WO2011050703A1 - Système et procédé de traitement en nuage, et dispositif agent d'informatique en nuage - Google Patents

Système et procédé de traitement en nuage, et dispositif agent d'informatique en nuage Download PDF

Info

Publication number
WO2011050703A1
WO2011050703A1 PCT/CN2010/078050 CN2010078050W WO2011050703A1 WO 2011050703 A1 WO2011050703 A1 WO 2011050703A1 CN 2010078050 W CN2010078050 W CN 2010078050W WO 2011050703 A1 WO2011050703 A1 WO 2011050703A1
Authority
WO
WIPO (PCT)
Prior art keywords
cloud
cloud computing
server
application
request message
Prior art date
Application number
PCT/CN2010/078050
Other languages
English (en)
Chinese (zh)
Inventor
苏红宏
张礼权
Original Assignee
华为终端有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Family has litigation
First worldwide family litigation filed litigation Critical https://patents.darts-ip.com/?family=43921326&utm_source=google_patent&utm_medium=platform_link&utm_campaign=public_patent_search&patent=WO2011050703(A1) "Global patent litigation dataset” by Darts-ip is licensed under a Creative Commons Attribution 4.0 International License.
Application filed by 华为终端有限公司 filed Critical 华为终端有限公司
Publication of WO2011050703A1 publication Critical patent/WO2011050703A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/54Interprogram communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network

Definitions

  • Cloud processing system Cloud processing method and cloud computing agent device
  • the embodiments of the present invention relate to the field of computer technologies, and in particular, to a cloud processing system, a cloud processing method, and a cloud computing proxy device. Background technique
  • Cloud computing (C l oud Compu t ng) is an emerging business computing model. It distributes computing tasks across resource pools of large numbers of computers, enabling applications to acquire computing power, storage space, and various software services as needed.
  • Cloud is a virtual computing resource that can be self-maintained and managed, usually a large server cluster, including computing servers, storage servers, broadband resources, and so on. Cloud computing centralizes all computing resources and is automatically managed by software without human intervention. This eliminates the need for application providers to worry about cumbersome details and to focus more on their own business, helping to innovate and reduce costs.
  • the basic principle of cloud computing is that enterprise data centers will operate more like the Internet by distributing the computation across a large number of distributed computers rather than local or remote servers. This allows companies to switch resources to the applications they need and access computers and storage systems as needed. This is like a shift from the old single generator mode to the centralized power supply mode of the power plant. It means that computing power can also be circulated as a commodity, just like gas and water, it is easy to use and low cost. The biggest difference is that it is transmitted over the Internet. With cloud computing technology, you only need one laptop or one mobile phone, you can use network services. Achieve everything we need, even tasks like supercomputing. From this perspective, the end user device is the true owner of cloud computing. The application of cloud computing involves the idea of uniting forces and using them for each of them. In the most fundamental sense, cloud computing is the ability to leverage software and data on the Internet. The above cloud computing is a generalized concept, including the concept of storage and computing.
  • the embodiments of the present invention provide a cloud processing system, a cloud processing method, and a cloud computing proxy device, and a cloud storage proxy device and a client, which can improve the security of the cloud computing.
  • the embodiment of the present invention provides a cloud processing system, including a client and a cloud server, and a cloud proxy device, where the cloud proxy device is connected to the client and the cloud server, and the cloud proxy device is configured to receive the cloud sent by the client.
  • the request message is processed, and the cloud server is provided to the client instead of the cloud server.
  • the embodiment of the invention further provides a cloud processing method, including:
  • a cloud processing request message for requesting the cloud server to provide the cloud service, where the cloud processing request message includes a cloud computing request message or a cloud storage request message;
  • the cloud service is provided to the client according to the cloud processing request message instead of the cloud server.
  • the embodiment of the invention further provides another cloud processing method, including:
  • the cloud processing request message is sent to the cloud proxy device according to the preset cloud proxy device address.
  • the embodiment of the invention further provides a cloud computing proxy device, comprising:
  • a first receiving module configured to receive a cloud computing request message sent by the client, where the cloud computing request message includes the requested cloud computing application information
  • An application obtaining module configured to obtain, according to the cloud computing request message, a cloud computing server Using or calling a stored application obtained from a cloud computing server;
  • a calculation processing module configured to perform cloud computing processing according to the application acquired by the application obtaining module or the stored application.
  • the embodiment of the invention further provides a cloud storage proxy device, comprising:
  • a second receiving module configured to receive a storage clearing message that is sent by the client, including pre-stored data information
  • a storage module configured to store the data information
  • the second sending module is configured to send the stored data information to the cloud storage server for storage when the upload condition is met.
  • the embodiment of the invention further provides a client, including:
  • a determining module configured to determine that the request input by the user is a cloud processing request
  • a third sending module configured to send a cloud processing request message to the cloud proxy device according to the preset cloud proxy device address.
  • a cloud processing system, a cloud processing method, and a cloud computing proxy device according to an embodiment of the present invention, and a cloud storage processing device, the cloud proxy device capable of receiving a cloud of a client by setting a cloud proxy device between the client and the cloud server Processing the request message, and performing cloud computing or cloud storage processing according to the cloud processing request message, and setting up the cloud proxy device between the client and the cloud server instead of directly using the public cloud server, thereby improving information in the cloud computing process safety.
  • FIG. 1 is a schematic structural diagram of an embodiment of a cloud processing system according to the present invention.
  • Embodiment 1 is a schematic flowchart of Embodiment 1 of a cloud processing method according to the present invention
  • 3 is a schematic flowchart of Embodiment 2 of a cloud processing method according to the present invention
  • Embodiment 4 is a schematic flowchart of Embodiment 3 of a cloud processing method according to the present invention.
  • FIG. 5 is a schematic flowchart diagram of Embodiment 4 of a cloud processing method according to the present invention.
  • FIG. 6 is a schematic structural diagram of an embodiment of a cloud computing proxy device according to the present invention.
  • FIG. 7 is a schematic structural diagram of an embodiment of a cloud storage proxy device according to the present invention.
  • FIG. 8 is a schematic structural diagram of a client embodiment of the present invention.
  • FIG. 9 is a system architecture diagram of a cloud computing system according to an embodiment of the present invention.
  • FIG. 10 is a schematic flowchart diagram of a cloud computing method according to an embodiment of the present invention.
  • FIG. 1 is a schematic flowchart of an authentication process in a specific embodiment of the present invention.
  • FIG. 12 is a schematic flowchart diagram of a cloud storage method according to an embodiment of the present invention.
  • FIG. 13 is a schematic structural diagram of a cloud proxy device according to an embodiment of the present invention. detailed description
  • FIG. 1 is a schematic structural diagram of an embodiment of a cloud processing system according to the present invention.
  • the client 1 includes a cloud server 2 and a cloud proxy device 3, wherein the cloud proxy device 3 is connected to the client. 1 and the cloud server 2, the cloud proxy device 3 is configured to receive a cloud processing request message sent by the client 1, and provide a cloud service for the client instead of the cloud server.
  • the cloud processing request message includes a cloud computing request message or a cloud storage request message.
  • the cloud proxy device 3 is further configured to perform cloud computing or cloud storage processing according to the cloud processing request message.
  • a cloud proxy device which can receive the cloud processing request message of the client, and provides a cloud service for the client instead of the cloud server, can avoid directly using the public cloud server, and can improve information security in the cloud computing process.
  • a cloud proxy device is provided instead of a cloud server to provide a cloud service, wherein the replacement is directed to providing a cloud service directly to the client by the cloud server in the prior art, and the embodiment of the present invention is provided by the cloud proxy device.
  • the cloud proxy device acquires the application from the cloud computing server or invokes the stored application instead of the cloud computing server for cloud computing processing; receiving the cloud The request message is stored, and the cloud proxy device caches the data information and uploads it to the cloud storage server when the condition is met.
  • the cloud proxy device can provide the cloud service instead of the cloud server.
  • the cloud processing described above may specifically include cloud computing and cloud storage, that is, the cloud processing request message may be a cloud computing request message or a cloud storage request message.
  • the corresponding cloud server may be a cloud computing server
  • the cloud proxy device may be a cloud computing proxy device, where the cloud computing proxy device is configured to receive a cloud computing request message sent by the client, where the cloud computing request message includes the requested cloud computing application information. And being used to acquire an application from the cloud computing server or invoke the stored application according to the cloud computing request message, where the stored application that is invoked is an application obtained from the cloud computing server; and finally performs cloud computing processing according to the requested application or the stored application.
  • the cloud server may be a cloud storage server
  • the cloud proxy device is a cloud storage proxy device
  • the cloud storage proxy device is configured to receive a storage request message that is sent by the client, including pre-stored data information, and store the data information.
  • the uploaded condition is met, the stored data information is sent to the cloud storage server for storage.
  • the above-mentioned cloud proxy device can be further set in the local area network, so that the cloud proxy device and the client in the local area network can be connected through a high-speed local area network, and the speed of the cloud computing can be effectively provided while using the server provided by the public cloud. And security.
  • the embodiment of the present invention further provides a method for performing a cloud processing method on a client and a cloud proxy device
  • FIG. 2 is a flow of the first embodiment of the cloud processing method according to the present invention.
  • the schematic diagram of the process is performed by the cloud proxy device as an example. As shown in FIG. 2, the method includes the following steps:
  • Step 101 The cloud processing request message sent by the client for requesting the cloud server to provide the cloud service, where the cloud processing request message includes a cloud computing request message or a cloud storage request message; in this step, between the client and the cloud server A cloud proxy device is set, and the cloud proxy request message is received by the cloud proxy device.
  • Step 102 Provide a cloud service to the client according to the cloud processing request message instead of the cloud server.
  • the cloud proxy device performs the corresponding processing according to the cloud processing request message, that is, performs cloud computing processing or performs cloud storage processing.
  • a cloud proxy device is disposed between the client and the cloud server, and the cloud proxy device is capable of receiving a cloud processing request message of the client, and performing cloud computing according to the cloud processing request message.
  • cloud storage processing the above establishment of a cloud proxy device between the client and the cloud server, rather than directly using a public cloud server, can improve information security in the cloud computing process.
  • FIG. 3 is a schematic flowchart of a second embodiment of a cloud processing method according to the present invention. As shown in FIG. 3, when the received cloud processing request message is a cloud computing request message, the foregoing method includes:
  • Step 201 Receive a cloud computing request message sent by a client, where the cloud computing request message includes the requested cloud computing application information.
  • Step 202 Request and acquire an application from the cloud computing server according to the cloud computing request message, or invoke the stored application acquired from the cloud computing server;
  • Step 203 Perform cloud computing processing according to an application obtained from a cloud computing server or an stored application.
  • the method may further include: determining whether the cloud computing application included in the cloud computing request message is stored; and using the cloud computing application when the cloud computing application is stored; In the cloud computing application, the cloud computing application is requested from the cloud computing server, and the steps of step 202 and step 203 are performed.
  • the application request message including the identifier and the requested cloud computing application information may be sent to the cloud computing server, and the cloud computing server returns the cloud computing according to the identity identifier. application.
  • the step of authenticating may also be set, that is, the application request message sent to the cloud computing server further includes the authentication information, and the receiving cloud computing server returns according to the identity identifier.
  • the cloud computing application may be specifically: receiving a cloud computing application returned by the cloud computing server according to the identity identifier after the authentication according to the authentication information passes.
  • the cloud computing application returned by the receiving cloud computing server according to the identity identifier may be specifically: receiving the cloud computing application including the command line and/or the graphical interface returned by the cloud server according to the identity identifier.
  • FIG. 4 is a schematic flowchart of a third embodiment of a cloud processing method according to the present invention. As shown in FIG. 4, when the received cloud processing request message is a cloud storage request message, the method includes:
  • Step 301 Receive a cloud storage request message that is sent by the client, including pre-stored data information, and store the data information.
  • the cloud storage proxy device receives the pre-stored data, and caches the data.
  • Step 302 When the upload condition is met, send the stored data information to a cloud storage server for storage.
  • the foregoing conditions may be that the network is idle, the server is idle, and the like, and the data information is uploaded after the conditions are met.
  • the cloud storage proxy device functions as a cache, and the data information pre-uploaded to the cloud storage server is cached first, and the data information is uploaded when the upload condition is met.
  • the embodiment of the present invention further provides a cloud processing method using a client as an example, including: when determining that the request input by the user is a cloud processing request, sending a cloud processing request message to the cloud proxy device according to the preset cloud proxy device address.
  • the specific request for determining the user input as the cloud processing request may be: determining, according to the URL information or the port number of the request, that the request is a cloud processing request.
  • FIG. 5 is a schematic flowchart of Embodiment 4 of a cloud processing method according to the present invention. As shown in FIG. 5, the method includes the following steps:
  • Step 401 Determine, according to the requested URL information or the destination port number, that the request is a cloud processing request.
  • Step 402 Send a cloud processing request message to the cloud proxy device according to the preset cloud proxy device address.
  • the cloud processing request message is sent to the cloud processing device instead of directly using the public cloud server, thereby improving information security in the cloud computing process.
  • the above cloud processing request may be a cloud computing request or a cloud storage request.
  • the sending the cloud processing request message to the cloud proxy device is specifically:
  • FIG. 6 is a schematic structural diagram of Embodiment 1 of a cloud computing proxy device according to the present invention. As shown in FIG. 6, the cloud computing proxy device includes a first receiving module 11 and an application.
  • the obtaining module 12 and the computing processing module 13 are configured to receive the cloud computing request message sent by the client, where the cloud computing request message includes the requested cloud computing application information; and the application obtaining module 12 is configured to use the cloud computing
  • the request message is obtained from the cloud computing server to obtain an application or to invoke the stored from the cloud computing server; the computing processing module 13 is configured to perform cloud computing processing according to the application acquired or the called application obtained from the application obtaining module 12.
  • the cloud computing processing device provided by the foregoing embodiment of the present invention, after receiving the cloud computing request message sent by the client, uses the application stored by itself or requests the application from the cloud computing server, and then performs cloud computing processing, so that the cloud can be implemented locally. Calculation processing to improve the security and processing speed of data information. And further, the above cloud computing processing device can be set in the local area network Inside.
  • the method may further include: a determining module, configured to determine whether the cloud computing application included in the cloud computing request message is stored, where the application acquiring module is configured to store the cloud The cloud computing application is used when computing an application; when the cloud computing application is not stored, the cloud computing application is requested from a cloud computing server.
  • a determining module configured to determine whether the cloud computing application included in the cloud computing request message is stored, where the application acquiring module is configured to store the cloud The cloud computing application is used when computing an application; when the cloud computing application is not stored, the cloud computing application is requested from a cloud computing server.
  • the application obtaining unit may be further divided into a first processing unit, a first sending unit, and a first receiving unit, where the first processing unit is configured to use the cloud computing application when the cloud computing application is stored; An application request message for sending the cloud computing application information including the identity and the request to the cloud computing server; the first receiving unit is configured to receive the cloud computing application returned by the cloud computing server according to the identity identifier.
  • FIG. 7 is a schematic structural diagram of an embodiment of a cloud storage proxy device according to the present invention.
  • the cloud storage proxy device includes a second receiving module 21, a storage module 22, and a second sending module 23, where the second receiving module 21 is used.
  • the storage server is storing.
  • the cloud storage proxy device provided by the foregoing embodiment of the present invention first caches the received pre-stored data information, and sends the foregoing data information to the cloud storage server when the upload condition is met, and the specific upload condition may be that the network is idle. Conditions such as server idleness can increase the speed of cloud data storage by the above-described embodiments.
  • an encryption/decryption module may be further configured to encrypt data information to be uploaded to the cloud storage server, and perform data information downloaded from the cloud storage server. Decrypt.
  • FIG. 8 is a schematic structural diagram of a client embodiment of the present invention.
  • the client includes a determining module 31 and a third sending module 32, where the determining module 31 is used.
  • the request for determining the user input is a cloud processing request;
  • the third sending module 32 is configured to send a cloud processing request message to the cloud proxy device according to the preset cloud proxy device address.
  • the address of the cloud proxy device is stored in the client, and the processing request message is sent to the cloud proxy device for processing, instead of being directly sent to the cloud server, which can improve the information security in the cloud processing process.
  • an identifier adding module may be further configured to add an identifier indicating whether to perform data backup or data confidentiality level to the cloud storage request message when requesting the cloud storage request to the cloud processing request;
  • the third sending module is configured to send, to the cloud proxy device, a cloud storage request message carrying an identifier of whether to perform data backup or data confidentiality level.
  • the data of the cloud storage request message with the high data confidentiality level of the identifier may be used to indicate that the cloud proxy device encrypts when uploading to the cloud storage server.
  • FIG. 9 is a system architecture diagram of a cloud computing system according to an embodiment of the present invention.
  • the technical solution of the present invention is to introduce a cloud computing proxy device between a cloud computing server and a client, and the cloud computing proxy device itself has Computing and/or storage capabilities, which can be used for computing and/or storage instead of cloud computing servers, and upload storage content to a cloud computing server (memory) as needed, since existing cloud computing technologies only transmit results to clients.
  • the application (algorithm) itself is not transmitted, so it is necessary to transform all aspects of the cloud computing, including:
  • the protocol SBS that requests the cloud storage is defined, and after the cloud storage agent device recognizes the cloud storage request, the storage policy is automatically determined.
  • the client can directly point the storage location to the CProxy, and the CProxy further caches to the cloud storage proxy device according to its storage resource usage.
  • step (1) you can also not use a general-purpose computing platform, which requires the agent to
  • the cloud computing server obtains an executable application suitable for its environment (processor, OS).
  • processor OS
  • it is generally required to store an application library consistent with the CProxy processor, OS, etc. on the cloud computing server.
  • the cloud computing server needs to be able to provide different application libraries.
  • Client A can be pre-set the cloud computing proxy device as CProxy (or discover the cloud computing proxy device through the automatic discovery protocol), H does not need Client A to perform matrix inversion calculation, to cloud Cloud A matrix calculation request is initiated, and the URL prefix SBC is defined to represent the cloud computing request.
  • the cloud computing may include the following steps: Step 501: ClientA accesses the URL "SBC: //CloudA/Matr ix" (where CloudA corresponds CloudA's address, Ma tr ix is the specific matrix computing application requested) to initiate a cloud computing request;
  • Step 502 The proxy server that is pre-set with the SBC on Clien is CProxy (the corresponding port number or the predefined default port number is also required when using the TCP/IP protocol), and the cloud computing client on the client A (can be a browser)
  • the judgment is a cloud computing request, which will connect to the cloud computing agent CProxy, and send the cloud computing request to the cloud computing agent CProxy;
  • Step 503 The CProxy, according to the received request identifier (such as the SBC in this example), identifies that the cloud computing request is available, and the local application does not have a corresponding application, and then requests the application to obtain the application, for example, GetMethod: Matrix;
  • Step 504 After the CProxy authentication is passed, the CloudA sends the application Matrix to the CProxy (the application itself may include a command line or a graphical interface), and records the CProxy information (in order to automatically update the application);
  • Step 505 The CProxy executes the Matirx application to provide the Matrix service to Clen.
  • the Matrix can directly output the interactive prompt of the command line or directly interact with the graphical interface.
  • the presentation of the specific interactive interface can use the existing cloud computing method, through WEB, desktop transmission and other technologies. .
  • CProxy may also need to perform pre-processing such as compiling and optimizing the obtained calculations.
  • the cloud computing request is represented by a special protocol port number.
  • the TCP 90 port corresponds to cloud computing.
  • the client automatically considers the TCP connection with the destination port number 90 as a cloud computing request, and automatically connects to the cloud proxy server.
  • CProxy can also be used to carry the cloud computing request directly, and the corresponding cloud proxy URL identification prefix of the client is HUp.
  • the proxy server can be used to identify whether the cloud proxy request or the ordinary netizen browses, for example, the proxy can be based on
  • the pre-configured URL identifies whether it is a cloud computing request. For example, if the user wants to edit the document through cloud computing, request an application for word document editing.
  • the corresponding cloud computing URL is: http: ⁇ docs.clouda.com, pre-configured on the proxy server.
  • Http //docs, clouda.com is a cloud computing request.
  • the client requests the same calculation (application), and the CProxy directly provides the corresponding application, and does not perform step 503 and step 504.
  • the CProxy can also authenticate the user, and the authentication allows the CProxy to execute the cloud computing request message.
  • the CSI authentication of the CProxy (corresponding to the main function of the authentication security module) can be implemented by using a simple shared key method.
  • a CProxy that requires the proxy is assigned a username ID and a shared key SKey.
  • the CProxy requests to obtain an application, the corresponding The request message is signed.
  • the sent request message is M, and the MD5 hash algorithm is used for signature.
  • the authentication process may be as follows:
  • Step 601 The CProxy sends a request application initialization message to the cloud computing server CloudA.
  • Step 602 The CloudA sends a response initialization message (GetMethodlnit) to the CProxy, and carries the parameter random number R, and saves the start time and R of the session;
  • GetMethodlnit a response initialization message
  • Methodl ID I Times tamp I R I Signature where Method is determined according to the application of the specific request, the ratio: ⁇ can be Matrix;
  • MD5 Method, ID, Timestamp, R, Skey
  • MD5 compare Signature' with the Signature in the received message. If the time is valid, R is the same, and the signature is the same, the authentication is passed. Go to step 605. Otherwise, the authentication fails to directly reject the request. ;
  • Step 605 Send an application response message, and send the corresponding application to the CProxy.
  • the MD5 algorithm may also select another hash algorithm, such as HMAC.
  • the digital certificate can also be used for authentication to make it more secure.
  • the digital certificate can be issued by the corresponding management entity of CloudA or by the trusted entity of the third party.
  • the CProxy can be regarded as a standard cloud storage server for the client.
  • the cloud computing server can be regarded as a common client. As shown in Figure 12, the following steps are included:
  • Step 701 Client A transmits the data that needs to be stored to the CProxy.
  • Step 702 The CProxy stores the data in a storage resource of the CProxy.
  • Step 703 The CProxy feeds back the storage confirmation to the ClientA, and confirms that the storage is completed (if there is an abnormality, the storage failure may be fed back);
  • Step 704 When a certain condition is met (if the resource management module determines that the network is idle and the server is idle), the CProxy transmits the stored data to the cloud storage server (CloudB); Step 705, CloudB feedback storage confirmation, confirming that the storage is completed (if there is an abnormality) Feedback storage failure); Step 7 06.
  • CProxy releases the data that has been successfully uploaded to C oudB from the local storage. For storage using backup mode, do not release, keep a backup on CProxy.
  • CProxy can further encrypt the data uploaded to the cloud storage server.
  • the encryption algorithm can use a symmetric key encryption algorithm such as DES/AES/RC4 or an asymmetric key encryption algorithm such as RSA.
  • a symmetric key encryption algorithm such as DES/AES/RC4
  • RSA asymmetric key encryption algorithm
  • the symmetric key encryption algorithm is more efficient and secure, when the data needs to be accessed by streaming to meet real-time.
  • the demand it is more appropriate to select a stream encryption algorithm such as RC4.
  • CProxy can also specify a dynamic selection algorithm according to the type of data or the user.
  • the encryption and encryption strength can be automatically determined by the user setting or CProxy scanning the stored data, such as scanning a normal WORD text document, it is considered as general confidential data, and selecting AES 128-bit key for medium-intensity encryption.
  • AES 256-bit key is used for high-intensity encryption. Since the encrypted key and algorithm may be different, and the security key may be replaced periodically or irregularly, the CProxy needs to be able to store multiple keys and identifiers corresponding to each key. The identifier of the key needs to be attached to the uploaded data, so that when the data is downloaded, the decryption algorithm is determined according to the identifier and the corresponding key is retrieved for decryption.
  • CProxy itself can correspond to multiple cloud storage servers, and can automatically switch between multiple servers, the client does not feel this change.
  • the CProxy may also select another cloud storage server to re-upload.
  • CProxy also functions as a data cache, which will not be described in this embodiment.
  • the data information can be directly sent to C l oudB and returned to the storage confirmation. Message.
  • the CProxy needs to perform decryption corresponding to the encryption, specifically determining the decryption algorithm according to the key identifier in the downloaded data and acquiring the corresponding decryption key, and performing decryption of the downloaded data.
  • FIG. 13 is a schematic structural diagram of the cloud proxy device, including the module shown in FIG. 13.
  • the SBX protocol processing module is configured to process a computing request SBC or a storage request SBS between the client and the cloud proxy device. Relevant protocol interactions, including protocol interaction processing such as associated local user authentication;
  • the local user management module is used to manage users who need to use the proxy service locally, store user account and password, permissions and other information, authenticate the user, and control the permissions.
  • the user interaction management module is used to process input, keys, and output of the user interaction process, generate interface presentations, and the like.
  • the interface presentation can be presented to the user using a web page (browser mode), or can be directly presented to the user in a graphical/video manner.
  • graphics/video should generally be compressed to reduce bandwidth consumption, user input and output.
  • the client can pre-support the processing of the SBX protocol, or download and obtain the client software through a browser, etc.; the software resource management module is used to manage the cached software/application resources, and notify the application when there is no locally cached application resource.
  • the request module requests the software resource from the cloud computing server, and is responsible for updating the cache resource, creating the copy, and the like, monitoring the access of the software resource, and performing necessary load balancing;
  • the software execution environment module is used to provide an environment for executing the application resource, for example, When the application resource is a Ja va program, the Java runtime environment is provided.
  • the execution environment may also be provided by the cloud computing server.
  • the software resource management module determines that the execution environment needs to be downloaded according to the interaction between the application request module and the cloud computing server, the execution environment is downloaded through the application request module, and is installed into the software execution environment module;
  • the copyright management module is a DRM package required by the DRM client and the cloud computing server.
  • the digital rights management module corresponds to the OMA DRM client.
  • the cloud computing server can control the application to run only on the authorized CP roxy; the application requesting module is used to request the corresponding application from the cloud computing server according to the requirements of the software resource management, or request the execution environment.
  • the storage resource management module may further include a sensitive data detection module, based on content detection, identifying confidential data, not uploading confidential data to the cloud storage server, or performing high-intensity confidentiality on the confidential data; the storage resource module provides internal access to the client Network storage, and acts as a two-way storage cache between the cloud storage server and the client to improve client access speed; the encryption/decryption module is used to perform encryption on data uploaded to the cloud storage, and to implement data downloaded from the cloud storage.
  • a sensitive data detection module based on content detection, identifying confidential data, not uploading confidential data to the cloud storage server, or performing high-intensity confidentiality on the confidential data
  • the storage resource module provides internal access to the client Network storage, and acts as a two-way storage cache between the cloud storage server and the client to improve client access speed
  • the encryption/decryption module is used to perform encryption on data uploaded to the cloud storage, and to implement data downloaded from the cloud storage.
  • storage request module is used to upload data in the storage resource to the cloud computing (cloud storage) server, or download data from the cloud computing server to the storage resource, or not through the storage resource
  • the module cache for example, when the storage resource module is full, and directly stores the storage request between the client and the cloud computing server
  • the authentication security module is used to complete the corresponding authentication according to the requirements of the cloud computing server when accessing the cloud computing resource, Based on shared key, digital certificate Book and other methods.
  • the cloud processing system, the cloud processing method, the cloud computing proxy device, and the cloud storage processing device provided by the foregoing embodiments of the present invention, wherein a cloud proxy device is provided between the client and the cloud computing (cloud storage) server, the cloud proxy device has a calculation And the storage capability, when receiving the cloud computing request, first determining whether the application requested by the cloud computing request has been stored, if yes, performing cloud computing according to the stored application, and if not, requesting the application from the cloud computing server And after receiving the corresponding application, the cloud computing is performed.
  • the data information uploaded by the client to the cloud storage server may be cached first, and finally the data is uploaded to the cloud storage server when the upload condition is met. .
  • the above technical solution provided by the foregoing embodiments of the present invention can be set locally in a local area network by using a cloud proxy device, so that the remaining clients have a high-speed network connection, and the public cloud enhanced service on the wide area network can be used in a large amount. , effectively provide the speed and security of cloud computing. And further through the security management of CProxy (such as encryption, content inspection), you can further improve the security of data.
  • CProxy such as encryption, content inspection
  • the foregoing program may be stored in a computer readable storage medium, and the program is executed to perform the steps including the foregoing method embodiments; and the foregoing storage medium includes: a ROM, A variety of media that can store program code, such as RAM, disk, or optical disk.
  • the cloud computing mentioned in the embodiments of the present invention includes various applications such as performing scientific calculations or executing programs through a server, such as performing mathematical operations through a cloud server, editing a document, and playing a game, all of which are in the scope of cloud computing.
  • the use of cloud storage means that the cloud server is used for data storage.

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

L'invention porte sur un système de traitement en nuage. Le système de traitement en nuage comporte un client, un serveur d'informatique en nuage et un dispositif agent d'informatique en nuage. Le dispositif agent d'informatique en nuage se connecte au client et au serveur d'informatique en nuage. Le dispositif agent d'informatique en nuage est utilisé pour recevoir un message de requête de traitement en nuage envoyé par le client et pour remplacer le serveur d'informatique en nuage pour fournir des services d'informatique en nuage au client. L'invention porte également sur un procédé de traitement en nuage, sur un dispositif agent d'informatique en nuage, sur un dispositif de traitement de stockage en nuage et sur le client. Grâce au procédé, aux dispositifs et au système décrits par les présentes, la sécurité des informations en traitement en nuage est améliorée.
PCT/CN2010/078050 2009-11-02 2010-10-25 Système et procédé de traitement en nuage, et dispositif agent d'informatique en nuage WO2011050703A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN 200910207959 CN102055730B (zh) 2009-11-02 2009-11-02 云处理系统、云处理方法和云计算代理装置
CN200910207959.1 2009-11-02

Publications (1)

Publication Number Publication Date
WO2011050703A1 true WO2011050703A1 (fr) 2011-05-05

Family

ID=43921326

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2010/078050 WO2011050703A1 (fr) 2009-11-02 2010-10-25 Système et procédé de traitement en nuage, et dispositif agent d'informatique en nuage

Country Status (2)

Country Link
CN (1) CN102055730B (fr)
WO (1) WO2011050703A1 (fr)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102647470A (zh) * 2012-04-01 2012-08-22 杭州格畅科技有限公司 在线应用平台内云下载的方法及在线应用平台系统
CN103944883A (zh) * 2014-03-19 2014-07-23 华存数据信息技术有限公司 一种云计算环境下云应用访问控制的系统及方法
CN104426996A (zh) * 2013-09-11 2015-03-18 腾讯科技(深圳)有限公司 云业务处理方法和相关设备及通信系统
CN105072134A (zh) * 2015-08-31 2015-11-18 成都卫士通信息产业股份有限公司 一种基于三级密钥的云盘系统文件安全传输方法
US10706642B2 (en) 2015-09-24 2020-07-07 Ford Global Technologies, Llc Efficient telematics data upload

Families Citing this family (61)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2710500B1 (fr) * 2011-05-20 2019-09-18 Citrix Systems Inc. Obtention de couches multiples de sécurité pour un stockage de fichiers par un fournisseur de stockage externe
CN102907062B (zh) * 2011-05-26 2016-06-22 华为技术有限公司 获取云服务的方法和终端、云输入方法和设备、云服务卡及系统
CN102271161A (zh) * 2011-08-02 2011-12-07 北京远特科技有限公司 用户中心、具有用户中心的远程信息处理系统及方法
CN102307233A (zh) * 2011-08-24 2012-01-04 无锡中科方德软件有限公司 一种云计算服务器的云计算方法
CN102255974A (zh) * 2011-08-24 2011-11-23 无锡中科方德软件有限公司 一种云计算服务器的云存储方法
CN102957725A (zh) * 2011-08-25 2013-03-06 上海科斗电子科技有限公司 局域网云计算系统
CN102369714A (zh) * 2011-08-31 2012-03-07 华为技术有限公司 云计算系统中云终端访问云服务器的方法及云计算系统
CN102546741B (zh) * 2011-08-31 2014-08-13 苏州华谷电子科技有限公司 云计算系统
CN102368737A (zh) * 2011-11-25 2012-03-07 裘嘉 一种云存储系统及其数据访问方法
CN102404407A (zh) * 2011-12-07 2012-04-04 成都英黎科技有限公司 基于云平台的数据传输方法和系统
US9858149B2 (en) 2012-01-03 2018-01-02 Microsoft Technology Licensing, Llc Accessing overlay media over a network connection
CN103207815B (zh) * 2012-01-11 2016-06-08 精品科技股份有限公司 管理主机、数据管理系统以及数据备份方法
CN102592061A (zh) * 2012-03-13 2012-07-18 河北师范大学 基于云计算的中医数据采集诊断中间系统及其实现方法
CN102685122B (zh) * 2012-05-06 2016-05-04 北京深思数盾科技股份有限公司 基于云端服务器的软件保护的方法
US20130311597A1 (en) * 2012-05-16 2013-11-21 Apple Inc. Locally backed cloud-based storage
CN102739671B (zh) * 2012-06-26 2015-11-04 中国电力科学研究院 一种电力系统协同计算中的桌面虚拟化及应用展示平台
CN103533006B (zh) * 2012-07-06 2019-09-24 中兴通讯股份有限公司 一种联合云盘客户端、服务器、系统和联合云盘服务方法
CN102833229B (zh) * 2012-07-30 2015-01-21 北京中电普华信息技术有限公司 一种信息系统的数据交互方法及装置
CN103685436B (zh) * 2012-09-26 2017-05-24 联想(北京)有限公司 数据获取方法和终端设备
CN103701834A (zh) * 2012-09-27 2014-04-02 中国人民解放军国防科学技术大学 基于代理的移动云服务访问系统及方法
CN102929489B (zh) * 2012-11-09 2016-08-03 北京奇虎科技有限公司 客户端浏览器实现方法及客户端浏览器
CN103023981B (zh) * 2012-11-21 2015-07-15 北京航空航天大学 云计算系统
CN103856539A (zh) * 2012-12-06 2014-06-11 海尔集团公司 私有云系统、智能家庭系统及家庭数据保护方法
CN103051614A (zh) * 2012-12-14 2013-04-17 无锡华御信息技术有限公司 一种云平台安全接入及数据传输方法
CN103209189A (zh) * 2013-04-22 2013-07-17 哈尔滨工业大学深圳研究生院 一种基于分布式文件系统的移动云存储安全访问控制方法
CN103246521B (zh) * 2013-05-24 2017-08-25 西安电子科技大学 一种基于云计算的SaaS的平台及其使用方法
CN104284141B (zh) * 2013-07-08 2018-11-02 株式会社日立制作所 视频监视系统
CN103414605A (zh) * 2013-08-14 2013-11-27 上海兆民云计算科技有限公司 基于交换网关的桌面云监控方法
CN104426876B (zh) * 2013-09-02 2018-10-19 华为技术有限公司 获取云中安全信息方法、云中安全信息上报的方法及装置
CN104468458B (zh) * 2013-09-12 2018-09-11 中国电信股份有限公司 客户工作负载迁移到云环境的方法和系统以及迁移代理
CN103632094B (zh) * 2013-11-04 2017-11-14 天津汉柏信息技术有限公司 一种云计算大数据上传病毒防御系统
CN103631680A (zh) * 2013-12-10 2014-03-12 浪潮电子信息产业股份有限公司 一种基于云计算的个人桌面同步备份系统
US9231998B2 (en) * 2014-01-22 2016-01-05 Ford Global Technologies, Llc Vehicle-specific computation management system for cloud computing
JP6365854B2 (ja) * 2014-05-29 2018-08-01 華為技術有限公司Huawei Technologies Co.,Ltd. サービス処理方法、関連するデバイス、及びシステム
CN104092731A (zh) * 2014-06-20 2014-10-08 裴兆欣 一种云计算系统
CN104408048B (zh) * 2014-10-27 2017-06-13 清华大学 一种缓冲式云存储数据同步的方法和装置
US20180054438A1 (en) * 2015-03-02 2018-02-22 Microsoft Technology Licensing, Llc Proxy service for uploading data from a source to a destination
CN104794239A (zh) * 2015-05-08 2015-07-22 成都博元科技有限公司 一种云平台数据处理方法
CN104966006A (zh) * 2015-05-14 2015-10-07 苏州市公安局苏州工业园区分局 基于云变平台的智能人脸识别系统
CN106528489A (zh) * 2015-09-14 2017-03-22 上海羽视澄蓝信息科技有限公司 基于云计算的车辆检测机器学习系统
CN106856467A (zh) * 2015-12-08 2017-06-16 中国科学院声学研究所 一种部署在云存储客户端的安全代理装置与安全代理方法
CN106856468A (zh) * 2015-12-08 2017-06-16 中国科学院声学研究所 一种部署在云存储服务端的安全代理装置与安全代理方法
CN105610979B (zh) * 2016-02-23 2021-01-05 山东乾云启创信息科技股份有限公司 一种基于虚拟化技术的网络资源传输系统及其方法
CN106161637A (zh) * 2016-07-21 2016-11-23 广州杰赛科技股份有限公司 一种云备份方法及装置
CN106060099A (zh) * 2016-08-15 2016-10-26 北京奇虎科技有限公司 数据访问方法、装置及系统
CN106357601A (zh) * 2016-08-15 2017-01-25 北京奇虎科技有限公司 数据访问方法、装置及系统
CN106503556A (zh) * 2016-10-25 2017-03-15 广东欧珀移动通信有限公司 数据存储的方法、装置及系统
CN106657267B (zh) * 2016-11-15 2019-10-08 华中科技大学 基于边缘服务器的云存储系统
CN108668148A (zh) * 2017-03-28 2018-10-16 北京雷石天地电子技术有限公司 一种ktv播放电影的方法和装置
CN107070931B (zh) * 2017-04-21 2020-08-18 北京奇安信科技有限公司 云应用数据上传/访问方法、系统及云代理服务器
CN107438071A (zh) * 2017-07-28 2017-12-05 北京信安世纪科技有限公司 云存储安全网关及访问方法
CN107948201B (zh) * 2017-12-29 2020-11-13 平安科技(深圳)有限公司 Docker镜像仓库的权限认证方法和系统
CN111376255B (zh) * 2018-12-29 2022-06-24 深圳市优必选科技有限公司 机器人数据采集方法、装置及终端设备
CN111490997B (zh) * 2019-01-25 2023-05-12 北京京东尚科信息技术有限公司 任务处理方法、代理系统、服务系统和电子设备
CN110191158A (zh) * 2019-05-09 2019-08-30 厦门网宿有限公司 一种云桌面服务实现方法和系统
CN112953930A (zh) * 2021-02-09 2021-06-11 苏宁易购集团股份有限公司 一种云存储数据的处理方法、装置及计算机系统
CN113178238B (zh) * 2021-05-24 2024-01-09 北京天健源达科技股份有限公司 云电子病历的体温单生成方法
CN113296798B (zh) * 2021-05-31 2022-04-15 腾讯科技(深圳)有限公司 一种服务部署方法、装置及可读存储介质
CN114189530A (zh) * 2021-12-14 2022-03-15 南京讯天游科技有限公司 基于互联网的资源协同方法及系统
CN116483252A (zh) * 2022-01-14 2023-07-25 华为云计算技术有限公司 云存储设备的数据读取和写入方法及系统
CN114726880B (zh) * 2022-04-12 2024-04-26 于成龙 一种基于云计算的信息存储方法

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080016198A1 (en) * 2006-06-12 2008-01-17 Enigmatec Corporation Self-managed distributed mediation networks
US20090177514A1 (en) * 2008-01-08 2009-07-09 Microsoft Corporation Services using globally distributed infrastructure for secure content management
CN101557551A (zh) * 2009-05-11 2009-10-14 成都市华为赛门铁克科技有限公司 一种移动终端访问云服务的方法、装置和通信系统

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1249576C (zh) * 2000-07-27 2006-04-05 Bea系统公司 用于对请求进行集中和负载均衡的系统和方法
GB0322877D0 (en) * 2003-09-30 2003-10-29 British Telecomm Search system and method
CN1645799A (zh) * 2005-01-31 2005-07-27 北京北大方正电子有限公司 基于远程代理的分布式统一数据存取系统

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080016198A1 (en) * 2006-06-12 2008-01-17 Enigmatec Corporation Self-managed distributed mediation networks
US20090177514A1 (en) * 2008-01-08 2009-07-09 Microsoft Corporation Services using globally distributed infrastructure for secure content management
CN101557551A (zh) * 2009-05-11 2009-10-14 成都市华为赛门铁克科技有限公司 一种移动终端访问云服务的方法、装置和通信系统

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102647470A (zh) * 2012-04-01 2012-08-22 杭州格畅科技有限公司 在线应用平台内云下载的方法及在线应用平台系统
CN104426996A (zh) * 2013-09-11 2015-03-18 腾讯科技(深圳)有限公司 云业务处理方法和相关设备及通信系统
CN104426996B (zh) * 2013-09-11 2018-12-11 腾讯科技(深圳)有限公司 云业务处理方法和相关设备及通信系统
CN103944883A (zh) * 2014-03-19 2014-07-23 华存数据信息技术有限公司 一种云计算环境下云应用访问控制的系统及方法
CN105072134A (zh) * 2015-08-31 2015-11-18 成都卫士通信息产业股份有限公司 一种基于三级密钥的云盘系统文件安全传输方法
US10706642B2 (en) 2015-09-24 2020-07-07 Ford Global Technologies, Llc Efficient telematics data upload

Also Published As

Publication number Publication date
CN102055730A (zh) 2011-05-11
CN102055730B (zh) 2013-09-11

Similar Documents

Publication Publication Date Title
WO2011050703A1 (fr) Système et procédé de traitement en nuage, et dispositif agent d'informatique en nuage
US10917234B2 (en) Blockchain for on-chain management of off-chain storage
US10263855B2 (en) Authenticating connections and program identity in a messaging system
WO2019237796A1 (fr) Procédé et appareil d'acquisition de ressources, procédé et appareil de distribution de ressources, et procédé et appareil de téléchargement de ressources, ainsi que dispositif et support de stockage
EP3404891B1 (fr) Procédé et système de distribution de contenu numérique dans un réseau poste à poste
US9276926B2 (en) Secure and automated credential information transfer mechanism
WO2019214211A1 (fr) Appareil et procédé d'autorisation de données d'utilisateur basé sur une chaîne de blocs, et support et dispositif informatique
CN112422532B (zh) 业务通信方法、系统、装置及电子设备
WO2020042822A1 (fr) Procédé d'opération de chiffrement, procédé de création de clé de travail, et plateforme et dispositif de service de chiffrement
US11140140B2 (en) Virtual cryptographic module with load balancer and cryptographic module fleet
US11632247B2 (en) User security token invalidation
CN103748556A (zh) 与虚拟受信任运行时bios通信
JP2012079342A (ja) ネットワークを介したセキュリティ保護された動的な資格証明書の配布
WO2022170810A1 (fr) Procédé et appareil de traitement de données de stockage en nuage, et système informatique
WO2020042798A1 (fr) Procédé de création de clé de travail et de fonctionnement cryptographique et plateforme ainsi que dispositif de service cryptographique
CN104969201A (zh) 用于调用特权操作的安全接口
Mohta et al. Cloud data security while using third party auditor
TWI416923B (zh) 網路服務中之安全資料通信
CN110581829A (zh) 通信方法及装置
US20230244797A1 (en) Data processing method and apparatus, electronic device, and medium
Resende et al. Enforcing privacy and security in public cloud storage
Siopi et al. DeCStor: A Framework for Privately and Securely Sharing Files Using a Public Blockchain
CN114329574B (zh) 基于域管平台的加密分区访问控制方法、系统及计算设备
WO2023157294A1 (fr) Client sans disque, serveur, programme associé, procédé de connexion de réseau et procédé de libération de réseau
Huawei Technologies Co., Ltd. Cloud Computing System

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 10826066

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 10826066

Country of ref document: EP

Kind code of ref document: A1