Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Security authentication method for realizing multi-cloud management and control across public network

A security certification and control technology, applied to electrical components, transmission systems, etc., can solve problems such as large financial expenses, achieve the effects of reduced operation and maintenance costs, low risk of certificate leakage, and saving human and financial resources

Active Publication Date: 2020-05-12
杭州端点网络科技有限公司
View PDF7 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

When the scale of the cloud computing cluster to be managed is large, applying for an authoritative certificate will not only bring about large financial expenses, but also bring a lot of operation and maintenance costs that need to be replaced with expired certificates

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Security authentication method for realizing multi-cloud management and control across public network
  • Security authentication method for realizing multi-cloud management and control across public network
  • Security authentication method for realizing multi-cloud management and control across public network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0024] Such as figure 2 As shown, the present invention comprises management and control cluster and cloud computing cluster, is characterized in that, also comprises management and control cluster reverse proxy service and cloud computing cluster reverse proxy service, reverse server can be Nginx; Concrete steps include:

[0025] S1. Build a two-way authentication network channel between the network edge of the managed cluster and the network edge of the managed cloud computing cluster through a group of reverse proxy servers;

[0026] S2. In the management and control cluster, the management and control service directly uses the HTTP protocol on the intranet to access the reverse proxy service;

[0027] S3. After receiving the request, the reverse proxy server in the management and control cluster uses the self-signed SSL client certificate to access the reverse proxy server of the cloud computing cluster through the HTTPS protocol public network to complete the authenticat...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a security authentication method for realizing multi-cloud management and control across a public network. The method specifically comprises the following steps: a bidirectional authentication network channel between a management and control cluster and a cloud computing cluster is established through a group of reverse proxy servers; in the management and control cluster,a management and control service directly uses an HTTP protocol to access a reverse proxy service; after the reverse proxy server of the management and control cluster receives the request, a self-signed SSL client certificate is used to access the reverse proxy server of the cloud computing cluster through HTTPS to complete authentication of the management and control cluster; meanwhile, the cloud computing cluster returns the self-signed server certificate, and the management and control cluster also uses the same self-signed CA certificate to complete authentication of the cloud computing cluster; and after the bidirectional authentication is completed, the HTTPS protocol is uploaded by the cloud computing cluster reverse proxy service, and a target service is accessed by using the HTTPprotocol to realize security management and control. According to the method, manpower and financial resources can be saved, the method is safer, meanwhile, the control service can realize control bydirectly using the HTTP protocol to access the reverse proxy service, and the control is flexible and convenient.

Description

technical field [0001] The invention belongs to the technical field of PAAS platforms, and in particular relates to a security authentication method for realizing multi-cloud management and control across public networks. Background technique [0002] With the progress of the times and the development of technology, the application of network and communication technology has become more and more extensive, and the problem of network security has become more and more prominent. When the management and control cluster of the PAAS cloud platform manages and controls the cloud computing cluster, there are three common scenarios: creating services, obtaining data, and setting tasks. These three scenarios all have extremely high requirements for security. Taking data acquisition as an example, if the data is eavesdropped during transmission, commercial secrets may be leaked; and if the data acquisition interface can be read by a third party at will, it will bring immeasurable los...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08
CPCH04L67/12H04L67/02H04L63/166H04L63/0884H04L63/0869H04L67/1001
Inventor 武鑫吴小伟张添翼骆冰利
Owner 杭州端点网络科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products