WO2018214108A1 - Secure implementation method and system for network link - Google Patents

Secure implementation method and system for network link Download PDF

Info

Publication number
WO2018214108A1
WO2018214108A1 PCT/CN2017/085965 CN2017085965W WO2018214108A1 WO 2018214108 A1 WO2018214108 A1 WO 2018214108A1 CN 2017085965 W CN2017085965 W CN 2017085965W WO 2018214108 A1 WO2018214108 A1 WO 2018214108A1
Authority
WO
WIPO (PCT)
Prior art keywords
data packet
encryption
network link
encrypted
encryption key
Prior art date
Application number
PCT/CN2017/085965
Other languages
French (fr)
Chinese (zh)
Inventor
李炜
Original Assignee
深圳市伊特利网络科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳市伊特利网络科技有限公司 filed Critical 深圳市伊特利网络科技有限公司
Priority to PCT/CN2017/085965 priority Critical patent/WO2018214108A1/en
Publication of WO2018214108A1 publication Critical patent/WO2018214108A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols

Definitions

  • the present invention relates to the field of communications, and in particular, to a method and system for securely implementing a network link.
  • a network link is a link for transmitting data in a network.
  • the transmission of an existing link is based on a node. If the data packet in the existing network link is not encrypted, the security is affected, thereby affecting the customer experience.
  • a security implementation method for a network link is provided, which solves the shortcomings of the prior art customer experience.
  • a method for securely implementing a network link includes the following steps:
  • the encrypted data packet is carried in the frame, and the encryption method and the encryption key are added at the frame header.
  • the method further includes:
  • the encryption method and the encryption key are sent to the remaining nodes of the data link of the data packet.
  • the method further includes:
  • the encryption method and the encryption key are uploaded to the network link distribution system.
  • a second aspect provides a security implementation system for a network link, where the method includes:
  • a receiving unit configured to receive the forwarded data packet
  • An encryption unit configured to detect whether the data packet is encrypted, and if not encrypted, invoking an encryption module to encrypt the data packet;
  • the control unit is configured to carry the encrypted data packet in the frame, and add an encryption method and an encryption key to the frame header.
  • system further includes:
  • control unit configured to send the encryption mode and the encryption key to the remaining nodes of the data link of the data packet.
  • system further includes:
  • control unit configured to upload the encryption mode and the encryption key to the network link distribution system.
  • a computer readable storage medium having stored thereon a computer program that, when executed by a processor, implements a secure implementation of the network link.
  • a terminal comprising one or more processors, a memory, a transceiver, and one or more programs, the one or more programs being stored in the memory and configured by the Executed by one or more processors, the program comprising instructions for performing the steps in the secure implementation method of the network link described above.
  • the technical solution provided by the specific embodiment of the present invention receives the forwarded data packet, and detects whether the data packet is encrypted. If the data packet is not encrypted, the encryption module is invoked to encrypt the data packet, and the encrypted data packet is carried in the frame, and The encryption method and the encryption key are added to the frame header, so that it has the advantages of encrypting unencrypted data packets, improving security, and improving user experience.
  • FIG. 1 is a flowchart of a method for implementing security of a network link according to the present invention.
  • FIG. 2 is a structural diagram of a security implementation system for a network link according to the present invention.
  • FIG. 3 is a schematic structural diagram of hardware of a terminal provided by the present invention.
  • FIG. 1 is a flowchart of a method for implementing security of a network link according to a first preferred embodiment of the present invention.
  • the method is implemented by a node.
  • the method is as shown in FIG. 1 , and includes the following steps:
  • Step S101 Receive a forwarded data packet.
  • Step S102 detecting whether the data packet is encrypted, and if not encrypted, invoking an encryption module to encrypt the data packet;
  • Step S103 Carry the encrypted data packet in the frame, and add an encryption method and an encryption key to the frame header.
  • the technical solution provided by the specific embodiment of the present invention receives the forwarded data packet, and detects whether the data packet is encrypted. If the data packet is not encrypted, the encryption module is invoked to encrypt the data packet, and the encrypted data packet is carried in the frame, and The encryption method and the encryption key are added to the frame header, so that it has the advantages of encrypting unencrypted data packets, improving security, and improving user experience.
  • the method may further include:
  • the encryption method and the encryption key are sent to the remaining nodes of the data link of the data packet.
  • the method may further include:
  • the encryption method and the encryption key are uploaded to the network link distribution system.
  • FIG. 2 is a schematic diagram of a security implementation system for a network link according to a second preferred embodiment of the present invention.
  • the system as shown in FIG. 2, includes:
  • the receiving unit 201 is configured to receive the forwarded data packet.
  • the encryption unit 202 is configured to detect whether the data packet is encrypted. If not, the encryption module is invoked to encrypt the data packet.
  • the control unit 203 is configured to carry the encrypted data packet in the frame, and add an encryption method and an encryption key to the frame header.
  • the technical solution provided by the specific embodiment of the present invention receives the forwarded data packet, and detects whether the data packet is encrypted. If the data packet is not encrypted, the encryption module is invoked to encrypt the data packet, and the encrypted data packet is carried in the frame, and The encryption method and the encryption key are added to the frame header, so that it has the advantages of determining the encryption key according to the type of the packet, improving security, and improving user experience.
  • the above system may further include:
  • the control unit 203 is configured to send the encryption mode and the encryption key to the remaining nodes of the data link of the data packet.
  • the above system may further include:
  • the control unit 203 is configured to upload the encryption mode and the encryption key to the network link distribution system.
  • a specific embodiment of the present invention further provides a computer readable storage medium having stored thereon a computer program, the program being implemented by the processor to implement a secure implementation method of the network link.
  • a specific embodiment of the present invention further provides a node, as shown in FIG. 3, including one or more processors 302, a memory 301, a transceiver 303, and one or more programs, the one or more programs being stored in The memory is, and is configured to be executed by, the one or more processors, the program comprising instructions for performing the steps in the secure implementation method of the network link described above.
  • Computer readable media includes both computer storage media and communication media including any medium that facilitates transfer of a computer program from one location to another.
  • a storage medium may be any available media that can be accessed by a computer.
  • the computer readable medium may include random access memory (Random) Access Memory, RAM), Read-Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (Electrically Erasable Programmable Read-Only Memory, EEPROM), Compact Disc Read-Only Memory, CD-ROM, or other optical disc storage, magnetic storage medium or other magnetic storage device, or any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer. Also. Any connection may suitably be a computer readable medium.
  • a disk and a disc include a compact disc (CD), a laser disc, a compact disc, a digital versatile disc (DVD), a floppy disk, and a Blu-ray disc, wherein the disc is usually magnetically copied, and the disc is The laser is used to optically replicate the data. Combinations of the above should also be included within the scope of the computer readable media.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

Provided is a secure implementation method and system for a network link. The method comprises the following steps: receiving a forwarded data packet; adding the number of data packets into a header field of the data packet; and carrying the encrypted data packet within a frame, and adding an encryption method and an encryption key to a frame header. The technical solution provided in the present invention has the advantage of a good user experience.

Description

网络链路的安全实现方法及系统  Network link security implementation method and system 技术领域Technical field
本发明涉及通信领域,尤其涉及一种网络链路的安全实现方法及系统。The present invention relates to the field of communications, and in particular, to a method and system for securely implementing a network link.
背景技术Background technique
网络链接是网络中发送数据的链路,现有的链路的发送均基于节点,现有的网络链路中的数据包如没有加密,影响安全性,进而影响客户体验度。A network link is a link for transmitting data in a network. The transmission of an existing link is based on a node. If the data packet in the existing network link is not encrypted, the security is affected, thereby affecting the customer experience.
技术问题technical problem
提供一种网络链路的安全实现方法,其解决了现有技术的客户体验度差的缺点。A security implementation method for a network link is provided, which solves the shortcomings of the prior art customer experience.
技术解决方案Technical solution
一方面,提供一种网络链路的安全实现方法,所述方法包括如下步骤:In one aspect, a method for securely implementing a network link is provided, and the method includes the following steps:
接收转发的数据包;Receiving forwarded data packets;
检测数据包是否加密,如未加密,则调用加密模块对该数据包进行加密;Check whether the data packet is encrypted. If it is not encrypted, the encryption module is called to encrypt the data packet.
将加密后的数据包携带在帧内,并在帧头添加加密方式以及加密秘钥。The encrypted data packet is carried in the frame, and the encryption method and the encryption key are added at the frame header.
可选的,所述方法还包括:Optionally, the method further includes:
向该数据包的数据链路的剩余节点发送该加密方式以及加密秘钥。The encryption method and the encryption key are sent to the remaining nodes of the data link of the data packet.
可选的,所述方法还包括:Optionally, the method further includes:
将该加密方式以及加密秘钥上传给网路链路分配系统。The encryption method and the encryption key are uploaded to the network link distribution system.
第二方面,提供一种网络链路的安全实现系统,所述方法包括:A second aspect provides a security implementation system for a network link, where the method includes:
接收单元,用于接收转发的数据包;a receiving unit, configured to receive the forwarded data packet;
加密单元,用于检测数据包是否加密,如未加密,则调用加密模块对该数据包进行加密;An encryption unit, configured to detect whether the data packet is encrypted, and if not encrypted, invoking an encryption module to encrypt the data packet;
控制单元,用于将加密后的数据包携带在帧内,并在帧头添加加密方式以及加密秘钥。The control unit is configured to carry the encrypted data packet in the frame, and add an encryption method and an encryption key to the frame header.
可选的,所述系统还包括:Optionally, the system further includes:
控制单元,用于向该数据包的数据链路的剩余节点发送该加密方式以及加密秘钥。And a control unit, configured to send the encryption mode and the encryption key to the remaining nodes of the data link of the data packet.
可选的,所述系统还包括:Optionally, the system further includes:
控制单元,用于将该加密方式以及加密秘钥上传给网路链路分配系统。And a control unit, configured to upload the encryption mode and the encryption key to the network link distribution system.
第三方面,提供一种计算机可读存储介质,其上存储有计算机程序,该程序被处理器执行时实现上述网络链路的安全实现方法。In a third aspect, a computer readable storage medium is provided having stored thereon a computer program that, when executed by a processor, implements a secure implementation of the network link.
第四方面,提供一种终端,包括一个或多个处理器、存储器、收发器,以及一个或多个程序,所述一个或多个程序被存储在所述存储器中,并且被配置由所述一个或多个处理器执行,所述程序包括用于执行上述网络链路的安全实现方法中的步骤的指令。In a fourth aspect, a terminal is provided, comprising one or more processors, a memory, a transceiver, and one or more programs, the one or more programs being stored in the memory and configured by the Executed by one or more processors, the program comprising instructions for performing the steps in the secure implementation method of the network link described above.
有益效果Beneficial effect
本发明具体实施方式提供的技术方案接收转发的数据包,检测数据包是否加密,如未加密,则调用加密模块对该数据包进行加密,,,将加密后的数据包携带在帧内,并在帧头添加加密方式以及加密秘钥,所以其具有对未加密的数据包进行加密处理,提高安全性,提高用户体验度的优点。The technical solution provided by the specific embodiment of the present invention receives the forwarded data packet, and detects whether the data packet is encrypted. If the data packet is not encrypted, the encryption module is invoked to encrypt the data packet, and the encrypted data packet is carried in the frame, and The encryption method and the encryption key are added to the frame header, so that it has the advantages of encrypting unencrypted data packets, improving security, and improving user experience.
附图说明DRAWINGS
为了更清楚地说明本发明实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the embodiments or the description of the prior art will be briefly described below. Obviously, the drawings in the following description are only It is a certain embodiment of the present invention, and other drawings can be obtained from those skilled in the art without any creative work.
图1为本发明提供的一种网络链路的安全实现方法的流程图。FIG. 1 is a flowchart of a method for implementing security of a network link according to the present invention.
图2为本发明提供的一种网络链路的安全实现系统的结构图。2 is a structural diagram of a security implementation system for a network link according to the present invention.
图3为本发明提供的一种终端的硬件结构示意图。FIG. 3 is a schematic structural diagram of hardware of a terminal provided by the present invention.
本发明的实施方式Embodiments of the invention
下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。The technical solutions in the embodiments of the present invention are clearly and completely described in the following with reference to the accompanying drawings in the embodiments of the present invention. It is obvious that the described embodiments are only a part of the embodiments of the present invention, but not all embodiments. All other embodiments obtained by those skilled in the art based on the embodiments of the present invention without creative efforts are within the scope of the present invention.
参阅图1,图1为本发明第一较佳实施方式提供的一种网络链路的安全实现方法的流程图,该方法由一个节点来完成,该方法如图1所示,包括如下步骤:Referring to FIG. 1 , FIG. 1 is a flowchart of a method for implementing security of a network link according to a first preferred embodiment of the present invention. The method is implemented by a node. The method is as shown in FIG. 1 , and includes the following steps:
步骤S101、接收转发的数据包;Step S101: Receive a forwarded data packet.
步骤S102、检测数据包是否加密,如未加密,则调用加密模块对该数据包进行加密;Step S102: detecting whether the data packet is encrypted, and if not encrypted, invoking an encryption module to encrypt the data packet;
步骤S103、将加密后的数据包携带在帧内,并在帧头添加加密方式以及加密秘钥。Step S103: Carry the encrypted data packet in the frame, and add an encryption method and an encryption key to the frame header.
本发明具体实施方式提供的技术方案接收转发的数据包,检测数据包是否加密,如未加密,则调用加密模块对该数据包进行加密,,,将加密后的数据包携带在帧内,并在帧头添加加密方式以及加密秘钥,所以其具有对未加密的数据包进行加密处理,提高安全性,提高用户体验度的优点。The technical solution provided by the specific embodiment of the present invention receives the forwarded data packet, and detects whether the data packet is encrypted. If the data packet is not encrypted, the encryption module is invoked to encrypt the data packet, and the encrypted data packet is carried in the frame, and The encryption method and the encryption key are added to the frame header, so that it has the advantages of encrypting unencrypted data packets, improving security, and improving user experience.
可选的,上述步骤S103之后还可以包括:Optionally, after the step S103, the method may further include:
向该数据包的数据链路的剩余节点发送该加密方式以及加密秘钥。The encryption method and the encryption key are sent to the remaining nodes of the data link of the data packet.
可选的,上述步骤S103之后还可以包括:Optionally, after the step S103, the method may further include:
将该加密方式以及加密秘钥上传给网路链路分配系统。The encryption method and the encryption key are uploaded to the network link distribution system.
参阅图2,图2为本发明第二较佳实施方式提供的一种网络链路的安全实现系统,该系统如图2所示,包括:Referring to FIG. 2, FIG. 2 is a schematic diagram of a security implementation system for a network link according to a second preferred embodiment of the present invention. The system, as shown in FIG. 2, includes:
接收单元201,用于接收转发的数据包;The receiving unit 201 is configured to receive the forwarded data packet.
加密单元202,用于检测数据包是否加密,如未加密,则调用加密模块对该数据包进行加密;The encryption unit 202 is configured to detect whether the data packet is encrypted. If not, the encryption module is invoked to encrypt the data packet.
控制单元203,用于将加密后的数据包携带在帧内,并在帧头添加加密方式以及加密秘钥。The control unit 203 is configured to carry the encrypted data packet in the frame, and add an encryption method and an encryption key to the frame header.
本发明具体实施方式提供的技术方案接收转发的数据包,检测数据包是否加密,如未加密,则调用加密模块对该数据包进行加密,,,将加密后的数据包携带在帧内,并在帧头添加加密方式以及加密秘钥,所以其具有依据数据包的类型确定加密秘钥,提高安全性,提高用户体验度的优点。The technical solution provided by the specific embodiment of the present invention receives the forwarded data packet, and detects whether the data packet is encrypted. If the data packet is not encrypted, the encryption module is invoked to encrypt the data packet, and the encrypted data packet is carried in the frame, and The encryption method and the encryption key are added to the frame header, so that it has the advantages of determining the encryption key according to the type of the packet, improving security, and improving user experience.
可选的,上述系统还可以包括:Optionally, the above system may further include:
控制单元203,用于向该数据包的数据链路的剩余节点发送该加密方式以及加密秘钥。The control unit 203 is configured to send the encryption mode and the encryption key to the remaining nodes of the data link of the data packet.
可选的,上述系统还可以包括:Optionally, the above system may further include:
控制单元203,用于将该加密方式以及加密秘钥上传给网路链路分配系统。The control unit 203 is configured to upload the encryption mode and the encryption key to the network link distribution system.
需要说明的是,对于前述的各方法实施方式或实施例,为了简单描述,故将其都表述为一系列的动作组合,但是本领域技术人员应该知悉,本发明并不受所描述的动作顺序的限制,因为根据本发明,某些步骤可以采用其他顺序或者同时进行。其次,本领域技术人员也应该知悉,说明书中所描述实施方式或实施例均属于优选实施例,所涉及的动作和单元并不一定是本发明所必须的。It should be noted that, for the foregoing method embodiments or embodiments, for the sake of simple description, they are all expressed as a series of action combinations, but those skilled in the art should know that the present invention is not subject to the described action sequence. Limitations, as certain steps may be performed in other sequences or concurrently in accordance with the present invention. In the following, those skilled in the art should also understand that the embodiments or examples described in the specification are preferred embodiments, and the actions and units involved are not necessarily required by the present invention.
本发明具体实施方式还提供一种计算机可读存储介质,其上存储有计算机程序,该程序被处理器执行时实现上述网络链路的安全实现方法。A specific embodiment of the present invention further provides a computer readable storage medium having stored thereon a computer program, the program being implemented by the processor to implement a secure implementation method of the network link.
本发明具体实施方式还提供一种节点,如图3所示,包括一个或多个处理器302、存储器301、收发器303,以及一个或多个程序,所述一个或多个程序被存储在所述存储器中,并且被配置由所述一个或多个处理器执行,所述程序包括用于执行上述网络链路的安全实现方法中的步骤的指令。A specific embodiment of the present invention further provides a node, as shown in FIG. 3, including one or more processors 302, a memory 301, a transceiver 303, and one or more programs, the one or more programs being stored in The memory is, and is configured to be executed by, the one or more processors, the program comprising instructions for performing the steps in the secure implementation method of the network link described above.
在上述实施例中,对各个实施例的描述都各有侧重,某个实施例中没有详述的部分,可以参见其他实施例的相关描述。In the above embodiments, the descriptions of the various embodiments are different, and the details that are not detailed in a certain embodiment can be referred to the related descriptions of other embodiments.
本发明实施例方法中的步骤可以根据实际需要进行顺序调整、合并和删减。The steps in the method of the embodiment of the present invention may be sequentially adjusted, merged, and deleted according to actual needs.
本发明实施例装置中的单元可以根据实际需要进行合并、划分和删减。本领域的技术人员可以将本说明书中描述的不同实施例以及不同实施例的特征进行结合或组合。The units in the apparatus of the embodiment of the present invention may be combined, divided, and deleted according to actual needs. Those skilled in the art can combine or combine the different embodiments described in the specification and the features of the different embodiments.
通过以上的实施方式的描述,所属领域的技术人员可以清楚地了解到本发明可以用硬件实现,或固件实现,或它们的组合方式来实现。当使用软件实现时,可以将上述功能存储在计算机可读介质中或作为计算机可读介质上的一个或多个指令或代码进行传输。计算机可读介质包括计算机存储介质和通信介质,其中通信介质包括便于从一个地方向另一个地方传送计算机程序的任何介质。存储介质可以是计算机能够存取的任何可用介质。以此为例但不限于:计算机可读介质可以包括随机存取存储器(Random Access Memory,RAM)、只读存储器(Read-Only Memory,ROM)、电可擦可编程只读存储器(Electrically Erasable Programmable Read-Only Memory,EEPROM)、只读光盘(Compact Disc Read-Only Memory,CD-ROM)或其他光盘存储、磁盘存储介质或者其他磁存储设备、或者能够用于携带或存储具有指令或数据结构形式的期望的程序代码并能够由计算机存取的任何其他介质。此外。任何连接可以适当的成为计算机可读介质。例如,如果软件是使用同轴电缆、光纤光缆、双绞线、数字用户线(Digital Subscriber Line,DSL)或者诸如红外线、无线电和微波之类的无线技术从网站、服务器或者其他远程源传输的,那么同轴电缆、光纤光缆、双绞线、DSL或者诸如红外线、无线和微波之类的无线技术包括在所属介质的定影中。如本发明所使用的,盘(Disk)和碟(disc)包括压缩光碟(CD)、激光碟、光碟、数字通用光碟(DVD)、软盘和蓝光光碟,其中盘通常磁性的复制数据,而碟则用激光来光学的复制数据。上面的组合也应当包括在计算机可读介质的保护范围之内。Through the description of the above embodiments, those skilled in the art can clearly understand that the present invention can be implemented in hardware, firmware implementation, or a combination thereof. When implemented in software, the functions described above may be stored in or transmitted as one or more instructions or code on a computer readable medium. Computer readable media includes both computer storage media and communication media including any medium that facilitates transfer of a computer program from one location to another. A storage medium may be any available media that can be accessed by a computer. Taking this as an example, but not limited to: the computer readable medium may include random access memory (Random) Access Memory, RAM), Read-Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (Electrically Erasable Programmable Read-Only Memory, EEPROM), Compact Disc Read-Only Memory, CD-ROM, or other optical disc storage, magnetic storage medium or other magnetic storage device, or any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer. Also. Any connection may suitably be a computer readable medium. For example, if the software is using coaxial cable, fiber optic cable, twisted pair, digital subscriber line (Digital Subscriber Line, DSL) or wireless technology such as infrared, radio and microwave transmission from a website, server or other remote source, then coaxial cable, fiber optic cable, twisted pair, DSL or such as infrared, wireless and microwave Wireless technology is included in the fixing of the associated medium. As used in the present invention, a disk and a disc include a compact disc (CD), a laser disc, a compact disc, a digital versatile disc (DVD), a floppy disk, and a Blu-ray disc, wherein the disc is usually magnetically copied, and the disc is The laser is used to optically replicate the data. Combinations of the above should also be included within the scope of the computer readable media.
总之,以上所述仅为本发明技术方案的较佳实施例而已,并非用于限定本发明的保护范围。凡在本发明的精神和原则之内,所作的任何修改、等同替换、改进等,均应包含在本发明的保护范围之内。 In summary, the above description is only a preferred embodiment of the technical solution of the present invention, and is not intended to limit the scope of the present invention. Any modifications, equivalent substitutions, improvements, etc. made within the spirit and scope of the present invention are intended to be included within the scope of the present invention.

Claims (8)

  1. 一种网络链路的安全实现方法,其特征在于,所述方法包括如下步骤: A security implementation method for a network link, characterized in that the method comprises the following steps:
    接收转发的数据包;Receiving forwarded data packets;
    检测数据包是否加密,如未加密,则调用加密模块对该数据包进行加密;Check whether the data packet is encrypted. If it is not encrypted, the encryption module is called to encrypt the data packet.
    将加密后的数据包携带在帧内,并在帧头添加加密方式以及加密秘钥。The encrypted data packet is carried in the frame, and the encryption method and the encryption key are added at the frame header.
  2. 根据权利要求1所述的方法,其特征在于,所述方法还包括:The method of claim 1 further comprising:
    向该数据包的数据链路的剩余节点发送该加密方式以及加密秘钥。The encryption method and the encryption key are sent to the remaining nodes of the data link of the data packet.
  3. 根据权利要求1所述的方法,其特征在于,所述方法还包括:The method of claim 1 further comprising:
    将该加密方式以及加密秘钥上传给网路链路分配系统。The encryption method and the encryption key are uploaded to the network link distribution system.
  4. 一种网络链路的安全实现系统,其特征在于,所述方法包括:A security implementation system for a network link, the method comprising:
    接收单元,用于接收转发的数据包;a receiving unit, configured to receive the forwarded data packet;
    加密单元,用于检测数据包是否加密,如未加密,则调用加密模块对该数据包进行加密,;An encryption unit, configured to detect whether the data packet is encrypted, and if not encrypted, invoking an encryption module to encrypt the data packet;
    控制单元,用于将加密后的数据包携带在帧内,并在帧头添加加密方式以及加密秘钥。The control unit is configured to carry the encrypted data packet in the frame, and add an encryption method and an encryption key to the frame header.
  5. 根据权利要求4所述的系统,其特征在于,The system of claim 4 wherein:
    所述控制单元,用于向该数据包的数据链路的剩余节点发送该加密方式以及加密秘钥。The control unit is configured to send the encryption mode and the encryption key to the remaining nodes of the data link of the data packet.
  6. 根据权利要求4所述的系统,其特征在于, The system of claim 4 wherein:
    所述控制单元,用于将该加密方式以及加密秘钥上传给网路链路分配系统。The control unit is configured to upload the encryption mode and the encryption key to the network link distribution system.
  7. 一种计算机可读存储介质,其上存储有计算机程序,该程序被处理器执行时实现如权利要求1-3任意一项所述的网络链路的安全实现方法。A computer readable storage medium having stored thereon a computer program, the program being executed by a processor to implement a secure implementation of a network link as claimed in any of claims 1-3.
  8. 一种终端,其特征在于,包括一个或多个处理器、存储器、收发器,以及一个或多个程序,所述一个或多个程序被存储在所述存储器中,并且被配置由所述一个或多个处理器执行,所述程序包括用于执行1-3任意一项所述的网络链路的安全实现方法中的步骤的指令。 A terminal, comprising: one or more processors, a memory, a transceiver, and one or more programs, the one or more programs being stored in the memory and configured by the one Executing by a plurality of processors, the program comprising instructions for performing the steps in the secure implementation method of the network link of any of 1-3.
PCT/CN2017/085965 2017-05-25 2017-05-25 Secure implementation method and system for network link WO2018214108A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/CN2017/085965 WO2018214108A1 (en) 2017-05-25 2017-05-25 Secure implementation method and system for network link

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2017/085965 WO2018214108A1 (en) 2017-05-25 2017-05-25 Secure implementation method and system for network link

Publications (1)

Publication Number Publication Date
WO2018214108A1 true WO2018214108A1 (en) 2018-11-29

Family

ID=64395153

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/085965 WO2018214108A1 (en) 2017-05-25 2017-05-25 Secure implementation method and system for network link

Country Status (1)

Country Link
WO (1) WO2018214108A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110430446A (en) * 2019-07-26 2019-11-08 东软集团股份有限公司 Method for processing video frequency, device, equipment and computer readable storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101127597A (en) * 2007-10-09 2008-02-20 华中科技大学 Data transmission encryption method of MANET network
WO2015117451A1 (en) * 2014-08-21 2015-08-13 深圳市中兴微电子技术有限公司 Encrypted communications method and communications terminal, and computer storage medium
CN105262772A (en) * 2015-11-06 2016-01-20 腾讯科技(深圳)有限公司 Data transmission method, data transmission system and related apparatus for data transmission method and system
CN106992998A (en) * 2017-05-25 2017-07-28 深圳市伊特利网络科技有限公司 The safety implementation method and system of network link

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101127597A (en) * 2007-10-09 2008-02-20 华中科技大学 Data transmission encryption method of MANET network
WO2015117451A1 (en) * 2014-08-21 2015-08-13 深圳市中兴微电子技术有限公司 Encrypted communications method and communications terminal, and computer storage medium
CN105262772A (en) * 2015-11-06 2016-01-20 腾讯科技(深圳)有限公司 Data transmission method, data transmission system and related apparatus for data transmission method and system
CN106992998A (en) * 2017-05-25 2017-07-28 深圳市伊特利网络科技有限公司 The safety implementation method and system of network link

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110430446A (en) * 2019-07-26 2019-11-08 东软集团股份有限公司 Method for processing video frequency, device, equipment and computer readable storage medium
CN110430446B (en) * 2019-07-26 2021-09-14 东软集团股份有限公司 Video processing method, device, equipment and computer readable storage medium

Similar Documents

Publication Publication Date Title
WO2018223553A1 (en) Terminal wifi access control method and system
WO2018214059A1 (en) Method and system for selecting data link in network
WO2018218806A1 (en) Terminal privacy protection method and system
WO2018209644A1 (en) Data encryption method and system for smart household
WO2018214108A1 (en) Secure implementation method and system for network link
WO2018218808A1 (en) Short message information reading method and system
WO2018223550A1 (en) Terminal alarm clock setting method and system
WO2018218807A1 (en) Information reading method and system of wechat
WO2018214061A1 (en) Terminal-based network link encryption method and system
WO2018223552A1 (en) Terminal app rapid exiting method and system
WO2018214057A1 (en) Calculation method and system for packet loss in network link
WO2018214058A1 (en) Method and system for establishing network link for face-to-face terminals
WO2018214056A1 (en) Method and system for verifying delay in network link
WO2018214112A1 (en) Method and system for maintaining ip address in network link
WO2018227364A1 (en) Method and system for establishing terminal multicast group
WO2018039824A1 (en) Energy dynamic storage method and system for solar cell panel
WO2018227370A1 (en) Method and system for selecting terminal network connection
WO2018214113A1 (en) Method and system for applying virtual network addresses in network link
WO2018214021A1 (en) Method and system for sharing cross-platform destination
WO2018214107A1 (en) Network link fault detection method and system
WO2018227333A1 (en) Positioning-based terminal app recommendation method and system
WO2018214111A1 (en) Method and system for remote maintenance after network link fault
WO2018214106A1 (en) Update method and system for network connection list
WO2018214110A1 (en) Link selection method and system based on access point
WO2018205273A1 (en) Smart terminal power management method and system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17911335

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17911335

Country of ref document: EP

Kind code of ref document: A1