Data security assurance method in hybrid cloud environment based on service grid

Abstract

A data security assurance method in a hybrid cloud environment based on a service grid relates to the technical field of computers, and comprises the following steps: an administrator configures access security between services, defines security policies between services A, B and C and storage services, determines encrypted communication and non-encrypted communication, and issues the informationto the intelligent agent side by the control plane in a unified manner; after an external entry request arrives at the service A, the service A analyzes the address of the service B through the DNS and initiates calling; the request of the service A for calling the service B is intercepted by the sidecar, and traffic transparent transmission is performed; and the service B calls the service C, andthe DNS analyzes the address of the service C as a public cloud address to configure a security policy. According to the method, the limitation of public cloud manufacturers can be removed, and the network transmission layer security among multiple clouds, the application communication security in the public cloud and the data storage security can be ensured; secure transmission can be flexibly customized, and cross-cloud services are defined to enable secure access.

Description

technical field [0001] The invention relates to the field of computer technology, in particular to a method for ensuring data security in a service grid-based hybrid cloud environment. Background technique [0002] With the development of cloud computing, almost every enterprise plans or is using cloud computing nowadays. At the same time, due to security and auditing reasons, not all enterprise information can be placed on the public cloud, so most enterprises that have applied cloud computing are using the hybrid cloud model. While using a hybrid cloud allows users to take advantage of the respective advantages of public and private clouds, it also provides great flexibility in moving applications across a multi-cloud environment. However, the configuration management of hybrid cloud is relatively more complex and difficult to maintain; since hybrid cloud is a combination of different cloud platforms, data and applications, integration will be a challenge; A compatibilit...

AI Technical Summary

Problems solved by technology

These two solutions have their own advantages and can be applied to the needs of different users, but both of these solutions are limited by public cloud vendors, and cannot guarantee the security of the network transport layer between multiple clouds, and are not responsible for the internal security of the public cloud. Application communication security and data storage security; cannot flexibly customize secure transmission, and cannot define whether to enable secure access between cross-cloud services

Images