CN102984044A - Method and device based on virtual private network (VPN) to achieve data transmission security - Google Patents

Method and device based on virtual private network (VPN) to achieve data transmission security Download PDF

Info

Publication number
CN102984044A
CN102984044A CN201210464938XA CN201210464938A CN102984044A CN 102984044 A CN102984044 A CN 102984044A CN 201210464938X A CN201210464938X A CN 201210464938XA CN 201210464938 A CN201210464938 A CN 201210464938A CN 102984044 A CN102984044 A CN 102984044A
Authority
CN
China
Prior art keywords
vpn
authentication
business software
network data
network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201210464938XA
Other languages
Chinese (zh)
Other versions
CN102984044B (en
Inventor
侯立军
陈少鸿
钱建新
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sangfor Technologies Co Ltd
Original Assignee
Shenzhen Shenxinfu Electronic Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Shenxinfu Electronic Technology Co Ltd filed Critical Shenzhen Shenxinfu Electronic Technology Co Ltd
Priority to CN201210464938.XA priority Critical patent/CN102984044B/en
Publication of CN102984044A publication Critical patent/CN102984044A/en
Application granted granted Critical
Publication of CN102984044B publication Critical patent/CN102984044B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The invention discloses a method based on a virtual private network (VPN) to achieve data transmission security. The method includes the steps of starting a business software of a mobile terminal (MT), calling a VPN authentication interface used for achieving the authentication for the VPN, transmitting VPN authentication information which needs to be authenticated to a VPN server through the VPN authentication interface to enable the VPN server to authenticate the VPN, receiving a authentication result returned by the VPN server, intercepting network data of all network operations of the business software through the business software and processing the network data if the authentication is successful, and redirecting the processed network data to the business software. The invention further discloses a corresponding device. Through the adoption of the scheme disclosed by the method and the device based on the VPN to achieve the data transmission security, the data transmission security of the business software is guaranteed through the business software of the MT without using other VPN user terminals. In addition, the complexity of application software development and software development kit (SDK) debugging is reduced, so that developing and maintaining cost is lowered.

Description

Realize the method and apparatus of data transmission security based on VPN (virtual private network)
Technical field
The present invention relates to Internet technical field, specially refer to a kind of method and apparatus of realizing data transmission security based on VPN (virtual private network).
Background technology
Along with popularizing of the portable terminals such as mobile phone and panel computer, increasing unit and enterprise select the business of oneself is moved to mobile Internet.Along with the increase of unit on the mobile Internet and enterprises business, people begin more and more to pay attention to safety problem, thus the VPN(Virtual Private Network on the portable terminal, VPN (virtual private network)) also popularized.
At present the VPN on the portable terminal mainly contains two kinds: 1, the VPN client that carries of mobile terminal device, its preparation and operation interface are in the system placement of mobile terminal operating system.If start the VPN network, the user need to switch to the system placement, behind the unlatching VPN, switches the program of using of responding again, and is very inconvenient in operation.In addition, this class VPN does not have the concept of client tunnel shunting generally speaking, namely when the user need to use the network of inner-mesh network and the Internet simultaneously, only have back and forth close and open VPN.2, the VPN client that provides by the third party.The VPN of this class provides the another one client and brings in authentication and the data encryption of finishing on the VPN, need to the operation of doing be set in system and move on to third-party client and operate, and it uses same inconvenient.The modified model version of Equations of The Second Kind VPN client also occurred at present, its cardinal principle is when the user accesses some specific domain names, and pull-up VPN network after a period of time is not accessed this domain name, is closed the VPN network.Equally, such client does not have the concept of vpn tunneling shunting, and needs the own deallocation of user domain name processed, and is when increase, deletion domain name, very high to user's requirement.
In order to solve a minute flow problem, the SDK(Software Development Kit that at present also has the part portable terminal to provide by VPN manufacturer, SDK) scheme solves, namely as long as use the network data of the software of SDK just can pass through VPN, do not use the network data of SDK software just can not pass through VPN.But this class software need to provide a VPN client to bring in functions such as finishing the VPN authentication equally; And exploitation with debug very consuming time of SDK, thereby increased debugging cost.
Summary of the invention
Main purpose of the present invention is intended to realize need not using other VPN client can guarantee the fail safe of transfer of data by VPN on portable terminal for a kind of method and apparatus based on VPN (virtual private network) realization data transmission security is provided; And can solve the complexity of applied software development and SDK debugging, thereby reduce development and maintenance cost.
The invention provides a kind of method based on VPN (virtual private network) realization data transmission security, comprising:
Behind the business software that starts portable terminal, call for the VPN authentication interface that VPN is authenticated;
To need the authentication information of the VPN that authenticates to be sent to vpn server by described VPN authentication interface, for it described VPN be authenticated;
Receive the authentication result that described vpn server returns, if authentication success, then the network data by himself all-network operation of described business software interception and processing is redirected to described business software with the network data after processing.
Preferably, carry out described call for the VPN authentication interface that VPN is authenticated before, also comprise:
The authentication information of the VPN that receives is written in the configuration file that needs portable terminal to be processed; Described authentication information comprises the username and password of VPN at least.
According to described configuration file, call the VPN initialization interface, for when business software moves, read the authentication information of VPN in the described configuration file and the hardware characteristics code of described portable terminal.
Preferably, the described authentication information that will need the VPN that authenticates by the VPN authentication interface is sent to vpn server and comprises:
Initiate the authentication request mutual with vpn server by the VPN authentication interface, and by the VPN authentication interface authentication information of described VPN is sent to vpn server.
Preferably, described by himself all-network operation of business software interception network data and process, the network data after processing is redirected to described business software comprises:
If the VPN authentication success, the network data by himself all-network operation of described business software interception then, and the described network data of tackling processed;
Described network data after processing is sent to described vpn server, for vpn server described network data is redirected to described business software.
The present invention also provides a kind of device based on VPN (virtual private network) realization data transmission security, comprising:
The first calling module is used for calling for the VPN authentication interface that VPN is authenticated behind the business software that starts portable terminal;
Delivery module is used for will needing the authentication information of the VPN that authenticates to be sent to vpn server by described VPN authentication interface, for it described VPN is authenticated;
Receiver module is used for receiving the authentication result that described vpn server returns;
Interception and processing module are used for behind authentication success, and the network data by himself all-network operation of described business software interception is also processed, and the network data after processing is redirected to described business software.
Preferably, realize that based on VPN (virtual private network) the device of data transmission security also comprises:
Writing module, the authentication information that is used for the VPN that will receive is written to the configuration file that needs portable terminal to be processed; Described authentication information comprises the username and password of VPN at least.
The second calling module is used for according to described configuration file, calls the VPN initialization interface, for when business software moves, reads the authentication information of VPN in the described configuration file and the hardware characteristics code of described portable terminal.
Preferably, described delivery module specifically is used for:
Initiate the authentication request mutual with vpn server by the VPN authentication interface, and by the VPN authentication interface authentication information of described VPN is sent to vpn server.
Preferably, described interception and processing module comprise:
Interception and processing unit are used for behind the VPN authentication success, by the network data of himself all-network operation of described business software interception, and the described network data of tackling are processed;
Transmitting element, the described network data after being used for processing is sent to described vpn server, for vpn server described network data is redirected to described business software.
The present invention calls for the VPN authentication interface that VPN is authenticated by after starting the business software of portable terminal, will need the authentication information of the VPN that authenticates to be sent to vpn server by the VPN authentication interface; After the vpn server authentication finishes, receive the authentication result that vpn server returns, if authentication success, the network data of the all-network operation by himself interception service software of business software interception and processing then, network data after processing is redirected to business software, thereby realized need not using other VPN client, namely can realize guaranteeing by the business software in the portable terminal fail safe of this business software its data transmission; And solved the complexity of applied software development and SDK debugging, thereby reduced development and maintenance cost.
Description of drawings
Fig. 1 the present invention is based on the schematic flow sheet that VPN (virtual private network) realizes method one embodiment of data transmission security;
Fig. 2 the present invention is based on the schematic flow sheet that VPN (virtual private network) realizes the another embodiment of method of data transmission security;
Fig. 3 the present invention is based on the schematic flow sheet that VPN (virtual private network) realizes the network data of the all-network operation of interception and the software of managing business in the method for data transmission security;
Fig. 4 the present invention is based on the structural representation that VPN (virtual private network) realizes device one embodiment of data transmission security;
Fig. 5 the present invention is based on the structural representation that VPN (virtual private network) realizes the another embodiment of device of data transmission security;
Fig. 6 the present invention is based on the structural representation that VPN (virtual private network) realizes interception and processing module in the device of data transmission security.
The realization of the object of the invention, functional characteristics and advantage are described further with reference to accompanying drawing in connection with embodiment.
Embodiment
Should be appreciated that specific embodiment described herein only in order to explain the present invention, is not intended to limit the present invention.
With reference to Fig. 1, Fig. 1 the present invention is based on the schematic flow sheet that VPN (virtual private network) realizes method one embodiment of data transmission security.
The invention provides and a kind ofly realize the method for data transmission security need not extra installation, configure and maintenance VPN client based on VPN (virtual private network), based on the integrated solution of certainly linking up with SDK the safe access problem of client's service application.
The method based on VPN (virtual private network) realization data transmission security that the embodiment of the invention provides comprises:
Step S10 behind the business software that starts portable terminal, calls for the VPN authentication interface that VPN is authenticated;
Need to when portable terminal uses one to guarantee safe client software, at first finish the Network with VPN(Virtual Private, VPN (virtual private network) the user) irrelevant main functionality.In the present embodiment, provide automated tool software and VPN SDK module, wherein, automated tool software can be finished the original VPN SDK interface interchange that needs coding just can finish automatically; VPN SDK module is arranged in the business software of portable terminal, namely can finish the authentication of VPN and tackle the functions such as network data of himself carrying out network operation by business software, and the VPN client that does not need to provide by the third party is carried out VPN authentication and data encryption.Start the business software of portable terminal the user after, the VPN authentication interface that at first provides by automated tool software transfer VPN SDK module, this VPN authentication interface are used for VPN is authenticated.
Step S20 will need the authentication information of the VPN that authenticates to be sent to vpn server by the VPN authentication interface, for it VPN is authenticated;
Behind automated tool software transfer VPN authentication interface, the VPN SDK module in the business software will need the authentication information of the VPN that authenticates to be sent to vpn server by the VPN authentication interface, for it VPN is authenticated.Vpn server carries out alternately according to the various certificate servers in this authentication information and the external network, so that VPN is authenticated after receiving the authentication information of client.
Step S30 receives the authentication result that vpn server returns, if authentication success, then the network data by himself all-network operation of business software interception and processing is redirected to business software with the network data after processing.
When the authentication information of vpn server according to VPN, after this VPN authentication end, can return an authentication result to VPN SDK module.At this moment, VPN SDK module in the business software receives the authentication result that vpn server returns, if authentication success, then VPN SDK module begins to start the HOOK operation, namely tackle the all-network data that produce when current business software self carries out network operation, and the network data of tackling processed, namely will use the network data of VPN and the network data that belongs to the Internet to distinguish by VPN SDK module, then will be redirected to business software through the network data of the use VPN after the differentiating and processing.
The embodiment of the invention by after starting the business software of portable terminal, is called for the VPN authentication interface that VPN is authenticated, and will need the authentication information of the VPN that authenticates to be sent to vpn server by the VPN authentication interface; After the vpn server authentication finishes, receive the authentication result that vpn server returns, if authentication success, the network data by himself all-network operation of business software interception and processing then, network data after processing is redirected to business software, thereby realized need not using other VPN client, namely can realize guaranteeing by the business software in the portable terminal fail safe of this business software its data transmission; And solved the complexity of applied software development and SDK debugging, thereby reduced development and maintenance cost.
With reference to Fig. 2, Fig. 2 the present invention is based on the schematic flow sheet that VPN (virtual private network) realizes the another embodiment of method of data transmission security.
Based on above-described embodiment, before execution in step S10, the present invention is based on VPN (virtual private network) and realize that the method for data transmission security also comprises:
Step S40 is written to the authentication information of the VPN that receives in the configuration file that needs portable terminal to be processed; Authentication information comprises the username and password of VPN at least.
Before the VPN authentication interface that provides by automated tool software transfer VPN SDK module, at first be configured by automated tool software and the calling of VPN initialization interface.Open the business software that needs portable terminal to be processed by automated tool software, and the SDK(Software Development Kit of VPN, SDK), input needs the authentication information of the VPN of authentication in automated tool software, in the present embodiment, the authentication information of VPN is the information that the username and password of VPN etc. is used for this VPN of sign.Then, the authentication information with VPN is written in the configuration file that needs portable terminal to be processed.
Step S41 according to configuration file, calls the VPN initialization interface, for when business software moves, reads the authentication information of VPN in the configuration file and the hardware characteristics code of portable terminal.
After being written to the authentication information of VPN in the configuration file that needs portable terminal to be processed, automated tool software is according to the configuration file that writes, find the entrance method of application program of business software and the entrance method of static HOOK, and call the VPN initialization interface, this VPN initialization interface is used for when business software moves, read the authentication information of VPN in the configuration file and the hardware characteristics code of portable terminal, and the network operation of dynamic this business software of HOOK.
Before by vpn server authentication VPN, the authentication information of the username and password that comprises VPN of the VPN that receives etc. is written in the configuration file that needs portable terminal to be processed, and according to configuration file, call for when business software moves, read the VPN initialization interface of the hardware characteristics code of the authentication information of VPN in the configuration file and portable terminal, further facilitated the authentication to VPN, thereby further guaranteed to solve the complexity of applied software development and SDK debugging, reduced development and maintenance cost.
In method one embodiment that the present invention is based on VPN (virtual private network) realization data transmission security, step S20 is specially:
Initiate the authentication request mutual with vpn server by the VPN authentication interface, and by the VPN authentication interface authentication information of described VPN is sent to vpn server.
In the present embodiment, to need the authentication information of the VPN that authenticates to be sent to vpn server by the VPN authentication interface, specifically refer to after the business software operation, after calling the hardware characteristics code that the VPN initialization interface reads the authentication information of VPN in the configuration file and portable terminal by automated tool software, at first initiate the authentication request mutual with vpn server by the VPN authentication interface of VPN SDK module, then the authentication information with VPN is sent to vpn server, for it VPN is authenticated.
With reference to Fig. 3, Fig. 3 the present invention is based on the schematic flow sheet that VPN (virtual private network) realizes the network data of the all-network operation of interception and the software of managing business in the method for data transmission security.
In the above-described embodiments, step S30 comprises:
Step S31, if the VPN authentication success, the network data by himself all-network operation of business software interception then, and the network data of tackling processed;
When the authentication information of vpn server according to VPN, finish alternately authentication to VPN with the certificate server of external network, and after the return authentication result gives the VPN SDK module be arranged in the business software, if VPN authentication success, then VPN SDK module starts the HOOK operation, tackle the all-network data that produce when this business software self carries out network operation, to use the network data of VPN to distinguish with the network data that belongs to the Internet, and network data processed, namely it is carried out the processing such as transparent encryption.
Step S32 is sent to vpn server with the network data after processing, and for vpn server network data is redirected to business software.
After the all-network data that business software is carried out network operation are carried out differentiating and processing, to be sent to through the network data after the processing such as transparent encryption vpn server, vpn server will use the treated network data of VPN to change in the vpn tunneling, be about to this network data and be redirected to current business software; The network data of other softwares then can not enter vpn tunneling.
Behind the VPN authentication success, the network data that the all-network that himself carries out by the business software interception operates, and will use the network data of VPN and the network data that belongs to the Internet to distinguish, the network data of using VPN is carried out the processing such as transparent encryption, then it is redirected to current business software, further realize need not using other VPN client, namely can guarantee by the business software in the portable terminal fail safe of himself transfer of data.
The present invention also provides a kind of device of realizing data transmission security based on VPN (virtual private network).
With reference to Fig. 4, Fig. 4 the present invention is based on the structural representation that VPN (virtual private network) realizes device one embodiment of data transmission security.
The device based on VPN (virtual private network) realization data transmission security that the embodiment of the invention provides comprises:
The first calling module 10 is used for calling for the VPN authentication interface that VPN is authenticated behind the business software that starts portable terminal;
Delivery module 20 is used for will needing the authentication information of the VPN that authenticates to be sent to vpn server by the VPN authentication interface, for it VPN is authenticated;
Receiver module 30 is used for receiving the authentication result that vpn server returns;
Interception and processing module 40 are used for behind authentication success, and the network data by himself all-network operation of business software interception is also processed, and the network data after processing is redirected to business software.
Need to when portable terminal uses one to guarantee safe client software, at first finish the Network with VPN(Virtual Private, VPN (virtual private network) the user) irrelevant main functionality.In the present embodiment, provide automated tool software and VPN SDK module, wherein, automated tool software can be finished the original VPN SDK interface interchange that needs coding just can finish automatically; VPN SDK module is arranged in the business software of portable terminal, by business software namely can be used for finishing VPN authentication and, tackle its business software and self carry out the functions such as network data of network operation, and the VPN client that does not need to provide by the third party is carried out VPN authentication and data encryption.Start the business software of portable terminal the user after, at first by the first calling module 10, the VPN authentication interface that namely provides by automated tool software transfer VPN SDK module, this VPN authentication interface are used for VPN is authenticated.
Behind automated tool software transfer VPN authentication interface, delivery module 20 will need the authentication information of the VPN that authenticates to be sent to vpn server by the VPN authentication interface, for it VPN is authenticated.Vpn server carries out alternately according to the various certificate servers in this authentication information and the external network, so that VPN is authenticated after receiving the authentication information of client.
When the authentication information of vpn server according to VPN, after this VPN authentication end, can return an authentication result to VPN SDK module.At this moment, VPN SDK module in the business software receives the authentication result that vpn server returns by receiver module 30, if authentication success, then VPN SDK module begins to start the HOOK operation, namely tackle the all-network data that produce when the current business software that starts self carries out network operation, and by the interception and 40 pairs of network datas of tackling of processing module process, namely will use the network data of VPN and the network data that belongs to the Internet to distinguish by VPN SDK module, then will be redirected to business software through the network data of the use VPN after the differentiating and processing.
The embodiment of the invention by after starting the business software of portable terminal, is called for the VPN authentication interface that VPN is authenticated, and will need the authentication information of the VPN that authenticates to be sent to vpn server by the VPN authentication interface; After the vpn server authentication finishes, receive the authentication result that vpn server returns, if authentication success, the network data by himself all-network operation of business software interception and processing then, network data after processing is redirected to business software, thereby realized need not using other VPN client, namely can realize by the VPN client on the portable terminal fail safe of the transfer of data of assurance business software; And solved the complexity of applied software development and SDK debugging, thereby reduced development and maintenance cost.
With reference to Fig. 5, Fig. 5 the present invention is based on the structural representation that VPN (virtual private network) realizes the another embodiment of device of data transmission security.
Based on above-described embodiment, realize that based on VPN (virtual private network) the device of data transmission security also comprises:
Writing module 50, the authentication information that is used for the VPN that will receive is written to the configuration file that needs portable terminal to be processed; Authentication information comprises the username and password of VPN at least.
The second calling module 51 is used for according to configuration file, calls the VPN initialization interface, for when business software moves, reads the authentication information of VPN in the configuration file and the hardware characteristics code of portable terminal.
Before the VPN authentication interface that provides by automated tool software transfer VPN SDK module, at first be configured by automated tool software and the calling of VPN initialization interface.Open the business software that needs portable terminal to be processed by automated tool software, and the SDK(Software Development Kit of VPN, SDK), input needs the authentication information of the VPN of authentication in automated tool software, in the present embodiment, the authentication information of VPN is the information that the username and password of VPN etc. is used for this VPN of sign.Then, be written in the configuration file that needs portable terminal to be processed by the authentication information of writing module 50 with VPN.
After being written to the authentication information of VPN in the configuration file that needs portable terminal to be processed, automated tool software is according to the configuration file that writes, find the entrance method of application program of business software and the entrance method of static HOOK, and call the VPN initialization interface by the second calling module 51, this VPN initialization interface is used for when business software moves, read the authentication information of VPN in the configuration file and the hardware characteristics code of portable terminal, and the network operation of dynamic this business software of HOOK.
Before by vpn server authentication VPN, the authentication information of the username and password that comprises VPN of the VPN that receives etc. is written in the configuration file that needs portable terminal to be processed, and according to configuration file, call for when business software moves, read the VPN initialization interface of the hardware characteristics code of the authentication information of VPN in the configuration file and portable terminal, further facilitated the authentication to VPN, thereby further guaranteed to solve the complexity of applied software development and SDK debugging, reduced development and maintenance cost.
In device one embodiment that the present invention is based on VPN (virtual private network) realization data transmission security, delivery module 20 specifically is used for:
Initiate the authentication request mutual with vpn server by the VPN authentication interface, and by the VPN authentication interface authentication information of VPN is sent to vpn server.
In the present embodiment, to need the authentication information of the VPN that authenticates to be sent to vpn server by the VPN authentication interface, specifically refer to after the business software operation, after calling the hardware characteristics code that the VPN initialization interface reads the authentication information of VPN in the configuration file and portable terminal by automated tool software, at first initiate the authentication request mutual with vpn server by the VPN authentication interface of VPN SDK module, then the authentication information with VPN is sent to vpn server, for it VPN is authenticated.
With reference to Fig. 6, Fig. 6 the present invention is based on the structural representation that VPN (virtual private network) realizes interception and processing module in the device of data transmission security.
In the above-described embodiments, interception and processing module 40 comprise:
Interception and processing unit 41 are used for behind the VPN authentication success, by the network data of himself all-network operation of business software interception, and the network data of tackling are processed;
Transmitting element 42, the network data after being used for processing is sent to vpn server, for vpn server network data is redirected to business software.
When the authentication information of vpn server according to VPN, finish alternately authentication to VPN with the certificate server of external network, and after the return authentication result gives the VPN SDK module be arranged in the business software, if VPN authentication success, then VPN SDK module starts the HOOK operation, the all-network data that produce when carrying out network operation by interception and processing unit 41 interception these business softwares self, to use the network data of VPN to distinguish with the network data that belongs to the Internet, and network data processed, namely it is carried out the processing such as transparent encryption.
After the all-network data that business software is carried out network operation are carried out differentiating and processing, to be sent to through the network data after the processing such as transparent encryption vpn server by transmitting element 42, vpn server will use the treated network data of VPN to change in the vpn tunneling, be about to this network data and be redirected to current business software; The network data of other softwares then can not enter vpn tunneling.
Behind the VPN authentication success, the network data that the all-network that himself carries out by the business software interception operates, and will use the network data of VPN and the network data that belongs to the Internet to distinguish, the network data of using VPN is carried out the processing such as transparent encryption, then it is redirected to current business software, further realize need not using other VPN client, namely can guarantee by the business software in the portable terminal fail safe of himself transfer of data.
The above only is the preferred embodiments of the present invention; be not so limit claim of the present invention; every equivalent structure or equivalent flow process conversion that utilizes specification of the present invention and accompanying drawing content to do; or directly or indirectly be used in other relevant technical fields, all in like manner be included in scope of patent protection of the present invention.

Claims (8)

1. the method based on VPN (virtual private network) realization data transmission security is characterized in that, comprising:
Behind the business software that starts portable terminal, call for the VPN authentication interface that VPN is authenticated;
To need the authentication information of the VPN that authenticates to be sent to vpn server by described VPN authentication interface, for it described VPN be authenticated;
Receive the authentication result that described vpn server returns, if authentication success, then the network data by himself all-network operation of described business software interception and processing is redirected to described business software with the network data after processing.
2. method according to claim 1 is characterized in that, carry out described call for the VPN authentication interface that VPN is authenticated before, also comprise:
The authentication information of the VPN that receives is written in the configuration file that needs portable terminal to be processed; Described authentication information comprises the username and password of VPN at least.
According to described configuration file, call the VPN initialization interface, for when business software moves, read the authentication information of VPN in the described configuration file and the hardware characteristics code of described portable terminal.
3. method according to claim 2 is characterized in that, the described authentication information that will need the VPN that authenticates by the VPN authentication interface is sent to vpn server and comprises:
Initiate the authentication request mutual with vpn server by the VPN authentication interface, and by the VPN authentication interface authentication information of described VPN is sent to vpn server.
4. each described method in 3 according to claim 1 is characterized in that, described by himself all-network operation of business software interception network data and process, the network data after processing is redirected to described business software comprises:
If the VPN authentication success, the network data by himself all-network operation of described business software interception then, and the described network data of tackling processed;
Described network data after processing is sent to described vpn server, for vpn server described network data is redirected to described business software.
5. the device based on VPN (virtual private network) realization data transmission security is characterized in that, comprising:
The first calling module is used for calling for the VPN authentication interface that VPN is authenticated behind the business software that starts portable terminal;
Delivery module is used for will needing the authentication information of the VPN that authenticates to be sent to vpn server by described VPN authentication interface, for it described VPN is authenticated;
Receiver module is used for receiving the authentication result that described vpn server returns;
Interception and processing module are used for behind authentication success, and the network data by himself all-network operation of described business software interception is also processed, and the network data after processing is redirected to described business software.
6. device according to claim 5 is characterized in that, also comprises:
Writing module, the authentication information that is used for the VPN that will receive is written to the configuration file that needs portable terminal to be processed; Described authentication information comprises the username and password of VPN at least.
The second calling module is used for according to described configuration file, calls the VPN initialization interface, for when business software moves, reads the authentication information of VPN in the described configuration file and the hardware characteristics code of described portable terminal.
7. device according to claim 6 is characterized in that, described delivery module specifically is used for:
Initiate the authentication request mutual with vpn server by the VPN authentication interface, and by the VPN authentication interface authentication information of described VPN is sent to vpn server.
8. each described device in 7 according to claim 5 is characterized in that described interception and processing module comprise:
Interception and processing unit are used for behind the VPN authentication success, by the network data of himself all-network operation of described business software interception, and the described network data of tackling are processed;
Transmitting element, the described network data after being used for processing is sent to described vpn server, for vpn server described network data is redirected to described business software.
CN201210464938.XA 2012-11-16 2012-11-16 The method and apparatus realizing data transmission security based on VPN (virtual private network) Active CN102984044B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201210464938.XA CN102984044B (en) 2012-11-16 2012-11-16 The method and apparatus realizing data transmission security based on VPN (virtual private network)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201210464938.XA CN102984044B (en) 2012-11-16 2012-11-16 The method and apparatus realizing data transmission security based on VPN (virtual private network)

Publications (2)

Publication Number Publication Date
CN102984044A true CN102984044A (en) 2013-03-20
CN102984044B CN102984044B (en) 2016-08-10

Family

ID=47857803

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201210464938.XA Active CN102984044B (en) 2012-11-16 2012-11-16 The method and apparatus realizing data transmission security based on VPN (virtual private network)

Country Status (1)

Country Link
CN (1) CN102984044B (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106332070A (en) * 2015-06-30 2017-01-11 北京壹人壹本信息科技有限公司 Secure communication method, device and system
CN107070816A (en) * 2017-03-31 2017-08-18 北京小米移动软件有限公司 Recognition methods, device and the mobile terminal of application
WO2018090212A1 (en) * 2016-11-15 2018-05-24 深圳达闼科技控股有限公司 Vpn on-off switch control method, device, and mobile terminal
CN110768886A (en) * 2019-09-17 2020-02-07 广州供电局有限公司 Method, device, computer equipment and medium for automatically connecting VPN (virtual private network) by application program
CN111314355A (en) * 2020-02-20 2020-06-19 深信服科技股份有限公司 Authentication method, device, equipment and medium of VPN (virtual private network) server
CN111934972A (en) * 2020-08-12 2020-11-13 北京指掌易科技有限公司 Application VPN (virtual private network) management method and device and electronic equipment

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050100000A1 (en) * 2003-11-07 2005-05-12 Foursticks Pty Ltd Method and system for windows based traffic management
CN101621527A (en) * 2009-08-21 2010-01-06 杭州华三通信技术有限公司 Method, system and device for realizing safety certificate based on Portal in VPN
CN102170451A (en) * 2011-05-17 2011-08-31 深信服网络科技(深圳)有限公司 VPN (Virtual Private Network) client access method and device
CN102377731A (en) * 2010-08-10 2012-03-14 正文科技股份有限公司 Virtual private network system and network device thereof

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050100000A1 (en) * 2003-11-07 2005-05-12 Foursticks Pty Ltd Method and system for windows based traffic management
CN101621527A (en) * 2009-08-21 2010-01-06 杭州华三通信技术有限公司 Method, system and device for realizing safety certificate based on Portal in VPN
CN102377731A (en) * 2010-08-10 2012-03-14 正文科技股份有限公司 Virtual private network system and network device thereof
CN102170451A (en) * 2011-05-17 2011-08-31 深信服网络科技(深圳)有限公司 VPN (Virtual Private Network) client access method and device

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106332070A (en) * 2015-06-30 2017-01-11 北京壹人壹本信息科技有限公司 Secure communication method, device and system
CN106332070B (en) * 2015-06-30 2020-08-28 北京壹人壹本信息科技有限公司 Secure communication method, device and system
WO2018090212A1 (en) * 2016-11-15 2018-05-24 深圳达闼科技控股有限公司 Vpn on-off switch control method, device, and mobile terminal
CN107070816A (en) * 2017-03-31 2017-08-18 北京小米移动软件有限公司 Recognition methods, device and the mobile terminal of application
CN107070816B (en) * 2017-03-31 2020-07-03 北京小米移动软件有限公司 Application identification method and device and mobile terminal
CN110768886A (en) * 2019-09-17 2020-02-07 广州供电局有限公司 Method, device, computer equipment and medium for automatically connecting VPN (virtual private network) by application program
CN110768886B (en) * 2019-09-17 2021-11-02 广东电网有限责任公司广州供电局 Method, device, computer equipment and medium for automatically connecting VPN (virtual private network) by application program
CN111314355A (en) * 2020-02-20 2020-06-19 深信服科技股份有限公司 Authentication method, device, equipment and medium of VPN (virtual private network) server
CN111934972A (en) * 2020-08-12 2020-11-13 北京指掌易科技有限公司 Application VPN (virtual private network) management method and device and electronic equipment

Also Published As

Publication number Publication date
CN102984044B (en) 2016-08-10

Similar Documents

Publication Publication Date Title
CN106462467B (en) Integrated API and UI for consuming services over different distributed networks
CN111245825B (en) Applet login method, server and electronic device
US9240977B2 (en) Techniques for protecting mobile applications
CN103413089B (en) Mobile terminal and the method realizing dual system thereof
CN102984044A (en) Method and device based on virtual private network (VPN) to achieve data transmission security
CN105701414B (en) Method and device for multiplexing electronic equipment based on multiple accounts and electronic equipment
CN103347137B (en) A kind of customer service is handled processing method and the device of data
CN107924411A (en) The recovery of UI states in transaction system
CN104516777A (en) User interface management method and system
CN105378768A (en) Proximity and context aware mobile workspaces in enterprise systems
CN103002445A (en) Safe mobile electronic equipment for providing application services
CN102821085A (en) Third party authorization login method, open platform and system
CN104102882A (en) Protection method and device for privacy data of application program
CN107870997B (en) Conference blackboard-writing file management method and device, display device and storage medium
CN110826043A (en) Digital identity application system and method, identity authentication system and method
CN103778381A (en) Application screen locking method and device based on Android
CN110958206A (en) Data security method for mobile equipment application based on virtualization
CN107483477B (en) Account management method and account management system
CN109033803A (en) A kind of movement based on portal APP is micro- to apply login management method
WO2017114210A1 (en) Apparatus and method for security control of data processing system
CN104702661B (en) Remote control thereof between mobile communication terminal
CN106502495A (en) A kind of method and apparatus for accessing desktop under guest mode
CN107111707A (en) Smart card, mobile terminal and the method that network ID authentication is carried out using smart card
CN104346161A (en) Information processing method and electronic equipment
CN112448909A (en) Electronic lock management method, device, system and storage medium

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CP03 Change of name, title or address
CP03 Change of name, title or address

Address after: Nanshan District Xueyuan Road in Shenzhen city of Guangdong province 518000 No. 1001 Nanshan Chi Park building A1 layer

Patentee after: SINFOR Polytron Technologies Inc

Address before: 518052 room 410-413, science and technology innovation service center, No. 1 Qilin Road, Shenzhen, Guangdong, China

Patentee before: Shenxinfu Electronics Science and Technology Co., Ltd., Shenzhen