a self-starting script function on the external device.
Optionally, determining whether the file data to be identified can be executed in the operating system includes:
step S4, according to the binary value in the binary code of the file data to be identified, judging whether the file data to be identified can be executed in the operating system; if yes, go to step S5, otherwise go to step S6;
step S5, simulating the execution process of the file data to be identified in the virtual operating system environment, and determining whether the file data to be identified can be executed, if yes, determining that the file data to be identified can be executed in the operating system; if not, go to step S6;
step S6, determining that the file data to be identified cannot be executed in the operating system.
Optionally, after the file data is transferred from the virtual drive to the control terminal through the second transmission interface, the method further includes:
and recording the file information of the file to be identified and the platform information of the protected cloud computing platform.
In a second aspect, the present invention provides a security protection device for a cloud computing platform, including: the method is applied to a cloud computing platform protection system, and the cloud computing platform protection system is provided with two transmission interfaces; the device comprises:
the response module is used for responding to a transfer instruction, determining to-be-identified file data needing to be transferred, wherein the transfer instruction is generated when the first transmission interface is connected with external equipment;
the identification module is used for carrying out risk identification on the file data to be identified to obtain safe file data;
in an optional embodiment, the identification module comprises:
the determining submodule is used for determining the type of the operating system;
the screening submodule is used for screening the executable file with the virus propagation risk from the file data to be identified based on the system type;
and the comparison submodule is used for comparing the content contained in the executable file with a virus characteristic library to determine the safety data.
In an alternative embodiment, the screening submodule includes:
the judging unit is used for judging whether the file data to be identified is a binary file; if yes, executing a first determining unit, and if not, executing a second determining unit;
the first determining unit is used for determining whether the file data to be identified can be executed in the operating system; if yes, screening out executable files with virus propagation risks from the file data to be identified; if not, executing a second determining unit;
in an optional embodiment, the first determining unit comprises:
the first judging subunit is used for judging whether the file data to be identified can be executed in the operating system according to the binary value in the binary code of the file data to be identified; if yes, executing the second judgment subunit, and if not, executing the executive confirmation subunit;
the second judging subunit simulates an execution process of the file data to be identified in the virtual operating system environment, judges whether the file data to be identified can be executed, and determines that the file data to be identified can be executed in the operating system if the file data to be identified can be executed in the virtual operating system environment; if not, executing the executive determining subunit;
and the executive determination subunit is used for determining that the file data to be identified cannot be executed in the operating system.
And the second determining unit is used for determining the file data to be identified as safe file data.
The creating module is used for creating a virtual drive letter on a second transmission interface and storing the security file data in the virtual drive letter;
and the transfer module is used for transferring the file data from the virtual drive letter to the control terminal through the second transmission interface.
In an optional embodiment, the apparatus further comprises:
and the forbidding module is used for forbidding the self-starting script function on the external equipment.
In an optional embodiment, the apparatus further comprises:
and the recording module is used for recording the file information of the file to be identified and the platform information of the protected cloud computing platform.
In a third aspect, the present application provides an electronic device comprising a processor and a memory, wherein the memory stores computer readable instructions, and the computer readable instructions, when executed by the processor, perform the steps of the method as provided in the first aspect.
In a fourth aspect, the present application provides a storage medium having stored thereon a computer program which, when executed by a processor, performs the steps of the method as provided in the first aspect above.
According to the technical scheme, the invention has the following advantages:
the method comprises the steps of responding to a transfer instruction, determining the file data to be identified which needs to be transferred, wherein the transfer instruction is generated when a first transmission interface is connected with external equipment; carrying out risk identification on the file data to be identified to obtain safe file data; creating a virtual drive letter on a second transmission interface, and storing the security file data in the virtual drive letter; and transferring the file data from the virtual drive to a control terminal through the second transmission interface. The protection system is added for the cloud computing platform, safety protection is established under the condition that data interaction among the cloud computing platform, the industrial control terminal and the mobile medium is not influenced, unsafe file data possibly existing in the mobile medium are filtered, and existing viruses are isolated, so that the safety of the cloud computing platform and a host thereof is protected.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to these drawings without inventive exercise.
Fig. 1 is a flowchart illustrating a first embodiment of a security protection method for a cloud computing platform according to the present invention;
fig. 2 is a flowchart illustrating steps of a second embodiment of a security protection method for a cloud computing platform according to the present invention;
fig. 3 is a flowchart illustrating a specific step of step S24 in the second embodiment of the security protection method for a cloud computing platform according to the present invention;
fig. 4 is a flowchart illustrating a specific step of step S242 in the second embodiment of the security protection method for a cloud computing platform according to the present invention;
FIG. 5 is a block diagram of a cloud computing platform protection system according to the present invention;
fig. 6 is a block diagram of a security protection apparatus of a cloud computing platform according to an embodiment of the present invention.
Detailed Description
The embodiment of the invention provides a security protection method and device for a cloud computing platform, electronic equipment and a storage medium, which are used for establishing security protection under the condition that data interaction between the cloud computing platform and an industrial control terminal is not influenced, so that the security of the cloud computing platform and a host thereof is protected.
In order to make the objects, features and advantages of the present invention more obvious and understandable, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is obvious that the embodiments described below are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In a first embodiment, please refer to fig. 1, where fig. 1 is a flowchart illustrating a first step of a security protection method for a cloud computing platform according to a first embodiment of the present invention, and the security protection method is applied to a cloud computing platform protection system, where the cloud computing platform protection system is configured with two transmission interfaces; the method specifically comprises the following steps:
step S101, responding to a transfer instruction, determining file data to be identified which needs to be transferred, wherein the transfer instruction is generated when a first transmission interface is connected with external equipment;
in the embodiment of the invention, when the second transmission interface is connected with the external device, a corresponding transfer instruction is generated, in most cases, the external device is a storage medium and is used for uploading important data to the cloud computing platform, and then the industrial engineering terminal on the other side connected with the cloud computing platform can acquire the important data in the storage medium at any time and any place.
Step S102, risk identification is carried out on the file data to be identified to obtain safe file data;
in the embodiment of the invention, the file data to be identified is determined according to the transfer instruction, risk identification is carried out on the file data to be identified, and risk file data possibly existing in the file data to be identified is eliminated, so that the safety file data is obtained.
Step S103, a virtual drive letter is created on a second transmission interface, and the safety file data is stored in the virtual drive letter;
in the embodiment of the present invention, a virtual drive letter is created, which is used to store the security file data obtained in step S102, so as to be obtained by the control terminal.
And step S104, transferring the file data from the virtual drive to a control terminal through the second transmission interface.
In this embodiment of the present invention, when receiving the control terminal acquisition instruction, the transferring the virtual drive letter and the security file data stored in the virtual drive letter obtained in step S103 to the control terminal through the second transmission interface includes: power generation facility, distribution terminal and smart electric meter etc..
In an optional embodiment, after transferring the file data from the virtual drive to the control terminal through the second transmission interface, the method further includes:
and recording the file information of the file to be identified and the platform information of the protected cloud computing platform.
In the embodiment of the invention, the specific information of the transfer event, namely the addition and deletion record of the cloud computing platform, is recorded in the log, so that information support can be provided when the program is debugged and the bug is modified.
In the embodiment of the invention, the file data to be identified which needs to be transferred is determined by responding to a transfer instruction, wherein the transfer instruction is generated when the first transmission interface is connected with the external equipment; carrying out risk identification on the file data to be identified to obtain safe file data; creating a virtual drive letter on a second transmission interface, and storing the security file data in the virtual drive letter; and transferring the file data from the virtual drive to a control terminal through the second transmission interface. The protection system is added for the cloud computing platform, safety protection is established under the condition that data interaction among the cloud computing platform, the industrial control terminal and the mobile medium is not influenced, unsafe file data possibly existing in the mobile medium are filtered, and existing viruses are isolated, so that the safety of the cloud computing platform and a host thereof is protected.
In a second embodiment, please refer to fig. 2, which is a flowchart illustrating steps of a second embodiment of a security protection method for a cloud computing platform according to the present invention, and the method is applied to a cloud computing platform protection system, and the steps specifically include:
step S21, responding to a transfer instruction, determining the file data to be identified which needs to be transferred, wherein the transfer instruction is generated when the first transmission interface is connected with an external device;
step S22, forbidding the self-starting script function on the external equipment;
in the embodiment of the invention, the self-starting script function on the external equipment is forbidden, so that the virus infection is confirmed to be received when the external equipment is connected.
Step S23, determining the type of the operating system;
step S24, based on the system type, screening out executable files with virus propagation risks from the file data to be identified;
referring to fig. 3, fig. 3 is a flowchart illustrating a specific step of step S24 in a second embodiment of a security protection method for a cloud computing platform of the present invention, and in an alternative embodiment, the method for screening out an executable file with a virus propagation risk from file data to be identified based on the system type includes:
step S241, judging whether the file data to be identified is a binary file; if yes, go to step S242, otherwise go to step S243;
step S242, determining whether the file data to be identified can be executed in the operating system; if yes, screening out executable files with virus propagation risks from the file data to be identified; if not, go to step S243;
step S243, determining that the file data to be identified is security file data.
In the embodiment of the present invention, it is determined whether the file data to be identified is a binary file, and according to the operating system type of the cloud computing platform determined in step S23, an executable file with a virus propagation risk is screened from the file data to be identified according to the operating system type, and if the file data to be identified is not a binary file, or if it is determined that the file data to be identified cannot be executed by the operating system, the file data to be identified may be considered as secure file data.
Referring to fig. 4, fig. 4 is a flowchart illustrating a specific step of step S242 in a second embodiment of a security protection method for a cloud computing platform according to the present invention, and in an optional embodiment, determining whether the file data to be identified can be executed in the operating system includes:
step S2421, judging whether the file data to be identified can be executed in the operating system according to the binary value in the binary code of the file data to be identified; if yes, executing step S2422, otherwise, executing step S2423;
step S2422, simulating the execution process of the file data to be identified in the virtual operating system environment, judging whether the file data to be identified can be executed, and if so, determining that the file data to be identified can be executed in the operating system; if not, executing step S2423;
step S2423, determining that the file data to be identified cannot execute the steps on the operating system.
For example, for a scenario in which a cloud computing platform is a windows operating system, if two bytes of a file header of file data to be identified are 0x4d 0x5a, it is determined that the file data to be identified is an executable program on the windows operating system, and for the file data to be identified, a system function CreateProcess may be called to determine whether the file data to be identified can be executed on the windows system, and if the file data to be identified can be successfully executed, it is determined that the file data to be identified can be executed on the operating system; if the file data to be identified is not a binary file, or the file to be identified cannot be executed under the virtual windows operation, it may be determined that the file data to be identified cannot be executed on the cloud computing platform, and further, the file data to be identified may also be considered as security data.
Step S25, comparing the content contained in the executable file with a virus characteristic library to determine the safety data;
in the embodiment of the invention, the virus feature library and the software in the cloud computing platform protection system can be updated remotely under the condition of online or offline. And comparing the executable file with the virus characteristic library to determine the safety data.
In a specific implementation, in order to save the comparison time of the executable file and the virus feature library as much as possible and to realize the fast interaction of data, a B2B high-speed and high-precision interconnection connector is generally adopted to realize the connection between the circuit boards.
Step S26, creating a virtual drive on a second transmission interface, and storing the security file data in the virtual drive;
and step S27, transferring the file data from the virtual drive to a control terminal through the second transmission interface.
In the security protection method for the cloud computing platform provided by the embodiment of the invention, the file data to be identified which needs to be transferred is determined by responding to a transfer instruction, wherein the transfer instruction is generated when the first transmission interface is connected with the external equipment; carrying out risk identification on the file data to be identified to obtain safe file data; creating a virtual drive letter on a second transmission interface, and storing the security file data in the virtual drive letter; and transferring the file data from the virtual drive to a control terminal through the second transmission interface. The protection system is added for the cloud computing platform, safety protection is established under the condition that data interaction among the cloud computing platform, the industrial control terminal and the mobile medium is not influenced, unsafe file data possibly existing in the mobile medium are filtered, and existing viruses are isolated, so that the safety of the cloud computing platform and a host thereof is protected.
To facilitate the understanding of the beneficial effects of the present invention by those skilled in the art, the following examples illustrate the kinetic properties analyzed by the present invention and those analyzed by the prior art.
Referring to fig. 5, fig. 5 is a block diagram of a cloud computing platform protection system according to the present invention, where 1 is a cloud protection device, 2 is an industrial control terminal, 3 is a mobile medium, 4 is the internet, and the cloud protection device 1 is configured with a first transmission interface 11, a second transmission interface 12, and a NET interface 13. The first transmission interface 11 is used for connecting the cloud protection device 1 and the industrial control terminal 2, and transmitting the security file data which is subjected to risk identification and stored in the virtual disk drive to the industrial control terminal 2; the second transmission interface 12 is used for connecting the mobile medium 3 and the cloud protection device 1, performing risk identification on file data to be identified in the cloud protection device 1, which needs to be transferred, upgrading system software, and updating a virus feature library; the NET interface 13 is used for connecting with the Internet, and realizes remote virus feature library updating, system software upgrading and system parameter configuration under specific conditions. In a specific implementation, the NET interface 13 can be connected with the internet 4 at any time, so that the virus feature library can be updated remotely and the system software can be upgraded. After the mobile medium 3 is connected with the cloud protective device 1 through the second transmission interface 12, the cloud protective device determines file data to be identified, which needs to be transferred, performs risk identification on the file data to obtain secure file data, then creates a virtual drive on the second transmission interface 12, stores the secure file data in the virtual drive, and then transmits the virtual drive and the secure file data to the industrial control terminal 2 through the first transmission interface 11.
Referring to fig. 6, a block diagram of an embodiment of a security protection device of a cloud computing platform is shown, which includes the following modules:
the response module 101 is configured to determine, in response to a transfer instruction, file data to be identified that needs to be transferred, where the transfer instruction is generated when the first transmission interface is connected to an external device;
the identification module 102 is configured to perform risk identification on the file data to be identified to obtain secure file data;
in an alternative embodiment, the identification module 102 includes:
the determining submodule is used for determining the type of the operating system;
the screening submodule is used for screening the executable file with the virus propagation risk from the file data to be identified based on the system type;
and the comparison submodule is used for comparing the content contained in the executable file with a virus characteristic library to determine the safety data.
In an alternative embodiment, the screening submodule includes:
the judging unit is used for judging whether the file data to be identified is a binary file; if yes, executing a first determining unit, and if not, executing a second determining unit;
the first determining unit is used for determining whether the file data to be identified can be executed in the operating system; if yes, screening out executable files with virus propagation risks from the file data to be identified; if not, executing a second determining unit;
in an optional embodiment, the first determining unit comprises:
the first judging subunit is used for judging whether the file data to be identified can be executed in the operating system according to the binary value in the binary code of the file data to be identified; if yes, executing the second judgment subunit, and if not, executing the executive confirmation subunit;
the second judging subunit simulates an execution process of the file data to be identified in the virtual operating system environment, judges whether the file data to be identified can be executed, and determines that the file data to be identified can be executed in the operating system if the file data to be identified can be executed in the virtual operating system environment; if not, executing the executive determining subunit;
and the executive determination subunit is used for determining that the file data to be identified cannot be executed in the operating system.
And the second determining unit is used for determining the file data to be identified as safe file data.
A creating module 103, configured to create a virtual drive letter on a second transmission interface, and store the secure file data in the virtual drive letter;
a transfer module 104, configured to transfer the file data from the virtual drive to a control terminal through the second transmission interface.
In an optional embodiment, the apparatus further comprises:
and the forbidding module is used for forbidding the self-starting script function on the external equipment.
In an optional embodiment, the apparatus further comprises:
and the recording module is used for recording the file information of the file to be identified and the platform information of the protected cloud computing platform.
An embodiment of the present invention further provides an electronic device, which includes a memory and a processor, where the memory stores a computer program, and when the computer program is executed by the processor, the processor executes the steps of the security protection method for a cloud computing platform according to any one of the above embodiments.
The embodiment of the present invention further provides a computer-readable storage medium, on which a computer program is stored, and when the computer program is executed by the processor, the method for implementing the security of the cloud computing platform according to any of the above embodiments is implemented.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working process of the apparatus described above may refer to the corresponding process in the foregoing method embodiment, and is not described herein again.
In the embodiments provided in the present invention, it should be understood that the disclosed apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one logical division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
The above-mentioned embodiments are only used for illustrating the technical solutions of the present invention, and not for limiting the same; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.

Claims (7)

1. The safety protection method of the cloud computing platform is characterized by being applied to a cloud computing platform protection system, wherein the cloud computing platform protection system is provided with two transmission interfaces; the method comprises the following steps:
determining file data to be identified which needs to be transferred in response to a transfer instruction, wherein the transfer instruction is generated when the first transmission interface is connected with external equipment;
carrying out risk identification on the file data to be identified to obtain safe file data;
creating a virtual drive letter on a second transmission interface, and storing the security file data in the virtual drive letter;
transferring the file data from the virtual drive letter to a control terminal through the second transmission interface;
carrying out risk identification on the file data to be identified to obtain safe file data, and the method comprises the following steps:
determining the type of an operating system;
screening out executable files with virus transmission risks from the file data to be identified based on the system type;
comparing the content contained in the executable file with a virus characteristic library to determine the security file data;
screening out executable files with virus transmission risks from the file data to be identified based on the system type, wherein the executable files comprise:
step S1, judging whether the file data to be identified is a binary file; if yes, go to step S2, otherwise go to step S3;
step S2, determining whether the file data to be identified can be executed in the operating system; if yes, screening out executable files with virus propagation risks from the file data to be identified; if not, go to step S3;
and step S3, determining the file data to be identified as safe file data.
2. The method for securing the cloud computing platform according to claim 1, wherein before determining the operating system type, the method further comprises:
disabling a self-starting script function on the external device.
3. The security protection method for the cloud computing platform according to claim 2, wherein determining whether the file data to be identified can be executed in the operating system comprises:
step S4, according to the binary value in the binary code of the file data to be identified, judging whether the file data to be identified can be executed in the operating system; if yes, go to step S5, otherwise go to step S6;
step S5, simulating the execution process of the file data to be identified in the virtual operating system environment, and determining whether the file data to be identified can be executed, if yes, determining that the file data to be identified can be executed in the operating system; if not, go to step S6;
step S6, determining that the file data to be identified cannot be executed in the operating system.
4. The security protection method for the cloud computing platform according to any one of claims 1 to 3, wherein after the file data is transferred from the virtual drive to the control terminal through the second transmission interface, the method further includes:
and recording the file information of the file to be identified and the platform information of the protected cloud computing platform.
5. The safety protection device of the cloud computing platform is characterized by being applied to a cloud computing platform protection system, wherein the cloud computing platform protection system is provided with two transmission interfaces; the device comprises:
the response module is used for responding to a transfer instruction, determining to-be-identified file data needing to be transferred, wherein the transfer instruction is generated when the first transmission interface is connected with external equipment;
the identification module is used for carrying out risk identification on the file data to be identified to obtain safe file data;
the creating module is used for creating a virtual drive letter on a second transmission interface and storing the security file data in the virtual drive letter;
the transfer module is used for transferring the file data from the virtual drive letter to a control terminal through the second transmission interface;
the identification module comprises:
the determining submodule is used for determining the type of the operating system;
the screening submodule is used for screening the executable file with the virus propagation risk from the file data to be identified based on the system type;
the comparison submodule is used for comparing the content contained in the executable file with a virus feature library to determine the safety file data;
the first determination unit includes:
the first judging subunit is used for judging whether the file data to be identified can be executed in the operating system according to the binary value in the binary code of the file data to be identified; if yes, executing the second judgment subunit, and if not, executing the executive confirmation subunit;
the second judging subunit simulates an execution process of the file data to be identified in the virtual operating system environment, judges whether the file data to be identified can be executed, and determines that the file data to be identified can be executed in the operating system if the file data to be identified can be executed in the virtual operating system environment; if not, executing the executive determining subunit;
and the executive determination subunit is used for determining that the file data to be identified cannot be executed in the operating system.
6. An electronic device comprising a processor and a memory, the memory storing computer readable instructions that, when executed by the processor, perform the method of any of claims 1-4.
7. A storage medium having a computer program stored thereon, wherein the computer program, when executed by a processor, performs the method according to any of claims 1-4.
CN202011510763.2A 2020-12-18 2020-12-18 Security protection method and device for cloud computing platform, electronic equipment and storage medium Active CN112528285B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011510763.2A CN112528285B (en) 2020-12-18 2020-12-18 Security protection method and device for cloud computing platform, electronic equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011510763.2A CN112528285B (en) 2020-12-18 2020-12-18 Security protection method and device for cloud computing platform, electronic equipment and storage medium

Publications (2)

Publication Number Publication Date
CN112528285A CN112528285A (en) 2021-03-19
CN112528285B true CN112528285B (en) 2022-01-25

Family

ID=75001722

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011510763.2A Active CN112528285B (en) 2020-12-18 2020-12-18 Security protection method and device for cloud computing platform, electronic equipment and storage medium

Country Status (1)

Country Link
CN (1) CN112528285B (en)

Family Cites Families (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102045368A (en) * 2011-01-20 2011-05-04 中兴通讯股份有限公司 Virus preventing method of intelligent mobile terminal and system
CN102523270B (en) * 2011-12-09 2015-05-13 成都东方盛行电子有限责任公司 Method for realizing cloud storage
CN202565288U (en) * 2012-05-09 2012-11-28 浪潮齐鲁软件产业有限公司 Portable virus isolating cloud terminal
KR20140122964A (en) * 2013-04-11 2014-10-21 주식회사 안랩 Apparatus and system for detecting malware based on cloud and method thereof
CN103532927A (en) * 2013-07-30 2014-01-22 北京中科金财科技股份有限公司 Financial cloud safety service platform based on mobile terminal and data protection method
CN103679026B (en) * 2013-12-03 2016-11-16 西安电子科技大学 Rogue program intelligence system of defense under a kind of cloud computing environment and defence method
CN104410617B (en) * 2014-11-21 2018-04-17 西安邮电大学 A kind of information security attacking & defending department framework of cloud platform
CN104700033B (en) * 2015-03-30 2019-01-29 北京瑞星网安技术股份有限公司 The method and device of viral diagnosis
CN107544751B (en) * 2017-05-17 2021-11-23 新华三云计算技术有限公司 Method and device for remotely accessing disk
CN107370747A (en) * 2017-08-14 2017-11-21 北京奇安信科技有限公司 A kind of method and device for preventing malicious file from propagating
CN109753795A (en) * 2018-12-06 2019-05-14 广东技术师范学院天河学院 A kind of virus monitor prior-warning device and application method based on cloud platform
CN109451079B (en) * 2019-01-11 2022-05-24 成都信息工程大学 Cloud USB flash disk and storage method and storage system thereof
CN110516442A (en) * 2019-08-29 2019-11-29 南方电网科学研究院有限责任公司 A kind of power distribution network safety defense system, method, apparatus, equipment and storage medium
CN110865981A (en) * 2019-11-12 2020-03-06 广州三星通信技术研究有限公司 File access method for mobile terminal and mobile terminal thereof
CN110717183B (en) * 2019-12-09 2020-10-27 深信服科技股份有限公司 Virus checking and killing method, device, equipment and storage medium
CN111459609B (en) * 2020-03-10 2024-04-19 奇安信科技集团股份有限公司 Virtual machine safety protection method and device and electronic equipment
CN111935108B (en) * 2020-07-24 2023-02-28 杭州安恒信息技术股份有限公司 Cloud data security access control method and device, electronic device and storage medium

Also Published As

Publication number Publication date
CN112528285A (en) 2021-03-19

Similar Documents

Publication Publication Date Title
CN101777062B (en) Context-aware real-time computer-protection systems and methods
CN108292133B (en) System and method for identifying compromised devices within an industrial control system
CN103975337A (en) Predictive heap overflow protection
CN105068932A (en) Android application program packing detection method
CN101753570A (en) methods and systems for detecting malware
CN102629310A (en) System and method for protecting computer system from being infringed by activities of malicious objects
CN105871587A (en) Log uploading method and device
CN103885808A (en) Hotfix processing method and device
CN103109295A (en) Systems and methods for creating customized confidence bands for use in malware detection
CN109391694A (en) Document transmission method and relevant device based on SFTP
CN103646062A (en) Scanning method and device for downloaded file
CN105282244A (en) Data processing method and device, server and controller
CN112528285B (en) Security protection method and device for cloud computing platform, electronic equipment and storage medium
CN111162880A (en) Data transmission method, device, equipment and storage medium
CN114048108A (en) Automatic treatment method and device for multi-source heterogeneous data
CN113704569A (en) Information processing method and device and electronic equipment
CN114679295B (en) Firewall security configuration method and device
CN107526838A (en) The method and apparatus of data-base cluster dilatation
CN108052842B (en) Signature data storage and verification method and device
CN113177063B (en) Thermal reset method and related device of PCI bus equipment
CN112912841A (en) Hardware upgrading method, device, equipment and storage medium
CN101398876A (en) Methods and systems for configuring a specific-use computing system
CN114662097A (en) CSV file injection attack detection method and device, electronic equipment and storage medium
CN114401121A (en) Application program login method and device, electronic equipment and readable storage medium
CN103714291A (en) Information processing method and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant