Disclosure of Invention
The invention provides a cloud service management method, an artificial intelligent platform and a computer readable storage medium for cloud computing and information security, and mainly aims to solve the problems that cloud service resources are unreasonably distributed and a large amount of manpower and material resources are consumed.
In order to achieve the above object, the present invention provides a cloud service management method for cloud computing and information security, including:
receiving a cloud service request sent by a user, and performing value evaluation on original data resources of the user according to the cloud service request to obtain asset value grades of the original data resources;
Selecting a target cloud server from a pre-constructed server cluster according to the asset value grade of the original data resource;
selecting a target service node in the target server by utilizing a pre-constructed performance calculation formula according to the asset value grade of the original data resource;
performing cloud computing on the original data resources by using the target service node to obtain target computing data resources, and performing cloud storage on the target computing data resources according to the asset value grade to obtain target storage data resources;
receiving an access request of a user to the target storage data resource, and performing identity verification on the user according to the request authority of the access request;
judging whether the identity verification is passed or not;
if the identity verification is not passed, rejecting the access request;
and if the identity verification is passed, allowing the user to access the target storage data resource, and completing the cloud service management.
Optionally, the evaluating the value of the original data resource of the user according to the cloud service request to obtain an asset value level of the original data resource includes:
Constructing a cloud data asset value evaluation table according to the credibility, confidentiality, integrity, availability and auditability dimension standard of the data resource;
extracting the credibility, confidentiality, integrity, availability and auditability of the original data resources according to the cloud service request;
and according to the cloud data asset value evaluation table, evaluating the value of the original data resource according to the credibility, confidentiality, integrity, availability and auditability of the original data resource, and obtaining the asset value grade of the original data resource.
Optionally, selecting a target cloud server from a pre-constructed server cluster according to the asset value level of the original data resource includes:
obtaining a physical defense level of each server in the server cluster;
and selecting a server with a corresponding physical defense level from the server cluster according to the asset value level of the original data resource to obtain the target cloud server.
Optionally, the selecting a target service node in the target server according to the asset value level of the original data resource by using a pre-constructed performance calculation formula includes:
Extracting a node performance index value of each service node in the target server according to a preset node performance index;
constructing a node performance matrix according to the node performance index value of each service node in the target server;
normalizing the node performance matrix by using a pre-constructed normalization formula to obtain a normalized performance matrix;
determining the weight of each service node performance index to the original data resource according to the cloud service request;
calculating the comprehensive performance value of each service node in the target server for the original data resource by using the weight, the normalized performance matrix and the performance calculation formula;
and selecting a target service node in the target server according to the comprehensive performance value of each service node in the target server for the original data resource by utilizing a pre-constructed performance selection formula.
Optionally, the normalization formula is as follows:
wherein P is i,j Representing normalized ith service sectionThe j-th performance index parameter of the point, Q i,j A j-th performance index parameter representing an unnormalized i-th service node,representing the minimum value of the j-th performance index,/- >The maximum value of the j-th performance index is represented.
Optionally, the performance selection formula is as follows:
R best =R i ,i=d
wherein R is best Representing the target service node, R i Representing the aggregate performance value of the ith service node and d representing the asset value level.
Optionally, the cloud storage of the target computing data resource according to the asset value level to obtain a target storage data resource includes:
selecting a target API management and interaction interface from the pre-constructed API management and interaction interfaces with different security levels according to the asset value level;
storing the target computing data resources into a pre-constructed database by using the target API management and interaction interface to obtain data resources to be encrypted;
selecting a target password protection standard according to the asset value grade, encrypting the data resources to be encrypted by using the target password protection standard, and carrying out remote backup on the encrypted data resources to be encrypted to obtain encrypted data resources;
and selecting a target image snapshot verification period according to the asset value grade, and performing regular image verification on the encrypted data resource according to the target image snapshot verification period to obtain the target storage data resource.
Optionally, the receiving the access request of the user to the target storage data resource, and performing identity verification on the user according to the request authority of the access request includes:
setting access control standards with different complexity degrees according to preset potential threat degrees;
determining the potential threat degree of the access request according to the request authority of the access request;
selecting a target access control standard from the access control standards with different complexity levels by utilizing the potential threat level of the access request;
and carrying out identity verification on the access request according to the target access control standard.
Optionally, after the user is allowed to access the target storage data resource if the identity verification passes, the method further includes:
generating an access log according to the access operation of the user;
judging whether the target storage data resource needs to be cleared or not;
if the target storage data resource needs to be cleared, clearing the target storage data resource;
and if the target storage data resource does not need to be cleared, continuing to regularly mirror and check the target storage data resource according to the target mirror snapshot check period, and completing the access request.
In order to solve the above problems, the present invention further provides a cloud service management artificial intelligence platform for cloud computing and information security, the artificial intelligence platform comprising:
the asset value grade evaluation module is used for receiving a cloud service request sent by a user, and evaluating the value of the original data resource of the user according to the cloud service request to obtain the asset value grade of the original data resource;
the target cloud server selection module is used for selecting a target cloud server from a pre-constructed server cluster according to the asset value grade of the original data resource;
the target service node selection module is used for selecting a target service node in the target server by utilizing a pre-constructed performance calculation formula according to the asset value grade of the original data resource;
the target storage data resource acquisition module is used for carrying out cloud computing on the original data resources by utilizing the target service node to obtain target computing data resources, and carrying out cloud storage on the target computing data resources according to the asset value grade to obtain target storage data resources;
the user identity verification module is used for receiving an access request of a user to the target storage data resource and verifying the identity of the user according to the request authority of the access request; judging whether the identity verification is passed or not; if the identity verification is not passed, rejecting the access request; and if the identity verification is passed, allowing the user to access the target storage data resource.
In order to solve the above-mentioned problems, the present invention also provides an electronic apparatus including:
at least one processor; the method comprises the steps of,
a memory communicatively coupled to the at least one processor; wherein,
the memory stores instructions executable by the at least one processor to implement the cloud service management method for cloud computing and information security.
In order to solve the above problems, the present invention further provides a computer readable storage medium, in which at least one instruction is stored, the at least one instruction being executed by a processor in an electronic device to implement the cloud service management method for cloud computing and information security.
Compared with the background art, the method comprises the following steps: according to the embodiment of the invention, the asset value grade of the original data resource of the user is obtained by carrying out value evaluation on the original data resource of the user, so that the aim of carrying out data protection by adopting different protection grades according to the asset value grade can be fulfilled, firstly, a target cloud server can be selected according to the asset value grade, then, an optimal target service node is selected in the cloud server, and then, the target service node which is most suitable for the asset value grade can be calculated through the performance calculation formula, and then, the original data resource is cloud calculated and cloud stored by utilizing the target service node to obtain the target storage data resource. Therefore, the cloud service management method, the artificial intelligent platform, the electronic equipment and the computer readable storage medium for cloud computing and information security can solve the problems that cloud service resources are unreasonably distributed and a large amount of manpower and material resources are consumed.
Detailed Description
It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the application.
The embodiment of the application provides a cloud service management method for cloud computing and information security. The execution main body of the cloud service management method facing the cloud computing and the information security comprises at least one of a server, a terminal and the like which can be configured to execute the method provided by the embodiment of the application. In other words, the cloud service management method facing the cloud computing and the information security may be performed by software or hardware installed in the terminal device or the server device. The service end includes but is not limited to: a single server, a server cluster, a cloud server or a cloud server cluster, and the like.
Example 1:
referring to fig. 1, a flow chart of a cloud service management method for cloud computing and information security according to an embodiment of the present invention is shown. In this embodiment, the cloud service management method facing to cloud computing and information security includes:
s1, receiving a cloud service request sent by a user, and performing value evaluation on original data resources of the user according to the cloud service request to obtain asset value grades of the original data resources.
The cloud service request can be interpreted to refer to cloud data processing requests such as cloud computing, cloud storage and the like initiated by enterprises or individuals. The original data resources refer to data resources, such as operation data and archive files inside an enterprise, which are required to be subjected to cloud processing by the enterprise or the individual. Data resources of different enterprises or individuals have different values, and thus, value evaluation of the data resources is required. The asset value grade refers to the value grade of the data resource obtained after the value evaluation of the data resource, and the more important the data resource is, the higher the asset value grade is.
In detail, referring to fig. 2, the evaluating the value of the original data resource of the user according to the cloud service request, to obtain the asset value level of the original data resource, includes:
S11, constructing a cloud data asset value evaluation table according to the dimension standards of credibility, confidentiality, integrity, availability and auditability of the data resources;
s12, extracting the credibility, confidentiality, integrity, availability and auditability of the original data resources according to the cloud service request;
and S13, performing value evaluation on the original data resources according to the credibility, confidentiality, integrity, availability and auditability of the original data resources according to the cloud data asset value evaluation table, and obtaining asset value grades of the original data resources.
Optionally, the cloud data asset value evaluation table may divide the asset value level of the data resource into 5 levels, where the 5 th level may be that the original data resource may be disclosed to the outside, and the integrity, the credibility and the auditability value are extremely low, and the availability is more than 99.9%; the 4 th level can be disclosed in a specific internal environment, the integrity, the credibility and the auditability value are low, the usability reaches 90 percent, and if the diffusion is carried out to the outside, the diffusion hazard is controllable; the 3 rd level can be general confidentiality, integrity, credibility and accessibility, the usability exceeds 70%, and if the information is diffused to the outside, the damage is locally controllable; the level 2 can be important confidentiality, integrity, credibility and high auditability value, the availability exceeds 25%, and serious harm is caused if the product is diffused to the outside; level 1 can be extremely important confidential, with extremely high values of integrity, trustworthiness, and auditability, availability below 25%, and catastrophic loss if disseminated to the outside world.
S2, selecting a target cloud server from the pre-constructed server cluster according to the asset value grade of the original data resource.
It is understood that different servers in the server cluster may be placed in different physical environments for operation protection.
In detail, referring to fig. 3, the selecting a target cloud server from a pre-constructed server cluster according to the asset value level of the original data resource includes:
s21, obtaining a physical defense level of each server in the server cluster;
s22, selecting servers with corresponding physical defense levels from the server clusters according to the asset value levels of the original data resources, and obtaining the target cloud server.
In detail, the physical defense level refers to a protection level of a protection server, for example: different physical defense levels are different for physical location, physical access control, theft and damage prevention, lightning strike prevention, fire prevention, water and moisture prevention, static electricity prevention, temperature and humidity control, power supply and electromagnetic protection degrees of the server. The physical access control refers to authentication and recording of personnel entering the server room and other environments where the server is located. Different physical defense levels require different manpower, material resources and financial resources, so that dynamic setting can be performed according to the asset value level of the original data resource.
S3, selecting a target service node in the target server by utilizing a pre-constructed performance calculation formula according to the asset value grade of the original data resource.
In detail, the performance calculation formula represents a formula for calculating the comprehensive performance of the selected target service node in the target server, as follows:
wherein R is i Represents the comprehensive performance value of the ith service node, n represents the node performance index number, m represents the number of service nodes and P i,j The j-th performance index parameter representing the i-th service node, W j The weight of the j-th performance parameter is represented.
The node performance index may be a CPU remaining utilization, a memory free amount (RAM), a bandwidth free amount (BW), etc. of the serving node. For different cloud service requests, the security services such as encryption, decryption, signature, authentication and the like of the cloud service have different emphasis, so that corresponding weight can be given to each performance index according to the category of the cloud service request, but the weight sum is 1. For example: when the cloud service requests a weight-bias calculation function, the importance of the residual utilization rate of the CPU is higher, so that the weight of the residual utilization rate of the CPU is higher; when the cloud service request is a storage function in a chip, the importance of the memory idle quantity is higher, so that the weight of the memory idle quantity is higher. The CPU residual utilization rate refers to the ratio of the remaining data processing capacity of the CPU to the total data processing capacity of the CPU.
In the embodiment of the present invention, the selecting, according to the asset value level of the original data resource, a target service node in the target server by using a pre-constructed performance calculation formula includes:
extracting a node performance index value of each service node in the target server according to a preset node performance index;
constructing a node performance matrix according to the node performance index value of each service node in the target server;
normalizing the node performance matrix by using a pre-constructed normalization formula to obtain a normalized performance matrix;
determining the weight of each service node performance index to the original data resource according to the cloud service request;
calculating the comprehensive performance value of each service node in the target server for the original data resource by using the weight, the normalized performance matrix and the performance calculation formula;
and selecting a target service node in the target server according to the comprehensive performance value of each service node in the target server for the original data resource by utilizing a pre-constructed performance selection formula.
It should be understood that the normalization refers to normalizing each column for the same performance index. Because the numerical expression of each node performance index has a large difference and has no unified measurement standard, the node performance index value of the service node needs to be normalized. Normalization refers to mapping the performance index value of different service nodes in the performance index of each node to [0,1 ] ]Interval. For example: when CPU residual utilization rate Q of first said service node 11 CPU remaining usage Q of 0.3, second said service node 21 CPU remainder for 0.2, third said service nodeResidual utilization rate Q 31 CPU remaining utilization Q of 0,4, fourth said service node 41 CPU remaining utilization Q of the fifth said service node of 0.8 51 1, the normalized CPU remaining utilization rate P of the first service node 11 CPU remaining usage P of 1/8, second said service node 21 CPU remaining usage P of 0, third said service node 31 CPU remaining usage P of 2/8, fourth said service node 41 CPU remaining usage P for 6/8, fifth said service node 51 1.
In an interpretable manner, different rows of the node performance matrix may represent performance metrics of different service nodes, and different columns may represent different performance metrics. When the number of service nodes is 5 and the performance index is 4, the node performance matrix is a matrix of 5 rows and 4 columns, for example: the node performance matrix may be as follows:
wherein Q is s Representing the node performance matrix, Q 11 A first performance index value, Q, representing a first service node nn An nth performance index value representing an nth service node.
In the embodiment of the present invention, the normalization formula is as follows:
wherein P is i,j The j-th performance index parameter of the i-th service node after normalization is represented, Q i,j A j-th performance index parameter representing an unnormalized i-th service node,representing the minimum value of the j-th performance index,/->The maximum value of the j-th performance index is represented.
It should be appreciated that the normalization performance matrix may be as follows:
wherein P is s Representing the normalized performance matrix, P 11 A first performance index value, P, representing a normalized first service node nn And the nth performance index value of the nth service node after normalization is represented.
In the embodiment of the present invention, the performance selection formula is as follows:
R best =R i ,i=d
wherein R is best Representing the target service node, R i Representing the aggregate performance value of the ith service node and d representing the asset value level. For example: and when the asset value grade is d=2, selecting a service node with a second comprehensive performance index row from the service nodes.
And S4, performing cloud computing on the original data resources by utilizing the target service node to obtain target computing data resources, and performing cloud storage on the target computing data resources according to the asset value grade to obtain target storage data resources.
In the embodiment of the present invention, cloud storage is performed on the target computing data resource according to the asset value level to obtain a target storage data resource, including:
selecting a target API management and interaction interface from the pre-constructed API management and interaction interfaces with different security levels according to the asset value level;
storing the target computing data resources into a pre-constructed database by using the target API management and interaction interface to obtain data resources to be encrypted;
selecting a target password protection standard according to the asset value grade, encrypting the data resources to be encrypted by using the target password protection standard, and carrying out remote backup on the encrypted data resources to be encrypted to obtain encrypted data resources;
and selecting a target image snapshot verification period according to the asset value grade, and performing regular image verification on the encrypted data resource according to the target image snapshot verification period to obtain the target storage data resource.
As can be explained, the API management and interaction interfaces of different security levels have different security protection capabilities, for example: monitoring capability for interface data traffic, etc.
It can be appreciated that the API management and interaction interfaces, the target password protection standard, and the data protection capability of the target image snapshot verification period of different security levels are different, and the consumed manpower and material resources will also be different, so that a suitable data protection level can be selected according to the asset value level.
It is understood that the target password protection criteria may be determined for password length, password replacement period, encryption mode, etc.
S5, receiving an access request of a user to the target storage data resource, and carrying out identity verification on the user according to the request authority of the access request.
In detail, the request authority of the access request can be different authorities such as acquiring administrator authorities, acquiring user authorities, unauthorized access, reading data and the like, and the different request authorities have different potential threat degrees. Wherein the potential threat level of acquiring administrator rights is greatest.
In the embodiment of the present invention, the receiving the access request of the user to the target storage data resource, and performing identity verification on the user according to the request authority of the access request includes:
setting access control standards with different complexity degrees according to preset potential threat degrees;
determining the potential threat degree of the access request according to the request authority of the access request;
selecting a target access control standard from the access control standards with different complexity levels by utilizing the potential threat level of the access request;
and carrying out identity verification on the access request according to the target access control standard.
It should be appreciated that the access control criteria may limit how tightly a user accesses the target storage data resource, such as: the complexity of the user password, whether the user's IP address needs to be determined, the details of the user's own profile needs to be provided, etc. Generally the greater the level of potential threat to the access request, the greater the level of stringency of the target access control criteria required.
S6, judging whether the identity verification is passed or not.
And if the identity verification is not passed, executing S7, and rejecting the access request.
In the embodiment of the invention, after the access request is refused, the real user of the target storage data resource, the cloud service provider and other personnel are automatically reminded, and the protection level is enhanced.
And if the identity verification is passed, executing S8, and allowing the user to access the target storage data resource to finish the cloud service management.
In the embodiment of the present invention, after the user is allowed to access the target storage data resource if the identity verification passes, the method further includes:
generating an access log according to the access operation of the user;
judging whether the target storage data resource needs to be cleared or not;
If the target storage data resource needs to be cleared, clearing the target storage data resource;
and if the target storage data resource does not need to be cleared, continuing to regularly mirror and check the target storage data resource according to the target mirror snapshot check period, and completing the access request.
Compared with the background art, the method comprises the following steps: according to the embodiment of the invention, the asset value grade of the original data resource of the user is obtained by carrying out value evaluation on the original data resource of the user, so that the aim of carrying out data protection by adopting different protection grades according to the asset value grade can be fulfilled, firstly, a target cloud server can be selected according to the asset value grade, then, an optimal target service node is selected in the cloud server, and then, the target service node which is most suitable for the asset value grade can be calculated through the performance calculation formula, and then, the original data resource is cloud calculated and cloud stored by utilizing the target service node to obtain the target storage data resource. Therefore, the cloud service management method, the artificial intelligent platform, the electronic equipment and the computer readable storage medium for cloud computing and information security can solve the problems that cloud service resources are unreasonably distributed and a large amount of manpower and material resources are consumed.
Example 2:
fig. 4 is a functional block diagram of an artificial intelligent platform for cloud service management for cloud computing and information security according to an embodiment of the present invention.
The cloud service management artificial intelligence platform 100 for cloud computing and information security can be installed in electronic equipment. Depending on the implementation function, the cloud service management artificial intelligence platform 100 facing to cloud computing and information security may include an asset value level evaluation module 101, a target cloud server selection module 102, a target service node selection module 103, a target storage data resource acquisition module 104, and a user identity verification module 105. The module of the invention, which may also be referred to as a unit, refers to a series of computer program segments, which are stored in the memory of the electronic device, capable of being executed by the processor of the electronic device and of performing a fixed function.
The asset value grade evaluation module 101 is configured to receive a cloud service request sent by a user, evaluate the value of an original data resource of the user according to the cloud service request, and obtain an asset value grade of the original data resource;
the target cloud server selection module 102 is configured to select a target cloud server from a pre-constructed server cluster according to the asset value level of the original data resource;
The target service node selection module 103 is configured to select a target service node in the target server according to the asset value level of the original data resource by using a pre-constructed performance calculation formula;
the target storage data resource obtaining module 104 is configured to perform cloud computing on the original data resource by using the target service node to obtain a target computing data resource, and perform cloud storage on the target computing data resource according to the asset value level to obtain a target storage data resource;
the user identity verification module 105 is configured to receive an access request of a user to the target storage data resource, and perform identity verification on the user according to a request authority of the access request; judging whether the identity verification is passed or not; if the identity verification is not passed, rejecting the access request; and if the identity verification is passed, allowing the user to access the target storage data resource.
In detail, the modules in the cloud service management artificial intelligent platform 100 for cloud computing and information security in the embodiment of the present invention use the same technical means as the cloud service management method for cloud computing and information security described in fig. 1, and can produce the same technical effects, which are not described herein.
Example 3:
fig. 5 is a schematic structural diagram of an electronic device for implementing a cloud service management method for cloud computing and information security according to an embodiment of the present invention.
The electronic device 1 may comprise a processor 10, a memory 11, a bus 12 and a communication interface 13, and may further comprise a computer program stored in the memory 11 and executable on the processor 10, such as a cloud service manager for cloud computing and information security.
The memory 11 includes at least one type of readable storage medium, including flash memory, a mobile hard disk, a multimedia card, a card memory (e.g., SD or DX memory, etc.), a magnetic memory, a magnetic disk, an optical disk, etc. The memory 11 may in some embodiments be an internal storage unit of the electronic device 1, such as a removable hard disk of the electronic device 1. The memory 11 may in other embodiments also be an external storage device of the electronic device 1, such as a plug-in mobile hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card) or the like, which are provided on the electronic device 1. Further, the memory 11 may also include both an internal storage unit and an external storage device of the electronic device 1. The memory 11 may be used not only for storing application software installed in the electronic device 1 and various types of data, such as codes of cloud service management programs for cloud computing and information security, but also for temporarily storing data that has been output or is to be output.
The processor 10 may be comprised of integrated circuits in some embodiments, for example, a single packaged integrated circuit, or may be comprised of multiple integrated circuits packaged with the same or different functions, including one or more central processing units (Central Processing unit, CPU), microprocessors, digital processing chips, graphics processors, combinations of various control chips, and the like. The processor 10 is a Control Unit (Control Unit) of the electronic device, connects respective components of the entire electronic device using various interfaces and lines, executes or executes programs or modules (e.g., cloud service management program for cloud computing and information security, etc.) stored in the memory 11, and invokes data stored in the memory 11 to perform various functions of the electronic device 1 and process the data.
The bus may be a peripheral component interconnect standard (peripheral component interconnect, PCI) bus or an extended industry standard architecture (extended industry standard architecture, EISA) bus, among others. The bus may be classified as an address bus, a data bus, a control bus, etc. The bus is arranged to enable a connection communication between the memory 11 and at least one processor 10 etc.
Fig. 5 shows only an electronic device with components, it being understood by a person skilled in the art that the structure shown in fig. 5 does not constitute a limitation of the electronic device 1, and may comprise fewer or more components than shown, or may combine certain components, or may be arranged in different components.
For example, although not shown, the electronic device 1 may further include a power source (such as a battery) for powering the respective components, and the power source may be logically connected to the at least one processor 10 through a power management artificial intelligence platform, so as to perform functions of charge management, discharge management, and power consumption management through the power management artificial intelligence platform. The power supply may also include one or more of any components, such as a direct current or alternating current power supply, a recharging artificial intelligence platform, a power failure detection circuit, a power converter or inverter, a power status indicator, and the like. The electronic device 1 may further include various sensors, bluetooth modules, wi-Fi modules, etc., which will not be described herein.
Further, the electronic device 1 may also comprise a network interface, optionally the network interface may comprise a wired interface and/or a wireless interface (e.g. WI-FI interface, bluetooth interface, etc.), typically used for establishing a communication connection between the electronic device 1 and other electronic devices.
The electronic device 1 may optionally further comprise a user interface, which may be a Display, an input unit, such as a Keyboard (Keyboard), or a standard wired interface, a wireless interface. Alternatively, in some embodiments, the display may be an LED display, a liquid crystal display, a touch-sensitive liquid crystal display, an OLED (Organic Light-Emitting Diode) touch, or the like. The display may also be referred to as a display screen or display unit, as appropriate, for displaying information processed in the electronic device 1 and for displaying a visual user interface.
It should be understood that the embodiments described are for illustrative purposes only and are not limited to this configuration in the scope of the patent application.
The cloud service management program for cloud computing and information security stored in the memory 11 of the electronic device 1 is a combination of a plurality of instructions, and when running in the processor 10, it can be implemented:
receiving a cloud service request sent by a user, and performing value evaluation on original data resources of the user according to the cloud service request to obtain asset value grades of the original data resources;
Selecting a target cloud server from a pre-constructed server cluster according to the asset value grade of the original data resource;
selecting a target service node in the target server by utilizing a pre-constructed performance calculation formula according to the asset value grade of the original data resource;
performing cloud computing on the original data resources by using the target service node to obtain target computing data resources, and performing cloud storage on the target computing data resources according to the asset value grade to obtain target storage data resources;
receiving an access request of a user to the target storage data resource, and performing identity verification on the user according to the request authority of the access request;
judging whether the identity verification is passed or not;
if the identity verification is not passed, rejecting the access request;
and if the identity verification is passed, allowing the user to access the target storage data resource, and completing the cloud service management.
Specifically, the specific implementation method of the above instruction by the processor 10 may refer to descriptions of related steps in the corresponding embodiments of fig. 1 to 4, which are not repeated herein.
Further, the modules/units integrated in the electronic device 1 may be stored in a computer readable storage medium if implemented in the form of software functional units and sold or used as separate products. The computer readable storage medium may be volatile or nonvolatile. For example, the computer readable medium may include: any entity or artificial intelligence platform, recording medium, USB flash disk, removable hard disk, magnetic disk, optical disk, computer Memory, read-Only Memory (ROM) capable of carrying the computer program code.
The present invention also provides a computer readable storage medium storing a computer program which, when executed by a processor of an electronic device, can implement:
receiving a cloud service request sent by a user, and performing value evaluation on original data resources of the user according to the cloud service request to obtain asset value grades of the original data resources;
selecting a target cloud server from a pre-constructed server cluster according to the asset value grade of the original data resource;
selecting a target service node in the target server by utilizing a pre-constructed performance calculation formula according to the asset value grade of the original data resource;
performing cloud computing on the original data resources by using the target service node to obtain target computing data resources, and performing cloud storage on the target computing data resources according to the asset value grade to obtain target storage data resources;
receiving an access request of a user to the target storage data resource, and performing identity verification on the user according to the request authority of the access request;
judging whether the identity verification is passed or not;
If the identity verification is not passed, rejecting the access request;
and if the identity verification is passed, allowing the user to access the target storage data resource, and completing the cloud service management.
In several embodiments provided by the present invention, it should be understood that the disclosed apparatus, artificial intelligence platform and method may be implemented in other ways. For example, the artificial intelligence platform embodiments described above are merely illustrative, e.g., the division of the modules is merely a logical functional division, and there may be additional divisions when actually implemented.
The modules described as separate components may or may not be physically separate, and components shown as modules may or may not be physical units, may be located in one place, or may be distributed over multiple network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional module in the embodiments of the present invention may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit. The integrated units can be realized in a form of hardware or a form of hardware and a form of software functional modules.
It will be evident to those skilled in the art that the invention is not limited to the details of the foregoing illustrative embodiments, and that the present invention may be embodied in other specific forms without departing from the spirit or essential characteristics thereof.
Finally, it should be noted that the above-mentioned embodiments are merely for illustrating the technical solution of the present invention and not for limiting the same, and although the present invention has been described in detail with reference to the preferred embodiments, it should be understood by those skilled in the art that modifications and equivalents may be made to the technical solution of the present invention without departing from the spirit and scope of the technical solution of the present invention.