CN117938551A - Network security management method and system based on cloud computing - Google Patents
Network security management method and system based on cloud computing Download PDFInfo
- Publication number
- CN117938551A CN117938551A CN202410331627.9A CN202410331627A CN117938551A CN 117938551 A CN117938551 A CN 117938551A CN 202410331627 A CN202410331627 A CN 202410331627A CN 117938551 A CN117938551 A CN 117938551A
- Authority
- CN
- China
- Prior art keywords
- access
- data
- bandwidth
- wireless
- output
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000007726 management method Methods 0.000 title claims abstract description 32
- 238000000034 method Methods 0.000 claims abstract description 49
- 230000008569 process Effects 0.000 claims abstract description 22
- 230000011218 segmentation Effects 0.000 claims description 13
- 238000004590 computer program Methods 0.000 claims description 12
- 230000008859 change Effects 0.000 claims description 9
- 238000012795 verification Methods 0.000 claims description 9
- 238000012550 audit Methods 0.000 claims description 6
- 230000000903 blocking effect Effects 0.000 claims description 6
- 238000012545 processing Methods 0.000 description 8
- 230000005540 biological transmission Effects 0.000 description 6
- 230000007246 mechanism Effects 0.000 description 6
- 230000006870 function Effects 0.000 description 4
- 238000006243 chemical reaction Methods 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 230000018109 developmental process Effects 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012544 monitoring process Methods 0.000 description 2
- 230000008439 repair process Effects 0.000 description 2
- 230000001360 synchronised effect Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000012217 deletion Methods 0.000 description 1
- 230000037430 deletion Effects 0.000 description 1
- 230000009977 dual effect Effects 0.000 description 1
- 230000008263 repair mechanism Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The invention relates to a network security management method and system based on cloud computing, which is characterized in that bandwidth geometric division is carried out on access data called by an access instruction character string, a plurality of geometric wireless output channels and access point data to be output by the channels are determined through the bandwidth geometric division, the access point data are respectively and correspondingly output by a first wireless unit and a plurality of second wireless units according to the wireless output channels, in the process of outputting the access data, the access instruction character string and the corresponding access data content are calibrated by adopting a hypertext marking method, if the content of the calibrated access data changes, warning voice audio is generated by depending on a hypertext mark, and the warning voice audio is sent to an alarm terminal; through the technical means of configuration supervision logic, template auditing, data access threshold judgment, bandwidth geometric division, hypertext marking method calibration and the like, effective management and safety early warning of access requests are realized.
Description
Technical Field
The invention relates to the technical field of cloud computing, in particular to a network security management method and system based on cloud computing.
Background
Cloud computing is an extension of the development of distributed computing, parallel computing and grid computing, resource sharing and on-demand service are one of the main features of cloud computing, and various business application systems can acquire required computing, storage and software resources from a shared resource pool according to actual requirements.
With the continuous development of cloud computing, various cloud computing modes including public cloud, private cloud, hybrid cloud and the like coexist, various cloud computing platforms form a large resource sharing and processing platform in the Internet together, and any cloud computing platform can bring immeasurable loss to enterprises no matter being attacked by network from inside or outside.
Cloud computing brings convenience to people, and meanwhile, various network attacks are increasingly frequent and serious due to the absolute opening and sharing of resources. How to implement network security active early warning in an open, dynamic and changeable cloud computing network environment has become one of security challenges faced by cloud computing-based business applications.
Disclosure of Invention
The invention mainly aims to provide a network security management method and system based on cloud computing, and aims to solve the problems that network security early warning is insufficient, reaction is slow and dynamic change is difficult to adapt to in the existing cloud computing environment. Through the technical means of configuration supervision logic, template auditing, data access threshold judgment, bandwidth geometric division, hypertext marking method calibration and the like, effective management and safety early warning of access requests are realized.
In order to achieve the above object, the present invention provides a network security management method based on cloud computing, comprising the following steps:
Bandwidth equal ratio division is carried out on the access data called by the obtained access instruction character string, a plurality of equal ratio wireless output channels and access point data to be output by the channels are determined through the bandwidth equal ratio division, the access point data is respectively and correspondingly output by a first wireless unit and a plurality of second wireless units according to the wireless output channels, and in the process of outputting the access data,
And calibrating the access instruction character string and the corresponding access data content by using a hypertext mark method, generating warning voice audio by depending on the hypertext mark if the content of the access data is calibrated to change, and transmitting the warning voice audio to an alarm terminal.
Further, before the step of bandwidth equal ratio dividing the access data called by the obtained access instruction character string, the method comprises the following steps:
Configuring supervision logic in all wireless unit coding logic;
after a single first wireless unit acquires an access request, performing template auditing through the supervision logic, and converting the access request with correct template auditing into a corresponding access instruction character string through a template;
And judging the data magnitude of the access instruction character string, judging whether the data magnitude is larger than a data access threshold preset in the first wireless unit, and if so, performing bandwidth equal ratio segmentation on access data called by the obtained access instruction character string.
Further, the step of performing template auditing by the supervision logic, wherein the step of converting the correct access request into the corresponding access instruction character string by the template comprises the following steps:
And identifying the access request based on preset supervision logic, and confirming the corresponding access instruction character string from an instruction template in the supervision logic through the feature code in the access request.
Further, the step of identifying the access request based on a preset policing logic includes:
and adopting a verification pool algorithm configured in the supervision logic to carry out consensus identification on the access request, judging whether the access request has a security risk factor, blocking access if yes, and carrying out the next step if no.
Further, bandwidth equal-ratio segmentation is performed on the access data called by the obtained access instruction character string, and a plurality of equal-ratio wireless output channels and access point data to be output of the channels are determined through the bandwidth equal-ratio segmentation, which comprises the following steps:
Identifying a bandwidth load preconfigured by the first wireless unit, and determining a data output bandwidth amount used for data output in the first wireless unit;
Performing equal-ratio splitting on the data output bandwidth quantity, and selecting a plurality of split sub-bandwidths for outputting access data, wherein the plurality of sub-bandwidths are preferably one sub-bandwidth;
Identifying the bandwidth quantity requirement of the access data, solving the number of sub-bandwidth parts of the full-output access data, determining a corresponding number of wireless output channels based on the number of sub-bandwidth parts, and dividing the access data based on the number of wireless channels to obtain a corresponding number of access point data;
generating a joint instruction to cause the first wireless unit to join a number of second wireless units based on the wireless output channel and the number of access points data by the joint instruction;
and respectively outputting the access point data by adopting the first wireless unit and the plurality of second wireless units.
Further, the step of calibrating the access instruction character string and the corresponding access data content by using the hypertext mark method comprises the following steps:
And carrying out template imprinting from access data specific content in the source code in an HTML form, marking the content corresponding to the access data in the source code, generating a data mask through the template imprinting, and repairing the source code and blocking the access instruction character string when the source code is modified when the data mask is output.
Further, if the content of the access data is calibrated to change, generating warning voice audio according to the hypertext mark, and sending the warning voice audio to the alarm terminal, wherein the method comprises the following steps:
When the source code of the content corresponding to the access data is tampered, generating warning voice audio corresponding to the tampered source code through a hypertext markup language;
and sending the warning voice audio to a preset warning terminal.
The invention also provides a network security management system based on cloud computing, which comprises:
a data output unit, configured to perform bandwidth equal ratio division on the access data called by the obtained access command string, determine a plurality of equal ratio wireless output channels and access point data to be output by the channels according to the bandwidth equal ratio division, output the access point data respectively corresponding to the wireless output channels by a first wireless unit and a plurality of second wireless units, and utilize the access point data in the process of outputting the access data,
And the safety management module adopts a hypertext mark method to mark the access instruction character string and the corresponding access data content, if the content of the access data is marked to change, the safety management module relies on the hypertext mark to generate warning voice frequency, and the warning voice frequency is sent to the alarm terminal.
The invention also provides a computer device, which comprises a memory and a processor, wherein the memory stores a computer program, and the processor realizes the steps of the network security management method based on cloud computing when executing the computer program.
The present invention also provides a computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements the steps of the cloud computing based network security management method described above.
The network security management method and system based on cloud computing provided by the invention have the following beneficial effects:
(1) The access data corresponding to the access instruction character string is subjected to data segmentation to obtain a plurality of access point data, and the access point data is respectively output through the first wireless unit and the plurality of second wireless units, so that the characteristic of distributed cloud computing is realized, and the data transmission efficiency is improved.
(2) In the process of outputting access data by a plurality of wireless units at the same time, the output access data is monitored in real time by using a hypertext mark method, and the safety performance of the data is improved by using a data mask.
(3) In the process of inputting the access request, the feature codes of the access request are verified by using a verification pool algorithm, handshake with the access request is realized by using a consensus mechanism of the verification pool algorithm, and the security of cloud computing is improved.
Drawings
FIG. 1 is a flow chart of a network security management method based on cloud computing according to an embodiment of the invention;
Fig. 2 is a block diagram schematically illustrating a structure of a computer device according to an embodiment of the present invention.
The achievement of the objects, functional features and advantages of the present invention will be further described with reference to the accompanying drawings, in conjunction with the embodiments.
Detailed Description
The present invention will be described in further detail with reference to the drawings and examples, in order to make the objects, technical solutions and advantages of the present invention more apparent. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the invention.
Referring to fig. 1, a flow chart of a network security management method based on cloud computing according to the present invention includes the following steps:
s1, configuring supervision logic in all wireless unit coding logic;
S2, after the single first wireless unit acquires the access request, the supervision logic performs template auditing, and the access request with correct template auditing is converted into a corresponding access instruction character string through the template;
s3, judging the data magnitude of the access instruction character string, judging whether the data magnitude is larger than a data access threshold preset in the first wireless unit, and if so, performing step S4; if not, the first wireless unit is utilized to carry out the data access process of the access instruction character string;
S4, bandwidth equal ratio division is carried out on the access data called by the obtained access instruction character string, a plurality of equal ratio wireless output channels and access point data to be output by the channels are determined through the bandwidth equal ratio division, the access point data is output by the first wireless unit and the plurality of second wireless units respectively corresponding to the wireless output channels, and in the process of outputting the access data,
S41, calibrating the access instruction character string and the corresponding access data content by using a hypertext mark method, generating warning voice audio by depending on the hypertext mark if the content of the access data is calibrated to be changed, and transmitting the warning voice audio to an alarm terminal.
In the present embodiment of the present invention, in the present embodiment,
Examples
Step S1: the policing logic is configured in all of the radio coding logic.
In all wireless units of a cloud computing platform, configuration supervision logic is required. Policing logic is a security mechanism for monitoring and managing access requests received by a wireless unit. By embedding these logic in the coding of the wireless units, it can be ensured that each wireless unit complies with the unified security policies and specifications when handling access requests. This configuration may be accomplished by setting corresponding parameters and rules in the management interface of the cloud computing platform. After configuration, each wireless unit will have the ability to authenticate and filter access requests.
Step S2: after the single first wireless unit acquires the access request, the supervision logic performs template verification, and the access request with correct template verification is converted into a corresponding access instruction character string through the template.
When one of the wireless units (referred to as the first wireless unit) in the cloud computing platform receives an access request, it triggers the policing logic to conduct a template audit. The process of template auditing is to compare the access request with a preset template to ensure that the format and content of the request meet the expected specifications. If the access request passes the template audit, the administrative logic will convert it to a corresponding access instruction string. This string is the basis for the subsequent processing and contains all the information needed to perform the access operation.
Step S3: and judging whether the data magnitude of the access instruction character string is larger than a data access threshold preset in the first wireless unit or not.
After the access instruction string is generated, the system needs to judge the data magnitude of the access data matched with the access instruction string. This is to determine whether bandwidth equal-ratio division processing is necessary. The system checks the size of the access command string and compares it with a data access threshold preset in the first wireless unit. If the data value exceeds the threshold value, the instruction character string is indicated to contain larger data quantity, and a special mode is needed to be adopted for transmission and processing. In this case, the system will perform step S4. Otherwise, if the data magnitude does not exceed the threshold, the system may directly use the first wireless unit to perform a data access procedure to access the command string.
Step S4: performing bandwidth equal ratio segmentation on access data called by the obtained access instruction character string;
When the data magnitude of the corresponding access data of the access instruction character string exceeds a threshold value, the system performs bandwidth equal-ratio division processing. This process involves dividing the access data into a plurality of small portions, each of equal size, and each of which can be transmitted over a separate wireless output channel. The implementation of bandwidth equal ratio splitting requires consideration of a number of factors including the bandwidth loading capability of the first wireless unit, the amount of bandwidth of the data output, and the specific size of the access data. Through a reasonable segmentation strategy, each wireless output channel can be ensured to effectively transmit a part of access data, so that the overall data transmission efficiency and flexibility are improved.
In the process of bandwidth equal-ratio segmentation, the system also needs to determine a plurality of equal-ratio wireless output channels and access point data to be output by each channel. This can be achieved by an equal split of the amount of bandwidth, ensuring that each channel gets equal bandwidth resources. Meanwhile, the system also needs to divide the access data according to the number of the wireless output channels to obtain the access data with the corresponding number. These sub-data are subsets of the original access data that are to be transmitted to different target locations, respectively.
Step S41: and calibrating the access instruction character string and the corresponding access data content by adopting a hypertext mark method.
And the system also needs to adopt a hypertext mark method to mark the access instruction character string and the corresponding access data content while carrying out bandwidth equal ratio segmentation. This calibration method can help the system track and monitor the flow and changes of data. By using a markup language such as HTML to perform template imprinting and marking on specific contents of access data in source codes, the integrity and consistency of the data can be ensured. If the content of the nominal access data changes (e.g., is tampered with or damaged) during transmission or processing, the system will immediately detect such changes and take appropriate security measures to cope with.
If a change in the content of the access data is detected, the system may rely on the hypertext markup to generate alert speech audio. This audio is an alarm signal that is used to inform an administrator or security team that a security event has occurred. The system can send warning voice audio to a preset warning terminal (such as a mobile phone, a computer and the like) so that related personnel can know and process the event in time. The real-time safety monitoring and early warning mechanism can greatly improve the safety and reliability of the cloud computing platform.
In one embodiment, the step of performing, by the supervision logic, a template audit, the template audit being performed on the correct access request converted to a corresponding access instruction string by the template, includes:
And identifying the access request based on preset supervision logic, and confirming the corresponding access instruction character string from an instruction template in the supervision logic through the feature code in the access request.
And an instruction template is arranged in the supervision logic, and after the instruction template acquires the handshake access request, the access request is matched with related instructions in the instruction template to obtain an access instruction character string.
And further, the step of identifying the access request based on preset policing logic, comprising:
and adopting a verification pool algorithm configured in the supervision logic to carry out consensus identification on the access request, judging whether the access request has a security risk factor, blocking access if yes, and carrying out the next step if no.
In the supervision logic, a verification pool algorithm is configured, the common recognition of the verification pool algorithm is fastpaxos algorithm and leader source code election technology, and first, the first wireless unit is determined to be a first node.
And in the specific implementation process:
Creating a thread of a sending queue and a receiving queue, wherein the sending queue is data content which needs to output data from inside to outside in an access request, and the receiving queue is data content which is input from outside to inside in the access request; and queuing the corresponding requests on the sending queue and/or the receiving queue;
the corresponding content information of the sending queue and the receiving queue are respectively loaded in a preset updateproposal function, the updateproposal function is used for verifying whether information variables exist in the sending queue and the receiving queue, the updateproposal function is associated with an instruction template, it can be understood that the conversion of the access instruction character string is to disassemble the access request logic completely to inquire the instruction in the instruction template, and the updateproposal function is utilized to carry out full disc check on the access request. Reference may be made to the literature "fast paxos algorithm and Zookeeper leader election source code analysis-ramine", "oracle for addition and deletion of xmlType data nodes".
In one embodiment, bandwidth equal ratio division is performed on access data called by the obtained access instruction character string, and the step of determining a plurality of equal ratio wireless output channels and access sub data to be output by the channels through the bandwidth equal ratio division includes:
Identifying a bandwidth load preconfigured by the first wireless unit, and determining a data output bandwidth amount used for data output in the first wireless unit;
Performing equal-ratio splitting on the data output bandwidth quantity, and selecting a plurality of split sub-bandwidths for outputting access data, wherein the plurality of sub-bandwidths are preferably one sub-bandwidth;
Identifying the bandwidth quantity requirement of the access data, solving the number of sub-bandwidth parts of the full-output access data, determining a corresponding number of wireless output channels based on the number of sub-bandwidth parts, and dividing the access data based on the number of wireless channels to obtain a corresponding number of access point data;
generating a joint instruction to cause the first wireless unit to join a number of second wireless units based on the wireless output channel and the number of access points data by the joint instruction;
and respectively outputting the access point data by adopting the first wireless unit and the plurality of second wireless units.
In particular, the method comprises the steps of,
In one embodiment, when handling large amounts of access data, the system requires bandwidth-equal division of the access data invoked by the resulting access instruction string. This process involves a number of steps to ensure that data can be efficiently transmitted over the wireless output channel.
First, the system needs to identify the bandwidth load that the first wireless unit is preconfigured with. This refers to the maximum amount of data a wireless unit can process in a particular time. By knowing this parameter, the system can determine the amount of data output bandwidth in the first wireless unit for data output. This amount of bandwidth will be the basis for subsequent segmentation and transmission.
Next, the system needs to perform an equal-ratio split on the identified data output bandwidth amount. This means that the total bandwidth amount is divided into several sub-bandwidths, each having the same bandwidth amount. The system can select how many split sub-bandwidths to use to output the access data according to the need. In this embodiment, it is preferable to use one sub-bandwidth, but if the amount of data is larger, more sub-bandwidths may need to be used.
The system then needs to identify the bandwidth amount requirements for accessing the data. This refers to the amount of bandwidth required to fully transfer the access data. By comparing the bandwidth requirements of the access data with the bandwidth per sub-bandwidth, the system can calculate how much sub-bandwidth is needed to fully output the access data. This number of sub-bandwidth copies will determine how many wireless output channels are needed.
Based on the calculated number of sub-bandwidth copies, the system may determine a corresponding number of wireless output channels. Each channel will be responsible for transmitting a portion of the access data. To achieve this, the system needs to perform segmentation processing on the original access data to obtain access point data equal to the number of wireless output channels. Each access point data is part of the original data that will be transmitted over a different wireless output channel.
Finally, the system needs to generate a join instruction. This instruction will contain information about the wireless output channel and the number of access point data. By sending a joint instruction to the first wireless unit and the plurality of second wireless units, the system can coordinate the units to work together to complete the task of transmitting the access data.
After receiving the joint instruction, the first wireless unit and the plurality of second wireless units respectively output the respective access point data. This means that each wireless unit will use its allocated bandwidth resources to transmit a portion of the access data. In this way, the system can achieve efficient transmission and processing of large amounts of data while ensuring the security and integrity of the data.
In one embodiment, the step of calibrating the access instruction string and its corresponding access data content using hypertext markup includes:
And carrying out template imprinting from access data specific content in the source code in an HTML form, marking the content corresponding to the access data in the source code, generating a data mask through the template imprinting, and repairing the source code and blocking the access instruction character string when the source code is modified when the data mask is output.
In particular, the method comprises the steps of,
In one embodiment, to ensure the security and traceability of the access instruction string and its corresponding access data content, the system employs hypertext markup (commonly referred to as HTML, hyperText Markup Language) for calibration. This process includes several key steps:
And (3) engraving a template:
the system will first extract the specific content of the access data from the source code.
The system will then make template impressions of these access data in the form of HTML. Template imprinting can be understood as adding HTML tags around the data to mark the content of the source code corresponding to the accessed data. These HTML tags are just like "frames" of data, so that the data has a well-defined structure and location in the source code.
Generating a data mask:
After imprinting by the template, the system generates a data mask. A data mask is a mechanism that allows marked data (i.e., access data) to be normally output when the source code is output. In other words, the data mask is just like a "filter" that ensures that only data marked as being outputtable will be seen by the user or an external system.
Source code repair and security mechanism:
If there is a condition to modify the source code (e.g., unauthorized modification or malicious tampering), the system may trigger a repair mechanism. This mechanism automatically detects the integrity of the source code and repairs any modifications that are not expected or that may pose a security risk.
Meanwhile, as a security measure, when the source code is detected to be modified, the system blocks execution of the corresponding access instruction character string. This is to prevent potentially malicious code or unauthorized instructions from being executed, thereby protecting the security of the system and the integrity of the data.
The invention provides a network security management system based on cloud computing, which comprises:
a data output unit, configured to perform bandwidth equal ratio division on the access data called by the obtained access command string, determine a plurality of equal ratio wireless output channels and access point data to be output by the channels according to the bandwidth equal ratio division, output the access point data respectively corresponding to the wireless output channels by a first wireless unit and a plurality of second wireless units, and utilize the access point data in the process of outputting the access data,
And the safety management module adopts a hypertext mark method to mark the access instruction character string and the corresponding access data content, if the content of the access data is marked to change, the safety management module relies on the hypertext mark to generate warning voice frequency, and the warning voice frequency is sent to the alarm terminal.
Referring to fig. 2, in an embodiment of the present invention, there is further provided a computer device, which may be a server, and an internal structure thereof may be as shown in fig. 2. The computer device includes a processor, a memory, a display screen, an input device, a network interface, and a database connected by a system bus. Wherein the computer is configured to provide computing and control capabilities. The memory of the computer device includes a non-volatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, computer programs, and a database. The internal memory provides an environment for the operation of the operating system and computer programs in the non-volatile storage media. The database of the computer device is used to store the corresponding data in this embodiment. The network interface of the computer device is used for communicating with an external terminal through a network connection. Which computer program, when being executed by a processor, carries out the above-mentioned method.
It will be appreciated by those skilled in the art that the architecture shown in fig. 2 is merely a block diagram of a portion of the architecture in connection with the present inventive arrangements and is not intended to limit the computer devices to which the present inventive arrangements are applicable.
An embodiment of the present invention also provides a computer-readable storage medium having stored thereon a computer program which, when executed by a processor, implements the above method. It is understood that the computer readable storage medium in this embodiment may be a volatile readable storage medium or a nonvolatile readable storage medium.
Those skilled in the art will appreciate that implementing all or part of the above described methods may be accomplished by way of a computer program stored on a non-transitory computer readable storage medium, which when executed, may comprise the steps of the embodiments of the methods described above. Any reference to memory, storage, database, or other medium provided by the present invention and used in embodiments may include non-volatile and/or volatile memory. The nonvolatile memory can include Read Only Memory (ROM), programmable ROM (PROM), electrically Programmable ROM (EPROM), electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), dual speed data rate SDRAM (SSRSDRAM), enhanced SDRAM (ESDRAM), synchronous link (SYNCHLINK) DRAM (SLDRAM), memory bus (Rambus) direct RAM (RDRAM), direct memory bus dynamic RAM (DRDRAM), and memory bus dynamic RAM.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, apparatus, article, or method that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, apparatus, article, or method. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, apparatus, article, or method that comprises the element.
The foregoing description is only of the preferred embodiments of the present invention and is not intended to limit the scope of the invention, and all equivalent structures or equivalent processes using the descriptions and drawings of the present invention or direct or indirect application in other related technical fields are included in the scope of the present invention.
Claims (10)
1. The network security management method based on cloud computing is characterized by comprising the following steps of:
Bandwidth equal ratio division is carried out on the access data called by the obtained access instruction character string, a plurality of equal ratio wireless output channels and access point data to be output by the channels are determined through the bandwidth equal ratio division, the access point data is respectively and correspondingly output by a first wireless unit and a plurality of second wireless units according to the wireless output channels, and in the process of outputting the access data,
And calibrating the access instruction character string and the corresponding access data content by using a hypertext mark method, generating warning voice audio by depending on the hypertext mark if the content of the access data is calibrated to change, and transmitting the warning voice audio to an alarm terminal.
2. The cloud computing-based network security management method according to claim 1, wherein before the step of bandwidth-equal dividing the access data called by the obtained access instruction character string, comprising:
Configuring supervision logic in all wireless unit coding logic;
after a single first wireless unit acquires an access request, performing template auditing through the supervision logic, and converting the access request with correct template auditing into a corresponding access instruction character string through a template;
And judging the data magnitude of the access instruction character string, judging whether the data magnitude is larger than a data access threshold preset in the first wireless unit, and if so, performing bandwidth equal ratio segmentation on access data called by the obtained access instruction character string.
3. The cloud computing-based network security management method of claim 2, wherein the step of performing, by the supervisory logic, a template audit, the template audit correct access request being converted to a corresponding access instruction string by the template, comprises:
And identifying the access request based on preset supervision logic, and confirming the corresponding access instruction character string from an instruction template in the supervision logic through the feature code in the access request.
4. The cloud computing-based network security management method of claim 3, wherein the step of identifying the access request based on preset policing logic comprises:
and adopting a verification pool algorithm configured in the supervision logic to carry out consensus identification on the access request, judging whether the access request has a security risk factor, blocking access if yes, and carrying out the next step if no.
5. The network security management method based on cloud computing as claimed in claim 1, wherein the step of performing bandwidth equal-ratio segmentation on the access data called by the obtained access command character string, and determining a plurality of equal-ratio wireless output channels and access point data to be output by the channels through the bandwidth equal-ratio segmentation includes:
Identifying a bandwidth load preconfigured by the first wireless unit, and determining a data output bandwidth amount used for data output in the first wireless unit;
Performing equal-ratio splitting on the data output bandwidth quantity, and selecting a plurality of split sub-bandwidths for outputting access data, wherein the plurality of sub-bandwidths are preferably one sub-bandwidth;
Identifying the bandwidth quantity requirement of the access data, solving the number of sub-bandwidth parts of the full-output access data, determining a corresponding number of wireless output channels based on the number of sub-bandwidth parts, and dividing the access data based on the number of wireless channels to obtain a corresponding number of access point data;
generating a joint instruction to cause the first wireless unit to join a number of second wireless units based on the wireless output channel and the number of access points data by the joint instruction;
and respectively outputting the access point data by adopting the first wireless unit and the plurality of second wireless units.
6. The cloud computing-based network security management method of claim 1, wherein the step of calibrating the access instruction character string and the corresponding access data content by using a hypertext markup method comprises the steps of:
And carrying out template imprinting from access data specific content in the source code in an HTML form, marking the content corresponding to the access data in the source code, generating a data mask through the template imprinting, and repairing the source code and blocking the access instruction character string when the source code is modified when the data mask is output.
7. The cloud computing-based network security management method of claim 6, wherein if the content of the access data is calibrated to change, generating alert voice audio depending on hypertext markup, and transmitting the alert voice audio to an alert terminal, comprising:
When the source code of the content corresponding to the access data is tampered, generating warning voice audio corresponding to the tampered source code through a hypertext markup language;
and sending the warning voice audio to a preset warning terminal.
8. A cloud computing-based network security management system, comprising:
a data output unit, configured to perform bandwidth equal ratio division on the access data called by the obtained access command string, determine a plurality of equal ratio wireless output channels and access point data to be output by the channels according to the bandwidth equal ratio division, output the access point data respectively corresponding to the wireless output channels by a first wireless unit and a plurality of second wireless units, and utilize the access point data in the process of outputting the access data,
And the safety management module adopts a hypertext mark method to mark the access instruction character string and the corresponding access data content, if the content of the access data is marked to change, the safety management module relies on the hypertext mark to generate warning voice frequency, and the warning voice frequency is sent to the alarm terminal.
9. A computer device comprising a memory and a processor, the memory having stored therein a computer program, characterized in that the processor, when executing the computer program, implements the steps of the cloud computing based network security management method of any of claims 1 to 7.
10. A computer readable storage medium having stored thereon a computer program, characterized in that the computer program when executed by a processor implements the steps of the cloud computing based network security management method of any of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410331627.9A CN117938551B (en) | 2024-03-22 | Network security management method and system based on cloud computing |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410331627.9A CN117938551B (en) | 2024-03-22 | Network security management method and system based on cloud computing |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN117938551A true CN117938551A (en) | 2024-04-26 |
| CN117938551B CN117938551B (en) | 2024-06-28 |
Family
ID=
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1650927A2 (en) * | 2004-10-25 | 2006-04-26 | AT&T Corp. | Broadcast video monitoring and alerting system |
| US20090144424A1 (en) * | 2007-12-04 | 2009-06-04 | Sony Computer Entertainment Inc. | Network bandwidth detection and distribution |
| CN105393239A (en) * | 2013-09-05 | 2016-03-09 | 谷歌公司 | Isolating clients of distributed storage systems |
| CN113194104A (en) * | 2021-06-30 | 2021-07-30 | 南京敏宇数行信息技术有限公司 | Secure remote access system, method, computer equipment and storage medium |
| CN115242488A (en) * | 2022-07-20 | 2022-10-25 | 广东瑞普科技股份有限公司 | Domestic network security operation and maintenance system and method |
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1650927A2 (en) * | 2004-10-25 | 2006-04-26 | AT&T Corp. | Broadcast video monitoring and alerting system |
| US20090144424A1 (en) * | 2007-12-04 | 2009-06-04 | Sony Computer Entertainment Inc. | Network bandwidth detection and distribution |
| CN105393239A (en) * | 2013-09-05 | 2016-03-09 | 谷歌公司 | Isolating clients of distributed storage systems |
| CN113194104A (en) * | 2021-06-30 | 2021-07-30 | 南京敏宇数行信息技术有限公司 | Secure remote access system, method, computer equipment and storage medium |
| CN115242488A (en) * | 2022-07-20 | 2022-10-25 | 广东瑞普科技股份有限公司 | Domestic network security operation and maintenance system and method |
Non-Patent Citations (2)
| Title |
|---|
| MATTIA MAZZOCCHIO: "Design and Implementation of an immersive, cooperative Net Art installation using Web Csound", 《2023 4TH INTERNATIONAL SYMPOSIUM ON THE INTERNET OF SOUNDS》, 4 December 2023 (2023-12-04) * |
| 费阳: "基于互联网的急性胰腺炎多学科诊疗平台(APnet)的构建及应用", 《中国博士学位论文全文数据库 医药卫生科技辑》, no. 1, 15 January 2020 (2020-01-15), pages 064 - 34 * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20230101053A1 (en) | Computing systems for heterogeneous regulatory control compliance monitoring and auditing | |
| CN102082659B (en) | Vulnerability scanning system oriented to safety assessment and processing method thereof | |
| KR101883400B1 (en) | detecting methods and systems of security vulnerability using agentless | |
| CN113098846A (en) | Industrial control flow monitoring method, equipment, storage medium and device | |
| CN110597541B (en) | Interface updating processing method, device, equipment and storage medium based on block chain | |
| CN113326081A (en) | Static resource processing method and device, computer equipment and storage medium | |
| CN110866265A (en) | Data storage method, device and storage medium based on block chain | |
| CN109684863B (en) | Data leakage prevention method, device, equipment and storage medium | |
| WO2021174870A1 (en) | Network security risk inspection method and system, computer device, and storage medium | |
| CN103500202A (en) | Security protection method and system for light-weight database | |
| US20170270602A1 (en) | Object manager | |
| CN110825776B (en) | Air quality detection report processing method and device, computing equipment and storage medium | |
| CN111124591B (en) | Mirror image transmission method and device, electronic equipment and storage medium | |
| CN109450933B (en) | Network system for nuclear power plant emergency network | |
| CN117938551B (en) | Network security management method and system based on cloud computing | |
| CN112650659B (en) | Buried point setting method and device, computer equipment and storage medium | |
| CN117938551A (en) | Network security management method and system based on cloud computing | |
| CN111245913A (en) | Message sending method and device based on gateway, computer equipment and storage medium | |
| CN113676446B (en) | Communication network safety error-proof control method, system, electronic equipment and medium | |
| CN113868628A (en) | Signature verification method and device, computer equipment and storage medium | |
| CN113360575A (en) | Method, device, equipment and storage medium for supervising transaction data in alliance chain | |
| CN116866091B (en) | Firewall protection system, method, electronic equipment and storage medium | |
| Snyder et al. | The realities of testing meter firmware upgradeability | |
| CN115426481B (en) | 5G and artificial intelligence based gridding big data city monitoring method and system | |
| CN115860696B (en) | Electronic job ticket management method and system based on block chain |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant |