CN108710528B - Desktop cloud virtual machine access and control method, device, equipment and storage medium - Google Patents
Desktop cloud virtual machine access and control method, device, equipment and storage medium Download PDFInfo
- Publication number
- CN108710528B CN108710528B CN201810435119.XA CN201810435119A CN108710528B CN 108710528 B CN108710528 B CN 108710528B CN 201810435119 A CN201810435119 A CN 201810435119A CN 108710528 B CN108710528 B CN 108710528B
- Authority
- CN
- China
- Prior art keywords
- access
- user account
- desktop cloud
- virtual machine
- request
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/08—Protocols specially adapted for terminal emulation, e.g. Telnet
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
- G06F2009/45595—Network integration; Enabling network access in virtual machine instances
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
- Information Transfer Between Computers (AREA)
Abstract
According to the access and control method, device, equipment and storage medium of the desktop cloud virtual machine, the desktop cloud service system receives a first access request sent by an access terminal; acquiring authority configuration information corresponding to a user account according to user account information carried by the first access request and pre-stored authority configuration information corresponding to the user account; judging whether to allow access according to the authority configuration information; and if the judgment result is that the access is allowed, responding to the first access request based on the target virtual machine specified by the user account. The method can create the control account and at least one user account associated with the control account in the desktop cloud service system, can also be connected with the control account, receives the authority configuration information defined by the control account for the user account associated with the control account, controls the access authority of the user account to the target virtual machine according to the authority configuration information defined by the control account, and controls the use authority of the user account to use the desktop cloud.
Description
Technical Field
The present invention relates to the field of electronic technologies, and in particular, to an access method for a desktop cloud virtual machine, a control method for a desktop cloud virtual machine, an access device for a desktop cloud virtual machine, a control device for a desktop cloud virtual machine, an electronic device, and a computer-readable storage medium.
Background
The desktop cloud can access cross-platform application programs and the whole client desktop through a thin client or any other electronic equipment connected with a network. The desktop environment of the user is usually deployed in a centralized data center of an enterprise, and the local terminal is usually an integrated circuit body with a relatively low configuration, has a common interface for connecting display and input devices, has weak processing capability, and mainly depends on connecting to a remote server to share virtual machine resources in a virtualized processor resource pool. The hosting desktop provided by the desktop cloud supports access of various terminal devices, the desktop cloud provides a very flexible work processing mode for enterprise users, and as long as a place with a network exists, employees can enter the office environment of the enterprise through the network to process work matters. In short, resources such as computation, storage and the like are deployed in a data center in a centralized manner, physical resources are converted into virtual resources through a virtualization technology, and virtual desktop services are provided for users.
In the existing desktop cloud architecture, the management of the desktop cloud used by the user is realized by the desktop management software of the system, and the functions of starting and shutting down can only be realized. However, in some scenarios, the user needs additional control means, such as: when a child learns or plays games by using a desktop cloud, parents expect that the child can only use the desktop cloud for 1 hour or can only use the desktop cloud within a specified time period, and the parents need to control the desktop cloud.
Disclosure of Invention
The invention provides an access and control method, device, equipment and storage medium of a desktop cloud virtual machine, and mainly solves the problem of access control of the desktop cloud virtual machine.
The access method of the desktop cloud virtual machine provided by the invention comprises the following steps:
receiving a first access request sent by an access terminal;
acquiring authority configuration information corresponding to a user account represented by the user account information according to the user account information carried by the first access request and prestored authority configuration information corresponding to the user account, wherein the prestored authority configuration information corresponding to the user account is provided by a control account associated with the user account through an external control terminal;
judging whether to allow access according to the authority configuration information;
and if the judgment result is that the access is allowed, responding to the first access request based on the target virtual machine specified by the user account.
The control method of the desktop cloud virtual machine provided by the invention comprises the following steps:
logging in a control account under the triggering of a user;
receiving first input information of a user;
generating configuration information according to the first input information, wherein the configuration information comprises authority configuration information and corresponding user account information, and the authority configuration information comprises at least one of the following: allowing access time periods, allowing access to applications, allowing access to websites;
and sending the configuration information to a desktop cloud service system, wherein the authority configuration information is used for the desktop cloud service system to control the access authority of the user account to the target virtual machine.
The invention provides an access device of a desktop cloud virtual machine, which comprises:
the first receiving module is used for receiving a first access request sent by an access terminal;
the acquisition module is used for acquiring authority configuration information corresponding to a user account represented by the user account information according to the user account information carried by the first access request and prestored authority configuration information corresponding to the user account, wherein the prestored authority configuration information corresponding to the user account is provided by a control account associated with the user account through an external control terminal;
the judging module is used for judging whether to allow access according to the authority configuration information;
and the response module is used for responding to the first access request based on the target virtual machine specified by the user account when the judgment result of the judgment module is that the access is allowed.
The invention provides a control device of a desktop cloud virtual machine, which comprises:
the login module is used for logging in the control account under the trigger of the user;
the second receiving module is used for receiving first input information of a user;
a generating module, configured to generate configuration information according to the first input information, where the configuration information includes authority configuration information and corresponding user account information, and the authority configuration information includes at least one of the following: allowing access time period, allowing access to applications, allowing access to websites;
and the sending module is used for sending the configuration information to a desktop cloud service system, and the authority configuration information is used for the desktop cloud service system to control the access authority of the user account to the target virtual machine.
The invention provides electronic equipment, which comprises a processor, a memory and a communication bus;
the communication bus is used for realizing connection communication between the processor and the memory;
the processor is configured to execute one or more programs stored in the memory to implement the steps of the method for accessing the desktop cloud virtual machine according to any one of the above items, or to implement the steps of the method for controlling the desktop cloud virtual machine according to any one of the above items.
The present invention provides a computer readable storage medium storing one or more programs, which are executable by one or more processors to implement the steps of the method for accessing a desktop cloud virtual machine according to any one of the above items or the steps of the method for controlling a desktop cloud virtual machine according to any one of the above items.
The invention provides an access and control method, device, equipment and storage medium of a desktop cloud virtual machine, which improve the existing desktop cloud management scheme, a control account and at least one user account associated with the control account can be created in a desktop cloud service system, after the control account is successfully logged in, the access authority of the user account to an appointed virtual machine is configured in the desktop cloud service system through a control terminal, and when the user account initiates a first access request to the desktop cloud service system, the desktop cloud service system controls the access authority of the user account according to authority configuration information configured by the control account, and controls whether a target virtual machine appointed by the user account responds to the first access request. According to the method, the parent can control the time period when the child uses the desktop cloud, the application and the website accessed by using the desktop cloud and the like.
Drawings
Fig. 1 is a flowchart of an access method for a desktop cloud virtual machine according to a first embodiment of the present invention;
fig. 2 is a flowchart of a control method for a desktop cloud virtual machine according to a second embodiment of the present invention;
fig. 3 is a schematic diagram of a desktop cloud virtual machine application system according to a third embodiment of the present invention;
fig. 4 is a schematic diagram of an access device of a desktop cloud virtual machine according to a fourth embodiment of the present invention;
fig. 5 is a schematic diagram of a control apparatus of a desktop cloud virtual machine according to a fifth embodiment of the present invention.
Detailed Description
The desktop cloud service system can be deployed in a data center of an enterprise, can call virtual machine resources and provide desktop cloud services for users, and the virtual machine resources can be deployed in the local desktop cloud service system or in other places as long as the desktop cloud service system can call the virtual machine resources. The control account can be configured and managed in the desktop cloud service system, and at least one user account can be further configured and managed through the control account, so that the desktop cloud service system can assign a target virtual machine in the virtual machine resources for each user account. In the present invention, for convenience of understanding, a terminal that logs in and uses a control account is referred to as a control terminal, a terminal that logs in and uses a user account is referred to as an access terminal, and the control terminal and the access terminal may be mobile terminals such as a mobile phone, a PAD, and a wearable device, or may be fixed terminals such as a PC. The control terminal and the access terminal may be shared as the control terminal when logging in and using the control account and as the user terminal when logging in and using the user account. For ease of understanding, a user who logs in and uses a control account on a control terminal is also referred to as a first user, and a user who logs in and uses a user account on an access terminal is also referred to as a second user.
In the present invention, the process of configuring and managing the control account in the desktop cloud service system includes, but is not limited to, the following list:
the first user inputs information (hereinafter referred to as fifth input information) on the control terminal, for example: controlling account names and passwords of accounts, clicking a registration button, receiving fifth input information by the control terminal, generating a control account creation request according to the fifth input information, and sending the generated control account creation request to the desktop cloud service system;
and the desktop cloud service system receives the control account creation request and creates a control account according to the control account creation request.
After the control account is successfully created, the first user may log in the control account on the control terminal, and after the log-in is successful, the user account may be configured and managed in the desktop cloud service system through the control account, which includes but is not limited to the following processes:
a first user inputs an account name and a password of a control account on a control terminal, clicks a login button, generates a second login request after the control terminal receives the login request, and sends the generated second login request to a desktop cloud service system;
the desktop cloud service system receives the second login request sent by the control terminal, the identity of a user is authenticated according to an account name and a password carried by the second login request, if the user name is matched with a pre-stored user name of a certain control account and the password is also matched with the password of the control account, the authentication is passed, the second login request is responded, and the login of the control account in the desktop cloud service system is completed;
after the control account is successfully logged in, the first user inputs information (hereinafter referred to as third input information) on the control terminal, for example: clicking a registration button by the account name and the password of the user account, receiving third input information by the control terminal, generating a user account creation request according to the third input information, and sending the generated user account creation request to the desktop cloud service system;
the desktop cloud service system receives the user account creation request, creates a user account according to the user account creation request, configures a target virtual machine for the user account, establishes and stores a corresponding relationship between the user account and the target virtual machine as well as between the user account and the control account, and completes the configuration of the user account.
In a similar manner, the control account can delete and update the created user account, or add and create the user account, the control terminal correspondingly generates a user account deletion request, a user account update request and a user account addition request under the trigger of the first user, and the desktop cloud service system responds to the requests after receiving the requests.
In a similar manner, one control account may configure and manage multiple user accounts at the desktop cloud service system.
The present invention is further illustrated by the following specific examples, which are intended to be merely illustrative and not limiting.
First embodiment
Referring to fig. 1, fig. 1 is a flowchart of an access method for a desktop cloud virtual machine according to a first embodiment of the present invention, where the method may be applied to a desktop cloud service system, and the method includes:
s101, receiving a first access request sent by an access terminal.
After the second user logs in the user account at the access terminal, a first access request can be generated and sent at the access terminal, the first access request can carry user account information and access object identification information, the access object identification information is used for matching an access object, and the access object of the first access request can be a website, an application and the like.
The process of the second user logging into the user account at the access terminal includes, but is not limited to, the following list:
the second user inputs an account name and a password at the access terminal, the access terminal generates a first login request according to the account name and the password input by the second user, and the first login request is sent to the desktop cloud service system;
the desktop cloud service system receives the first login request sent by the access terminal, the user identity is authenticated according to the account name and the password carried by the first login request, if the user name is matched with the pre-stored user name of a certain user account and the password is also matched with the password of the user account, the authentication is passed, the target virtual machine appointed by the user account responds to the first login request, and the login of the user account in the desktop cloud service system is completed.
S102, according to the user account information carried by the first access request and the pre-stored authority configuration information corresponding to the user account, authority configuration information corresponding to the user account represented by the user account information is obtained.
The desktop cloud service system prestores authority configuration information corresponding to a user account, and in order to realize management and control of the control account on the user account, the authority configuration information of the user account is configured by the control account through an external control terminal, and the specific process can include:
the method comprises the steps that a first user inputs information on a control terminal after the control terminal logs in a control account, the control terminal receives the first input information of the user and generates configuration information according to the first input information, the configuration information comprises authority configuration information and corresponding user account information, and the authority configuration information comprises at least one of the following information: the method comprises the steps that an access time period, an access-allowed application and an access-allowed website are allowed, and a control terminal sends configuration information to a desktop cloud service system;
the desktop cloud service system receives the configuration information sent by the control terminal, stores the authority configuration information therein, and stores a corresponding relationship between the authority configuration information and the user account, and in step S102, the corresponding authority configuration information may be obtained from the configuration information, so as to control the access authority of the user account sending the first access request to the target virtual machine.
The authority configuration information in this embodiment includes at least one of the following: a time period allowed for access, an application allowed for access, a website allowed for access. Wherein the allowed access period is, for example: 9 am to 10 am, 6 pm to 7 pm; the application that is allowed to access may teach the related application; the website that is allowed to be accessed can be a teaching-related website and the like, and the permission configuration information is determined by a control account associated with the user account.
And S103, judging whether to permit access according to the authority configuration information acquired in the step S102.
And judging results are different according to different acquired permission configuration information. In particular, the method comprises the following steps of,
it is assumed that the authority configuration information acquired in step S102 includes:
allowed access period: 9 am to 10 am;
and the applications that are allowed to access: application A;
then the specific determination process includes: obtaining the current time, comparing the current time with the access permission time period, and if the current time falls within the access permission time period; if the access object of the first access request is just the application A, the judgment result is that the access is allowed; and if the current time is not within the access permission time period or the access object of the first access request is not the A application, judging that the access is not permitted.
And S104, if the judgment result is that the access is allowed, responding the first access request based on the target virtual machine specified by the user account. For example, if the access object of the first access request is a certain website, the target virtual machine specified based on the user account accesses the website, and if the access object of the first access request is a certain application, the target virtual machine specified based on the user account accesses the application.
And S105, if the judgment result is that the access is not allowed, feeding back an access refusing notice to the access terminal.
In the step, while feeding back the notification of denying access to the access terminal, a reminding notification can be fed back to the access terminal to remind a second user to initiate a temporary authorization request; of course, it may also be analyzed whether the authority configuration information acquired in step S102 includes: allowing the temporary application access, if the temporary application access is allowed, indicating that the control account is set to allow the temporary application access, feeding back an access refusing notice to the access terminal, and feeding back a reminding notice to the access terminal;
the access terminal can display the notification and the prompt on the interface after receiving the notification and the prompt, a second user can initiate temporary access on the access terminal after seeing the notification and the prompt, and the access terminal generates a second access request and sends the second access request to the desktop cloud service system;
the desktop cloud service system receives the second access request sent by the access terminal and sends a temporary authorization request to the control terminal which is logged in by the control account corresponding to the user account;
after receiving the temporary authorization request, the control terminal generates prompt information and reminds the first user whether to grant the request, if the first user determines to grant the temporary authorization, corresponding authorization information (hereinafter referred to as second input information) is input into the control terminal, the control terminal receives the second input information, generates temporary authorization information according to the second input information, and sends the temporary authorization information to the desktop cloud service system;
if the desktop cloud service system receives the temporary authorization information, whether access is allowed is judged according to the temporary authorization information, if the obtained judgment result is that access is allowed, the target virtual machine specified based on the user account responds to the second access request, the second access request can carry user account information and access object identification information, the access object identification information is used for matching an access object, and the access object of the second access request can be a website, an application and the like. The temporary authorization information may include an instruction for characterizing permission of temporary access and temporary permission information, the temporary permission information may include at least one of a permission period of access, an application permitted to access, and a website permitted to access, and the process of determining whether to permit access according to the temporary authorization information may refer to the process of determining whether to permit access according to the permission configuration information.
In this embodiment, the access object of the first access request and the second access request may be content other than the desktop cloud service system and the target virtual machine, or may be content local to the desktop cloud service system or the target virtual machine. As an embodiment, a content storage unit may be locally provided in the desktop cloud service system or the target virtual machine, the content storage unit stores data, and the user account can only access the data stored in the content storage unit, that is, the target virtual machine specified by the user account can only call the data stored in the content storage unit to respond to the first access request and the second access request, which can further limit the access content of the user account.
The data stored in the content storage unit may be stored in the desktop cloud service system background, or may be opened to a control account, and managed by the control account, for example: after the control account is successfully logged in, the first user inputs information (hereinafter referred to as fourth input information) at the control terminal, the control account generates a data storage request according to the fourth input information, the data storage request is sent to the desktop cloud service system, and after the desktop cloud service system receives the data storage request, the target data is obtained according to the data storage request and is stored in the content storage unit.
In one embodiment, a data storage request carries user account information and data, and after receiving the data storage request, a desktop cloud service system directly stores the data in a content storage unit and establishes a corresponding relationship with a user account; in another embodiment, the data storage request carries user account information and data index information, after receiving the data storage request, the desktop cloud service system acquires corresponding target data from a local or network according to the data index information, and after acquiring the target data, the target data is stored in the content storage unit, and a corresponding relationship with the user account is established.
The access method of the desktop cloud virtual machine provided by the embodiment can be applied to a desktop cloud service system, can create a control account and at least one user account associated with the control account in the desktop cloud service system, can be connected with the control account, receives authority configuration information defined by the control account for the user account associated with the control account, and controls the access authority of the user account for the target virtual machine according to the authority configuration information defined by the control account.
Second embodiment
Referring to fig. 2, fig. 2 is a flowchart of a control method for a desktop cloud virtual machine according to a second embodiment of the present invention, where the method may be applied to a control terminal, and in order to implement management and control of a control account on a user account, authority configuration information may be configured by the control account, and the method includes:
s201, logging in a control account under the trigger of a first user.
The first user can input an account name and a password of a control account on the control terminal, click to log in the control account, and after the control terminal receives the login request, the first user generates a second login request and sends the generated second login request to the desktop cloud service system;
the desktop cloud service system receives the second login request sent by the control terminal, the identity of a user is authenticated according to an account name and a password carried by the second login request, if the user name is matched with a pre-stored user name of a certain control account and the password is also matched with the password of the control account, the authentication is passed, the second login request is responded, the login of the control account in the desktop cloud service system is completed, if the authentication is not passed, a login failure notice can be fed back to the control terminal, and the control terminal prompts the user after receiving the login failure notice.
S202, receiving first input information of a first user.
S203, generating configuration information according to the first input information, wherein the configuration information comprises authority configuration information and corresponding user account information, and the authority configuration information comprises at least one of the following: a time period allowed for access, an application allowed for access, a web site allowed for access.
S204, the configuration information is sent to a desktop cloud service system, and the authority configuration information is used for the desktop cloud service system to control the access authority of the user account to the target virtual machine.
After a first user logs in a control account at a control terminal, inputting information on the control terminal, receiving the first input information by the control terminal, generating configuration information according to the first input information, and sending the configuration information to a desktop cloud service system;
the desktop cloud service system receives the configuration information sent by the control terminal, stores the authority configuration information therein, and stores a corresponding relationship between the authority configuration information and the user account, and may store the authority configuration information in a local storage space.
In some embodiments, the control account may further allow temporary authorization, and then the permission configuration information may further include permission for a temporary application to access, when the user account initiates a second access request to the desktop cloud service system, and after the desktop cloud service system receives the second access request, the desktop cloud service system may send the temporary authorization request to the control terminal, or the desktop cloud service system first analyzes whether the permission configuration information corresponding to the user account includes: allowing the temporary application access, if the temporary application access is allowed, indicating that the control account is set to allow the temporary application access, and then sending a temporary authorization request to the control terminal;
after receiving the temporary authorization request, the control terminal generates prompt information and reminds the first user whether to grant the request, if the first user determines to grant the temporary authorization, information (second input information) is input on the control terminal, the control terminal receives the second input information, generates temporary authorization information according to the second input information, and sends the temporary authorization information to the desktop cloud service system;
if the desktop cloud service system receives the temporary authorization information, whether access is allowed or not is judged according to the temporary authorization information, if the obtained judgment result is that access is allowed, the target virtual machine specified based on the user account responds to the second access request, and the access object of the second access request can be a website, an application and the like. The temporary authorization information may include an instruction for characterizing permission of temporary access and temporary permission information, and the temporary permission information may include at least one of a permission access time period, an application permitted to access, and a website permitted to access.
The access object of the user account can be content outside the desktop cloud service system and the target virtual machine, and can also be content local to the desktop cloud service system or the target virtual machine. As an embodiment, a content storage unit may be locally provided in the desktop cloud service system or the target virtual machine, the content storage unit stores data, and the user account can only access the data stored in the content storage unit, that is, the target virtual machine specified by the user account can only call the data stored in the content storage unit to respond to the first access request and the second access request.
In order to further limit the access to the content of the user account, the data stored in the content storage unit may be determined by the control account, for example: after the control account is successfully logged in, the first user inputs information (fourth input information) at the control terminal, the control account generates a data storage request according to the fourth input information and sends the data storage request to the desktop cloud service system, and after the desktop cloud service system receives the data storage request, the target data are obtained according to the data storage request and stored in the content storage unit.
In one embodiment, the data storage request carries data, and the desktop cloud service system analyzes the data after receiving the data storage request and directly stores the data in the content storage unit; in another embodiment, the data storage request carries data index information, the desktop cloud service system receives the data storage request, analyzes the data index information in the data storage request, acquires corresponding target data from a local or network according to the data index information, and stores the target data in the content storage unit after acquiring the target data.
The control method of the desktop cloud virtual machine provided by the embodiment can be applied to a control terminal, at least one user account can be created and managed in a desktop cloud service system after the control account logs in the control terminal, the control account can also configure authority configuration information for the user account associated with the control account in the desktop cloud service system, and even an access object is stored in the desktop cloud service system.
Third embodiment
Referring to fig. 3, fig. 3 is a schematic diagram of a desktop cloud virtual machine application system according to a third embodiment of the present invention, in this embodiment, a parent is used as a first user, a child is used as a second user, and the parent configures and manages a user account used by the child, so as to implement right control on the child using the desktop cloud. The desktop cloud virtual machine application system provided by the embodiment comprises: the system comprises a pad serving as an access terminal, a mobile phone serving as a control terminal, a desktop cloud service system and virtual machine resources; the desktop cloud service system and the virtual machine resources can be deployed in a data center of an enterprise, and the desktop cloud service system can call the virtual machine resources to provide desktop cloud services for users. In this embodiment, a parent needs to install a control client in a mobile phone serving as a control terminal, and needs to install an access client in a pad serving as an access terminal used by a child, where the control client may be in various modes such as APP, wechat public number, wechat applet, and the access client may also be in various modes such as APP, wechat public number, wechat applet. Of course, in other embodiments, the desktop cloud service system may also be communicated with the desktop cloud service system by using a browser on the control terminal and the access terminal.
The working process of the desktop cloud virtual machine application system provided by the embodiment mainly comprises the following steps:
the process of parent registering for a control account may include: the method comprises the steps that a parent opens a control client on a mobile phone, the control client is connected with a desktop cloud service system through a network mode such as WIFI and the like, options such as a creation control account and a login control account are displayed in the control client, after the parent selects the option of the creation control account, an account name and a password to be registered are input, other necessary registration information is filled, a registration button is clicked, the control client generates a control account creation request according to the registration information input by the parent, the generated control account creation request is sent to the desktop cloud service system, after the verification of the desktop cloud service system is passed, the registration information is stored, registration success information is fed back, and the control client displays the success of registration.
The process of parent logging in to the control account may include: after the control account is successfully registered, a parent can select an option of logging in the control account in a control client, after the parent selects the option, an account name and a password are input, a login button is clicked, the control client generates a second login request according to the information input by the parent, the second login request carries the account name and the password input by the parent, the generated second login request is sent to a desktop cloud service system, after the desktop cloud service system receives the second login request, the identity of the parent is authenticated, the account name and the password in the second login request are analyzed and compared with the stored registration information of the control account, if the user name is matched with the pre-stored user name of one control account and the password is also matched with the password of the control account, the authentication is passed, the login success information is fed back, and the login of the control account in the desktop cloud service system is completed.
After logging in the control account, the control client may further display options such as update of the control account, deletion of the control account, creation of the user account, and a user account list, and the parent may select the option of update of the control account to update the related information of the control account, or may select the option of deletion of the control account to delete the control account.
The process of parent registering user account may include: after a parent logs in a control account, an option of creating a user account is selected in a control client, after the parent selects the option, an account name and a password to be registered are input, other necessary registration information is filled in, a registration button is clicked, the control client generates a user account creation request according to the registration information input by the parent, the generated user account creation request is sent to a desktop cloud service system, after the desktop cloud service system passes the verification, a target virtual machine is configured for the user account, the corresponding relation between the user account and the target virtual machine and between the user account and the control account is established and stored, the configuration of the user account is completed, registration success information is fed back, and the client is controlled to display the successful registration.
In a similar manner, a parent may create multiple user accounts through one control account, and a user account successfully created is automatically added to the user account list. After the parent logs in the control account, an option of a user account list is selected in the control client, each user account is further displayed in the control terminal in a list form, and the parent can select any user account to perform the following operations: delete user accounts, add user accounts, update user accounts, configure usage rights, configure access content, and the like.
The process of configuring the usage right for the user account by the parent may include: in this embodiment, it is assumed that a parent creates a user account C for a child, the parent may select an option of a user account list in the control client, select the user account C in the further displayed user account list, select an option of configuring a usage right, and manually input in the further displayed items: the allowed access time period, the allowed access application, and the allowed access website, assuming that the parent enters in the option of the allowed access time period: 9 am to 10 am; in the option of the application that is allowed to access, the following are entered: application A; in the option of a website that is allowed to be accessed: a school official website B; after the input is finished, clicking a submission button, controlling the client to generate authority configuration information according to the information input by the parents, sending the authority configuration information and the selected user account information to the desktop cloud service system as configuration information, after the desktop cloud service system receives the configuration information, storing the authority configuration information and the corresponding relation between the authority configuration information and the user account, feeding back successful configuration information, and controlling the client to display the successful configuration.
The process for a parent to configure access content for a user account may include: after a parent selects a user account C in a user account list in a control client, the parent can select an option of configuring access content, the access content can be set in a manual input mode, for example, an application name, a website address and the like are input, a submit button is clicked, the control client generates a data storage request according to user input, the data storage request carries user account information and data index information, the data index information includes the application name, the website address and the like manually input by the parent, after the desktop cloud service system receives the data storage request, corresponding target data is obtained from the local or the network according to the data index information in the data storage request, the obtained target data is stored in a local content storage unit, and a corresponding relation between the obtained target data and the user account C is established. In this embodiment, since the configured authority configuration information allows access to the application a and the school official website B, the configured access content should include target data related to the application a and target data related to the school official website B, that is, the complete program of the application a and the school official website B may be pre-stored in the local content storage unit, and may be updated periodically thereafter.
The process of logging a child into a user account may include: the method comprises the steps that a child opens an access client on a pad, the access client is connected with a desktop cloud service system through a network mode such as WIFI and the like, options such as a login user account are displayed in the access client, the child inputs an account name and a password after selecting the option of the login user account, a login button is clicked, the access client generates a first login request according to information input by the child, the first login request carries the account name and the password input by the child, the generated first login request is sent to the desktop cloud service system, the desktop cloud service system authenticates the identity of the child after receiving the first login request, the account name and the password in the first login request are analyzed and compared with stored registration information of the user account, if the user name is matched with a pre-stored user name of one user account and the password of the user account is also matched, the authentication is passed, login success information is fed back, and login success information is completed.
The process of accessing the cloud desktop by the child may include: supposing that in this embodiment, a child successfully logs in a user account C, a desktop system may be further displayed in the access client, an APP icon, a browser icon, and the like may be displayed in the desktop system, the child may select these icons, and trigger the access client to generate and send a first access request, where the first access request may carry user account information and access object identification information, and assuming that in this embodiment, the application a selected by the child and the current time is 9 am, after the desktop cloud service system receives the first access request, according to user account information therein and pre-stored authority configuration information corresponding to the user account, authority configuration information corresponding to the user account represented by the user account information is acquired:
allowed access period: 9 am to 10 am;
applications that are allowed access: application A;
the web site that is allowed to be accessed: a school official website B;
the desktop cloud service system judges whether the access is allowed according to the authority configuration information, specifically, the current time is obtained, the current time is compared with the allowed access time period, the access object identification information carried by the first access request is compared with the application A, and the current time is judged to fall within the allowed access time period; and the access object of the first access request is just application A, the judgment result is that the access is allowed, and the target virtual machine specified by the user account C is controlled to call the data of the application A stored in the local content storage unit to respond to the first access request.
If the judgment result is that the access is not allowed, the child can also initiate temporary authorization.
According to the embodiment, the management and control of the parents on the cloud desktop used by children are realized.
Fourth embodiment
Referring to fig. 4, fig. 4 is a schematic diagram of an access apparatus of a desktop cloud virtual machine according to a fourth embodiment of the present invention, where the apparatus mainly includes:
a first receiving module 401, configured to receive a first access request sent by an access terminal;
an obtaining module 402, configured to obtain, according to user account information carried in the first access request and pre-stored permission configuration information corresponding to a user account, permission configuration information corresponding to the user account represented by the user account information, where the pre-stored permission configuration information corresponding to the user account is provided by a control account associated with the user account through an external control terminal;
a judging module 403, configured to judge whether to allow access according to the permission configuration information;
a response module 404, configured to, when the determination result of the determining module 403 is that access is allowed, respond to the first access request based on the target virtual machine specified by the user account.
The device provided by the embodiment can be applied to a desktop cloud service system, and can realize each function in the first embodiment.
Fifth embodiment
Referring to fig. 5, fig. 5 is a schematic diagram of a control apparatus of a desktop cloud virtual machine according to a fifth embodiment of the present invention, where the apparatus mainly includes:
a login module 501, configured to log in a control account under user trigger;
a second receiving module 502, configured to receive first input information of a user;
a generating module 503, configured to generate configuration information according to the first input information, where the configuration information includes authority configuration information and corresponding user account information, and the authority configuration information includes at least one of the following: allowing access time periods, allowing access to applications, allowing access to websites;
a sending module 504, configured to send the configuration information to a desktop cloud service system, where the permission configuration information is used for the desktop cloud service system to control an access permission of the user account to the target virtual machine.
The apparatus provided in this embodiment may be applied to a control terminal, which may implement the functions in the second embodiment described above.
The invention also provides an electronic device, which comprises a processor, a memory and a communication bus; the communication bus is used for realizing connection communication between the processor and the memory; the processor is configured to execute one or more programs stored in the memory to implement the steps of the method for accessing a desktop cloud virtual machine according to the first embodiment,
the invention also provides another electronic device, which comprises a processor, a memory and a communication bus; the communication bus is used for realizing connection communication between the processor and the memory; the processor is configured to execute one or more programs stored in the memory to implement the steps of the control method of the desktop cloud virtual machine according to the second embodiment.
The present invention also provides a computer readable storage medium storing one or more programs, which are executable by one or more processors to implement the steps of the method for accessing a desktop cloud virtual machine according to the first embodiment.
The present invention also provides another computer readable storage medium, which stores one or more programs, where the one or more programs are executable by one or more processors to implement the steps of the control method of a desktop cloud virtual machine according to the second embodiment.
The above-mentioned serial numbers of the embodiments of the present invention are only for description, and do not represent the advantages and disadvantages of the embodiments. Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner. Based on such understanding, the technical solutions of the present invention may be embodied in the form of a software product, which is stored in a storage medium (such as ROM/RAM, magnetic disk, optical disk) and includes instructions for enabling a terminal device (such as a mobile phone, a computer, a server, an air conditioner, or a network device) to execute the method according to the embodiments of the present invention.
While the present invention has been described with reference to the particular illustrative embodiments, it is to be understood that the invention is not limited to the disclosed embodiments, but is intended to cover various modifications, equivalent arrangements, and equivalents thereof, which may be made by those skilled in the art without departing from the spirit and scope of the invention as defined by the appended claims.
Claims (18)
1. An access method of a desktop cloud virtual machine comprises the following steps:
receiving a first access request sent by an access terminal;
acquiring authority configuration information corresponding to a user account represented by the user account information according to the user account information carried by the first access request and pre-stored authority configuration information corresponding to the user account, wherein the pre-stored authority configuration information corresponding to the user account is provided by a control account associated with the user account through an external control terminal;
judging whether to allow access according to the authority configuration information;
if the judgment result is that the access is allowed, responding to the first access request based on a target virtual machine specified by the user account, wherein an access object of the first access request comprises a desktop cloud service system and contents except the target virtual machine;
before the target virtual machine designated based on the user account responds to the first access request, the method further comprises the following steps:
the desktop cloud service system receives a data storage request sent by a control terminal logged in by a control account corresponding to the user account, wherein the data storage request carries user account information and data index information;
the data are access objects of the first access request and are stored in a desktop cloud service system or a content storage unit locally arranged in a target virtual machine;
the desktop cloud service system acquires target data according to the data storage request, stores the target data in the content storage unit and establishes a corresponding relation with the user account;
and if the judgment result is that the access is not allowed, feeding back an access refusing notice to the access terminal, and feeding back a reminding notice to the access terminal to remind the user account to initiate a temporary authorization request.
2. The method of accessing a desktop cloud virtual machine of claim 1, wherein the permission configuration information comprises at least one of:
a time period allowed for access, an application allowed for access, a website allowed for access.
3. The method for accessing a desktop cloud virtual machine according to claim 1, further comprising:
receiving a second access request sent by the access terminal;
sending a temporary authorization request to a control terminal logged in by a control account corresponding to the user account;
and if the temporary authorization information replied by the control terminal according to the temporary authorization request is received, and the judgment result obtained after judging whether the access is allowed according to the temporary authorization information is the access allowance, responding to the second access request based on the target virtual machine appointed by the user account.
4. The method of claim 2, wherein the permission configuration information further comprises: allowing provisional application access.
5. The method for accessing the desktop cloud virtual machine according to claim 1, wherein before receiving the first access request sent by the access terminal, the method further comprises:
receiving a first login request sent by the access terminal;
authenticating the identity of the user according to the first login request;
and if the authentication is passed, responding to the first login request by the target virtual machine specified by the user account corresponding to the user identity.
6. The method for accessing the desktop cloud virtual machine according to claim 1, wherein before receiving the first access request sent by the access terminal, the method further comprises:
receiving configuration information sent by the control terminal logged in by the control account, wherein the configuration information comprises: permission configuration information and corresponding user account information;
and storing the authority configuration information and the corresponding relation between the authority configuration information and the user account.
7. The method for accessing a desktop cloud virtual machine according to claim 1, further comprising:
receiving a user account creation request sent by the control account;
and creating a user account according to the user account creating request, configuring a target virtual machine for the user account, and establishing and storing a corresponding relation between the user account and the target virtual machine and the control account.
8. The method for accessing a desktop cloud virtual machine according to claim 7, further comprising: receiving at least one of a user account deleting request, a user account adding request and a user account updating request sent by the control account;
and responding to the user account deleting request, the user account adding request and the user account updating request.
9. An access method for a desktop cloud virtual machine according to any one of claims 1 to 8, wherein the responding to the first access request based on the target virtual machine specified by the user account comprises:
and controlling the target virtual machine designated by the user account to call the data stored in the local content storage unit to respond to the first access request.
10. A control method of a desktop cloud virtual machine comprises the following steps:
logging in a control account under the triggering of a user;
receiving first input information of a user;
the control terminal logged in by the control account sends a data storage request, and the data storage request carries user account information and data index information;
the data are access objects of the user account and are stored in a desktop cloud service system or a content storage unit locally arranged in a target virtual machine;
the desktop cloud service system acquires target data according to the data storage request, stores the target data in the content storage unit and establishes a corresponding relation with the user account;
generating configuration information according to the first input information, wherein the configuration information comprises authority configuration information and corresponding user account information, and the authority configuration information comprises at least one of the following: allowing access time period, allowing access to applications, allowing access to websites; sending the configuration information to a desktop cloud service system, wherein the authority configuration information is used for the desktop cloud service system to control the access authority of the user account to a target virtual machine, and an access object of the user account comprises the desktop cloud service system and contents except the target virtual machine;
and if the judgment result is that the access is not allowed, the access of the user account is refused, and the user account is reminded to initiate a temporary authorization request.
11. The method for controlling a desktop cloud virtual machine according to claim 10, further comprising:
receiving second input information of the user;
generating temporary authorization information according to the second input information;
and sending the temporary authorization information to a desktop cloud service system, wherein the temporary authorization information is used for the desktop cloud service system to control the temporary access authority of the user account to the target virtual machine.
12. The method for controlling a desktop cloud virtual machine according to claim 11, wherein before receiving the second input information of the user,
further comprising:
receiving a temporary authorization request sent by the desktop cloud service system;
and generating prompt information according to the temporary authorization request and displaying the prompt information.
13. The method for controlling a desktop cloud virtual machine according to claim 12, wherein the permission configuration information further includes: allowing provisional application access.
14. The method for controlling a desktop cloud virtual machine according to claim 10, further comprising:
receiving third input information of the user;
generating one of a user account creation request, a user account deletion request, a user account addition request and a user account updating request according to the third input information;
and sending the generated user account creating request, user account deleting request, user account adding request and user account updating request to a desktop cloud service system.
15. An access device of a desktop cloud virtual machine, comprising:
the first receiving module is used for receiving a first access request sent by an access terminal and a data storage request sent by a control terminal for logging in a control account, wherein the data storage request carries user account information and data index information; the data are access objects of the first access request and are stored in a content storage unit locally arranged in a desktop cloud service system or a target virtual machine; the desktop cloud service system acquires target data according to the data storage request, stores the target data in the content storage unit and establishes a corresponding relation with the user account;
the acquisition module is used for acquiring authority configuration information corresponding to a user account represented by the user account information according to the user account information carried by the first access request and prestored authority configuration information corresponding to the user account, wherein the prestored authority configuration information corresponding to the user account is provided by a control account associated with the user account through an external control terminal; the judging module is used for judging whether to allow access according to the authority configuration information;
a response module, configured to respond to the first access request based on a target virtual machine specified by the user account when a determination result of the determination module is that access is allowed, where an access object of the first access request includes a desktop cloud service system and content other than the target virtual machine;
and if the judgment result is that the access is not allowed, the access of the user account is refused, and the user account is reminded to initiate a temporary authorization request.
16. A control device of a desktop cloud virtual machine comprises:
the login module is used for logging in the control account under the trigger of the user;
the second receiving module is used for receiving first input information of a user and a data storage request sent by a control terminal for controlling an account to log in, wherein the data storage request carries user account information and data index information; the data are access objects of the user account and are stored in a desktop cloud service system or a content storage unit locally arranged in a target virtual machine; the desktop cloud service system acquires target data according to the data storage request, stores the target data in a content storage unit and establishes a corresponding relation with the user account;
a generating module, configured to generate configuration information according to the first input information, where the configuration information includes permission configuration information and corresponding user account information, and the permission configuration information includes at least one of the following: allowing access time periods, allowing access to applications, allowing access to websites;
the sending module is used for sending the configuration information to a desktop cloud service system, the authority configuration information is used for the desktop cloud service system to control the access authority of the user account to a target virtual machine, and an access object of the user account comprises the desktop cloud service system and contents except the target virtual machine; and if the judgment result is that the access is not allowed, reminding the user account to initiate a temporary authorization request.
17. An electronic device comprising a processor, a memory and a communication bus;
the communication bus is used for realizing connection communication between the processor and the memory;
the processor is configured to execute one or more programs stored in the memory to implement the steps of the method for accessing the desktop cloud virtual machine according to any one of claims 1 to 9 or the steps of the method for controlling the desktop cloud virtual machine according to any one of claims 10 to 14.
18. A computer readable storage medium storing one or more programs, the one or more programs being executable by one or more processors to implement the steps of the method for accessing a desktop cloud virtual machine according to any one of claims 1 to 9 or the method for controlling a desktop cloud virtual machine according to any one of claims 10 to 14.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810435119.XA CN108710528B (en) | 2018-05-09 | 2018-05-09 | Desktop cloud virtual machine access and control method, device, equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810435119.XA CN108710528B (en) | 2018-05-09 | 2018-05-09 | Desktop cloud virtual machine access and control method, device, equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108710528A CN108710528A (en) | 2018-10-26 |
| CN108710528B true CN108710528B (en) | 2023-02-28 |
Family
ID=63868905
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810435119.XA Active CN108710528B (en) | 2018-05-09 | 2018-05-09 | Desktop cloud virtual machine access and control method, device, equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108710528B (en) |
Families Citing this family (18)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110290002B (en) * | 2019-06-27 | 2023-08-01 | 北京百度网讯科技有限公司 | Updating method, terminal and electronic equipment |
| CN111158807A (en) * | 2019-11-29 | 2020-05-15 | 华为技术有限公司 | A data access method and device based on cloud virtual machine |
| US12273400B2 (en) * | 2020-08-28 | 2025-04-08 | Tmrw Foundation Ip S.Àr.L. | Graphical representation-based user authentication system and method |
| CN112347439B (en) * | 2020-11-11 | 2023-04-11 | 西安万像电子科技有限公司 | Method and system for visitor login access |
| CN112764943B (en) * | 2020-12-31 | 2021-09-28 | 橙色云互联网设计有限公司 | Information processing method, system, electronic device, and computer-readable storage medium |
| CN112764909B (en) * | 2021-01-27 | 2022-10-11 | 联思智云(北京)科技有限公司 | Sharing method and system based on cloud architecture workstation |
| CN113254892B (en) * | 2021-06-11 | 2024-06-14 | 西安万像电子科技有限公司 | Access processing method, device, storage medium and electronic equipment |
| CN113656769A (en) * | 2021-08-03 | 2021-11-16 | 西安万像电子科技有限公司 | Control method and device of master-slave unit and master-slave unit system |
| CN113656770A (en) * | 2021-08-05 | 2021-11-16 | 西安万像电子科技有限公司 | Authorization processing method and device, electronic equipment and computer readable storage medium |
| CN114237556A (en) * | 2021-08-30 | 2022-03-25 | 湖南快乐阳光互动娱乐传媒有限公司 | Method, device and equipment for rapidly developing business application system |
| CN114327220B (en) * | 2021-12-24 | 2023-10-17 | 软通动力信息技术(集团)股份有限公司 | Virtual display system and method |
| CN114915463A (en) * | 2022-04-29 | 2022-08-16 | 杭州赛赋科技有限公司 | Computer system account management device and method based on cloud computing |
| CN114861147A (en) * | 2022-05-18 | 2022-08-05 | 广州超云科技有限公司 | User management method, management device, electronic equipment and storage medium |
| CN115562775A (en) * | 2022-08-29 | 2023-01-03 | 曙光信息产业(北京)有限公司 | Desktop management method, device, platform, computer equipment and storage medium |
| CN115840937B (en) * | 2023-02-21 | 2023-05-23 | 中科方德软件有限公司 | Control method and device and electronic equipment |
| CN116049860B (en) * | 2023-03-06 | 2023-06-02 | 深圳前海环融联易信息科技服务有限公司 | Access control method, device, computer equipment and storage medium |
| CN116483505B (en) * | 2023-05-08 | 2024-03-19 | 江苏云之遥信息科技有限公司 | Intelligent multifunctional cloud desktop system |
| CN116795817A (en) * | 2023-06-02 | 2023-09-22 | 杭州大江东城市设施管养有限公司 | A financial data management method, system and storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102577315A (en) * | 2011-12-21 | 2012-07-11 | 华为技术有限公司 | Method, device and system for setting user access to virtual machine |
| CN103118030A (en) * | 2013-02-22 | 2013-05-22 | 浪潮电子信息产业股份有限公司 | Desktop cloud based identity authentication method |
| CN105187362A (en) * | 2014-06-23 | 2015-12-23 | 中兴通讯股份有限公司 | Method and device for connection authentication between desktop cloud client and server-side |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8607054B2 (en) * | 2010-10-15 | 2013-12-10 | Microsoft Corporation | Remote access to hosted virtual machines by enterprise users |
| US8782768B2 (en) * | 2012-06-15 | 2014-07-15 | Vmware, Inc. | Systems and methods for accessing a virtual desktop |
| CN103686387A (en) * | 2013-12-27 | 2014-03-26 | 乐视致新电子科技(天津)有限公司 | Multi-account management control method and system in smart TV system |
| CN106503997A (en) * | 2016-09-30 | 2017-03-15 | 维沃移动通信有限公司 | A kind of method of payment authorization and mobile terminal |
-
2018
- 2018-05-09 CN CN201810435119.XA patent/CN108710528B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102577315A (en) * | 2011-12-21 | 2012-07-11 | 华为技术有限公司 | Method, device and system for setting user access to virtual machine |
| CN103118030A (en) * | 2013-02-22 | 2013-05-22 | 浪潮电子信息产业股份有限公司 | Desktop cloud based identity authentication method |
| CN105187362A (en) * | 2014-06-23 | 2015-12-23 | 中兴通讯股份有限公司 | Method and device for connection authentication between desktop cloud client and server-side |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108710528A (en) | 2018-10-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108710528B (en) | Desktop cloud virtual machine access and control method, device, equipment and storage medium | |
| US11489671B2 (en) | Serverless connected app design | |
| US10693865B2 (en) | Web-based interface integration for single sign-on | |
| US11374934B2 (en) | Systems and methods for accessing cloud resources from a local development environment | |
| US10666643B2 (en) | End user initiated access server authenticity check | |
| US10157275B1 (en) | Techniques for access management based on multi-factor authentication including knowledge-based authentication | |
| EP3365824B1 (en) | Password-less authentication for access management | |
| US11477641B2 (en) | System and method for authentication session transfer using application download links | |
| US9213806B2 (en) | Managing and providing access to applications in an application-store module | |
| CN107257337B (en) | Multi-terminal sharing authority control method and system | |
| CN114266021A (en) | User authority management method, device, equipment and medium | |
| US20240146737A1 (en) | Authentication service for automated distribution and revocation of shared credentials | |
| US12147489B2 (en) | Dynamically determining a server for enrollment with management system | |
| JP5486701B1 (en) | program | |
| CN119576445A (en) | Method and device for providing a working platform |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |