CN114884741B - Secure access and control system and method in distributed cloud environment - Google Patents
Secure access and control system and method in distributed cloud environment Download PDFInfo
- Publication number
- CN114884741B CN114884741B CN202210624153.8A CN202210624153A CN114884741B CN 114884741 B CN114884741 B CN 114884741B CN 202210624153 A CN202210624153 A CN 202210624153A CN 114884741 B CN114884741 B CN 114884741B
- Authority
- CN
- China
- Prior art keywords
- data
- user
- behavior
- terminal
- report
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 23
- 238000004458 analytical method Methods 0.000 claims abstract description 77
- 238000007726 management method Methods 0.000 claims description 26
- 230000002159 abnormal effect Effects 0.000 claims description 17
- 230000005856 abnormality Effects 0.000 claims description 13
- 238000006073 displacement reaction Methods 0.000 claims description 11
- 238000003825 pressing Methods 0.000 claims description 10
- 238000013500 data storage Methods 0.000 claims description 9
- 238000007405 data analysis Methods 0.000 claims description 3
- 238000005315 distribution function Methods 0.000 claims description 3
- 230000006870 function Effects 0.000 description 19
- 230000009471 action Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000013135 deep learning Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/107—Network architectures or network communication protocols for network security for controlling access to devices or network resources wherein the security policies are location-dependent, e.g. entities privileges depend on current location or allowing specific operations only from locally connected terminals
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02P—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
- Y02P90/00—Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
- Y02P90/02—Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Power Engineering (AREA)
- Alarm Systems (AREA)
Abstract
The invention discloses a security access control system and a security access control method in a distributed cloud environment, wherein the security access control system comprises a cloud storage module, a behavior analysis module, a security management and control module and a user terminal, wherein the user terminal logs in and uses a social platform, the cloud storage module is used for storing data files sent and received by the user logging in the social platform, the behavior analysis module is used for collecting terminal information data and behavior habit data of the user using the terminal equipment, comparing the current collected data with the collected data under the previous security access and sending a report to the security management and control module, and the security management and control module is used for analyzing the terminal information data and the behavior habit data report and judging whether the user logs in and accesses the social platform data by using the terminal equipment or not has an access risk. The system reduces the possible risk of privacy data leakage in synchronizing social platform data among different terminal devices through the secure access under the distributed cloud environment.
Description
Technical Field
The invention relates to the technical field of personal privacy information protection, in particular to a security access control system and method in a distributed cloud environment.
Background
Privacy security is a security technology for protecting data generated by using different terminals in the Internet by a user and avoiding the risk of data leakage caused by the diversification of the terminals, and is particularly important as the Internet continuously goes deep into the life and work of people, the places and the frequency of using the terminals by people are more and more;
however, the situation of disclosure of personal privacy data is more and more, people can log in social software by using various terminals conveniently, but files and data cannot be accessed randomly among the terminals, and data and files stored in the terminals are always connected by some media, so that synchronization of the data and users can be realized.
Therefore, a system and method for secure access control in a distributed cloud environment are needed to solve the above-mentioned problems.
Disclosure of Invention
The invention aims to provide a secure access control system and a secure access control method in a distributed cloud environment, so as to solve the problems in the background technology.
In order to solve the technical problems, the invention provides the following technical scheme: the system comprises a distributed cloud storage module, a behavior analysis module, a security management and control module and a user terminal;
The distributed cloud storage module is used for a user to log in a data file sent and received by using social software by using the terminal equipment;
The behavior analysis module is used for collecting behavior habit data when a user uses the terminal equipment;
The safety management and control module is used for analyzing and comparing behavior habit data of the latest used terminal equipment of a user with the past stored data, and judging whether to access the abnormality and sending an abnormality report by combining the position information and the IP address information of the terminal equipment;
The user terminal is used for a user to log in and use social platform software, and automatically sends the position information and the IP address information of the terminal to the security management and control module.
Further, the cloud storage module comprises a data storage unit and a data distribution unit, wherein the data storage unit is used for storing data files sent and received by a user logging in the social platform by using terminal equipment; the data distribution unit is used for sending the data files stored in the data storage unit when the user logs in the social platform by using different terminal equipment.
Further, the data analysis module comprises a behavior habit acquisition unit and a terminal information acquisition unit, wherein the behavior habit acquisition unit is used for acquiring and analyzing behavior habit data of a user when using common terminal equipment, and then sending the behavior habit data to the safety control module; the terminal information acquisition unit is used for acquiring and analyzing information of different terminal devices of a user logging in the social platform and then sending the information to the safety management and control module.
Further, the safety control module comprises a behavior habit data and terminal information analysis and comparison unit and an abnormality early warning unit, wherein the behavior habit data and terminal information analysis and comparison unit is used for analyzing the behavior habit of the latest user logging in the social platform at the terminal equipment, comparing the behavior habit with the terminal information and the past data and sending a report to the abnormality early warning unit; the abnormal early warning unit is used for analyzing the behavior habit data and the report sent by the terminal information analysis and comparison unit, and if the report is abnormal, the early warning unit sends out early warning.
Further, the user terminal is used for logging in the social platform and feeding back terminal information including terminal position information, IP address information and user use behavior habit data.
A secure access control method in a distributed cloud environment comprises the following steps:
s1: storing the data sent and received by the user logging in the social platform by using the terminal equipment;
s2: collecting information of terminal equipment used by a user each time and behavior habit data used by the user to log in a social platform by using the equipment;
s3: comparing the latest user behavior habit with the information data of the terminal equipment and the past data and analyzing the latest user behavior habit;
S4: when a user tries to access and acquire the data stored in the cloud storage module, an early warning report is sent out according to the analysis report.
Further, in step S1: and the user logs in the social platform by using the terminal equipment and automatically sends the data file to the distributed cloud storage module.
Further, in step S2: collecting terminal equipment information including position information and IP address information; the method comprises the steps that behavior habit data are collected, wherein the PC end comprises mouse clicking force and mouse cursor moving speed, and the moving end comprises finger touch screen force and finger screen sliding speed; the PC end mouse is provided with a pressure sensor, the pressure sensor records the data of the clicking force of the mouse each time and uploads the data to a behavior analysis module, a behavior data acquisition unit in the behavior analysis module acquires that the clicking force set of the mouse is { F1, F2, F3,., fn }, the clicking coefficient set is { Y1, Y2, Y3,., yn }, a relation function Y=k1F, k1 of the clicking coefficient Y and the clicking force F of the mouse is obtained by analysis, the slope of the function is constant, the obtained clicking force data of the mouse is distributed on the function based on the using habit of the same user, if the user uses the function for a certain time, the obtained large amount of mouse click force data are not on the function, and a mouse click force analysis report is sent to the safety control module; the PC end mouse is provided with a displacement sensor, the displacement sensor records the position coordinate (X, Y) data of each mouse movement and uploads the data to a behavior analysis module, the position coordinate data set acquired by a behavior data acquisition unit of the behavior analysis module is { (X1, Y1), (X2, Y2),. The (Xn, yn) }, the displacement joint distribution function F (X, Y) =P (X is less than or equal to a, Y is less than or equal to b) is analyzed, P is the probability that the coordinates (X, Y) fall in a rectangular area, the value of P is between 0 and 1, if a certain user uses the data, the value of P obtained by a large amount of coordinate data is abnormal, the displacement analysis report is sent to a safety control module, and the safety control module compares the current report with the previous report average value based on a probability algorithm and judges whether abnormal operation exists or not by combining a mouse click force report; a touch screen sensor and a pressure sensor are arranged at a mobile terminal, the touch screen sensor records the sliding screen speed V data of each finger and uploads the data to a behavior analysis module, a behavior data acquisition unit of the behavior analysis module acquires that the sliding screen speed data set is { V1, V2, & gt and Vn }, a touch screen coefficient C set is { C1, C2, & gt and Cn }, and a function C=k2V between the touch screen coefficient C and the sliding screen speed V is obtained through analysis, wherein k2 is the slope of the function, and the slope is a constant; the pressure sensor records the pressure N data of each time the finger presses the screen and uploads the data to the behavior analysis module, the behavior data acquisition unit of the behavior analysis module acquires that the pressing force N data set is { N1, N2, N3,..Nn }, the pressure coefficient B set is { B1, B2, B3,.., the analysis report is sent to the safety management and control module, and the safety management and control module compares the current report mean value with the previous report mean value based on a probability algorithm and judges whether abnormal operation exists or not.
Further, in step S3: the terminal information data and behavior habit data of each time the user uses the terminal equipment and logs in the social platform are stored in the safety control module and are used for comparing the terminal information data and the behavior habit data of the latest used terminal equipment and logs in the social platform, and a report is obtained;
Further, in step S4: when the user uses the terminal device and logs in the social platform to access the data stored on the distributed cloud storage module, the security management and control module obtains an analysis report according to the step S3, and judges whether the user personally accesses the distributed cloud storage module if the user personally accesses the distributed cloud storage module abnormally, and the operation is terminated.
Compared with the prior art, the invention has the following beneficial effects: according to the method and the device, the distributed cloud environment is used for collecting the terminal equipment information and the user behavior habit information when the user uses the terminal equipment and logs in the social platform for storage and deep learning analysis, so that whether the user uses the terminal equipment each time and logs in the social platform is judged, better data storage and privacy security protection are provided for the user, and the risk of unnecessary loss caused by privacy leakage is reduced.
Drawings
The accompanying drawings are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate the invention and together with the embodiments of the invention, serve to explain the invention. In the drawings:
FIG. 1 is a schematic diagram of a security access control system in a distributed cloud environment according to the present invention;
FIG. 2 is a flow diagram of a secure access control system in a distributed cloud environment according to the present invention;
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Referring to fig. 1-2, the present invention provides the following technical solutions: the system comprises a distributed cloud storage module, a behavior analysis module, a security management and control module and a user terminal;
The distributed cloud storage module is used for a user to log in a data file sent and received by using social software by using the terminal equipment;
The behavior analysis module is used for collecting behavior habit data when the user uses the terminal equipment;
the safety control module is used for analyzing and comparing behavior habit data of the latest used terminal equipment of the user with the stored data in the past, and judging whether to access the abnormality and send an abnormality report by combining the position information and the IP address information of the terminal equipment;
the user terminal is used for a user to log in and use the social platform software, and automatically sends the position information and the IP address information of the terminal to the security management and control module.
The cloud storage module comprises a data storage unit and a data distribution unit, wherein the data storage unit is used for storing data files sent and received by a user logging in the social platform by using terminal equipment; the data distribution unit is used for sending the data files stored in the data storage unit when the user logs in the social platform by using different terminal equipment.
The data analysis module comprises a behavior habit acquisition unit and a terminal information acquisition unit, wherein the behavior habit acquisition unit is used for acquiring and analyzing behavior habit data of a user when using common terminal equipment and then sending the behavior habit data to the safety control module; the terminal information acquisition unit is used for acquiring and analyzing information of different terminal devices of a user logging in the social platform and then sending the information to the safety management and control module.
The safety control module comprises a behavior habit data and terminal information analysis and comparison unit and an abnormality early warning unit, wherein the behavior habit data and terminal information analysis and comparison unit is used for analyzing the latest behavior habit of a user in a social platform logging in by terminal equipment, comparing the behavior habit with terminal information and previous data, and sending a report to the abnormality early warning unit; the abnormal early warning unit is used for analyzing the behavior habit data and the report sent by the terminal information analysis and comparison unit, and if the report is abnormal, the early warning unit sends out early warning.
The user terminal is used for logging in the social platform and feeding back terminal information comprising terminal position information, IP address information and user use behavior habit data.
A secure access method in a distributed cloud environment includes the following steps:
s1: storing the data sent and received by the user logging in the social platform by using the terminal equipment;
s2: collecting information of terminal equipment used by a user each time and behavior habit data used by the user to log in a social platform by using the equipment;
s3: comparing the latest user behavior habit with the information data of the terminal equipment and the past data and analyzing the latest user behavior habit;
S4: when a user tries to access and acquire the data stored in the cloud storage module, an early warning report is sent out according to the analysis report.
In step S1: and the user logs in the social platform by using the terminal equipment and automatically sends the data file to the distributed cloud storage module.
In step S2: collecting terminal equipment information including position information and IP address information; the method comprises the steps that behavior habit data are collected, wherein the PC end comprises mouse clicking force and mouse cursor moving speed, and the moving end comprises finger touch screen force and finger screen sliding speed; the PC end mouse is provided with a pressure sensor, the pressure sensor records the clicking force data of the mouse each time and uploads the clicking force data to a behavior analysis module, a behavior data acquisition unit in the behavior analysis module acquires that the clicking force F of the mouse is { F1, F2, F3, & gt, fn }, the clicking coefficient Y is { Y1, Y2, Y3, & gt, yn }, a relation function Y=k1F of the clicking coefficient Y and the clicking force F of the mouse is obtained by analysis, k1 is the slope of the function, the slope of the function is constant, the obtained pressure data is distributed on the function based on the using habit of the same user, if the user uses the function for a certain time, the obtained large amount of mouse click force data are not on the function, and a mouse click force analysis report is sent to the safety control module; the PC end mouse is provided with a displacement sensor, the displacement sensor records the position coordinate (X, Y) data of each mouse movement and uploads the data to a behavior analysis module, the position coordinate data set acquired by a behavior data acquisition unit of the behavior analysis module is { (X1, Y1), (X2, Y2),. The (Xn, yn) }, the displacement joint distribution function F (X, Y) =P (X is less than or equal to a, Y is less than or equal to b) is analyzed, P is the probability that the coordinates (X, Y) fall in a rectangular area, the value of P is between 0 and 1, if a certain user uses the data, the value of P obtained by a large amount of coordinate data is abnormal, the displacement analysis report is sent to a safety control module, and the safety control module compares the current report with the previous report average value based on a probability algorithm and judges whether abnormal operation exists or not by combining a mouse click force report; a touch screen sensor and a pressure sensor are arranged at a mobile terminal, the touch screen sensor records the sliding screen speed V data of each finger and uploads the data to a behavior analysis module, a behavior data acquisition unit of the behavior analysis module acquires that the sliding screen speed V data set is { V1, V2, & gt, vn }, a touch screen coefficient C set is { C1, C2, & gt, cn }, and a function C=k2V between the touch screen coefficient C and the sliding screen speed V is obtained through analysis, wherein k2 is the slope of the function, and is a constant; the pressure sensor records the pressure N data of each time the finger presses the screen and uploads the pressure N data to the behavior analysis module, the behavior data acquisition unit of the behavior analysis module acquires that the screen pressing force N data set is { N1, N2, N3,..Nn }, the pressure coefficient B set is { B1, B2, B3,.., the analysis report is sent to the safety management and control module, and the safety management and control module compares the current report mean value with the previous report mean value based on a probability algorithm and judges whether abnormal operation exists or not.
In step S3: the terminal information data and behavior habit data of each time the user uses the terminal equipment and logs in the social platform are stored in the safety control module and are used for comparing the terminal information data and the behavior habit data of the latest used terminal equipment and logs in the social platform, and a report is obtained;
In step S4: when the user uses the terminal device and logs in the social platform to access the data stored on the distributed cloud storage module, the security management and control module obtains an analysis report according to the step S3, and judges whether the user personally accesses the distributed cloud storage module if the user personally accesses the distributed cloud storage module abnormally, and the operation is terminated.
Embodiment one: collecting user behavior habit data at a PC end, wherein the user behavior habit data comprises a mouse click force F set {0.80,0.82,0.78,0.89}, a click coefficient Y set {1.60,1.64,1.56,1.78}, analyzing to obtain a function relation of the mouse click force F and the click coefficient to be Y=2F, collecting a mouse movement position (X, Y) set { (-2.5,2.6), (-2.7,2.5), (1.9,2.9), (2.1,2.7) }, analyzing to obtain F (X, Y) =0.67, and uploading the analysis to a behavior analysis module; when a certain strange user accesses and logs in social software on PC terminal equipment in a common user office, the user terminal automatically sends terminal position information and IP address information, through analysis, a security management and control module does not report abnormality, when the user starts to use the terminal, a mouse click force F set is {1.2,1.4,1.0,1.1}, a click coefficient Y set is {4.2,5.2,4.0,4.4}, analysis shows that the function relation of the click coefficient of the mouse click force F is Y=4F, meanwhile, a mouse movement position (X, Y) set is { (-5.1,10.1) (-6.0,11.2), (0.5,10.6), (0.2,11.8) }, analysis shows that F (X, Y) =1.21, the analysis is uploaded to an analysis module, a behavior habit collection unit in the behavior analysis module analyzes and compares the report to the security management and control module, the security management and control module compares the report with the previous report, and sends the operation abnormality to the terminal user interface to remind the user to log in again.
Embodiment two: collecting user behavior habit data at a mobile terminal, wherein the user behavior habit data comprises a user screen sliding speed V set {0.05,0.04,0.06,0.03}, a touch screen coefficient C set {0.15,0.12,0.18,0.09}, analyzing to obtain a function relationship between the touch screen coefficient C and the screen sliding speed V of C=3V, collecting a screen pressing force N set {0.21,0.19,0.20,0.22,0.18}, a pressure coefficient B set {1.05,0.95,1.00,1.10,0.90}, analyzing to obtain a function relationship between the pressure coefficient B and the screen pressing force N of B=5V, and uploading the analysis to a behavior analysis module; the method comprises the steps that a user logs in and accesses social software at a strange place by using mobile terminal equipment, the user terminal sends terminal position information and IP address information, through analysis, the terminal position information and the IP address information are different from a previous report, a safety management and control module continuously analyzes behavior habit data, a set of sliding screen speeds V of the user is {0.06,0.05,0.04,0.03}, a set of touch screen coefficients C is {0.12,0.10,0.08,0.09}, a functional relation between the touch screen coefficients C and the sliding screen speeds V is C=3V, a set of screen pressing forces N is {0.20,0.21,0.19,0.18,0.22}, a set of pressure coefficients B is {1.00,1.05,0.95,0.90,1.10}, a functional relation between the screen pressing forces N of the pressure coefficients B is B=5V, and the safety management and control module can continuously access the social software by combining the analysis, reporting that the user is not abnormal.
It is noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus.
Finally, it should be noted that: the foregoing description is only a preferred embodiment of the present invention, and the present invention is not limited thereto, but it is to be understood that modifications and equivalents of some of the technical features described in the foregoing embodiments may be made by those skilled in the art, although the present invention has been described in detail with reference to the foregoing embodiments. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (8)
1. A secure access control method in a distributed cloud environment is characterized in that: the method comprises the following steps:
s1: storing the data sent and received by the user logging in the social platform by using the terminal equipment;
s2: collecting information of terminal equipment used by a user each time and behavior habit data used by the user to log in a social platform by using the equipment;
s3: comparing the latest user behavior habit with the information data of the terminal equipment and the past data and analyzing the latest user behavior habit;
S4: when a user tries to access and acquire the data stored in the cloud storage module, an early warning report is sent out according to the analysis report;
In step S2: collecting terminal equipment information including position information and IP address information; the method comprises the steps that behavior habit data are collected, wherein the PC end comprises mouse clicking force and mouse cursor moving speed, and the moving end comprises finger touch screen force and finger screen sliding speed;
In step S3: the data of each time the user uses the terminal equipment and logs in the social platform are stored and used for comparing with the latest data of the terminal equipment used once and the data of the user logging in the social platform, and a report is obtained;
In step S4: when a user uses a terminal device and logs in a social platform to access data stored on the distributed cloud storage module, the security management and control module analyzes a report, and if abnormality exists, the operation is terminated;
The method comprises the steps that a pressure sensor is arranged on a PC end mouse, the pressure sensor records the data of each click force of the mouse and uploads the data to a behavior analysis module, a behavior data acquisition unit in the behavior analysis module acquires that the pressing force set is { F1, F2, F3,.,. Fn }, the pressure coefficient set is { Y1, Y2, Y3,.,. Yn }, a relation function Y=k1F of the pressure coefficient Y and the click force F is obtained by analysis, k1 is the slope of the function and is a constant, the obtained pressure data is distributed on the function based on the using habit of the same user, and if a certain user uses the function, a great amount of obtained pressure data is not included in the obtained function, and a pressure analysis report is sent to a safety management and control module; the PC end mouse is provided with a displacement sensor, the displacement sensor records position coordinate (X, Y) data of each mouse movement and uploads the position coordinate data to a behavior analysis module, a position coordinate data set acquired by a behavior data acquisition unit of the behavior analysis module is { (X1, Y1), (X2, Y2),. The combination distribution function F (X, Y) =P (X is less than or equal to a and Y is less than or equal to b) is obtained by analysis, P is the probability that the coordinates (X, Y) fall in a rectangular area, the value of the obtained P is between 0 and 1, if a certain user uses the obtained large amount of coordinate data, the value of the obtained P is abnormal, the displacement analysis report is sent to a safety management and control module, and the safety management and control module compares the current value with a previous report mean value based on a probability algorithm and judges whether abnormal operation exists or not by combining the pressure report.
2. The method for controlling secure access in a distributed cloud environment according to claim 1, wherein: the mobile terminal is provided with a touch screen sensor and a pressure sensor, the touch screen sensor records the data of the sliding screen speed V of each finger and uploads the data to a behavior analysis module, the behavior data acquisition unit of the behavior analysis module acquires the sliding screen speed V as { V1, V2 }, V N }, the touch screen coefficient C as { C1, C2, & gt and Cn }, the function C=k2V between the touch screen coefficient C and the sliding screen speed V is analyzed, k2 is the slope of the function and is a constant, the pressure sensor records the data of the pressure N of each finger pressing the screen and uploads the data to the behavior analysis module, the behavior data acquisition unit of the behavior analysis module acquires the pressing force set as { N1, N2, N3., nn }, the pressure coefficient B as { B1, B2, B3., bn }, the function B=k3N, k3 between the analysis pressure coefficient B and the pressing force N is the slope of the function, the function is a constant, and the function B=k3N, the function is analyzed and the function is not reported on the basis of the average value of the user's application of the data, and the user's safety control is compared with the safety control algorithm if the function is used, and the safety control is not used, and the safety control is compared with the safety control algorithm if the function is used.
3. The method for controlling secure access in a distributed cloud environment according to claim 1, wherein: the terminal equipment acquires position information and an IP address through a GPS and an access internet and sends the position information and the IP address to a terminal information acquisition unit in a behavior analysis module, if the position information and the IP address change suddenly, the terminal information acquisition unit sends an abnormal report to a safety management and control module, and the safety management and control module judges whether to send an operation abnormal report to a user or not according to the behavior habit analysis report and reminds the user to log in again.
4. A security access control system in a distributed cloud environment implementing the security access control method in the distributed cloud environment of any of claims 1-3, characterized in that: the system comprises: the system comprises a distributed cloud storage module, a behavior analysis module, a security management and control module and a user terminal,
The distributed cloud storage module is used for storing file data sent and received by the user social platform;
The behavior analysis module is used for collecting and analyzing user terminal information and user use behavior habit data;
the safety control module is used for processing user use behavior habit data analysis and carrying out safety feedback;
the user terminal is used for the user to log in the social platform for operation.
5. The secure access control system in a distributed cloud environment of claim 4, wherein: the cloud storage module comprises a data storage unit and a data distribution unit, wherein the data storage unit is used for automatically storing files sent and received by users logging in social platforms at different terminals; the data distribution unit is used for users logging in different terminals to access and acquire social platform file data.
6. The secure access control system in a distributed cloud environment of claim 4, wherein: the behavior analysis module comprises a behavior habit acquisition unit and a terminal information acquisition unit, wherein the behavior habit acquisition unit is used for acquiring and analyzing behavior habit data of a user when using common terminal equipment and then sending the behavior habit data to the safety control module; the terminal information acquisition unit is used for acquiring and analyzing information of different terminal devices of a user logging in the social platform and then sending the information to the safety management and control module.
7. The secure access control system in a distributed cloud environment of claim 4, wherein: the safety control module comprises a behavior habit data and terminal information analysis and comparison unit and an abnormality early warning unit, wherein the behavior habit data and terminal information analysis and comparison unit is used for analyzing the latest behavior habit of a user in a terminal device logging-in social platform, comparing the behavior habit with terminal information and previous data and sending a report to the abnormality early warning unit; the abnormal early warning unit is used for analyzing the behavior habit data and the report sent by the terminal information analysis and comparison unit, and if the report is abnormal, the early warning unit sends out early warning.
8. The secure access control system in a distributed cloud environment of claim 4, wherein: the user terminal is used for logging in the social platform to feed back terminal information and user behavior habit data.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210624153.8A CN114884741B (en) | 2022-06-02 | 2022-06-02 | Secure access and control system and method in distributed cloud environment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210624153.8A CN114884741B (en) | 2022-06-02 | 2022-06-02 | Secure access and control system and method in distributed cloud environment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114884741A CN114884741A (en) | 2022-08-09 |
| CN114884741B true CN114884741B (en) | 2024-05-24 |
Family
ID=82679807
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210624153.8A Active CN114884741B (en) | 2022-06-02 | 2022-06-02 | Secure access and control system and method in distributed cloud environment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114884741B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117972229B (en) * | 2024-02-07 | 2024-07-02 | 珠海达人网络科技有限公司 | Social security early warning supervision system and method based on big data analysis |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102694817A (en) * | 2012-06-08 | 2012-09-26 | 奇智软件(北京)有限公司 | Method, device and system for identifying abnormality of network behavior of program |
| CN102946319A (en) * | 2012-09-29 | 2013-02-27 | 焦点科技股份有限公司 | System and method for analyzing network user behavior information |
| CN104125135A (en) * | 2013-04-28 | 2014-10-29 | 腾讯科技(深圳)有限公司 | Instant messaging application chatting record management method and terminal thereof |
| CN104883292A (en) * | 2015-04-16 | 2015-09-02 | 江苏中威科技软件系统有限公司 | Method and system for realizing message roaming at different terminals |
| CN106126996A (en) * | 2016-07-15 | 2016-11-16 | 北京元支点信息安全技术有限公司 | The safe logging method of a kind of Behavior-based control rule and system |
| CN106384027A (en) * | 2016-09-05 | 2017-02-08 | 四川长虹电器股份有限公司 | User identity recognition system and recognition method thereof |
| KR102024142B1 (en) * | 2018-06-21 | 2019-09-23 | 주식회사 넷앤드 | A access control system for detecting and controlling abnormal users by users’ pattern of server access |
| CN113542232A (en) * | 2021-06-23 | 2021-10-22 | 广州欢享网络科技有限公司 | Website data safety protection system based on big data |
| CN114125848A (en) * | 2021-11-29 | 2022-03-01 | 全球能源互联网研究院有限公司 | Safety protection method and system for power mobile internet service |
| CN114119025A (en) * | 2022-01-24 | 2022-03-01 | 深圳尚米网络技术有限公司 | Safe payment method |
-
2022
- 2022-06-02 CN CN202210624153.8A patent/CN114884741B/en active Active
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102694817A (en) * | 2012-06-08 | 2012-09-26 | 奇智软件(北京)有限公司 | Method, device and system for identifying abnormality of network behavior of program |
| CN102946319A (en) * | 2012-09-29 | 2013-02-27 | 焦点科技股份有限公司 | System and method for analyzing network user behavior information |
| CN104125135A (en) * | 2013-04-28 | 2014-10-29 | 腾讯科技(深圳)有限公司 | Instant messaging application chatting record management method and terminal thereof |
| CN104883292A (en) * | 2015-04-16 | 2015-09-02 | 江苏中威科技软件系统有限公司 | Method and system for realizing message roaming at different terminals |
| CN106126996A (en) * | 2016-07-15 | 2016-11-16 | 北京元支点信息安全技术有限公司 | The safe logging method of a kind of Behavior-based control rule and system |
| CN106384027A (en) * | 2016-09-05 | 2017-02-08 | 四川长虹电器股份有限公司 | User identity recognition system and recognition method thereof |
| KR102024142B1 (en) * | 2018-06-21 | 2019-09-23 | 주식회사 넷앤드 | A access control system for detecting and controlling abnormal users by users’ pattern of server access |
| CN113542232A (en) * | 2021-06-23 | 2021-10-22 | 广州欢享网络科技有限公司 | Website data safety protection system based on big data |
| CN114125848A (en) * | 2021-11-29 | 2022-03-01 | 全球能源互联网研究院有限公司 | Safety protection method and system for power mobile internet service |
| CN114119025A (en) * | 2022-01-24 | 2022-03-01 | 深圳尚米网络技术有限公司 | Safe payment method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114884741A (en) | 2022-08-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102523283B (en) | It is movable frequently active actions to be applied to | |
| CN1946075B (en) | Method and system to determine a user specific relevance score of a message within a messaging system | |
| JP6207185B2 (en) | Information analysis apparatus, information analysis method, information analysis system, and program | |
| US20070101353A1 (en) | Apparatus and method for blocking harmful multimedia contents in personal computer through intelligent screen monitoring | |
| WO2009108880A1 (en) | Human-computer productivity management system and method | |
| CN107341033A (en) | A kind of data statistical approach, device, electronic equipment and storage medium | |
| CN114884741B (en) | Secure access and control system and method in distributed cloud environment | |
| EP3493112B1 (en) | Image processing method, computer device, and computer readable storage medium | |
| US20240104896A1 (en) | Method for detecting human occupancy and activity in a work area | |
| CN104994335A (en) | Alarm method and terminal | |
| JP5932223B2 (en) | Information analysis apparatus, information analysis method, information analysis system, and program | |
| CN109347808B (en) | Safety analysis method based on user group behavior activity | |
| CN111970189B (en) | Content sharing control method and device, electronic equipment and storage medium | |
| CN110727643A (en) | File classification management method and system based on machine learning | |
| Kwon et al. | User profiling via application usage pattern on digital devices for digital forensics | |
| CN111753520B (en) | Risk prediction method and device, electronic equipment and storage medium | |
| CN111191096B (en) | Method for identifying public opinion events and tracking popularity of whole-network patriotic | |
| CN102043705A (en) | Statistical method and apparatus for input behavior | |
| CN111209573A (en) | Access request security sensing method based on mouse displacement track | |
| CN112256549B (en) | Log processing method and device | |
| CN116049808A (en) | Equipment fingerprint acquisition system and method based on big data | |
| JP2009151485A (en) | Suspicious behavior detecting system, suspicious behavior detecting method, and suspicious behavior detecting program | |
| KR20090090678A (en) | Monitoring and recorder system for history of using computer based on screen captures | |
| CN112417301A (en) | Information pushing method, device, server and storage medium | |
| CN112000559A (en) | Abnormal equipment detection method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20240426 Address after: Room 1001-1002, No. 323 Guoding Road, Yangpu District, Shanghai, 200082 Applicant after: Shanghai Qiyuan Technology Co.,Ltd. Country or region after: China Address before: 224000 No. 617, building 1, Longyuan Xincun business district, Yannan high tech Zone, Yancheng City, Jiangsu Province (CNW) Applicant before: Jiangsu Youji Technology Co.,Ltd. Country or region before: China |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |