Zero trust security access control system and method
By deploying zero-trust clients on user devices and cloud desktop virtual machines respectively, and using zero-trust admission gateways and access control gateways for step-by-step verification, the problem of frequent verification caused by zero-trust access control in cloud desktop scenarios is solved, realizing dynamic and granular access control, and improving user experience and security.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Patents(China)
- Current Assignee / Owner
- AGRICULTURAL BANK OF CHINA
- Filing Date
- 2024-11-18
- Publication Date
- 2026-06-23
AI Technical Summary
In cloud desktop scenarios, zero-trust access control leads to frequent authentication, which affects user experience and makes it impossible to dynamically adjust access permissions based on user identity and security attributes.
By deploying zero-trust clients on user devices and cloud desktop virtual machines respectively, and using zero-trust admission gateways and access control gateways for step-by-step verification, frequent verification is reduced, enabling dynamic and granular access control.
It improves user experience, reduces cloud desktop resource consumption, ensures that only users and devices that have undergone multi-level authentication can access specific resources, and adapts to the ever-changing security environment.
Smart Images

Figure CN119520093B_ABST
Abstract
Description
Technical Field
[0001] This application relates to the field of cloud service technology, and in particular to a zero-trust secure access control system and method. Background Technology
[0002] With the development of online and mobile business operations and the emergence of remote work, enterprise network security boundaries are constantly expanding and becoming increasingly blurred, leading to numerous external risks and threats. Traditional network security protection frameworks struggle to cope with threats from both internal and external environments characterized by blurred network boundaries, complex network structures, and diverse access patterns. Therefore, effectively addressing the increasing network security risks, reducing enterprise network exposure, and ensuring secure network access have become urgent issues to be resolved.
[0003] Currently, based on the zero-trust concept, network location no longer determines access permissions. Before access is permitted, all access subjects need to undergo identity authentication and authorization. Identity authentication is no longer limited to users, but will also identify and authenticate multiple identities such as terminal devices and access applications, and identity authentication will be initiated multiple times during the access process.
[0004] However, in cloud desktop scenarios, zero trust requires ensuring that all users and devices undergo strict authentication and authorization when accessing cloud desktop resources, which leads to frequent authentication and affects user experience. Summary of the Invention
[0005] This application provides a zero-trust secure access control system and method to achieve full visibility of user behavior and network activity in cloud desktop scenarios, thereby improving user experience.
[0006] In a first aspect, embodiments of this application provide a zero-trust secure access control system, comprising: a zero-trust client, a zero-trust admission gateway, a zero-trust control center, and a zero-trust access control gateway, wherein:
[0007] The zero-trust client includes a first zero-trust client and a second zero-trust client. The first zero-trust client is deployed in the user device and is used to collect user terminal information, user behavior information, environmental information, and transmit the collected information to the zero-trust control center. The second zero-trust client is deployed in the cloud desktop virtual machine and is used to connect to the zero-trust access control gateway.
[0008] The Zero Trust Control Center is used to receive information sent by Zero Trust clients and determine whether the user is in a secure state according to the preset security access policy, so as to issue an access permission command to the Zero Trust Access Gateway; and to receive access control sent by Zero Trust clients and determine whether to allow the user to access the target application according to the preset access control permissions, so as to issue an access permission command to the Zero Trust Access Control Gateway.
[0009] The Zero Trust Access Gateway is used to receive access permission commands from the Zero Trust Control Center and allow Zero Trust clients to connect based on the access commands.
[0010] The Zero Trust Access Control Gateway is used to receive access permission commands issued by the Zero Trust Control Center and to allow Zero Trust clients to access target applications based on the access commands.
[0011] Secondly, embodiments of this application provide a zero-trust secure access control method, applied to a zero-trust client of a zero-trust secure access control system. The zero-trust secure access control system further includes a zero-trust admission gateway, a zero-trust control center, and a zero-trust access control gateway. The zero-trust secure access control method includes:
[0012] When a user accesses a target application, user terminal information, user behavior information, and environmental information are collected, and the collected information is transmitted to the Zero Trust Control Center.
[0013] If the user terminal information, user behavior information, and environmental information verify the user's security status through the Zero Trust Control Center, then the user can access the cloud desktop virtual machine corresponding to the target application through the Zero Trust Access Gateway.
[0014] If the user's access rights to the target application are verified through the Zero Trust Control Center, then the target application is accessed through the Zero Trust Access Control Gateway.
[0015] Thirdly, embodiments of this application provide an electronic device, including: a processor, and a memory communicatively connected to the processor;
[0016] The memory stores instructions that the computer executes;
[0017] The processor executes computer-executable instructions stored in memory to implement a zero-trust security access control method as described in the second aspect.
[0018] Fourthly, embodiments of this application provide a computer-readable storage medium storing computer-executable instructions, which, when executed by a processor, are used to implement the zero-trust secure access control method as described in the second aspect.
[0019] Fifthly, embodiments of this application provide a computer program product, including a computer program that, when executed by a processor, implements the zero-trust secure access control method as described in the second aspect. Attached Figure Description
[0020] The accompanying drawings, which are incorporated in and form part of this specification, illustrate embodiments consistent with this application and, together with the description, serve to explain the principles of this application.
[0021] Figure 1 A schematic diagram illustrating the application scenarios provided in this application;
[0022] Figure 2 A schematic diagram of the zero-trust secure access control system provided in this application;
[0023] Figure 3 Flowchart of the zero-trust secure access control method provided in this application Figure 1 ;
[0024] Figure 4 Flowchart of the zero-trust secure access control method provided in this application Figure 2 ;
[0025] Figure 5 Flowchart of the zero-trust secure access control method provided in this application Figure 3 ;
[0026] Figure 6 Flowchart of the zero-trust secure access control method provided in this application Figure 4 ;
[0027] Figure 7 A schematic diagram of the structure of the electronic device provided in this application.
[0028] The accompanying drawings illustrate specific embodiments of this application, which will be described in more detail below. These drawings and descriptions are not intended to limit the scope of the concept in any way, but rather to illustrate the concept of this application to those skilled in the art through reference to particular embodiments. Detailed Implementation
[0029] Exemplary embodiments will now be described in detail, examples of which are illustrated in the accompanying drawings. When the following description relates to the drawings, unless otherwise indicated, the same numbers in different drawings denote the same or similar elements. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with this application. Rather, they are merely examples of apparatuses and methods consistent with some aspects of this application as detailed in the appended claims.
[0030] First, let me explain the terms used in this application:
[0031] Zero Trust is a network security protection concept that breaks the default "trust" and adopts "continuous verification, never trust". This means that by default, no user, device, or system inside or outside the enterprise network is trusted. Instead, the trust foundation of access control is rebuilt based on identity authentication and authorization, thereby ensuring that identities, devices, applications, and links are trustworthy.
[0032] Cloud desktop, also known as "desktop virtualization" or "cloud PC," is a new alternative to traditional computers. It refers to a user installing a client application and accessing a virtual host on a backend server via a unique communication protocol to achieve interactive operation, resulting in a user experience consistent with that of a traditional computer. Because the client only accesses videos or images, it ensures strict data preservation.
[0033] Figure 1 A schematic diagram illustrating the application scenarios provided in this application, such as... Figure 1 As shown, the specific application scenario of this application includes a cloud desktop virtual machine 101 and a target application 102. Users can install a client on the cloud desktop virtual machine 101 and then need to authenticate through an authentication system. This authentication system may include multi-factor authentication (MFA), such as password, SMS verification code, biometrics, etc., to ensure the authenticity of the user's identity. Once authentication is successful, the user needs additional network configuration, such as a Virtual Private Network (VPN) or a dedicated network tunnel, to ensure a secure connection to the cloud desktop virtual machine 101. In the cloud desktop environment, users can access internal network resources, including the target application 102, through internal network access control lists (ACLs) or firewall rules.
[0034] Based on the above scenarios, it's clear that in existing technologies, for some enterprises with strict security requirements, cloud desktops are used as a front-end for remote access to meet the requirement of data non-localization. This means that after logging into a Zero Trust Software Defined Perimeter (SDP), users cannot directly access internal enterprise applications; they must log into the cloud desktop again to access intranet applications. However, since Zero Trust SDP is only installed on the user's internet-connected computer, and the actual application access is initiated by the cloud desktop, the access policies for applications within Zero Trust SDP cannot function effectively, failing to dynamically adjust user access permissions based on user identity and security attributes. If Zero Trust SDP is then installed within the cloud desktop and multi-factor authentication is implemented, high latency may occur, consuming cloud desktop resources and leading to poor user experience with multiple logins and overlapping policy judgments.
[0035] The zero-trust secure access control system provided in this application, through feature simplification, deploys zero-trust client instances on both user devices and cloud desktop virtual machines. A first zero-trust client is used on the user device to collect security information. The zero-trust access control gateway connected to this client verifies the security access policy. If the conditions are met, the user is considered secure and can then log in to the cloud desktop. A lightweight second zero-trust client is installed on the cloud desktop. This client reduces the number of login attempts by passing user credentials and only performs access control permission verification, thus achieving multi-policy discrimination in both zero-trust and cloud desktop scenarios for remote access. Specifically, verification is performed step-by-step through the zero-trust access control gateway and the zero-trust access control gateway. The zero-trust access control gateway verifies the user's security status, and then the zero-trust access control gateway verifies the user's access control based on that status. This allows for partial authentication and authorization in different environments, avoiding frequent verification in the cloud scenario, while ensuring that only users and devices that have undergone multi-layered verification can see and access specific resources. These gateways act as dynamic boundaries, effectively ensuring that remote access data does not persist to the ground. They can fully leverage the multi-policy verification of zero-trust admission control and access control to achieve dynamic and granular access control. Meanwhile, the zero-trust clients within the cloud desktop virtual machine are lightweight and do not collect security information. The zero-trust access control gateway does not perform real-time security admission verification, thus minimizing the consumption of cloud desktop resources. Furthermore, the zero-trust clients within the cloud desktop virtual machine do not need to undergo multiple authentications, thereby improving the user experience.
[0036] The technical solution of this application and how the technical solution of this application solves the above-mentioned technical problems are described in detail below with specific embodiments. These specific embodiments can be combined with each other, and the same or similar concepts or processes may not be described again in some embodiments. The embodiments of this application will now be described with reference to the accompanying drawings.
[0037] Figure 2 This is a schematic diagram of the zero-trust secure access control system provided in this application. Figure 2 As shown, the zero-trust security access control system includes: a zero-trust client, a zero-trust admission gateway, a zero-trust control center, and a zero-trust access control gateway, wherein:
[0038] The zero-trust client includes a first zero-trust client and a second zero-trust client. The first zero-trust client is deployed in the user device and is used to collect user terminal information, user behavior information, environmental information, and transmit the collected information to the zero-trust control center. The second zero-trust client is deployed in the cloud desktop virtual machine and is used to connect to the zero-trust access control gateway.
[0039] In this embodiment, the first zero-trust client is deployed on the user's device and is responsible for collecting user terminal information, such as device type and operating system version; user behavior information, such as login time and access frequency; and environmental information, such as network location and IP address. This information is transmitted to the zero-trust control center for assessing the user's security status.
[0040] The second zero-trust client is deployed in a cloud desktop virtual machine and is responsible for connecting to the zero-trust access control gateway. It can also obtain the identity credentials transmitted by the first zero-trust client through the cloud desktop. The second zero-trust client does not collect security information, but verifies access control permissions through the zero-trust access control gateway it is connected to, ensuring that the user's operations in the cloud desktop environment comply with the preset security policy, thereby allowing further access to the target application.
[0041] Understandably, by trimming the features of the zero-trust client, the second client in the cloud desktop virtual machine does not need to undergo multi-level verification. Instead, it adopts a lightweight deployment, reducing the impact on device performance, effectively reducing system load, and improving overall operating efficiency.
[0042] The Zero Trust Control Center is used to receive information sent by Zero Trust clients and determine whether the user is in a secure state according to the preset security access policy, and issue an access permission command to the Zero Trust Access Gateway; and to receive access control sent by Zero Trust clients and determine whether the user is allowed to access the target application according to the preset access control permissions, and issue an access permission command to the Zero Trust Access Control Gateway.
[0043] In this embodiment, the Zero Trust Control Center, as the core decision-making component of the system, receives information from the first Zero Trust client and, based on a preset security access policy, uses this information to assess the user's security status, determine whether the user is in a secure state, and then issues a command to the Zero Trust Access Gateway to determine whether access is permitted. On the other hand, it manages access control permissions, determines whether the user has permission to access a specific target application, and then issues a command to the Zero Trust Access Control Gateway to determine whether access is permitted. In other words, it dynamically adjusts access permissions based on factors such as user identity, role, behavior, and environment.
[0044] Among them, the preset security access policy can refer to the compliance check of the device, such as the operating system version and patch status, user behavior patterns, such as abnormal login attempts, and network environment, such as IP address and geographical location.
[0045] Furthermore, the Zero Trust Control Center can achieve fine-grained access control management for target applications based on preset access control models such as Role-Based Access Control (RBAC) and permissions, as well as the user's security status. Then, a three-way relationship model is established based on the user, security status, and target application, enabling fine-grained access control to a specific application or a specific Uniform Resource Locator (URL) within a specific application, allowing only specified users with specified security statuses to access it. Therefore, when a user's security status becomes abnormal, the Zero Trust Control Center can promptly adjust user permissions, achieving dynamic authorization and preventing the user from being authenticated through the Zero Trust Access Control Gateway.
[0046] Understandably, through centralized policy management and real-time analysis, the Zero Trust Control Center can respond quickly to security threats, ensure that only users and devices that meet security standards can access the system, and dynamically adjust access permissions based on real-time information to achieve granular access control and adapt to the ever-changing security environment. Furthermore, through automated decision-making processes and policy management, it reduces manual intervention and improves the system's response speed and efficiency.
[0047] The Zero Trust Access Gateway is used to receive access permission commands from the Zero Trust Control Center and allow Zero Trust clients to connect based on the access commands.
[0048] In this embodiment, the zero-trust access gateway receives commands from the zero-trust control center to determine whether to allow a user device to connect to the system. It is the first line of defense for users entering the system, ensuring that only authenticated users can access the network. Specifically, the zero-trust access gateway will only allow a zero-trust client (the first zero-trust client on the user device) to establish a connection with the system after the zero-trust control center confirms that the user and device comply with the security access policy.
[0049] Understandably, by strictly controlling initial connection requests, the zero-trust access gateway can effectively prevent unauthorized devices and users from entering the network, reducing security risks. At the same time, the zero-trust access gateway can dynamically respond to commands from the zero-trust control center and quickly adjust the connection status to cope with potential security threats or policy changes. In addition, by restricting the devices and users connecting to the network, the zero-trust access gateway effectively reduces the system's attack surface and improves overall security.
[0050] The Zero Trust Access Control Gateway is used to receive access permission commands issued by the Zero Trust Control Center and to allow Zero Trust clients to access target applications based on the access commands.
[0051] In this embodiment, the Zero Trust Access Control Gateway is responsible for receiving access commands from the Zero Trust Control Center and determining whether to allow a user to access a specific target application. It ensures that users comply with all security policies and permission requirements when accessing resources; that is, the Zero Trust Access Control Gateway will only allow a Zero Trust client (a second Zero Trust client deployed on a cloud desktop virtual machine) to access a specific application or resource after the Zero Trust Control Center confirms that the user complies with the access control policy.
[0052] Understandably, by strictly controlling user access to applications and resources, a zero-trust access control gateway can effectively prevent unauthorized access, protect sensitive data and applications, and meet complex business needs through fine-grained permission control, ensuring that users can only access the resources they are authorized to access. Similar to a zero-trust admission gateway, a zero-trust access control gateway can quickly receive access permission commands from the zero-trust control center, enabling it to dynamically adjust access permissions based on real-time information and policy changes, ensuring the system can quickly respond to security threats and business needs.
[0053] As an example, in large enterprises such as banks, employees need remote access to internal applications and data. By deploying a first zero-trust client on employee computers, the enterprise can collect device and behavioral information to ensure that only devices meeting security standards can connect to the company network. A second zero-trust client deployed on a cloud desktop virtual machine ensures that employees can only access applications they are authorized to use. A zero-trust control center can be used to manage employee network access permissions. By analyzing employee device and behavioral information in real time, it can quickly identify potential security threats and adjust access permissions to prevent data breaches. A zero-trust admission gateway ensures that only verified employee devices can connect to the company network, and a zero-trust access control gateway manages employee access permissions to internal applications, thereby enabling employees to remotely access internal company applications and data.
[0054] The zero-trust secure access control system provided in this application ensures that only users and devices that have undergone multi-level authentication can access resources through a multi-layered verification mechanism, thereby reducing security risks. At the same time, the zero-trust control center can dynamically adjust security policies based on real-time information, achieving fine-grained access control. Furthermore, the lightweight design of the second zero-trust client reduces the multiple authentication steps required in cloud desktop virtual machines, improves the user experience, and reduces the consumption of cloud desktop and network resources.
[0055] Based on the above embodiments, Figure 3 Flowchart of the zero-trust secure access control method provided in this application Figure 1 .like Figure 3 As shown, in this embodiment... Figures 1 to 2Based on the implementation examples, and applied to a first zero-trust client, the method specifically includes the following steps:
[0056] S301. Obtain user terminal information, user behavior information, and environmental information to establish a risk profile of the user.
[0057] User terminal information can refer to device-related information, such as device type, operating system version, patch status, and device security settings (such as firewall status and antivirus software status). This information helps to assess the security and compliance of the device.
[0058] User behavior information can refer to a user's behavioral patterns, including login time, access frequency, accessed applications and data, and abnormal behavior (such as multiple failed login attempts). This behavioral information helps identify potential security threats and abnormal activities.
[0059] Environmental information can refer to the network environment information in which a user is located, such as IP address, geographical location, network type (such as public wireless network, corporate network), network security (such as encryption status), etc. This information helps to determine the security of the user's current environment.
[0060] Risk profiling refers to a multi-dimensional assessment of a user's security status based on the above information. This helps the system identify potential security threats and provides a basis for subsequent access control decisions.
[0061] Understandably, by comprehensively collecting and analyzing user information, the system can more accurately identify security threats and abnormal behaviors, thereby improving overall security. Based on risk profiles, the system can develop personalized security strategies for different users, ensuring that user experience is optimized while meeting security needs.
[0062] S302. Based on the user's risk profile, receive the permission command transmitted by the zero-trust access gateway. If the user is in a secure state, then access the internal network.
[0063] The zero-trust access gateway, based on instructions from the zero-trust control center, transmits a command to the first zero-trust client, indicating whether access is permitted. This command is generated based on the user's risk profile and preset security access policies. Since the risk profile provides a comprehensive view of the user's current security status, if the user is assessed as being in a secure state (i.e., the risk profile does not show any anomalies or potential threats), the access command allows the user to access the internal network, enabling them to access company resources, applications, and data.
[0064] Understandably, through strict access control, the system ensures that only verified and secure users can access the internal network, preventing unauthorized access. For users assessed as secure, the system can quickly approve access requests, reducing unnecessary delays and interference.
[0065] Optionally, the second zero-trust client communicates with the first zero-trust client via a cloud desktop to obtain the user identity credentials of the first zero-trust client.
[0066] User identity credentials may include information such as username, password, two-factor authentication token, and digital certificate.
[0067] In this embodiment, the second zero-trust client is deployed in a cloud desktop virtual machine, while the first zero-trust client is deployed on the user's device. A secure communication channel is established between the two to exchange necessary authentication information. After obtaining the user's identity credentials, the second zero-trust client can perform authentication in the cloud desktop environment to ensure that the user's identity has been verified and complies with the access policy. This communication and step-by-step authentication mechanism ensures that operations in the cloud desktop are consistent with the identity status on the user's device.
[0068] The zero-trust security access control method provided in this application performs initial risk verification on the first zero-trust client on the user's device and conducts real-time assessment of the user's security status based on the user's multi-dimensional information, enabling the zero-trust security access control system to more accurately identify abnormal behavior and respond quickly to potential security threats.
[0069] Based on the above embodiments, Figure 4 Flowchart of the zero-trust secure access control method provided in this application Figure 2 .like Figure 4 As shown, in this embodiment... Figures 1 to 3 Based on the implementation examples, and applied to a zero-trust control center, the method specifically includes the following steps:
[0070] S401. When receiving access control data sent by a zero-trust client, perform access control on the target application based on the access control model, the user's access control permissions, and the user security status data returned by the first zero-trust client.
[0071] The access control model defines the access permissions of users under different conditions. In this embodiment, the access control model can refer to role-based access control (RBAC) or attribute-based access control (ABAC), etc.
[0072] User access control permissions are predefined based on the user's role, responsibilities, historical behavior, and other relevant factors. Access control permissions determine which resources a user can access and which operations they can perform.
[0073] User security status data includes user terminal information, behavioral information, and environmental information, reflecting the user's current security status.
[0074] The access control sent by the zero-trust client is initiated by a second zero-trust client deployed in a cloud desktop virtual machine, aiming to access a specific target application. After receiving the above access control, the zero-trust control center evaluates the user's access request by combining the access control model, user permissions, and security status data. If all conditions meet the security and policy requirements, the zero-trust control center will allow the user to access the target application; otherwise, access will be denied.
[0075] Understandably, by integrating multiple factors for access control, the system can more accurately identify and block potential security threats, ensuring that only verified users can access sensitive resources. At the same time, the combination of access control models and user permissions enables the system to achieve granular permission management, thereby meeting complex business needs.
[0076] S402. Based on the user's security status and target application, authorize and control the user's access to resources in real time.
[0077] It's important to note that the Zero Trust control center analyzes the security requirements and access policies of the target application specified in the access request. Different applications may have different security levels and access control requirements. Based on the user's security status and the target application's security requirements, the control center makes real-time authorization decisions, including allowing, restricting, or denying the user's access to specific resources. The Zero Trust control center's real-time authorization of user access to resources means that the system can dynamically adjust user access permissions based on the latest security status and policy changes.
[0078] In this embodiment, both the first zero-trust client and the second zero-trust client are connected to the zero-trust control center. The zero-trust control center is specifically used to: uniformly manage and coordinate data from the first zero-trust client and the second zero-trust client, and dynamically adjust permissions and access policies according to the user's security status, user role, and target application.
[0079] Security status includes device security, user behavior patterns, and environmental security. User roles define a user's responsibilities and permissions within the organization. The security requirements of the target application determine the stringency of access control.
[0080] It should be noted that the first zero-trust client provides user terminal information, behavioral information, and environmental information, while the second zero-trust client provides access requests and status information related to the cloud desktop. The zero-trust control center is responsible for receiving and managing data from both the first and second zero-trust clients, and can integrate and analyze the data from the two clients to form a complete view of the user's security status, thereby enabling a more accurate assessment of the user's security risks and access needs.
[0081] Understandably, a zero-trust control center can enforce access policies in real time, adjusting user access permissions based on the latest security status and business needs to ensure the system is always secure.
[0082] The zero-trust secure access control method provided in this application, through a zero-trust control center, performs real-time authorization and control of user access to resources based on the user's security status and target application. This ensures the system can respond quickly to security threats, prevent unauthorized access and potential data leaks, and dynamically adjust access permissions based on real-time information to adapt to constantly changing security environments and business needs. Furthermore, through real-time authorization, the system can reduce unnecessary access latency and improve user experience while ensuring security.
[0083] Based on the above embodiments, Figure 5 Flowchart of the zero-trust secure access control method provided in this application Figure 3 .like Figure 5 As shown, in this embodiment... Figures 1 to 4 Based on the implementation examples, and applied to a zero-trust admission gateway, the method specifically includes the following steps:
[0084] S501. When a user logs in, two-factor authentication is performed. Two-factor authentication includes user authentication and security status authentication.
[0085] Two-Factor Authentication (2FA) is a security process that requires users to provide two different types of authentication information when accessing applications or systems. By adding an extra layer of security, it ensures the authenticity of the user's identity. Even if one authentication factor is compromised, attackers still cannot access the user's account. Authentication information includes knowledge factors (something you know) and ownership factors (something you have). In this embodiment, user authentication is the first step of 2FA, typically involving entering a username and password, which is the knowledge factor, used for initial verification of the user's identity. Security status authentication is the second step of 2FA, involving verifying the security status of the user's device, including checking the device's operating system version, patch status, security software status, network environment, etc., which is the ownership factor. This ensures that the user's device complies with the organization's security standards and prevents insecure devices from accessing the network.
[0086] In some embodiments, user authentication may also include biometric information, such as fingerprints or facial recognition, to enhance security.
[0087] It should be noted that when a user attempts to log in, the zero-trust access gateway first requires the user to perform user authentication. After successful authentication, security status authentication is performed. Only when both authentications are successful is the user allowed to access the cloud desktop virtual device.
[0088] Understandably, two-factor authentication significantly improves system security, prevents unauthorized access, and even if an attacker obtains a user's password, they cannot pass the security status authentication. By verifying the dual identity of the user and the device, the system can more accurately assess and trust the user's access requests, reducing network risks.
[0089] S502. After the Zero Trust Control Center issues an access permission command, it decides whether to allow the user to access the system.
[0090] The admission command typically contains detailed admission conditions and policies, and the gateway makes the final access decision based on these conditions.
[0091] In this embodiment, if the access command allows access, the zero-trust access gateway will execute the corresponding network configuration and policies, allowing the user device to connect to the internal network. Conversely, if the command denies access, the zero-trust access gateway will block the user device's connection request and may trigger a security alert or notify the user to take further security measures. Regardless of whether the access request is allowed or denied, the zero-trust access gateway will report the result to the zero-trust control center and record relevant logs for auditing and analysis.
[0092] Understandably, by strictly enforcing the access control commands issued by the control center, the zero-trust access gateway can effectively prevent unauthorized devices and users from entering the network and reduce security risks. Furthermore, through centralized management and enforcement of access control policies, the system can ensure that all access requests comply with preset security standards and compliance requirements.
[0093] In this embodiment, the zero-trust admission gateway and the first zero-trust client, and the zero-trust access control gateway and the second zero-trust client are all connected via an encrypted communication protocol.
[0094] Encrypted communication protocols are protocols used to protect the security and privacy of data during transmission over a network, ensuring that data is not tampered with during transmission through encryption technology. In this embodiment, transmission or communication can be performed using communication protocols such as Transport Layer Security (TLS) or Internet Protocol Security (IPsec).
[0095] Understandably, the first zero-trust client connects to the zero-trust access gateway through an encrypted communication protocol to ensure that sensitive information such as user identity information and device status remains confidential and intact during transmission. The second zero-trust client connects to the zero-trust access control gateway through an encrypted communication protocol to ensure that policy and permission information transmitted between the two is not intercepted or tampered with.
[0096] In some embodiments, encrypted communication protocols typically include authentication mechanisms to ensure the authenticity and trustworthiness of the identities of the communicating parties. Furthermore, the protocol may also involve key management to securely generate, distribute, and update encryption keys.
[0097] The zero-trust secure access control method provided in this application performs two-factor authentication on users when they log in through a zero-trust access gateway, and decides whether to allow users to access the system based on the access command issued by the zero-trust control center. This enhances the security of the zero-trust secure access control system, prevents device risks, and improves the system's trust level.
[0098] Based on the above embodiments, Figure 6 Flowchart of the zero-trust secure access control method provided in this application Figure 4 .like Figure 6 As shown, this method is applied to the zero-trust client of a zero-trust secure access control system. The zero-trust secure access control system also includes a zero-trust admission gateway, a zero-trust control center, and a zero-trust access control gateway. Specifically, it includes the following steps:
[0099] S601. When a user accesses a target application, collect user terminal information, user behavior information, and environmental information, and transmit the collected information to the Zero Trust Control Center.
[0100] In this embodiment, when the Zero Trust client transmits the collected information to the Zero Trust control center, it also uses an encrypted communication protocol to ensure the confidentiality and integrity of the data during transmission.
[0101] S602. If the user terminal information, user behavior information, and environment information are verified by the Zero Trust Control Center to verify the user's security status, then the target application's corresponding cloud desktop virtual machine is accessed through the Zero Trust Access Gateway.
[0102] In this embodiment, the cloud desktop virtual machine provides an isolated and secure environment in which users can access the target applications and data they need without directly accessing the underlying physical resources.
[0103] It should be noted that after a user connects to the cloud desktop, the Zero Trust Security Access Control System will continue to monitor the user's behavior and environmental changes to ensure continued compliance with security policies. If an anomaly is detected, the system can take immediate action, such as restricting access or disconnecting the user.
[0104] S603. If the user's access rights to the target application are verified through the Zero Trust Control Center, then the target application is accessed through the Zero Trust Access Control Gateway.
[0105] In this embodiment, if the user's access permission verification is successful, it means that the user is authorized to access the target application, indicating that the user not only meets the security status requirements, but also has the legal permission to access the application.
[0106] Correspondingly, during the user's access to the target application, the system also continuously monitors the user's behavior and environmental changes. If permission abuse or abnormal behavior is detected, the system can dynamically adjust permissions or terminate access.
[0107] In this embodiment, the zero-trust control center dynamically adjusts the user's access to resources based on the user's security status and role permissions.
[0108] As an example, the assessment of security status and role permissions is dynamic, reflecting a user's current security risks in real time and thus dynamically adjusting the resources the user accesses. For instance, when a user's security status changes, switching from a secure network to an insecure network, the system can temporarily restrict their access permissions until the security status is restored.
[0109] In this embodiment, the zero-trust client performs security checks within the cloud desktop virtual machine and uploads the security status information to the zero-trust control center, enabling the zero-trust control center to adjust access control permissions based on the security status information.
[0110] It should be noted that the Zero Trust client runs within a cloud desktop virtual machine and is responsible for performing a series of security checks, which may include: Operating system and software updates: confirming that the operating system and critical applications have been updated with the latest security patches; Security software status: checking that firewalls, antivirus software, and other security tools are functioning correctly; Configuration compliance: verifying that the system configuration complies with the organization's security policies and standards; Behavioral monitoring: monitoring user activity on the cloud desktop and identifying abnormal behavior or potential threats.
[0111] Furthermore, after the check is completed, the Zero Trust client uploads security status information to the Zero Trust Control Center via an encrypted communication protocol. The Zero Trust Control Center receives and analyzes the security status information to assess the security risks of the cloud desktop virtual machine. Based on the analysis results, the Zero Trust Control Center can dynamically adjust user access permissions. For example, if an increased security risk is detected, the system may restrict user access to certain sensitive resources or require additional authentication.
[0112] The zero-trust secure access control method provided in this application verifies the process of a user accessing a target application step by step through a zero-trust admission gateway and a zero-trust access control gateway. It can achieve dynamic and granular access control while ensuring that cloud desktop virtual machines support remote work and bring-your-own-device policies, thereby improving system flexibility and security, reducing system response latency, and enhancing user experience.
[0113] Figure 7 A schematic diagram of the structure of the electronic device provided in this application. Figure 7 As shown, the electronic device 70 provided in this embodiment includes at least one processor 701 and a memory 702. Optionally, the electronic device 70 further includes a communication component 703. The processor 701, memory 702, and communication component 703 are connected via a bus 704.
[0114] In a specific implementation, at least one processor 701 executes computer execution instructions stored in memory 702, causing at least one processor 701 to perform the above-described method.
[0115] The specific implementation process of processor 701 can be found in the above method embodiments, and its implementation principle and technical effect are similar. It will not be repeated here.
[0116] In the above embodiments, it should be understood that the processor can be a Central Processing Unit (CPU), or other general-purpose processors, digital signal processors (DSPs), application-specific integrated circuits (ASICs), etc. The general-purpose processor can be a microprocessor or any conventional processor. The steps of the method disclosed in this invention can be directly implemented by a hardware processor, or implemented by a combination of hardware and software modules within the processor.
[0117] The memory may include random access memory (RAM) and may also include non-volatile memory (NVM), such as at least one disk storage device.
[0118] The bus can be an Industry Standard Architecture (ISA) bus, a Peripheral Component Interconnect (PCI) bus, or an Extended Industry Standard Architecture (EISA) bus, etc. Buses can be categorized as address buses, data buses, control buses, etc. For ease of illustration, the buses shown in the accompanying drawings are not limited to a single bus or a single type of bus.
[0119] This application also provides a computer program product, including a computer program that, when executed by a processor, implements the above-described method.
[0120] This application also provides a computer-readable storage medium storing computer-executable instructions, which, when executed by a processor, implement the above-described method.
[0121] The aforementioned readable storage medium can be implemented by any type of volatile or non-volatile storage device or a combination thereof, such as static random access memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic storage, flash memory, magnetic disk, or optical disk. The readable storage medium can be any available medium accessible to a general-purpose or special-purpose computer.
[0122] An exemplary readable storage medium is coupled to a processor, enabling the processor to read information from and write information to the readable storage medium. Of course, the readable storage medium can also be a component of the processor. The processor and the readable storage medium can reside in an Application Specific Integrated Circuit (ASIC). Alternatively, the processor and the readable storage medium can exist as discrete components in the device.
[0123] The division of units is merely a logical functional division; in actual implementation, there may be other division methods. For example, multiple units or components may be combined or integrated into another system, or some features may be ignored or not executed. Furthermore, the coupling or direct coupling or communication connection shown or discussed may be indirect coupling or communication connection through some interfaces, devices, or units, and may be electrical, mechanical, or other forms.
[0124] The units described as separate components may or may not be physically separate. The components shown as units may or may not be physical units; that is, they may be located in one place or distributed across multiple network units. Some or all of the units can be selected to achieve the purpose of this embodiment according to actual needs.
[0125] In addition, the functional units in the various embodiments of the present invention can be integrated into one processing unit, or each unit can exist physically separately, or two or more units can be integrated into one unit.
[0126] If a function is implemented as a software functional unit and sold or used as an independent product, it can be stored in a computer-readable storage medium. Based on this understanding, the technical solution of this invention, or the part that contributes to the prior art, or a part of the technical solution, can be embodied in the form of a software product. This computer software product is stored in a storage medium and includes several instructions to cause a computer device (which may be a personal computer, server, or network device, etc.) to execute all or part of the steps of the methods of the various embodiments of this invention. The aforementioned storage medium includes various media capable of storing program code, such as USB flash drives, portable hard drives, read-only memory (ROM), random access memory (RAM), magnetic disks, or optical disks.
[0127] Those skilled in the art will understand that all or part of the steps of the above-described method embodiments can be implemented by hardware related to program instructions. The aforementioned program can be stored in a computer-readable storage medium. When executed, the program performs the steps of the above-described method embodiments; and the aforementioned storage medium includes various media capable of storing program code, such as ROM, RAM, magnetic disks, or optical disks.
[0128] Finally, it should be noted that other embodiments of the invention will readily occur to those skilled in the art upon consideration of the specification and practice of the invention disclosed herein. This invention is intended to cover any variations, uses, or adaptations of the invention that follow the general principles of the invention and include common knowledge or customary techniques in the art not disclosed herein, and is not limited to the precise structures described above and shown in the accompanying drawings, and various modifications and changes can be made without departing from its scope. The scope of the invention is limited only by the appended claims.
Claims
1. A zero-trust secure access control system, characterized in that, include: Zero Trust Client, Zero Trust Admission Gateway, Zero Trust Control Center, Zero Trust Access Control Gateway, among which: The zero-trust client includes a first zero-trust client and a second zero-trust client. The first zero-trust client is deployed in the user device and is used to collect user terminal information, user behavior information, environmental information, and transmit the collected information to the zero-trust control center. The zero-trust control center is used to receive information sent by the zero-trust client and determine whether the user is in a safe state according to the preset security access policy, so as to issue an access permission command to the zero-trust access gateway. The zero-trust access gateway is used to receive an access permission command issued by the zero-trust control center and allow the zero-trust client to connect according to the access command. The second zero-trust client is deployed in a cloud desktop virtual machine and connected to the zero-trust access control gateway. It is not used to collect security information, but to obtain the identity credentials transmitted by the first zero-trust client through the cloud desktop, initiate access control, and provide the zero-trust control center with access control and security status information related to the cloud desktop. The zero-trust control center is also used to receive access control sent by the second zero-trust client, and determine whether to allow the user to access the target application according to the preset access control permissions, so as to issue an access permission command to the zero-trust access control gateway. The access control permissions can define the resources that the user is authorized to access and the operations that the user is authorized to perform; and adjust the access control permissions according to the security status information. The zero-trust access control gateway is used to receive an access permission command issued by the zero-trust control center, and to allow the zero-trust client to access the target application according to the access command.
2. The zero-trust secure access control system according to claim 1, characterized in that, The first zero-trust client is specifically used for: The user terminal information, user behavior information, and environmental information are obtained to establish a risk profile of the user. Based on the user's risk profile, the system receives an access permission command from the zero-trust access gateway. If the user is in a secure state, the system accesses the internal network.
3. The zero-trust secure access control system according to claim 2, characterized in that, The second zero-trust client communicates with the first zero-trust client via a cloud desktop.
4. The zero-trust secure access control system according to any one of claims 1 to 3, characterized in that, Both the first zero-trust client and the second zero-trust client are connected to the zero-trust control center, which is specifically used for: The system uniformly manages and coordinates data from the first zero-trust client and the second zero-trust client, and dynamically adjusts permissions and access policies based on the user's security status, user role, and target application.
5. The zero-trust secure access control system according to claim 4, characterized in that, When the zero-trust control center receives access control requests from the zero-trust client, it is specifically used for: Access control is performed on the target application based on the access control model, the user's access control permissions, and the user security status data returned by the first zero-trust client. Based on the user's security status and the target application, the user's access to resources is authorized and controlled in real time.
6. The zero-trust secure access control system according to any one of claims 1 to 3, characterized in that, The zero-trust access gateway is specifically used for: When a user logs in, two-factor authentication is performed, which includes user authentication and security status authentication. After the zero-trust control center issues an access permission command, it decides whether to allow the user to access the system.
7. The zero-trust secure access control system according to claim 6, characterized in that, The zero-trust access gateway and the first zero-trust client, and the zero-trust access control gateway and the second zero-trust client are all connected via an encrypted communication protocol.
8. A zero-trust secure access control method, characterized in that, A zero-trust client is applied to a zero-trust secure access control system. The zero-trust client includes a first zero-trust client and a second zero-trust client. The first zero-trust client is deployed on a user device, and the second zero-trust client is deployed on a cloud desktop virtual machine. The zero-trust secure access control system also includes a zero-trust admission gateway, a zero-trust control center, and a zero-trust access control gateway. The zero-trust secure access control method includes: When a user accesses a target application, the first zero-trust client collects user terminal information, user behavior information, and environmental information, and transmits the collected information to the zero-trust control center; so that the zero-trust control center receives the information sent by the zero-trust client, and determines whether the user is in a safe state according to a preset security access policy, and issues an access permission command to the zero-trust access gateway. If the user terminal information, the user behavior information, and the environment information are verified by the zero-trust control center to verify the user's security status, then the user can access the cloud desktop virtual machine corresponding to the target application through the zero-trust access gateway. The second zero-trust client connects to the zero-trust access control gateway, obtains the identity credentials transmitted by the first zero-trust client through the cloud desktop, and initiates access control to provide the zero-trust control center with access control and security status information related to the cloud desktop; so that the zero-trust control center can determine whether to allow the user to access the target application according to the preset access control permissions, issue an access permission command to the zero-trust access control gateway, and adjust the access control permissions according to the security status information. The access control permissions can define the resources that the user is authorized to access and the operations that can be performed. If the user's access rights to the target application are verified through the Zero Trust Control Center, then the target application is accessed through the Zero Trust Access Control Gateway. The zero-trust client performs a security check within the cloud desktop virtual machine and uploads the security status information to the zero-trust control center, enabling the zero-trust control center to adjust access control permissions based on the security status information.
9. The zero-trust secure access control method according to claim 8, characterized in that, The zero-trust control center dynamically adjusts the user's access to resources based on the user's security status and role permissions.