CN113765893A - Protocol proxy password penetration authentication method applied to MySQL system - Google Patents

Protocol proxy password penetration authentication method applied to MySQL system Download PDF

Info

Publication number
CN113765893A
CN113765893A CN202110930414.4A CN202110930414A CN113765893A CN 113765893 A CN113765893 A CN 113765893A CN 202110930414 A CN202110930414 A CN 202110930414A CN 113765893 A CN113765893 A CN 113765893A
Authority
CN
China
Prior art keywords
authentication
mysql
password
proxy
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110930414.4A
Other languages
Chinese (zh)
Other versions
CN113765893B (en
Inventor
王继洪
范渊
吴永越
郑学新
刘韬
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chengdu DBAPPSecurity Co Ltd
Original Assignee
Chengdu DBAPPSecurity Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chengdu DBAPPSecurity Co Ltd filed Critical Chengdu DBAPPSecurity Co Ltd
Priority to CN202110930414.4A priority Critical patent/CN113765893B/en
Publication of CN113765893A publication Critical patent/CN113765893A/en
Application granted granted Critical
Publication of CN113765893B publication Critical patent/CN113765893B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0281Proxies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/141Setup of application sessions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/082Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying multi-factor authentication
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention relates to the technical field of transparent transmission, and provides a protocol proxy password penetrating authentication method applied to a MySQL system. In the protocol proxy password penetration authentication method, only the MySQL client knows the login password input by the user, the proxy end and the MySQL server do not know the login password, and the proxy end and the MySQL server can realize the penetration authentication without knowing the login password, namely, the operation and maintenance connection establishment function in a password-free hosting mode is realized.

Description

Protocol proxy password penetration authentication method applied to MySQL system
Technical Field
The invention belongs to the technical field of transparent transmission, and particularly relates to a protocol proxy password penetration authentication method applied to a MySQL system.
Background
The protocol agent model applied in the current operation and maintenance auditing system basically provides a protocol agent mode in a server password hosting mode. With the increasing complexity of operation and maintenance scenes, more and more scenes with passwords not being managed to the operation and maintenance auditing system platform are provided.
The MySQL system is the most popular relational database management system. The MySQL server can send an authswitch type message and require the connected client to switch to another authentication mode. In the MySQL system, one of the characteristics of the MySQL protocol is that the MySQL server initiates an application layer message, which contains an encryption seed for cryptographic calculation. When the MySQL system is provided with the proxy end, the MySQL client can mistakenly recognize the proxy end as the MySQL server when being connected with the proxy end and receive wrong encryption seeds, so that an encryption message generated after a password input by a user on the MySQL client is encrypted cannot be accepted by the MySQL server, and the client access failure of the user can be directly caused.
The prior art is as follows: the chinese patent publication (publication) No. CN105100107B discloses a method for proxy client account authentication: the password intermediate data can be calculated by acquiring analysis data when the client account and the first database server are authenticated and acquiring the pre-stored encrypted password of the client account from the first database server. The first authentication message is generated by using the password intermediate data, and the authentication between the client account and the second database server can be proxied without manually configuring the client account and the plaintext password, so that convenience is provided for a user. Because the encrypted password corresponding to the client account can be obtained in real time by using the pre-configured database administrator account, even if the password corresponding to the client account is modified, the modified password intermediate data can be obtained, and further, the client account information can be automatically updated.
The free switch technology used in the prior art essentially uses a preset administrator account to access a server for storing a password to obtain a ciphertext, then proxies an authentication calculation process of a response in a client, and finally sends the generated password authentication ciphertext to a database server for an authentication request.
Disclosure of Invention
The invention provides a transparent transmission technology different from the prior art, and provides a protocol proxy password penetrating authentication method applied to a MySQL system.
In the invention, the proxy end arranged between the MySQL client and the MySQL server actively resets the authentication encryption seeds negotiated when the MySQL client is connected with the proxy end by using an authswitch method, so that the authentication encryption seeds provided by the real MySQL server are updated, thereby completing the penetrating authentication flow from the MySQL client to the MySQL server. In the process, only the MySQL client knows the login password input by the user, the agent end and the MySQL server do not know the login password, and the agent end and the MySQL server can realize the transparent transmission authentication without knowing the login password, namely, the operation and maintenance connection establishment function in a password-free hosting mode is realized.
The invention provides a protocol proxy password penetration authentication method applied to a MySQL system, which comprises the following steps:
step S1: the MySQL client acquires a login name N, a login password P and an access address IP input by a user, and then initiates TCP connection to the agent end;
step S2: the proxy end generates an authentication type A and an authentication encryption seed A1 of the MySQL server, and sends an initial message T1 containing the authentication type A and the authentication encryption seed A1 of the MySQL server to the MySQL client end after the TCP connection is established;
step S3: the MySQL client analyzes the received initial message T1 to obtain an authentication type A and an authentication encryption seed A1; then, according to the authentication type A, the authentication encryption seed A1 and a login password P input by a user, authentication data M1 is obtained through calculation;
step S4: the MySQL client sends a request message S1 containing a client name, a client version, a login name N, authentication data M1 and an access address IP to an agent end;
step S5: the agent terminal receives the request message S1 and analyzes the message to obtain the access address IP; then, the proxy end initiates TCP connection to the MySQL server;
step S6: the MySQL server generates an authentication type B and an authentication encryption seed B1 of the MySQL server, and sends a server message S2 containing the authentication type B and the authentication encryption seed B1 of the MySQL server to the proxy end after the TCP connection is established;
step S7: the agent terminal analyzes the received server message S2 to obtain an authentication type B and an authentication encryption seed B1; then, according to the authentication type B and the authentication encryption seed B1, an authswitch message T3 is assembled, and the authswitch message T3 is replied to the MySQL client;
step S8: after receiving an authswitch message T3 from the proxy, the MySQL client analyzes to obtain an authentication type B and an authentication encryption seed B1; the MySQL client switches the authentication type A of the MySQL server into an authentication type B, and recalculates the password according to the login password P and the authentication encryption seed B1 to obtain a password P1; then, the authentication data M2 is obtained by calculation according to the authentication encryption seed B1 and the password P1;
step S9: the MySQL client sends the authentication data M2 to the agent end;
step S10: the proxy side sends authentication data M2 to the MySQL server.
In the protocol proxy password penetration authentication method, no matter whether the authentication result of the MySQL server is successful or failed, the proxy end immediately enters a full forwarding state; that is, all future protocol messages of the MySQL server are transmitted to the MySQL client, and all future protocol messages of the MySQL client are transmitted to the MySQL server.
Further, after the agent terminal in step S5 parses the request message S1, the authentication data M1 is discarded.
Further, the authentication encryption seed a1 is a random character string.
Further, the authentication encryption seed B1 is a random character string.
Further, in the step S9, the MySQL client encapsulates the authentication data M2 into protocol data R1 and sends the protocol data R1 to the agent.
Further, in the step S10, the proxy terminal parses the received protocol data R1, encapsulates the protocol data R2, and sends the encapsulated protocol data R2 to the MySQL server.
The invention also provides an electronic device, which comprises a memory and a processor; the memory for storing a computer program; the processor is used for executing the computer program to realize the protocol proxy password penetration authentication method.
The invention also provides a computer readable storage medium for storing a computer program, which when executed by a processor implements the protocol proxy password penetration authentication method.
Compared with the prior art, the invention has the following advantages and beneficial effects:
(1) the proxy side actively resets the authentication encryption seeds negotiated when the MySQL client side is connected with the proxy side by using an authswitch method, so that the authentication encryption seeds are updated to the authentication encryption seeds provided by a real MySQL server, and the penetrating authentication flow from the MySQL client side to the MySQL server is completed;
(2) the invention does not have the process of using the preset administrator account to obtain the password intermediate data, and simultaneously does not have the step of participating in calculation of the password intermediate data in the proxy, namely, the proxy end in the invention is completely unaware of the password data of the user, and can use the authswitch means to complete the penetrating authentication proxy of the MySQL client and the MySQL server without knowing the password of the user at all.
Drawings
Fig. 1 is a system topology diagram corresponding to the protocol proxy password pass-through authentication method of the present invention.
Detailed Description
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings, and it should be understood that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments, and therefore should not be considered as limiting the scope of protection. All other embodiments, which can be obtained by a person skilled in the art without any inventive step based on the embodiments of the present invention, are within the scope of the present invention.
Example 1:
since the authentication process in each connection in the application layer connection protocol of the Mysql server needs to be matched with the seed negotiated in the connection for encryption, the encryption seed of each connection established is different.
If a proxy exists in the connected link, two TCP connections will occur in the current connection, that is, two authentication links, resulting in a connection TCP A from the Mysql client to the proxy and a connection TCP B from the proxy to the Mysql server, where the authentication encryption seeds in TCP A and TCP B are different. And because the proxy end does not know the authentication password, the proxy end cannot directly transfer the encrypted authentication data in the connection TCP A to the channel of the connection TCP B to complete authentication, and the proxy end cannot directly combine the encryption seed in the connection TCP B with the authentication password to complete the authentication of the connection TCP B.
Therefore, for the two connections of the connection TCP a and the connection TCP B, it becomes a technical difficulty how to let the Mysql client calculate the authentication encrypted data that can be recognized by the Mysql server.
The embodiment provides a protocol proxy password penetration authentication method applied to a MySQL system, which uses the authswitch characteristic of a Mysql protocol to enable a proxy end to hold two authentication encryption seeds for connecting two connections of a TCP A and a TCP B at the same time, so that the proxy end can exchange the authentication encryption seeds in the TCP B to the connection of the TCP A in an authswitch mode, the second password calculation can be completed at a MySQL client, then the second password result is sent to a proxy section through the connection TCP A, the proxy end can directly send the MySQL server through the connection TCP B to complete the one-time penetration authentication request, and thus the penetration authentication proxy in two TCP connections at one time is completed.
The specific operation is as follows: and the user opens the Mysql client, fills a login name N, a login password P and an access address IP in a newly-built connection frame, and clicks a 'connection button' after the completion of the filling to start executing the protocol proxy password penetration authentication method. Here, the access address IP is the connection address of the target MySQL server.
The protocol proxy password penetration authentication method comprises the following steps of S1-S10, and a corresponding system topology diagram is shown in FIG. 1.
Step S1: the MySQL client acquires a login name N, a login password P and an access address IP input by a user, and then initiates TCP connection to the agent.
Since the MySQL protocol is that the server starts sending messages first (the server speaks first), the MySQL client does not send any data to the agent in step S1. After the three-way handshake of the TCP is completed, the MySQL client starts to wait for the first initial packet message of the MySQL server. The initial packet message includes an authentication type B and an authentication encryption seed B1.
Step S2: and the proxy end generates an authentication type A and an authentication encryption seed A1 of the MySQL server, and sends an initial message T1 containing the authentication type A and the authentication encryption seed A1 of the MySQL server to the MySQL client after the TCP connection is established.
Step S3: the MySQL client analyzes the received initial message T1 to obtain an authentication type A and an authentication encryption seed A1; and then, the authentication data M1 is obtained by calculation according to the authentication type A, the authentication encryption seed A1 and the login password P input by the user.
In the step S3, the certification data M1 is calculated by MySQL driver provided by MySQL manufacturer, and this embodiment only needs to adopt the prior art to obtain the certification data. Through the design of the step, the login password P input by the user only appears on the computer for the login operation of the user all the time, and the agent end does not know.
Step S4: the MySQL client sends a request message S1 containing a client name, a client version, a login name N, authentication data M1 and an access address IP to the agent.
Step S5: the agent terminal receives the request message S1 and analyzes the message to obtain the access address IP; and then the proxy end initiates a TCP connection to the MySQL server.
After the agent terminal in the step S5 parses the request message S1, the authentication data M1 is discarded. Although the authentication data M1 is obtained in the parsing request message S1 in step S5, since the MySQL client uses the authentication data M1 calculated by the authentication type a and the authentication encryption seed a1 generated by the proxy, and there is no effect on the proxy connecting the MySQL server, M1 is discarded.
Step S6: the MySQL server generates an authentication type B and an authentication encryption seed B1 of the MySQL server, and sends a server message S2 containing the authentication type B and the authentication encryption seed B1 of the MySQL server to the proxy after the TCP connection is established.
Step S7: the agent terminal analyzes the received server message S2 to obtain an authentication type B and an authentication encryption seed B1; and then according to the authentication type B and the authentication encryption seed B1, assembling an authswitch message T3, and replying the authswitch message T3 to the MySQL client.
The authentication type B and the authentication encryption seed B1 analyzed and obtained in the step S7 become data that the proxy end requests the MySQL client to perform authentication method switching. Therefore, according to the specification of the MySQL protocol, the proxy end uses the authentication type B and the authentication encryption seed B1 to construct an authswitch message T3, and then replies to the MySQL client.
Step S8: after receiving an authswitch message T3 from the proxy, the MySQL client analyzes to obtain an authentication type B and an authentication encryption seed B1; the MySQL client switches the authentication type A of the MySQL server into an authentication type B, and recalculates the password according to the login password P and the authentication encryption seed B1 to obtain a password P1; and then the authentication data M2 is obtained by calculation according to the authentication encryption seed B1 and the password P1.
Step S9: the MySQL client sends the authentication data M2 to the agent.
Step S10: the proxy side sends authentication data M2 to the MySQL server.
In the step S9, the MySQL client encapsulates the authentication data M2 into protocol data R1 and sends the protocol data R1 to the agent. In the step S10, the proxy terminal analyzes the received protocol data R1, encapsulates the protocol data R2, and sends the encapsulated protocol data R2 to the MySQL server. Thereafter, the MySQL server replies to the authentication data M2 with a message of OK type, that is, the authentication is successful, and the MySQL server replies to the authentication data M2 with a message of ERROR type, that is, the authentication is unsuccessful. However, for the proxy, the processing flows of successful authentication and unsuccessful authentication are consistent, and after the authentication data M2 is sent to the MySQL server through the proxy, the proxy will immediately enter a full forwarding state. That is to say, the MySQL server can receive the OK packet after successfully authenticating the OK packet, the MySQL client can receive the ERROR packet that the MySQL server fails to authenticate, and the MySQL client can also receive the ERROR packet.
In the method of this embodiment, the authentication encryption seed a1 and the authentication encryption seed B1 are both generated from the role of the server, but since the protocol proxy, i.e., the proxy end, appears in the middle of the TCP link, the MySQL client may misunderstand the proxy end as the MySQL server, and at this time, in order to maintain a normal protocol processing flow, the proxy end needs to play the role of the MySQL server. Therefore, in this embodiment, the agent generates two data, i.e., the authentication type a and the authentication encryption seed a 1.
The authentication type A and the authentication type B are authentication type data supported by the Mysql system; the authentication type supported by the MySQL system comprises three modes: native, cachesha2, old, and the corresponding authentication type data is Native plug, cache SHA-2, Cleartext.
Authentication type B is related to the version of MySQL server. Each version will have a default configuration, although modifications are possible. The authentication encryption seed B1 is a random character generated by various random factors such as time, and similarly, the authentication encryption seed a1 at the proxy side is also generated randomly.
Example 2:
the embodiment proposes an electronic device, comprising a memory and a processor; the memory for storing a computer program; the processor is configured to execute the computer program to implement the protocol proxy password traversal authentication method according to embodiment 1.
Example 3:
the present embodiment proposes a computer-readable storage medium storing a computer program that, when executed by a processor, implements the protocol proxy password traversal authentication method described in embodiment 1.
The above description is only a preferred embodiment of the present invention, and is not intended to limit the present invention in any way, and all simple modifications and equivalent variations of the above embodiments according to the technical spirit of the present invention are included in the scope of the present invention.

Claims (8)

1. A protocol proxy password penetration authentication method applied to a MySQL system is characterized by comprising the following steps:
step S1: the MySQL client acquires a login name N, a login password P and an access address IP input by a user, and then initiates TCP connection to the agent end;
step S2: the proxy end generates an authentication type A and an authentication encryption seed A1 of the MySQL server, and sends an initial message T1 containing the authentication type A and the authentication encryption seed A1 of the MySQL server to the MySQL client end after the TCP connection is established;
step S3: the MySQL client analyzes the received initial message T1 to obtain an authentication type A and an authentication encryption seed A1; then, according to the authentication type A, the authentication encryption seed A1 and a login password P input by a user, authentication data M1 is obtained through calculation;
step S4: the MySQL client sends a request message S1 containing a client name, a client version, a login name N, authentication data M1 and an access address IP to an agent end;
step S5: the agent terminal receives the request message S1 and analyzes the message to obtain the access address IP; then, the proxy end initiates TCP connection to the MySQL server;
step S6: the MySQL server generates an authentication type B and an authentication encryption seed B1 of the MySQL server, and sends a server message S2 containing the authentication type B and the authentication encryption seed B1 of the MySQL server to the proxy end after the TCP connection is established;
step S7: the agent terminal analyzes the received server message S2 to obtain an authentication type B and an authentication encryption seed B1; then according to the authentication type B and the authentication encryption seed B1, an authswitch message T3 is assembled, and the authswitch message T3 is replied to the MySQL client;
step S8: after receiving an authswitch message T3 from the proxy, the MySQL client analyzes to obtain an authentication type B and an authentication encryption seed B1; the MySQL client switches the authentication type A of the MySQL server into an authentication type B, and recalculates the password according to the login password P and the authentication encryption seed B1 to obtain a password P1; then, the authentication data M2 is obtained by calculation according to the authentication encryption seed B1 and the password P1;
step S9: the MySQL client sends the authentication data M2 to the agent end;
step S10: the proxy side sends authentication data M2 to the MySQL server.
2. The protocol proxy password penetration authentication method applied to the Mysql system as claimed in claim 1, wherein the authentication data M1 is discarded after the proxy side parses the request message S1 in step S5.
3. The protocol proxy password penetration authentication method applied to the Mysql system in claim 1, wherein the authentication encryption seed A1 is a random string.
4. The protocol proxy password penetration authentication method applied to the Mysql system in claim 1, wherein the authentication encryption seed B1 is a random string.
5. The protocol proxy password penetration authentication method applied to the Mysql system as claimed in claim 1, wherein the Mysql client encapsulates the authentication data M2 into protocol data R1 and sends the protocol data R1 to the proxy side in step S9.
6. The method as claimed in claim 5, wherein the proxy server in step S10 parses the received protocol data R1, encapsulates the protocol data R2, and sends the encapsulated protocol data R2 to the Mysql server.
7. An electronic device comprising a memory and a processor; the method is characterized in that:
the memory for storing a computer program;
the processor, configured to execute the computer program to implement the protocol proxy password pass-through authentication method of any one of claims 1 to 6.
8. A computer-readable storage medium for storing a computer program which, when executed by a processor, implements the protocol proxy password traversal authentication method as claimed in any one of claims 1 to 6.
CN202110930414.4A 2021-08-13 2021-08-13 Protocol proxy password penetration authentication method applied to MySQL system Active CN113765893B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110930414.4A CN113765893B (en) 2021-08-13 2021-08-13 Protocol proxy password penetration authentication method applied to MySQL system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110930414.4A CN113765893B (en) 2021-08-13 2021-08-13 Protocol proxy password penetration authentication method applied to MySQL system

Publications (2)

Publication Number Publication Date
CN113765893A true CN113765893A (en) 2021-12-07
CN113765893B CN113765893B (en) 2023-07-07

Family

ID=78789296

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110930414.4A Active CN113765893B (en) 2021-08-13 2021-08-13 Protocol proxy password penetration authentication method applied to MySQL system

Country Status (1)

Country Link
CN (1) CN113765893B (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020157019A1 (en) * 2001-04-19 2002-10-24 Kadyk Donald J. Negotiating secure connections through a proxy server
CN101436936A (en) * 2008-12-15 2009-05-20 中兴通讯股份有限公司 Access authentication method and system based on DHCP protocol
CN101521675A (en) * 2009-03-23 2009-09-02 成都市华为赛门铁克科技有限公司 User certification method and device
CN103155518A (en) * 2010-10-15 2013-06-12 瑞典爱立信有限公司 Multipath transmission control protocol proxy
CN107566473A (en) * 2017-08-28 2018-01-09 南京南瑞继保电气有限公司 A kind of electric power secondary system equipment check method
CN108833487A (en) * 2018-05-23 2018-11-16 南京大学 A kind of TCP transmission protocol agent method
CN111695152A (en) * 2020-05-26 2020-09-22 东南大学 MySQL database protection method based on security agent

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020157019A1 (en) * 2001-04-19 2002-10-24 Kadyk Donald J. Negotiating secure connections through a proxy server
CN101436936A (en) * 2008-12-15 2009-05-20 中兴通讯股份有限公司 Access authentication method and system based on DHCP protocol
CN101521675A (en) * 2009-03-23 2009-09-02 成都市华为赛门铁克科技有限公司 User certification method and device
CN103155518A (en) * 2010-10-15 2013-06-12 瑞典爱立信有限公司 Multipath transmission control protocol proxy
CN107566473A (en) * 2017-08-28 2018-01-09 南京南瑞继保电气有限公司 A kind of electric power secondary system equipment check method
CN108833487A (en) * 2018-05-23 2018-11-16 南京大学 A kind of TCP transmission protocol agent method
CN111695152A (en) * 2020-05-26 2020-09-22 东南大学 MySQL database protection method based on security agent

Also Published As

Publication number Publication date
CN113765893B (en) 2023-07-07

Similar Documents

Publication Publication Date Title
Saint-Andre RFC 6120: extensible messaging and presence protocol (XMPP): core
US9866556B2 (en) Common internet file system proxy authentication of multiple servers
US11140162B2 (en) Response method and system in virtual network computing authentication, and proxy server
Saint-Andre Extensible messaging and presence protocol (XMPP): Core
CN104135494B (en) A kind of same account untrusted terminal logs in method and system based on trusted terminal
US7793342B1 (en) Single sign-on with basic authentication for a transparent proxy
US7191467B1 (en) Method and system of integrating third party authentication into internet browser code
US8819800B2 (en) Protecting user information
US7562146B2 (en) Encapsulating protocol for session persistence and reliability
US20080222714A1 (en) System and method for authentication upon network attachment
CN110365741B (en) Connection establishing method and transfer server
US9350711B2 (en) Data transmission method, system, and apparatus
CN103503408A (en) System and method for providing access credentials
CN101714978A (en) SIP signaling without constant re-authentication
CN106330816A (en) Method and system for logging in cloud desktop
CN105306433B (en) A kind of method and apparatus accessing virtual machine server
WO2014135050A1 (en) Message processing method, device, gateway, set-top box and internet protocol television system
US20160156623A1 (en) Method and System for Transmitting and Receiving Data, Method and Device for Processing Message
CN110138779B (en) Hadoop platform safety management and control method based on multi-protocol reverse proxy
US20170041785A1 (en) Generic bootstrapping architecture protocol
CN105722072A (en) Business authorization method, device, system and router
US11528326B2 (en) Method of activating processes applied to a data session
US10749731B2 (en) Facilitating secure communication between a client device and an application server
CN112583599B (en) Communication method and device
JP7025684B2 (en) Proxy authentication system, proxy authentication method, program

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant