CN203057192U - Cross-platform security audit device - Google Patents
Cross-platform security audit device Download PDFInfo
- Publication number
- CN203057192U CN203057192U CN2012206746407U CN201220674640U CN203057192U CN 203057192 U CN203057192 U CN 203057192U CN 2012206746407 U CN2012206746407 U CN 2012206746407U CN 201220674640 U CN201220674640 U CN 201220674640U CN 203057192 U CN203057192 U CN 203057192U
- Authority
- CN
- China
- Prior art keywords
- module
- cross
- security audit
- platform security
- access
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000012550 audit Methods 0.000 title claims abstract description 35
- 238000012795 verification Methods 0.000 abstract description 9
- 238000000034 method Methods 0.000 abstract description 8
- 238000007726 management method Methods 0.000 abstract description 5
- 230000006399 behavior Effects 0.000 description 6
- 230000008569 process Effects 0.000 description 6
- 230000006870 function Effects 0.000 description 3
- 230000003542 behavioural effect Effects 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 210000001503 joint Anatomy 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 230000008676 import Effects 0.000 description 1
Images
Landscapes
- Computer And Data Communications (AREA)
Abstract
The utility model discloses a cross-platform security audit device. The device comprises a micro-control module, an encryption card module, a network interface module, a GPRS module, a storage module and an indication module, the encryption card module, the network interface module, the GPRS module, the storage module and the indication module being connected with the micro-control module. The cross-platform security audit device provided by the utility model can be deployed at the front end of an internal network resource machine, and is used for performing unified user identification and authentication by multiple methods, such as certificate authentication and short message verification, and integrally allocating access authorities for access users by using the RBAC technology, such that all the access operation to internal network resources are accessed by the device, the password filling operation is achieved, the complexity of user operation is simplified, and the unified identity authentication, unified safe access and unified privilege management for internal network access users are realized. Besides, the cross-platform security audit device can carry out privilege control on a controllable access behavior enabling agent program in the application layer while recording logs, and can perform screen capture for an image access behavior enabling application center.
Description
Technical field
The utility model relates to a kind of cross-platform security audit device, belongs to field of information security technology.
Background technology
At present, traditional information system using method is based on physical access, and each system manages respectively, and the user needs frequent switched system, repeats authentication, control of authority etc., this mode inefficiency right assignment confusion.Along with fast development of information technology and extensive use, quantity and the complexity of information system improve greatly, and this mode more and more has been difficult to adapt to Informatization Development.People have also had higher requirement as the checking of unified user identity, unified access rights distribution, unified behavior audit operation etc. to information system access.
The utility model content
Purpose: in order to overcome the deficiencies in the prior art, the utility model provides a kind of cross-platform security audit device, the user is visited the behavior of Intranet resource carry out unified identity authentication, unified safety access, unified rights management, unified operation audit.
Technical scheme: a kind of cross-platform security audit device is characterized in that: comprise microcontroller module, encrypted card module, Network Interface Module and GPRS module, described encrypted card module, Network Interface Module, GPRS module all link to each other with the microcontroller module.
Described microcontroller module is CPU.
Also comprise antenna, described antenna links to each other with the GPRS module.
Also comprise memory module, described memory module links to each other with the microcontroller module, is used for finishing device parameter storage and log store.
Also comprise indicating module, described indicating module links to each other with the microcontroller module, the indication of state when being used for finishing device work.
Beneficial effect is: the cross-platform security audit device that the utility model provides, can be deployed in Intranet resource machine front end, adopting multiple modes such as certificate verification and short-message verification to dock the access customer Unified Identity differentiates and authenticates, butt joint access customer access rights adopt the unified distribution of RBAC technology, all Intranet resource access behavioral unities are inserted by this device, realize that password is for filling out work simplification user complicated operation degree, realized that Intranet inserts user's unified identity authentication, unified safety inserts, unified rights management demand, controlled visit behavior is enabled Agent and is carried out control of authority and carry out the daily record record simultaneously for application layer, enables the application center for figure visit behavior and records the screen operation.
Description of drawings
Fig. 1 is structural representation of the present utility model;
Fig. 2 is workflow diagram of the present utility model.
Embodiment
Below in conjunction with accompanying drawing the utility model is done further explanation.
As shown in Figure 1, a kind of cross-platform security audit device, comprise microcontroller module, encrypted card module, Network Interface Module, GPRS module, memory module and indicating module, described encrypted card module, Network Interface Module, GPRS module, memory module and indicating module all link to each other with the microcontroller module.Described microcontroller module is CPU, user's group, user, the Intranet resource that is used for finishing device arranges, the access rights configuration, realize inserting user access activity control and daily record record simultaneously, the encrypted card module realizes data encryption and authenticating user identification, Network Interface Module is finished network signal and is handled, memory module is finished device parameter storage and log store, the indication of state during the work of indicating module finishing device.Also comprise antenna, described antenna links to each other with the GPRS module.GPRS module and antenna send the mobile phone identifying code and realize the double-deck authentication of user.
The cross-platform security audit plant network of the utility model topology can be divided into three parts: user terminal, cross-platform security audit device and Intranet resource network.Cross-platform security audit device connect with user terminal and Intranet resource network in the middle of, all must login cross-platform security audit device to the visit of Intranet resource network, by two-way being connected of cross-platform security audit device foundation with user and Intranet resource machine.Functions such as cross-platform security audit device realizes that the user authenticates, control of authority, password generation fills out, daily record record, film recording, cross-platform security audit device is supported multiple application access such as ftp, ssh, telnet, sftp, RDP, pcanywhere, mysql.The cross-platform security audit device of the utility model is deployed in Intranet resource machine front end, adopting multiple modes such as certificate verification and short-message verification to dock the access customer Unified Identity differentiates and authenticates, butt joint access customer access rights adopt the unified distribution of RBAC technology, all Intranet resource access behavioral unities are inserted by this device, realize that password is for filling out work simplification user complicated operation degree, realized that Intranet inserts user's unified identity authentication, unified safety inserts, unified rights management demand, device for application layer controlled visit behavior enable Agent and carry out control of authority and carry out the daily record record simultaneously, enable the application center for figure visit behavior and record the screen operation.This device provides web service interface, the user logins cross-platform security audit device by the web interface, encrypted card module and GPRS module to the user based on certificate and short message mode dual-identity authentication, cross-platform security audit device returns the user-accessible resource information according to subscriber group information under the user, the user selects to want accessed resources, cross-platform security audit device is judged according to the accessed resources type, if the controlled (telnet of application layer, ftp, ssh, sftp etc.) then directly transmit the application level proxy program, the application level proxy program is set up and is connected with the two-way of Intranet resource machine and user, user access activity is controlled record Operation Log etc.; If graphical application (RDP, Xwindow, PLSQL, VNC) is then directly transmitted the graphical application center, the graphical application center is set up and to be connected with the two-way of Intranet resource machine and user, to user's literal input journal record, and user's screen operator is recorded a video.Cross-platform security audit device provides the web interface that user's operation is audited, support the image manipulation playback simultaneously, reached Intranet has been inserted user's unified identity authentication, unified safety access, unified rights management, to the Intranet resource access accomplish can reflect in advance, controlled in the thing, the purpose that can look into afterwards.
As shown in Figure 2, the cross-platform security audit device of the utility model workflow diagram comprises user's certificate verification process, user application layer controllable resources access process and graphical user application access process.User's certificate verification process at first user certificate mode is logined cross-platform security audit device, cross-platform security audit device is according to the sending short message by mobile phone identifying code of user profile to this user binding, the user submits the short-message verification sign indicating number to, cross-platform security audit device is verified user's short-message verification sign indicating number, returns this user's accessible resource information list after being proved to be successful.User application layer controllable resources access process user selects to want accessed resources information, cross-platform security audit device judges whether authority allows, enable password for filling out being connected of function foundation and Intranet resource machine, connection between foundation and the subscriber set, wait for and identification user input, judge to import whether authority allows to transmit or abandon, log is until finishing to disconnect two-way connection.Graphical user application access process user selects to want accessed resources information, cross-platform security audit device judges whether authority allows, enable password for filling out being connected of function foundation and Intranet resource machine, connection between foundation and the subscriber set, transmit user's input information, user's film recording is until finishing to disconnect two-way connection.
The above only is preferred implementation of the present utility model; be noted that for those skilled in the art; under the prerequisite that does not break away from the utility model principle; can also make some improvements and modifications, these improvements and modifications also should be considered as protection range of the present utility model.
Claims (5)
1. cross-platform security audit device, it is characterized in that: comprise microcontroller module, encrypted card module, Network Interface Module and GPRS module, described encrypted card module, Network Interface Module, GPRS module all link to each other with the microcontroller module.
2. cross-platform security audit device according to claim 1, it is characterized in that: described microcontroller module is CPU.
3. cross-platform security audit device according to claim 1, it is characterized in that: also comprise antenna, described antenna links to each other with the GPRS module.
4. cross-platform security audit device according to claim 1, it is characterized in that: also comprise memory module, described memory module links to each other with the microcontroller module, is used for finishing device parameter storage and log store.
5. according to each described cross-platform security audit device of claim 1-4, it is characterized in that: also comprise indicating module, described indicating module links to each other with the microcontroller module, the indication of state when being used for finishing device work.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2012206746407U CN203057192U (en) | 2012-12-10 | 2012-12-10 | Cross-platform security audit device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2012206746407U CN203057192U (en) | 2012-12-10 | 2012-12-10 | Cross-platform security audit device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN203057192U true CN203057192U (en) | 2013-07-10 |
Family
ID=48740106
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2012206746407U Expired - Fee Related CN203057192U (en) | 2012-12-10 | 2012-12-10 | Cross-platform security audit device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN203057192U (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103366109A (en) * | 2013-08-14 | 2013-10-23 | 德讯科技股份有限公司 | XWindow substitution filling method based on digital image recognition algorithm |
| CN105991613A (en) * | 2015-03-03 | 2016-10-05 | 北京神州泰岳信息安全技术有限公司 | Resource remote login method and system |
| CN108173838A (en) * | 2017-12-26 | 2018-06-15 | 福建星瑞格软件有限公司 | A kind of control auditing method accessed the network equipment |
| CN112019590A (en) * | 2020-07-09 | 2020-12-01 | 广东省建设工程质量安全检测总站有限公司 | Remote monitoring system for static load test |
| CN112738221A (en) * | 2020-12-28 | 2021-04-30 | 中国建设银行股份有限公司 | Auditing method and device for object storage flow |
-
2012
- 2012-12-10 CN CN2012206746407U patent/CN203057192U/en not_active Expired - Fee Related
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103366109A (en) * | 2013-08-14 | 2013-10-23 | 德讯科技股份有限公司 | XWindow substitution filling method based on digital image recognition algorithm |
| CN103366109B (en) * | 2013-08-14 | 2015-12-23 | 德讯科技股份有限公司 | XWindow substitution filling method based on digital image recognition algorithm |
| CN105991613A (en) * | 2015-03-03 | 2016-10-05 | 北京神州泰岳信息安全技术有限公司 | Resource remote login method and system |
| CN108173838A (en) * | 2017-12-26 | 2018-06-15 | 福建星瑞格软件有限公司 | A kind of control auditing method accessed the network equipment |
| CN112019590A (en) * | 2020-07-09 | 2020-12-01 | 广东省建设工程质量安全检测总站有限公司 | Remote monitoring system for static load test |
| CN112738221A (en) * | 2020-12-28 | 2021-04-30 | 中国建设银行股份有限公司 | Auditing method and device for object storage flow |
| CN112738221B (en) * | 2020-12-28 | 2022-05-27 | 中国建设银行股份有限公司 | Auditing method and device for object storage flow |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101778099B (en) | Architecture accessing trusted network for tolerating untrusted components and access method thereof | |
| CN102546601B (en) | The servicing unit of cloud computing terminal for accessing virtual machine | |
| CN203057192U (en) | Cross-platform security audit device | |
| CN112073375A (en) | Isolation device and isolation method suitable for power Internet of things client side | |
| CN106708489A (en) | Debugging method and system of equipment | |
| CN104158802B (en) | A kind of platform authorization method, platform service end and applications client and system | |
| CN101094226B (en) | Security framework of managing network, and information processing method | |
| CN103731475B (en) | A kind of data protection system | |
| CN101841525A (en) | Secure access method, system and client | |
| CN101272242A (en) | Mobile memory system and method based on network | |
| CN106790555A (en) | A kind of method and system of community's shared education resources service interface | |
| CN106982430B (en) | Portal authentication method and system based on user use habits | |
| CN104468640A (en) | Method and device for achieving sharing of cloud storage space | |
| CN106488453A (en) | A kind of method and system of portal certification | |
| CN103780609A (en) | Cloud data processing method and device and cloud data security gateway | |
| CN102143492B (en) | Method for establishing virtual private network (VPN) connection, mobile terminal and server | |
| CN104424676A (en) | Identity information sending method, identity information sending device, access control card reader and access control system | |
| CN102752306B (en) | Digital media management method and system based on mark | |
| CN110336788A (en) | A kind of data safety exchange method of internet of things equipment and mobile terminal | |
| CN111277607A (en) | Communication tunnel module, application monitoring module and mobile terminal security access system | |
| CN105392137A (en) | Household WIFI embezzlement preventing method, wireless router and terminal equipment | |
| CN102984046A (en) | Processing method of instant messaging business and corresponding network equipment | |
| CN108011872A (en) | Personal information intelligent acquisition method and system | |
| DE112013000017T5 (en) | The communication transmission method and system | |
| CN104703183A (en) | Special line APN (Access Point Name) security-enhanced access method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20171127 Address after: 310007 Huanglong Road, Hangzhou, Zhejiang, No. 8, No. Co-patentee after: STATE GRID ELECTRIC POWER Research Institute Patentee after: ZHEJIANG ELECTRIC POWER Corp. Co-patentee after: NARI TECHNOLOGY Co.,Ltd. Co-patentee after: State Grid Corporation of China Address before: 310007 Huanglong Road, Hangzhou, Zhejiang, No. 8, No. Co-patentee before: STATE GRID ELECTRIC POWER Research Institute Patentee before: ZHEJIANG ELECTRIC POWER Corp. Co-patentee before: NANJING NARI Group Corp. Co-patentee before: State Grid Corporation of China |
|
| TR01 | Transfer of patent right | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20130710 Termination date: 20211210 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |