A method and system for controlling multi-level security classification of cloud users

By combining the BLP and Biba models, the normal operating status of the scanning server is determined, the security levels of the subject and object are identified, and read/write operations and permission settings are executed according to the levels. This solves the security protection problem of the cloud security center during scanning, realizes multi-level secure access control, and improves the security and management efficiency of the cloud environment.

CN119363416BActive Publication Date: 2026-06-05CHINA TELECOM DIGITAL INTELLIGENCE TECH CO LTD

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
CHINA TELECOM DIGITAL INTELLIGENCE TECH CO LTD
Filing Date
2024-10-18
Publication Date
2026-06-05

AI Technical Summary

Technical Problem

When conducting application vulnerability scans, the cloud security center encountered obstacles due to server security protection measures, and the BLP model had deficiencies in ensuring information confidentiality, failing to effectively restrict the flow of unauthorized information and making it difficult to achieve multi-level secure access control.

Method used

By combining the BLP and Biba models, the system determines whether the scanning server is operating normally, identifies the security levels of the subject and object, performs read and write operations based on the levels, adjusts permission settings and abnormal alarm information, and optimizes cloud environment management.

Benefits of technology

It significantly improves the security of the cloud environment, enhances the precision of access control, optimizes cloud environment management, and provides a more secure, reliable, and efficient cloud service environment.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN119363416B_ABST
    Figure CN119363416B_ABST
Patent Text Reader

Abstract

The application relates to a method and system for controlling multi-level security classification of cloud users, and belongs to the technical field of computers.The method comprises the following steps: judging whether a scanning server is normally running; in the case that the scanning server is normally running, determining the security levels of a subject and an object based on a BLP model and a Biba model, the subject being used for indicating a user or a process that sends an access resource request, and the object being used for indicating data or resources that are accessed; performing read-write operations on the subject according to the security levels of the subject and the object; in the case that the read-write operations are performed on the subject, setting the permissions of the subject, and adjusting the security level of the object based on abnormal alarm information.The method can significantly improve the security of a cloud environment, enhance the access control accuracy, optimize the cloud environment management, and promote compliance.Commonly, a safer, more reliable and efficient cloud service environment is provided for cloud users.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention belongs to the field of computer technology, and in particular relates to a method and system for controlling multi-level security classification of cloud users. Background Technology

[0002] In related technologies, cloud security centers may be hindered by server security protection measures (such as WAF and SOC) when performing application vulnerability scans, and it is necessary to add the scanner IP to the whitelist. At the same time, the BLP model has defects in ensuring information confidentiality and fails to effectively restrict the flow of unauthorized information. In the cloud computing environment, due to the characteristics of virtualization technology, it is necessary to implement multi-level security access control. Summary of the Invention

[0003] In view of the shortcomings of the existing technology, the purpose of this invention is to provide a method and system for controlling the multi-level security classification of cloud users. This method can significantly improve the security of the cloud environment, enhance the precision of access control, optimize cloud environment management, and promote compliance.

[0004] In a first aspect, the present invention proposes a method for controlling multi-level security classification of cloud users, comprising: S1, determining whether a scanning server is operating normally; S2, if the scanning server is operating normally, determining the security levels of a subject and an object based on a BLP model and a Biba model, wherein the subject refers to a user or process that issues a request to access resources, and the object refers to the data or resource being accessed; S3, performing read and write operations on the subject according to the security levels of the subject and the object; S4, while performing read and write operations on the subject, setting permissions for the subject and adjusting the security level of the object based on abnormal alarm information.

[0005] Further, determining that the scanning server is operating normally includes: when scanning the server, determining whether the server has a security deployment; if it is determined that a security deployment exists, adding the address of the server to a whitelist.

[0006] Furthermore, based on the security levels of the subject and the object, performing read and write operations on the subject includes: performing only write operations on the subject when the security level of the subject is greater than the security level of the object; and performing only read operations on the subject when the security level of the subject is not greater than the security level of the object.

[0007] Furthermore, setting permissions for the subject includes: obtaining the data owner's access policy for the data based on data tags; and determining the permission settings for the subject based on the access policy.

[0008] Furthermore, adjusting the security level of the object based on the abnormal alarm information includes: determining whether it is an abnormal diagnosis based on the abnormal alarm information; and reducing the security level of the object if it is determined to be an abnormal diagnosis.

[0009] Furthermore, it also includes: upgrading the security level of the object if it is determined that the object has not been downgraded within a preset time.

[0010] Furthermore, it also includes: determining whether the abnormal alarm information is an abnormal fluctuation; if it is determined to be an abnormal fluctuation, adding the object to the downgraded observation list.

[0011] A second aspect of the present invention proposes a system for controlling multi-level security classification of cloud users, comprising: a judgment module for judging whether a scanning server is operating normally; a determination module for determining the security levels of a subject and an object based on a BLP model and a Biba model when the scanning server is operating normally, wherein the subject refers to a user or process that issues a request to access resources, and the object refers to the data or resource being accessed; an execution module for performing read and write operations on the subject according to the security levels of the subject and the object; and an adjustment module for setting permissions for the subject when read and write operations are performed on the subject, and adjusting the security level of the object based on abnormal alarm information.

[0012] A third aspect of the present invention provides an electronic device comprising: at least one processor; and a memory communicatively connected to the at least one processor; wherein the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method described in any one aspect of the present invention.

[0013] A fourth aspect of the present invention provides a non-transitory computer-readable storage medium storing computer instructions, wherein the computer instructions are used to cause the computer to perform the method described in any one of the first aspects of the present invention.

[0014] The beneficial effects of this invention are as follows:

[0015] The method and system for controlling multi-level security classification of cloud users as described in this invention determine whether the scanning server is operating normally. If the scanning server is operating normally, the security levels of the subject and object are determined based on the BLP model and the Biba model. The subject refers to the user or process that issues the resource access request, and the object refers to the data or resource being accessed. Based on the security levels of the subject and object, read and write operations are performed on the subject. When read and write operations are performed on the subject, permissions are set for the subject, and the security level of the object is adjusted based on abnormal alarm information. This method can significantly improve the security of the cloud environment, enhance access control precision, optimize cloud environment management, and promote compliance. Together, they provide cloud users with a more secure, reliable, and efficient cloud service environment. Attached Figure Description

[0016] The accompanying drawings are for illustrative purposes only and are not intended to limit the invention. Throughout the drawings, the same reference numerals denote the same parts. It is obvious that the drawings described below are merely some embodiments of the present invention, and those skilled in the art can obtain other drawings based on these drawings.

[0017] Figure 1 This is a flowchart of a method for controlling multi-level security classification of cloud users according to an embodiment of the present invention;

[0018] Figure 2 This is a flowchart of a method for controlling multi-level security classification of cloud users according to a specific embodiment of the present invention;

[0019] Figure 3 This is a schematic diagram illustrating the formation of a tag set according to an embodiment of the present invention;

[0020] Figure 4 This is a schematic diagram of a system for controlling multi-level security classification of cloud users according to an embodiment of the present invention;

[0021] Figure 5 This is a structural block diagram of an electronic device according to an embodiment of the present invention. Detailed Implementation

[0022] To enable those skilled in the art to better understand the technical solutions in the embodiments of the present invention, the technical solutions of the present invention will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some embodiments of the present invention, not all embodiments. It should be understood that these descriptions are merely exemplary and are not intended to limit the scope of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without creative effort should fall within the scope of protection of the present invention.

[0023] Furthermore, descriptions of well-known structures and techniques are omitted in the following description to avoid unnecessarily obscuring the concepts disclosed in this invention.

[0024] In the description of this invention, it should be noted that, unless otherwise explicitly specified and limited, the terms "center," "upper," "lower," "left," "right," "vertical," "horizontal," "inner," and "outer," etc., indicating orientation or positional relationships based on the orientation or positional relationships shown in the accompanying drawings, are only for the convenience of describing the invention and simplifying the description, and do not indicate or imply that the device or element referred to must have a specific orientation, or be constructed and operated in a specific orientation, and therefore should not be construed as a limitation of the invention. Furthermore, the terms "first," "second," and "third" are used for descriptive purposes only and should not be construed as indicating or implying relative importance. The terms "installed," "connected," and "linked" should be interpreted broadly; for example, they can refer to a fixed connection, a detachable connection, or an integral connection; they can refer to a mechanical connection or an electrical connection; they can refer to a direct connection or an indirect connection through an intermediate medium; and they can refer to the internal communication of two components. Those skilled in the art can understand the specific meaning of the above terms in this invention based on the specific circumstances.

[0025] Exemplary embodiments will now be described in detail, examples of which are illustrated in the accompanying drawings. When the following description relates to the drawings, unless otherwise indicated, the same numerals in different drawings denote the same or similar elements. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present invention. Rather, they are merely examples of methods and systems consistent with some aspects of the invention as detailed in the appended claims.

[0026] When cloud security centers scan application vulnerabilities, they simulate hacker intrusion attacks over the public internet (sending only request packets and not performing any actual attack behavior) to perform security scans on your server. If your server has security protection or monitoring deployments, such as a Web Application Firewall (WAF) or a Security Operations Center (SOC), it is recommended that you add the IP address of the web scanner to the whitelist to ensure the normal operation of the scanning service. Multi-level security involves grouping objects with different security levels into different groups and implementing security control policies to control the information flow between objects of different security levels. The security levels differ between groups, while objects within the same group have the same security level. In multi-level security research, the BLP model and the Biba model are the most common. The BLP model is the most typical model for ensuring operating system security, describing the reasonable flow path of information in a secure system and defining the security characteristics of system state security. The BLP model is mainly used in military systems to ensure the confidentiality of information. In this model, relevant rules include "no reading" and "no writing." However, the BLP model does not take effective measures to restrict unauthorized information, making it possible for illegal operations to be executed. For cloud computing, implementing multi-level security in virtual machine systems is essential because virtualization technology can assign processes to different virtual machines, and virtual machines belonging to different organizations or departments (usually with different security levels) may run on the same virtual machine monitor. Based on this characteristic, a multi-level security access control model based on a three-layer cloud platform architecture can be constructed. The Virtual Machine Monitor (VMM) is the top layer, virtual machines (VMs) running on the same VMM are the middle layer, and processes (Ps) running within virtual machines are the bottom layer. After implementing the layer division, security levels need to be set for the processes in the bottom layer and the virtual machines in the middle layer according to multi-level security standards, forming a multi-level security model for cloud computing.

[0027] This invention proposes a method, system, and related equipment for controlling multi-level security classification of cloud users. Specifically, the following describes an embodiment of the method, system, and related equipment for controlling multi-level security classification of cloud users with reference to the accompanying drawings.

[0028] Figure 1 This is a flowchart of a method for controlling multi-level security classification of cloud users according to an embodiment of the present invention. It should be noted that the method for controlling multi-level security classification of cloud users according to the embodiments of the present invention can be applied to the system for controlling multi-level security classification of cloud users according to the embodiments of the present invention. This system for controlling multi-level security classification of cloud users can be configured on an electronic device or in a server. This application does not limit the scope of this application.

[0029] like Figure 1 As shown, the method for controlling the multi-level security classification of cloud users includes:

[0030] S110, determine whether the scanning server is running normally.

[0031] In an embodiment of the present invention, when the cloud security center scans for application vulnerabilities, it simulates a hacker intrusion attack over the public network (only sending request messages and not performing any actual attack behavior) to perform a security scan on the server, thereby determining whether the scanned server is operating normally.

[0032] S120, under normal operating conditions of the scanning server, determines the security level of the subject and object based on the BLP model and Biba model. The subject refers to the user or process that issues the request to access the resource, and the object refers to the data or resource being accessed.

[0033] In embodiments of the present invention, when scanning a server, it is determined whether the server has a security deployment; if a security deployment is determined, the server's address is added to a whitelist to confirm that the scanning server is operating normally. If the scanning server is operating normally, the security levels of the subject and object are determined based on the BLP model and the Biba model.

[0034] S130 performs read and write operations on the subject based on the security levels of the subject and the object.

[0035] In embodiments of the present invention, given the security levels of the subject and object, read and write operations on the subject can be performed by comparing their security levels. Specific implementation details can be found in subsequent embodiments.

[0036] S140: When performing read / write operations on a subject, set permissions for the subject and adjust the security level of the object based on abnormal alarm information.

[0037] According to embodiments of the present invention, a method for controlling multi-level security classification of cloud users determines whether a scanning server is operating normally. If the scanning server is operating normally, the security levels of the subject and object are determined based on the BLP model and the Biba model. The subject refers to the user or process that issues the resource access request, and the object refers to the data or resource being accessed. Based on the security levels of the subject and object, read and write operations are performed on the subject. When read and write operations are performed on the subject, permissions are set for the subject, and the security level of the object is adjusted based on abnormal alarm information. This method can significantly improve the security of the cloud environment, enhance access control precision, optimize cloud environment management, and promote compliance. Together, they provide cloud users with a more secure, reliable, and efficient cloud service environment.

[0038] To enable those skilled in the art to more readily understand the present invention, Figure 2This is a method for controlling multi-level security classification of cloud users according to a specific embodiment of the present invention, such as... Figure 2 As shown, the method for controlling the multi-level security classification of cloud users includes:

[0039] S210, determine whether the scanning server is running normally.

[0040] In the embodiments of the present invention, the implementation of step S210 can refer to the implementation of step S110 described above, and the present invention will not repeat it here.

[0041] S220, confirming that the scanning server is operating normally.

[0042] In an embodiment of the present invention, when scanning a server, it is determined whether the server has a security deployment; if it is determined that a security deployment exists, the server's address is added to a whitelist, thereby confirming that the scanned server is operating normally.

[0043] This involves further analyzing the server's configuration, security policies, and firewall rules based on the server's response to simulated attacks to confirm the existence of effective security deployments. This includes, but is not limited to, checking whether the server's security patches, firewall settings, intrusion detection system (IDS), and intrusion prevention system (IPS) are enabled and configured correctly.

[0044] S230, under normal operating conditions of the scanning server, determines the security level of the subject and object based on the BLP model and the Biba model. The subject refers to the user or process that issues the request to access the resource, and the object refers to the data or resource being accessed.

[0045] In embodiments of the present invention, both the BLP (Bell-LaPadula) model and the Biba model are data access control models used for computer system security.

[0046] The BLP model is primarily used to protect data confidentiality, while the Biba model is used to protect data integrity. Both models are based on mandatory access control, using security levels to control a subject's access to an object.

[0047] In the BLP model, the security levels of subjects and objects are determined according to the following rules: Simple security attribute: Subjects can only read data with a security level equal to or lower than their own (read down). Asterisk attribute: Subjects can only write data to objects with a security level higher than their own (write up). Discretionary security attribute: An access matrix is ​​used to specify discretionary access control. These rules ensure that data can only flow from low security levels to high security levels, thereby preventing the unauthorized disclosure of sensitive data.

[0048] In the Biba model, the security levels of subjects and objects are determined by the following rules: Simple Security Attribute: A subject can only modify data with a security level equal to or higher than its own (written above). Asterisk Attribute: A subject cannot modify data with a security level lower than its own (written below). Invocation Attribute: A subject cannot invoke another subject if its full security level is not lower than that of the other subject. These rules ensure data integrity and prevent unauthorized modifications.

[0049] S240 performs read and write operations on the subject based on the security levels of the subject and the object.

[0050] In an embodiment of the present invention, after determining the security levels of the subject and the object, the security levels of the subject and the object are compared. If the security level of the subject is greater than the security level of the object, only a write operation is performed on the subject; if the security level of the subject is not greater than the security level of the object, only a read operation is performed on the subject.

[0051] In other words, if the security level of an object is lower than that of the subject, the subject can only perform "write" operations. This is to prevent unauthorized users from creating or modifying information on objects with higher security levels and to prohibit any similar unauthorized activities. This means that data with a high integrity level can only be modified by subjects with the same or higher security level, thus protecting data integrity. Conversely, if the object's security level is higher than that of the subject, the subject can perform "read" operations on the object, which helps prevent unauthorized modification of the data.

[0052] S250 sets permissions for the subject when performing read and write operations on the subject.

[0053] In an embodiment of the present invention, when a read / write operation is performed on a subject, the access policy set by the data owner based on the data tag is obtained, and the permission settings of the subject are determined based on the access policy.

[0054] The access policy defines which subjects can access the data and how they can access it; that is, the permission settings for subjects.

[0055] In one specific embodiment of the present invention, the Decentralized Information Flow Control (DIFC) method enables data owners to set data access policies based on data tags. The core idea of ​​the DIFC method is to grant data owners complete control over their data, meaning they have the right to determine data access policies and usage methods. This control method breaks through the limitations of traditional centralized information flow control, making information flow more flexible and secure.

[0056] One key aspect is the data owner's autonomy: In DIFC, data owners have complete control over their data. They have the right to decide who can access their data and how the data can be accessed. This autonomy is achieved by data owners setting tags for their data. Tags are identifiers of the data's "security level" or "access policy," determining which entities (such as users, processes, or systems) can read, write, or perform operations related to that data.

[0057] Tags are central to the access policy: Tags are a core concept in DIFC (Data Access Control Framework), used to represent access permissions and restrictions on data. Data owners specify which subjects can access the data by assigning specific tags. These tags may contain information about the resource, such as the set of readers, the owner, etc., thereby ensuring that the data access policy is accurately enforced.

[0058] Specifically, data owners label the security level of their data using tags. These tags may contain information about their resources, therefore, the tags must reflect the policy for each resource. For example, if two integers are multiplied, the operation's tag must reflect information about both operands. If a resource set contains two values ​​labeled L1 and L2 respectively, the result should have a minimum constraint tag, forming a corresponding tag set (e.g., ...). Figure 3 As shown), to preserve all information constraints of L1 and L2. The tags are constructed as L1∪L2, the tag set L1∪L2 is the union of L1 and L2, and the reader set of each resource in L1 and L2 is the intersection of its reader sets. According to the above definition, this rule can be written as readers(L,W), where S, which is not in the data owner set, is defined as the subject set. Since W does not specify any restrictions on information transmission, the tag L1∪L2 union rule can be expressed as follows: that is, owners(L1∪L2)=owners(L1)∪owners(L2), readers(L1∪L2,W)=readers(L1,W)∩readers(L2,W), where, This applies to all labels L1 and L2, and the union is limited in its use, therefore it does not reveal information.

[0059] Label-based access control: In the DIFC model, data access control is based on labels. A subject can only access data if its label meets the data access policy. This label-based access control mechanism ensures data confidentiality and integrity because only authorized subjects can access sensitive data, while unauthorized subjects cannot.

[0060] Relabeling is a key concept in the DIFC model. It refers to the replacement or updating of data labels during data propagation or processing, based on certain rules and conditions. Relabeling is safe in the following four situations: 1. Reduction or deletion of data readers: The fewer readers accessing the system data, the more secure the data; 2. Addition of data readers: The added reader represents a reader from the original policy; 3. Addition of data policies: The more access control policies for the system data, the more secure the data; 4. Replacement of data owners: The replacement owner represents a shareholder from the original policy.

[0061] Among them, the tag reset rules: In order to protect data security, DIC defines a set of tag reset rules to ensure the legality of tag reset, including restriction rules and decryption rules, to allow owners to modify their information flow policies.

[0062] Specifically, for labels L1 and L2, if Right now or Therefore, the L1 to L2 tag reset is effective. Simply put, it removes the reader, adds the owner, or both.

[0063] Tagging is reset only when a process represents owner W. Decryption involves adding readers to some Ws or removing some Ws, and there is a transitive relationship between actions. For example, if a process can represent subject P, then it can also represent all subjects Q that subject P can represent and can decrypt the data owned by Q. DIFC provides better security for applications and processes by using effective fine-grained information flow control. The model provides each user with the ability to define information flow policies at the level of individual data items. Each user has the ability to decrypt their own data without revealing the data of other users.

[0064] S260, adjusts the security level of the object based on abnormal alarm information.

[0065] In embodiments of the present invention, it is determined whether an abnormal diagnosis is made based on abnormal alarm information; if an abnormal diagnosis is determined, the security level of the object is reduced.

[0066] In an embodiment of the present invention, if it is determined that the object has not been downgraded within a preset time, the security level of the object is upgraded.

[0067] In an embodiment of the present invention, it is determined whether there is an abnormal fluctuation based on the abnormal alarm information; if it is determined to be an abnormal fluctuation, the object is added to the downgraded observation list.

[0068] Anomaly diagnosis involves identifying individual values ​​in the data that differ from the majority. As the definition of anomaly suggests, the number of anomalies is always very small compared to the normal number, and these anomalies are often discontinuous over time. For example, before time T, the data distribution generally fluctuates stably between 0 and 1; after time T, it suddenly increases to fluctuate between 5 and 6. This increase at time T, which persists for a considerable period, constitutes anomaly fluctuation. The magnitude of the numerical change in anomaly fluctuation is not absolutely related to the difference between the anomaly identified by anomaly diagnosis and the normal value. One cannot determine whether it is anomaly fluctuation or an anomaly based on the magnitude of a single value, but rather by observing the magnitudes of multiple consecutive values.

[0069] Anomaly fluctuation detection is commonly used to fix bugs in early software or equipment, improve performance, or address increased demand. After software or equipment updates and deployments, service performance may fluctuate. Existing anomaly diagnosis algorithms are based on historical data distributions; when anomalies occur, such as a significant increase or decrease in data, these algorithms may generate false positives. For example, in anomaly diagnosis methods based on expert rules, the original thresholds will certainly not be applicable to values ​​after drastic fluctuations. Other algorithms based on statistics and machine learning will also be affected and require corresponding parameter modifications.

[0070] The method for controlling multi-level security classification of cloud users according to embodiments of the present invention, through the combined use of the BLP model and the Biba model, protects both data confidentiality (BLP model) and ensures data integrity (Biba model). This dual protection mechanism significantly enhances system security; the Distributed Information Flow Control (DIFC) method allows data owners to have complete control over their data, thereby further reducing unauthorized access and modification and improving the overall security of the system; through data tag-based access policy settings, data owners can flexibly define which subjects can access their data and how they can access it, which increases the flexibility and granularity of data access control; tag resetting rules allow data tags to be replaced or updated according to rules and conditions during data propagation or processing, which further improves the flexibility and adaptability of data access control; performing status checks on the scanning server at the beginning of the system ensures that the server is operating normally before proceeding with subsequent operations, which helps to avoid system crashes or data loss due to server failures; By dynamically adjusting the security levels of subjects and objects, the system can respond to security threats promptly based on actual conditions, improving system response speed and stability. Performing read / write operations on subjects based on their security levels helps prevent unauthorized access and modification of high-security-level data by subjects with lower security levels, thereby optimizing resource allocation and management. Adding objects with abnormal fluctuations to a degrade watchlist allows for continuous monitoring and analysis, enabling timely problem detection and appropriate measures to avoid resource waste and potential security risks. Automated and intelligent security level adjustment and permission setting processes reduce the need for manual intervention, lowering the complexity and workload of security management and operations. Providing clear anomaly alarm information and security level adjustment records helps operations personnel quickly locate and resolve security issues, improving operational efficiency and quality.

[0071] Through the above description of the embodiments, those skilled in the art can clearly understand that the methods according to the above embodiments can be implemented by means of software plus necessary general-purpose hardware platforms. Of course, they can also be implemented by hardware, but in many cases the former is a better implementation method. Based on this understanding, the technical solution of this application, in essence, or the part that contributes to the prior art, can be embodied in the form of a software product. This computer software product is stored in a storage medium (such as ROM / RAM, magnetic disk, optical disk) and includes several instructions to cause a terminal device (which may be a mobile phone, computer, server, or network device, etc.) to execute the methods of the various embodiments of this application.

[0072] According to one aspect of the present invention, a system for controlling multi-level security classification of cloud users is also proposed. Figure 4 This is a schematic diagram of a system for controlling multi-level security classification of cloud users according to an embodiment of the present invention; as shown. Figure 4 As shown, it includes:

[0073] Module 410 is used to determine whether the scanning server is operating normally;

[0074] The determination module 420 is used to determine the security level of the subject and the object based on the BLP model and the Biba model when the scanning server is running normally. The subject refers to the user or process that issues the request to access the resource, and the object refers to the data or resource that is accessed.

[0075] The execution module 430 is used to perform read and write operations on the subject according to the security levels of the subject and the object;

[0076] The adjustment module 440 is used to set permissions for the subject when reading and writing operations are performed on the subject, and to adjust the security level of the object based on abnormal alarm information.

[0077] According to embodiments of the present invention, a system for controlling multi-level security classification of cloud users determines whether a scanning server is operating normally. If the scanning server is operating normally, it determines the security levels of the subject and object based on the BLP and Biba models. The subject refers to the user or process that issues the resource access request, and the object refers to the data or resource being accessed. Based on the security levels of the subject and object, read and write operations are performed on the subject. When read and write operations are performed on the subject, permissions are set for the subject, and the security level of the object is adjusted based on abnormal alarm information. This significantly improves the security of the cloud environment, enhances access control precision, optimizes cloud environment management, and promotes compliance. Together, these features provide cloud users with a more secure, reliable, and efficient cloud service environment.

[0078] Optionally, the determining module 420 is specifically used to determine whether the server has a security deployment when scanning the server; if it is determined that a security deployment exists, the address of the server is added to the whitelist.

[0079] Optionally, the execution module 430 is specifically configured to perform only a write operation on the subject when the security level of the subject is greater than the security level of the object; and to perform only a read operation on the subject when the security level of the subject is not greater than the security level of the object.

[0080] Optionally, the adjustment module 440 is specifically used to obtain the access policy set by the data owner based on the data tag; and to determine the permission settings of the subject based on the access policy.

[0081] Optionally, the adjustment module 440 is specifically used to determine whether an abnormal diagnosis is made based on the abnormal alarm information; if the abnormal diagnosis is determined, the security level of the object is reduced.

[0082] Optionally, the adjustment module 440 is specifically used to upgrade the security level of the object if it is determined that the object has not been downgraded within a preset time.

[0083] Optionally, the system further includes an add-to-list module, specifically used to determine whether the abnormal alarm information is an abnormal fluctuation; if it is determined to be an abnormal fluctuation, the object is added to the downgraded observation list.

[0084] According to one aspect of the present invention, an electronic device is provided.

[0085] Figure 5 This is a schematic diagram of the structure of an electronic device according to an embodiment of the present invention. Figure 5 As shown, an electronic device may include one or more ( Figure 5 Only one is shown in the image. A processor 102 (which may include, but is not limited to, a microprocessor unit (MPU) or a programmable logic device (PLD)) and a memory 104 for storing data are also shown. In one exemplary embodiment, the electronic device may further include a transmission device 106 for communication functions and an input / output device 108. Those skilled in the art will understand that... Figure 5 The structure shown is for illustrative purposes only and does not limit the structure of the terminal device described above. For example, the terminal device may also include components that are more... Figure 5 The more or fewer components shown, or having the same Figure 5 Equivalent functions or ratios shown Figure 5 The functions shown have more different configurations.

[0086] The memory 104 can be used to store computer programs, such as application software programs and modules, like the computer program corresponding to the method for controlling multi-level security classification of cloud users in this embodiment of the invention. The processor 102 executes various functional applications and data processing by running the computer program stored in the memory 104, thereby implementing the above-described method. The memory 104 may include high-speed random access memory, and may also include non-volatile memory, such as one or more magnetic storage devices, flash memory, or other non-volatile solid-state memory. In some instances, the memory 104 may further include memory remotely located relative to the processor 102, and these remote memories can be connected to terminal devices via a network. Examples of such networks include, but are not limited to, the Internet, corporate intranets, local area networks, mobile communication networks, and combinations thereof.

[0087] The transmission device 106 is used to receive or send data via a network. Specific examples of the network described above may include a wireless network provided by the communication provider of the switching device. In one example, the transmission device 106 includes a Network Interface Controller (NIC), which can connect to other network devices via a base station to communicate with the Internet. In another example, the transmission device 106 may be a Radio Frequency (RF) module used for wireless communication with the Internet.

[0088] This invention proposes a non-transitory computer-readable storage medium storing computer instructions for causing the computer to execute a method for controlling multi-level security classification of cloud users.

[0089] The applicant of this invention has provided a detailed description of the embodiments of the invention in conjunction with the accompanying drawings. However, those skilled in the art should understand that the above embodiments are merely preferred embodiments of the invention. The detailed description is only intended to help readers better understand the spirit of the invention and is not intended to limit the scope of protection of the invention. On the contrary, any improvements or modifications made based on the inventive spirit of the invention should fall within the scope of protection of the invention.

[0090] Furthermore, the functional units in the various embodiments of the present invention can be integrated into a processing module, or each unit can exist physically separately, or two or more units can be integrated into a module. The integrated module can be implemented in hardware or as a software functional module. If the integrated module is implemented as a software functional module and sold or used as an independent product, it can also be stored in a computer-readable storage medium.

[0091] The storage medium mentioned above can be a read-only memory, a disk, or an optical disk, etc. Although embodiments of the present invention have been shown and described above, it is to be understood that the above embodiments are exemplary and should not be construed as limiting the present invention. Those skilled in the art can make changes, modifications, substitutions, and variations to the above embodiments within the scope of the present invention.

[0092] Finally, it should be noted that the above embodiments are only used to illustrate the technical solutions of the embodiments of the present invention, and are not intended to limit them. Although the present invention has been described in detail with reference to the foregoing embodiments, those skilled in the art should understand that modifications can still be made to the technical solutions described in the foregoing embodiments, or equivalent substitutions can be made to some of the technical features; and these modifications or substitutions do not cause the essence of the corresponding technical solutions to deviate from the spirit and scope of the technical solutions of the embodiments of the present invention. Any changes or substitutions that can be easily conceived by those skilled in the art within the scope of the technology disclosed in the present invention should be included within the protection scope of the present invention.

Claims

1. A method for controlling multi-level security classification of cloud users, characterized in that, include: S1, determine if the scanning server is running normally; S2, under normal operation of the scanning server, the security levels of the subject and object are determined based on the BLP model and the Biba model. The subject refers to the user or process that issues the request to access the resource, and the object refers to the data or resource that is accessed. S3, perform read / write operations on the subject according to the security levels of the subject and the object; S4, when performing read / write operations on the subject, set permissions for the subject and adjust the security level of the object based on abnormal alarm information; Determining that the scanning server is operating normally includes: In the case of scanning the server, determine whether the server has any security deployments; If a secure deployment is confirmed, add the address of the server to the whitelist; This includes, but is not limited to, checking whether the server's security patches, firewall settings, intrusion detection system, and intrusion prevention system are enabled and configured correctly. Specifically, based on the security levels of the subject and the object, read and write operations are performed on the subject, including: If the security level of the subject is greater than the security level of the object, only write operations are performed on the subject; If the security level of the subject is not greater than the security level of the object, only a read operation is performed on the subject; Adjusting the security level of the object based on abnormal alarm information includes: Based on the abnormal alarm information, determine whether it is an abnormal diagnosis; If the abnormal diagnosis is confirmed, the security level of the object is reduced.

2. The method for controlling multi-level security classification of cloud users according to claim 1, characterized in that, Setting permissions for the subject includes: Obtain the data owner's access policy settings based on data tags; The access policy determines the permission settings for the subject.

3. The method for controlling multi-level security classification of cloud users according to claim 1, characterized in that, Also includes: If it is determined that the object has not been downgraded within a preset time, the security level of the object is upgraded.

4. The method for controlling multi-level security classification of cloud users according to claim 1, characterized in that, Also includes: Based on the aforementioned abnormal alarm information, determine whether it is an abnormal fluctuation; If the abnormal fluctuation is identified, the object will be added to the downgraded watchlist.

5. A system for controlling multi-level security classification of cloud users, characterized in that, include: The judgment module is used to determine whether the scanning server is running normally. The determination module is used to determine the security level of the subject and the object based on the BLP model and the Biba model when the scanning server is running normally. The subject refers to the user or process that issues the request to access the resource, and the object refers to the data or resource that is accessed. An execution module is used to perform read and write operations on the subject based on the security levels of the subject and the object; The adjustment module is used to set permissions for the subject when read and write operations are performed on the subject, and to adjust the security level of the object based on abnormal alarm information; Specifically, the determining module is used to determine whether the server has a security deployment when the server is scanned; If a secure deployment is confirmed, add the address of the server to the whitelist; This includes, but is not limited to, checking whether the server's security patches, firewall settings, intrusion detection system, and intrusion prevention system are enabled and configured correctly. Specifically, the execution module is used to perform only write operations on the subject when the security level of the subject is greater than the security level of the object. If the security level of the subject is not greater than the security level of the object, only a read operation is performed on the subject; Specifically, the adjustment module is used to determine whether an abnormal diagnosis is made based on the abnormal alarm information. If the abnormal diagnosis is confirmed, the security level of the object is reduced.

6. An electronic device, characterized in that, include: At least one processor; as well as A memory communicatively connected to the at least one processor; wherein, The memory stores instructions that can be executed by the at least one processor to enable the at least one processor to perform the method of any one of claims 1 to 4.

7. A non-transitory computer-readable storage medium storing computer instructions, characterized in that, The computer instructions are used to cause the computer to perform the method according to any one of claims 1 to 4.