An adaptive cloud computing environment virtual security domain access control method and system

A cloud computing environment and access control technology, applied in the field of data and information security to avoid policy conflicts

Active Publication Date: 2016-11-16
CEC CYBERSPACE GREAT WALL
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] Aiming at the problem that traditional security access control methods based on physical devices are not suitable for virtual security domain protection in cloud computing environments, the present invention provides an adaptive cloud computing environment virtual security domain access control method, which is deployed in the virtual machine management layer Virtual security gateway device to control access to network communication data

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • An adaptive cloud computing environment virtual security domain access control method and system
  • An adaptive cloud computing environment virtual security domain access control method and system
  • An adaptive cloud computing environment virtual security domain access control method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0026] The present invention will be described below in conjunction with the accompanying drawings.

[0027] The present invention relates to an adaptive cloud computing environment virtual security domain access control system, its structural principle diagram is as follows figure 1 and figure 2 As shown, the system includes a virtual security gateway device deployed in the virtual machine management layer and a cloud security policy synchronization center located in the cloud computing environment. The virtual security gateway device includes security warehouses, filters, and access control policy components connected in turn. Both the warehouse and access control policy components are connected to the cloud security policy synchronization center.

[0028] In the cloud computing environment, each physical machine has a virtual machine management layer, and a virtual security gateway device is deployed on the virtual machine management layer of each physical machine. Each v...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention relates to a method and system for controlling access to a virtual security domain in an adaptive cloud computing environment. The method deploys a virtual security gateway device on a virtual machine management layer, and implements the virtual security gateway device with a cloud security policy synchronization center in the cloud computing environment. Interact to obtain security policy information, and monitor the network communication behavior of the virtual machine on the virtual machine management layer according to the security policy, and directly perform access control on the network communication data packets inside the same physical machine; for network communication across physical machines The security control package is added to the data package, and the cross-physical machine adaptive access control is performed through the security control package and the security feedback package containing the dynamic adjustment access control policy information. The method and system can realize the fine-grained access control function for communication between different virtual machines on the same physical machine or different physical machines, and can dynamically adjust access control policies to realize adaptive cloud computing environment virtual security domain access control .

Description

technical field [0001] The invention relates to the technical field of data information security, in particular to an access control method and system for a virtual security domain in an adaptive cloud computing environment. Background technique [0002] Cloud computing is a delivery model of IT resources and services, which can achieve anytime, anywhere, convenient and on-demand access to the required resources (such as network, server, storage, applications, services, etc.), these resources can be rapidly provisioned and released with minimal administrative cost or service provider intervention. Cloud computing has the characteristics of multi-tenancy, centralization, and virtualization, which cause different business systems of different tenants to run on the same cloud computing platform, which cannot be effectively isolated physically. To ensure security isolation between different tenants, or security isolation between different service systems of the same tenant, dif...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/08H04L29/06
Inventor 陈幼雷张雅哲
Owner CEC CYBERSPACE GREAT WALL
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap