Inter-cloud-storage-system data migration encryption method

Abstract

The invention discloses an inter-cloud-storage-system data migration encryption method, and relates to the technical field of data migration and cluster parallel computing. The acting object of the inter-cloud-storage-system data migration encryption method is that multiple kinds of proven safety technology RBAC, access control rules and the like are combined between two cloud systems, namely in the public cloud-to-public cloud scene, and the safety data migration method is obtained. An access strategy of an organization is achieved through access control based on identities, central nodes of source systems serve as subjects, central nodes of target systems serve as objects, and communication between the subjects and the objects can be implemented only after verification is carried out through the access rules, namely permission expressions. According to the RBAC, roles are introduced into the subjects, labels are introduced into the objects, if verification is successful, the objects return Tokens to the roles, and therefore the roles define reading permission (r) and writing permission (w) so as to carry out reading and writing with a file of the labels. Due to the fact that the subjects are associated with the roles, the roles have different kinds of reading-writing permission to access the labels of the objects, the reading-writing processes can not be mixed according to the different kinds of permission, and efficiency is improved.

Description

technical field [0001] The invention proposes a data migration encryption method between cloud storage systems, and relates to the technical fields of data migration and cluster parallel computing. Background technique [0002] Definitions and acronyms of related terms: [0003] Cloud storage system: A cloud computing system centered on data storage and management, which is divided into public cloud and private cloud systems. [0004] Public cloud: The infrastructure of the cloud is owned and managed by the cloud service provider. The equipment is deployed inside the cloud service provider, and the data stored by the user is not controlled by the user. The data is likely to be authorized to be accessed by untrusted people. . [0005] Private cloud: The customer owns and manages the cloud infrastructure, deploys it in-house, and only allows authorized persons to access it. [0006] Data Migration: The process of moving data from one system or a large number of systems to a...

AI Technical Summary

Problems solved by technology

Third, the read or write permissions of the data nodes between the two systems will also be intercepted or tampered with when transferring files. If one party originally reads the file instead of writing the file, the influx of a large amount of data will cause data confusion and even data paralysis

However, this patent increases costs by adding cloud tenants and third-party audit platforms and focuses on establishing a migration model. This patent is based on role-based access control. It uses the characteristics of RBAC to build a series of tags and role authority control, which is not like this one. Patents focus on the improvement of third-party platforms and models

Images