Method for limiting authority of cloud computing privileged user by using mandatory access control

A technology for mandatory access control and privileged users, applied in computing, computer security devices, instruments, etc., to solve the problems of urgency, user loss, abuse, etc.

Inactive Publication Date: 2011-08-17
LANGCHAO ELECTRONIC INFORMATION IND CO LTD
View PDF5 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, its security issues, especially the trust of privileged users, have always been the main reason why many vendors hesitate
Since in the cloud computing environment, the user's key data including keys are stored in the remote data center, so how to control and prevent internal personnel, that is, privileged users from abusing user data and causing serious losses to users, is very necessary
Therefore, it is urgent to restrict the access and operation of privileged users and build a secure cloud computing operating system

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for limiting authority of cloud computing privileged user by using mandatory access control
  • Method for limiting authority of cloud computing privileged user by using mandatory access control

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0011] The method of the present invention is described in detail below with reference to the accompanying drawings.

[0012] A security module is added to the bottom layer of the cloud operating system to intercept and record all file access paths of privileged users, so as to meet the requirements of restricting privileged users from accessing the data center.

[0013] The main component of the security module is the Mandatory Access Control module.

[0014] The mandatory access control module is based on the user's access control to files, because all operations of privileged users can be converted into operations on files, so it is only necessary to control their operations on files.

[0015] The restriction steps are as follows:

[0016] The file system filter driver in the cloud security module inserts access rules one by one when it is initialized, and allows dynamic addition or deletion of specified nodes at any time, so as to intercept data I / O requests from privileg...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a method for limiting authority of a cloud computing privileged user by using mandatory access control. In the method, whether the privileged user has the authority for operating resources of a cloud computing data center is checked by the mandatory access control, and the user access control authority is set by using the mandatory access control. Compared with the traditional discretionary access control, fine grit access control of the resources of the cloud computing data center can be realized, and job responsibility irrelevant operation of the privileged user is prevented.

Description

technical field [0001] The invention relates to the field of computer application technology, in particular to a method for restricting cloud computing privileged user authority by using mandatory access control. [0002] The present invention relates to the field of cloud operating system data center security, especially the management of privileged user access rights, specifically a method based on ROST (Reinforcement Operating System Technique), the core of which is to build a cloud security module at the bottom layer of the cloud operating system to Implement mandatory access controls to restrict access and manipulation of resources by privileged users. Background technique [0003] There are more and more cloud computing and applications based on cloud computing, and its high efficiency and cost-saving advantages make it attract the attention of the industry. However, its security issues, especially the trust of privileged users, have always been the main reason why ma...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/20H04L29/06G06F21/30
Inventor 王佳慧
Owner LANGCHAO ELECTRONIC INFORMATION IND CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap