Bastion host

A bastion machine and account technology, applied in the field of information security, can solve the problems of not paying attention to IT security, difficulty in sorting out asset ledgers, diverse and scattered asset risks, etc.

Pending Publication Date: 2020-08-25
ZHEJIANG QIZHI TECH CO LTD
View PDF5 Cites 11 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] Servers, network equipment, databases, security equipment, and middleware are all assets of the data center. Due to the large number, variety, multi-brand, and rapid change of asset equipment, it is difficult to sort out the asset ledger; and asset risks are diverse and scattered. The security department is neither a data producer nor a data center builder, but the technology department, as a data producer and data center builder, focuses on IT efficiency rather than IT security; the security department focuses on IT security rather than IT security. Emphasis on IT efficiency; resulting in security departments failing to obtain asset security data, asset risks are difficult to identify, and industry security rules are difficult to implement

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Bastion host
  • Bastion host
  • Bastion host

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0033] abnormal behavior

[0034] The abnormal behavior mentioned in the present invention refers to the operation behavior that does not match the content of the white list, including but not limited to abnormal behavior caused by hacker attacks, abnormal behavior caused by misoperation of internal operation and maintenance personnel, etc.

[0035] gateway

[0036] Everyone knows that to walk from one room to another, one must pass through a door. Likewise, gateways send messages from one network to another. Information must also pass through a "pass", which is the gateway. As the name implies, a gateway is a "gateway" that connects a network to another network, that is, a network gate. The gateway mentioned in the present invention refers to the door to enter the data center.

[0037] workflow engine

[0038] The so-called workflow engine refers to workflow as a part of the application system, and it provides core solutions such as determining information transmis...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a bastion host. The bastion host serves as an operation and maintenance operation gateway of a data center. An identity account, a server account and a matching relationship between the identity account and the server account are arranged in the bastion host; each server account has respective operation authority, the bastion host establishes connection between the terminaland the server according to the operation authority, and the terminal operates the server to form an operation log to be stored in the bastion host. The bastion host has the advantages that the bastion host confirms the identity of the person twice: the responsible person applying for entering belongs to a set of persons allowed to enter, and the person applying for entering is the person. Thus,the problem of fuzzy identity is solved, and if the problem is found, people can be directly traced back. Identity authentication, access control, authority control and operation auditing can be carried out on the terminal entering the server at the equipment and host layers, and behaviors of workers are restrained and monitored.

Description

technical field [0001] The invention relates to the field of information security, in particular to an access control auditing system. This access control audit system is called a bastion machine. Background technique [0002] This section is only for the convenience of understanding the content of the present invention, and should not be regarded as prior art. [0003] According to the different users of the network, the network can be divided into extranet (Internet) and intranet (local area network). The intranet can be divided into office network and production network. The network behavior of office Internet access is relatively developed, and virus and network intrusion incidents are prone to occur. If office users and production users are in the same network, viruses and intrusion events that occur on the office network will quickly spread to the production network with almost no obstacles, posing a great threat to production security. Therefore, the office networ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/10H04L63/08
Inventor 吴强
Owner ZHEJIANG QIZHI TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap