CN101170461B - A method and device for enhancing network security - Google Patents
A method and device for enhancing network security Download PDFInfo
- Publication number
- CN101170461B CN101170461B CN2007101952384A CN200710195238A CN101170461B CN 101170461 B CN101170461 B CN 101170461B CN 2007101952384 A CN2007101952384 A CN 2007101952384A CN 200710195238 A CN200710195238 A CN 200710195238A CN 101170461 B CN101170461 B CN 101170461B
- Authority
- CN
- China
- Prior art keywords
- network
- wireless device
- grant number
- message
- equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a method for strengthening the network safety, including the following steps: when new wireless equipment is accessed to the network, the network side judges whether the authorization number of the new equipment is the same with the authorization number of the wireless equipment which has established the connections, if the number is the same, the access of the new equipment is refused; otherwise, the packet of the new equipment is waited to be received. At the same time, the invention also disclose a device for strengthening the network safety, the invention can verify whether the new equipment is the legitimate by judging whether the authorization number of the new equipment is the same with the authorization numbers of the other equipments which have been accessed when the new equipment is accessed to the network, the invention can prevent the illegal equipment from accessing to the network, further to strengthen the network safety.
Description
Technical field
The present invention relates to the network security technology field, relate in particular to a kind of method and apparatus of strengthening network security.
Background technology
Link by wireless technology between the wireless device as industry wireless network commonly used, the user can visit any equipment in the industrial network easily through wireless network, see also shown in Figure 1, Fig. 1 is the control system structural representation block diagram of industry wireless network, industry wireless network generally includes supervisory layers network and field control layer network, wherein, affiliated supervisory layers network generally includes engineer station 101, operator station 102, monitoring station 103, wireless network secure management server 104, wherein, described wireless network secure management server 104 is used for the access security of the equipment of the whole industry wireless network of maintenance and management; Described field control layer network generally includes intelligent network bridge 105, wireless routing device 106 and general wireless device 107 that links to each other with described wireless routing device and radio hand-held equipment 108 etc.
Yet, at present, because the wireless device that inserts in the usually right field control layer network of supervisory layers network in existing industry wireless network does not have effective safety verification means, therefore, the disabled user can insert rogue device through wireless network, and the data of for example tackling a speed changer are distorted sampling or control data data, and the data after will distorting send in the actuator, thereby cause the whole system of the supervisory layers network in the industry wireless network to be in dangerous situation.Perhaps can also be in the monitor network of industry wireless network, with a mobile PC (computer) or radio hand-held equipment 108 disguise oneself as an engineer station 101 or operator station 102, with the configuration info of the equipment in the malicious modification field control layer network, thereby cause control system to tanglewrack.
Summary of the invention
The object of the present invention is to provide a kind of method and apparatus of strengthening network security, the access of resistance illegality equipment in time is to improve the access security of wireless network.
The invention provides a kind of method of strengthening network security, comprising:
In the process that new wireless device connects, network side sends grant number probe requests thereby message to described new wireless device; Safeguard a grant number tabulation that allows access on the routing device of described network side in advance, the grant number of preserving all devices that allows access of radio network in this table;
After receiving the grant number detection response message that described new wireless device returns, described network side judges whether the grant number in this response message is the grant number that allows access, if, then network side judge described new wireless device grant number whether with the grant number double sign of the wireless device that has connected, if double sign, then refusing described new wireless device inserts, described network side is revised by the grant number of the wireless device of double sign, describedly given describedly by the wireless device of double sign and the routing device that is connected with this wireless device by the grant number of the wireless device of double sign by revising message notifying with amended, requirement is modified to amended grant number; If double sign not, then wait for the message that receives described new wireless device.
Preferably, after receiving the grant number detection response message that described new wireless device returns, also comprise:
Described network side judges whether the grant number detection response message of receiving that in the maximum response time that presets described new wireless device returns, if, then carry out and describedly judge that whether the grant number in this response message is to allow the grant number step that inserts, otherwise, refuse described new wireless device and insert.
Preferably, behind the message of receiving described new wireless device, described method also comprises:
Described network side is decrypted the message of receiving according to the manner of decryption that the field control layer network with described new wireless device place sets in advance;
The message that will obtain after will deciphering is again encrypted according to the cipher mode that the supervisory layers network with described network side sets in advance, and is sent to described supervisory layers network after encryption.
Preferably, in the equipment of network side, preserve the address list of the field control layer network device and the supervisory layers network equipment in advance;
Behind the message of receiving described new wireless device, described method also comprises:
Judge whether source address and destination address in the message of receiving are present in the address list of the described field control layer network device and the supervisory layers network equipment, if then transmit this message; Otherwise, abandon this message.
Preferably, in each supervisory layers equipment of network side, access rights have all been set in advance;
When receiving that described supervisory layers equipment mails to the access request message of field control layer equipment, described method also comprises:
Judge whether the supervisory layers equipment that sends described access request message has the authority of this time accessing operation, if, then to the described access request message of described field control layer device forwards; Otherwise refusal is transmitted described access request message.
Based on technique scheme, the invention also discloses a kind of device that is used to strengthen network security, comprising:
List cell, the grant number that is used to preserve all wireless devices that connect with network;
The judgment processing unit is used for when new wireless device access network, the grant number of judging described new wireless device whether with described list cell in the grant number double sign of preserving, if double sign is then refused described new wireless device and is inserted; Otherwise, then wait for to receive the message of described new wireless device;
Revise the unit, be used for obtaining the grant number of described new wireless device and during the wireless device double sign that connected when described judgment processing unit judges, revise described connected in by the grant number of the wireless device of double sign;
Transmitting element is used for that the new grant number that obtains is revised in described modification unit and passes through to revise message notifying to described by the wireless device of double sign, and the routing device that is connected with this wireless device.
Compared with prior art, the present invention has the following advantages:
The present invention is as new wireless device access network the time, the grant number that can before access, judge this new equipment whether with the grant number double sign of other wireless devices that connected, thereby check whether this new equipment is illegality equipment, can prevent the illegality equipment access network by the present invention, further strengthen the fail safe of network.
Description of drawings
Fig. 1 is the control system structural representation block diagram of industry wireless network in the prior art;
The method flow schematic block diagram that Fig. 2 connects for embodiment of the invention wireless device;
Fig. 3 monitors the method flow schematic block diagram of illegality equipment invasion for the present invention;
Fig. 4 is the FB(flow block) of the method embodiment of intelligent network bridge safety filtering of the present invention;
Fig. 5 is the schematic flow sheet of access authority verification method embodiment of the present invention;
Fig. 6 is a kind of structured flowchart that installs embodiment of the present invention;
Fig. 7 is the structured flowchart of the another kind of device embodiment of the present invention.
Embodiment
The disclosed a kind of method of strengthening network security of the embodiment of the invention, but concrete slave unit is set up with wireless network and is begun when being connected to detect, after setting up good the connection, can also continue whether further check has illegality equipment to add to the equipment that has inserted, simultaneously, can also be by in wireless network, the data of transmission being encrypted the fail safe that further improves network, and the modes such as monitoring of the access rights of equipment are comprehensively realized the fail safe of network insertion, thereby avoid network to be destroyed by illegality equipment.
Below in conjunction with accompanying drawing various monitoring execution modes of the present invention are done further and to be elaborated.
The method embodiment that a kind of wireless device disclosed by the invention connects, this embodiment safeguard a grant number tabulation that allows access, the grant number of preserving all devices that allows access of radio network in this table in advance on the routing device of network side; Simultaneously, all be provided with a grant number that allows access of radio network for legal wireless device, be used for when the new equipment access network is arranged, whether the equipment that can insert according to this tabulation inspection is illegal access.As shown in Figure 2, be the method flow schematic block diagram that embodiment of the invention wireless device connects, described method comprises:
S201: when the routing device of network side had detected wireless device and attempts to set up wireless connections with described routing device, described routing device sent grant number probe requests thereby message to described wireless device.
S202: described wireless device is carried at self grant number in the grant number detection response message after receiving the described request message, sends to described wireless routing device.
S203: described wireless routing device judges whether the grant number in the described response message is present in the grant number tabulation of the permission access of self storing after receiving the grant number detection response message that described wireless device is sent, if exist, then carry out S204; Otherwise, carry out S205.
Wherein, the grant number tabulation that the permission of preserving on the described routing device inserts can be for this routing device place Network Management server-assignment obtains, and the grant number of all wireless devices in this tabulation all is described management server setting.
S204: described wireless routing device judges that obtaining this wireless device is legitimate device, and at this moment, described wireless routing device joins the grant number of described wireless device in the list of devices that has connected, will transmit all messages of described wireless device simultaneously.
S205: judge that obtaining this wireless device is illegality equipment, at this moment, can refuse to transmit all messages of this wireless device.
In addition, in above-mentioned S202 and S203, can also comprise: described wireless routing device starts timer after sending described grant number probe requests thereby message, and the response time is carried out timing; Simultaneously described wireless routing device is judged in the response time of maximum whether received the described grant number detection response message that described wireless device returns, if receive, is then continued to carry out described S203; Otherwise, then carry out described S205.
Meanwhile, the disclosed a kind of method of monitoring the illegality equipment invasion of the embodiment of the invention, this embodiment a grant number tabulation that allows all devices of the described network of access of Dynamic Maintenance on the management server of network side in advance.Wherein, described management server can be the wireless network secure management server.With wireless routing device that described wireless network secure management server links to each other on Dynamic Maintenance a list of devices that has connected, in this tabulation in store all be linked into the grant number of the wireless device of described wireless network by described routing device.Present embodiment can judge whether the equipment of new access is illegal access by checking that whether having in the described list of devices that has connected bears the same name.As shown in Figure 3, for the present invention monitors the method flow schematic block diagram of illegality equipment invasion, described method can comprise on the basis of above-mentioned embodiment shown in Figure 2:
S301: after having new equipment to be linked into wireless network in the network by routing device, and after described routing device was recorded in the grant number of described new equipment in the list of devices of self preserving that has connected, the described list of devices that has connected that described routing device will include described new equipment grant number sent to described management server.Wherein, described management server can be the security administration server of wireless network.
S302: described management server judges whether the grant number of new equipment described in the described list of devices that has connected is identical with the grant number of the access device of self storing.That is, judge whether exist two identical equipment of grant number to be linked into simultaneously in this network in the network.If identical, then carry out S303; Otherwise, carry out S306.
S303: described management server judges that obtaining described new equipment is illegality equipment, at this moment, then notifies the routing device that is connected with described new equipment to stop forwarding all messages of this new equipment.Carry out S304 simultaneously.
S304: described management server is revised by the grant number of the legitimate device of double sign, and amended new grant number is recorded in the grant number tabulation of the permission access of self preserving, simultaneously, revise message to described routing device and described the transmission, to inform the replacing grant number by the equipment of double sign.
S305: in the modification message that described routing device sends in receiving described S304, the grant number that change of appointment in the described modification message is recorded in the grant number tabulation that the permission of self preserving inserts, replaces original grant number.Simultaneously, described by the equipment of double sign after receiving described modification message, self grant number is revised as appointment in this message, then, described equipment rebulids with described wireless routing device and is connected.
S306: described management server judges that obtaining described new equipment is and legitimate device, at this moment, can continue to wait for the message that receives described new equipment transmission.
In addition, among the S301 in the above-described embodiments, described routing device sends to described management server except the whole list of devices that has connected that will include described new equipment grant number, outside subsequent survey, can also only tell described management server with the grant number of described new equipment, like this, after the new-device request access network is arranged, after routing device allows to insert, the equipment that newly inserts can be notified to described management server, described management server judges that at every turn whether the new equipment grant number repeats with the existing device grant number of original preservation.
In addition, can also connect when changing by the equipment in network, for example when equipment disconnected connection, described wireless routing device also can send the grant number tabulation of all devices of described accessed network to described wireless network secure management server.
In addition, among the described S303, described management server is except judging the new device authorization extra that inserts in the tabulation, can also judge in the whole network all grant number double signs whether of the equipment of access network, if heavy, the double sign unit deletion that then will the back inserts.Simultaneously need be in S302, described wireless routing device also need not at every turn when equipment connects or disconnect, and the device authorization that all will send accessed network on described management server number is tabulated, and can send periodically.
In addition, when having equipment to disconnect connection in the network, the routing device in this network also can send to management server with the list of devices of self preserving that has connected; Perhaps, whether the equipment that described management server also can be made regular check in the network exists repetitive endowment, for example, requires routing device regularly to send the grant number tabulation of all devices that has connected to described management server.
In addition, on above-mentioned Fig. 2 and basis embodiment illustrated in fig. 3, wireless device and network set up be connected after, for the safety of wireless network before further increasing, can also encrypt the message of communicating by letter between wireless device and the network side, for example, if at network side is to come by intelligent network bridge under the situation of connection management server and routing device and wireless device, wherein, described routing device and wireless device are positioned at the field control layer network, and management server is positioned at the supervisory layers network.Then described wireless device can be encrypted according to the cipher mode that sets in advance to the message that network side sends, described intelligent network bridge is behind the message that listens to the field control layer network, according to the manner of decryption of making an appointment with the field control layer network, the message of receiving is decrypted, then, again according to the cipher mode of supervisory layers network convention, the message of having deciphered is encrypted again, then, the message after encrypting is sent to be arranged in monitors the management server of network once.Wherein, described deciphering can be the XOR decipherment algorithm, and described encryption can be the XOR cryptographic algorithm.
In addition, on the basis of above-mentioned several embodiment, can also before forwarding, verify the message of receiving at the network side intelligent network bridge, with the safety filtering of further reinforcement network.As shown in Figure 4, be the FB(flow block) of the method embodiment of intelligent network bridge safety filtering of the present invention, this method comprises:
S401: on intelligent network bridge, preserve the address list of all wireless devices in the field control layer network in advance, and the address list of the equipment such as for example management server in the supervisory layers network.Wherein, described list information can write preservation to described intelligent network bridge by the management server of network side.
S402: described intelligent network receives the wireless network message.Wherein, described wireless network message can be the message by field control layer network destined supervisory layers network, can also be the message from supervisory layers network destined field control layer network.
S403: described intelligent network judges whether source address in the described message and destination address are present in respectively in the address list of the wireless device address list self preserved and supervisory layers equipment, if then transmit this message; Otherwise, abandon this message, and report error situation to the management server of network side.
Need to prove that the foregoing description is not limited in by intelligent network bridge and realizes, can also have the equipment that E-Packets and realize by being in supervisory layers network and the field control layer network other.In addition, above-mentioned embodiment illustrated in fig. 4 in, be directly the device address in device address in the field control layer network and the supervisory layers network to be kept in the intelligent network bridge, in when checking, judge directly whether the address in the message is present in described two address lists.In addition, can also to the equipment in every layer network two parts of address lists be set respectively, a copy of it is at the situation that changes this layer over to, and the tabulation of this moment is the destination address tabulation; Another part is at the situation that produces this layer, and the tabulation of this moment is a source address list.Like this, when the checking message, can judge respectively that whether source address in the message and destination address are the combinations of wireless device address list and supervisory layers list of device addresses in the field control layer, be the source address of wireless device in the field control layer and the destination address combination of supervisory layers equipment, the perhaps combination of the destination address of wireless device in the source address of supervisory layers equipment and the field control layer.The benefit of refinement judgement is like this: further strengthened the fail safe of wireless network.
In addition, on the basis of above-mentioned several embodiment, the present invention can also be provided with access rights to the equipment in the supervisory layers network of network side, so that all messages that mail to field control layer equipment by described supervisory layers equipment are carried out Authority Verification, thereby have further increased the fail safe of access to netwoks.As shown in Figure 5, be the schematic flow sheet of access authority verification method embodiment of the present invention, this method comprises:
S501: all set in advance access rights on each equipment in the supervisory layers network of network side.Wherein, this authority can be set by the management server of network side.
S502: the access request message of field control layer equipment is mail in described management server interception by described supervisory layers equipment.
S503: described management server judges whether the supervisory layers equipment that sends described access request message has the authority of this time accessing operation, if then carry out S504; Otherwise, then carry out S505.
S504: to the described access request message of described field control layer device forwards.
S505: abandon transmitting described access request message, and return relevant this request responding message, do not obtain access rights to inform described supervisory layers equipment to described supervisory layers equipment.
Based on technique scheme, the invention also discloses a kind of device that is used to strengthen network security, described device can be integrated on the wireless network secure management server of network side.As shown in Figure 6, described device comprises: list cell 601, judgment processing unit 602; Wherein, described list cell 601, the grant number that is used to preserve all wireless devices that connect with network; Described judgment processing unit 602 is used for when new wireless device access network, the grant number of judging new equipment whether with described list cell 601 in the grant number double sign of preserving, if double sign is then refused the access of described new equipment; Otherwise, then wait for the message that receives described new equipment.
Technical scheme based on device embodiment shown in Figure 6, the invention also discloses a kind of device embodiment, as shown in Figure 7, structured flowchart for the another kind of device embodiment of the present invention, this device is except comprising unit shown in Figure 6, also comprise: revise unit 701, transmitting element 702, wherein, described modification unit 701, be used for when described judgment processing unit 602 is judged the grant number that obtains described new equipment with the wireless device double sign that has connected, revise described connected in by the grant number of the wireless device of double sign; Described transmitting element 702 is used for that the new grant number that obtains is revised in described modification unit 701 and passes through to revise message notifying to described by the wireless device of double sign, and the routing device that is connected with this equipment.
Device embodiment described above only is schematic, wherein said unit as the separating component explanation can or can not be physically to separate also, the parts that show as the unit can be or can not be physical locations also, promptly can be positioned at a place, perhaps also can be distributed on a plurality of network element.Can select wherein some or all of module to realize the purpose of present embodiment scheme according to the actual needs.Those of ordinary skills promptly can understand and implement under the situation of not paying performing creative labour.
Through the above description of the embodiments, those skilled in the art can be well understood to the present invention and can realize by the mode that software adds essential general hardware platform, can certainly pass through hardware, but the former is better execution mode under a lot of situation.Based on such understanding, the part that technical scheme of the present invention contributes to prior art in essence in other words can embody with the form of software product, this computer software product can be stored in the storage medium, as ROM/RAM, magnetic disc, CD etc., comprise that some instructions are with so that a computer equipment (can be a personal computer, server, the perhaps network equipment etc.) carry out the described method of some part of each embodiment of the present invention or embodiment.
Above-described embodiment of the present invention does not constitute the qualification to protection range of the present invention.Any modification of being done within the spirit and principles in the present invention, be equal to and replace and improvement etc., all should be included within protection scope of the present invention.
Claims (7)
1. a method of strengthening network security is characterized in that, comprising:
In the process that new wireless device connects, network side sends grant number probe requests thereby message to described new wireless device; Safeguard a grant number tabulation that allows access on the routing device of described network side in advance, the grant number of preserving all devices that allows access of radio network in this table;
After receiving the grant number detection response message that described new wireless device returns, described network side judges whether the grant number in this response message is the grant number that allows access, if, then network side judge described new wireless device grant number whether with the grant number double sign of the wireless device that has connected, if double sign, then refusing described new wireless device inserts, described network side is revised by the grant number of the wireless device of double sign, describedly given describedly by the wireless device of double sign and the routing device that is connected with this wireless device by the grant number of the wireless device of double sign by revising message notifying with amended, requirement is modified to amended grant number; If double sign not, then wait for the message that receives described new wireless device.
2. the method for reinforcement network security as claimed in claim 1 is characterized in that, after receiving the grant number detection response message that described new wireless device returns, also comprises:
Described network side judges whether the grant number detection response message of receiving that in the maximum response time that presets described new wireless device returns, if, then carry out and describedly judge that whether the grant number in this response message is to allow the grant number step that inserts, otherwise, refuse described new wireless device and insert.
3. the method for reinforcement network security as claimed in claim 1 is characterized in that, behind the message of receiving described new wireless device, described method also comprises:
Described network side is decrypted the message of receiving according to the manner of decryption that the field control layer network with described new wireless device place sets in advance;
The message that will obtain after will deciphering is again encrypted according to the cipher mode that the supervisory layers network with described network side sets in advance, and is sent to described supervisory layers network after encryption.
4. the method for reinforcement network security as claimed in claim 1 is characterized in that, preserves the address list of the field control layer network device and the supervisory layers network equipment in the equipment of network side in advance;
Behind the message of receiving described new wireless device, described method also comprises:
Judge whether source address and destination address in the message of receiving are present in the address list of the described field control layer network device and the supervisory layers network equipment, if then transmit this message; Otherwise, abandon this message.
5. the method for reinforcement network security as claimed in claim 1 is characterized in that, has all set in advance access rights in each supervisory layers equipment of network side;
When receiving that described supervisory layers equipment mails to the access request message of field control layer equipment, described method also comprises:
Judge whether the supervisory layers equipment that sends described access request message has the authority of this time accessing operation, if, then to the described access request message of described field control layer device forwards; Otherwise refusal is transmitted described access request message.
6. a device that is used to strengthen network security is characterized in that, comprising:
List cell, the grant number that is used to preserve all wireless devices that connect with network;
The judgment processing unit is used for when new wireless device access network, the grant number of judging described new wireless device whether with described list cell in the grant number double sign of preserving, if double sign is then refused described new wireless device and is inserted; Otherwise, then wait for to receive the message of described new wireless device;
Revise the unit, be used for obtaining the grant number of described new wireless device and during the wireless device double sign that connected when described judgment processing unit judges, revise described connected in by the grant number of the wireless device of double sign;
Transmitting element is used for that the new grant number that obtains is revised in described modification unit and passes through to revise message notifying to described by the wireless device of double sign, and the routing device that is connected with this wireless device.
7. the device that is used to strengthen network security as claimed in claim 6 is characterized in that, described device is integrated on the wireless network secure management server of network side.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2007101952384A CN101170461B (en) | 2007-12-04 | 2007-12-04 | A method and device for enhancing network security |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2007101952384A CN101170461B (en) | 2007-12-04 | 2007-12-04 | A method and device for enhancing network security |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101170461A CN101170461A (en) | 2008-04-30 |
| CN101170461B true CN101170461B (en) | 2010-10-06 |
Family
ID=39390940
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2007101952384A Expired - Fee Related CN101170461B (en) | 2007-12-04 | 2007-12-04 | A method and device for enhancing network security |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101170461B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108833607B (en) * | 2018-06-12 | 2022-03-11 | 腾讯科技(深圳)有限公司 | Physical address acquisition method, device and readable medium |
| CN110784431A (en) * | 2018-07-30 | 2020-02-11 | 比亚迪股份有限公司 | Vehicle-mounted Ethernet secure access method, system, vehicle-mounted gateway and network equipment |
| CN112351029A (en) * | 2020-11-04 | 2021-02-09 | 内蒙古电力(集团)有限责任公司内蒙古电力科学研究院分公司 | Integrated system based on detection equipment |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1471283A (en) * | 2002-07-26 | 2004-01-28 | 深圳市中兴通讯股份有限公司 | Virtual special dialing network business data packet retransmission method |
| CN1852595A (en) * | 2005-12-02 | 2006-10-25 | 华为技术有限公司 | Method for authent ation of access of wireless communication terminal |
-
2007
- 2007-12-04 CN CN2007101952384A patent/CN101170461B/en not_active Expired - Fee Related
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1471283A (en) * | 2002-07-26 | 2004-01-28 | 深圳市中兴通讯股份有限公司 | Virtual special dialing network business data packet retransmission method |
| CN1852595A (en) * | 2005-12-02 | 2006-10-25 | 华为技术有限公司 | Method for authent ation of access of wireless communication terminal |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101170461A (en) | 2008-04-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11637696B2 (en) | End-to-end communication security | |
| CN102195957B (en) | Resource sharing method, device and system | |
| CN101404056B (en) | Software protection method, apparatus and equipment | |
| JPWO2009087702A1 (en) | Virtual machine execution program, user authentication program, and information processing apparatus | |
| CN104753953A (en) | Access control system | |
| CN101299665A (en) | Message processing method, system and apparatus | |
| CN102970228B (en) | A kind of message transmitting method based on IPsec and equipment | |
| WO2005092001A2 (en) | Methods and apparatus for confidentiality protection for fibre channel common transport | |
| CN106027473A (en) | Identity card reading terminal and cloud authentication platform data transmission method and system | |
| CN105187369A (en) | Data access method and data access device | |
| CN101170461B (en) | A method and device for enhancing network security | |
| CN106992978A (en) | Network safety managing method and server | |
| JP2011035535A (en) | Communication cutoff device, server device, method, and program | |
| CN101197822B (en) | System for preventing information leakage and method based on the same | |
| Luo et al. | Security mechanisms design for in-vehicle network gateway | |
| CN101106451B (en) | A data transmission method and device | |
| CN103379103A (en) | Linear encryption and decryption hardware implementation method | |
| JP2023535474A (en) | ASSOCIATION CONTROL METHOD AND RELATED DEVICE | |
| CN103916359A (en) | Method and device for preventing attacks from ARP middleman in network | |
| CN109587134B (en) | Method, apparatus, device and medium for secure authentication of interface bus | |
| CN101325486B (en) | Method and apparatus for transferring field permission cryptographic key | |
| CN111343129B (en) | Method and equipment for preventing protocol networking from being cracked | |
| Hridoy et al. | Laacan: A lightweight authentication architecture for vehicle controller area network | |
| JP2008287332A (en) | Document management system, use limit information management device and use limit information management program | |
| Amirtahmasebi et al. | Vehicular networks–security, vulnerabilities and countermeasures |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20101006 Termination date: 20181204 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |