CN101902384B - Data transmission system with multi-segment accessibility and method thereof - Google Patents
Data transmission system with multi-segment accessibility and method thereof Download PDFInfo
- Publication number
- CN101902384B CN101902384B CN 201010156403 CN201010156403A CN101902384B CN 101902384 B CN101902384 B CN 101902384B CN 201010156403 CN201010156403 CN 201010156403 CN 201010156403 A CN201010156403 A CN 201010156403A CN 101902384 B CN101902384 B CN 101902384B
- Authority
- CN
- China
- Prior art keywords
- network
- vpn
- virtual private
- virtual
- private network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Abstract
The invention relates to a data transmission system with multi-segment accessibility and a method thereof. The method comprises the following steps: a user executes a virtual private network client program set in an electronic system; the virtual private network client program is connected to a virtual private network router and sets a virtual network address of a virtual network module; and the virtual private network client program accesses a sub-segment corresponding to the virtual network address through the virtual network address. By adopting the data transmission system with the multi-segment accessibility and the method thereof of the invention, different segments can be accessed through change of the virtual network address, thus improving multi-session accessibility and connection resilience of a virtual private network.
Description
Technical field
The present invention relates to a kind of data transferring system and method thereof with multisegment accessibility, particularly a kind of data transferring system and method thereof with switching and the multiple network segment function of access.
Background technology
At present, because VPN (virtual private network) (Virtual Private Network, VPN) be that a Internet in public opening provides the major technique of safe and exclusive communication connection to use, but the set-up mode of VPN (virtual private network) VPN is to the user and be not easy to use.For the user that must use VPN (virtual private network), how can be safely and provide easily the access of VPN (virtual private network) line day by day to become an important problem, if arranging of application software is numerous and diverse, and network resource access is subject to many restrictions will make the user produce in the use great inconvenience, in order to simplify the setting of VPN (virtual private network), some product has proposed to utilize port security HTML (Hypertext Markup Language) (Hypertext Transfer Protocol over Secure Socket Layer on the market, HTTPS) as the line of communication of setting up the VPN (virtual private network) line, allow the user can not need understand numerous and diverse setting of VPN (virtual private network), and come its network segment in can the VPN (virtual private network) of access of standard according to the user.Building on internet security agreement (Internet Protocol Security, the aspect of VPN (virtual private network) line IPSec), use utilizing the HTML (Hypertext Markup Language) on secure port has been a disclosed technology as line of communication and the virtual private net line that utilizes Microsft Windows internet security protocol application (Microsoft Windows IPSec utility) to be based upon the internet security agreement, but be subject to it and must see through the high complexity that region security management principle (Local Security Policy) arranges the relevant setting of internet security agreement, present technology only rests on the accessibility that the single network section is provided.
With present technology; because the growth of network environment is quick; enterprise network can have the different network plannings for different departments usually; the single network section can't satisfy its demand for some network application environment; most medium-sized and small enterprises router (Small and Medium BusinessRouter) provides the multimeshed network section absolutely; even many home router (So-Ho Router) also have this function; if the angle with information security; use virtual local area network technology (Virtual LocalArea Network; VLAN) to distinguish user's network and resource network, also be very general practice in network management.Hence one can see that, if VPN (virtual private network) is merely able to provide the accessibility of single network section, for the user, will bring great inconvenience, if condescend to take this post in the accessibility that VPN (virtual private network) is provided, place certain single network section also will bring considering of complexity and some fail safes for network management valuable source.
Tradition adopts the internet security agreement VPN (virtual private network) application software of Microsft Windows internet security protocol application (Microsoft Windows IPSecutility) to also have the another one shortcoming on the addressing of the network address, because the internet security protocol channel (Tunnel) of its foundation is the mode of a kind of direct corresponding gateway (host-to-gateway), so packet source address (Source IP Address) is for using the address of computer of application software own, this kind network address is owing to may be public address (Public IPAddress), when adopting this kind application software to set up the internet security protocol channel, the user is connected to enterprise network when inner, this kind public address packet type might be detoured by the default route planning (Default Routing) of network internal and the problem (Network Latency) that causes usefulness to postpone, also might not allow internal lan to have the package of this type and then loses package and cause the problem of network management because of the enterprises fire compartment wall.
Summary of the invention
Because the problem of above-mentioned prior art, purpose of the present invention is utilizing Microsft Windows internet security protocol application (Microsoft Windows IPSec utility) to set up under the prerequisite of internet security agreement VPN (virtual private network) (IPSec VPN) exactly, solve the inconvenience that general tradition adopts the existing single network section accessibility of internet security protocol application (IPSec Utility) to bring, and further that it is derivative for providing the function of across a network section accessibility, the convenience that it adopts the mode of virtual network address (Virtual IP) adjustable property also to be provided and then to provide network manager to control for the package address of internet security agreement VPN (virtual private network) (IPSec VPN).
According to purpose of the present invention, a kind of data transferring system with multisegment accessibility is proposed, it comprises an electronic system, one VPN (virtual private network) router and several far-end electronic systems, electronic system comprises a memory cell, one network element and a processing unit, memory cell comprises a VPN (virtual private network) client-side program, to simulate a virtual interface, and a virtual network address is set in virtual interface, network element provides an interface, processing unit is to connect memory cell and network element, the VPN (virtual private network) router is to be connected with network element with electronic system, provide electronic system to login a VPN (virtual private network), several far-end electronic systems are to be connected in the VPN (virtual private network) router, and be distributed at least one subnet section of VPN (virtual private network), electronic system is connected to the far-end electronic system that is positioned at the subnet section after obtaining virtual network address by the VPN (virtual private network) router.
Preferably, network element is network interface card or network interface chip.
Preferably, when electronic system is connected to the VPN (virtual private network) router, can pass through a network channel pattern, this network channel pattern is a separate type channel network or a full tunnel network, the separate type channel network is the part line guiding VPN (virtual private network) router of VPN (virtual private network) client-side program, and the full tunnel network then is the VPN (virtual private network) router that all leads of the line with the VPN (virtual private network) client-side program.
Preferably, the VPN (virtual private network) client-side program is to be connected to the VPN (virtual private network) router by a procotol, and procotol is to be the HTML (Hypertext Markup Language) on the secure port or general HTML (Hypertext Markup Language).
Preferably, VPN (virtual private network) client-side program and VPN (virtual private network) router are set up an internet security agreement, and this internet security agreement is package encryption mode.
Preferably, virtual interface is the function of a virtual network transmission interface card of VPN (virtual private network) client-side program simulation, and can virtual network address be set in this virtual interface.
Preferably, the virtual network address of corresponding subnet section is to belong in the network address range of subnet section.
Preferably, when virtual network address generation repetition situation, then reconnect VPN (virtual private network) client-side program and VPN (virtual private network) router.
Preferably, the VPN (virtual private network) router more optionally arranges a network address translation rule according to the channel network pattern, and this network address translation rule provides the corresponding of non-physical network address and physical network address.
According to purpose of the present invention, reintroduce a kind of data transmission method with multisegment accessibility, its step is for carrying out first the set VPN (virtual private network) client-side program of an electronic system, the VPN (virtual private network) client-side program is connected to a VPN (virtual private network) router, the VPN (virtual private network) client-side program arranges a virtual network address of a virtual port, pass through virtual network address, the corresponding at least one subnet section of access virtual network address with the VPN (virtual private network) client-side program again.
Preferably, VPN (virtual private network) is to have the subnet section, the subnet section has respectively different network address range, and the VPN (virtual private network) router is by selecting the virtual network address that is not used in the virtual network address scope, and the virtual network address scope is the network address range of corresponding subnet section.
In sum, according to data transferring system and the method thereof with multisegment accessibility of the present invention, it can have one or more following advantage:
(1) the present invention has the data transferring system of multisegment accessibility and the different network segment of change access that method can be passed through virtual network address thereof, therefore can improve the multi session accessibility of VPN (virtual private network).
(2) data transferring system and the method thereof of the present invention with multisegment accessibility can be passed through the acceptable network channel of VPN (virtual private network) router, therefore can improve the line elasticity of VPN (virtual private network).
Description of drawings
Fig. 1 is the Organization Chart with data transferring system of multisegment accessibility of the present invention;
Fig. 2 is the virtual private network framework figure of multisegment;
Fig. 3 is the configuration diagram of the separate type channel network of the data transferring system with multisegment accessibility of the present invention;
Fig. 4 is the configuration diagram of the full tunnel network of the data transferring system with multisegment accessibility of the present invention;
Fig. 5 is the method flow diagram with data transmission method of multisegment accessibility of the present invention.
Embodiment
Hereinafter with reference to accompanying drawing, the have data transferring system of multisegment accessibility and the embodiment of method thereof of the present invention are described, to be convenient to understand for making, the similar elements among the following embodiment is to illustrate with identical symbology.
See also Fig. 1, it is the Organization Chart with data transferring system of multisegment accessibility of the present invention.Among the figure, electronic system 1 comprises a memory cell 10, one network element 11 and a processing unit 12, memory cell 10 comprises a VPN (virtual private network) client-side program 100, in order to simulate a virtual interface (Virtual Interface), and a virtual network address is set at virtual interface, network element 11 provides an interface, processing unit 12 is used for connecting memory cell 10 and network element 11, the VPN (virtual private network) router two is connected with the network element 11 of electronic system 1, provide electronic system 1 login one VPN (virtual private network) 3, a plurality of far-end electronic systems 30 connect the VPN (virtual private network) router two, and are distributed in the VPN (virtual private network) 3.
See also Fig. 2, it is the virtual private network framework figure of multisegment network.Among the figure, with prior art, electronic system 1 is used the VPN (virtual private network) client-side program of prior art, with the open network address (Public IP Address) via the Internet 4 with the security network agreement, be connected to the VPN (virtual private network) router two, when VPN (virtual private network) router two and electronic system 1 are set up line, because electronic system 1 is still used original open network address, in existing virtual private network framework, can only link like this VLAN 310 (the Virtual Local Area Network of internal network router (Intranet Router) 31 front ends with the electronic system 1 of original open network address, VLAN), be VLAN1, its network address range is between 192.168.1.0/24, and can only connect single far-end electronic system 30, only can point-to-pointly connect, the VLAN 311 of rear end again, 322 and 323 all can't directly or indirectly connect, if the user wants to use the resource of other far-end electronic systems 30, then often has great restriction.
The present invention is for addressing this problem, utilize VPN (virtual private network) client-side program 100 to obtain virtual network address to the VPN (virtual private network) router two, its virtual network address is to be VLAN 310,311, the network address in 322 and 323 network address range, VLAN 310,311,322 and 323 are respectively each subnet section of VPN (virtual private network) 3, as want access VLAN 310, then be assigned to VPN (virtual private network) client-side program 100 1 virtual network address by the VPN (virtual private network) router two, this virtual network address is between between the 192.168.1.0 to 192.168.1.24, link to again VLAN 310, if virtual network address and far-end electronic system wherein 30 repeat, then obtain again virtual network address one time.Therefore, this electronic system 1 just can become the member of VLAN 310, just applicable to internet security agreement (Internet Protocol Security, IPSec) region security principle, connect with VLAN 310 and the use of related resource, and when the user wants to link to VLAN 311, the VPN (virtual private network) router two is specified the network address between the 192.168.2.0 to 192.168.2.24 again, delivers to VPN (virtual private network) client-side program 100 and is virtual network address.
See also Fig. 2, because at present scientific and technological industry often has not only a garden or factory building, therefore often have a plurality of VPN (virtual private network), these VPN (virtual private network) connect in the mode of VLAN, such as the VLAN 322 and 323 among the figure, and separate with internal network router three 2 and 33 each other, consider safety factor, each other with different network address translation rules (Network AddressTranslation, NAT) strengthen its fail safe, when the user wants to be connected to VLAN 322 and 323, at first must be given by the VPN (virtual private network) router two network address of corresponding VLAN 322 and 323 network ranges, virtual network address for VPN (virtual private network) client-side program 100, so, electronic system 1 obtains just becoming behind the virtual network address member of VLAN 322 and 323, and the VPN (virtual private network) router two pre-deposits the network address translation rule of VLAN 322 and 323, electronic system 1 just can internet security agreement (Internet Protocol Security, IPSec) region security principle connects with VLAN 322 and 323 and the use of related resource.
And when electronic system 1 is connected with the VPN (virtual private network) router two, use the virtual private network subscriber end program of prior art, can only one of them be connected to the VPN (virtual private network) router two with separate type channel network or full tunnel network, and only accept when wherein a kind of when the VPN (virtual private network) router two, often cause can't line problem, the present invention has strengthened the elasticity of using, and carries out the implementation of separate type channel network or full tunnel network with the VPN (virtual private network) router two.
See also Fig. 3, it is the configuration diagram of the separate type channel network of the data transferring system with multisegment accessibility of the present invention.Among the figure, VPN (virtual private network) client-side program 100 is connected to after the VPN (virtual private network) 2, when being connected to 30 processes of far-end electronic system VPN (virtual private network) router two, and when being connected to the Internet 4, then be connected directly to the Internet 4, need not pass through the VPN (virtual private network) router two, can alleviate the burden of VPN (virtual private network) router two, extra frequency range need not arranged.
See also Fig. 4, it is the configuration diagram of the full tunnel network of the data transferring system with multisegment accessibility of the present invention.Among the figure, VPN (virtual private network) client-side program 100 is connected to after the VPN (virtual private network) 2, when being connected to 30 processes of far-end electronic system VPN (virtual private network) router two, and when being connected to the Internet 4, also need pass through the VPN (virtual private network) router two, no longer be connected directly to the Internet 4, can strengthen the fail safe of VPN (virtual private network) 3, refusal and the Internet 4 produce the line of potentially dangerous.
See also Fig. 5, it is the method flow diagram with data transmission method of multisegment accessibility of the present invention.Among the figure, its step comprises as follows:
(S11) user carries out a set VPN (virtual private network) client-side program (Virtual Private Network Client, VPN Client) in an electronic system;
(S12) the channel network pattern selected with the user of VPN (virtual private network) client-side program is with (the Hypertext Transfer Protocol over Secure SocketLayer of the HTML (Hypertext Markup Language) on secure port, HTTPS) or general HTML (Hypertext Markup Language) (Hypertext Transfer Protocol, HTTP) be connected to VPN (virtual private network) router (Virtual Private Network Router, VPN Router);
(S13) the VPN (virtual private network) client-side program is with an internet security agreement (Internet ProtocolSecurity, IPSec) set up line with the VPN (virtual private network) router, and at a virtual network transmission interface (Virtual Interface) of VPN (virtual private network) client-side program simulation one virtual network address (Virtual IP) is set;
(S14) the VPN (virtual private network) client-side program is by virtual network address access VPN (virtual private network) (Virtual Private Network, VPN) in, the corresponding subnet section of this virtual network address (Subnet), if repeat other network addresss in this virtual network address and the subnet section, then get back to step (S13) and again obtain the network address, if do not repeat then to advance to step (S15); And
(S15) the VPN (virtual private network) client-side program operates in the subnet section of corresponding virtual network address.
Should be understood that, application of the present invention is not limited to above-mentioned giving an example, and for those of ordinary skills, can be improved according to the above description or conversion, and all these improvement and conversion all should belong to the protection range of claims of the present invention.
Claims (20)
1. data transferring system with multisegment accessibility, it is characterized in that: it comprises:
One electronic system, it comprises:
One memory cell, it comprises:
One VPN (virtual private network) client-side program is to simulate a virtual interface, and a virtual network address is set in this virtual interface;
One network element provides an interface; And
One processing unit is to connect this memory cell and this network element;
One VPN (virtual private network) router is to be connected with the network element of this electronic system, provides this electronic system to login a VPN (virtual private network); And
Several far-end electronic systems are to be connected in this VPN (virtual private network) router, and these several far-end electronic systems are to be distributed at least one subnet section of this VPN (virtual private network);
This electronic system is to be connected to this VPN (virtual private network) router with this network element first, after obtaining belonging to the virtual network address of this at least one subnet section by this VPN (virtual private network) router again, and this virtual network address is set in this virtual interface, be connected to the far-end electronic system of this at least one subnet section.
2. the data transferring system with multisegment accessibility as claimed in claim 1, it is characterized in that: this network element is network interface card or network interface chip.
3. the data transferring system with multisegment accessibility as claimed in claim 1, it is characterized in that: when this electronic system is connected to this VPN (virtual private network) router, be by a network channel pattern, this network channel pattern is a separate type channel network or a full tunnel network.
4. the data transferring system with multisegment accessibility as claimed in claim 3 is characterized in that: the part line that this separate type channel network is this VPN (virtual private network) client-side program this VPN (virtual private network) router that leads.
5. the data transferring system with multisegment accessibility as claimed in claim 3 is characterized in that: the line that this full tunnel network is this VPN (virtual private network) client-side program this VPN (virtual private network) router that all leads.
6. the data transferring system with multisegment accessibility as claimed in claim 1, it is characterized in that: this VPN (virtual private network) client-side program is to be connected to this VPN (virtual private network) router by a procotol, and this procotol is to be the HTML (Hypertext Markup Language) on secure port or general HTML (Hypertext Markup Language).
7. the data transferring system with multisegment accessibility as claimed in claim 1, it is characterized in that: this VPN (virtual private network) client-side program and this VPN (virtual private network) router are set up an internet security agreement.
8. the data transferring system with multisegment accessibility as claimed in claim 7, it is characterized in that: this internet security agreement is package encryption mode.
9. the data transferring system with multisegment accessibility as claimed in claim 1, it is characterized in that: this virtual interface is the function of a virtual network transmission interface card of this VPN (virtual private network) client-side program simulation, and this virtual network address is set in this virtual interface.
10. the data transferring system with multisegment accessibility as claimed in claim 1 is characterized in that: be to belong in the network address range of this at least one subnet section to this virtual network address that should at least one subnet section.
11. the data transferring system with multisegment accessibility as claimed in claim 1 is characterized in that: when this virtual network address occurs to repeat, then reconnect this VPN (virtual private network) client-side program and this VPN (virtual private network) router.
12. the data transferring system with multisegment accessibility as claimed in claim 3 is characterized in that: comprise that also this VPN (virtual private network) router optionally arranges a network address translation rule according to this channel network pattern.
13. the data transferring system with multisegment accessibility as claimed in claim 12 is characterized in that: this network address translation rule provides the corresponding of non-physical network address and physical network address.
14. the data transmission method with multisegment accessibility is to be applied to an electronic system, it is characterized in that: it comprises the following steps:
Carry out the set VPN (virtual private network) client-side program of this electronic system;
This VPN (virtual private network) client-side program is connected to a VPN (virtual private network) router;
This VPN (virtual private network) client-side program arranges a virtual network address of a virtual interface; And
This VPN (virtual private network) client-side program is by this virtual network address, the corresponding at least one subnet section of this virtual network address of access.
15. the data transmission method with multisegment accessibility as claimed in claim 14 is characterized in that: this VPN (virtual private network) is to have this at least one subnet section, and this at least one subnet section has respectively different network address range.
16. the data transmission method with multisegment accessibility as claimed in claim 14 is characterized in that: this VPN (virtual private network) router obtains this virtual network address that is not used from a virtual network address scope.
17. the data transmission method with multisegment accessibility as claimed in claim 16 is characterized in that: this virtual network address scope is corresponding to the network address range in this at least one subnet section.
18. the data transmission method with multisegment accessibility as claimed in claim 14 is characterized in that: the channel network pattern that this VPN (virtual private network) router arranges, this channel network pattern is a separate type channel network or a full tunnel network.
19. the data transmission method with multisegment accessibility as claimed in claim 18 is characterized in that: this separate type channel network is to connect this VPN (virtual private network) router that all leads in the part of this VPN (virtual private network) client-side program.
20. the data transmission method with multisegment accessibility as claimed in claim 18 is characterized in that: this full tunnel network is in the connection of this VPN (virtual private network) client-side program this VPN (virtual private network) router that all leads.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 201010156403 CN101902384B (en) | 2010-03-29 | 2010-03-29 | Data transmission system with multi-segment accessibility and method thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 201010156403 CN101902384B (en) | 2010-03-29 | 2010-03-29 | Data transmission system with multi-segment accessibility and method thereof |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101902384A CN101902384A (en) | 2010-12-01 |
| CN101902384B true CN101902384B (en) | 2013-10-23 |
Family
ID=43227602
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 201010156403 Active CN101902384B (en) | 2010-03-29 | 2010-03-29 | Data transmission system with multi-segment accessibility and method thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101902384B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102123138B (en) * | 2011-01-04 | 2014-12-10 | 南京邮电大学 | ONS (Object Naming Service)-based secure encryption method in internet of things |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1404263A (en) * | 2001-09-03 | 2003-03-19 | 华为技术有限公司 | Realizing method and system of special network in wideband virtual network |
| CN101026547A (en) * | 2006-02-22 | 2007-08-29 | 中兴通讯股份有限公司 | Method and system for accessing Intranct IPv6 host into global IPv6 network |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR100645960B1 (en) * | 2000-08-29 | 2006-11-14 | 삼성전자주식회사 | System and method for accessing to node of private network |
-
2010
- 2010-03-29 CN CN 201010156403 patent/CN101902384B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1404263A (en) * | 2001-09-03 | 2003-03-19 | 华为技术有限公司 | Realizing method and system of special network in wideband virtual network |
| CN101026547A (en) * | 2006-02-22 | 2007-08-29 | 中兴通讯股份有限公司 | Method and system for accessing Intranct IPv6 host into global IPv6 network |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101902384A (en) | 2010-12-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| TWI389525B (en) | System of multiple subnet accessible data transfer and method thereof | |
| US10735511B2 (en) | Device and related method for dynamic traffic mirroring | |
| KR101883146B1 (en) | Providing devices as a service | |
| CN104506670B (en) | Establish method, equipment and the system of network game connection | |
| US7028333B2 (en) | Methods and systems for partners in virtual networks | |
| US7181766B2 (en) | Methods and system for providing network services using at least one processor interfacing a base network | |
| US9231918B2 (en) | Use of virtual network interfaces and a websocket based transport mechanism to realize secure node-to-site and site-to-site virtual private network solutions | |
| US20160191568A1 (en) | System and related method for network monitoring and control based on applications | |
| US20140282823A1 (en) | Device and related method for establishing network policy based on applications | |
| US20030131263A1 (en) | Methods and systems for firewalling virtual private networks | |
| CN104158767B (en) | A kind of network admittance device and method | |
| US20140280211A1 (en) | Device and related method for application identification | |
| RU2004117065A (en) | ARCHITECTURE FOR CONNECTING A REMOTE CUSTOMER TO THE LOCAL CUSTOMER'S DESK | |
| CN103428211B (en) | Network authentication system based on switch and authentication method thereof | |
| CN103368809A (en) | Internet reverse penetration tunnel implementation method | |
| CN103209107A (en) | Method for realizing user access control | |
| Jaha et al. | Proper virtual private network (VPN) solution | |
| CN103401751B (en) | Internet safety protocol tunnel establishing method and device | |
| Griffioen et al. | VIP Lanes: High-speed custom communication paths for authorized flows | |
| CN101902384B (en) | Data transmission system with multi-segment accessibility and method thereof | |
| CN103036901A (en) | ETS remote programming method | |
| CN106454817B (en) | A kind of wlan authentication method and system, AP equipment | |
| Jing et al. | Study on VPN solution based on multi-campus network | |
| Havrysh et al. | Organizational structure of technical protection of information at the network level using VPN technology | |
| JP4996514B2 (en) | Network system and message transfer method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |