CN110839002B - Cloud account opening, authentication and access method and device - Google Patents
Cloud account opening, authentication and access method and device Download PDFInfo
- Publication number
- CN110839002B CN110839002B CN201810931000.1A CN201810931000A CN110839002B CN 110839002 B CN110839002 B CN 110839002B CN 201810931000 A CN201810931000 A CN 201810931000A CN 110839002 B CN110839002 B CN 110839002B
- Authority
- CN
- China
- Prior art keywords
- cloud
- federation
- user
- endorsement
- token
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
Abstract
The application discloses an account opening authentication access method, which comprises the following steps: a first cloud acquires a first access request of a user, wherein the first access request comprises a target token, the target token is generated by endorsement of an endorsement agent on user information of the user, the first cloud belongs to a cloud alliance, and the cloud alliance comprises a plurality of clouds; acquiring a alliance token from an alliance block chain, and matching the target token with the alliance token to obtain a matching result, wherein the alliance block chain can be accessed by any cloud in the cloud alliance; and determining that the user is a legal user according to the matching result, and allowing the user to access the first cloud. The method can realize that the user of the cloud alliance can randomly access the resource of any cloud in the cloud alliance.
Description
Technical Field
The present application relates to cloud technologies, and in particular, to a method, device, and storage medium for cloud account opening, authentication, and access.
Background
With the rapid development of cloud technology, more and more clouds are emerging worldwide. Different clouds may be operated by different enterprises, and if a user wants to access resources of the clouds, the user must register an account on each cloud respectively, and log in the corresponding cloud by using the account, so that the user can access the resources of the cloud corresponding to the account. In order to break the gap between the clouds and realize the sharing of resources, the idea of constructing a cloud alliance is proposed.
However, how to realize that a user of the cloud alliance can freely access the resources of any cloud in the cloud alliance is an unsolved problem.
Disclosure of Invention
The application provides an access method, equipment and a storage medium, which can enable a user of a cloud alliance to access resources of any cloud in the cloud alliance.
In a first aspect, a method for a user to access a cloud is provided, which includes:
a first cloud acquires a first access request of a user, wherein the first access request comprises a target token, the target token is generated by endorsement of an endorsement agent on user information of the user, the first cloud belongs to a cloud alliance, and the cloud alliance comprises a plurality of clouds;
acquiring a alliance token from an alliance block chain, and matching the target token with the alliance token to obtain a matching result, wherein the alliance block chain can be accessed by any cloud in the cloud alliance;
and determining that the target user is a legal user according to the matching result, and allowing the target user to access the first cloud.
With reference to the first aspect, in a first possible implementation manner of the first aspect, the endorsement body includes any one of a cloud and a third-party notarization authority in a cloud federation.
With reference to any one of the foregoing manners of the first aspect, in a second possible implementation manner of the first aspect, in a case that a fourth cloud and the first cloud are the same cloud, the endorsement body includes the first cloud; in a case that a fourth cloud and the first cloud are not the same cloud, the endorsement body comprises the fourth cloud and the first cloud.
With reference to any of the foregoing manners of the first aspect, in a third possible implementation manner of the first aspect, the method further includes: in the event that the lifetime of the federation token is greater than a failure period, the first cloud regenerates a new federation token and uploads the new federation token into the federation blockchain.
With reference to any of the foregoing manners of the first aspect, in a fourth possible implementation manner of the first aspect, the method further includes:
receiving a second access request of the user, wherein the second access request comprises a target token;
the first cloud sends a second access request of the user to the second cloud, wherein the second cloud belongs to the cloud federation.
In a second aspect, a method for authenticating a cloud user is provided, including:
the method comprises the steps that a third cloud acquires an authentication request of a user, wherein the authentication request comprises user information of the user, the third cloud belongs to a cloud alliance, and the cloud alliance comprises a plurality of clouds;
sending an endorsement request to an endorsement main body according to the authentication request, and receiving an endorsement result returned by the endorsement main body, wherein the endorsement request comprises the user information, and the endorsement result is a result obtained by the endorsement main body in endorsement of the user information;
generating a target token for the target user according to the endorsement result;
uploading the target token into a federation blockchain as a federation token, the federation blockchain being accessible to any cloud in the cloud federation.
With reference to the second aspect, in a second possible implementation manner of the second aspect, the endorsement body includes any one of a cloud in a cloud federation or a third-party notarization authority.
With reference to any one of the foregoing manners of the second aspect, in a third possible implementation manner of the second aspect, the method further includes:
determining a failure period of the federation token, wherein the failure period is used for failing the federation token when the lifetime of the federation token is greater than the failure period.
With reference to any one of the foregoing manners of the second aspect, in a fourth possible implementation manner of the second aspect, the user information includes one or more of a federation account, a password, and a federation identifier.
In a third aspect, an account opening method for a cloud user is provided, including:
receiving an account opening request of a user by a fourth cloud, wherein the account opening cloud belongs to a cloud alliance, and the cloud alliance comprises a plurality of clouds;
generating user information for the user according to the account opening request;
sending an endorsement request to an endorsement main body, and receiving an endorsement result returned by the endorsement main body, wherein the endorsement request comprises the user information, and the endorsement result is a result obtained by the endorsement main body in endorsement of the user information;
uploading the endorsement result to a federation blockchain according to the endorsement result, wherein the federation blockchain can be accessed by any cloud in the cloud federation.
With reference to the third aspect, in a first possible implementation manner of the third aspect, the endorsement body includes any one of a cloud in a cloud federation or a third-party notarization authority.
With reference to the foregoing one manner of the third aspect, in a second possible implementation manner of the third aspect, the user information includes one or more of a federation account, a password, and a federation identifier.
In a fourth aspect, there is provided an access device comprising: an acquisition module, a matching module and a determination module,
the obtaining module is configured to obtain a first access request of a user, where the first access request includes a target token, the target token is generated by an endorsement agent performing endorsement on user information of the user, the first cloud belongs to a cloud federation, and the cloud federation includes a plurality of clouds;
the matching module is used for acquiring a alliance token from an alliance block chain, and matching the target token with the alliance token to obtain a matching result, wherein the alliance block chain can be accessed by any cloud in the cloud alliance;
the determining module is used for determining the target user as a legal user according to the matching result and allowing the target user to access the first cloud.
With reference to the fourth aspect, in a first possible implementation manner of the fourth aspect, the endorsement agent includes any one of a cloud in a cloud federation or a third-party notarization authority.
With reference to any one of the foregoing aspects of the fourth aspect, in a second possible implementation manner of the fourth aspect, in a case that a fourth cloud and the first cloud are the same cloud, the endorsement body includes the first cloud; in a case that a fourth cloud and the first cloud are not the same cloud, the endorsement body comprises the fourth cloud and the first cloud.
With reference to any one of the foregoing manners of the fourth aspect, in a third possible implementation manner of the fourth aspect, the method further includes: in the event that the lifetime of the federation token is greater than a failure period, the first cloud regenerates a new federation token and uploads the new federation token into the federation blockchain.
With reference to any one of the foregoing manners of the fourth aspect, in a fourth possible implementation manner of the fourth aspect, the access device further includes a receiving module and a sending module,
the receiving module is further configured to receive a second access request of the user, where the second access request includes a target token;
the sending module is further configured to send a second access request of the user to the second cloud, where the second cloud belongs to the cloud federation.
In a fifth aspect, an authentication apparatus is provided, including: acquisition module, transmission module and generation module
The obtaining module is configured to obtain an authentication request of a user, where the authentication request includes user information of the user, the third cloud belongs to a cloud federation, and the cloud federation includes a plurality of clouds;
the sending module is used for sending an endorsement request to an endorsement main body according to the authentication request and receiving an endorsement result returned by the endorsement main body, wherein the endorsement request comprises the user information, and the endorsement result is a result obtained by the endorsement main body in endorsement of the user information;
the generating module is used for generating a target token for the target user according to the endorsement result;
the sending module is further configured to upload the target token to a federation blockchain as a federation token, where the federation blockchain is accessible to any cloud in the cloud federation.
With reference to the fifth aspect, in a second possible implementation manner of the fifth aspect, the endorsement body includes any one of a cloud in a cloud federation or a third-party notarization authority.
With reference to any one of the preceding manners of the fifth aspect, in a third possible implementation manner of the fifth aspect, the apparatus further includes a determining module,
the determining module is configured to determine a failure period of the federation token, where the failure period is used to disable the federation token when a lifetime of the federation token is greater than the failure period.
With reference to any one of the foregoing manners of the fifth aspect, in a fourth possible implementation manner of the fifth aspect, the user information includes one or more of a federation account, a password, and a federation identifier.
In a sixth aspect, an account opening apparatus is provided, including: a receiving module, a generating module and a sending module,
the receiving module is used for receiving an account opening request of a user, wherein the account opening cloud belongs to a cloud alliance, and the cloud alliance comprises a plurality of clouds;
the generation module is used for generating user information for the user according to the account opening request;
the sending module is used for sending an endorsement request to an endorsement main body and receiving an endorsement result returned by the endorsement main body, wherein the endorsement request comprises the user information, and the endorsement result is a result obtained by the endorsement main body in endorsement of the user information;
the sending module is further configured to upload the endorsement result to a federation blockchain according to the endorsement result, where the federation blockchain is accessible to any cloud in the cloud federation.
With reference to the sixth aspect, in a first possible implementation manner of the sixth aspect, the endorsement body includes any one of a cloud in a cloud federation or a third-party notarization authority.
With reference to the above-mentioned manner of the sixth aspect, in a second possible implementation manner of the sixth aspect, the user information includes one or more of a federation account, a password, and a federation identifier.
In a seventh aspect, a cloud system is provided, including: a plurality of computer devices, wherein the computer devices comprise a memory and a processor, a communication module coupled with the memory, wherein: the communication module is used for sending or receiving externally sent data, the memory is used for storing program codes, and the processor is used for calling the program codes stored in the memory to execute the method described in any one of the first aspect.
In an eighth aspect, there is provided a cloud system comprising: a plurality of computer devices, wherein the computer devices comprise a memory and a processor, a communication module coupled with the memory, wherein: the communication module is used for sending or receiving externally sent data, the memory is used for storing program codes, and the processor is used for calling the program codes stored in the memory to execute the method described in any one of the second aspect.
In a ninth aspect, there is provided a cloud system comprising: a plurality of computer devices, wherein the computer devices comprise a memory and a processor, a communication module coupled with the memory, wherein: the communication module is used for sending or receiving externally sent data, the memory is used for storing program codes, and the processor is used for calling the program codes stored in the memory to execute the method described in any one of the third aspect.
In a tenth aspect, there is provided a computer non-transitory storage medium comprising instructions which, when executed on a device, cause the device to perform the method of any one of the first aspects.
In an eleventh aspect, there is provided a computer non-transitory storage medium comprising instructions that, when executed on a device, cause the device to perform the method of any of the second aspects.
In a twelfth aspect, there is provided a computer non-transitory storage medium comprising instructions that, when executed on a device, cause the device to perform the method of any of the third aspects.
In the above scheme, under the condition that the user side needs to access the first cloud, the first cloud receives a first access request sent by the user, where the first access request includes the target token. The first cloud obtains a alliance token from an alliance block chain, matches the target token with the alliance token to obtain a matching result, determines that the target user is a legal user according to the matching result, and allows the target user to access the first cloud. The target token is generated by endorsement of the user information of the user by the endorsement main body, and has good public trust, so that the identity of the user can be determined to be legal as long as the access request sent by the user side carries the target token and the verification of the target token is successfully passed, and the user is allowed to access. Therefore, as long as the target token is carried, the user of the cloud alliance can freely access the resources of any cloud in the cloud alliance.
Drawings
Fig. 1 is a schematic structural diagram of a cloud federation to which an embodiment of the present application relates;
FIG. 2 is a schematic diagram of another cloud federation architecture to which embodiments of the present application relate;
FIG. 3 is a flowchart of an account opening method provided by the present application;
FIG. 4 is a flowchart of an authentication method provided herein;
FIG. 5 is a flow interaction diagram of an access method provided herein;
FIG. 6 is a flow interaction diagram of an access method provided herein;
FIG. 7 is a schematic diagram of a structure of another cloud federation provided herein;
fig. 8 is a schematic structural diagram of another cloud federation provided in the present application.
DETAILED DESCRIPTION OF EMBODIMENT (S) OF INVENTION
As shown in fig. 1, the cloud federation in question includes a plurality of clouds over which federation blockchains belonging to the cloud federation are built, wherein the federation blockchains are accessible to any cloud in the cloud federation. It is to be understood that the size of the cloud federation may be set according to actual needs, for example, the cloud federation may be a federation formed between clouds of multiple enterprises, a federation formed between clouds of multiple cities, a federation formed between clouds of multiple countries, or even a federation formed between clouds of a whole world, and is not limited herein.
The cloud may include a plurality of cloud nodes (see the dots in pure white in fig. 2). Specifically, the cloud includes at least one data center and a network device connected to the data center. Each data center comprises a hardware layer, such as a server, a storage array, a network device and the like; and a software layer running on top of the hardware layer. A manufacturer providing cloud services provides renting or hosting services for users based on software and hardware resources of the cloud, wherein the services comprise hardware services such as computation, storage and network, or software services such as artificial intelligence and databases.
The federation blockchain includes at least one ranking service node (order node) (e.g., a solid black dot in FIG. 2) and a billing node (peer node) (e.g., a dotted dot in FIG. 2) connecting the ranking service nodes. The sequencing service node can be composed of nodes outside various clouds in the cloud alliance, and the accounting node can be composed of partial cloud nodes in each cloud in the cloud alliance. And the sequencing service node is used for sequencing the information which needs to be stored in the alliance block chain, packaging the sequenced information into blocks, and then broadcasting the packaged blocks to all the accounting nodes. And the accounting node is used for storing the packed blocks. Also, the ranking service node may designate some of the billing nodes as endorsement nodes (e.g., the dotted circles in fig. 2).
The cloud federation can be built by: cloud 1 first creates a cloud federation and formulates the intelligent contracts that the cloud federation needs to follow. If other clouds (e.g., cloud 2) agree on the smart contracts made by cloud 1, the other clouds may join the cloud federation. When the cloud 1 creates a cloud federation, a federation block chain can be created on its own, and when other clouds join the block chain, the other clouds can create partition block chains on their own and connect the partition block chains with the original federation block chain to form a new federation block chain. The federation blockchain is a private blockchain of the cloud federation, that is, when any cloud uploads data to the blockchain, the uploaded data can be quickly synchronized into the whole federation blockchain and can be downloaded by other clouds in the cloud federation. It should be understood that the above-mentioned construction is merely an example, and should not be construed as being particularly limited.
It is assumed that a user of the cloud alliance can freely access the resources of any cloud in the cloud alliance. Specifically, the user may open a federation account on any cloud in the cloud federation. After the alliance account is opened, the user can log in any cloud in the cloud alliance by using the alliance account and carry out identity authentication. After verification is completed, the user can access any cloud in the cloud federation through the federation account. Two specific application scenarios are illustrated below by way of example:
in a first scenario, a user opens a federation account on cloud a in a cloud federation. The user may then log in and authenticate with the federation account on cloud B in the cloud federation. After the authentication is completed, the user may access resources of B cloud in the cloud federation through the federation account. The user can also log in and authenticate by using the alliance account on the C cloud in the cloud alliance. After the authentication is completed, the user can access resources of the C cloud in the cloud federation through the federation account. By analogy, the user can access each cloud (including the a cloud) in the cloud federation using the same approach.
In a second scenario, a user opens a federation account on cloud a in a cloud federation. The user may then log in and authenticate with the federation account on cloud B in the cloud federation. After verification is complete, the user may access the B cloud, and may access each cloud in the cloud federation (including the a cloud) through the B cloud.
The cloud directly accessed by the user can be called a first cloud, the cloud accessed by the user through the first cloud can be called a second cloud, the cloud with the user identity authentication can be called a third cloud, and the cloud with the user establishing the alliance account can be called a fourth cloud. It should be understood that the first cloud, the third cloud, and the fourth cloud may be the same cloud; the third cloud and the fourth cloud may be the same cloud, and the first cloud may not be the same cloud; the fourth cloud and the first cloud may be the same cloud, and the third cloud may not be the same cloud; the first cloud and the fourth cloud may be the same cloud, and the third cloud may not be the same cloud; the first cloud, the third cloud, and the fourth cloud may not be the same cloud, and are not particularly limited herein.
In order to realize that the user can randomly access the resources of any cloud in the cloud alliance, the user can carry the target token to access any cloud in the cloud alliance. When the user carries the target token to access any cloud in the cloud alliance, the accessed cloud (the first cloud) verifies the target token. In the case that the first cloud verifies the target token, it may be determined that the user is a legitimate user and the user is allowed access.
The reason why the user can access any cloud in the cloud alliance by carrying the target token is as follows: the target token is a token generated by endorsement of the endorsement body of the cloud alliance on the basis of the endorsement policy on the user information of the user. The target token can prove that the endorsement body endorses the user information of the target user, namely, the target token can prove that the endorsement body guarantees the credibility of the target user, so that the target user can be determined to be a legal user as long as the target token is verified. The user information comprises one or more of a alliance account, a password and an alliance identification. The endorsement body may comprise any cloud or third party notarization institution in the cloud federation. More specifically, in the case where the endorsement agent comprises one of the clouds in the cloud federation, the endorsement agent comprises the endorsement node for that cloud. The third party notarization authority may be a cloud alliance approved authority such as a credit card verification authority and other credit authorities and the like. The endorsement policy may be set according to actual needs, for example, in a case where a fourth cloud and the first cloud are the same cloud, the endorsement body includes the first cloud; in a case that the fourth cloud and the first cloud are not the same cloud, the endorsement body includes the fourth cloud and the first cloud, and is not limited herein. It should be understood that the above examples of user information, endorsement body, and endorsement policy are only examples and should not be construed as being particularly limiting.
The process of the first cloud verifying the target token may be: the first cloud acquires a first access request of a target user, and acquires an index and a target token from the first access request. The first cloud sends the index to the federation blockchain. Accordingly, the federation blockchain receives the index sent by the first cloud. And searching the alliance token according to the index by the alliance block chain. The federation blockchain sends the federation token to the first cloud. Accordingly, the first cloud receives the federation token sent by the federation blockchain. And the first cloud matches the target token and the alliance token to obtain a matching result. And when the matching result is successful matching, the first cloud determines that the target user is a legal user, and allows the target user to access the first cloud.
The generation process of the target token may be: the third cloud acquires an authentication request of a user, wherein the authentication request comprises user information of the user. Then, the third cloud sends an endorsement request to the endorsement agent according to the authentication request. Wherein the endorsement request comprises the user information. Accordingly, the endorsement agent receives the endorsement request sent by the third cloud. And the endorsement main body endorses the user information according to the endorsement strategy to obtain an endorsement result. And the endorsement main body sends the endorsement result to a third cloud. Accordingly, the third cloud receives endorsement results returned by the endorsement body. And when the endorsement result is successful endorsement, the third cloud generates a target token for the user. The third cloud uploads the target token into a federation blockchain as a federation token. Correspondingly, the federation blockchain receives the target token sent by the third cloud and stores the target token as a federation token. The federation blockchain sends an index of federation tokens to the third cloud. Accordingly, the third cloud receives the index sent by the federation blockchain. And the third cloud sends the target token to the user side of the user. Correspondingly, the user side of the user receives the target token sent by the third cloud. It is understood that, because the federation blockchain has the characteristics of distributed storage and decentralized storage, the federation tokens stored in the federation blockchain are unlikely to be tampered and have extremely high reliability.
The generation process of the user information may be: the account opening cloud receives an account opening request of a target user, wherein the account opening request can comprise necessary information for opening an account, such as one or more of passport number, identification number, name and the like. And then, the account opening cloud generates user information for the target user according to the account opening request. The account opening cloud sends an endorsement request to an endorsement main body and receives an endorsement result returned by the endorsement main body, wherein the endorsement request comprises the user information, and the endorsement result is a result obtained by the endorsement main body in endorsement of the user information. And when the endorsement result is successful endorsement, the account opening cloud uploads the user information to the alliance block chain. Similarly, since the federation blockchain has the characteristics of distributed storage and decentralized storage, the user information stored in the federation blockchain has extremely high reliability.
For the two different application scenarios, the user can carry the target token to access any cloud in the cloud alliance by the following method:
for the first application scenario, a user opens a federation account on cloud a in a cloud federation. The user may then log in and authenticate with the federation account on cloud B in the cloud federation to generate the target token. After verification is completed, the user can access resources of B cloud in the cloud alliance by carrying the target token. The user can also log in on the C cloud in the cloud alliance by using the alliance account and perform identity authentication so as to generate the target token. After the verification is completed, the user can access resources of the C cloud in the cloud alliance by carrying the target token. By analogy, the user can access each cloud (including the a cloud) in the cloud federation using the same approach.
For the second application scenario, a user opens a federation account on cloud a in a cloud federation. The user may then log in and authenticate with the federation account on cloud B in the cloud federation to generate the target token. After verification is completed, the user can access the B cloud with the target token, and can access each cloud (including the A cloud) in the cloud alliance with the target token.
The present invention will be further described with reference to fig. 3 to 6 and specific embodiments.
As shown in fig. 3, fig. 3 is a flowchart of an account opening method provided in the present application. The account opening method of the embodiment comprises the following steps:
s101: the fourth cloud receives an account opening request of the user.
In a specific embodiment of the present application, the account opening request includes identity information, one or more of passport number, identification number, name and the like of the account opening information.
S102: and the fourth user cloud verifies the identity information.
In a specific embodiment of the present application, the identity information may be submitted to a third party verifying authority by a fourth cloud for verification. The third party verification authority may be an authority with good public trust, such as a user's government office, a public security agency, or a banking institution, and the like, and is not particularly limited herein.
S103: and under the condition that the identity information is verified successfully, the fourth cloud generates user information for the user.
In a specific embodiment of the present application, the user information includes one or more of a federation account, a password, and a federation identifier. The federation account may be an account number that the user passes through in the cloud federation, that is, the user may log in to the federation account on any cloud in the cloud federation. The password is authentication information entered when the target user logs into the federation account. The federation identification is an identification of a cloud federation.
S104: the fourth cloud sends the endorsement request to an endorsement agent. Accordingly, the endorsement agent receives the endorsement request sent by the fourth cloud.
In particular embodiments of the present application, the endorsement request may be sent in the form of an open proposal. Specifically, the account opening cloud uploads the account opening proposal to the federation block chain, and after receiving the account opening proposal, the federation block chain synchronizes the account opening proposal within the whole federation block chain. And after the endorsement node receives the account opening proposal, endorsement is carried out on the account opening proposal.
S105: and the endorsement main body endorses the user information according to the endorsement strategy to obtain an endorsement result.
S106: and the endorsement main body sends the endorsement result to a fourth cloud. Accordingly, the fourth cloud receives the endorsement result sent by the endorsement body.
S107: and when the endorsement result is successful, uploading the endorsement result to the alliance block chain by the fourth cloud.
S108: the fourth cloud sends the user information to the user side of the user. Correspondingly, the user side of the user receives the user information returned by the fourth cloud.
As shown in fig. 4, fig. 4 is a flowchart of an authentication method provided in the present application. The authentication method of the embodiment includes:
s201: the third cloud obtains an authentication request of the user.
In a specific embodiment of the present application, the authentication request includes user information of the user, where the user information includes one or more of a federation account, a password, and a federation identifier.
S202: and the third cloud verifies the identity of the user according to the alliance account and the password. Wherein the identity information may be verified by a third cloud or a third party verification authority.
S203: and under the condition that the verification is successful, the third cloud generates an endorsement request according to the authentication request, wherein the endorsement request comprises user information.
S204: the third cloud submits an endorsement request to an endorsement agent. Accordingly, the endorsement agent receives an endorsement request submitted by the authentication cloud.
In particular embodiments of the present application, the endorsement request may be sent in the form of an authentication proposal. Specifically, the fourth cloud uploads the authentication proposal to the federation blockchain, which synchronizes the authentication proposal throughout the federation blockchain after receiving the authentication proposal. And after the endorsement node receives the authentication proposal, endorsement is carried out on the authentication proposal.
S205: and the endorsement main body endorses the user information according to the endorsement strategy to obtain an endorsement result.
S206: and the endorsement main body sends the endorsement result to a third cloud. Accordingly, the third cloud receives the endorsement result sent by the endorsement body.
S207: and when the endorsement result is successful endorsement, the third cloud generates a target token and takes the target token as a coalition token.
S208: the third cloud uploads the federation token to the federation blockchain. Accordingly, the federation blockchain receives a federation token sent by the third cloud.
S209: and the third cloud sends the target token to the user side of the user. Correspondingly, the user side of the user receives the target token sent by the third cloud.
As shown in fig. 5, fig. 5 is a flowchart of an access method provided in the present application. The access method of the embodiment comprises the following steps:
s301: the method comprises the steps that a first cloud receives a first access request of a target user, wherein the first access request comprises an index and a target token, and the target token is a token generated by endorsement of user information of the user by an endorsement body.
S302: the first cloud sends an index to the federation blockchain. Accordingly, the federation blockchain receives the index sent by the first cloud.
S303: and searching the alliance token corresponding to the index by the alliance block chain according to the index.
In a particular embodiment of the present application, a federation token in a federation blockchain has a period of failure. Wherein the federation token is valid if the lifetime of the federation token is less than the failure period; when the life cycle of the alliance token is larger than or equal to the failure cycle, the alliance token will fail. The failure period of the alliance token can ensure that the alliance token can not be out of action due to too long existence time, and reliability of the alliance token is improved.
S304: a federation blockchain sends a federation token to the first cloud. Accordingly, the first cloud receives a federation token sent by the federation blockchain.
S305: and the first cloud matches the target token and the alliance token to obtain a matching result.
S306: and when the matching result is that the matching is successful, the first cloud determines that the user is a legal user, and allows the user to access the first cloud.
S307: and when the matching result is matching failure and the failure reason is token failure, the first cloud regenerates a new alliance token.
S308: the first cloud uploads the federation token to the federation blockchain. Accordingly, the federation blockchain receives a federation token sent by the first cloud.
As shown in fig. 6, fig. 6 is a flowchart of an access method provided in the present application. The access method of the embodiment comprises the following steps:
s401: the first cloud sends a second access request of the user to a second cloud, wherein the first access request comprises the index and the target token.
S402: the second access cloud sends the index to the federation blockchain. Accordingly, the federation blockchain receives the index sent by the second cloud.
S403: and searching the alliance token corresponding to the index by the alliance block chain according to the index.
In a particular embodiment of the present application, a federation token in a federation blockchain has a period of failure. Wherein the federation token is valid if the lifetime of the federation token is less than the failure period; when the life cycle of the alliance token is larger than or equal to the failure cycle, the alliance token will fail. The failure period of the alliance token can ensure that the alliance token can not be out of action due to too long existence time, and reliability of the alliance token is improved.
S404: a federation blockchain sends a federation token to the second cloud. Accordingly, the second cloud receives a federation token sent by the federation blockchain.
S405: and the second cloud matches the target token with the alliance token to obtain a matching result.
S406: and when the matching result is that the matching is successful, the second cloud determines that the user is a legal user, and allows the user to access the second cloud.
S407: and when the matching result is matching failure and the failure reason is token failure, the second cloud regenerates a new alliance token.
408: the second cloud uploads the federation token to the federation blockchain. Accordingly, the federation blockchain receives a federation token sent by the second cloud.
Referring to fig. 7, fig. 7 is a schematic structural diagram of another cloud federation provided by the present application. The cloud federation comprises a first cloud, a third cloud and a fourth cloud, wherein a cloud federation block chain is constructed on the first cloud, the third cloud and the fourth cloud. The first cloud, the third cloud, and the fourth cloud may be completely different clouds, partially identical clouds, or completely identical clouds, and are not limited herein.
As shown in fig. 7, the first cloud may include a plurality of cloud nodes, each including a receiving module 101, a generating module 102, and a transmitting module 130.
The receiving module 101 is configured to receive an account opening request of a user, where the account opening cloud belongs to a cloud federation, and the cloud federation includes a plurality of clouds;
the generating module 102 is configured to generate user information for the user according to the account opening request;
the sending module 103 is configured to send an endorsement request to an endorsement main body, and receive an endorsement result returned by the endorsement main body, where the endorsement request includes the user information, and the endorsement result is a result obtained by the endorsement main body endorsing the user information;
the sending module 103 is further configured to upload the endorsement result to a federation blockchain according to the endorsement result, where the federation blockchain is accessible to any cloud in the cloud federation.
As shown in fig. 7, the third cloud may include a plurality of cloud nodes, each including an acquisition module 201, a transmission module 202, and a generation module 203.
The obtaining module 201 is configured to obtain an authentication request of a user, where the authentication request includes user information of the user, the third cloud belongs to a cloud federation, and the cloud federation includes a plurality of clouds;
the sending module 202 is configured to send an endorsement request to an endorsement main body according to the authentication request, and receive an endorsement result returned by the endorsement main body, where the endorsement request includes the user information, and the endorsement result is a result obtained by the endorsement main body endorsing the user information;
the generating module 203 is configured to generate a target token for the target user according to the endorsement result;
the sending module 203 is further configured to upload the target token to a federation blockchain as a federation token, where the federation blockchain is accessible to any cloud in the cloud federation.
As shown in fig. 7, the fourth cloud may include a plurality of cloud nodes, each cloud node including an acquisition module 301, a matching module 302, and a determination module 303.
The obtaining module 301 is configured to obtain a first access request of a user, where the first access request includes a target token, the target token is generated by an endorsement agent performing endorsement on user information of the user, the first cloud belongs to a cloud federation, and the cloud federation includes a plurality of clouds;
the matching module 302 is configured to obtain a federation token from a federation blockchain, and match the target token with the federation token to obtain a matching result, where the federation blockchain is accessible to any cloud in the cloud federation;
the determining module 303 is configured to determine that the target user is a valid user according to the matching result, and allow the target user to access the first cloud.
In the above embodiment, the first cloud, the third cloud, and the fourth cloud are not described, and please refer to fig. 2 to fig. 6 and related statements specifically, which are not described herein again.
Referring to fig. 8, fig. 8 is a schematic structural diagram of another cloud federation provided by the present application. The cloud federation comprises a first cloud system, a third cloud system and a fourth cloud system, wherein a cloud federation blockchain is constructed on the first cloud system, the third cloud system and the fourth cloud system. The first cloud system, the third cloud system, and the fourth cloud system may be different cloud systems, partially identical cloud systems, or completely identical cloud systems, and are not limited herein. The first cloud system, the third cloud system, and the fourth cloud system may belong to different companies, or may belong to clouds operated by different countries operated by the same company.
As shown in fig. 8, a first cloud system of the present application includes a plurality of computing devices, each including one or more processors 401, a communication interface 402, and a memory 403. The processor 401, the communication interface 402, and the memory 403 may be connected by a bus 404.
The communication interface 402 may be a wired interface (e.g., an ethernet interface) or a wireless interface (e.g., a cellular network interface or using a wireless local area network interface) for communicating with other computing devices or users.
The memory 403 may include an internal memory and an external memory. The internal memory may include one or more of: volatile memory (e.g., Dynamic Random Access Memory (DRAM), static ram (sram), synchronous dynamic ram (sdram)), and non-volatile memory (e.g., one-time programmable read only memory (OTPROM), programmable ROM (prom), erasable programmable ROM (eprom), electrically erasable programmable ROM (eeprom), mask ROM, NAND (NAND) flash memory, NOR (NOR) flash memory, etc.). The internal memory may be in the form of a Solid State Drive (SSD). The external memory may also include a flash drive, such as a high density flash memory, secure digital, micro SD, mini SD, limit data (xD), memory stick, and the like. The external storage may be centralized storage or distributed storage, and is not limited in particular here.
The processor 401, by reading the program in the memory 403, can perform the following steps:
receiving an account opening request of a user through a communication interface 402, wherein the fourth cloud belongs to a cloud federation, and the cloud federation comprises a plurality of clouds;
generating user information for the user according to the account opening request through the processor 401;
sending an endorsement request to an endorsement main body through a communication interface 402, and receiving an endorsement result returned by the endorsement main body, wherein the endorsement request comprises the user information, and the endorsement result is a result obtained by the endorsement main body in endorsement of the user information;
uploading the endorsement result to a federation blockchain through a communication interface 402 according to the endorsement result, wherein the federation blockchain is accessible to any cloud in the cloud federation.
Optionally, the endorsement body comprises any cloud in a cloud federation or a third-party notarization authority.
Optionally, the user information includes one or more of a federation account number, a password, and a federation identifier.
As shown in fig. 8, the third cloud system of the present application is similar in structure to the first cloud system, and includes a plurality of computing devices, each of which includes one or more processors 501, a communication interface 502, and a memory 503. The processor 501, the communication interface 502, and the memory 503 may be connected to each other via a bus 504.
The processor 501, by reading the program in the memory 503, can perform the following steps:
acquiring an authentication request of a user through a communication interface 502, wherein the authentication request includes user information of the user, the third cloud belongs to a cloud federation, and the cloud federation includes a plurality of clouds;
sending an endorsement request to an endorsement main body through a communication interface 502 according to the authentication request, and receiving an endorsement result returned by the endorsement main body, wherein the endorsement request comprises the user information, and the endorsement result is a result obtained by the endorsement main body endorsing the user information;
generating a target token for the target user according to the endorsement result through the processor 501;
the target token is uploaded into a federation blockchain through the communication interface 502 as a federation token, the federation blockchain being accessible to any cloud in the cloud federation.
Optionally, the endorsement agent comprises any cloud in a cloud federation or a third party notarization authority.
Optionally, a failure period of the federation token is determined by the processor 501, where the failure period is used to fail the federation token if the lifetime of the federation token is greater than the failure period.
Optionally, the user information includes one or more of a federation account number, a password, and a federation identifier.
As shown in fig. 8, a third cloud system of the present application is similar in structure to the first cloud system, and includes a plurality of computing devices, each including one or more processors 601, a communication interface 602, and a memory 603. The processor 601, the communication interface 602, and the memory 603 may be connected by a bus 604.
The processor 601, by reading the program in the memory 603, can perform the following steps:
acquiring a first access request of a user through a communication interface 602, wherein the first access request comprises a target token, the target token is generated by endorsement of an endorsement agent on user information of the user, the first cloud belongs to a cloud federation, and the cloud federation comprises a plurality of clouds;
acquiring a federation token from a federation blockchain through a communication interface 602, and matching the target token with the federation token to obtain a matching result, wherein the federation blockchain is accessible to any cloud in the cloud federation;
determining, by the processor 601, that the target user is a valid user according to the matching result, and allowing the target user to access the first cloud.
Optionally, the endorsement body comprises any cloud in a cloud federation or a third-party notarization authority.
Optionally, in a case that the lifetime of the federation token is greater than the failure period, the processor 601 regenerates a new federation token and uploads the new federation token into the federation blockchain.
Optionally, a second access request of the user is received through the communication interface 602, wherein the second access request includes the target token; sending a second access request of the user to the second cloud through a communication interface 602, wherein the second cloud belongs to the cloud federation.
In the above scheme, under the condition that the user side needs to access the first cloud, the first cloud receives a first access request sent by the user, where the first access request includes the target token. The first cloud obtains a alliance token from an alliance block chain, matches the target token with the alliance token to obtain a matching result, determines that the target user is a legal user according to the matching result, and allows the target user to access the first cloud. The target token is generated by endorsement of the user information of the user by the endorsement main body, and has good public credibility, so that the identity of the user can be determined to be legal as long as the access request sent by the user side carries the target token and the verification of the target token passes smoothly, and the user is allowed to access. Therefore, as long as the target token is carried, the user of the cloud alliance can freely access the resources of any cloud in the cloud alliance.
In the several embodiments provided in the present application, it should be understood that the disclosed system, terminal and method may be implemented in other manners. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one logical division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may also be an electric, mechanical or other form of connection.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment of the present invention.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention essentially or partially contributes to the prior art, or all or part of the technical solution can be embodied in the form of a software product stored in a storage medium and including instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
While the invention has been described with reference to specific embodiments, it will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.
Claims (5)
1. A method of accessing a cloud, comprising:
the first cloud verifies the alliance account of the user according to the target token;
allowing a user to access resources in the first cloud through the federated account if authentication of the federated account passes;
the second cloud verifies the federation account of the user according to the target token;
allowing a user to access resources in the second cloud through the federated account if authentication of the federated account passes, wherein,
the federation account is set up in a third cloud, the first cloud, the second cloud and the third cloud all belong to the same cloud federation, the target token is generated by endorsement of user information of the user by an endorsement agent, and the endorsement agent comprises any two clouds in the cloud federation.
2. A method of accessing a cloud, comprising:
the first cloud verifies the alliance account of the user according to the target token;
in the event that the validation of the federated account passes, allowing a user to access resources in the first cloud through the federated account and allowing the user to access a second cloud through the first cloud;
the federation account is set up in a third cloud, the first cloud, the second cloud and the third cloud all belong to the same cloud federation, the target token is generated by endorsement of user information of the user by an endorsement agent, and the endorsement agent comprises any two clouds in the cloud federation.
3. A cloud federation, comprising:
the first cloud is used for verifying the alliance account of the user according to the target token, and allowing the user to access the resources in the first cloud through the alliance account when the alliance account is verified;
a second cloud for authenticating the federated account of a user based on the target token, the user being allowed access to resources in the second cloud through the federated account if authentication of the federated account passes, wherein,
the federation account is set up in a third cloud, the first cloud, the second cloud and the third cloud all belong to the same cloud federation, the target token is generated by endorsement of user information of the user by an endorsement agent, and the endorsement agent comprises any two clouds in the cloud federation.
4. A cloud federation, comprising:
the first cloud is used for verifying a federation account of a user according to a target token, allowing the user to access resources in the first cloud through the federation account if the verification of the federation account is passed, and allowing the user to access a second cloud through the first cloud; wherein the content of the first and second substances,
the federation account is set up in a third cloud, the first cloud, the second cloud and the third cloud all belong to the same cloud federation, the target token is generated by endorsement of user information of the user by an endorsement agent, and the endorsement agent comprises any two clouds in the cloud federation.
5. A computer non-transitory storage medium comprising instructions that, when executed on a computer, cause the computer to perform the method of any one of claims 1-2.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810931000.1A CN110839002B (en) | 2018-08-15 | 2018-08-15 | Cloud account opening, authentication and access method and device |
| PCT/CN2019/088169 WO2020034700A1 (en) | 2018-08-15 | 2019-05-23 | Method and device for accounting, authenticating and accessing cloud |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810931000.1A CN110839002B (en) | 2018-08-15 | 2018-08-15 | Cloud account opening, authentication and access method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110839002A CN110839002A (en) | 2020-02-25 |
| CN110839002B true CN110839002B (en) | 2022-05-17 |
Family
ID=69524843
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810931000.1A Active CN110839002B (en) | 2018-08-15 | 2018-08-15 | Cloud account opening, authentication and access method and device |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN110839002B (en) |
| WO (1) | WO2020034700A1 (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114244546B (en) * | 2020-09-09 | 2023-06-02 | 华为技术有限公司 | Method and device for service provider to acquire user information |
| CN113364855B (en) * | 2021-06-02 | 2023-03-24 | 网易(杭州)网络有限公司 | Block chain information management method, device, service platform, equipment and medium |
| CN114553432B (en) * | 2022-01-28 | 2023-08-18 | 中国银联股份有限公司 | Identity authentication method, device, equipment and computer readable storage medium |
| CN114615332A (en) * | 2022-02-24 | 2022-06-10 | 阿里巴巴(中国)有限公司 | Cloud product access method, device and system, storage medium and computer terminal |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102984252A (en) * | 2012-11-26 | 2013-03-20 | 中国科学院信息工程研究所 | Cloud resource access control method based on dynamic cross-domain security token |
| CN103685267A (en) * | 2013-12-10 | 2014-03-26 | 小米科技有限责任公司 | Data access method and device |
| US9569771B2 (en) * | 2011-04-29 | 2017-02-14 | Stephen Lesavich | Method and system for storage and retrieval of blockchain blocks using galois fields |
| CN106789047A (en) * | 2017-03-03 | 2017-05-31 | 钱德君 | A kind of block chain identification system |
| CN107079036A (en) * | 2016-12-23 | 2017-08-18 | 深圳前海达闼云端智能科技有限公司 | Registration and authorization method, apparatus and system |
| CN107579998A (en) * | 2017-10-17 | 2018-01-12 | 光载无限(北京)科技有限公司 | Personal data center and digital identification authentication method based on block chain, digital identity and intelligent contract |
| CN107786547A (en) * | 2017-09-30 | 2018-03-09 | 厦门快商通信息技术有限公司 | A kind of auth method based on block chain, device and computer-readable recording medium |
| CN107888384A (en) * | 2017-11-30 | 2018-04-06 | 中链科技有限公司 | A kind of identity data management method, system and computer-readable recording medium |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103532981B (en) * | 2013-10-31 | 2016-08-17 | 中国科学院信息工程研究所 | A kind of identity trustship towards many tenants authenticates cloud resource access control system and control method |
| US10362058B2 (en) * | 2016-05-13 | 2019-07-23 | Vmware, Inc | Secure and scalable data transfer using a hybrid blockchain-based approach |
| JP6825296B2 (en) * | 2016-10-11 | 2021-02-03 | 富士通株式会社 | Edge server and its encrypted communication control method |
| WO2019127278A1 (en) * | 2017-12-28 | 2019-07-04 | 深圳达闼科技控股有限公司 | Safe access blockchain method, apparatus, system, storage medium, and electronic device |
| CN108280646A (en) * | 2018-01-19 | 2018-07-13 | 中国科学院软件研究所 | Block chain group chain method based on alliance's chain and block catenary system |
| CN108256864B (en) * | 2018-02-13 | 2019-06-07 | 中链科技有限公司 | Foundation across chain alliance and communication means, system between a kind of block chain |
-
2018
- 2018-08-15 CN CN201810931000.1A patent/CN110839002B/en active Active
-
2019
- 2019-05-23 WO PCT/CN2019/088169 patent/WO2020034700A1/en active Application Filing
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9569771B2 (en) * | 2011-04-29 | 2017-02-14 | Stephen Lesavich | Method and system for storage and retrieval of blockchain blocks using galois fields |
| CN102984252A (en) * | 2012-11-26 | 2013-03-20 | 中国科学院信息工程研究所 | Cloud resource access control method based on dynamic cross-domain security token |
| CN103685267A (en) * | 2013-12-10 | 2014-03-26 | 小米科技有限责任公司 | Data access method and device |
| CN107079036A (en) * | 2016-12-23 | 2017-08-18 | 深圳前海达闼云端智能科技有限公司 | Registration and authorization method, apparatus and system |
| CN106789047A (en) * | 2017-03-03 | 2017-05-31 | 钱德君 | A kind of block chain identification system |
| CN107786547A (en) * | 2017-09-30 | 2018-03-09 | 厦门快商通信息技术有限公司 | A kind of auth method based on block chain, device and computer-readable recording medium |
| CN107579998A (en) * | 2017-10-17 | 2018-01-12 | 光载无限(北京)科技有限公司 | Personal data center and digital identification authentication method based on block chain, digital identity and intelligent contract |
| CN107888384A (en) * | 2017-11-30 | 2018-04-06 | 中链科技有限公司 | A kind of identity data management method, system and computer-readable recording medium |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2020034700A1 (en) | 2020-02-20 |
| CN110839002A (en) | 2020-02-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110839002B (en) | Cloud account opening, authentication and access method and device | |
| CN110177124B (en) | Identity authentication method based on block chain and related equipment | |
| CN113395363B (en) | Data processing method, device and equipment based on block chain and storage medium | |
| CN112527912B (en) | Data processing method and device based on block chain network and computer equipment | |
| CN113256297B (en) | Data processing method, device and equipment based on block chain and readable storage medium | |
| CN111368340A (en) | Block chain-based evidence-based security verification method and device and hardware equipment | |
| CN112448946B (en) | Log auditing method and device based on block chain | |
| CN110309672B (en) | Block chain based privacy protection controllable data management method | |
| CN110266763A (en) | Block chain network implementation method, system and the storage medium of cross-network segment interconnection | |
| CN113225736A (en) | Unmanned aerial vehicle cluster node authentication method and device, storage medium and processor | |
| CN111881483A (en) | Resource account binding method, device, equipment and medium based on block chain | |
| CN111880919A (en) | Data scheduling method, system and computer equipment | |
| CN114357490A (en) | Data sharing method, device and system based on block chain | |
| CN110647583B (en) | Block chain construction method, device, terminal and medium | |
| Wang | Sok: Applying blockchain technology in industrial internet of things | |
| CN104333541A (en) | Trusted self-help service system | |
| CN112261003A (en) | Safety authentication method and system for industrial internet edge computing node | |
| CN112422516A (en) | Connection method and device of power system, computer equipment and storage medium | |
| CN116452135A (en) | Distributed anonymous voting method, device, equipment and medium based on Ethernet | |
| Aitsam et al. | Blockchain technology, technical challenges and countermeasures for illegal data insertion | |
| Chouhan et al. | Software as a service: Analyzing security issues | |
| CN104333450B (en) | A kind of method for building up of credible self-help serving system | |
| Zubareva et al. | Electronic government system of Ukraine and a method for increasing its security | |
| Johari et al. | Blockchain-Based Model for Smart Home Network Security | |
| CN111125745A (en) | Block chain-based data management system for Internet |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20220208 Address after: 550025 Huawei cloud data center, jiaoxinggong Road, Qianzhong Avenue, Gui'an New District, Guiyang City, Guizhou Province Applicant after: Huawei Cloud Computing Technology Co.,Ltd. Address before: 518129 Bantian HUAWEI headquarters office building, Longgang District, Guangdong, Shenzhen Applicant before: HUAWEI TECHNOLOGIES Co.,Ltd. |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |