CN109040069B - Cloud application program publishing method, publishing system and access method - Google Patents

Cloud application program publishing method, publishing system and access method Download PDF

Info

Publication number
CN109040069B
CN109040069B CN201810882900.1A CN201810882900A CN109040069B CN 109040069 B CN109040069 B CN 109040069B CN 201810882900 A CN201810882900 A CN 201810882900A CN 109040069 B CN109040069 B CN 109040069B
Authority
CN
China
Prior art keywords
application program
domain name
authentication
proxy server
cloud application
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810882900.1A
Other languages
Chinese (zh)
Other versions
CN109040069A (en
Inventor
杨正权
张沂
王进才
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jiangsu Yianlian Network Technology Co ltd
Original Assignee
Jiangsu Yianlian Network Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jiangsu Yianlian Network Technology Co ltd filed Critical Jiangsu Yianlian Network Technology Co ltd
Priority to CN201810882900.1A priority Critical patent/CN109040069B/en
Publication of CN109040069A publication Critical patent/CN109040069A/en
Application granted granted Critical
Publication of CN109040069B publication Critical patent/CN109040069B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0281Proxies
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computing Systems (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a cloud application program publishing method, a cloud application program publishing system and an access method. According to the cloud application program release method and system, the safety container is established in the cloud server, the cloud application program is deployed in the safety container, only one address and one port are externally released, and numerous applications are protected through the safety container, so that the risk that the cloud application program is attacked is greatly reduced, and the safety of the cloud application program is improved. According to the access method of the cloud application program, when the external network client accesses different cloud application programs, the proxy server in the security container analyzes and forwards the request, and the external network client can access different cloud application programs through one proxy server, so that the application security problem of a user in the process of accessing the cloud application program is solved, and the security of the user accessing the cloud application program is improved.

Description

Cloud application program publishing method, publishing system and access method
Technical Field
The invention relates to the field of application programs, in particular to a cloud application program publishing method, a cloud application program publishing system and an access method.
Background
At present, for a user, a cloud server simply deploys a plurality of application servers on the cloud server. As shown in fig. 1, the application programs themselves, such as the service system a, the service system B, the service system C, and the like, are deployed on the server individually, and the addresses issued to the outside are relatively independent. When the user accesses, the sent request comprises the address, the user name and the password of the target application program, and the application program analyzes and processes the request, so that communication is established with the user, and the target of the user access is achieved.
Therefore, in the prior art, the cloud application service is independently deployed and issued, and the outermost layer of protection is the application program. Different users access different application programs through different addresses, so that the possibility that the application programs are attacked is high, and great potential safety hazards exist when the users access the cloud application programs.
Therefore, how to improve the security of the cloud application and the security of the user when accessing the cloud application becomes a technical problem that needs to be solved by those skilled in the art.
Disclosure of Invention
The invention aims to provide a cloud application program publishing method, a cloud application program publishing system and an access method, which can greatly reduce the risk of attacking the cloud application program and improve the security of the cloud application program, solve the application security problem of a user in the process of accessing the cloud application program and improve the security of the user accessing the cloud application program.
In order to achieve the purpose, the invention provides the following scheme:
a method for publishing a cloud application, the method comprising:
establishing a security container at a cloud server, wherein the security container internally comprises an authentication center, a proxy server and each application program of a user, and comprises a logic interface, and the authentication center is used for performing authentication and authorization on an extranet client which sends an authentication request to the proxy server;
configuring the name, domain name address and protocol of each application program;
and encrypting the domain name address of each application program by adopting an encryption method to obtain the encrypted domain name of each application program, and accessing the corresponding application program by the external network client through the encrypted domain name.
Optionally, the encrypting the domain name address of each application program by using an encryption method specifically includes:
and encrypting the domain name address of each application program by adopting a Hash encryption method to obtain the Hash encryption domain name of each application program.
A publication system for cloud applications, the publication system comprising:
the system comprises a security container establishing module, a cloud server and a security container establishing module, wherein the security container establishing module is used for establishing a security container in the cloud server, the security container internally comprises an authentication center, a proxy server and each application program of a user, and the security container comprises a logic interface, wherein the authentication center is used for performing authentication and authorization on an extranet client side which sends an authentication request to the proxy server;
the application degree configuration module is used for configuring the name, the domain name address and the protocol of each application program;
and the domain name encryption module is used for encrypting the domain name address of each application program by adopting an encryption method to obtain the encrypted domain name of each application program, and the external network client accesses the corresponding application program through the encrypted domain name.
Optionally, the domain name encryption module encrypts the domain name address of each application program by using a hash encryption method to obtain a hash encryption domain name of each application program.
An access method of a cloud application for accessing the publication system according to any one of claims 3-4, the access method comprising:
the external network client sends an authentication request to the proxy server through a logic interface of the security container;
the proxy server sends the authentication request to an authentication center for authentication and authentication;
after the authentication is successful, the proxy server returns authentication information to the external network client through the logic interface of the security container;
and the proxy server acquires the request data packet sent by the extranet client through the logic interface of the safety container, analyzes the request data packet, and sends the request data packet of the extranet client to a corresponding application program according to the analysis result.
Optionally, the extranet client is a B/S architecture application access client or a C/S architecture application access client.
According to the specific embodiment provided by the invention, the invention discloses the following technical effects:
according to the cloud application program release method and system, the safety container is established in the cloud server, the cloud application program is deployed in the safety container, only one address and one port are externally released, and numerous applications are protected through the safety container, so that the risk that the cloud application program is attacked is greatly reduced, and the safety of the cloud application program is improved.
According to the access method of the cloud application program, when the external network client accesses different cloud application programs, the proxy server in the security container analyzes and forwards the request, and the external network client can access different cloud application programs through one proxy server, so that the application security problem of a user in the process of accessing the cloud application program is solved, and the security of the user accessing the cloud application program is improved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings needed in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings without creative efforts.
Fig. 1 is an access signaling interaction diagram of a cloud application in the prior art;
fig. 2 is a flowchart of a method for publishing a cloud application according to embodiment 1 of the present invention;
fig. 3 is a block diagram of a structure of a cloud application publishing system according to embodiment 2 of the present invention;
fig. 4 is a flowchart of an access method for a cloud application according to embodiment 3 of the present invention;
fig. 5 is a signaling interaction diagram of an access method for a cloud application according to embodiment 3 of the present invention;
fig. 6 is a flowchart of an authentication process provided in embodiment 3 of the present invention;
fig. 7 is a flowchart of short message authentication provided in embodiment 3 of the present invention;
fig. 8 is a flowchart of token authentication provided in embodiment 3 of the present invention;
FIG. 9 is a flowchart of resolving a real address according to embodiment 3 of the present invention;
fig. 10 is a flowchart of access of extranet clients of different architecture types according to embodiment 3 of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The invention aims to provide a cloud application program publishing method, a cloud application program publishing system and an access method, which can greatly reduce the risk of attacking the cloud application program and improve the security of the cloud application program, solve the application security problem of a user in the process of accessing the cloud application program and improve the security of the user accessing the cloud application program.
In order to make the aforementioned objects, features and advantages of the present invention comprehensible, embodiments accompanied with figures are described in further detail below.
Example 1:
fig. 2 is a flowchart of a method for publishing a cloud application according to embodiment 1 of the present invention. As shown in fig. 2, a method for publishing a cloud application includes:
step 101: the method comprises the steps that a security container is established in a cloud server, the security container comprises an authentication center, a proxy server and application programs of a user, the security container comprises a logic interface, and the authentication center is used for carrying out authentication and authentication on an extranet client side which sends an authentication request to the proxy server.
Step 102: and configuring the name, the domain name address and the protocol of each application program.
Step 103: and encrypting the domain name address of each application program by adopting an encryption method to obtain the encrypted domain name of each application program, and accessing the corresponding application program by the external network client through the encrypted domain name. In this embodiment, a hash encryption method is used to encrypt the domain name address of each application program, so as to obtain a hash encryption domain name of each application program.
Example 2:
fig. 3 is a block diagram of a structure of a cloud application publishing system according to embodiment 2 of the present invention. As shown in fig. 3, a publishing system of a cloud application includes:
the secure container establishing module 201 is configured to establish a secure container in a cloud server, where the secure container includes an authentication center, a proxy server, and each application program of a user, and the secure container includes a logic interface, where the authentication center is configured to perform authentication and authorization on an extranet client that sends an authentication request to the proxy server.
An application level configuration module 202, configured to configure the name, domain name address and protocol of each application program.
The domain name encryption module 203 is configured to encrypt the domain name address of each application program by using an encryption method to obtain an encrypted domain name of each application program, and the extranet client accesses the corresponding application program through the encrypted domain name. In this embodiment, the domain name encryption module 203 encrypts the domain name address of each application program by using a hash encryption method to obtain a hash encrypted domain name of each application program.
Example 3:
fig. 4 is a flowchart of an access method for a cloud application provided in embodiment 3 of the present invention. As shown in fig. 4, an access method of a cloud application, the access method being used for accessing the publishing system, the access method including:
step 301: the external network client sends an authentication request to the proxy server through the logic interface of the security container. In this embodiment, the extranet client is a B/S architecture application access client or a C/S architecture application access client.
Step 302: and the proxy server sends the authentication request to an authentication center for authentication and authentication.
Step 303: and after the authentication is successful, the proxy server returns authentication information to the external network client through the logic interface of the security container.
Step 304: and the proxy server acquires the request data packet sent by the extranet client through the logic interface of the safety container, analyzes the request data packet, and sends the request data packet of the extranet client to a corresponding application program according to the analysis result.
Fig. 5 is a signaling interaction diagram of an access method for a cloud application according to embodiment 3 of the present invention. According to the method, the security container is established at the cloud server, the cloud application program of the user is deployed in the security container, and only one port is opened to the outside, so that the purpose of protecting the application program of the user is achieved. As shown in fig. 5, the dotted line is the security container established at the cloud end of the present invention, and the security container includes an application program of a B/S architecture of a user, an application program of a C/S architecture, a first proxy server enwa, a second proxy server Enssl, a unified authentication center, and the like. After the user deployment is completed, all the application programs of the user only need to be configured at the management end, the configuration content comprises the names, domain addresses, protocols and the like of the application programs, and after the configuration is completed, a domain name subjected to hash encryption can be configured for the real access domain name of the application program and used for accessing an external network client. The external network client accesses the domain name after the hash encryption through the request, and actually accesses the proxy server, and the proxy server judges whether the account number, the equipment and the flow of the user are credible or not according to the request of the user, so that most illegal requests are effectively blocked. The following will describe in detail the three aspects of user authentication, B/S application access and C/S application access.
As shown in the authentication process of fig. 5, the user 1 completes authentication through steps a1-a6, steps a1 and a2 send the user name and password to the first proxy server enwa through HTTP request, steps A3 and a4 are authenticated by the first proxy server enwa and a unified authentication center, and if authentication is successful, user login success information (including mailbox, mobile phone number, etc.) is returned. The specific authentication process is shown in fig. 6:
firstly, an external network client, namely a user web end in fig. 5 sends an access request to a first proxy server enwa, then the first proxy server enwa judges whether the request contains authenticated ticket information (ticket) or not, and if the user has been authenticated and the request carries the ticket, a system access interface requested by the user is returned to complete establishment of a communication channel. If no authentication information (ticket) is inside the request, the first proxy server enwa returns information to redirect the user to the login interface of the requested system. The next step is to perform user authentication, which requires sending a request to an authentication server associated with the requested application, such as: an Oauth server. The Web end directly requests Oauth to log in, and then Oauth returns a corresponding login page; the user inputs an account password through the login page and sends the account password to Oauth for authentication, Oauth returns a ticket after the authentication is passed, and the web side is allowed to send a connection request to the requested target application program.
Meanwhile, the invention supports secondary login verification, including short message verification, mailbox verification, dynamic token verification, random verification code verification and hardware feature code verification.
The specific process of the short message authentication is shown in fig. 7:
a user sends a request to the casb through a Web end to open a webpage, and the casb can respond to the request and return the webpage; then, the user requests to log in, that is, the web end sends a request to the casb, the casb replies a page on which a request for inputting a short message verification code is made, and meanwhile, the casb sends the short message verification code to the mobile phone of the user through the short message gateway. After the user receives the verification code and correctly inputs the confirmation, the user can pass the authentication of the casb, so that the application can be smoothly accessed.
The specific process of token authentication is shown in fig. 8:
a user sends a ticket request to a casb through a Web end to open a webpage, and the casb returns the webpage; and then, the user requests login, namely the web end sends a request to the casb, the casb replies a page, the request of 'please input a dynamic token' is generated on the page, the user inputs a corresponding short code through the token and sends the short code to the casb, and the casb verifies through a special algorithm through a verification library given by a token manufacturer, identifies and authenticates, and judges whether the short code is in accordance with the dynamic token.
And returning Session _ id (authentication information) to the user through A5 and A6, and finally returning to the client, and meanwhile, saving Session _ id (authentication information) for the client browser accessed by the user to judge the login state of the user, thereby completing the whole authentication process.
After the authentication process is completed, the communication process is the communication process for the user to access the application program, and the B/S architecture system and the C/S architecture system are different, and are separately described below. The system user of the B/S architecture respectively accesses the service system 1 and the service system 2 through B, C, and each service system is a different cloud application program. And sending a target address link and Session _ id (authentication information) through a client, wherein the request content of the step B1 is 1.casb.enlink.cn, and the request content of the step C1 is 2.casb.enlink.cn, forwarding the request content to the first proxy server enwa through B2 and C2 respectively, the first proxy server enwa resolving a real address according to the request address and then directing to the target server, namely after the request content of the step B1 is resolved for 1.casb.enlink.cn, directing to the target application service 1 through B3, and after the request content of the step C1 is resolved, directing to the target application service 2 through C3, namely, a real service address of a service system (cloud application) in a secure container, and returning to the client access end through B4-B6 and C4-C6. And finishing the establishment of the whole access communication channel.
As shown in fig. 9, the real address resolution according to the request address is implemented as follows:
the request link of the user is 1. case. enlink.cn, and in the system, 1. case. enlink.cn will be used as a key value to configure a corresponding value, and a value in the internal database of the case will correspond to the key, and when jumping to a specific application, the background replaces the key and the value, thereby reaching the real application address.
For user access of the C/S architecture, the authentication process is the same as that of the B/S user, and the authentication is completed through D1-D6. The access communication channel is established by issuing a strategy through an Agent (client service) in the client, the Agent (client service) intercepts a data packet of a corresponding process, the request is sent to a second proxy server Enssl through the analysis of the data packet and the addition of a specific packet header (containing information such as an application type, url, a port and the like) through E1 and E2, the request data packet is analyzed by the second proxy server Enssl, then the request is diverted to a real target address server-service system 4 through E3, namely the real application service of the service system in a cloud container, and data is returned through E4-E6, so that the establishment of the whole access communication channel is completed.
The access flow of the extranet client with different architecture types is shown in fig. 10: the user firstly sends a request to the proxy server through the client, the proxy server authenticates the user identity to the unified authentication center, if the authentication is successful, corresponding authentication information is returned to the client, then the client sends the request to the first proxy server Enwa according to different types of applications and B/S type application access, and the first proxy server Enwa analyzes and forwards the request to a real target server. The C/S user issues a strategy through an Agent (client service) in the client, the Agent (client service) intercepts a data packet of a corresponding process, the request is sent to a second proxy server Enssl through analyzing the data packet and adding a specific packet header (containing information such as an application type, url, a port and the like), and the second proxy server Enssl analyzes the request data packet and turns the request to a real target address server.
According to the cloud application program issuing method and system, the safety container is established in the cloud server, the cloud application program is deployed in the safety container, only one address and one port are issued to the outside, a plurality of applications are protected through the safety container, and for different applications accessed by a user, the proxy server of the safety container analyzes and forwards the request, so that the risk that the application is attacked is greatly reduced. Meanwhile, the extranet client can access different cloud application programs through one proxy server set, the application safety problem of a user in the process of accessing the cloud application programs is solved, and the safety of the user accessing the cloud application programs is improved.
The embodiments in the present description are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other. For the system disclosed by the embodiment, the description is relatively simple because the system corresponds to the method disclosed by the embodiment, and the relevant points can be referred to the method part for description.
The principles and embodiments of the present invention have been described herein using specific examples, which are provided only to help understand the method and the core concept of the present invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, the specific embodiments and the application range may be changed. In view of the above, the present disclosure should not be construed as limiting the invention.

Claims (6)

1. A method for publishing a cloud application, the method comprising:
establishing a security container at a cloud server, wherein the security container internally comprises an authentication center, a proxy server and each application program of a user, and comprises a logic interface, and the authentication center is used for performing authentication and authorization on an extranet client which sends an authentication request to the proxy server;
configuring the name, domain name address and protocol of each application program;
and encrypting the domain name address of each application program by adopting an encryption method to obtain the encrypted domain name of each application program, and accessing the corresponding application program by the external network client through the encrypted domain name.
2. The issuing method according to claim 1, wherein the encrypting the domain name address of each application program by using an encryption method specifically includes:
and encrypting the domain name address of each application program by adopting a Hash encryption method to obtain the Hash encryption domain name of each application program.
3. A publishing system of a cloud application, the publishing system comprising:
the system comprises a security container establishing module, a cloud server and a security container establishing module, wherein the security container establishing module is used for establishing a security container in the cloud server, the security container internally comprises an authentication center, a proxy server and each application program of a user, and the security container comprises a logic interface, wherein the authentication center is used for performing authentication and authorization on an extranet client side which sends an authentication request to the proxy server;
the application program configuration module is used for configuring the name, the domain name address and the protocol of each application program;
and the domain name encryption module is used for encrypting the domain name address of each application program by adopting an encryption method to obtain the encrypted domain name of each application program, and the external network client accesses the corresponding application program through the encrypted domain name.
4. The issuing system according to claim 3, wherein the domain name encryption module encrypts the domain name address of each application program by using a hash encryption method to obtain the hash encrypted domain name of each application program.
5. An access method for a cloud application, the access method being used for accessing the publication system according to any one of claims 3 to 4, the access method comprising:
the external network client sends an authentication request to the proxy server through a logic interface of the security container;
the proxy server sends the authentication request to an authentication center for authentication and authentication;
after the authentication is successful, the proxy server returns authentication information to the external network client through the logic interface of the security container;
and the proxy server acquires the request data packet sent by the extranet client through the logic interface of the safety container, analyzes the request data packet, and sends the request data packet of the extranet client to a corresponding application program according to the analysis result.
6. The access method according to claim 5, wherein the extranet client is a B/S architecture application access client or a C/S architecture application access client.
CN201810882900.1A 2018-08-06 2018-08-06 Cloud application program publishing method, publishing system and access method Active CN109040069B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810882900.1A CN109040069B (en) 2018-08-06 2018-08-06 Cloud application program publishing method, publishing system and access method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810882900.1A CN109040069B (en) 2018-08-06 2018-08-06 Cloud application program publishing method, publishing system and access method

Publications (2)

Publication Number Publication Date
CN109040069A CN109040069A (en) 2018-12-18
CN109040069B true CN109040069B (en) 2020-09-18

Family

ID=64648572

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810882900.1A Active CN109040069B (en) 2018-08-06 2018-08-06 Cloud application program publishing method, publishing system and access method

Country Status (1)

Country Link
CN (1) CN109040069B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109600380B (en) * 2018-12-19 2020-11-10 北京创鑫旅程网络技术有限公司 Data transmission method and device
CN111049909B (en) * 2019-12-17 2024-04-02 昆山华东信息科技有限公司 Software release method
CN111416826B (en) * 2020-03-24 2020-12-29 江苏易安联网络技术有限公司 System and method for safely releasing and accessing application service
CN111444495B (en) * 2020-05-20 2020-11-24 江苏易安联网络技术有限公司 System and method for realizing single sign-on based on container
CN111611508B (en) * 2020-05-28 2020-12-15 江苏易安联网络技术有限公司 Identification method and device for actual website access of user

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9210173B2 (en) * 2008-11-26 2015-12-08 Red Hat, Inc. Securing appliances for use in a cloud computing environment
CN101741882A (en) * 2008-11-27 2010-06-16 Tcl集团股份有限公司 CE equipment-oriented internet portal service system and method
US11115417B2 (en) * 2015-05-19 2021-09-07 Microsoft Technology Licensing, Llc. Secured access control to cloud-based applications
CN106534148B (en) * 2016-11-29 2020-02-14 北京元心科技有限公司 Access control method and device for application
CN107493344B (en) * 2017-08-29 2020-07-28 浪潮云信息技术股份公司 Method and system for Web access to Docker container

Also Published As

Publication number Publication date
CN109040069A (en) 2018-12-18

Similar Documents

Publication Publication Date Title
CN109040069B (en) Cloud application program publishing method, publishing system and access method
TWI725958B (en) Cloud host service authority control method, device and system
EP3095225B1 (en) Redirect to inspection proxy using single-sign-on bootstrapping
US8589675B2 (en) WLAN authentication method by a subscriber identifier sent by a WLAN terminal
CN104322001B (en) The Transport Layer Security flow control identified using service name
WO2016188256A1 (en) Application access authentication method, system, apparatus and terminal
US8275984B2 (en) TLS key and CGI session ID pairing
CN112039909A (en) Authentication method, device, equipment and storage medium based on unified gateway
US10225260B2 (en) Enhanced authentication security
CN107579991B (en) Method for performing cloud protection authentication on client, server and client
CN107534557A (en) The Identity Proxy of access control and single-sign-on is provided
US20100100950A1 (en) Context-based adaptive authentication for data and services access in a network
JP2017521934A (en) Method of mutual verification between client and server
CN109413000B (en) Anti-stealing-link method and anti-stealing-link network relation system
CN108322416B (en) Security authentication implementation method, device and system
CN110933078B (en) H5 unregistered user session tracking method
CN101986598B (en) Authentication method, server and system
JP5864598B2 (en) Method and system for providing service access to a user
CA2914426A1 (en) Method for authenticating a user, corresponding server, communications terminal and programs
WO2016188335A1 (en) Access control method, apparatus and system for user data
JP4698751B2 (en) Access control system, authentication server system, and access control program
CN109309684A (en) A kind of business access method, apparatus, terminal, server and storage medium
CN109962892A (en) A kind of authentication method and client, server logging in application
CN106576050B (en) Three-tier security and computing architecture
CN103812843B (en) Method for authenticating and system based on WebService applications

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant