CN1859416A - Service network safety system structure plan based on reciprocity calculation - Google Patents
Service network safety system structure plan based on reciprocity calculation Download PDFInfo
- Publication number
- CN1859416A CN1859416A CN 200610037760 CN200610037760A CN1859416A CN 1859416 A CN1859416 A CN 1859416A CN 200610037760 CN200610037760 CN 200610037760 CN 200610037760 A CN200610037760 A CN 200610037760A CN 1859416 A CN1859416 A CN 1859416A
- Authority
- CN
- China
- Prior art keywords
- network
- access control
- security
- user
- peer
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Computer And Data Communications (AREA)
Abstract
The present invention relates to safe network architecture scheme based on equity calculative service network safety architecture. It utilizes equity calculation and worldwide web service security (ws-security) etc standard to construct safe service network to solve safety problem in distributed computation, said scheme leading network and worldwide web service safety concept to said safety architecture, combined with network safety specification to solve safety problem in distributed computation field. Compared with other service network architecture, said scheme stress in precondition of completing network function realizes service network architecture security and reliability. The present invented method stresses communication and safety in network, leading different kinds of extensible labeling language safety specification and strategy access control based different kinds of specification, to solve network confidentiality, integrality, non-repudiation and usability etc problem.
Description
Technical Field
The invention provides a service network architecture scheme focusing on security, which utilizes standards such as peer-to-peer computing and web service security (ws-security) to construct a secure service network to solve the security problem in distributed computing and belongs to the field of distributed computing security.
Background
The network technology is used as a new future computing mode, and aims to construct a dynamic virtual organization in a distributed, heterogeneous and autonomous network resource environment, realize resource sharing and resource cooperation across autonomous domains in the network technology, and effectively meet the requirements of internet-oriented complex application on large-scale computing capacity and mass data processing. The ideal goal of network computing is to make all resources on the network easy to work together, serve different network applications, and enable sharing and integration of applications of resources across organizations (autonomous domains). The range of network involvement is large and the concept is also broad. It includes computing networks, data networks, business networks, etc., and in addition, it includes currently existing network computing models such as peer-to-peer computing. Peer-to-Peer computing, also known as Peer-to-Peer (Peer-to-Peer) technology, is an essential difference from client/server (C/S) in that there is no central node (or central server) in the overall network structure. Each node (peer) has functions of three aspects of information consumers, information providers and information communication, and rights and obligations of the nodes are equal.
In recent years, web services technology has been rapidly developed and applied, which defines a set of web services protocol stack using extensible markup language (XML), and web services security mechanism represented by web services security ensures security in service interaction process, and provides a unified service registration, discovery, binding and integration mechanism facing internet application through open protocols and standards such as Simple Object Access Protocol (SOAP), Web Services Description Language (WSDL), unified description, discovery and integration (UDDI), web workflow language (WSFL), web services business process execution language (BPEL4WS), and the like, becoming a main mechanism for implementing interoperation in a wide area environment, and gaining wide acceptance in academic and industrial circles. Therefore, the web service technology greatly enhances the interoperability of network protocols and services, and also provides a uniform function extension mechanism for network applications. The domain-related functions can be extended into the network system by introducing new application services, and the interaction between the newly introduced services and other network services adopts a consistent service interaction model. The fusion not only solves the inter-operation problem among networks, but also enables the network application not to be limited in the aspect of scientific computing.
Therefore, after the network and the web service are integrated into a service network, because a large amount of network resources have distributivity, heterogeneity, autonomy and dynamic adaptability, when a task submitted by a network user uses the network resources, the network resources are most likely to be accessed across organizational domains such as virtual organizations, autonomous systems and the like, but in the existing research work, a functional model and an implementation mechanism of the service network are not explicitly provided, but security problems in the service network are not determined, so that a whole service network security architecture needs to be constructed, and the creation of access control strategies for the resources and the security of each layer of the web service in the service network are all problems which need attention.
Disclosureof Invention
The technical problem is as follows: the invention aims to provide a forming scheme of a service network security architecture based on peer-to-peer computing, which is used for solving the security problem in the field of distributed computing. Compared with other service network architectures, the scheme focuses on realizing the safety and reliability of the service network architecture on the premise of finishing the network function.
The technical scheme is as follows: the method of the invention emphasizes the communication and the security in the network, introduces various extensible markup language security specifications and various specifications such as access control based on the policy, and aims to solve the problems of confidentiality, integrity, resistance to denial, availability and the like in the network.
One, architecture
A security service network system structure based on peer-to-peer computing is a security realization for guaranteeing the network purpose, and manages and shares various resources on the network by taking a service as a center through a uniform standard interface. The system structure establishes a hierarchical security protection mechanism on the basis of realizing the basic functions of the network. Figure 1 shows a service-oriented security network hierarchy, which is a detailed planning and design of the various layers in combination with the currently proposed service-oriented network hierarchy, and introduces the concept of security, especially in the service agreements and standards layers and the basic service layer. The whole secure network hierarchical structure sequentially comprises a physical layer, an international internet layer, a secure service protocol and standard layer, a basic service layer, a special service layer and a network application layer from bottom to top.
In the following we give specific description of the various levels in the structure:
physical layer: the lowest layer of the hierarchical structure is provided with abstract interfaces of various distributed resources at the bottom layer, the details of the resources in the network are hidden to the higher layer, and the distributed resources are used simply and easily by the higher layer.
Internet layer: and establishing a communication basis for the connection of the distributed resources by utilizing the existing internet protocol, and carrying upper-layer services.
Security service protocol and standards layer: the system structure ensures safe and reliable network interactive communication, and realizes confidentiality, integrity and non-repudiation of sensitive data needing to be ensured in communication. The layer is the core in the system structure, the security is required to be layered, and different levels of security guarantee are required to be provided for different layers. The security service protocol and standard layer is therefore further divided into three major sub-layers: network protocols, web services security standards, extensible markup language security specifications. The network protocol also abstracts the bottom layer resources once, issues and represents the network service through various network protocols such as uniform description, discovery and integration, web service description language and the like, the basic representation format is an extensible markup language format, and the format of network message interaction and transmission is specified; the safety standard of the world wide web service is a basic safety specification which must be used in a network service environment, is used as a specification of the safety level of simple object access control protocol message transmission communication, provides a guarantee for the confidentiality, the integrity and the resistance to the repudiation of a message, and also provides an optional function of identity authentication and authorization; at the sub-layer of the security specification of the extensible markup language, the extensible markup language is used for encryption and signature, and because the representation form of the upper layer data is also in the extensible markup language format, the extensible markup language can encrypt and sign a certain part of an extensible markup language document according to needs.
Basic service layer: basic functions are provided for the network, and key management, user management, access control management and single sign-on are mainly provided. Wherein the access control management employs resource access control based on extensible access control markup language (XACML) open standards, determining whether access should be granted to a resource based on policies defined by a set of rules.
A special service layer: some security services that are an upper layer of the basic service, such as integrating Public Key Infrastructure (PKI) functionality, interacting with upper layer peer-to-peer network applications, etc.
Peer-to-peer computing network application layer: and handing over the computing task to a peer-to-peer computing network for processing at a network application layer.
Second, the method flow
The network service provider needs to deploy peer-to-peer network service, and before two parties carry out simple object access protocol message transmission, we need to obtain the keys of two communication parties required by encryption and digital signature through a certification Center (CA). For the access control of resources, a plurality of access control methods exist at present, and the strategy access control based on extensible access control markup language is proposed to ensure that network resources are not illegally used and accessed.
The main working process comprises the following steps:
(1) application and issuance of certificates
The application and issuance of a simple single-key certificate are taken as an example to illustrate that a network user GC and a network service end GP respectively generate a key CA authentication center to issue a certificate to the network user GC and the network service end GP, and in order to enable safe communication in the future, the GC and the GP need to communicate with each other to obtain a public key signed and encrypted by the other side.
(2) Network user generation of communication messages
Data communicated by two parties inevitably contains sensitive data, and the sensitive data can be divided into a resource access control strategy document and normal communication data. For the resource access control policy document, which is expressed in the format of extensible markup language, in the network manager, the policy enforcement point submits the access control policy set cps (access control policy set) of the lower layer. cps must describe: access subject (access subject), access resource (r), access authority (p), access permission (p), environment access time (t), and supplemental extension (extension). Among the network managers is a policy manager, which contains a set of resource-allowed access control policies CPS, which must also describe: access subject s, (access subject), access resource r, (access resource), access authority p, (access permission), environment access time t, (environment time), and supplemental extension e (extension).
Wherein r ═ { r ═ riDenotes a number of resources that can be accessed;
s={sjdenotes a plurality of access subjects;
cps={cpkthe expression indicates that the access control strategy set consists of a plurality of access control strategies;
p ═ { r | w | m }, r denotes read-only, w denotes writeable, and m denotes modifiable;
t ═ bt, et], bt denotes the start time (begin time) of the resource access, et denotes the end time (end time) of the resource access;
cpk=ri∧sjΛ p t e represents an access control strategy.
The context handler will compare CPS with CPS by means of policy decision points, which will need to do the following:
match(cps,CPS)={dec1,dec2,...,deci}if and only if
(cpk∈CPS,ri∈cpk),deci=true;
And for normal communication data, the access strategy is handed to an upper application service layer for task processing only after meeting the condition.
(3) Secure communication between two parties
The network user GE sends its job request to the network service provider GP:
wherein req (inf o) is subjected to the following operations
req(inf o)=Encry(Sign(inf o,GCprkey),key)+Encry(key,keypbkey)
Where info ═ data, cp) denotes a normal communication data and resource access control policy, GCprkeyRepresented as the private key of the network user, and key represented as the symmetric key of the encryption info, keypbkeyDenoted as the public key used to encrypt the key, Encry is the encryption function and Sign is the signature function.
After receiving the signed and encrypted job request, the network service provider GP restores the original communication data inf o, which needs to go through the following operations:
inf o=Verify(Decry(req,Decry(req-Encry,keyprkey)),GCpbkey)
wherein, keyprkeyDenoted as private key, GC, used to decrypt out the keypbkeyExpressed as the public key of the network user, Verify is the verification signature function, and Decry is the decryption function.
Similarly, the GP of the network service provider processes the response resp like the GC, and processes the response resp like the GP of the GC.
(4) The network manager provides data and processes the data respectively
The Peer-to-Peer network application layer maps to the Peer Peer corresponding to the resource according to the matching result of the access control strategyiThe method comprises the following steps:
map(deci,Peeri)=send(taski,Peeri),while(decitrue); where send (a, B) indicates moving a to node B.
The forming scheme of the service network security architecture based on peer-to-peer computing introduces the network and web service security concepts into the security architecture, and is formed by combining network security specifications, which specifically comprises the following steps: the network user requests job processing:
1) the network user starts the network client program, opens the user interface of the network application layer, at this time, the background starts to start the daemon process of the network user end,
2) a network user enters a job request and access control policy in a user interface,
3) the daemon process at the network user end converts the access control strategy submitted by the network user into the format of extensible markup language,
4) the daemon process at the network user end encrypts the access control strategy according to the encryption flow of the extensible markup language,
5) the daemon process on the network user side combines the access control strategy encryption file and the job request into a simple object access protocol request message,
6) a daemon process at the network user end generates a symmetric key,
7) the daemon process at the network user end uses the symmetric key generated in the step 6) to symmetrically encrypt the whole file generated in the step 5) by using the simple object access protocol,
8) the symmetric key is asymmetrically encrypted and,
9) transmitting the encryption key generated in the step 8) and the ciphertext generated in the step 7) to a network server side through a simple object access protocol;
the network service terminal processes the user job request:
10) the network server receives the simple object access protocol message request to obtain an encryption key and a ciphertext,
11) the network service end carries out asymmetric decryption on the encrypted key to obtain a symmetric key, once decryption fails, the execution result of the operation request of the network user is that 'asymmetric decryption of the symmetric key fails, the sent message is tampered' and the step 18 iscarried out,
12) the network server side symmetrically decrypts the ciphertext by using the symmetric key, refuses the processing request and writes the processing request into the security log once the communication message is found to be tampered, the execution result of the operation request of the network user is 'the symmetric decryption of the key fails, the message is sent to be tampered' and the process goes to the step 18),
13) the network server decrypts the encrypted access control strategy by using the extensible markup language to obtain the access control strategy,
14) the network server side obtains the access control strategy in the step 13) to carry out strategy matching with the access control strategy set, if the access control strategy is not accordant with the access control set, the execution result of the operation request of the network user is 'the access control strategy is not accordant', the step 18) is carried out,
15) the network server starts a peer-to-peer computing client,
16) the network server side sends the job request and the resource matching result to the peer-to-peer network client side for processing,
17) the peer-to-peer network client sends the result of the executed job to the network server,
18) the network server generates a simple object access protocol message response to the network user operation request, selects whether security is required for the execution result, and can encrypt the simple object access protocol message response if security is required; and if high security is not needed, directly returning the execution result to the network client.
Has the advantages that: the method provides a forming scheme of a service network security architecture based on peer-to-peer computing, and aims to solve the problem of distributed computing by combining a peer-to-peer computing technology and a network technology of a new computing technology and to emphasize the security in the implementation process of the whole architecture. The method provided by the invention is not a simple listing of safety standards, but arranges the safety standards logically and hierarchically to realize various safety guarantees in the network. Specific explanations are given below.
Safety guarantee of communication messages: this is done based on web services security standards. One of the biggest drawbacks of the currently used transport level security protocols, such as the secure socket layer, is performance, especially when only a portion of the simple object access protocol messages need to be encrypted, and transport layer encryption does not allow secure routing of the messages through the web service as an intermediary, since the messages need to be decrypted by the intermediary before it can be delivered to the final recipient in a new encrypted stream. In the method of the invention, the web service security of the emerging security standard is adopted, which describes the improvement of simple object access protocol messages, provides protection capability through message integrity, message confidentiality and single message authentication, and simultaneously provides a general mechanism for the association of a security token and a message. The goal of web services security is to enable applications to build secure simple object access protocol message exchanges, achieving end-to-end message-level security (more than transport-level security).
Resource access control based on extensible access control markup language: compared with other policy description languages, the extensible access control markup language is based on the characteristics of the extensible markup language that the proposed access control policy has platform independence and can be recognized by a user and a computer at the same time. The readability of the document is improved by representing the resource access control strategy proposed by the user by using an open language of an extensible access control markup language.
Convergence of network services with peer-to-peer networks: the service network connects loosely coupled network services together, and needs to effectively utilize idle resources in each virtual organization domain, so in the proposed system, the network service end is also a client end of peer-to-peer computing. The method for realizing network service in the peer-to-peer computing environment is an ideal solution, which not only efficiently utilizes a large amount of existing idle resources, but also improves the cooperative work capacity and the computing capacity of the network.
Drawings
Fig. 1 is a schematic diagram of a security service network architecture based on peer-to-peer computing, in which: physical layer, international internet layer, safety service protocol and standard layer, basic service layer, special service layer and network application layer.
Fig. 2 is a schematic diagram of an access control policy layer. The method is shown in the invention, and the basic service layer of the method is based on the access control layer model of the extensible access control markup language.
Fig. 3 is a security services network specific application framework diagram. Showing specific implementations of the invention.
Fig. 4 is a flowchart illustrating a specific method for a network user to request a network job.
Fig. 5 is a flowchart illustrating a specific method for responding toa job request by a network server.
Detailed Description
For convenience of description, we have the following application examples:
when a network user (denoted by A) submits a job request (denoted by T) and a resource access control policy (denoted by P) to a network server (denoted by B) and requires to calculate the prime number of an arbitrary number field, the specific implementation is as follows:
the network user A requests job processing:
1.) the network user A starts the network client program, opens the user interface of the network application layer, at this time, the background starts to start the daemon process of the network user,
2.) the network user a enters the job request T and the access control policy P in the user interface,
3.) the daemon process at the network user end converts the access control strategy P submitted by the network user into a format of extensible markup language,
4.) the daemon process at the user end of the network encrypts the access control strategy P according to the encryption flow of the extensible markup language,
5.) the daemon process on the user side of the network combines the access control strategy encryption file and the job request T into a simple object access protocol request message,
6.) a daemon process at the user end of the network generates a symmetric key,
7.) the daemon process at the user end of the network carries out simple object access protocol symmetric encryption on the whole file generated in the step 5) by using the symmetric key generated in the step 6),
8.) the symmetric key is asymmetrically encrypted,
9.) the encryption key generated in the step 8) and the ciphertext generated in the step 7) are transmitted to the network server B together through a simple object access protocol;
the network server B processes the user job request:
10.) the network server B receives the simple object access protocol message request, obtains the encryption key and the ciphertext,
11.) the network service end B asymmetrically decrypts the encrypted key to obtain a symmetric key, and once decryption fails, the execution result of the operation request T of the network user A is that 'asymmetric decryption of the symmetric key fails, sending message is tampered' and goes to step 18),
12.) the network server B decrypts the ciphertext symmetrically by using the symmetric key, refuses the processing request and writes the security log once the communication message is found to be tampered, the execution result of the operation request of the network user a at this time is 'key symmetric decryption failure, sending message is tampered' and goes to step 18),
13.) the network server B decrypts the encrypted access control strategy by using extensible markup language to obtain an access control strategy P,
14.) the network service terminal B obtains the access control strategy P in the step 13) to carry out strategy matching with the access control strategy set, if the access control strategy P does not accord with the access control set, the execution result of the operation request of the network user A at this time is 'access control strategy does not accord' and then the step 18 is carried out),
15.) the network server B starts a peer-to-peer computing client,
16.) the network server B sends the job request T and the resource matching result to the peer-to-peer network client for processing,
17.) the peer-to-peer network client sends the result of the executed job to the network server B,
18.) the network server B generates a simple object access protocol message response to the operation request T of the network user A, selects whether security is required for the execution result, and if security is required, the message response can be encrypted by a simple object access protocol; and if high security is not needed, directly returning the execution result to the network client.
Claims (1)
1. A service network security architecture forming scheme based on peer-to-peer computing is characterized in that the scheme introduces network and web service security concepts into the security architecture and is formed by combining network security specifications, and the scheme specifically comprises the following steps:
the network user requests job processing:
1.) the network user starts the network client program, opens the user interface of the network application layer, at this time, the background starts to start the daemon process of the network user,
2.) the network user enters job requests and access control policies in the user interface,
3.) the daemon process at the network user end converts the access control strategy submitted by the network user into a format of extensible markup language,
4.) the daemon process at the user end of the network encrypts the access control strategy according to the encryption flow of the extensible markup language,
5.) the daemon process on the user side of the network combines the access control strategy encryption file and the job request into a simple object access protocol request message,
6.) a daemon process at the user end of the network generates a symmetric key,
7.) the daemon process at the user end of the network carries out simple object access protocol symmetric encryption on the whole file generated in the step 5) by using the symmetric key generated in the step 6),
8.) the symmetric key is asymmetrically encrypted,
9.) the encryption key generated in the step 8) and the ciphertext generated in the step 7) are transmitted to a network server side together through a simple object access protocol;
the network service terminal processes the user job request:
10.) the web server receives the simple object access protocol message request, obtains the encryption key and the ciphertext,
11.) the network service end carries out asymmetric decryption on the encrypted secret key to obtain a symmetric secret key, once decryption fails, the execution result of the operation request of the network user is that 'asymmetric decryption of the symmetric secret key fails, a sending message is tampered' and then the step 18 is carried out),
12.) the network service end symmetrically decrypts the ciphertext by using the symmetric key, refuses the processing request and writes the processing request into the security log once the communication message is found to be tampered, the execution result of the operation request of the network user is 'key symmetric decryption failure, sending message is tampered' and goes to step 18),
13.) the network service end decrypts the encrypted access control strategy by using extensible markup language to obtain the access control strategy,
14.) the network service end obtains the access control strategy in the step 13) to carry out strategy matching with the access control strategy set, if the access control strategy is not accordant with the access control set, the execution result of the operation request of the network user is 'access control strategy is not accordant', the step 18) is carried out,
15.) the network server starts the peer-to-peer computing client,
16.) the network server sends the job request and the resource matching result to the peer-to-peer network client for processing,
17.) the peer-to-peer network client sends the result of the executed operation to the network server,
18.) the network service end generates a simple object access protocol message response to the network user operation request, selects whether security is required for the execution result, and if security is required, the message response can be encrypted by a simple object access protocol; and if high security is not needed, directly returning the execution result to the network client.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2006100377605A CN100512306C (en) | 2006-01-13 | 2006-01-13 | Service network safety system structure plan based on reciprocity calculation |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2006100377605A CN100512306C (en) | 2006-01-13 | 2006-01-13 | Service network safety system structure plan based on reciprocity calculation |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1859416A true CN1859416A (en) | 2006-11-08 |
| CN100512306C CN100512306C (en) | 2009-07-08 |
Family
ID=37298278
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2006100377605A Expired - Fee Related CN100512306C (en) | 2006-01-13 | 2006-01-13 | Service network safety system structure plan based on reciprocity calculation |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100512306C (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101582916B (en) * | 2009-06-19 | 2012-07-25 | 武汉钢铁(集团)公司 | Network application system based on P2P and application method thereof |
| WO2015131717A1 (en) * | 2014-10-09 | 2015-09-11 | 中兴通讯股份有限公司 | Method and device for managing access control list of network device |
| CN107425970A (en) * | 2017-09-27 | 2017-12-01 | 郑州云海信息技术有限公司 | A kind of document transmission method, transmitting terminal, receiving terminal and the medium of P2P networks |
| CN107707344A (en) * | 2017-11-12 | 2018-02-16 | 高飞 | A kind of file numeral encryption transmission system |
-
2006
- 2006-01-13 CN CNB2006100377605A patent/CN100512306C/en not_active Expired - Fee Related
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101582916B (en) * | 2009-06-19 | 2012-07-25 | 武汉钢铁(集团)公司 | Network application system based on P2P and application method thereof |
| WO2015131717A1 (en) * | 2014-10-09 | 2015-09-11 | 中兴通讯股份有限公司 | Method and device for managing access control list of network device |
| CN105577399A (en) * | 2014-10-09 | 2016-05-11 | 中兴通讯股份有限公司 | Network device access control list management method and network device access control list management device |
| CN107425970A (en) * | 2017-09-27 | 2017-12-01 | 郑州云海信息技术有限公司 | A kind of document transmission method, transmitting terminal, receiving terminal and the medium of P2P networks |
| CN107707344A (en) * | 2017-11-12 | 2018-02-16 | 高飞 | A kind of file numeral encryption transmission system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN100512306C (en) | 2009-07-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9864874B1 (en) | Management of encrypted data storage | |
| JP6537455B2 (en) | Method, apparatus, computer program product, and cloud compute infrastructure (key management in multi-tenant environment) of key management in multi-tenant computing infrastructure | |
| Yan et al. | IoT-FBAC: Function-based access control scheme using identity-based encryption in IoT | |
| US9021552B2 (en) | User authentication for intermediate representational state transfer (REST) client via certificate authority | |
| KR100970771B1 (en) | Dynamic negotiation of security arrangements between web services??? ?? | |
| US20060248205A1 (en) | A Secure Virtual Network Layer and Virtual Network Manager that Establishes a Comprehensive Business Reporting and Security Infrastructure as an Integral Part of the Network | |
| US10021144B2 (en) | Techniques for establishing a trusted cloud service | |
| CN101044490A (en) | Method and system for using a compact disk as a smart key device | |
| CN1790982A (en) | Method and system for realizing trust identification based on negotiation communication | |
| CN1930847A (en) | Method and apparatus for providing transaction-level security | |
| KR20160101058A (en) | Technologies for supporting multiple digital rights management protocols on a client device | |
| CN110086755A (en) | Realize method, application server, internet of things equipment and the medium of Internet of Things service | |
| KR20230078706A (en) | Certificate-based security using post-quantum cryptography | |
| US20160261414A1 (en) | Secure authentication of remote equipment | |
| WO2023071751A1 (en) | Authentication method and communication apparatus | |
| CN1859416A (en) | Service network safety system structure plan based on reciprocity calculation | |
| Hamoudy et al. | Video security in Internet of things: an overview | |
| CN106533894A (en) | Brand new secure instant messaging system | |
| JP6806263B2 (en) | VNF package signing system and VNF package signing method | |
| CN1352434A (en) | Electronic government affairs safety platform system based on trust and authorization service | |
| CN103179108B (en) | Application authentication method and computer system | |
| CN1697365A (en) | Secure transmission method oriented to mobile agent | |
| Park et al. | Trusted P2P computing environments with role-based access control | |
| CN1750533A (en) | Method for realizing safety coalition backup and switching | |
| CN102195775B (en) | A kind of encryption and decryption method of cloud computing key and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20061108 Assignee: JIANGSU AISINO TECHNOLOGY CO., LTD. Assignor: Nanjing Post & Telecommunication Univ. Contract record no.: 2013320000170 Denomination of invention: Service network safety system structure plan based on reciprocity calculation Granted publication date: 20090708 License type: Exclusive License Record date: 20130320 |
|
| LICC | Enforcement, change and cancellation of record of contracts on the licence for exploitation of a patent or utility model | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20090708 Termination date: 20180113 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |