CN113918331A - Method and device for realizing cloud security operation platform - Google Patents

Method and device for realizing cloud security operation platform Download PDF

Info

Publication number
CN113918331A
CN113918331A CN202111181834.3A CN202111181834A CN113918331A CN 113918331 A CN113918331 A CN 113918331A CN 202111181834 A CN202111181834 A CN 202111181834A CN 113918331 A CN113918331 A CN 113918331A
Authority
CN
China
Prior art keywords
cloud
cloud security
operation platform
resources
security operation
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111181834.3A
Other languages
Chinese (zh)
Inventor
何文娟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Unihub China Information Technology Co Ltd
Zhongying Youchuang Information Technology Co Ltd
Original Assignee
Unihub China Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Unihub China Information Technology Co Ltd filed Critical Unihub China Information Technology Co Ltd
Priority to CN202111181834.3A priority Critical patent/CN113918331A/en
Publication of CN113918331A publication Critical patent/CN113918331A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/50Allocation of resources, e.g. of the central processing unit [CPU]
    • G06F9/5061Partitioning or combining of resources
    • G06F9/5072Grid computing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Mathematical Physics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention discloses a method and a device for realizing a cloud security operation platform, wherein the method comprises the following steps: the cloud security operation platform determines required cloud resource configuration information according to cloud security products ordered by a user, and determines a corresponding cloud management platform according to position information of protected cloud assets; the cloud management platform creates cloud resources according to the cloud resource configuration information; and the certificate management center automatically authorizes the cloud security product according to the cloud security product specification and the cloud resource. The method and the device greatly improve the deployment efficiency of the cloud security product through the mapping of the cloud security and authorization center and the cloud resources.

Description

Method and device for realizing cloud security operation platform
Technical Field
The invention relates to the technical field of cloud security management, in particular to a method and a device for realizing a cloud security operation platform.
Background
The cloud computing can flexibly distribute resources, elastically expand and quickly recover, so that the operation and maintenance efficiency is greatly improved, the project deployment period is shortened, and the operation and maintenance cost is saved. With the development of cloud computing, more and more services are deployed on the cloud, and the cloud security is paid more and more attention by users.
For the safety of the service on the cloud, a cloud computing manufacturer can introduce a third-party safety product, and a user can select the safety product according to the requirement of the service. At present, cloud security operation platform all need develop the butt joint to the cloud security product of newly receiving the pipe and just can realize receiving the pipe, and all be semi-automatization moreover basically, can't realize automatic the authorization, and a lot of cloud security products are all manual leading-in certificate and authorize for cloud security product last line cycle is long, and the deployment cycle is long, can not be full automatization, does not match with the development of cloud resource self.
Disclosure of Invention
In order to solve the problems in the prior art, the invention provides a method and a device for realizing a cloud security operation platform, which greatly improve the deployment efficiency of cloud security products through the mapping of the specification of the cloud security products, cloud resources and a certificate management center.
In order to achieve the purpose, the invention adopts the following technical scheme:
in an embodiment of the present invention, a method for implementing a cloud security operation platform is provided, where the method includes:
the cloud security operation platform determines required cloud resource configuration information according to cloud security products ordered by a user, and determines a corresponding cloud management platform according to position information of protected cloud assets;
the cloud management platform creates cloud resources according to the cloud resource configuration information;
and the certificate management center automatically authorizes the cloud security product according to the cloud security product specification and the cloud resource.
Further, the cloud security product has a unique identifier;
the cloud security product is associated with the certificate management center through the unique identification.
Further, cloud security products have multiple specifications, one specification may relate to multiple cloud resources.
Further, the cloud security operation platform initiates a deployment request of the cloud resources to the cloud management platform according to the determined cloud resource configuration information.
Further, the cloud management platform creates cloud resources according to the deployment request of the cloud resources, and allocates the network resources according to the network requirements of the cloud resources.
Further, the cloud security operation platform informs the certificate management center of the cloud security product specification and the elastic IP, the cloud resource identification and the port information of the cloud security product to be authorized.
Further, the certificate management center generates a certificate according to the cloud security product specification and the cloud resource identification, and automatically authorizes the cloud security product through the elastic IP and the port information.
In an embodiment of the present invention, an apparatus for implementing a cloud security operation platform is further provided, where the apparatus includes:
the cloud security product management module is used for managing cloud security products and establishing a mapping relation between cloud security product specifications and cloud resources;
the cloud resource management module is used for managing cloud resources;
the authorization center management module is used for realizing interaction between the cloud security operation platform and the certificate management center and realizing automatic authorization of cloud security products;
the order management module is used for realizing the ordering of the cloud security products by the user;
and the cloud service management module is used for realizing the interaction between the cloud security operation platform and the cloud management platform.
Further, the cloud security operation platform determines required cloud resource configuration information according to the cloud security products ordered by the user, and determines the corresponding cloud management platform according to the position information of the protected cloud assets.
Further, the cloud management platform creates cloud resources according to the cloud resource configuration information.
Further, the certificate management center automatically authorizes the cloud security product according to the cloud security product specification and the cloud resources.
Further, the cloud security product has a unique identifier;
the cloud security product is associated with the certificate management center through the unique identification.
Further, cloud security products have multiple specifications, one specification may relate to multiple cloud resources.
Further, the cloud security operation platform initiates a deployment request of the cloud resources to the cloud management platform according to the determined cloud resource configuration information.
Further, the cloud management platform creates cloud resources according to the deployment request of the cloud resources, and allocates the network resources according to the network requirements of the cloud resources.
Further, the cloud security operation platform informs the certificate management center of the cloud security product specification and the elastic IP, the cloud resource identification and the port information of the cloud security product to be authorized.
Further, the certificate management center generates a certificate according to the cloud security product specification and the cloud resource identification, and automatically authorizes the cloud security product through the elastic IP and the port information.
In an embodiment of the present invention, a computer device is further provided, which includes a memory, a processor, and a computer program stored on the memory and executable on the processor, and when the processor executes the computer program, the implementation method of the cloud security operation platform is implemented.
In an embodiment of the present invention, a computer-readable storage medium is further provided, where a computer program for executing the implementation method of the cloud security operation platform is stored in the computer-readable storage medium.
Has the advantages that:
according to the invention, the multi-cloud management platform and the multi-cloud security product are automatically butted through the mapping relation between the cloud security product specification and the cloud resources and the certificate management center, and the rapid deployment and automatic authorization of the cloud security product can be realized, so that the online time of the cloud security product is greatly reduced, and the maintenance efficiency of the cloud security product is improved.
Drawings
Fig. 1 is a schematic flow chart of an implementation method of a cloud security operation platform according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram of an implementation apparatus of a cloud security operation platform according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of a computer device according to an embodiment of the present invention.
Detailed Description
The principles and spirit of the present invention will be described below with reference to several exemplary embodiments, which should be understood to be presented only to enable those skilled in the art to better understand and implement the present invention, and not to limit the scope of the present invention in any way. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
As will be appreciated by one skilled in the art, embodiments of the present invention may be embodied as a system, apparatus, device, method, or computer program product. Accordingly, the present disclosure may be embodied in the form of: entirely hardware, entirely software (including firmware, resident software, micro-code, etc.), or a combination of hardware and software.
According to the implementation mode of the invention, the cloud security operation platform determines the required cloud resource configuration information according to the cloud security product ordered by the user, and determines the corresponding cloud management platform according to the position information of the protected cloud asset; the cloud management platform creates cloud resources according to the cloud resource configuration information; the certificate management center automatically authorizes the cloud security product according to the cloud security product specification and the cloud resources, and therefore automatic deployment and automatic authorization of the cloud security product are achieved.
The principles and spirit of the present invention are explained in detail below with reference to several representative embodiments of the invention.
Fig. 1 is a schematic flow chart of an implementation method of a cloud security operation platform according to an embodiment of the present invention. As shown in fig. 1, the method includes:
s1, the cloud security operation platform creates a cloud security product and the specification of the cloud security product;
the cloud security operation platform creates a cloud security product, and the cloud security product has a unique identifier; associating the unique identification of the cloud security product with the specification of the cloud security product; each cloud security product can be set to various specifications according to the characteristics of the product.
S2, establishing a mapping relation between the cloud security product and the certificate management center and between the cloud security product and the cloud resources;
the cloud security product establishes a mapping relation with the certificate management center according to the unique cloud security product identifier, and the certificate management center can generate a certificate according to the specification of the cloud security product and the identifier of the cloud resource associated with the cloud security product and automatically authorize the cloud security product; the cloud security operation platform manages a communication mode and an authorization mode of the certificate management center;
establishing a mapping relation between different cloud security product specifications and cloud resources according to the cloud resources required by the cloud security product specifications; the cloud resource configuration information comprises CPU type, CPU number, internal memory, system disk, data disk size and bandwidth, elastic IP, mirror image and the like; a security product specification may associate multiple cloud resources.
S3, determining required cloud resource configuration information according to the cloud security products ordered by the user, and determining the corresponding cloud management platform according to the position information of the protected cloud assets;
a user orders a cloud security product through a cloud security operation platform, determines the specification of the cloud security product according to service requirements, and determines network information of the cloud security product according to the network information of protected cloud assets; the cloud security operation platform determines required cloud resource configuration information according to the cloud security product specification; the cloud security operation platform determines a cloud management platform corresponding to a cloud security product according to the position information of the protected cloud assets, wherein the position information can be a resource pool; the cloud security operation platform determines network information of cloud security products including VPC (virtual private cloud) information, subnet information, security groups and the like according to the network information of the protected cloud assets.
S4, the cloud management platform creates cloud resources according to the cloud resource configuration information;
the cloud security operation platform informs the cloud management platform of cloud resource configuration information required by the cloud security product, and the cloud management platform creates cloud resources according to the informed cloud resource configuration information and allocates related network resources to the cloud resources according to network requirements of the cloud resources;
the cloud resource information is input by a web page;
and automatically generating a unique cloud resource identifier after the cloud resource is deployed.
S5, after the cloud security operation platform receives the successful creation of the cloud resources of the cloud management platform, an authorization application is initiated;
after receiving the message that the cloud resource of the cloud management platform is successfully created, the cloud security operation platform queries network information of the cloud resource to obtain an elastic IP (Internet protocol) of the cloud resource and a cloud resource identifier associated with the cloud security product, and further queries a certificate management center according to the unique identifier of the cloud security product to obtain a communication mode and an authorization mode of the certificate management center;
the cloud security operation platform initiates an authorization application to a certificate management center, wherein the application carries cloud security product specification, cloud resource identification, an elastic IP and port information; the certificate management center generates a certificate according to the specification of the security product and the cloud resource identification, and automatically authorizes the cloud security product according to the elastic IP and the port information, so that automatic deployment and automatic authorization of the cloud security product are achieved.
It should be noted that although the operations of the method of the present invention have been described in the above embodiments and the accompanying drawings in a particular order, this does not require or imply that these operations must be performed in this particular order, or that all of the operations shown must be performed, to achieve the desired results. Additionally or alternatively, certain steps may be omitted, multiple steps combined into one step execution, and/or one step broken down into multiple step executions.
For a clearer explanation of the implementation method of the cloud security operation platform, a specific embodiment is described below, but it should be noted that the embodiment is only for better explaining the present invention, and is not to be construed as an undue limitation to the present invention.
The first embodiment is as follows:
in this embodiment, a public cloud accesses the cloud wall to provide security protection for tenants. The user can order the cloud wall through the cloud security operation platform. And the cloud wall is automatically deployed and authorized by the cloud security operation platform according to the order request of the user.
The method comprises the following concrete steps:
1. the cloud security operation platform creates a cloud security product and a specification of the cloud security product;
the cloud security operation platform creates a cloud security product, and the cloud security product has a unique identifier; associating the unique identification of the cloud security product with the specification of the cloud security product; each cloud security product can be set to various specifications according to the characteristics of the product. For example, in this embodiment, the cloud wall is used as a newly accessed cloud security product, and the security operation platform generates a cloud security product identifier for the cloud wall as a unique identifier of the cloud wall. Further, different cloud security product specifications are created according to the product characteristics of the cloud wall, such as the version type (basic version, advanced version), the main/standby mode, the expansion function (antivirus, URL filtering, and the like), and the like.
2. Establishing a mapping relation between a cloud security product, a certificate management center and cloud resources;
the cloud security product establishes a mapping relation with the certificate management center according to the unique cloud security product identifier, and the certificate management center can generate a certificate according to the cloud security product specification and the cloud resource identifier associated with the cloud security product and automatically authorize the cloud security product. And the cloud security operation platform manages the communication mode and the authorization mode of the certificate management center.
Establishing a mapping relation between different cloud security product specifications and cloud resources according to the cloud resources required by the cloud security product specifications; the cloud resources comprise CPU types, CPU numbers, internal memories, system disks, data disk sizes and bandwidths, elastic IP, mirror images and the like; a cloud security product specification may associate multiple cloud resources.
In this embodiment, in the cloud security operation platform, a mapping relationship between a cloud wall and a certificate management center is established. When the system has the certificate management center which can authorize the cloud wall, the new certificate management center is not needed, and only the mapping relation between the cloud wall and the existing certificate management center is needed to be established. The communication mode and the authorization mode of a certificate management center in the cloud security operation platform are managed, the communication mode comprises a communication address, a port, a message type and the like of the authorization center, and the authorization mode comprises a certificate generation mode and an automatic authorization mode.
Furthermore, a mapping relation between the cloud security product specification and the cloud resources is established, each cloud security product can have multiple specifications, each specification can be adapted to different cloud resources, and the cloud resource configuration information comprises a CPU type, a CPU number, an internal memory, a system disk, a data disk size and bandwidth, an elastic IP, a mirror image and the like.
3. Determining required cloud resource configuration information according to a cloud security product ordered by a user, and determining a corresponding cloud management platform according to position information of a protected cloud asset;
a user orders a cloud security product through a cloud security operation platform, determines the specification of the cloud security product according to service requirements, and determines network information of the cloud security product according to the network information of protected assets; the cloud security operation platform determines required cloud resource configuration information according to the cloud security product specification; the cloud security operation platform determines a cloud management platform corresponding to a cloud security product according to the position information of the protected cloud assets, wherein the position information can be a resource pool; the cloud security operation platform determines network information of cloud security products including VPC (virtual private cloud) information, subnet information, security groups and the like according to the network information of the protected cloud assets.
In this embodiment, the tenant orders the cloud wall through the cloud security operation platform, and selects the specification of the cloud wall as a basic version and a single-node deployment mode according to the self protection requirement. Further, according to the network information of the protected cloud assets, a deployment network of the cloud wall, namely a VPC and a subnet, a security group, an elastic IP and the like are selected.
Optionally, the cloud security operation platform determines the cloud management platform according to the deployment position of the cloud wall, that is, the resource pool information. Further, according to the cloud security product specification, the required cloud resource configuration information is determined. In this implementation, according to the product specification (single-machine version, basic version) of the cloud wall and the characteristics of the inner cover resource pool and the like, the required cloud resource configuration information, namely the 4vCPU, the 10G memory, the 40G system disk and the 100G data disk, is determined.
4. The cloud management platform creates cloud resources according to the cloud resource configuration information;
the cloud security operation platform informs the cloud management platform of cloud resource configuration information required by the cloud security product, and the cloud management platform creates cloud resources according to the informed cloud resource configuration information and allocates related network resources to the cloud resources according to network requirements of the cloud resources. In this embodiment, the cloud management platform loads a mirror image of a cloud wall for a cloud host carrying cloud wall services, and allocates network information such as an IP address and an elastic IP according to VPC and subnet information.
5. After the cloud security operation platform receives the successful creation of the cloud resources of the cloud management platform, an authorization application is initiated;
after receiving the message that the cloud resource of the cloud management platform is successfully created, the cloud security operation platform queries network information of the cloud resource to obtain an elastic IP (Internet protocol) and a cloud resource identifier of the cloud security product, and further queries a certificate management center according to the unique identifier of the cloud security product to obtain a communication mode and an authorization mode of the certificate management center. Optionally, the Identifier of the cloud resource may be a UUID (universal Unique Identifier) of the cloud host.
The cloud security operation platform initiates an authorization application to a certificate management center, wherein the application carries cloud security product specification, cloud resource identification, an elastic IP and port information; the certificate management center generates a certificate according to the specification of the security product and the cloud resource identification, and automatically authorizes the cloud security product according to the elastic IP and the port information, so that automatic deployment and automatic authorization of the cloud security product are achieved.
Based on the same invention concept, the invention also provides a device for realizing the cloud security operation platform. The implementation of the device can be referred to the implementation of the method, and repeated details are not repeated. The term "module," as used below, may be a combination of software and/or hardware that implements a predetermined function. Although the means described in the embodiments below are preferably implemented in software, an implementation in hardware, or a combination of software and hardware is also possible and contemplated.
Fig. 2 is a schematic structural diagram of an implementation apparatus of a cloud security operation platform according to an embodiment of the present invention. As shown in fig. 2, the apparatus includes:
the cloud security product management module 101 is used for managing cloud security products and establishing a mapping relation between cloud security product specifications and cloud resources;
the cloud security product has a plurality of specifications, and one specification can be associated with a plurality of cloud resources;
the cloud security product has a unique identifier;
the cloud security product is associated with the certificate management center through the unique identification.
And the cloud resource management module 102 is used for managing cloud resources.
The authorization center management module 103 is used for realizing interaction between the cloud security operation platform and the certificate management center and realizing automatic authorization of cloud security products;
the cloud security operation platform informs the certificate management center of the specification of the cloud security product and the elastic IP, the cloud resource identification and the port information of the cloud security product to be authorized;
and the certificate management center generates a certificate according to the cloud security product specification and the cloud resource identification, and automatically authorizes the cloud security product through the elastic IP and the port information.
The order management module 104 is used for realizing the ordering of the cloud security products by the user;
the cloud security operation platform determines required cloud resource configuration information according to cloud security products ordered by a user, and determines a corresponding cloud management platform according to position information of protected cloud assets;
and the cloud security operation platform initiates a deployment request of the cloud resources to the cloud management platform according to the determined cloud resource configuration information.
The cloud service management module 105 is used for realizing interaction between the cloud security operation platform and the cloud management platform;
the cloud management platform receives the deployment request of the cloud resources, creates the cloud resources according to the cloud resource configuration information, and allocates the network resources according to the network requirements.
It should be noted that although several modules of the cloud security operations platform implementing the apparatus are mentioned in the above detailed description, such division is merely exemplary and not mandatory. Indeed, the features and functionality of two or more of the modules described above may be embodied in one module according to embodiments of the invention. Conversely, the features and functions of one module described above may be further divided into embodiments by a plurality of modules.
Based on the aforementioned inventive concept, as shown in fig. 3, the present invention further provides a computer device 200, which includes a memory 210, a processor 220, and a computer program 230 stored on the memory 210 and operable on the processor 220, wherein the processor 220 implements the implementation method of the aforementioned cloud security operation platform when executing the computer program 230.
Based on the foregoing inventive concept, the present invention further provides a computer-readable storage medium storing a computer program for executing the implementation method of the cloud security operation platform.
According to the implementation method and device of the cloud security operation platform, the deployment efficiency of cloud security products is greatly improved through the mapping of the cloud security and authorization center and cloud resources.
While the spirit and principles of the invention have been described with reference to several particular embodiments, it is to be understood that the invention is not limited to the disclosed embodiments, nor is the division of aspects, which is for convenience only as the features in such aspects may not be combined to benefit. The invention is intended to cover various modifications and equivalent arrangements included within the spirit and scope of the appended claims.
The limitation of the protection scope of the present invention is understood by those skilled in the art, and various modifications or changes which can be made by those skilled in the art without inventive efforts based on the technical solution of the present invention are still within the protection scope of the present invention.

Claims (19)

1. A method for realizing a cloud security operation platform is characterized by comprising the following steps:
the cloud security operation platform determines required cloud resource configuration information according to cloud security products ordered by a user, and determines a corresponding cloud management platform according to position information of protected cloud assets;
the cloud management platform creates cloud resources according to the cloud resource configuration information;
and the certificate management center automatically authorizes the cloud security product according to the cloud security product specification and the cloud resource.
2. The method for implementing the cloud security operation platform according to claim 1, wherein the cloud security product has a unique identifier;
and the cloud security product is associated with the certificate management center through the unique identifier.
3. The method for implementing the cloud security operation platform according to claim 1, wherein the cloud security product has a plurality of specifications, and one specification can be associated with a plurality of cloud resources.
4. The method for implementing the cloud security operation platform according to claim 1, wherein the cloud security operation platform initiates a deployment request of cloud resources to the cloud management platform according to the determined cloud resource configuration information.
5. The method for implementing the cloud security operation platform according to claim 4, wherein the cloud management platform creates cloud resources according to the deployment request of the cloud resources, and allocates network resources according to network requirements of the cloud management platform.
6. The method for implementing the cloud security operation platform according to claim 1, wherein the cloud security operation platform notifies the certificate management center of the cloud security product specification and the flexible IP, the cloud resource identifier and the port information of the cloud security product to be authorized.
7. The method for implementing the cloud security operation platform according to claim 6, wherein the certificate management center generates a certificate according to a cloud security product specification and a cloud resource identifier, and automatically authorizes the cloud security product through an elastic IP and port information.
8. An implementation apparatus of a cloud security operation platform, the apparatus comprising:
the cloud security product management module is used for managing cloud security products and establishing a mapping relation between cloud security product specifications and cloud resources;
the cloud resource management module is used for managing cloud resources;
the authorization center management module is used for realizing interaction between the cloud security operation platform and the certificate management center and realizing automatic authorization of cloud security products;
the order management module is used for realizing the ordering of the cloud security products by the user;
and the cloud service management module is used for realizing the interaction between the cloud security operation platform and the cloud management platform.
9. The device for implementing the cloud security operation platform according to claim 8, wherein: the cloud security operation platform determines required cloud resource configuration information according to cloud security products ordered by users, and determines the corresponding cloud management platform according to the position information of the protected cloud assets.
10. The device for implementing the cloud security operation platform according to claim 8, wherein: and the cloud management platform creates cloud resources according to the cloud resource configuration information.
11. The device for implementing the cloud security operation platform according to claim 8, wherein: and the certificate management center automatically authorizes the cloud security product according to the cloud security product specification and the cloud resource.
12. The apparatus for implementing a cloud security operations platform of claim 8, wherein the cloud security product has a unique identifier;
and the cloud security product is associated with the certificate management center through the unique identifier.
13. The apparatus for implementing a cloud security operation platform according to claim 8, wherein the cloud security product has a plurality of specifications, and one specification can be associated with a plurality of cloud resources.
14. The apparatus for implementing a cloud security operation platform according to claim 8, wherein the cloud security operation platform initiates a deployment request of cloud resources to the cloud management platform according to the determined cloud resource configuration information.
15. The apparatus for implementing a cloud security operation platform according to claim 14, wherein the cloud management platform creates cloud resources according to a deployment request of the cloud resources, and allocates network resources according to network requirements of the cloud management platform.
16. The device for implementing the cloud security operation platform according to claim 9, wherein the cloud security operation platform notifies the certificate management center of the cloud security product specification and the flexible IP, the cloud resource identifier, and the port information of the cloud security product to be authorized.
17. The apparatus for implementing a cloud security operation platform according to claim 16, wherein the certificate management center generates a certificate according to a cloud security product specification and a cloud resource identifier, and automatically authorizes the cloud security product through an elastic IP and port information.
18. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the method of any of claims 1-7 when executing the computer program.
19. A computer-readable storage medium, characterized in that the computer-readable storage medium stores a computer program for performing the method of any one of claims 1-7.
CN202111181834.3A 2021-10-11 2021-10-11 Method and device for realizing cloud security operation platform Pending CN113918331A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111181834.3A CN113918331A (en) 2021-10-11 2021-10-11 Method and device for realizing cloud security operation platform

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111181834.3A CN113918331A (en) 2021-10-11 2021-10-11 Method and device for realizing cloud security operation platform

Publications (1)

Publication Number Publication Date
CN113918331A true CN113918331A (en) 2022-01-11

Family

ID=79239025

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111181834.3A Pending CN113918331A (en) 2021-10-11 2021-10-11 Method and device for realizing cloud security operation platform

Country Status (1)

Country Link
CN (1) CN113918331A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115514634A (en) * 2022-09-07 2022-12-23 上海浪潮云计算服务有限公司 Cloud center management method and device

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115514634A (en) * 2022-09-07 2022-12-23 上海浪潮云计算服务有限公司 Cloud center management method and device

Similar Documents

Publication Publication Date Title
CN108108223B (en) Kubernetes-based container management platform
CN108694117B (en) Method and device for managing test environment based on container technology
CA2978183C (en) Executing commands within virtual machine instances
CN107577516B (en) Virtual machine password resetting method, device and system
WO2019184164A1 (en) Method for automatically deploying kubernetes worker node, device, terminal apparatus, and readable storage medium
US9525592B2 (en) Client/server network environment setup method and system
WO2016015558A1 (en) Method and apparatus for applying for license
US10313424B2 (en) Cloud application processing method, cloud application deployment method, and related apparatus and system
RU2683630C2 (en) Method for update of nsd network service descriptor and device
US20210337035A1 (en) Highly available private cloud service
EP3905588A1 (en) Cloud platform deployment method and apparatus, server and storage medium
CN107026871B (en) Web vulnerability scanning method based on cloud computing
CN110138577B (en) Cluster creation method, first server and readable storage medium
CN111212134A (en) Request message processing method and device, edge computing system and electronic equipment
CN111061432B (en) Service migration method, device, equipment and readable storage medium
CN110266761B (en) Load balancing application creation method and device, computer equipment and storage medium
CN109542862B (en) Method, device and system for controlling mounting of file system
CN107294763A (en) Network equipment method and apparatus
CN103905232A (en) Virtual-machine management system and method
US20200236096A1 (en) Methods, devices, and computer program products for service security protection
CN110890987A (en) Method, device, equipment and system for automatically creating cluster
WO2015074391A1 (en) Method and apparatus for mounting peripheral components on multiple virtual machines
CN113918331A (en) Method and device for realizing cloud security operation platform
CN111858094B (en) Data copying and pasting method and system and electronic equipment
CN112035062A (en) Migration method of local storage of cloud computing, computer equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination