Unlock instant, AI-driven research and patent intelligence for your innovation.

Bidirectional security audit method and device in distributed system

A distributed system and security audit technology, applied in the transmission system, electrical components, user identity/authority verification, etc., can solve the problems of small security threats, internal leaks cannot be completely ruled out, and no identity authentication, etc., to ensure system security Effect

Active Publication Date: 2015-01-28
ASAT CHINA TECH +1
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the server as the service provider does not have identifiable identity authentication, nor does it have any digital certificates and keys, let alone audit the legality of the server's operation, and cannot ensure that the services provided by such a server are legal, nor can it be identified Whether the obtained data is valid
Although the background server group is in a relatively isolated internal LAN, the security threat is small, but it cannot completely rule out internal leaks, or human behavior such as internal hackers
The mutual communication between servers cannot guarantee data security requirements. This level of security has little impact on ordinary Internet systems, but it is not enough for industrial Internet that requires high confidentiality. Once illegal acts occur, all The consequences are more serious

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Bidirectional security audit method and device in distributed system
  • Bidirectional security audit method and device in distributed system
  • Bidirectional security audit method and device in distributed system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0057] In order to make the purpose, technical solution and advantages of the present invention clearer, the following will further describe the implementation of the present invention in detail in conjunction with the accompanying drawings.

[0058] The first embodiment of the present invention relates to a two-way security audit method in a distributed system. In this embodiment, the concept that the server in the traditional system is safe by default is abandoned, and the client and server in the distributed system perform an operation every time. Before that, identity authentication and authority audit must be carried out, that is, identity authentication and authority audit are carried out for each user or server data access, operation execution and resource enjoyment. Among them, operation execution generally includes obtaining services, accessing system resources, accessing background data, and so on. As for the execution operations with high security level within the p...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a bidirectional security audit method and a device in a distributed system. A controlled end (which at least comprises a client side accessed into the distributed system and a server in the distributed system) in the distributed system passes an identity authentication. After a user logs in the distributed system, the operation information of the user is audited by referring to authority information corresponding to the current role of the controlled end when the operation is executed each time; if the authority information comprises the operation authority, the controlled end is permitted to execute the operation, and otherwise, the controlled end is forbidden to execute the operation; therefore, the identity and the authority in operation are guaranteed to be legal and effective after a user, an application program, a server and various legal roles in a system application scene in the distributed system log in the system, and the safety of the system is guaranteed to the maximum extent.

Description

technical field [0001] The invention relates to a security control technology in a distributed system Background technique [0002] Distributed platform is a technology based on middleware. Middleware is an independent system software or service program. Distributed platform uses this technology to share resources among different servers and manage services and resources distributed on different servers in a unified manner. . When a user needs to use a service or resource, he or she sends a request for the required service / resource to the distributed platform through the client, and the distributed platform locates the service / resource requested by the user and finds the server where the service / resource is located. Send the request to the corresponding server for processing. After the server finishes processing, the processing result is still fed back to the client through the distributed platform. [0003] In a distributed system, in order to prevent security threats, se...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/08H04L29/06H04L9/32
Inventor 钱靖梁俊
Owner ASAT CHINA TECH