CN202077186U - 3G (Third Generation) system integrated with SSL VPN (Secure Sockets Layer Virtual Private Network) encryption technology - Google Patents
3G (Third Generation) system integrated with SSL VPN (Secure Sockets Layer Virtual Private Network) encryption technology Download PDFInfo
- Publication number
- CN202077186U CN202077186U CN2011201683055U CN201120168305U CN202077186U CN 202077186 U CN202077186 U CN 202077186U CN 2011201683055 U CN2011201683055 U CN 2011201683055U CN 201120168305 U CN201120168305 U CN 201120168305U CN 202077186 U CN202077186 U CN 202077186U
- Authority
- CN
- China
- Prior art keywords
- vpn
- ssl vpn
- internet
- ssl
- vpm
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Abstract
The utility model relates to the technical field of 3G mobile communication, in particular to a 3G system integrated with the SSL VPN encryption technology. The 3G system comprises an SSL VPN client (1), a VPN firewall (2), encrypted 3G network cards (3), a Web server (4) and the Internet (5); the SSL VPN client (1) is connected with the VPN firewall (2) through wireless encrypted data, the VPN firewall (2) is wirelessly connected with the Web server (4), the connection between the VPN firewall (2) and the Internet (5) is unencrypted and wireless, and the encrypted 3G network cards (3) are arranged in the SSL VPN client (1) and the VPN firewall (2). The 3G system is convenient to use and flexible to unplug and plug, is cheap, and has high receiving sensitivity, and compared with the other 3G products in China, the security of the 3G system is greatly enhanced, so that the confidentiality of company files and private files can be effectively guaranteed.
Description
Technical field:
The utility model relates to 3G mobile communication technology field, is specifically related to a kind of 3G device of S set SLVPN encryption technology.
Background technology:
SL (Security Socket Layer, security socket layer) transmits safety of data on the internet by the cipher mode protection, and it can be applied on each browser automatically.VPN (Virtual Private Network, VPN (virtual private network)) then is mainly used in the virtual linkage network, and it can be guaranteed the confidentiality of data and have certain access control function.Setting up a link interim, safety by common network (as INternet), is safe, a stable tunnel that passes chaotic common network.Virtual Private Network is to the expansion of intranet.Virtual Private Network can help long-distance user, corporate branch office, business parnter and supplier to set up believable safety connection with the in-house network of company.
Traditional SSL VPN, the noun that is VPN equipment vendors in fact in order to create out with Ipsec VPN difference, refer to the user and utilize the built-in Secure SocketLayer encapsulation process function of browser, connect the meeting SSL of intra-company vpn server with browser, see through the mode that network package turns to then, allow the user read intra-company's data in server at the remote computer executive utility.It adopts the secure socket layer (ssl) of standard that the packet in the transmission is encrypted, thereby has protected safety of data in application layer.The transmission data of client on individual PC browser are all encrypted, and what encryption and decryption were used is the digital certificate that CA provides, and digital certificate leaves the hard disk the inside of individual PC in usually, and Web server is just deciphered up to intra-company.Whole encryption and decryption process is all very simple.Traditional SSL VPN is fairly simple aspect configuration, does not need to install special client, does not need company's internal network is made any big adjustment; The encrypting and decrypting process is also fairly simple, and network data transmission speed is very fast with respect to Ipsec VPN ratio.
But shortcoming is also apparent, tradition SSL VPN user only limits to use Web browser to insert, this is proper to novel business application software based on Web, but it has limited non-Web application access, make that some file operation function are difficult to realize, as file-sharing, predetermined file backup and autofile transmission.The user can support non-Web to use by upgrading, increase patch, installation SSL gateway or other way, but realizes that cost is high and complicated, is difficult to realization.Web server is externally developed, and any internet access point can be visited, and fail safe is lower.
Digital certificate leaves in above the individual PC hard disk, is stolen easily.
(3rd-generation 3G), is meant the honeycomb mobile communication technology of supporting high speed data transfer to the 3G (Third Generation) Moblie technology.The 3G service can transmit sound and data message simultaneously, and speed is generally more than hundreds of kbps.The 3G service can transmit sound and data message (Email, instant messaging etc.) simultaneously, and on behalf of feature, it provide high-speed data service.The main distinction of 3G and 2G is the lifting on the speed of transmission voice and data, it can realize radio roaming in the world better, and handle multiple media formats such as image, music, video flowing, multiple information services such as comprising web page browsing, videoconference, ecommerce is provided, also will considers favorable compatibility simultaneously with existing second-generation system.For this service is provided, wireless network must can be supported different data transmission baudss, that is to say the transmission speed (this numerical value can change according to network environment) that can support 2Mbps (megabit/per second), 384kbps (kilobit/per second) at least and 144kbps in the environment of indoor, outdoor and driving respectively.
The 3G card of surfing Internet is the widely used online medium of present wireless wide-area communication network.At present there are td-scdma and the CDMA2000 of China Telecom and three kinds of network formats of WCDMA of CHINAUNICOM of China Mobile in China, so common wireless Internet card just comprises CDMA2000 wireless Internet card and TD, WCDMA wireless Internet card three classes.
Though the speed of 3G card of surfing Internet has strengthened much with respect to the 2G card of surfing Internet, and is slightly inadequate at secure context, at a high speed, the two characteristic products of safety are following inexorable trend, and are especially particularly important especially for the stronger unit of confidentiality such as public security, army, government.
The utility model content:
The purpose of this utility model provides a kind of 3G device of S set SL VPN encryption technology, and it is easy to use, and price is cheaper, plug is flexible, and the receiving sensitivity height is with respect to domestic other 3G products, fail safe improves greatly, imitates to have guaranteed that company's file is the documentum privatum confidentiality.
In order to solve the existing problem of background technology, the utility model is by the following technical solutions: it comprises SSL VPN client 1, VPM fire compartment wall 2, encrypts 3G network interface card 3, Web server 4 and the Internet 5; SSL VPN client 1 is connected by the wireless encryption data with VPM fire compartment wall 2, VPM fire compartment wall 2 and Web server 4 wireless connections, and VPM fire compartment wall 2 and the Internet 5 non-encrypted wireless connections are provided with in SSL VPN client 1 and the VPM fire compartment wall 2 and encrypt 3G network interface card 3.
The utility model is easy to use, and price is cheaper, and plug is flexible, the receiving sensitivity height, and with respect to domestic other 3G products, fail safe improves greatly, imitates to have guaranteed that company's file is the documentum privatum confidentiality.
Description of drawings:
Fig. 1 is a structure framework of the present utility model;
Fig. 2 is the operational mode of the utility model 3G Encryption Network Card.
Embodiment:
Referring to Fig. 1-2, this embodiment is by the following technical solutions: it comprises SSL vpn client 1, VPM fire compartment wall 2, encrypts 3G network interface card 3, Web server 4 and the Internet 5; SSL vpn client 1 is connected by the wireless encryption data with VPM fire compartment wall 2, VPM fire compartment wall 2 and Web server 4 wireless connections, and VPM fire compartment wall 2 and the Internet 5 non-encrypted wireless connections are provided with in SSL VPN client 1 and the VPM fire compartment wall 2 and encrypt 3G network interface card 3.
The authentication mode of this embodiment software and hardware set: whole authentication process portion adopts the mode of digital certificate, certificate adopts the PKCS#12 form, with client public key, private key, certificate and the packing of other relevant informations, the critical data of PKI inside the certificate and private key is deposited in advance in memory device (F1ash) the inside of 3G network interface card respectively, this critical data application programs is open, and fail safe is higher.After application program is opened, call the PKI and the private key of the certificate of 3G network interface card the inside, for the data that send outward, adopt public key encryption, the The data private key that receives deciphering in case whole process finishes, is destroyed key.
In addition, the descriptive critical data of independent process transfer 3G network interface card the inside is arranged, acquiescence was called once every 5 seconds, in case call descriptive critical data failure, disconnected network immediately, closed whole vpn application again.Descriptive critical data is promptly in advance by the one piece of data of the network management personnel of company unified plan in 3G device inside, and the critical data of each 3G device the inside all is unique, not reproducible, can not destroy, unsuppressible-suppression.
Connected Corp.'s vpn gateway by force before the online of all 3G network interface cards of this embodiment, vpn gateway all has strict audit policy for all data, and everyone audit policy can be provided with separately, also can form group, whole group is provided with, has high flexibility and practicality.
This embodiment has SSL VPN client, after the success identity, have in-company virtual ip address, in any form visited company internal server or individual PC, can file-sharing, file backup, file transfer, just as real local area network (LAN).And unlike traditional SSL VPN, can only be with the mode visited company internal server of web, practicality is very low.
This embodiment is easy to use, and price is cheaper, and plug is flexible, the receiving sensitivity height, and with respect to domestic other 3G products, fail safe improves greatly, imitates to have guaranteed that company's file is the documentum privatum confidentiality.
Claims (1)
1. the 3G device of a S set SL VPN encryption technology is characterized in that it comprises SSL VPN client (1), VPM fire compartment wall (2), encrypts 3G network interface card (3), Web server (4) and the Internet (5); SSL VPN client (1) is connected by the wireless encryption data with VPM fire compartment wall (2), VPM fire compartment wall (2) and Web server (4) wireless connections, VPM fire compartment wall (2) and the non-encrypted wireless connections in the Internet (5) are provided with in SSL VPN client (1) and the VPM fire compartment wall (2) and encrypt 3G network interface card (3).
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2011201683055U CN202077186U (en) | 2011-05-24 | 2011-05-24 | 3G (Third Generation) system integrated with SSL VPN (Secure Sockets Layer Virtual Private Network) encryption technology |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2011201683055U CN202077186U (en) | 2011-05-24 | 2011-05-24 | 3G (Third Generation) system integrated with SSL VPN (Secure Sockets Layer Virtual Private Network) encryption technology |
Publications (1)
Publication Number | Publication Date |
---|---|
CN202077186U true CN202077186U (en) | 2011-12-14 |
Family
ID=45115261
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN2011201683055U Expired - Fee Related CN202077186U (en) | 2011-05-24 | 2011-05-24 | 3G (Third Generation) system integrated with SSL VPN (Secure Sockets Layer Virtual Private Network) encryption technology |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN202077186U (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102843437A (en) * | 2012-09-17 | 2012-12-26 | 北京星网锐捷网络技术有限公司 | Conversion method and device for webpage application and network device |
CN104459487A (en) * | 2014-12-02 | 2015-03-25 | 国家电网公司 | Implementation method of partial discharge real-time monitoring system based on 3G communication |
-
2011
- 2011-05-24 CN CN2011201683055U patent/CN202077186U/en not_active Expired - Fee Related
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102843437A (en) * | 2012-09-17 | 2012-12-26 | 北京星网锐捷网络技术有限公司 | Conversion method and device for webpage application and network device |
CN104459487A (en) * | 2014-12-02 | 2015-03-25 | 国家电网公司 | Implementation method of partial discharge real-time monitoring system based on 3G communication |
CN104459487B (en) * | 2014-12-02 | 2017-04-12 | 国家电网公司 | Implementation method of partial discharge real-time monitoring system based on 3G communication |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
AU2013101722A4 (en) | Data security management system | |
US9602498B2 (en) | Inline inspection of security protocols | |
CN104184735B (en) | Power marketing mobile application security guard system | |
US9219709B2 (en) | Multi-wrapped virtual private network | |
CN101296086B (en) | Method, system and device for access authentication | |
CN103441991A (en) | Mobile terminal security access platform | |
CN103326999A (en) | File safety management system based on cloud service | |
CN103020504B (en) | Based on picture management system and the picture management method of finger print identifying | |
US20120278611A1 (en) | Vpn-based method and system for mobile communication terminal to access data securely | |
CN106992984A (en) | A kind of method of the mobile terminal safety access information Intranet based on electric power acquisition net | |
CN105429962B (en) | A kind of general go-between service construction method and system towards encryption data | |
CN102611732A (en) | Encryption document outgoing control system and method on basis of B/S (Browser/Server) framework | |
Zhipeng et al. | VPN: a boon or trap?: a comparative study of MPLs, IPSec, and SSL virtual private networks | |
CN103268456A (en) | Method and device for file safety control | |
JP4752064B2 (en) | Communication system on public line for restricting access, terminal connection device and server connection restriction device | |
Fei et al. | The research and implementation of the VPN gateway based on SSL | |
Sharma et al. | A comprehensive review on encryption based open source cyber security tools | |
CN202652534U (en) | Mobile terminal safety access platform | |
CN104168565A (en) | Method for controlling safe communication of intelligent terminal under undependable wireless network environment | |
CN102638792A (en) | Wireless network secure transmission system and method based on hardware encryption | |
CN202077186U (en) | 3G (Third Generation) system integrated with SSL VPN (Secure Sockets Layer Virtual Private Network) encryption technology | |
CN103458101A (en) | Hardware encryption storage method and system of mobile phone private contacts | |
TW200830200A (en) | Information security management system and method for electronic document | |
CN102761559B (en) | Network security based on private data shares method and communication terminal | |
CN102131189B (en) | Acquisition instrument, mobile supervision method and system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
C17 | Cessation of patent right | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20111214 Termination date: 20140524 |