Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Cloud storage fine grit access control method and data uploading and data accessing method

A technology of access control and access control tree, which is applied in the field of cloud storage, can solve problems such as the difficulty in authorization management of the mandatory access control model, and achieve the effect of ensuring no tampering and safe storage

Active Publication Date: 2018-11-27
JIANGSU R & D CENTER FOR INTERNET OF THINGS
View PDF7 Cites 16 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] The purpose of the present invention is to overcome the deficiencies in the prior art, provide a fine-grained access control method for cloud storage, solve the difficulties in authorization management of the mandatory access control model, and realize the access control of data uploaders to data by introducing autonomous access control Authorization; In addition, in view of the defects of the traditional RBAC model, the method based on attribute-based encryption is introduced to realize the self-description of the access control structure through the attribute label of the data, and to meet the fine-grained access control requirements

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Cloud storage fine grit access control method and data uploading and data accessing method
  • Cloud storage fine grit access control method and data uploading and data accessing method
  • Cloud storage fine grit access control method and data uploading and data accessing method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0028] The present invention will be further described below in conjunction with specific drawings and embodiments.

[0029] The present invention proposes a cloud storage fine-grained access control method. In the solution of the present invention, the access control of the Hadoop component is compatible with the Plugin; the Hadoop component accesses the Central Authorization Server (hereinafter referred to as CAS, i.e. Center Authorization Server) Abbreviation), access control through CAS;

[0030] exist figure 1 , the solid-line boxes represent the roles included in this solution, and the dotted-line boxes are Hadoop components, such as HDFS components, Hive components, Impala components, and HBase components;

[0031] CAS is a central permission management service, which is used to respond to the request of the Plugin plug-in, and returns a specific permission policy for specific permission control in the Plugin;

[0032] Plugin is a plug-in running on Hadoop components....

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a cloud storage fine grit access control method. The method is compatible to access control of a Hadoop assembly in a Plugin way and access control is performed through a central authorization server. Requests intercepted and sent to the central authorization server from the Plugins are accessed to a strategy engine by accessing a binding layer. Authority strategies are encrypted / decrypted through a strategy encryption / decryption layer, finally, through an engine background, storage and reading of the authority strategies are finished, and the storage form is authority encryption ciphers. The decrypted authority strategies are analyzed by the strategy engine, and authorities which can be identified by each Plugin are obtained through the analysis and returned to thecorresponding Plugins. Verification of the authorities is finished by the Plugins and whether user requests of this time are permitted is judged through the Plugins. According to the invention, by introducing autonomous access control, access control authorization of data by a data uploader is achieved; and by introducing a method based on attribute-based encryption, self-description of an accesscontrol structure is performed through attribute labels of data.

Description

technical field [0001] The invention relates to the technical field of cloud storage, in particular to an access control method for cloud storage. Background technique [0002] In recent years, with the rapid development of cloud computing and big data technology, it has brought tremendous changes to society. With the acceleration of network bandwidth and the advent of the mobile Internet era, end users are becoming more and more accustomed to uploading data to the cloud to prevent data loss; due to the high cost of self-built clusters, small and medium-sized enterprises are also increasingly using enterprise clouds (such as Alibaba Cloud, Tencent Cloud); even large enterprises will choose to migrate data to the cloud due to the lack of experience in big data storage and the good service of enterprise cloud. However, after the data is handed over to a "third party" for management, it will bring about data privacy and security issues. Hadoop and its related components are o...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/10H04L63/102H04L63/20H04L67/1097
Inventor 王嘉龙崔光霁赵旦谱台宪青
Owner JIANGSU R & D CENTER FOR INTERNET OF THINGS
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com