System and method for realizing security storage and access control of data

A technology of data access control and data security storage, which is applied in the field of storage security in information technology, can solve the problems of mixed storage security of different sensitive levels of data, achieve the effect of small impact, improve security, and increase security access

Active Publication Date: 2015-05-27
董唯元
View PDF8 Cites 23 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0012] From the above analysis, it can be seen that the existing data security technology does not solve the security problem of mixed storage of data with different sensitive levels brought about by the application of virtualization technology.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • System and method for realizing security storage and access control of data
  • System and method for realizing security storage and access control of data
  • System and method for realizing security storage and access control of data

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0064] It should be understood that the specific embodiments described herein are only used to explain the present invention, but not to limit the present invention.

[0065] The present invention mainly adds logical functional components of a storage security gateway between the front-end application server generating data requests and the back-end storage system to realize data security domain division, isolation and access control. The storage security gateway and the storage virtualization gateway can work together, and use the existing virtualization technology to realize the storage of data on the actual physical medium according to the security domain. When a data access request arrives at the storage virtualization gateway, the storage virtualization gateway can invoke the function of the storage security gateway to implement data security domain isolation and access control. Since all data requests to access the back-end storage system will be processed by the storage...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a system and method for realizing the security storage and the access control of data. The system comprises an application server, a storage security gateway, a security strategy server and a backend storage system, wherein the storage security gateway is additionally arranged between the application server and the backend storage system so as to realize the partition, the isolation and the access control of data security domains. The storage security gateway and a storage virtualization gateway can synergistically work, and data can be stored in the manner of the security domains on an actual physical medium by utilizing a virtualization technique. When a data access request arrives at the storage virtualization gateway, the storage virtualization gateway can invoke the functions of the storage security gateway so as to realize the isolation and the access control of the data security domains. Because all data requests for access to the backend storage system can be processed by the storage security gateway, security control is guaranteed to be performed on the single path of data without being bypassed. In addition, security control is realized at the bottom layer of data access, so that attack means to data by upper application layers can be effectively avoided.

Description

technical field [0001] The invention relates to the field of storage security in information technology, in particular to a system and a method for ensuring the safe storage and access control of key data. Background technique [0002] With the development of cloud computing technology and the wide application of virtualization technology in storage systems, the physical storage media of storage systems are unified to provide services in the form of resource pools. The virtualization technology shields the details of the underlying data storage, so that the physical location of the data is independent of the logical location, and the user can obtain a virtual storage space larger than the actual storage capacity, and the user only needs to care about the data representation in the application layer. without having to deal with the details of the underlying storage. However, the application of virtualization technology also brings data security risks. Application layer data...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/0218H04L63/0272H04L63/104H04L63/162H04L67/1097
Inventor 董唯元陈幼雷郭伟
Owner 董唯元
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap