欢迎访问中国科学院大学学报,今天是

中国科学院大学学报 ›› 2015, Vol. 32 ›› Issue (5): 676-681.DOI: 10.7523/j.issn.2095-6134.2015.05.014

• 电子认证专栏 • 上一篇    下一篇

基于AD的私有云存储访问控制实现方案

李从午, 潘无穷, 林璟锵   

  1. 中国科学院数据与通信保护研究教育中心, 北京 100093
  • 收稿日期:2014-09-01 修回日期:2015-03-03 发布日期:2015-09-15
  • 通讯作者: 李从午
  • 基金资助:

    国家"973"计划项目(2014CB340603)和国家"863"计划项目(2013AA01A214)资助

An AD-based private cloud storage access control scheme

LI Congwu, PAN Wuqiong, LIN Jingqiang   

  1. Data Assurance and Communication Security Research Center of Chinese Academy of Sciences, Beijing 100093, China
  • Received:2014-09-01 Revised:2015-03-03 Published:2015-09-15

摘要:

当前大多数企业的应用系统通常使用AD(活动目录)实现统一身份管理及访问控制,但许多云存储设备不支持直接连入AD.本文提出一种将云存储设备连入AD的实现方案.该方案使用Samba文件访问控制服务器来沟通AD服务器和云存储设备,使得用户可以通过AD域账户实现单点登录及访问控制,极大地提高了工作效率,增强了系统整体安全性.

关键词: AD, 云存储, 访问控制, Samba

Abstract:

Nowadays, AD(active directory) is usually used to carry out the unified identity management and achieve access control systems of most enterprises, but many cloud storage devices do not support connection to the AD directly. We propose a scheme to connect cloud storage device and AD. The scheme uses the Samba file access control server to communicate with the AD server and the cloud storage device, and user achieves single sign-on and access control through the AD domain accounts, which greatly improves the work efficiency and enhances the overall security of the system.

Key words: AD, cloud storage, access control, Samba

中图分类号: