Access control method and system of self-adaptation cloud computing environment virtual security domain

A cloud computing environment and access control technology, applied in the field of data and information security to avoid policy conflicts

Active Publication Date: 2013-12-18
CEC CYBERSPACE GREAT WALL
View PDF3 Cites 30 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] Aiming at the problem that traditional security access control methods based on physical devices are not suitable for virtual security domain protection in cloud computing environments, the present invention provides

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Access control method and system of self-adaptation cloud computing environment virtual security domain
  • Access control method and system of self-adaptation cloud computing environment virtual security domain
  • Access control method and system of self-adaptation cloud computing environment virtual security domain

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0026] The present invention will be described below in conjunction with the accompanying drawings.

[0027] The present invention relates to an adaptive cloud computing environment virtual security domain access control system, its structural principle diagram is as follows figure 1 and figure 2 As shown, the system includes a virtual security gateway device deployed in the virtual machine management layer and a cloud security policy synchronization center located in the cloud computing environment. The virtual security gateway device includes security warehouses, filters, and access control policy components connected in turn. Both the warehouse and access control policy components are connected to the cloud security policy synchronization center.

[0028] In the cloud computing environment, each physical machine has a virtual machine management layer, and a virtual security gateway device is deployed on the virtual machine management layer of each physical machine. Each v...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to an access control method and system of a self-adaptation cloud computing environment virtual security domain. The access control method of the self-adaptation cloud computing environment virtual security domain comprises the steps of (1) deploying a virtual security gateway device on a virtual machine management layer, carrying out interaction with a cloud security policy sync center in a cloud computing environment through the virtual security gateway device to obtain security policy information, monitoring a network communication behavior of a virtual machine on the virtual machine management layer according to a security policy, directly carrying out access control on network communication data packets inside the same physical machine, and (2) adding a security control packet to a network communication data packet across the physical machine, and carrying out self-adaptation access control across the physical machine through the security control packet and a security feedback packet which contains access control policy dynamic-adjustment information. The access control method and system of the self-adaptation cloud computing environment virtual security domain can achieve the function of carrying out fine-grained access control on communication among different virtual machines on the same physical machine or different physical machines, an access control policy can be adjusted in a dynamic mode, and access control over the self-adaptation cloud computing environment virtual security domain can be achieved.

Description

technical field [0001] The invention relates to the technical field of data information security, in particular to an access control method and system for a virtual security domain in an adaptive cloud computing environment. Background technique [0002] Cloud computing is a delivery model of IT resources and services, which can achieve anytime, anywhere, convenient and on-demand access to the required resources (such as network, server, storage, applications, services, etc.), these resources can be rapidly provisioned and released with minimal administrative cost or service provider intervention. Cloud computing has the characteristics of multi-tenancy, centralization, and virtualization, which cause different business systems of different tenants to run on the same cloud computing platform, which cannot be effectively isolated physically. To ensure security isolation between different tenants, or security isolation between different service systems of the same tenant, dif...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/08H04L29/06
Inventor 陈幼雷张雅哲
Owner CEC CYBERSPACE GREAT WALL
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap