CN1694451A - Distribution network system monitoring protocol - Google Patents
Distribution network system monitoring protocol Download PDFInfo
- Publication number
- CN1694451A CN1694451A CN 200410102954 CN200410102954A CN1694451A CN 1694451 A CN1694451 A CN 1694451A CN 200410102954 CN200410102954 CN 200410102954 CN 200410102954 A CN200410102954 A CN 200410102954A CN 1694451 A CN1694451 A CN 1694451A
- Authority
- CN
- China
- Prior art keywords
- message
- subsystem
- information
- scheduler
- monitor
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Computer And Data Communications (AREA)
Abstract
The present invention discloses a distribution network system monitoring protocol. When sending information, this protocol transfer the relative information to the scheduler, the information processor prepares well the head message of the information as well as the original loading field part and then attempers the safety child system, the safety child system encrypts and identification processes the information and then feedbacking the parameter of the encrypt and the identification to the information processing child system, the information processing child system prepares well the information and sends to the scheduler, then the scheduler maps the information to the transmission mapping component and sends them. When receiving the information, the transmission mapping component transfers the received information and address information to the scheduler, the scheduler attempers the information processor to analyze the information and recoveries the various fields, the information processor attempers the safety processing child system to validate the identification information and decrypt the encrypted information, then the information processor feedbacks the recovery information to the scheduler, the scheduler transfers those information to the application which needs them.
Description
Technical field
The present invention relates to a kind of distribution network system monitoring protocol, be used to realize having the safety management platform of close coupling structure, belong to field of information security technology.
Background technology
China's E-Government, ecommerce and army's informatization such as fire are like the bitter edible plant.All departments are more and more higher to the requirement of protecting information safety.Original single, simple protecting information safety theory, as rely on a certain information security mechanism to run the whole show, or fighting separately or simply pile up and deal with network security threats complicated, dynamic, multidimensional, the growing objective requirement of incompatibility information security already by several safety information products.But in that in fact this phenomenon is very serious.The user often piles up safety product when on-premise network system safety protection system simply.Owing to there is the protection blind area between the different product, can't organic management and collaborative, increased management cost and administrative burden greatly, return network system simultaneously and introduced new potential safety hazard.
If can on a unified management platform, realize unified management and deployment to different safety products and equipment, organic collaborative different product protects jointly under the control of an integral body and scheduling framework, will improve the intensity of security protection mechanism when reducing the safety management cost greatly greatly.This is market and use active demand to the network security comprehensive management platform just also.
But, the network security comprehensive management platform needs the function of each secure subsystem that organic integration and control uses in the distributed environment but not only simply piles up, a unification, otherwise effective technique system framework and bottom communication mechanism must be arranged, must guarantee the tight security of platform internal control, communication simultaneously, prevent that the network that is deployed as of monitor supervision platform from introducing new potential safety hazard.This just must from the level of system architecture and product engine to different safety products and system be coupled, collaborative and management, the management platform that we claim this class to carry out degree of depth coupling in product architecture and system's engine level is a close coupling structural safety management platform.For realizing above-mentioned close coupling structural safety management platform, still exist series of technical to need to solve.
Summary of the invention
The purpose of this invention is to provide a kind of security protocol of unifying safety management and supervisory control system in distributed environment, this agreement can be used to realize having the safety management platform of close coupling structure.
For achieving the above object, the present invention adopts following technical scheme:
A kind of distribution network system monitoring protocol, be applied to have in the distributed network of Surveillance center and most Monitor And Control Subsystems, Surveillance center controls the coordination of each Monitor And Control Subsystem, Surveillance center and Monitor And Control Subsystem comprise that all scheduler, Message Processing subsystem, secure subsystem, monitor message upgrade/obtain subsystem, upper layer application and transmission map assembly, it is characterized in that:
When 1) sending message, the type of message that application will send, the encoding D stSysID of message load and goal systems passes to scheduler, scheduler request message processing subsystem is prepared a piece of news, message handling device is ready to removing of message and encrypts, header fields that discrimination parameter is outer and original load body field part, and call secure subsystem, secure subsystem encrypts and differentiates processing according to the message relevant field that message handling device transmits to message, to encrypt with discrimination parameter and return to the Message Processing subsystem, the Message Processing subsystem is ready to message and sends to scheduler, and scheduler sends ready transmission message maps to the transmission map assembly;
2) when receiving message, the transmission map assembly passes to scheduler with message and the address information that receives, the dispatcher invokes message handling device is analyzed message, recover different fields, message handling device calls the safe handling subsystem authentication information is verified, information encrypted is decrypted operation, and the message after message handling device will recover returns to scheduler, and scheduler passes to the application that needs to receive this message.
Encryption identification privateFlag in the sign Flags field of the message header that this safe handling subsystem transmits according to message handling device and authorize the situation that is provided with of sign authFlag sign position message to be encrypted and differentiated processing.
This safe handling subsystem is further filled authorization parameter AuthParam and encryption parameter PrivateParam field, then ready message is returned to the Message Processing subsystem.
This type of message comprises at least three fields, first field is encoded to the data transmission between Surveillance center and different sub-systems, second field is encoded to the control messages that subsystem sends to Surveillance center, and the 3rd field is used for the affirmation message between the expression system.
Surveillance center carries out Unified coding to different subsystems, at the coding schedule of run duration maintenance subsystem, finishes the mapping of system coding to actual address by the transmission map assembly.
Each Monitor And Control Subsystem information chained list when this Surveillance center safeguards an operation, this each Monitor And Control Subsystem information chained list has been preserved system coding, the network address, listening port, the system type of each subsystem.
The connection request of subsystem is monitored by this Surveillance center, and the subsystem that sends connection request is added chained list.
This Surveillance center receives the registration message of subsystem, for this subsystem produces unique system coding, and with acknowledge message this system coding is beamed back this subsystem.
After this Monitor And Control Subsystem is received acknowledge message, judge whether it is registration confirmation message, if then, in subsequent communications, use this system coding with the value of global variable register system coding; Judge it is not registration confirmation message, then resolve this message and handle.
The control command of this Surveillance center's response application layer judges whether it is the file transfer order, if then set up one with specific Monitor And Control Subsystem and new be connected and send connection request and file request to Monitor And Control Subsystem; If not the file transfer order, then send corresponding message to Monitor And Control Subsystem in the connection of when Monitor And Control Subsystem is registered, having set up.
Distribution network system monitoring protocol provided by the present invention can provide enough fail safe services, guarantee the transmission security of internal control instruction and monitor data, guarantee the general safety of platform, avoid introducing potential safety hazard, can also guarantee the reliability of communication information transmission simultaneously.
Description of drawings
The present invention is further illustrated below in conjunction with the drawings and specific embodiments.
Fig. 1 is the logical construction block diagram of distribution network system monitoring protocol of the present invention.
Fig. 2 is the internal services schematic diagram of distribution network system monitoring protocol of the present invention.
Fig. 3 supervises the operational process schematic diagram of the network security comprehensive management platform of agreement for using this distributed network security.
Embodiment
With reference to figure 1, the invention discloses a kind of be used for distributed environment network security comprehensive management platform security protocol.
The network security comprehensive management platform needs organic integration and controls each secure subsystem of using in the distributed environment.The network security comprehensive management platform comprises Surveillance center and most Monitor And Control Subsystems.Surveillance center gets in touch by bottom communication mechanism and most Monitor And Control Subsystems, by the control of Surveillance center's coordination to each Monitor And Control Subsystem.Surveillance center and Monitor And Control Subsystem comprise that all scheduler, Message Processing subsystem, secure subsystem, monitor message upgrade/obtain primary clusterings such as subsystem, upper layer application and transmission map.Different inter-modules are finished the integrated communication task of platform jointly by the communication service support that service primitive provides.
Provide message format below for example.
Message comprises leader and load (Message Body) two parts, and wherein the message leader comprises protocol version (Version), message sequence number (ID), type of message (Type), sign (Flags), acknowledge message sequence number (AckID), loaded length (BodyLength), origin system coding (SrcSysID), goal systems coding (DstSysID), authorizes sign (authenFlag) and encryption identification (privateFlag).In the present embodiment, identifying (Flags) is 8 byte long fields, and wherein high 5 reservations are usefulness not, and low 3 is to need to confirm position (needAck), mandate sign (authenFlag), encryption identification (privateFlag) from high to low successively.Need to confirm that (needAck) puts 1 this message of expression and need to confirm, confirm to need to retransmit if receive; AuthenFlag puts 1 expression message to be needed to differentiate that the authentication code of 12 bytes is placed in the AuthParam field; PrivateFlag puts 1 expression message body to be needed to encrypt, and this moment, the salt value of 8 bytes need be put in the PrivateParam field.System's regulation does not allow to occur the authenFlag=0 situation of privateFlag=1 simultaneously.The Salt value is a position word string of CRYPT () function in the existing DES algorithm, can influence the private mark of encrypting, and further gets rid of the possibility that precomputation is attacked.
The type of pass-along message (Type) has directly determined the data format among the message body and the semanteme of message.For guaranteeing extensibility, the type of message coding is decided to be 32, high 16 reservations are not used.Low 16 are divided into 4 fields, and per 4 fields are represented different type of message implications respectively.For ease of describing, four fields are called first field, second field, the 3rd field and the 4th field successively from the low level to a high position.
| Keep the position | The 4th field | The 3rd field | Second field | First field |
| 16 | 4 | 4 | 4 | 4 |
First field is encoded to the data transmission between Surveillance center and different sub-systems, second field is encoded as startup, halt system instruction etc. to the control messages that subsystem sends to Surveillance center, the 3rd field is encoded to the complementary message of systemic-functions such as registration message, heartbeat message, and the 4th field is used for the affirmation message between the expression system.
For first field, because different subsystem and Surveillance center need transmission safety data and information difference bigger, need carry out concrete coding to each different subsystem, this moment is meaningful when a coding is only communicated by letter with Surveillance center at this specific subsystem, may represent different implications for other subsystem.Present embodiment only carries out example definitions to the message coding of general character.
| ??Message?Header | FilePathName (indefinite) |
√ 1001: file begins transmission
√ 1010: in the document transmission process
√ 1011: end of file transfer
Annotate: if file just can end of transmission in a piece of news, direct coding is 1011 so.The control messages that the second field identification Surveillance center sends to subsystem:
1000: start Monitor And Control Subsystem
1001: close Monitor And Control Subsystem
Need in the timing controlled message time announcement subsystem regularly, the form of its message body is as follows:
| Open the time (2 byte) | Open month (1 byte) | Open day (1 byte) | Open hour (1 byte) | Open minute (1 byte) |
| Finish the time: (2 byte) | Finish month (1 byte) | Closing day (1 byte) | Finish hour (1 byte) | Finish minute (1 byte) |
1101: key updating message
Control desk upgrades by the key of this message to subsystem, leaves in after new key is encrypted by old key in the messagebody part of this message to send.Form is as follows:
| ?Message?Header | ????Ekold(Knew) |
Subsystem should send an acknowledge message key updating message is confirmed after receiving this message and successful more new key.
The 3rd field is encoded to system functionality message, and main message kind is as follows:
When going wrong in the Message Processing, by the transmitting terminal of Report message informing corresponding message, and indicate the reason of problem, handle for transmitting terminal.Its message format is as follows:
16 Type coding indicates the type of Report message, and the roughly reason of Report appears in indication, and the Description field is pointed out the reason that goes wrong in detail, uses for daily record.The coding of Type has following type at present:
| Sequence number | ???Type | Implication |
| ???1 | ??0x0001 | The Message Authentication Code authentication error |
| ???2 | ??0x0002 | This information is had no right to visit in the request end |
| ???3 | ??0x0003 | PrivateFlag=1 appears, the situation of authenFlag=0 |
0010: registration message
Subsystem starts the back and initiatively initiates the TCP connection to Surveillance center, after connecting, by system type, address of service and the port numbers of registration message to Surveillance center's registration oneself.Its form is as follows:
After Surveillance center receives message,, and notify this subsystem by acknowledge message for subsystem produces coding.
System type is the coding of a 8bit, and Surveillance center manages accordingly by the type of this each subsystem of code identification and to dissimilar systems.The system type coding of supporting in the system platform at present is as follows:
| Sequence number | ??SysType | System type |
| ???1 | ????0x01 | The invasion early warning system |
| ???2 | ????0x02 | Vulnerability scanning and safety test system |
| ???3 | ????0x03 | Network Intrusion Detection System |
| ???4 | ????0x04 | Content filtering system |
| ???5 | ????0x05 | The security audit evidence-obtaining system |
| ???6 | ???0x06 | The host monitor system |
The system type that the system type coding of 8bit makes platform to support has 256 kinds, guarantees the extensibility of platform.
0011: heartbeat message
For ensureing the robustness of platform, each subsystem is by regularly sending the state that heartbeat message is informed platform oneself to control desk, if control desk does not receive the heartbeat message of subsystem in a period of time, it should initiatively send 0100 survival query messages, if subsystem can not be replied, the expression subsystem breaks down, and control desk can in time be found the fault of subsystem and take measures like this.
The message format of heartbeat message is identical with the registration message of subsystem, and when control desk received the heartbeat message of subsystem, it upgraded Sub-system Number, the address of service mapping table of its maintenance, and upgrades " recent renewal time " field of this table.
0100: the survival query messages
If control desk does not receive the heartbeat message of subsystem in a period of time, it is inquired about the existing state of subsystem by the type message, if subsystem receives and send heartbeat message and reply, if subsystem can not be replied, the expression subsystem breaks down.
The messagebody of this message partly is empty.
The 4th field is represented the affirmation message between system
1000: Surveillance center sends confirmation to Monitor And Control Subsystem.
In acknowledge message, the AckID field of message is pointed out the message number confirmed; The bodylength of this message is 0 generally speaking, has only a kind of situation exception: Surveillance center comprises one 16 Sub-system Number after receiving the registration message of subsystem in the message to its affirmation.
Because Surveillance center needs a plurality of subsystems of management control simultaneously, for the ease of message route between different system, different systems is carried out Unified coding, makes and can utilize system coding to carry out message route easily in message.System partly finishes the mapping of system coding to actual address (IP address, port numbers) at the coding schedule of run duration maintenance system by transmission map.
System coding is one 16 a numeral, and Surveillance center's regular coding is 0x0001, and other subsystem increases progressively coding successively according to its order to Surveillance center's registration.Surveillance center receives behind the registration message of subsystem to subsystem produces coding and sends an acknowledge message to subsystem, notifies its coding of run duration this time, and Monitor And Control Subsystem is preserved this coding and is used for the communication in later stage.SrcSysID in the message and DstSysID represent the transmission origin system of message and the coding of goal systems respectively.
Below with reference to Fig. 2 and message format for example, specify distribution network system monitoring protocol of the present invention and finish communicating by letter of platform with parameter as primitive how.
At Surveillance center or Monitor And Control Subsystem, application need sends a piece of news when finishing a certain task to other system, utilizes the coding (DstSysID) that sends type of message, message load and goal systems that message (SendMsg) primitive will send to pass to scheduler.The scheduler utilization is prepared message (PrepareMsg) primitives Message Processing subsystem and is prepared a piece of news, this moment, message handling device was ready to the header fields except that encryption, discrimination parameter of message and original load (body) field part, and utilized the security information that authentication information (GenerateSecInfo) primitive calls processing messages in the secure subsystem that produces.Encryption identification (privateFlag) in sign (Flags) field of the message header that the safe handling subsystem transmits according to message handling device and authorize the situation that is provided with of sign (authFlag) sign position message to be encrypted and differentiated processing, and filling authorization parameter (AuthParam) and encryption parameter (PrivateParam) field, then ready message is returned to the Message Processing subsystem, after this preparation message (PrepareMsg) primitive of scheduler returns from message handling device, and ready transmission message maps is sent to the transmission map assembly.
When receiving message, the transmission service passes to scheduler with the message and the address information that receive, and the scheduler utilization is analyzed (AnalyzeElements) primitive message call processor message is analyzed, and recovers different fields.Message handling device calls the safe handling subsystem by checking authentication information (ParseSecInfo) primitive authentication information is verified, information encrypted is decrypted operation, determines according to access control rule whether the request of this message is allowed to simultaneously.If authentication information is incorrect, description messages is modified, and should abandon this message and produce a report (Report) message this situation is described this moment.If the request of message can not be allowed to, should abandon this message and produce a report (Report) message this situation is described.Message after scheduler will recover fully passes to the application that receives this message by processing messages (ProcessMsg) primitive and handles.
With reference to figure 3, network security comprehensive management platform running is as follows: Surveillance center at first starts, and monitors 8668 ports, and Monitor And Control Subsystem when operation is from being dynamically connected Surveillance center and send connection request and registration message is registered.Mutual for ease of with Surveillance center, subsystem is also created one and is monitored socket, monitors 8669 ports.
The connection request of subsystem is received by Surveillance center, produces new CIDStarClientSocket and CIDStarClientSocket is joined in socket (socket) chained list.
In order simultaneously to communicate control with a plurality of subsystems, monitoring center system is in service each Monitor And Control Subsystem information chained list when needing to safeguard an operation is preserved different sub-systems some important state information at the monitoring center system run duration in this table.The structure of this table is as follows:
In chained list, preserved system coding (SysID), the network address (IPAdress), listening port (ListenPort), system type (SysType), authorization code (AuthKey), private key (PrivateKey), the update time information such as (UpdateTime) of each subsystem.Communication socket (socket) implementation for Surveillance center, derive from CIDStarListenSocket and CIDStarClientSocket class from the CScoket class, and redefine its OnAccept and OnReceive function respectively, be mapped to the OnAccept and the OnReceive function of CmainFrame class respectively.The Csocket here, CIDStarListenSocket, CIDStarClientSocket and CmainFrame are the function classes in the VC development library, and OnAccept and OnReceive are the stock events of these classes.As prior art, just do not given unnecessary details at this.
Monitoring center system is answered the node in this chained list of regular check, if the latest update time (UpdateTime) surpasses set point, as 600 seconds, then should send the survival Probe Messages and carry out status poll, the subsystem that breaks down with timely discovery corresponding Monitor And Control Subsystem.
When connecting with Monitor And Control Subsystem, supervisory control system is after producing new CIDStarClientSocket, also respond the OnReceive incident of ClientSocket, information chained list when producing unique system coding (SysID), foundation operation, and update system monitoring view for this Monitor And Control Subsystem.Surveillance center is notified to this system coding of Monitor And Control Subsystem (SysID) in returning the affirmation message of subsystem.Monitor And Control Subsystem is a registration message through judgement after receiving system coding (SysID), will write down the value of SysID with global variable, is used for subsequent communications.If the control command from application layer is received by Surveillance center, then judge whether to be file transfer requests earlier, if not, then directly send this control command to subsystem.After subsystem receives control command, judge and be not registration message, then resolve accordingly and handle.If what sent on the application upper strata of Surveillance center is the file transfer order, then Surveillance center sends the request of connecting to subsystem earlier, concurrent outfile transmission request.At this moment, Monitor And Control Subsystem is known connection request and file transfer requests that Surveillance center sends by constantly monitoring 8669 ports, then receives request, and sends the message that sends message (SendMsg) primitive to Surveillance center.Surveillance center's application layer sends message and receives (RecvMsg) primitive, and process ends.
For the safety that guarantees to communicate by letter, in distribution network system monitoring protocol of the present invention, introduce the mechanism of differentiating and encrypting, Surveillance center and each subsystem are safeguarded two keys simultaneously: encryption key and authentication key.Utilize HMAC Message Authentication Code mechanism to carry out user's discriminating, utilize MD5 to use of the input of 128 authentication keys as hmac algorithm as the bottom hash function, and intercepting in 128 outputs 96 as Message Authentication Code, this authentication code is placed in the AthenParam field of message transfer.
Distribution network system monitoring protocol of the present invention uses the CBC pattern of DES algorithm to encrypt, with the key of one 16 byte as input, preceding 8 bytes of this key are as DES key (neglecting the lowest order of each byte), 8 bytes in back are as pre-IV, produce the salt value of one 8 byte during each the encryption at random, xor operation is carried out in salt value and pre-IV step-by-step produce IV, use different IV at every turn when guaranteeing to encrypt.The Salt value is placed among the PrivateParam of message, so that receiving entity can calculate correct IV.The calculating of key and more new capital be to utilize the algorithm that defines among the RFC2274 that user's password is mapped to the key of 16 bytes, to avoid in the fixed memory medium of system, storing key, cause risk.
For the those skilled in the art in present technique field, within the protection range that the various conspicuous change of under the situation of spirit that does not deviate from the method for the invention and claim scope it being carried out is all being invented.
Claims (10)
1. distribution network system monitoring protocol, be applied to have in the distributed network of Surveillance center and most Monitor And Control Subsystems, Surveillance center controls the coordination of each Monitor And Control Subsystem, Surveillance center and Monitor And Control Subsystem comprise that all scheduler, Message Processing subsystem, secure subsystem, monitor message upgrade/obtain subsystem, upper layer application and transmission map assembly, it is characterized in that:
When 1) sending message, the type of message that application will send, the coding of message load and goal systems passes to scheduler, scheduler request message processing subsystem is prepared a piece of news, message handling device is ready to removing of message and encrypts, header fields that discrimination parameter is outer and original load body field part, and call secure subsystem, secure subsystem encrypts and differentiates processing according to the message relevant field that message handling device transmits to message, to encrypt with discrimination parameter and return to the Message Processing subsystem, the Message Processing subsystem is ready to message and sends to scheduler, and described scheduler sends ready transmission message maps to the transmission map assembly;
2) when receiving message, the transmission map assembly passes to scheduler with message and the address information that receives, the dispatcher invokes message handling device is analyzed message, recover different fields, message handling device calls the safe handling subsystem authentication information is verified, information encrypted is decrypted operation, and the message after message handling device will recover returns to scheduler, and scheduler passes to the application that needs to receive this message.
2. distribution network system monitoring protocol as claimed in claim 1 is characterized in that:
Encryption identification in the identification field of the message header that this safe handling subsystem transmits according to message handling device and authorize the situation that is provided with of sign sign position message to be encrypted and differentiated processing.
3. distribution network system monitoring protocol as claimed in claim 2 is characterized in that:
This safe handling subsystem is further filled authorization parameter and encryption parameter field, then ready message is returned to the Message Processing subsystem.
4. distribution network system monitoring protocol as claimed in claim 1 is characterized in that:
This type of message comprises at least three fields, first field is encoded to the data transmission between Surveillance center and different sub-systems, second field is encoded to the control messages that subsystem sends to Surveillance center, and the 3rd field is used for the affirmation message between the expression system.
5. distribution network system monitoring protocol as claimed in claim 1 is characterized in that:
Surveillance center carries out Unified coding to different subsystems, at the coding schedule of run duration maintenance subsystem, finishes the mapping of system coding to actual address by the transmission map assembly.
6. distribution network system monitoring protocol as claimed in claim 1 is characterized in that:
Each Monitor And Control Subsystem information chained list when this Surveillance center safeguards an operation, this each Monitor And Control Subsystem information chained list has been preserved system coding, the network address, listening port, the system type of each subsystem.
7. distribution network system monitoring protocol as claimed in claim 6 is characterized in that:
The connection request of subsystem is monitored by this Surveillance center, and the subsystem that sends connection request is added chained list.
8. distribution network system monitoring protocol as claimed in claim 7 is characterized in that:
This Surveillance center receives the registration message of subsystem, for this subsystem produces unique system coding, and with acknowledge message this system coding is beamed back this subsystem.
9. distribution network system monitoring protocol as claimed in claim 8 is characterized in that:
After this Monitor And Control Subsystem is received acknowledge message, judge whether it is registration confirmation message, if then, in subsequent communications, use this system coding with the value of global variable register system coding; Judge it is not registration confirmation message, then resolve this message and handle.
10. distribution network system monitoring protocol as claimed in claim 8 is characterized in that:
The control command of this Surveillance center's response application layer judges whether it is the file transfer order, if then set up one with specific Monitor And Control Subsystem and new be connected and send connection request and file request to Monitor And Control Subsystem; If not the file transfer order, then send corresponding message to Monitor And Control Subsystem in the connection of when Monitor And Control Subsystem is registered, having set up.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB200410102954XA CN100471198C (en) | 2004-10-29 | 2004-12-30 | Distribution network system monitoring protocol |
Applications Claiming Priority (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200410009735 | 2004-10-29 | ||
| CN200410009735.7 | 2004-10-29 | ||
| CNB200410102954XA CN100471198C (en) | 2004-10-29 | 2004-12-30 | Distribution network system monitoring protocol |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1694451A true CN1694451A (en) | 2005-11-09 |
| CN100471198C CN100471198C (en) | 2009-03-18 |
Family
ID=35353251
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB200410102954XA Expired - Fee Related CN100471198C (en) | 2004-10-29 | 2004-12-30 | Distribution network system monitoring protocol |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100471198C (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101621541A (en) * | 2008-07-02 | 2010-01-06 | Sap门户以色列有限公司 | Method and apparatus for distributed application context-aware transaction processing |
| CN101123538B (en) * | 2007-09-11 | 2010-06-02 | 东南大学 | Remote encryption and supervision method for communication interfaces of wireless local network |
| CN101222377B (en) * | 2007-11-23 | 2010-12-22 | 深圳国人通信有限公司 | Method and device for processing slave machine parameter in distributed master-salve machine communication |
| CN102948128A (en) * | 2010-06-22 | 2013-02-27 | 熵通信有限公司 | Secure node admission in a communication network |
| CN103916397A (en) * | 2014-04-13 | 2014-07-09 | 北京工业大学 | Safety monitoring method under distributed network environment |
-
2004
- 2004-12-30 CN CNB200410102954XA patent/CN100471198C/en not_active Expired - Fee Related
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101123538B (en) * | 2007-09-11 | 2010-06-02 | 东南大学 | Remote encryption and supervision method for communication interfaces of wireless local network |
| CN101222377B (en) * | 2007-11-23 | 2010-12-22 | 深圳国人通信有限公司 | Method and device for processing slave machine parameter in distributed master-salve machine communication |
| CN101621541A (en) * | 2008-07-02 | 2010-01-06 | Sap门户以色列有限公司 | Method and apparatus for distributed application context-aware transaction processing |
| CN102948128A (en) * | 2010-06-22 | 2013-02-27 | 熵通信有限公司 | Secure node admission in a communication network |
| CN103916397A (en) * | 2014-04-13 | 2014-07-09 | 北京工业大学 | Safety monitoring method under distributed network environment |
| CN103916397B (en) * | 2014-04-13 | 2017-09-29 | 北京工业大学 | Method for safety monitoring under a kind of distributed network environment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN100471198C (en) | 2009-03-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101669103B (en) | System and method for providing secure data transmission | |
| CN102804677B (en) | Discovery of secure network enclaves | |
| EP2002634B1 (en) | System for enforcing security policies on mobile communications devices | |
| CN1949765B (en) | Method and system for obtaining SSH host computer public key of device being managed | |
| CN1302634C (en) | Network connection system | |
| NZ544888A (en) | Methods, systems and devices for securing supervisory control and data acquisition (SCADA) communications | |
| CN1679066A (en) | Network attached encryption | |
| US20070266422A1 (en) | Centralized Dynamic Security Control for a Mobile Device Network | |
| CN1717893A (en) | Device keys | |
| WO2008109292A2 (en) | Methods, systems and devices for securing supervisory control and data acquisition (scada) communications | |
| CN1858738A (en) | Method and device for access data bank | |
| CN104094308A (en) | Authentication system for mobile devices for exchanging medical data | |
| CN102708324A (en) | Screen locker unlocking system and method | |
| CN1411291A (en) | Wireless equipment network managing method using multiple verification servers, verification server equipment and computer program product | |
| CN102006186A (en) | System for monitoring illegal external connection of intranet equipment and method thereof | |
| CN101833620A (en) | Custom security JDBC driver-based database protective method | |
| CN115357870A (en) | Authorization control method and system based on software | |
| CN1771691A (en) | Method, system and computer program for the secured management of network devices | |
| CN1694451A (en) | Distribution network system monitoring protocol | |
| CN1750534A (en) | EPA network safety management entity ad safety processing method | |
| CN107342963A (en) | A kind of secure virtual machine control method, system and the network equipment | |
| US20110289548A1 (en) | Guard Computer and a System for Connecting an External Device to a Physical Computer Network | |
| CN101030239A (en) | Account management system and method with secret function | |
| US20230007491A1 (en) | Managing a subscription identifier associated with a device | |
| US20190037030A1 (en) | Method for Pairing Internet-of-Things Devices to Cloud Services |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C17 | Cessation of patent right | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20090318 Termination date: 20121230 |