CN103944882A - Cloud desktop authorization management method under cloud computing environment - Google Patents
Cloud desktop authorization management method under cloud computing environment Download PDFInfo
- Publication number
- CN103944882A CN103944882A CN201410100958.8A CN201410100958A CN103944882A CN 103944882 A CN103944882 A CN 103944882A CN 201410100958 A CN201410100958 A CN 201410100958A CN 103944882 A CN103944882 A CN 103944882A
- Authority
- CN
- China
- Prior art keywords
- cloud
- authorization
- identification information
- unique identification
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000013475 authorization Methods 0.000 title claims abstract description 41
- 238000007726 management method Methods 0.000 title claims abstract description 23
- 238000000034 method Methods 0.000 claims description 6
- 230000008878 coupling Effects 0.000 claims description 4
- 238000010168 coupling process Methods 0.000 claims description 4
- 238000005859 coupling reaction Methods 0.000 claims description 4
- 230000008569 process Effects 0.000 claims description 3
- 238000012423 maintenance Methods 0.000 abstract description 4
- 238000012795 verification Methods 0.000 abstract description 4
- 238000012545 processing Methods 0.000 abstract description 2
- 241001269238 Data Species 0.000 description 1
- 230000032683 aging Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 239000000470 constituent Substances 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000014759 maintenance of location Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 239000004575 stone Substances 0.000 description 1
- 238000003860 storage Methods 0.000 description 1
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a cloud desktop authorization management method under cloud computing environment. The cloud desktop authorization management method comprises the steps that (1) verification information is sent at a user side according to a login mode through a software development kit; (2) after the verification information is received by an authorization service module at a cloud side, a host at the cloud side is selected for processing; (3) whether user information is correct or not is verified; (4) unique identification information is generated and returned to a user by matching a globally-unique identifier, a user ID and verification time; (5) the user sends the unique identification information to a cloud desktop service module at the cloud side; (6) the cloud desktop service module sends the unique identification information to an authentication service module at the cloud side for authorization and authentication. According to the cloud desktop authorization management method under the cloud computing environment, unified authorization management can be adopted under the cloud computing environment, management is convenient, maintenance is easy, and configuration is flexible.
Description
Technical field
The present invention relates to a kind of cloud computing safe practice, particularly cloud desktop authorization management method under a kind of cloud computing environment.
Background technology
About mandate application deployment widely always in traditional field of desktop, in cloud computing environment, authorization has had new requirement.So cloud computing is a kind of dynamic, easily expansion, based on virtualized Resource Calculation mode, normally provide by the Internet, user does not need to understand the details of cloud inside.Cloud computing service comprises 3 layers, and infrastructure serve (IaaS), basic platform serves (PaaS) and software serve (SaaS).Infrastructure serve is to manage for basic resources such as network, main frame, storages, is the foundation stone of cloud computing system, is the first step that realizes cloud computing; Basic platform serves is to manage for middleware, database; Software served for user's application and managed.Under cloud computing environment, the desktop virtual service in cloud computing environment is mainly to provide the unified entrance of user's convenient access cloud resource.Desktop virtual is by the terminal equipment solution coupling of user's desktop environment and its use, what on server, deposit is each user's complete desktop environment, user can use the different terminal equipments with enough processing and Presentation Function, by access to netwoks desktop environment.
Tradition authorization technique major defect under cloud computing environment is that flexibility ratio is inadequate, not manageability, not easy care.In desktop security, a very important aspect in IT work, constituent parts oneself is to safety requirements on the one hand, and government department is to safety also some mandatory requirement on the other hand, once violate, consequence is very serious.For enterprise, data, intellectual property are exactly their life, for example credit card account of the client in banking system, User Detail in insurance system, source code in software enterprise etc.How protecting these confidential datas is not the challenge often facing of IT department of many companies by leaking.Adopt various safety measures to ensure that data are not illegally used for this reason, for example, banned use of USB equipment, banned use of outside Email etc.
Summary of the invention
The object of this invention is to provide cloud desktop authorization management method under a kind of cloud computing environment, can be under cloud computing environment, the management of employing uniform authorization, convenient management, easy maintenance, flexible configuration.
In order to realize above object, the present invention is achieved by the following technical solutions:
Cloud desktop authorization management method under a kind of cloud computing environment, comprises following steps:
Step 1: by SDK, send authorization information at user side according to login mode;
Step 2: authorization information selects a main frame in high in the clouds to process after being received by the authorization service module in high in the clouds;
Step 3: whether verified users information is correct;
Step 4: by coupling GUID, user ID and checking time, generate and return to unique identification information to user;
Step 5: user sends to described unique identification information the cloud desktop services module in high in the clouds;
Step 6: the authentication service module that unique identification information is sent to high in the clouds by cloud desktop services module is carried out authorization identifying.
In described step 5, user side can regularly unique identification information can be sent to cloud desktop services module carries out authorization identifying for authentication service module.
Described authentication service module receives the unique identification information of all user's timed sending, checks that whether the unique identification information of the authorization identifying of having provided is to lose efficacy, and to the unique identification information having lost efficacy, refusal is authorized.
The present invention compared with prior art, has the following advantages:
Can be under cloud computing environment, the management of employing uniform authorization, convenient management, easy maintenance, flexible configuration.
Brief description of the drawings
Fig. 1 is the method flow diagram of cloud desktop authorization management method under a kind of cloud computing environment of the present invention.
Embodiment
Below in conjunction with accompanying drawing, by describing a preferably specific embodiment in detail, the present invention is further elaborated.
Cloud desktop authorization management method under a kind of cloud computing environment, comprises following steps:
Step 1: by SDK, send authorization information at user side according to login mode.
Step 2: authorization information selects a main frame in high in the clouds to process after being received by the authorization service module in high in the clouds.
Step 3: whether verified users information is correct.
Step 4: by coupling GUID, user ID and checking time, generate and also return to unique identification information to user, in the present embodiment, generate unique identification information by joining day factor, can prevent that unique identification information from being usurped by other people.
Step 5: user sends to described unique identification information the cloud desktop services module in high in the clouds; In the present embodiment, user side also can timing can send to cloud desktop services module by unique identification information and carry out authorization identifying for authentication service module, the mechanism of reporting by the timing of unique identification information, being user provides ageing unique identification information and authorizes verification, can quasi real time monitor the situation of licensing of holding power fine-grained control of authority is provided.
Step 6: the authentication service module that unique identification information is sent to high in the clouds by cloud desktop services module is carried out authorization identifying.In the present embodiment, authentication service module receives the unique identification information of all user's timed sending, whether the unique identification information that checks the authorization identifying of having provided lost efficacy, to determine user's desktop of whether having the right to use, and to the unique identification information having lost efficacy, refusal is authorized, and the resource of notifying client to abandon having obtained, ensures that user cannot unauthorizedly move.In the present embodiment, the possibility that unique identification information lost efficacy comprises: 1, unique identification information is expired; 2, user exits; 3, authorize and change; 4, behavior of other and authorized content inconsistency etc.By periodically authenticating, realize the control to authority, realize the easily characteristic of expansion of system, can also utilize this method neatly desktop authority to be carried out to personalized configuration.
Authorization management method of the present invention is suitable for cloud desktop, cloud dish simultaneously that also cloud desktop is comprised, and cloud application, the access rights of cloud main frame are suitable for.
In sum, cloud desktop authorization management method under the present invention's one cloud computing environment, can be under cloud computing environment, the management of employing uniform authorization, convenient management, easy maintenance, flexible configuration.
Although content of the present invention has been done detailed introduction by above preferred embodiment, will be appreciated that above-mentioned description should not be considered to limitation of the present invention.Read after foregoing those skilled in the art, for multiple amendment of the present invention and substitute will be all apparent.Therefore, protection scope of the present invention should be limited to the appended claims.
Claims (3)
1. a cloud desktop authorization management method under cloud computing environment, is characterized in that, comprises following steps:
Step 1: by SDK, send authorization information at user side according to login mode;
Step 2: authorization information selects a main frame in high in the clouds to process after being received by the authorization service module in high in the clouds;
Step 3: whether verified users information is correct;
Step 4: by coupling GUID, user ID and checking time, generate and return to unique identification information to user;
Step 5: user sends to described unique identification information the cloud desktop services module in high in the clouds;
Step 6: the authentication service module that unique identification information is sent to high in the clouds by cloud desktop services module is carried out authorization identifying.
2. cloud desktop authorization management method under cloud computing environment as claimed in claim 1, is characterized in that, in described step 5, user side can regularly unique identification information can be sent to cloud desktop services module carries out authorization identifying for authentication service module.
3. cloud desktop authorization management method under cloud computing environment as claimed in claim 2, it is characterized in that, described authentication service module receives the unique identification information of all user's timed sending, check that whether the unique identification information of the authorization identifying of having provided was to lose efficacy, to the unique identification information having lost efficacy, refusal is authorized.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410100958.8A CN103944882A (en) | 2014-03-19 | 2014-03-19 | Cloud desktop authorization management method under cloud computing environment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410100958.8A CN103944882A (en) | 2014-03-19 | 2014-03-19 | Cloud desktop authorization management method under cloud computing environment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103944882A true CN103944882A (en) | 2014-07-23 |
Family
ID=51192366
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410100958.8A Pending CN103944882A (en) | 2014-03-19 | 2014-03-19 | Cloud desktop authorization management method under cloud computing environment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103944882A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105071997A (en) * | 2015-09-11 | 2015-11-18 | 东莞市微云系统科技有限公司 | Cloud desktop security detection and control method |
| CN105791324A (en) * | 2016-05-12 | 2016-07-20 | 腾讯科技(深圳)有限公司 | Account login method and device |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102098317A (en) * | 2011-03-22 | 2011-06-15 | 浙江中控技术股份有限公司 | Data transmitting method and system applied to cloud system |
| CN102487380A (en) * | 2010-12-01 | 2012-06-06 | 中兴通讯股份有限公司 | Desktop virtual terminal entrusting method and system |
| CN102598577A (en) * | 2009-10-23 | 2012-07-18 | 微软公司 | Authentication using cloud authentication |
| CN103179115A (en) * | 2013-03-18 | 2013-06-26 | 中国科学院信息工程研究所 | A cloud service access control method for cross-cloud applications of cloud TV terminals |
| CN103259663A (en) * | 2013-05-07 | 2013-08-21 | 南京邮电大学 | User unified authentication method in cloud computing environment |
| CN103595759A (en) * | 2013-10-15 | 2014-02-19 | 北京航空航天大学 | Desktop presenting method based on cloud |
-
2014
- 2014-03-19 CN CN201410100958.8A patent/CN103944882A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102598577A (en) * | 2009-10-23 | 2012-07-18 | 微软公司 | Authentication using cloud authentication |
| CN102487380A (en) * | 2010-12-01 | 2012-06-06 | 中兴通讯股份有限公司 | Desktop virtual terminal entrusting method and system |
| CN102098317A (en) * | 2011-03-22 | 2011-06-15 | 浙江中控技术股份有限公司 | Data transmitting method and system applied to cloud system |
| CN103179115A (en) * | 2013-03-18 | 2013-06-26 | 中国科学院信息工程研究所 | A cloud service access control method for cross-cloud applications of cloud TV terminals |
| CN103259663A (en) * | 2013-05-07 | 2013-08-21 | 南京邮电大学 | User unified authentication method in cloud computing environment |
| CN103595759A (en) * | 2013-10-15 | 2014-02-19 | 北京航空航天大学 | Desktop presenting method based on cloud |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105071997A (en) * | 2015-09-11 | 2015-11-18 | 东莞市微云系统科技有限公司 | Cloud desktop security detection and control method |
| CN105071997B (en) * | 2015-09-11 | 2018-09-21 | 广东微云科技股份有限公司 | A cloud desktop security detection and control method |
| CN105791324A (en) * | 2016-05-12 | 2016-07-20 | 腾讯科技(深圳)有限公司 | Account login method and device |
| CN105791324B (en) * | 2016-05-12 | 2019-12-06 | 腾讯科技(深圳)有限公司 | Account login method and device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10956972B2 (en) | Account access system | |
| CN102394887B (en) | OAuth protocol-based safety certificate method of open platform and system thereof | |
| Sehgal et al. | A cross section of the issues and research activities related to both information security and cloud computing | |
| WO2017124960A1 (en) | Method and device for application program to access interface, and method and device for application program to request authorization | |
| EP3937040B1 (en) | Systems and methods for securing login access | |
| CN103259663A (en) | User unified authentication method in cloud computing environment | |
| Shariati et al. | Challenges and security issues in cloud computing from two perspectives: Data security and privacy protection | |
| CN109120571B (en) | System and method for authorized use of citizen personal data | |
| CN110290150A (en) | A kind of login validation method and login authentication device of Virtual Private Network VPN | |
| WO2018148103A1 (en) | Password security | |
| CN103152425A (en) | Safety management system for mobile device based on cloud technology | |
| CN112862484A (en) | Secure payment method and device based on multi-terminal interaction | |
| CN106304264A (en) | A kind of wireless network access method and device | |
| CN105281913B (en) | Electronic evidence processing method, system and dynamic code service system for electronic signature | |
| CN106375334A (en) | An Authentication Method for Distributed System | |
| US11281773B2 (en) | Access card penetration testing | |
| CN103944882A (en) | Cloud desktop authorization management method under cloud computing environment | |
| US8904508B2 (en) | System and method for real time secure image based key generation using partial polygons assembled into a master composite image | |
| CN105991575A (en) | Cloud desktop login method and system thereof | |
| CN103873586A (en) | Public account number management method based on digital certificates and micro blog management platform | |
| CN109802927A (en) | A kind of security service providing method and device | |
| CN117035890A (en) | Transaction security method, device, system, medium and equipment of electronic invoice | |
| Chauhan et al. | Secure data in cloud computing using face detection and fingerprint | |
| CN105376258B (en) | A method of based on encryption authorization system Backup and Restore cloud storage file object | |
| CN104038497A (en) | Electronic identity authentication method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20140723 |