Supercharge Your Innovation With Domain-Expert AI Agents!

Implementation method and system of openstack token access protection mechanism

A technology of protection mechanism and implementation method, applied in transmission systems, digital transmission systems, user identity/authority verification, etc., can solve problems such as data leakage and lack of security mechanisms in Memcache, and achieve the effect of ensuring security

Active Publication Date: 2019-04-23
ZHEJIANG UNIV
View PDF1 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] However, Memcache lacks sufficient security mechanisms in its own implementation, so that data may be accessed or intercepted by unauthorized users, so when it is applied to the token storage process, it may lead to data leakage

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Implementation method and system of openstack token access protection mechanism
  • Implementation method and system of openstack token access protection mechanism
  • Implementation method and system of openstack token access protection mechanism

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0042] The present invention will be described in further detail below in conjunction with the accompanying drawings and embodiments.

[0043] The present invention is realized by 2 software modules: memcache storage module and SGX encryption module, its flow control is as follows figure 1 shown.

[0044] The role of the memcache storage module is to distribute the token table stored in the openstack storage mode, and use memcache as the driver. Specific steps are as follows:

[0045] (1) Edit the Token field of / etc / keystone / keystone.conf:

[0046] driver=keystone.token.backends.memcache.Token, change its driver to memecache;

[0047] (2) Restart keystone, and start memcache, and manage the distributed storage token table through memcache.

[0048] The role of the SGX encryption module is to generate a trusted space to store and operate corresponding data, and to generate keys for verifying access rights. Its working principle is as follows:

[0049] (1) Data upload stage...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method and a system for implementation of an Openstack token access protection mechanism. The method comprises the steps of storing a token list of Openstack in a memcache according to a storage mode of the memcache; and then encrypting the token list by utilizing a protection mechanism of SGX (Software Guard Extensions). Through the SGX mechanism, the token information is encrypted by computer hardware and the access authority of the token information is controlled, so that the token information only can be read and modified at an appointed physical resource (such as a server), and the security of the token information is accordingly ensured.

Description

technical field [0001] The invention relates to the technical field of security in cloud computing operation and storage process, in particular to an implementation method and system of an Openstack token access protection mechanism. Background technique [0002] Openstack is an open source cloud computing management platform project that allows enterprises or service providers to create and run their own cloud computing and storage facilities. It includes five important components: Nova (computing service), Swift (storage service), Glance ( Mirror service), Keystone (authentication service) and Horizon (UI service). Among them, Keystone provides authentication and access policy services for all Openstack components, and it relies on its own REST (based on Identity API) system to work, mainly for (but not limited to) Swift, Glance, Nova, etc. The legitimacy of the source's request is verified. [0003] Keystone uses two authorization methods, one based on username / password...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/32H04L29/06H04L29/08
CPCH04L9/3234H04L63/08H04L67/10
Inventor 王津航陈建海王备何钦铭侯文龙程雨夏黄步添
Owner ZHEJIANG UNIV
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com