+

WO2017167019A1 - Procédé et appareil de traitement de bureau nuagique et support d'informations informatiques - Google Patents

Procédé et appareil de traitement de bureau nuagique et support d'informations informatiques Download PDF

Info

Publication number
WO2017167019A1
WO2017167019A1 PCT/CN2017/076847 CN2017076847W WO2017167019A1 WO 2017167019 A1 WO2017167019 A1 WO 2017167019A1 CN 2017076847 W CN2017076847 W CN 2017076847W WO 2017167019 A1 WO2017167019 A1 WO 2017167019A1
Authority
WO
WIPO (PCT)
Prior art keywords
terminal
cloud desktop
login
fingerprint information
cloud
Prior art date
Application number
PCT/CN2017/076847
Other languages
English (en)
Chinese (zh)
Inventor
李锴
沈松
胡丹
邱海军
王兰
宋伊漠
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2017167019A1 publication Critical patent/WO2017167019A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database

Definitions

  • the present invention relates to the field of virtual cloud desktop technologies, and in particular, to a cloud desktop management method, device, and cloud desktop access method, device, and computer storage medium.
  • VDI Virtual Desktop Infrastructure
  • VDI technology uses virtualized technology to virtualize the powerful hardware resources of the server, and allocates these resources to the corresponding virtual desktop users as needed to realize virtual machine usage and management.
  • Virtual desktops and PCs Personal Computer
  • Traditional PCs can implement secure management of PCs through traditional methods such as computer room control and USB port blocking.
  • cloud desktops multiple terminals can access and access desktop servers anytime and anywhere, and obtain cloud desktop services.
  • Traditional security management methods can no longer meet the diversified and flexible requirements of cloud desktop security management.
  • the embodiments of the present invention provide a cloud desktop management method, device, and cloud desktop access method, device, and computer storage medium.
  • the embodiment of the invention provides a cloud desktop management method, and the cloud desktop management method includes the following steps:
  • the acquiring the authentication request sent by the terminal in the cloud desktop fingerprint login mode, and authenticating the authentication request according to the pre-configured cloud database includes:
  • the terminal and the login fingerprint pass the authentication, it is determined that the authentication request passes the authentication.
  • the step of authenticating the rights of the terminal and the login fingerprint according to the login fingerprint information, the terminal information of the terminal, and the cloud database includes:
  • the terminal has access rights, and the login fingerprint information has login authority, it is determined that the terminal and the login fingerprint pass authentication.
  • the step of determining that the authentication request passes the authentication comprises:
  • the terminal and the login fingerprint information are authenticated, determining whether the terminal is a pre-configured login terminal corresponding to the login fingerprint information;
  • the terminal is the login terminal corresponding to the login fingerprint information, determining that the authentication request passes the authentication.
  • the step of matching the cloud desktop and the permission set according to the authentication request includes:
  • the step of controlling the access of the terminal to the cloud desktop according to the permission set includes:
  • the step of controlling access by the terminal to the target cloud desktop according to the permission set includes:
  • the method further includes:
  • the embodiment of the present invention further provides a cloud desktop access method, where the cloud desktop access method includes the following steps:
  • the terminal sends an authentication request to the cloud desktop server according to the input login fingerprint information
  • the cloud desktop is accessed under the authority of the cloud desktop server.
  • the step of accessing the cloud desktop under the permission of the cloud desktop server includes:
  • the step of the terminal sending an authentication request to the cloud desktop server according to the input login fingerprint information includes:
  • the terminal obtains the input login fingerprint information
  • the authentication request is sent to the cloud desktop server according to the login fingerprint information and the terminal information of the terminal.
  • the method further includes:
  • the process proceeds to: performing an authentication request to the cloud desktop server according to the login fingerprint information and the terminal information of the terminal.
  • the step of sending an authentication request to the cloud desktop server according to the input login fingerprint information in the cloud desktop fingerprint login mode includes:
  • an embodiment of the present invention further provides a cloud desktop management device, where the cloud desktop management device includes:
  • the authentication module is configured to obtain an authentication request sent by the terminal in the cloud desktop fingerprint login mode, and authenticate the authentication request according to the pre-configured cloud database;
  • a matching module configured to: if the authentication request passes the authentication, match the cloud desktop and the permission set according to the authentication request;
  • the control module is configured to control access of the terminal to the cloud desktop according to the permission set.
  • the authentication module comprises:
  • the first obtaining unit is configured to acquire, in the cloud desktop fingerprint login mode, an authentication request sent by the terminal, where the authentication request carries the login fingerprint information and the terminal information of the terminal;
  • the authentication unit is configured to authenticate the rights of the terminal and the login fingerprint according to the login fingerprint information, terminal information of the terminal, and a pre-configured cloud database;
  • the determining unit is configured to determine that the authentication request passes the authentication if the terminal and the login fingerprint pass the authentication.
  • the authentication unit is further configured to determine, according to the cloud database and the terminal information, whether the terminal has access rights;
  • the terminal has access rights, and the login fingerprint information has login authority, it is determined that the terminal and the login fingerprint pass authentication.
  • the determining unit is further configured to
  • the terminal and the login fingerprint information are authenticated, determining whether the terminal is a pre-configured login terminal corresponding to the login fingerprint information;
  • the terminal is the login terminal corresponding to the login fingerprint information, determining that the authentication request passes the authentication.
  • the matching module comprises:
  • a list unit configured to: if the authentication request passes the authentication, match the pre-configured cloud desktops according to the authentication request to obtain a cloud desktop list;
  • a target unit configured to return the cloud desktop list to the terminal, and obtain The target cloud desktop selected by the cloud desktop list
  • a permission unit configured to configure a permission set according to the target cloud desktop, the login fingerprint information, and terminal information of the terminal;
  • the control module is further configured to
  • the management module is further configured to:
  • the cloud desktop control device further includes:
  • the calling module is configured to acquire a hardware invocation request of the cloud desktop to the terminal; and according to the hardware invocation request, redirect the terminal hardware to the cloud desktop, and invoke the terminal hardware.
  • the embodiment of the present invention further provides a cloud desktop access device, where the cloud desktop access device includes:
  • the requesting module is configured to send an authentication request to the cloud desktop server according to the input login fingerprint information in the cloud desktop fingerprint login mode;
  • the access module is configured to access the cloud desktop under the authority of the cloud desktop server if the authentication request passes the authentication.
  • the access module comprises:
  • a second acquiring unit configured to acquire a returned cloud desktop list of the cloud desktop server if the authentication request is authenticated
  • a selecting unit configured to obtain a target cloud desktop selected based on the cloud desktop list, and return the target cloud desktop to the cloud desktop server;
  • the access unit is configured to obtain a permission set returned by the cloud desktop server, and access the target cloud desktop according to the permission set.
  • the request module includes:
  • the third obtaining unit is configured to obtain the input login fingerprint information in the cloud desktop fingerprint login mode
  • the determining unit is configured to determine whether the currently logged in terminal has entered the unlocking fingerprint information
  • a matching unit configured to match the unlocking fingerprint information and the login fingerprint information if the terminal has entered the unlocking fingerprint information
  • the requesting unit is configured to send an authentication request to the cloud desktop server according to the login fingerprint information and the terminal information of the terminal, if the login fingerprint information matches the unlock fingerprint information.
  • the requesting module is further configured to
  • the terminal is not a private terminal, sending an authentication request to the cloud desktop server according to the login fingerprint information and the terminal information of the terminal.
  • the cloud desktop access device further includes:
  • the input module is configured to obtain the entered fingerprint information, and send the entered fingerprint information and the terminal information of the terminal to the cloud desktop server, where the cloud desktop server configures the cloud database for authentication.
  • an embodiment of the present invention further provides a computer storage medium, where the computer storage medium includes a set of instructions, when executed, causing at least one processor to execute the cloud desktop management method, or execute the cloud desktop Access method.
  • the cloud desktop management method and device, the cloud desktop access method, the device and the computer storage medium are provided in the cloud desktop fingerprint login mode, and the authentication request sent by the terminal is obtained according to the pre-configured cloud database
  • the right request is authenticated; if the authentication request passes the authentication, the cloud desktop and the permission set are matched according to the authentication request; and the access of the terminal to the cloud desktop is controlled according to the permission set.
  • the embodiment of the present invention is directed to the unique flexibility of the mobile terminal when accessing the cloud desktop. Personal data and security risks and management problems brought by the cloud desktop system.
  • the fingerprint identification technology is connected with various virtualization core technologies to enable users to access the cloud by fingerprint identification, and matching fingerprints to determine whether the current user can access the cloud desktop.
  • the embodiment of the invention realizes the identification of the fingerprint, configures the permissions of the cloud desktop according to the fingerprint information, enhances the control and flexibility of the security of the cloud desktop, and improves the user experience.
  • FIG. 1 is a schematic flowchart of a first embodiment of a cloud desktop management method according to the present invention
  • FIG. 2 is a schematic flowchart of a second embodiment of a cloud desktop management method according to the present invention.
  • FIG. 3 is a schematic flowchart of a third embodiment of a cloud desktop management method according to the present invention.
  • FIG. 4 is a schematic flowchart of a fourth embodiment of a cloud desktop management method according to the present invention.
  • FIG. 5 is a schematic flowchart of a fifth embodiment of a cloud desktop management method according to the present invention.
  • FIG. 6 is a schematic flowchart of a sixth embodiment of a cloud desktop management method according to the present invention.
  • FIG. 7 is a schematic flowchart of a seventh embodiment of a cloud desktop management method according to the present invention.
  • FIG. 8 is a schematic flowchart of a first embodiment of a cloud desktop access method according to the present invention.
  • FIG. 9 is a schematic flowchart of a second embodiment of a cloud desktop access method according to the present invention.
  • FIG. 10 is a schematic flowchart of a third embodiment of a cloud desktop access method according to the present invention.
  • FIG. 11 is a schematic flowchart diagram of a fourth embodiment of a cloud desktop access method according to the present invention.
  • FIG. 12 is a schematic flowchart diagram of a fifth embodiment of a cloud desktop access method according to the present invention.
  • FIG. 13 is a schematic diagram of functional modules of a first embodiment of a cloud desktop control device according to the present invention.
  • FIG. 14 is a schematic diagram of functional modules of a second embodiment, a third embodiment, and a fourth embodiment of a cloud desktop control device according to the present invention.
  • FIG. 15 is a schematic diagram of functional modules of a fifth embodiment and a sixth embodiment of a cloud desktop management device according to the present invention.
  • 16 is a schematic diagram of functional modules of a seventh embodiment of a cloud desktop management device according to the present invention.
  • FIG. 17 is a schematic diagram of functional modules of a first embodiment of a cloud desktop access device according to the present invention.
  • FIG. 18 is a schematic diagram of functional modules of a second embodiment of a cloud desktop access device according to the present invention.
  • FIG. 19 is a functional block diagram of a third embodiment and a fourth embodiment of a cloud desktop control device according to the present invention. intention;
  • FIG. 20 is a schematic diagram of functional modules of a fifth embodiment of a cloud desktop access device according to the present invention.
  • FIG. 21 is a schematic diagram of a terminal hardware redirection application scenario according to an embodiment of the present invention.
  • FIG. 22 is a schematic diagram of an application scenario of a user logging in to a cloud desktop using a mobile terminal according to an embodiment of the present disclosure
  • FIG. 23 is a schematic diagram of a fingerprint input application scenario according to an embodiment of the present invention.
  • the authentication request sent by the terminal is obtained, and the authentication request is authenticated according to the pre-configured cloud database; if the authentication request is And authenticating, the pre-configured cloud desktop and the permission set are matched according to the authentication request; and the access of the terminal to the cloud desktop is controlled according to the permission set.
  • the existing technology does not have flexible adaptability and adjustability in the cloud desktop security management and control, and cannot meet the security management and control requirements of the cloud desktop.
  • the embodiment of the invention provides a solution for the fingerprint identification technology to be connected to a plurality of virtualized core technologies, so that the user can access the cloud in the manner of fingerprint identification, and the fingerprint is matched to determine whether the current user can access the cloud desktop, and the user fingerprint is authorized.
  • the permission of the cloud desktop makes the fingerprint become the only certificate for the user to access the desktop cloud system through the mobile terminal, thereby ensuring information security.
  • a first embodiment of the cloud desktop management method of the present invention provides a cloud desktop management method, where the cloud desktop management method includes:
  • Step S10 Acquire an authentication request sent by the terminal in the cloud desktop fingerprint login mode, and authenticate the authentication request according to the pre-configured cloud database.
  • the embodiment of the present invention combines the biometric identification technology with the cloud system security management and control process, and fully integrates the fingerprint identification technology into the management of the desktop cloud system. It can guarantee the security of the virtual desktop environment as well as the fingerprint. Don't provide users with more personalized customized services, and provide a security management solution for desktop cloud systems to make up for the security shortcomings of cloud desktop products in the rapid development process.
  • the embodiment of the present invention performs security management and control of the cloud desktop through the cloud desktop server.
  • Cloud desktop servers include Virtualization Management Center (VMC), Virtualization Environment (VE, Virtual Environment), Cloud Desktop Virtual Machine and Cloud Desktop Agent.
  • VMC Virtualization Management Center
  • VE Virtualization Environment
  • Cloud Desktop Virtual Machine Cloud Desktop Agent
  • the VMC is configured as the security control of the cloud desktop
  • the VE provides the running environment for the cloud desktop virtual machine
  • the cloud desktop virtual machine provides the cloud desktop service to the user.
  • the cloud desktop agent can feed back the running status of the cloud desktop virtual machine to the VMC.
  • the desktop cloud server After the desktop cloud server is deployed, enter the user fingerprint information and configure the user attributes corresponding to the fingerprint information for cloud desktop configuration and authority management.
  • the terminal In the cloud desktop fingerprint login mode, the terminal enters the login fingerprint of the current user to log in to the cloud desktop, and obtains the signature of the login fingerprint as the login fingerprint information.
  • the terminal may be a PC, a mobile terminal, or the like.
  • the terminal generates an authentication request according to the login fingerprint information, the login time of the current user, and the like.
  • the terminal encrypts the authentication request and sends it to the VMC.
  • the VMC After receiving the encrypted authentication request sent by the terminal, the VMC decrypts and obtains an authentication request.
  • the VMC obtains login fingerprint information of the current user login to the cloud desktop according to the authentication request.
  • the VMC then matches the login fingerprint information with the fingerprint information in the pre-configured cloud database.
  • each fingerprint information having the login authority and the corresponding user attribute recorded in advance are recorded.
  • the user attribute includes the account information corresponding to the fingerprint information, the terminal information, the matching cloud desktop, and the like.
  • the fingerprint information includes the fingerprint feature code extracted when the fingerprint is entered.
  • the fingerprint feature code matching the fingerprint feature code of the current login fingerprint information is found in the cloud database, it is determined that the current login fingerprint information has the login authority.
  • the VMC determines that the current authentication request passes the authentication.
  • Step S20 If the authentication request passes the authentication, the cloud desktop and the permission set are matched according to the authentication request.
  • the VMC matches the cloud desktop and the permission set according to the authentication request.
  • the VMC obtains the current user attribute according to the login fingerprint information carried by the current authentication request, and matches the pre-configured cloud desktop according to the user attribute.
  • the personalized and differentiated cloud desktops can be flexibly configured according to different login fingerprints, for example, the operating system, data, and application software of the cloud desktop can be flexibly configured.
  • the cloud desktops obtained by VMC matching can be one or more.
  • the VMC matches the pre-configured permission set of the current login fingerprint information according to the user attribute of the current login fingerprint information.
  • the permission set contains the permissions of the current user to access the cloud desktop, including the peripheral permission call permission, network permission, file operation authority, etc. For example, whether the account corresponding to the current login fingerprint information has the right to call the terminal camera, and whether the terminal is called.
  • USB Universal Serial Bus
  • OTG On-The-Go
  • the VMC gets the set of permissions for the current login fingerprint.
  • Step S30 Control access of the terminal to the cloud desktop according to the permission set.
  • the terminal accesses the cloud desktop according to the permission set.
  • the VMC notifies the terminal that the current authentication request passes the authentication, and the terminal sends a link request to the VE.
  • the VE responds to the link request of the terminal, starts the cloud desktop virtual machine according to the link request, and starts the corresponding cloud desktop.
  • the VE returns a response message to the terminal.
  • the terminal After receiving the response message from the VE, the terminal connects to the cloud desktop VM and accesses the cloud desktop. The user can perform various operations on the cloud desktop based on the terminal.
  • the VMC controls the permissions of the user on the cloud desktop access process according to the permission set, and performs security control, for example, controlling the user's permission to invoke the camera when accessing the cloud desktop.
  • the authentication request sent by the terminal is acquired, and the authentication request is authenticated according to the pre-configured cloud database; if the authentication request passes the authentication, according to the The authentication request matches the cloud desktop and the permission set; and the terminal controls the access of the terminal to the cloud desktop according to the permission set.
  • This embodiment is specific to the flexibility of the mobile terminal when accessing the cloud desktop.
  • the data and the security risks and management problems brought by the cloud desktop system connect the fingerprint identification technology with various virtualization core technologies to enable the user to access the cloud in the manner of fingerprint identification, and match the fingerprint to determine whether the current user can access the cloud desktop.
  • the user's fingerprint is used to authorize the permissions of the cloud desktop, so that the fingerprint becomes the only credential for the user to access the desktop cloud system through the mobile terminal, thereby ensuring information security.
  • the embodiment of the invention realizes the identification of the fingerprint, configures the permissions of the cloud desktop according to the fingerprint information, enhances the control and flexibility of the security of the cloud desktop, and improves the user experience.
  • the second embodiment of the cloud desktop management method of the present invention provides a cloud desktop management method.
  • the step S10 includes:
  • Step S11 Acquire an authentication request sent by the terminal in a cloud desktop fingerprint login mode, where the authentication request carries login fingerprint information and terminal information of the terminal.
  • the terminal enters the current login fingerprint of the user through the fingerprint identification device, extracts the fingerprint feature code according to the login fingerprint, and uses the obtained fingerprint feature code as the fingerprint information of the current login fingerprint.
  • the terminal generates an authentication request by using information such as the login fingerprint information, the terminal information of the current terminal, and the login time of the current user.
  • the terminal information is unique identification information of the current terminal, and may be information that can uniquely identify the current terminal, such as hardware information.
  • the terminal encrypts the authentication request and sends it to the VMC.
  • the VMC After receiving the encrypted authentication request sent by the terminal, the VMC decrypts and obtains the login fingerprint information and the terminal information carried in the authentication request.
  • Step S12 Authenticate the terminal and the login fingerprint according to the login fingerprint information, the terminal information of the terminal, and a pre-configured cloud database.
  • the terminal and the login fingerprint are authenticated according to the pre-configured cloud database.
  • the cloud fingerprint database records terminal information and fingerprint information that have permission to access the cloud desktop. If the terminal information of the current terminal is found in the cloud database and the fingerprint information of the login fingerprint is matched, it is determined that the current terminal and the login fingerprint have the right to access the cloud desktop and pass the authentication.
  • the terminal information of the current terminal is not found, or the fingerprint information of the login fingerprint is not matched, it is determined that the current terminal and the login fingerprint do not have permission to access the cloud desktop, and the authentication is not passed.
  • Step S13 If the terminal and the login fingerprint pass the authentication, determine that the authentication request passes the authentication.
  • the VMC After obtaining the authentication result of the current terminal and the login fingerprint, if the current terminal and the login fingerprint pass the authentication, the VMC determines that the current authentication request passes the authentication.
  • the VMC determines that the current authentication request has not passed the authentication and does not have the login permission. At this time, the VMC returns a notification message of the login failure to the terminal. The terminal prompts the user to fail to log in and asks the user to input the fingerprint again.
  • the terminal may remind the user to switch the login mode and log in to the cloud desktop using the account mode.
  • the authentication request sent by the terminal is acquired, and the authentication request carries the login fingerprint information and the terminal information of the terminal; according to the login fingerprint information, the terminal information of the terminal, and the pre-configured cloud.
  • the database authenticates the authority of the terminal and the login fingerprint; if the current terminal and the login fingerprint pass the authentication, it determines that the authentication request passes the authentication.
  • the login terminal and the fingerprint are simultaneously authenticated, and the cloud desktop is allowed to be logged in only when the terminal and the login fingerprint pass the authentication at the same time, thereby improving the security of the cloud desktop control. .
  • the third embodiment of the cloud desktop management method of the present invention provides a cloud desktop management method.
  • the step S12 includes:
  • Step S121 Determine, according to the cloud database and the terminal information, whether the terminal has access rights.
  • the VMC determines, according to the terminal information in the authentication request, whether the current terminal has the access right.
  • the VMC is pre-configured with a terminal device that allows access to the cloud desktop, and terminal identification information with access rights is recorded in the cloud database.
  • the terminal identification information recorded by the VMC may be a terminal device type, device information of the terminal device, or the like.
  • the access security of the cloud desktop is guaranteed.
  • the VMC pre-configured the public PC does not allow access to the cloud desktop, and only allows the internal PC to access the cloud desktop; or the VMC pre-records the mobile terminal that allows access to the cloud desktop, and records the mobile terminal. Terminal information, does not allow unregistered mobile terminals to access the cloud desktop.
  • VMC can also be flexibly set according to other security principles. Access rights to the terminal.
  • the VMC only allows the recorded terminal device to access the cloud desktop, and records the terminal information with the access authority in the cloud database for example.
  • the VMC searches the cloud database according to the terminal information of the current terminal, and determines whether the current terminal has access rights.
  • the terminal information of the current terminal is found in the cloud database, it is determined that the current terminal has the access right; if the terminal information of the current terminal is not found in the cloud database, it is determined that the current terminal does not have the access right.
  • the VMC returns a notification message of the login failure to the terminal, notifying that the current terminal does not have the access right, and rejecting the login request of the current terminal.
  • the terminal may notify the user that the current terminal does not have access rights according to the notification message.
  • the VMC obtains the access authority judgment result of the current terminal.
  • Step S122 Determine, according to the cloud database and the login fingerprint information, whether the login fingerprint information has login authority.
  • the VMC determines whether the current login fingerprint information has login authority according to the pre-configured cloud database.
  • pre-configured cloud database pre-recorded fingerprint information with access rights is recorded. Based on the fingerprint information entered in the cloud database, the VMC matches the current login fingerprint information to find the fingerprint information that matches the current login fingerprint information.
  • fingerprint information matching the current login fingerprint information is successfully found in the cloud database, it is determined that the current login fingerprint information has the login authority; if the fingerprint information matching the current login fingerprint information is not found in the cloud database, the current login is determined. Fingerprint information does not have login privileges.
  • Step S123 If the terminal has an access right, and the login fingerprint information has a login authority, determine that the terminal and the login fingerprint pass the authentication.
  • the VMC determines that the current authentication request passes the authentication and has the login authority.
  • the terminal and the fingerprint information are simultaneously authenticated, and only the fingerprint having the login authority is allowed to access the cloud desktop through the terminal having the access authority, thereby realizing the simultaneous control of the terminal device and the fingerprint, thereby greatly improving the cloud desktop. Security management capabilities and flexibility.
  • the fourth embodiment of the cloud desktop management method of the present invention provides a cloud desktop management method.
  • the step S13 includes:
  • Step S131 If the terminal and the login fingerprint information pass the authentication, determine whether the terminal is a pre-configured login terminal corresponding to the login fingerprint information.
  • the pre-configured fingerprint information is bound with a corresponding login terminal.
  • a private user can bind his or her personal fingerprint and personal terminal, and not allow others to log in to the cloud desktop through their own terminal; or preset the public terminal to bind the fingerprint information of multiple specific users, so as to prevent users with lower permissions from using the fingerprint.
  • This public terminal logs in to the cloud desktop.
  • the terminal when the user first uses the cloud desktop account and logs in to the cloud desktop on the terminal. If the cloud desktop account is authenticated by the VMC and is a legitimate user, the terminal prompts the user whether to enter the fingerprint information and log in using the fingerprint.
  • the fingerprint of the current user is entered, and the fingerprint feature code is extracted to obtain the fingerprint information.
  • the terminal encrypts and transmits the fingerprint information and the terminal information of the current terminal to the VMC.
  • the VMC After receiving the fingerprint information and the terminal information, the VMC binds the current terminal as the current fingerprint information to the current fingerprint information, and binds the fingerprint information to the corresponding login terminal. It should be noted that one terminal can bind multiple different fingerprint information.
  • the VMC stores the terminal information bound by the current fingerprint information in the cloud database as a user attribute corresponding to the fingerprint information.
  • the fingerprint login mode if the login fingerprint information is authenticated by login, the user attribute of the login fingerprint information is obtained, and the login terminal information corresponding to the current login fingerprint information is obtained.
  • the VMC matches the login terminal information according to the terminal information of the current terminal, and determines whether the current terminal is the login terminal, that is, determines whether the current login fingerprint information has permission to log in to the cloud desktop using the current terminal.
  • the terminal information of the current terminal is successfully matched with the login terminal information, it is determined that the current terminal is the login terminal corresponding to the current login fingerprint information; if the terminal information of the current terminal fails to match the login terminal information, it is determined that the current terminal is not the current login fingerprint.
  • the login terminal corresponding to the information If the terminal information of the current terminal is successfully matched with the login terminal information, it is determined that the current terminal is the login terminal corresponding to the current login fingerprint information; if the terminal information of the current terminal fails to match the login terminal information, it is determined that the current terminal is not the current login fingerprint. The login terminal corresponding to the information.
  • Step S132 If the terminal is the login terminal corresponding to the login fingerprint information, determine that the authentication request passes the authentication.
  • the VMC determines that the current fingerprint information can log in to the cloud desktop system through the current terminal, and determines that the current authentication request passes the authentication.
  • the VMC determines that the current authentication request authentication fails, and rejects the current login fingerprint information to log in to the cloud desktop through the current terminal.
  • the VMC can also pre-configure the abnormal reminder mode, pre-configure the corresponding user's mobile phone number, email address, etc. according to the login fingerprint information, and notify the user by SMS, email, etc. when the fingerprint information is abnormally logged in.
  • the VMC records the record that the user accesses the cloud desktop through fingerprint authentication, including terminal information, time, duration, etc., and can be configured to send the cloud desktop access record to the user only when the abnormal login record occurs, to ensure that the user fingerprint is stolen. I will be able to know at the first time.
  • the fingerprint information abnormal login includes the fingerprint information corresponding to the user account password continuously input multiple times, the fingerprint information is registered in the cloud desktop after the terminal device that is not pre-bound, and the fingerprint information is successfully accessed after the cloud desktop is successfully operated, etc., according to Actually requires flexible configuration.
  • the current terminal and the login fingerprint information are authenticated, it is determined whether the current terminal is a pre-configured login terminal corresponding to the current login fingerprint information; if the current terminal is the login terminal corresponding to the current login fingerprint information, determining The current authentication request is authenticated, allowing access to the cloud desktop.
  • the fingerprint information and the login terminal are bound, and after multiple authentication, the biometric identification information and the terminal information are combined, and the fingerprint and the terminal are matched, and the user's exclusive terminal configuration is realized, so that others can log in to the cloud through the user's personal exclusive terminal.
  • the desktop enhances the security management and control of the cloud desktop and ensures information security.
  • a fourth embodiment of the cloud desktop management method of the present invention provides a cloud desktop management method based on the foregoing embodiment shown in FIG. 1, FIG. 2, FIG. 3 or FIG. 4 (this embodiment uses FIG. 1 is an example), and the step S20 includes:
  • step S21 if the authentication request is authenticated, the pre-configured cloud desktops are matched according to the authentication request to obtain a cloud desktop list.
  • the VMC After the current authentication request is authenticated, the VMC obtains the current user attribute according to the current authentication request, and matches each pre-configured cloud desktop according to the user attribute.
  • Pre-configured cloud desktops can be used by multiple users for different application scenarios or needs.
  • the VMC creates a cloud desktop list according to each cloud desktop obtained by the matching.
  • Step S22 Return the cloud desktop list to the terminal, and obtain a target cloud desktop selected based on the cloud desktop list.
  • the VMC After obtaining the cloud desktop list, the VMC returns the cloud desktop list to the terminal for the user to select.
  • the VMC obtains the cloud desktop selected by the user returned by the terminal, and uses the cloud desktop as the target cloud desktop.
  • the VMC may also return the attribute information of each cloud desktop to the terminal, and the terminal configures the cloud desktop list according to the attribute information of each cloud desktop for the user to select. .
  • the terminal After obtaining the target cloud desktop selected by the user, the terminal returns the attribute information of the target cloud desktop to the VMC, and the VMC obtains the target cloud desktop selected by the user.
  • Step S23 Configure a permission set according to the target cloud desktop, the login fingerprint information, and the terminal information of the terminal.
  • the VMC After obtaining the target cloud desktop, the VMC configures the permission set according to the target cloud desktop, the current login fingerprint information, and the terminal information.
  • the VMC is configured with the rights corresponding to each fingerprint information, the rights of each cloud desktop, and the rights corresponding to each login terminal.
  • Pre-configured permissions include peripheral call permissions, etc., which can be flexibly set as needed. Different fingerprint information, cloud desktops, and terminal permissions may be different.
  • the VMC obtains the corresponding rights, the rights of the target cloud desktop, and the rights corresponding to the current terminal, and obtains the rights of the current user and configures the permission set.
  • the current login fingerprint information and the target cloud desktop have the right to invoke the terminal camera, and the current terminal does not have the right to invoke the terminal camera, then the current user cannot call the camera.
  • the permission is added to the permission set; the current login fingerprint information, the target cloud desktop, and the current terminal all have the right to invoke the USB peripheral, and the current user can invoke the permission of the USB peripheral to join the permission set.
  • step S30 includes:
  • Step S31 controlling access of the terminal to the target cloud desktop according to the permission set.
  • the terminal after acquiring the target cloud desktop selected by the user, the terminal simultaneously sends a connection request to the VE according to the target cloud desktop.
  • the VE starts the cloud desktop virtual machine according to the link request of the terminal, and starts the target cloud desktop for the terminal to access.
  • the VE After obtaining the target cloud desktop and the permission set, the VE starts the cloud desktop virtual machine according to the target desktop acquired by the VMC, and starts the target cloud desktop for the terminal to access.
  • the VMC controls the access rights of the terminal according to the permission set.
  • the pre-configured cloud desktops are matched according to the authentication request to obtain a cloud desktop list; the cloud desktop list is returned to the terminal, and the target cloud desktop selected based on the cloud desktop list is obtained.
  • the cloud desktop list is configured for the user to select, and the user provides more choices according to different application scenarios; according to the target cloud desktop selected by the user, the terminal currently accessing the cloud desktop, and the fingerprint of the currently logged in cloud desktop, the comprehensive configuration
  • the collection of permissions realizes the comprehensive configuration of the permissions according to the current access to the cloud desktop, ensures the control of the terminal, the cloud desktop and the user's multi-party permissions, controls the access to the cloud desktop, and realizes the control of the cloud desktop security, and Greatly improved the control.
  • the sixth embodiment of the cloud desktop management method of the present invention provides a cloud desktop management method.
  • the step S31 includes:
  • Step S32 Return the permission set to the terminal, and the terminal accesses the target cloud desktop according to the permission set.
  • the VMC After obtaining the target cloud desktop and permission set, the VMC returns the permission set to the current terminal.
  • the terminal After receiving the permission set returned by the VMC, the terminal controls the operation rights of the current user when accessing the target cloud desktop according to the permission set.
  • the VMC may further match the data disk information and the virtualization application according to the login fingerprint information of the current user, and return the data disk information and the virtualization application to the terminal.
  • the VMC obtains data disk information and a virtual application (VAPP, Virtual Application) of the current user according to the current login fingerprint information.
  • VAPP Virtual Application
  • the data disk information may be a virtual operating system (VOI, Virtual OS Infrastructure) data disk information, and records current user data, such as office files; the virtualized application is a personalized application software configured for the current user.
  • VOI Virtual operating system
  • the financial personnel's application software can be configured as a financial application software
  • the human resources staff application software can be configured as a recruitment software.
  • the VMC delivers the permission set, the data disk information, and the virtualized application to the terminal side.
  • the terminal sends a cloud desktop link request to the VE according to the target cloud desktop.
  • the VE After receiving the cloud desktop link request, the VE starts the cloud desktop virtual machine and feeds back a response message to the terminal.
  • the terminal After receiving the response message from the VE, the terminal connects to the cloud desktop VM to access the cloud desktop and limits the operation requirements of the current user or terminal according to the permission set.
  • the user can invoke the current data disk information through the terminal to perform operations; the user can also invoke the current virtualization application and select the desired application to operate.
  • the terminal is configured to cache the data of the user to log in to the cloud desktop according to the received data disk information and the virtualized application. When the current user subsequently passes the current terminal again, the terminal can directly use the cached data for use. Avoid reloading each time to reduce the efficiency of cloud desktop access. It should be noted that the data disk information and the data of the virtualization application that are sent locally in the terminal can be updated synchronously with the data information of the remote cloud desktop to avoid data loss.
  • the permission set is returned to the terminal, and the terminal accesses the target cloud desktop according to the permission set.
  • the terminal by returning the permission set to the terminal, the terminal performs the permission control, which reduces the burden on the cloud desktop server and improves the efficiency of the cloud desktop.
  • a fifth embodiment of the cloud desktop management method of the present invention provides a cloud table.
  • the surface control method is based on the embodiment shown in any of the above-mentioned FIG. 1 to FIG. 6 (the embodiment is illustrated by using FIG. 1). After the step S30, the method further includes:
  • Step S40 Acquire a hardware invocation request of the cloud desktop to the terminal.
  • the hardware of the terminal includes the hardware resources owned by the terminal and the hardware resources accessed by the terminal through the USB peripheral.
  • a software client of a part of the operation and maintenance or management system requires the user to access the fingerprint authentication under the requirements of a certain security policy. At this time, when the user runs the software client, a fingerprint input prompt is popped up.
  • the cloud desktop virtual machine obtains a hardware invocation request according to the requirements of the cloud desktop client.
  • Step S50 Redirect the terminal hardware to the cloud desktop according to the hardware call request, and invoke the terminal hardware.
  • the cloud desktop agent redirects the hardware corresponding to the terminal to the peripheral hardware list of the cloud desktop virtual machine according to the hardware invocation request of the cloud desktop virtual machine, so that the terminal hardware points to the cloud desktop, and then calls the terminal hardware.
  • the application software in the current cloud desktop needs to be accessed by the user through fingerprint authentication.
  • the user inputs a fingerprint through the terminal, and the terminal extracts the feature code of the user fingerprint to obtain the login fingerprint information. Then, the terminal sends an authentication request to the VMC according to the terminal information and the login fingerprint information.
  • the VMC performs authentication according to the fingerprint information and the terminal information in the authentication request. After the authentication is passed, the VMC matches the cloud desktop according to the authentication request, and returns the cloud desktop list to the terminal for the user to select.
  • the user After the user selects the target cloud desktop through the terminal, the user sends a link request to the VE.
  • the VE starts the corresponding cloud desktop virtual machine according to the link request, and returns a response message to the terminal.
  • the terminal After receiving the response, the terminal connects to the cloud desktop VM and accesses the cloud desktop.
  • the cloud desktop virtual machine sends a fingerprint recording request to the cloud desktop proxy.
  • the cloud desktop agent redirects the fingerprint identifier of the terminal to the cloud desktop peripheral list according to the fingerprint recording request, and the fingerprint identification device is hung on the cloud desktop virtual machine.
  • the cloud desktop application software calls the fingerprint identifier of the terminal to record the fingerprint, and the user can pass the The fingerprint identifier of the terminal directly scans the fingerprint of the terminal, and the terminal sends the fingerprint information of the user to the cloud desktop agent.
  • the cloud desktop agent returns the obtained fingerprint information to the current cloud desktop application.
  • the terminal hardware after obtaining the hardware invocation request of the cloud desktop to the terminal, the terminal hardware is redirected to the cloud desktop according to the hardware call request, and the terminal hardware is invoked.
  • the embodiment redirects the hardware of the mobile terminal to the cloud desktop, realizes the call of the internal running program of the cloud desktop to the terminal hardware, and supports the fingerprint identification and authentication function of the internal program of the cloud desktop, thereby The rights management of running programs inside the cloud desktop can be performed, which enhances the security of the cloud desktop operation and improves the user experience.
  • a first embodiment of the cloud desktop access method of the present invention provides a cloud desktop access method, where the cloud desktop access method includes:
  • Step S60 In the cloud desktop fingerprint login mode, the terminal sends an authentication request to the cloud desktop server according to the input login fingerprint information.
  • the embodiment of the present invention performs authentication according to the fingerprint of the user.
  • This embodiment is exemplified by a mobile terminal.
  • a cloud desktop application (APP, Application) may be deployed in the terminal, the user opens the cloud desktop APP, selects a cloud desktop fingerprint login mode, and the cloud desktop APP prompts the user to input a fingerprint to log in to the cloud desktop.
  • APP Application
  • the terminal acquires the fingerprint input by the user, and extracts the fingerprint feature code to obtain the current login fingerprint information.
  • the terminal generates an authentication request according to the login fingerprint information, the login time of the current user, and the like. After the authentication request is encrypted, it is sent to the VMC in the cloud desktop server.
  • Step S70 If the authentication request passes the authentication, access the cloud desktop under the authority of the cloud desktop server.
  • the terminal sends a link request to the cloud desktop server.
  • the cloud desktop server responds to the terminal's link request, starts the cloud desktop virtual machine according to the link request, and starts the cloud desktop. Then, a response message is returned to the terminal.
  • the terminal After receiving the response message, the terminal connects to the cloud desktop to access and operate.
  • the cloud desktop In the process of accessing the cloud desktop by the terminal, if the operation of the permission restriction is involved, for example, calling the USB interface of the terminal, the cloud The desktop server determines the authority of the current user according to the permission set matched with the current authentication request, and controls the usage authority of the terminal according to the determination result.
  • the terminal in the cloud desktop fingerprint login mode, sends an authentication request to the cloud desktop server according to the input login fingerprint information; if the authentication request passes the authentication, accesses the cloud under the permission of the cloud desktop server. desktop.
  • the fingerprint information is authenticated by the terminal, so that when the user accesses the cloud desktop through the terminal, fingerprint authentication is performed, thereby ensuring information security.
  • the second embodiment of the cloud desktop access method of the present invention provides a cloud desktop access method.
  • the step S70 includes:
  • Step S71 If the authentication request is authenticated, obtain a returned cloud desktop list of the cloud desktop server.
  • the terminal obtains the cloud desktop list returned by the cloud desktop server, and the cloud desktop list includes the pre-configured cloud desktops matched by the cloud desktop server according to the current login fingerprint information, for the user. Make selection based on usage scenarios.
  • Step S72 Acquire a target cloud desktop selected based on the cloud desktop list, and return the target cloud desktop to the cloud desktop server.
  • the terminal After obtaining the cloud desktop list, the terminal feeds back the cloud desktop list to the user, obtains the target cloud desktop selected by the user based on the cloud desktop list, and returns the target cloud desktop to the cloud desktop server.
  • Step S73 Acquire a permission set returned by the cloud desktop server, and access the target cloud desktop according to the permission set.
  • the terminal After the user selects the target cloud desktop through the terminal, the terminal sends a link request to the cloud desktop server according to the target cloud desktop.
  • the cloud desktop server responds to the link request of the terminal, starts the cloud desktop virtual machine according to the link request, and returns the corresponding cloud desktop to the terminal.
  • the cloud desktop server returns the configured permission set to the terminal.
  • the permission set of the cloud desktop configuration includes the permissions of the configured current login fingerprint.
  • the user can access the cloud desktop through the terminal, use the software client in the cloud desktop, the network, and the like.
  • the terminal performs only the authorized operation according to the permission set, and disables the unauthorized operation. Thereby, the uniqueness of the user right matching is ensured according to the fingerprint information, and the high authority is prevented from being misplaced due to the account information error or the like.
  • the returned cloud of the cloud desktop server is obtained.
  • a list of desktops obtaining a target cloud desktop selected based on the cloud desktop list, and returning the target cloud desktop to the cloud desktop server; obtaining a permission set returned by the cloud desktop server, and accessing the target cloud desktop according to the permission set.
  • the embodiment of the invention realizes that the user selects the required target cloud desktop according to the cloud desktop list, and increases the user's selectivity; the cloud desktop server returns the permission set to the terminal, and when the cloud desktop is accessed, the terminal performs the rights management and mitigates
  • the burden of the cloud desktop server enhances the control and flexibility of cloud desktop security and enhances the user experience.
  • Step S60 includes:
  • Step S61 In the cloud desktop fingerprint login mode, the terminal acquires the input login fingerprint information.
  • the terminal acquires the fingerprint input by the user through the fingerprint identifier.
  • the terminal extracts the feature code of the fingerprint, and uses the obtained fingerprint feature code as the login fingerprint information of the current user.
  • Step S62 Determine whether the terminal has entered the unlock fingerprint information.
  • the terminal After obtaining the login fingerprint information, the terminal determines whether the current terminal has entered the unlock fingerprint information for unlocking the current terminal.
  • Step S63 If the terminal has entered the unlocking fingerprint information, the unlocking fingerprint information and the login fingerprint information are matched.
  • the terminal matches the unlocked fingerprint information that has been entered by the current terminal with the login fingerprint information of the current user.
  • Step S64 If the login fingerprint information and the unlocking fingerprint information are successfully matched, send the authentication request to the cloud desktop server according to the login fingerprint information and the terminal information of the terminal.
  • the unlocking fingerprint information of the current terminal is successfully matched with the login fingerprint information of the current user, it is determined that the user currently logging in to the cloud desktop is the owner of the current terminal, and the terminal according to the login fingerprint information, the terminal information of the current terminal, and the login time of the current user. Such information generates an authentication request. After the authentication request is encrypted, it is sent to the VMC in the cloud desktop server for authentication. Need to explain The terminal information of the current terminal is the unique identification information of the current terminal.
  • the terminal acquires the input login fingerprint information; then, determines whether the current terminal has entered the unlock fingerprint information; if the current terminal has entered the unlock fingerprint information, the matching unlock fingerprint information and login Fingerprint information; if the login fingerprint information matches the unlock fingerprint information, the authentication request is sent to the cloud desktop server according to the login fingerprint information and the terminal information of the terminal.
  • it is determined whether the user currently logging in to the cloud desktop is the current terminal owner by determining whether the current terminal has the unlocked fingerprint information, thereby ensuring the security of the personal terminal logging in to the cloud desktop.
  • the fourth embodiment of the cloud desktop access method of the present invention provides a cloud desktop access method. After the step S63, the method further includes:
  • Step S65 If the login fingerprint information fails to match the unlock fingerprint information, determine whether the terminal is a private terminal according to the attribute information pre-configured by the terminal.
  • the attributes of the terminal may be pre-configured, for example, the configuration terminal is a private terminal or a shared terminal, and the private terminal only allows a specific pre-configured partial user fingerprint information to log in to the cloud desktop through the current terminal, and the public terminal allows all users to The fingerprint information is logged in to the cloud desktop through the current terminal.
  • a configuration item may be added to the cloud desktop APP of the terminal, and the object that the current terminal authorizes to log in to the cloud desktop is configured as “owner” or “owner”, thereby configuring the current terminal to be a private terminal or a public terminal. , get the attribute information of the terminal.
  • the terminal is a private terminal.
  • the terminal determines the attribute information of the cloud desktop APP side, and authorizes whether the object that the terminal logs in to the cloud desktop is “I” or “Everyone”. If the current terminal only authorizes "owner” to log in to the cloud desktop through the terminal, it determines that the current terminal is a private terminal; if the current terminal authorizes "owner” to log in to the cloud desktop through the terminal, it determines that the current terminal is a shared terminal.
  • step S64 if the terminal is not a private terminal, the process proceeds to step S64.
  • the terminal After logging in to the cloud desktop, the terminal sends an authentication request to the cloud desktop server according to the login fingerprint information, the terminal information, and the login time of the current user.
  • the terminal If the current terminal is a private terminal, that is, the owner of the terminal does not allow other users to log in to the cloud desktop on the terminal, the terminal prompts the user that the user does not have permission to log in to the cloud desktop.
  • FIG. 22 an example is illustrated in which the current user logs in to the cloud desktop using the mobile terminal.
  • the user opens the cloud desktop APP in the mobile terminal, and selects to use the fingerprint to log in to the cloud desktop to enter the fingerprint login mode.
  • the mobile terminal scans the fingerprint of the user to obtain login fingerprint information. Then, the mobile terminal determines whether the current device has entered the unlocking fingerprint information, that is, whether the current mobile terminal has the unlocking fingerprint for the unlocking of the mobile terminal and the like.
  • the authentication request is generated according to the login fingerprint information, and the authentication request is encrypted and sent to the VMC; if the current mobile terminal has entered the unlocking fingerprint information, the currently entered login fingerprint information and the storage are matched.
  • the unlocking fingerprint information determines whether the currently entered login fingerprint information is consistent with the stored unlocked fingerprint information.
  • the authentication request is generated according to the login fingerprint information, and the authentication request is encrypted and sent to the VMC; if the currently entered login fingerprint information is inconsistent with the stored unlocked fingerprint information, Then, it is judged whether the current mobile terminal is set as a private terminal.
  • the authentication request is generated according to the login fingerprint information, and the authentication request is encrypted and sent to the VMC; if the current mobile terminal is a private terminal, the user is prompted not to access the cloud desktop at the current terminal, and Send SMS, email, etc. to notify the owner of the current terminal device to log in.
  • the VMC After receiving the encrypted authentication request sent by the mobile terminal, the VMC decrypts, obtains an authentication request, and parses the login fingerprint information.
  • the VMC then matches the current fingerprint information according to each fingerprint information stored in the cloud database. If the current login fingerprint information is successfully matched, the current authentication request is authenticated; if the current login fingerprint information fails to match, the VMC returns a login alarm message to the mobile terminal, and the mobile terminal prompts the user to input the fingerprint again.
  • the VMC If all the login fingerprints entered by the current user three times fail, the VMC returns a login alarm message to the mobile terminal, and the mobile terminal prompts the user to log in using the account password.
  • the terminal is a private terminal; if the current terminal is not a private terminal, the authentication request is sent to the cloud desktop server according to the login fingerprint information and the terminal information of the terminal. .
  • the private attribute information and the user fingerprint information of the terminal are combined to comprehensively manage the access security of the cloud desktop.
  • the ninth embodiment of the cloud desktop access method of the present invention provides a cloud desktop access method, and based on the foregoing embodiment shown in FIG. 11, before the step S60, the method further includes:
  • Step S80 Acquire the entered fingerprint information, and send the entered fingerprint information and the terminal information of the terminal to the cloud desktop server, where the cloud desktop server configures the cloud database for authentication.
  • the user can enter new fingerprint information for fingerprint authentication.
  • the current user logs in to the cloud desktop through the terminal for the first time login.
  • the user opens the terminal, runs the cloud desktop APP deployed in the terminal, and then enters the username and password to log in.
  • the terminal prompts the user that the current authentication fails. If the verification succeeds, the terminal prompts the user whether to enter the fingerprint information and log in using the fingerprint.
  • the user If the user does not need to enter the fingerprint information, the user enters the normal login process to obtain the cloud desktop and permission set configured by the cloud desktop server. If the user selects the fingerprint information, the fingerprint of the current user is entered, and the fingerprint feature code is extracted to obtain the fingerprint information.
  • the terminal encrypts the fingerprint information and the terminal information of the current terminal and sends the fingerprint information to the cloud desktop server.
  • the cloud desktop server After receiving the encrypted information sent by the terminal, the cloud desktop server parses and obtains the current user fingerprint information and terminal information.
  • the cloud desktop server stores the current fingerprint information as the fingerprint information bound by the current account user, and stores it in the cloud database. or,
  • the cloud desktop server stores the current fingerprint information as the fingerprint information bound by the current account user in the cloud database, and stores the terminal information of the current terminal, and uses the current terminal as the prepared Terminal equipment. or,
  • the cloud desktop server stores the current fingerprint information as the fingerprint information bound by the current account user, and stores the current terminal as the login terminal of the current fingerprint information, and uses the current terminal information as the terminal corresponding to the current fingerprint information. Information is stored.
  • the cloud desktop server updates the cloud database to notify the terminal that the current fingerprint information has been successfully recorded.
  • the VMC may also pre-configure the abnormal reminding mode, and pre-configure the corresponding user mobile phone number, email address, and the like according to the user information, and notify the user by SMS, email, etc. when the user logs in abnormally.
  • the VMC records the user's access to the cloud desktop through account number and password authentication, including terminal information, time, duration, etc., and can be configured to send the cloud desktop access record to the user only when the abnormal login record occurs, to ensure that the user's fingerprint is stolen. When the user himself will be able to know at the first time.
  • the account information abnormal login includes the account password incorrect input, etc., and can be flexibly configured according to actual needs.
  • the fingerprint information is obtained, and the fingerprint information and the terminal information of the terminal are sent to the cloud desktop server for the cloud desktop server to configure the cloud database for authentication.
  • the fingerprint information is used for the cloud desktop server to configure the cloud database, so that when the user logs in to the cloud desktop, the fingerprint authentication is obtained, the corresponding cloud desktop and each permission are acquired, and the fingerprint identification is integrated at all levels of the cloud desktop. Under management.
  • a first embodiment of the cloud desktop control device of the present invention provides a cloud desktop control device, where the cloud desktop control device includes:
  • the authentication module 10 is configured to obtain an authentication request sent by the terminal in the cloud desktop fingerprint login mode, and authenticate the authentication request according to the pre-configured cloud database.
  • the present invention Based on the security problems faced by the current desktop cloud system, the present invention combines the biometric identification technology with the cloud system security management and control process, and fully integrates the fingerprint identification technology into the management of the desktop cloud system. It can not only guarantee the security of the virtual desktop environment, but also provide users with more personalized customized services through fingerprint recognition, and provide a security management solution unique to the desktop cloud system to make up for the security of cloud desktop products in the rapid development process. Short board.
  • the embodiment of the present invention is implemented by a cloud desktop control device.
  • the cloud desktop control device can be deployed in a cloud desktop server.
  • the user fingerprint information is entered and the user attributes corresponding to the fingerprint information are configured for cloud desktop configuration and authority management.
  • the terminal In the cloud desktop fingerprint login mode, the terminal enters the login fingerprint of the current user to log in to the cloud desktop, and obtains the signature of the login fingerprint as the login fingerprint information.
  • the terminal may be a PC end, a mobile terminal, or the like.
  • the terminal generates an authentication request according to the login fingerprint information, the login time of the current user, and the like.
  • the terminal encrypts the authentication request and sends it to the authentication module 10.
  • the authentication module 10 After receiving the encrypted authentication request sent by the terminal, the authentication module 10 decrypts and obtains an authentication request. The authentication module 10 obtains the login fingerprint information of the current user login to the cloud desktop according to the authentication request.
  • the authentication module 10 matches the login fingerprint information with the fingerprint information in the pre-configured cloud database.
  • each fingerprint information having the login authority and the corresponding user attribute recorded in advance are recorded.
  • the user attribute includes the account information corresponding to the fingerprint information, the terminal information, the matching cloud desktop, and the like.
  • the fingerprint information includes the fingerprint feature code extracted when the fingerprint is entered.
  • the authentication module 10 determines that the current login fingerprint information has the login authority.
  • the authentication module 10 determines that the current authentication request passes the authentication.
  • the matching module 20 is configured to match the cloud desktop and the permission set according to the authentication request if the authentication request passes the authentication.
  • the matching module 20 matches the cloud desktop and the permission set according to the authentication request.
  • the matching module 20 acquires the current user attribute according to the login fingerprint information carried in the current authentication request, and matches the pre-configured cloud desktop according to the user attribute.
  • the personalized and differentiated cloud desktops can be flexibly configured according to different login fingerprints, for example, the operating system, data, and application software of the cloud desktop can be flexibly configured.
  • the cloud desktops matched by the matching module 20 may be one or more.
  • the matching module 20 matches the pre-configured permission set of the current login fingerprint information according to the user attribute of the current login fingerprint information.
  • the permission set contains the permissions of the current user to access the cloud desktop, including the peripheral permission call permission, network permission, file operation authority, etc. For example, whether the account corresponding to the current login fingerprint information has the right to call the terminal camera, and whether the terminal is called. USB peripherals, permissions of OTG devices, etc.
  • the matching module 20 obtains the rights of the current login fingerprint, and obtains the permission set according to each permission configuration.
  • the control module 30 is configured to control access of the terminal to the cloud desktop according to the permission set.
  • the management module 30 controls the terminal's access to the cloud desktop according to the permission set.
  • the management module 30 notifies the terminal that the current authentication request passes the authentication, and the terminal sends a link request to the management module 30.
  • the control module 30 responds to the link request of the terminal, configures the corresponding cloud desktop according to the link request, starts the cloud desktop virtual machine, and starts the cloud desktop. At the same time, the control module 30 returns a response message to the terminal.
  • the terminal After receiving the response message from the control module 30, the terminal connects to the cloud desktop virtual machine and accesses the cloud desktop. The user can perform various operations on the cloud desktop based on the terminal.
  • the management module 30 controls the permissions of the user on the cloud desktop access process according to the permission set, and performs security control, for example, controlling the user's permission to invoke the camera when accessing the cloud desktop.
  • the authentication module 10 obtains the authentication request sent by the terminal, and authenticates the authentication request according to the pre-configured cloud database; if the authentication request passes the authentication, the matching is performed.
  • the module 20 matches the cloud desktop and the permission set according to the authentication request; the management module 30 controls the terminal access to the cloud desktop according to the permission set.
  • the present embodiment is directed to the security risks and management problems brought by the unique flexibility of the mobile terminal when accessing the cloud desktop to the personal data and the cloud desktop system, and the fingerprint identification technology and various virtualization core technologies are connected to realize the fingerprint identification by the user.
  • the method is to access the cloud, match the fingerprint to determine whether the current user can access the cloud desktop, authorize the permission of the cloud desktop through the user fingerprint, and make the fingerprint become the unique credential for the user to access the desktop cloud system through the mobile terminal, thereby ensuring information security.
  • the embodiment of the invention realizes the authentication of the fingerprint, configures the permissions of the cloud desktop according to the fingerprint information, and enhances the management of the security of the cloud desktop. Control and flexibility to enhance the user experience.
  • the second embodiment of the cloud desktop management device of the present invention provides a cloud desktop management device.
  • the authentication module 10 includes:
  • the first obtaining unit 11 is configured to acquire an authentication request sent by the terminal in a cloud desktop fingerprint login mode, where the authentication request carries login fingerprint information and terminal information of the terminal.
  • the terminal enters the current login fingerprint of the user through the fingerprint identification device, extracts the fingerprint feature code according to the login fingerprint, and uses the obtained fingerprint feature code as the fingerprint information of the current login fingerprint.
  • the terminal generates an authentication request by using information such as the login fingerprint information, the terminal information of the current terminal, and the login time of the current user.
  • the terminal information is unique identification information of the current terminal, and may be information that can uniquely identify the current terminal, such as hardware information.
  • the terminal encrypts the authentication request and sends it to the first obtaining unit 11.
  • the first obtaining unit 11 After receiving the encrypted authentication request sent by the terminal, the first obtaining unit 11 performs decryption, and obtains the login fingerprint information and the terminal information carried in the authentication request.
  • the authentication unit 12 is configured to authenticate the rights of the terminal and the login fingerprint according to the login fingerprint information, the terminal information of the terminal, and a pre-configured cloud database.
  • the authentication unit 12 After obtaining the login fingerprint information and the terminal information of the terminal, the authentication unit 12 authenticates the authority of the terminal and the login fingerprint according to the pre-configured cloud database.
  • the cloud fingerprint database records terminal information and fingerprint information that have permission to access the cloud desktop. If the terminal information of the current terminal is found in the cloud database and the fingerprint information of the login fingerprint is matched, it is determined that the current terminal and the login fingerprint have the right to access the cloud desktop and pass the authentication.
  • the terminal information of the current terminal is not found, or the fingerprint information of the login fingerprint is not matched, it is determined that the current terminal and the login fingerprint do not have permission to access the cloud desktop, and the authentication is not passed.
  • the authentication unit 12 obtains the authentication result of the current terminal and the login fingerprint.
  • the determining unit 13 is configured to determine that the authentication request passes the authentication if the terminal and the login fingerprint pass the authentication.
  • the determining unit 13 determines that the current authentication request passes the authentication.
  • the determination unit 13 determines that the current authentication request fails the authentication and does not have the login permission. At this time, the determination unit 13 returns a notification message of the login failure to the terminal. The terminal prompts the user to fail to log in and asks the user to input the fingerprint again.
  • the terminal may remind the user to switch the login mode and log in to the cloud desktop using the account mode.
  • the first obtaining unit 11 acquires an authentication request sent by the terminal, where the authentication request carries the login fingerprint information and the terminal information of the terminal; the authentication unit 12 according to the login fingerprint information, The terminal information of the terminal and the pre-configured cloud database authenticate the authority of the terminal and the login fingerprint; if the current terminal and the login fingerprint pass the authentication, the determining unit 13 determines that the authentication request passes the authentication.
  • the login terminal and the fingerprint are simultaneously authenticated, and the cloud desktop is allowed to be logged in only when the terminal and the login fingerprint pass the authentication at the same time, thereby improving the security of the cloud desktop control. .
  • the third embodiment of the cloud desktop management device of the present invention provides a cloud desktop management device.
  • the authentication unit 12 further Configured as,
  • the terminal has access rights, and the login fingerprint information has login authority, it is determined that the terminal and the login fingerprint pass authentication.
  • the authentication unit 12 determines, according to the terminal information in the authentication request, whether the current terminal has the access right.
  • the authentication unit 12 is preconfigured with a terminal device that allows access to the cloud desktop, and the terminal identification information with the access authority is recorded in the cloud database.
  • the terminal identification information recorded by the authentication unit 12 may be a terminal device type, device information of the terminal device, or the like.
  • the access security of the cloud desktop is ensured.
  • the authentication unit 12 pre-configures that the public PC does not allow access to the cloud desktop, and only allows the PC inside the enterprise to access the cloud desktop; or the authentication unit 12 pre-empts the mobile terminal that allows access to the cloud desktop. Recording, recording the terminal information of the mobile terminal, and not allowing the unregistered mobile terminal to access the cloud desktop.
  • the authentication unit 12 can also be based on His security principle flexibly sets the access rights of the terminal.
  • the authentication unit 12 only allows the recorded terminal device to access the cloud desktop, and records the terminal information with the access authority in the cloud database for example.
  • the authentication unit 12 searches the cloud database according to the terminal information of the current terminal, and determines whether the current terminal has access rights.
  • the terminal information of the current terminal is found in the cloud database, it is determined that the current terminal has the access right; if the terminal information of the current terminal is not found in the cloud database, it is determined that the current terminal does not have the access right.
  • the authentication unit 12 returns a notification message of the login failure to the terminal, notifying that the current terminal does not have the access right, and rejecting the login request of the current terminal.
  • the terminal may notify the user that the current terminal does not have access rights according to the notification message.
  • the authentication unit 12 obtains the access authority judgment result of the current terminal.
  • the authentication unit 12 determines whether the current login fingerprint information has login authority according to the pre-configured cloud database.
  • pre-configured cloud database pre-recorded fingerprint information with access rights is recorded.
  • the authentication unit 12 matches the current login fingerprint information according to the fingerprint information entered in the cloud database, and searches for fingerprint information that matches the current login fingerprint information.
  • fingerprint information matching the current login fingerprint information is successfully found in the cloud database, it is determined that the current login fingerprint information has the login authority; if the fingerprint information matching the current login fingerprint information is not found in the cloud database, the current login is determined. Fingerprint information does not have login privileges.
  • the authentication unit 12 obtains a determination result of whether or not the current login fingerprint information has the login authority.
  • the authentication unit 12 determines that the current authentication request passes the authentication and has the login authority.
  • the authentication unit 12 determines whether the current terminal has the access authority according to the cloud database and the terminal information; the authentication unit 12 identifies whether the current login fingerprint information has the login authority according to the cloud database and the login fingerprint information; The access authority, and the login fingerprint information has login authority, the authentication unit 12 determines that the current authentication request passes the authentication.
  • the authentication unit 12 determines that the current authentication request passes the authentication.
  • by authenticating the terminal and the fingerprint information at the same time only the fingerprint having the login permission is allowed to have access rights.
  • the terminal accesses the cloud desktop and realizes the simultaneous control of the terminal device and the fingerprint, which greatly improves the security management and control capability and flexibility of the cloud desktop.
  • the fourth embodiment of the cloud desktop control device of the present invention provides a cloud desktop control device.
  • the determining unit 13 is further configured. for,
  • the terminal and the login fingerprint information are authenticated, determining whether the terminal is a pre-configured login terminal corresponding to the login fingerprint information; if the terminal is a login terminal corresponding to the login fingerprint information, The authentication request is determined to pass the authentication.
  • the pre-configured fingerprint information is bound with a corresponding login terminal.
  • a private user can bind his or her personal fingerprint and personal terminal, and not allow others to log in to the cloud desktop through their own terminal; or preset the public terminal to bind the fingerprint information of multiple specific users, so as to prevent users with lower permissions from using the fingerprint.
  • This public terminal logs in to the cloud desktop.
  • the terminal when the user first uses the cloud desktop account and logs in to the cloud desktop on the terminal. If the cloud desktop account is authenticated and is a legitimate user, the terminal prompts the user whether to enter the fingerprint information and log in using the fingerprint.
  • the fingerprint of the current user is entered, and the fingerprint feature code is extracted to obtain the fingerprint information.
  • the terminal encrypts the fingerprint information and the terminal information of the current terminal to the determination unit 13.
  • the determining unit 13 After receiving the fingerprint information and the terminal information, the determining unit 13 binds the current terminal as the current fingerprint information to the current fingerprint information, and binds the fingerprint information to the corresponding login terminal. set. It should be noted that one terminal can bind multiple different fingerprint information.
  • the determining unit 13 stores the terminal information bound by the current fingerprint information into the cloud database as a user attribute corresponding to the fingerprint information.
  • the determining unit 13 acquires the user attribute of the login fingerprint information, and obtains the login terminal information corresponding to the current login fingerprint information.
  • the determining unit 13 matches the login terminal information according to the terminal information of the current terminal, and determines whether the current terminal is the login terminal, that is, determines whether the current login fingerprint information has permission to log in to the cloud desktop using the current terminal.
  • the terminal information of the current terminal is successfully matched with the login terminal information, it is determined that the current terminal is the login terminal corresponding to the current login fingerprint information; if the terminal information of the current terminal fails to match the login terminal information, it is determined that the current terminal is not the current login fingerprint.
  • the login terminal corresponding to the information If the terminal information of the current terminal is successfully matched with the login terminal information, it is determined that the current terminal is the login terminal corresponding to the current login fingerprint information; if the terminal information of the current terminal fails to match the login terminal information, it is determined that the current terminal is not the current login fingerprint. The login terminal corresponding to the information.
  • the determination unit 13 obtains the determination result.
  • the determining unit 13 determines that the current fingerprint information can log in to the cloud desktop system through the current terminal, and determines that the current authentication request passes the authentication.
  • the determining unit 13 determines that the current authentication request authentication fails, and rejects the current login fingerprint information to log in to the cloud desktop through the current terminal.
  • the determining unit 13 may also pre-configure the abnormal reminding mode, and pre-configure the corresponding user mobile phone number, email address and other contact manners according to the login fingerprint information, and notify the user by SMS, email, etc. when the fingerprint information is abnormally registered.
  • the determining unit 13 records the record of the user accessing the cloud desktop through fingerprint authentication, including terminal information, time, duration, etc., and can be configured to send the access record of the cloud desktop to the user only when the abnormal login record occurs, to ensure that the user fingerprint is stolen. When the user himself will be able to know at the first time.
  • the fingerprint information abnormal login includes the fingerprint information corresponding to the user account password continuously input multiple times, the fingerprint information is registered in the cloud desktop after the terminal device that is not pre-bound, and the fingerprint information is successfully accessed after the cloud desktop is successfully operated, etc., according to Actually requires flexible configuration.
  • the determining unit 13 determines, according to the current terminal information, whether the current terminal is a pre-configured login terminal corresponding to the current login fingerprint information; if the current terminal is currently logged in, The authentication terminal corresponds to the login terminal, and the authentication unit 12 determines that the current authentication request passes the authentication and allows access to the cloud desktop.
  • the fingerprint information and the login terminal are bound, and after multiple authentication, the biometric identification information and the terminal information are combined, and the fingerprint and the terminal are matched, and the user's exclusive terminal configuration is realized, so that others can log in to the cloud through the user's personal exclusive terminal.
  • the desktop enhances the security management and control of the cloud desktop and ensures information security.
  • a fifth embodiment of the cloud desktop control device of the present invention provides a cloud desktop control device, which is based on any of the embodiments shown in FIG. 13 or FIG. 13 is an example), the matching module 20 includes:
  • the list unit 21 is configured to: if the authentication request passes the authentication, match the pre-configured cloud desktops according to the authentication request to obtain a cloud desktop list.
  • the list unit 21 acquires the current user attribute according to the current authentication request, and matches each pre-configured cloud desktop according to the user attribute.
  • Pre-configured cloud desktops can be used by multiple users for different application scenarios or needs.
  • the list unit 21 creates a cloud desktop list according to each cloud desktop obtained by the matching.
  • the target unit 22 is configured to return the cloud desktop list to the terminal, and obtain a target cloud desktop selected based on the cloud desktop list.
  • the target unit 22 After obtaining the cloud desktop list, the target unit 22 returns the cloud desktop list to the terminal for the user to select.
  • the target unit 22 acquires the cloud desktop selected by the user returned by the terminal, and uses the cloud desktop as the target cloud desktop.
  • the list unit 21 may also return the attribute information of each cloud desktop to the terminal after obtaining the cloud desktops matched by the current user, and the terminal configures the cloud desktop list according to the attribute information of each cloud desktop.
  • User selection After obtaining the target cloud desktop selected by the user, the terminal returns the attribute information of the target cloud desktop to the target unit 22, whereby the target unit 22 acquires the target cloud desktop selected by the user.
  • the authority unit 23 is configured to configure the permission set according to the target cloud desktop, the login fingerprint information, and the terminal information of the terminal.
  • the rights unit 23 configures the permission set according to the target cloud desktop, the current login fingerprint information, and the terminal information.
  • the authority unit 23 pre-configures the rights corresponding to the fingerprint information, the rights of each cloud desktop, and the rights corresponding to each login terminal.
  • Pre-configured permissions include peripheral call permissions, etc., which can be flexibly set as needed. Different fingerprint information, cloud desktops, and terminal permissions may be different.
  • the privilege unit 23 obtains the corresponding privilege, the privilege of the target cloud desktop and the privilege corresponding to the current terminal, and obtains the privilege of the current user, and configures the privilege set.
  • the current login fingerprint information and the target cloud desktop have a call to the terminal camera. Permission, and the current terminal does not have the right to call the terminal camera, the current user can not call the permission of the camera to join the permission set; the current login fingerprint information, the target cloud desktop and the current terminal have the right to call the USB peripheral, then the current user can The permission to call the USB peripheral is added to the permission set.
  • the authority unit 23 obtains the permission set.
  • management module 30 is further configured to
  • the terminal After acquiring the target cloud desktop selected by the user, the terminal sends a connection request to the management module 30 according to the target cloud desktop.
  • the control module 30 starts the cloud desktop virtual machine according to the link request of the terminal, and starts the target cloud desktop for the terminal to access. or,
  • control module 30 After obtaining the target cloud desktop and the permission set, the control module 30 starts the cloud desktop virtual machine according to the target desktop acquired by the matching module 20, and starts the target cloud desktop for the terminal to access.
  • the management module 30 controls the access rights of the terminal according to the permission set.
  • the list unit 21 matches the pre-configured cloud desktops according to the authentication request to obtain a cloud desktop list; the target unit 22 returns the cloud desktop list to the terminal to obtain the cloud-based desktop.
  • the target cloud desktop is selected by the list; the authority unit 23 configures the permission set according to the target cloud desktop, the login fingerprint information, and the terminal information of the terminal; then, the management module 30 controls the terminal to access the target cloud desktop according to the permission set.
  • the cloud desktop list is configured for the user to select, and the user provides more choices according to different application scenarios; according to the target cloud desktop selected by the user, the terminal currently accessing the cloud desktop, and the fingerprint of the currently logged in cloud desktop, the comprehensive configuration
  • the collection of permissions realizes the comprehensive configuration of the permissions according to the current access to the cloud desktop, ensures the control of the terminal, the cloud desktop and the user's multi-party permissions, controls the access to the cloud desktop, and realizes the control of the cloud desktop security, and Greatly improved the control.
  • a sixth embodiment of the cloud desktop control device of the present invention provides a cloud desktop control device.
  • the fifth embodiment of the cloud desktop control device of the present invention shown in FIG. 15 is further configured. for,
  • the management module 30 After obtaining the target cloud desktop and the permission set, the management module 30 returns the permission set to the current terminal.
  • the terminal After receiving the permission set returned by the VMC, the terminal controls the operation rights of the current user when accessing the target cloud desktop according to the permission set.
  • the management module 30 can also match the corresponding data disk information and the virtualization application according to the login fingerprint information of the current user, and return the data disk information and the virtualization application to the terminal.
  • the matching module 20 acquires the data disk information and the VAPP of the current user according to the current login fingerprint information.
  • the data disk information may be VOI data disk information, and records various data of the current user, such as office files, etc.;
  • the virtualization application is a personalized application software configured for the current user, for example, the application software of the financial personnel may be configured.
  • the HR staff application software is configured as a recruiting software.
  • the management module 30 After obtaining the target cloud desktop, the permission set, the data disk information, and the virtualization application, the management module 30 sends the permission set, the data disk information, and the virtualization application to the sending terminal side.
  • the terminal sends a cloud desktop link request to the management module 30 according to the target cloud desktop.
  • the control module 30 starts the cloud desktop virtual machine and feeds back a response message to the terminal.
  • the terminal After receiving the response message from the management module 30, the terminal connects to the cloud desktop virtual machine to access the cloud desktop, and limits the operation requirements of the current user or the terminal according to the permission set.
  • the user can invoke the current data disk information through the terminal to perform operations; the user can also invoke the current virtualization application and select the desired application to operate.
  • the terminal is configured to cache the data of the user to log in to the cloud desktop according to the received data disk information and the virtualized application. When the current user subsequently passes the current terminal again, the terminal can directly use the cached data for use. Avoid reloading each time to reduce the efficiency of cloud desktop access. It should be noted that the data disk information and the data of the virtualization application that are sent locally in the terminal can be updated synchronously with the data information of the remote cloud desktop to avoid data loss.
  • the management module 30 returns the permission set to the terminal for the terminal according to the permission set. Access to the target cloud desktop. In this embodiment, by returning the permission set to the terminal, the terminal performs the permission control, which reduces the burden on the cloud desktop server and improves the efficiency of the cloud desktop.
  • a seventh embodiment of the cloud desktop control device of the present invention provides a cloud desktop control device, which is based on the embodiment shown in any of the foregoing FIG. 13, FIG. 14, FIG. 15, or FIG. As shown in FIG. 13 , the cloud desktop control device further includes:
  • the calling module 40 is configured to acquire a hardware invocation request of the cloud desktop to the terminal; and according to the hardware invocation request, redirect the terminal hardware to the cloud desktop, and invoke the terminal hardware.
  • the hardware of the terminal includes the hardware resources owned by the terminal and the hardware resources accessed by the terminal through the USB peripheral.
  • a software client of a part of the operation and maintenance or management system requires the user to access the fingerprint authentication under the requirements of a certain security policy. At this time, when the user runs the software client, a fingerprint input prompt is popped up.
  • the calling module 40 obtains a hardware call request according to the requirements of the cloud desktop client.
  • the calling module 40 redirects the hardware corresponding to the terminal to the peripheral hardware list of the cloud desktop according to the hardware invocation request of the cloud desktop virtual machine, so that the terminal hardware points to the cloud desktop, and then calls the terminal hardware.
  • the cloud desktop agent redirects the fingerprint identifier of the terminal to the cloud desktop peripheral list, and the fingerprint identification device is attached to the cloud desktop virtual machine.
  • the cloud desktop application software invokes the fingerprint identification device, and the user can directly scan the fingerprint of the terminal through the fingerprint identifier of the terminal, and send the fingerprint information to the current cloud desktop application software.
  • the calling module 40 after the calling module 40 obtains the hardware invocation request of the cloud desktop to the terminal, the calling module 40 redirects the terminal hardware to the cloud desktop according to the hardware invocation request, and invokes the terminal hardware.
  • the embodiment redirects the hardware of the mobile terminal to the cloud desktop, realizes the call of the internal running program of the cloud desktop to the terminal hardware, and supports the fingerprint identification and authentication function of the internal program of the cloud desktop, thereby It can strengthen the authority management of running programs inside the cloud desktop, etc.
  • the security of the cloud desktop operation improves the user experience.
  • the authentication module 10, the control module 30, the target unit 22, and the calling module 40 may be implemented by a processor in a cloud desktop control device in combination with a communication interface; the matching module 20, the authentication unit 12, and the determining unit 13
  • the list unit 21 and the rights unit 23 can be implemented by a processor in the cloud desktop control device; the first obtaining unit 11 can be implemented by a communication interface in the cloud desktop control device.
  • a first embodiment of the cloud desktop access device of the present invention provides a cloud desktop access device, where the cloud desktop access device includes:
  • the requesting module 60 is configured to send an authentication request to the cloud desktop server according to the input login fingerprint information in the cloud desktop fingerprint login mode.
  • the embodiment of the present invention performs authentication according to the fingerprint of the user.
  • This embodiment is exemplified by a mobile terminal.
  • the cloud desktop access device is deployed in the mobile terminal.
  • the requesting module 60 prompts the user to input a fingerprint for cloud desktop login.
  • the requesting module 60 acquires the fingerprint input by the user, and extracts the fingerprint feature code to obtain the current login fingerprint information.
  • the requesting module 60 generates an authentication request according to the login fingerprint information, the login time of the current user, and the like. After the authentication request is encrypted, it is sent to the VMC in the cloud desktop server.
  • the accessing module 70 is configured to access the cloud desktop under the authority of the cloud desktop server if the authentication request passes the authentication.
  • the access module 70 sends a link request to the cloud desktop server.
  • the cloud desktop server responds to the terminal's link request, starts the cloud desktop virtual machine according to the link request, and starts the cloud desktop. A response message is then returned to the access module 70.
  • the access module 70 After receiving the response message, the access module 70 connects to the cloud desktop to perform access and operation.
  • the cloud desktop server determines the authority of the current user according to the permission set matched with the current authentication request, and according to the determination The result controls the usage rights of the access module 70.
  • the request module 60 is based on the input
  • the fingerprint information is recorded, and the authentication request is sent to the cloud desktop server; if the authentication request is authenticated, the access module 70 accesses the cloud desktop under the authority of the cloud desktop server.
  • the fingerprint information is authenticated by the terminal, so that when the user accesses the cloud desktop through the terminal, fingerprint authentication is performed, thereby ensuring information security.
  • the second embodiment of the cloud desktop access device provides a cloud desktop access device.
  • the access module 70 includes:
  • the second obtaining unit 71 is configured to acquire the returned cloud desktop list of the cloud desktop server if the authentication request is authenticated.
  • the second obtaining unit 71 obtains the cloud desktop list returned by the cloud desktop server, and the cloud desktop list includes the pre-configured clouds that the cloud desktop server matches according to the current login fingerprint information. Desktop for users to choose based on usage scenarios.
  • the selecting unit 72 is configured to obtain a target cloud desktop selected based on the cloud desktop list, and return the target cloud desktop to the cloud desktop server.
  • the selecting unit 72 feeds back the cloud desktop list to the user, obtains the target cloud desktop selected by the user based on the cloud desktop list, and returns the target cloud desktop to the cloud desktop server.
  • the access unit 73 is configured to acquire a permission set returned by the cloud desktop server, and access the target cloud desktop according to the permission set.
  • the access unit 73 After the user selects the target cloud desktop through the terminal, the access unit 73 sends a link request to the cloud desktop server according to the target cloud desktop.
  • the cloud desktop server responds to the link request of the access unit 73, starts the cloud desktop virtual machine according to the link request, and returns the corresponding cloud desktop to the access unit 73.
  • the cloud desktop server returns the configured permission set to the access unit 73.
  • the permission set of the cloud desktop configuration includes the permissions of the configured current login fingerprint.
  • the user can access the cloud desktop through the access unit 73, use the software client, the network, and the like in the cloud desktop.
  • the access unit 73 performs only the privileged operation according to the permission set, and disables the unauthorized operation. Thereby, the uniqueness of the user right matching is ensured according to the fingerprint information, and the high authority is prevented from being misplaced due to the account information error or the like.
  • the second obtaining unit 71 obtains the cloud desktop service.
  • the selecting unit 72 obtains the target cloud desktop selected based on the cloud desktop list, and returns the target cloud desktop to the cloud desktop server;
  • the access unit 73 obtains the permission set returned by the cloud desktop server, and accesses the target according to the permission set Cloud desktop.
  • the embodiment of the invention realizes that the user selects the required target cloud desktop according to the cloud desktop list, and increases the user's selectivity; the cloud desktop server returns the permission set to the terminal, and when the cloud desktop is accessed, the terminal performs the rights management and mitigates
  • the burden of the cloud desktop server enhances the control and flexibility of cloud desktop security and enhances the user experience.
  • a third embodiment of the cloud desktop access device of the present invention provides a cloud desktop access device.
  • the request is based on the embodiment shown in FIG. 17 or 18 (the embodiment is illustrated in FIG. 17).
  • Module 60 includes:
  • the third obtaining unit 61 is configured to obtain the input login fingerprint information in the cloud desktop fingerprint login mode.
  • the third obtaining unit 61 acquires the fingerprint input by the user through the fingerprint identifier.
  • the third obtaining unit 61 extracts the feature code of the fingerprint, and uses the obtained fingerprint feature code as the login fingerprint information of the current user.
  • the determining unit 62 is configured to determine whether the unlocking fingerprint information has been entered in the currently logged-in terminal.
  • the determining unit 62 determines whether the current terminal has entered the unlocking fingerprint information for unlocking the current terminal.
  • the matching unit 63 is configured to match the unlock fingerprint information and the login fingerprint information if the terminal has entered the unlock fingerprint information.
  • the matching unit 63 matches the unlocking fingerprint information that has been entered by the current terminal with the login fingerprint information of the current user.
  • the requesting unit 64 is configured to send an authentication request to the cloud desktop server according to the login fingerprint information and the terminal information of the terminal, if the login fingerprint information and the unlocking fingerprint information are successfully matched.
  • the requesting unit 64 determines that the user currently logging in to the cloud desktop is the owner of the current terminal, and the terminal according to the terminal
  • the authentication request is generated by the information such as the login fingerprint information, the terminal information of the current terminal, and the login time of the current user. After the authentication request is encrypted, it is sent to the VMC in the cloud desktop server for authentication. It should be noted that the terminal information of the current terminal is the unique identification information of the current terminal.
  • the third obtaining unit 61 acquires the input login fingerprint information; then, the determining unit 62 determines whether the current terminal has entered the unlocked fingerprint information; if the current terminal has entered the unlocked fingerprint information, Then, the matching unit 63 matches the unlocking fingerprint information and the login fingerprint information; if the login fingerprint information matches the unlocking fingerprint information, the requesting unit 64 sends the authentication request to the cloud desktop server according to the login fingerprint information and the terminal information of the terminal. In this embodiment, it is determined whether the user currently logging in to the cloud desktop is the current terminal owner by determining whether the current terminal has the unlocked fingerprint information, thereby ensuring the security of the personal terminal logging in to the cloud desktop.
  • a fourth embodiment of the cloud desktop access device of the present invention provides a cloud desktop access device.
  • the request module 60 is further configured based on the third embodiment of the cloud desktop access device of the present invention shown in FIG. for,
  • the terminal information of the terminal sends an authentication request to the cloud desktop server.
  • the attributes of the terminal may be pre-configured, for example, the configuration terminal is a private terminal or a shared terminal, and the private terminal only allows a specific pre-configured partial user fingerprint information to log in to the cloud desktop through the current terminal, and the public terminal allows all users to The fingerprint information is logged in to the cloud desktop through the current terminal.
  • the attribute information of the terminal may be pre-configured, and the object that the current terminal authorizes to log in to the cloud desktop is configured as “owner” or “owner”, so that the current terminal is configured as a private terminal or a public terminal.
  • the requesting module 60 determines whether the terminal is a private terminal.
  • the requesting module 60 determines, according to the attribute information of the current terminal, whether the object currently authorizing the terminal to log in to the cloud desktop is “I” or “Everyone”. If the current terminal only authorizes "I” through the terminal The requesting module 60 determines that the current terminal is a private terminal. If the current terminal authorizes the “owner” to log in to the cloud desktop through the terminal, the requesting module 60 determines that the current terminal is a shared terminal.
  • the request module 60 obtains the determination result.
  • the requesting module 60 sends an authentication request to the cloud desktop server according to the login fingerprint information, the terminal information, and the login time of the current user. .
  • the requesting module 60 prompts the user that the user does not have permission to log in to the cloud desktop at the current terminal.
  • the requesting module 60 determines whether the terminal is a private terminal; if the current terminal is not a private terminal, the requesting module 60 uses the login fingerprint information and the terminal information of the terminal to the cloud.
  • the desktop server sends an authentication request.
  • the private attribute information and the user fingerprint information of the terminal are combined to comprehensively manage the access security of the cloud desktop.
  • a fifth embodiment of the cloud desktop access device of the present invention provides a cloud desktop access device, which is based on the fourth embodiment of the cloud desktop access device of the present invention shown in FIG. include:
  • the entry module 80 is configured to obtain the entered fingerprint information, and send the entered fingerprint information and the terminal information of the terminal to the cloud desktop server, where the cloud desktop server configures the cloud database for authentication.
  • the user can enter new fingerprint information for fingerprint authentication.
  • the current user logs in to the cloud desktop through the terminal for the first time login.
  • the user opens the terminal and enters the user name and password through the entry module 80 to log in.
  • the entry module 80 prompts the user to fail the current authentication; if the verification passes, the entry module 80 prompts the user whether to enter the fingerprint information and log in using the fingerprint.
  • the user enters the normal login process to obtain the cloud desktop and permission set configured by the cloud desktop server; if the user chooses to input the fingerprint information, the input module is entered. 80 Enter the fingerprint of the current user, extract the fingerprint feature code, and obtain the fingerprint information.
  • the entry module 80 encrypts the fingerprint information and the terminal information of the current terminal and sends the fingerprint information to the cloud desktop server.
  • the cloud desktop server After receiving the encrypted information sent by the terminal, the cloud desktop server parses and obtains the current user fingerprint information and terminal information.
  • the cloud desktop server stores the current fingerprint information as the fingerprint information bound by the current account user, and stores it in the cloud database. or,
  • the cloud desktop server stores the current fingerprint information as the fingerprint information bound by the current account user in the cloud database, and stores the terminal information of the current terminal, and uses the current terminal as the recorded terminal device. or,
  • the cloud desktop server stores the current fingerprint information as the fingerprint information bound by the current account user, and stores the current terminal as the login terminal of the current fingerprint information, and uses the current terminal information as the terminal corresponding to the current fingerprint information. Information is stored.
  • the cloud desktop server updates the cloud database, and notifies the input module 80 that the current fingerprint information has been successfully recorded.
  • the VMC may also pre-configure the abnormal reminding mode, and pre-configure the corresponding user mobile phone number, email address, and the like according to the user information, and notify the user by SMS, email, etc. when the user logs in abnormally.
  • the VMC records the user's access to the cloud desktop through account number and password authentication, including terminal information, time, duration, etc., and can be configured to send the cloud desktop access record to the user only when the abnormal login record occurs, to ensure that the user's fingerprint is stolen. When the user himself will be able to know at the first time.
  • the account information abnormal login includes the account password incorrect input, etc., and can be flexibly configured according to actual needs.
  • the entered fingerprint information is obtained by the entry module 80, and the fingerprint information and the terminal information of the terminal are sent to the cloud desktop server for the cloud desktop server to configure the cloud database for authentication.
  • the fingerprint information is used for the cloud desktop server to configure the cloud database, so that when the user logs in to the cloud desktop, the fingerprint authentication is obtained, the corresponding cloud desktop and each permission are acquired, and the fingerprint identification is integrated at all levels of the cloud desktop. Under management.
  • the request module 60, the access module 70, the second obtaining unit 71, the selecting unit 72, the access unit 73, and the entry module 80 may be combined by a processor in the cloud desktop access device.
  • the communication interface is implemented; the third obtaining unit 61, the determining unit 62, and the matching unit 63 can be implemented by a processor in the cloud desktop access device; the request unit 64 can be implemented by a communication interface in the cloud desktop access device.
  • embodiments of the present invention can be provided as a method, system, or computer program product. Accordingly, the present invention can take the form of a hardware embodiment, a software embodiment, or a combination of software and hardware. Moreover, the invention can take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage and optical storage, etc.) including computer usable program code.
  • the computer program instructions can also be stored in a computer readable memory that can direct a computer or other programmable data processing device to operate in a particular manner, such that the instructions stored in the computer readable memory produce an article of manufacture comprising the instruction device.
  • the apparatus implements the functions specified in one or more blocks of a flow or a flow and/or block diagram of the flowchart.
  • These computer program instructions can also be loaded onto a computer or other programmable data processing device such that a series of operational steps are performed on a computer or other programmable device to produce computer-implemented processing for execution on a computer or other programmable device.
  • the instructions provide steps for implementing the functions specified in one or more of the flow or in a block or blocks of a flow diagram.
  • an embodiment of the present invention further provides a computer storage medium, where the computer storage medium includes a set of instructions, when executed, causing at least one processor to execute the cloud desktop management method, or perform the foregoing Cloud desktop access method.
  • the solution provided by the embodiment of the present invention obtains an authentication request sent by the terminal in the cloud desktop fingerprint login mode, and authenticates the authentication request according to the pre-configured cloud database; if the authentication request passes the authentication, the authentication is performed according to the authentication The request matches the cloud desktop and the permission set; and the terminal controls the access of the terminal to the cloud desktop according to the permission set.
  • the fingerprint identification technology and various virtualization core technologies are connected to each other, so that the user accesses the cloud in the manner of fingerprint identification, and the fingerprint is matched to determine whether the current user can access the cloud desktop, and the user's fingerprint is authorized to authorize the cloud desktop.
  • the fingerprint becomes the unique credential for the user to access the desktop cloud system through the mobile terminal, thereby ensuring information security.
  • the embodiment of the invention realizes the identification of the fingerprint, configures the permissions of the cloud desktop according to the fingerprint information, enhances the control and flexibility of the security of the cloud desktop, and improves the user experience.

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Databases & Information Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Telephonic Communication Services (AREA)
  • Collating Specific Patterns (AREA)

Abstract

L'invention concerne un procédé et un appareil de gestion et de commande de bureau nuagique, un procédé et un appareil d'accès à un bureau nuagique et un support d'informations informatique. Le procédé comprend les étapes suivantes : dans un mode de connexion d'empreinte digitale d'un bureau nuagique, l'obtention d'une demande d'authentification envoyée par un terminal et l'authentification de la demande d'authentification en fonction d'une base données nuagique préconfigurée (S10) ; si l'authentification de la demande d'authentification est réussie, la mise en correspondance du bureau nuagique avec un ensemble de permissions conformément à la demande d'authentification (S20) ; et la commande, conformément à l'ensemble de permissions, de l'accès du terminal au bureau nuagique (S30).
PCT/CN2017/076847 2016-04-01 2017-03-15 Procédé et appareil de traitement de bureau nuagique et support d'informations informatiques WO2017167019A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201610203371.9A CN107291432A (zh) 2016-04-01 2016-04-01 云桌面管控方法、装置和云桌面访问方法、装置
CN201610203371.9 2016-04-01

Publications (1)

Publication Number Publication Date
WO2017167019A1 true WO2017167019A1 (fr) 2017-10-05

Family

ID=59963433

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/076847 WO2017167019A1 (fr) 2016-04-01 2017-03-15 Procédé et appareil de traitement de bureau nuagique et support d'informations informatiques

Country Status (2)

Country Link
CN (1) CN107291432A (fr)
WO (1) WO2017167019A1 (fr)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110287660A (zh) * 2019-05-21 2019-09-27 深圳壹账通智能科技有限公司 访问权限控制方法、装置、设备及存储介质
CN112100648A (zh) * 2020-08-03 2020-12-18 西安万像电子科技有限公司 数据安全处理方法及系统
CN112738100A (zh) * 2020-12-29 2021-04-30 北京天融信网络安全技术有限公司 数据访问的鉴权方法、装置、鉴权设备和鉴权系统
CN113766504A (zh) * 2021-09-01 2021-12-07 北京百度网讯科技有限公司 通信连接方法、装置、服务器、终端设备、系统和介质
CN113989968A (zh) * 2021-10-26 2022-01-28 云知声(上海)智能科技有限公司 基于边缘网关的人员通行权限控制方法、系统及存储介质

Families Citing this family (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108009421A (zh) * 2017-11-21 2018-05-08 国云科技股份有限公司 一种安全管理桌面云终端的方法
CN108427649B (zh) * 2018-01-16 2020-09-15 广州杰赛科技股份有限公司 Usb接口的接入管理方法、终端设备、系统及存储介质
CN110781481A (zh) * 2018-07-30 2020-02-11 中兴通讯股份有限公司 单点登录方法、客户端、服务器以及存储介质
CN109165486B (zh) * 2018-08-27 2021-06-22 四川长虹电器股份有限公司 一种可配置的接口访问权限控制方法
CN109542587A (zh) * 2018-11-26 2019-03-29 郑州云海信息技术有限公司 一种虚拟机访问方法、装置和计算机设备
CN111324588A (zh) * 2018-12-17 2020-06-23 中兴通讯股份有限公司 一种共享文件的方法及装置
CN110225089A (zh) * 2019-05-09 2019-09-10 厦门网宿有限公司 一种提供差异化云桌面的方法和系统
CN110532752A (zh) * 2019-09-03 2019-12-03 山东超越数控电子股份有限公司 一种登录云桌面系统的方法、设备及可读介质
CN111966982A (zh) * 2020-07-23 2020-11-20 西安雷风电子科技有限公司 基于生物特征鉴权的云桌面注册、登录方法及系统
CN112486607B (zh) * 2020-11-20 2022-04-29 湖南麒麟信安科技股份有限公司 一种基于软硬件结合的虚拟桌面授权许可方法
CN113505355A (zh) * 2021-06-22 2021-10-15 新华三大数据技术有限公司 一种云桌面安全访问方法及装置
CN113934494A (zh) * 2021-10-12 2022-01-14 北京百度网讯科技有限公司 一种云桌面管理方法、装置、电子设备及存储介质
CN115033297B (zh) * 2022-05-16 2024-12-03 阿里巴巴(中国)有限公司 基于一次指纹触摸实现开机并登录云桌面的方法和装置

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102577315A (zh) * 2011-12-21 2012-07-11 华为技术有限公司 设定用户访问虚拟机权限的方法、设备和系统
CN103067397A (zh) * 2012-12-31 2013-04-24 华为技术有限公司 一种桌面云系统的安全认证方法、接入网关及认证服务器
US20150188992A1 (en) * 2014-01-02 2015-07-02 American Megatrends, Inc. Thin/zero client provisioning and management using centralized management software
CN105187362A (zh) * 2014-06-23 2015-12-23 中兴通讯股份有限公司 一种桌面云客户端和服务端之间连接认证的方法及装置
CN105282092A (zh) * 2014-06-10 2016-01-27 中兴通讯股份有限公司 虚拟桌面的认证方法、终端及服务器

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140101434A1 (en) * 2012-10-04 2014-04-10 Msi Security, Ltd. Cloud-based file distribution and management using real identity authentication
CN103997482B (zh) * 2013-02-19 2018-01-23 华为技术有限公司 桌面云业务中用户登录的方法、系统

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102577315A (zh) * 2011-12-21 2012-07-11 华为技术有限公司 设定用户访问虚拟机权限的方法、设备和系统
CN103067397A (zh) * 2012-12-31 2013-04-24 华为技术有限公司 一种桌面云系统的安全认证方法、接入网关及认证服务器
US20150188992A1 (en) * 2014-01-02 2015-07-02 American Megatrends, Inc. Thin/zero client provisioning and management using centralized management software
CN105282092A (zh) * 2014-06-10 2016-01-27 中兴通讯股份有限公司 虚拟桌面的认证方法、终端及服务器
CN105187362A (zh) * 2014-06-23 2015-12-23 中兴通讯股份有限公司 一种桌面云客户端和服务端之间连接认证的方法及装置

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110287660A (zh) * 2019-05-21 2019-09-27 深圳壹账通智能科技有限公司 访问权限控制方法、装置、设备及存储介质
CN112100648A (zh) * 2020-08-03 2020-12-18 西安万像电子科技有限公司 数据安全处理方法及系统
CN112738100A (zh) * 2020-12-29 2021-04-30 北京天融信网络安全技术有限公司 数据访问的鉴权方法、装置、鉴权设备和鉴权系统
CN112738100B (zh) * 2020-12-29 2023-09-01 北京天融信网络安全技术有限公司 数据访问的鉴权方法、装置、鉴权设备和鉴权系统
CN113766504A (zh) * 2021-09-01 2021-12-07 北京百度网讯科技有限公司 通信连接方法、装置、服务器、终端设备、系统和介质
CN113989968A (zh) * 2021-10-26 2022-01-28 云知声(上海)智能科技有限公司 基于边缘网关的人员通行权限控制方法、系统及存储介质

Also Published As

Publication number Publication date
CN107291432A (zh) 2017-10-24

Similar Documents

Publication Publication Date Title
WO2017167019A1 (fr) Procédé et appareil de traitement de bureau nuagique et support d'informations informatiques
CN105187362B (zh) 一种桌面云客户端和服务端之间连接认证的方法及装置
US9038138B2 (en) Device token protocol for authorization and persistent authentication shared across applications
US8997196B2 (en) Flexible end-point compliance and strong authentication for distributed hybrid enterprises
JP6895431B2 (ja) アクセス管理のためのパスワードレス認証
JP6033990B2 (ja) 単一のフレキシブルかつプラガブルOAuthサーバを備える複数のリソースサーバ、OAuth保護したREST式OAuth許諾管理サービス、およびモバイルアプリケーションシングルサインオンするOAuthサービス
US9996703B2 (en) Computer device and method for controlling access to a resource via a security system
EP3770781B1 (fr) Connexion rapide par carte à puce et connexion par domaine complet fédéré
RU2691211C2 (ru) Технологии для обеспечения сетевой безопасности через динамически выделяемые учетные записи
JP5570610B2 (ja) 遠隔ユーザ・セッションのためのシングル・サインオン
EP3685287B1 (fr) Cadre extensible pour authentification
US20140101434A1 (en) Cloud-based file distribution and management using real identity authentication
US20180198829A1 (en) Management of application access to directories by a hosted directory service
KR20170096116A (ko) 멀티-테넌트 컴퓨팅 시스템의 보안 및 허가 아키텍처
US10885525B1 (en) Method and system for employing biometric data to authorize cloud-based transactions
US10873572B1 (en) Transferring a single sign-on session between a browser and a client application
US11818119B1 (en) Dynamic and monitored access to secure resources
US11909731B1 (en) Dynamic and least-privilege access to secure network resources using ephemeral credentials
US20180165115A1 (en) Systems and methods for runtime authorization within virtual environments using multi-factor authentication systems and virtual machine introspection
US20240259367A1 (en) Remote access computer security
WO2021231065A1 (fr) Autorisation virtuelle d'authentification locale
US10756899B2 (en) Access to software applications
ELHejazi et al. Improving the Security and Reliability of SDN Controller REST APIs Using JSON Web Token (JWT) with OpenID and auth2. 0
US20250106215A1 (en) Mainframe authentication and monitoring system with enhanced security
US20250119275A1 (en) Authentication tunneling mechanisms for remote connections

Legal Events

Date Code Title Description
NENP Non-entry into the national phase

Ref country code: DE

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17773049

Country of ref document: EP

Kind code of ref document: A1

122 Ep: pct application non-entry in european phase

Ref document number: 17773049

Country of ref document: EP

Kind code of ref document: A1

点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载