CN102724189A - Method and device for controlling user URL (uniform resource locator) access - Google Patents
Method and device for controlling user URL (uniform resource locator) access Download PDFInfo
- Publication number
- CN102724189A CN102724189A CN2012101892859A CN201210189285A CN102724189A CN 102724189 A CN102724189 A CN 102724189A CN 2012101892859 A CN2012101892859 A CN 2012101892859A CN 201210189285 A CN201210189285 A CN 201210189285A CN 102724189 A CN102724189 A CN 102724189A
- Authority
- CN
- China
- Prior art keywords
- url
- user terminal
- address
- user
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Computer And Data Communications (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a method and a device for controlling user URL (uniform resource locator) access. An access strategy of a user URL is configured on a URL server and is sent to a user terminal, and the user URL access is controlled through the sent user URL access strategy. The user URL access can be controlled only by configuring the user URL access strategy on the URL server without the dependence on network equipment, so that the device is simple, flexible and convenient to maintain.
Description
Technical field
The present invention relates to network communication field, relate in particular to a kind of control user URL visit and prevent that the user is through distorting method and the device that the Hosts file visits illegal URL on the terminal.
Background technology
Along with popularizing rapidly of personal computer and the Internet, the application of network in people's work and life more and more widely.In a lot of occasions especially working environment, enterprises and institutions are in order to protect the information security of self, and are increasingly high to the requirement for restriction of employee's internet usage, also more and more stricter to the control of employee's network access authority.In a lot of working environments, usually need give the various network rights of using to different clerical workforces.
At present, the modal scheme of control user's URL access rights has following four kinds:
Scheme 1:MAC address filtering.MAC Address through configuration on the network equipment allows to insert is tabulated, and comes control terminal to insert authority.But this scheme defective is: the MAC Address of each network equipment in the necessary definite network of mac address filter specification requirement, and will be configured according to the mac address filter table of control strategy to each port of the network equipment.If the network interface card of the network equipment changes; Or change in physical location, then need reconfigure when perhaps having new user terminal to join in the network, so the network management burden is quite heavy; And along with the continuous expansion of network equipment quantity, maintenance workload also strengthens thereupon.And had network interface card can support that MAC Address reconfigures now, can construct legal MAC Address thus and obtain access rights, be i.e. MAC Address " deception ".The most important thing is, the authority of end-user access URL have only can with can not two kinds, delineation of power is too single, can't realize multi-level access control policy.
Scheme 2:VLAN isolates.Through vlan technology, be divided into several virtual " working groups " to the numerous network equipments in the network system.The network equipment between group and the group is isolated mutually on two layers, forms different broadcast domains.But the defective of this scheme is: the VLAN isolation scheme requires the MAC Address or the IP address of the equipment that each physical port connected on the necessary clear and definite switch, is configured according to demand division different working group and to switch.When certain terminal network interface card, IP address or physical location change, need reconfigure a plurality of relevant network equipments in the whole network system, maintenance workload is very big.In addition, the VLAN isolation scheme is the division of carrying out to company's Intranet, and it is used for the authority of limiting terminal user at the visit URL of Intranet, can't the visit of outer net be controlled.
Scheme 3:ACL ACL.Based on the control technology that flows to of packet filtering,, determine whether allowing passing through of packet through source address, destination address and port numbers basic element as packet inspection.The defective of this scheme is: use the ACL ACL, need the IP subnet at clear and definite each main frame and work station place, and confirm the visit relation between them.In the huge network of terminal quantity, in order to realize a lot of IP address resource of access control meeting waste, simultaneously huge network terminal quantity can make the complexity and the difficulty of management become very high equally.
Scheme 4: hardware firewall.Use the hardware firewall equipment of specialty to come the Control Network visit.But the defective of this scheme is: the price of hardware firewall adopts this scheme will cause operation cost of enterprises big all than higher usually.
In addition, above-mentioned all schemes all are that dependency network equipment is realized, thereby when control terminal user capture URL, seem underaction, convenience.
Summary of the invention
In view of this; The present invention proposes a kind of method and device of the user of control URL visit; Access strategy through with configured in advance user URL on the URL server is issued to user terminal, controls user's URL visit according to the said URL user access policies that issues.
The present invention proposes a kind of method of the user of control URL visit, in the network system that is applied to be made up of user terminal and URL server, wherein, said method comprises the steps:
Step 1, configuration needs the URL access resources of management on the URL server;
Step 2, the access strategy of configure user URL on the URL server;
Step 3; When user terminal passes through URL server access network; The URL server is handed down to user terminal with the access strategy of the user URL of configuration, and user's URL visit subsequently will judge whether to allow the user to carry out the URL visit according to the said URL access strategy that issues.
Further, said method also comprises:
Steps A, the rule of IP address in the configure user terminal to report hosts file on the URL server;
Step B, when user terminal passed through URL server access network, the URL server issued the rule of IP address in the user terminal to send up hosts file, and reported the IP address in the local hosts file according to said rule;
Step C; The URL server is received the IP address in the hosts file of user terminal to send up; The IP address range that exists in the permission user terminal hosts file that it and himself are kept matees, if coupling then allows user terminal to continue visit URL resource; Otherwise break off itself and being connected of URL server, make it not visit again any Internet resources.
Further, the rule of IP address is specially in the said steps A configure user terminal to report hosts file, interval duration, overtime duration and the number of retries of IP address in the configure user terminal to report hosts file on the URL server.
Further, the interval duration of said configuration, overtime duration and number of retries should be restricted to: " overtime duration " * " number of retries+1 " < " reporting duration at interval ".
Further, do not receive the URL server response behind the IP address in the user terminal to send up hosts file, think user terminal and the connection failure of URL server, user terminal breaks off and being connected of server, and makes it not visit again any Internet resources.
The device that is applied to the control user URL visit of said method provided by the invention is specially the URL server that control user URL visits, and wherein, said device comprises:
Configuration module is used to dispose the URL access resources of needs management and the strategy of control user URL visit;
Matching module, the user after the URL server is received the IP address in the hosts file of user terminal to send up, with it with the permission user terminal hosts file that himself keeps in the IP address range that exists mate;
Processing module is used for result when coupling when consistent, allows user terminal to continue visit URL resource, otherwise breaks off itself and being connected of URL server, and makes user terminal not visit again any Internet resources.
Further, said matching module is used for the rule of configure user terminal to report hosts file IP address.
Further, the rule of IP address is specially in the said configure user terminal to report hosts file: interval duration, overtime duration and the number of retries of IP address in the configure user terminal to report hosts file.
Further, the interval duration of said configuration, overtime duration and number of retries should be restricted to: " overtime duration " * " number of retries+1 " < " reporting duration at interval ".
Further, said processing module also be used for when user terminal when the URL server access network, will be in the access strategy of the said user URL that the URL server will dispose and user terminal to send up hosts file the rule downloading of IP address to user terminal.
Compared with prior art; Technical scheme of the present invention has disposed the access strategy of user URL in advance on the URL server; Access strategy with said user URL is issued to user terminal then, controls user's URL visit behavior through the said URL user access policies that issues.Because technical scheme of the present invention does not need dependency network equipment, only need can realize control, thereby safeguard simple, flexible at URL server configures user terminal URL access strategy to user URL visit.
Description of drawings
Fig. 1 is the method flow diagram of control user URL provided by the invention visit.
Fig. 2 is that the present invention sets domain name URL classification sketch map at the URL server side.
Fig. 3 is the present invention needs management in the setting of URL server side a domain name URL sketch map.
Fig. 4 is that the present invention sets IP address URL classification sketch map at the URL server side.
Fig. 5 is the present invention needs management in the setting of URL server side an IP address URL sketch map.
Fig. 6 is the sketch map of the present invention at URL server side configure user URL access strategy.
Fig. 7 is that the present invention prevents that the terminal use from distorting the flow chart of hosts file.
Fig. 8 is the IP address range that the present invention allows access URL under certain application-specific scene in the server side configuration.
Fig. 9 is the present invention's time interval that the hosts file reports at server side configure user terminal, number of retries and an overtime duration sketch map under certain application-specific scene.
Figure 10 is an IP address sketch map corresponding in the host file of user terminal to send up of the present invention under certain application-specific scene.
Figure 11 is the device sketch map of control user URL provided by the invention visit.
Embodiment
In order to realize the object of the invention, the present invention needs improve both ways and is perfect: user URL access control and prevent that the terminal use from distorting the hosts file.In order to make the present invention clearer, before introducing the embodiment of the invention in detail, introduce two basic conceptions earlier.
URL: URL (abbreviation of English Uniform Resource Locator), also be called as web page address, be the resource addresses of standard on the internet.Utilize it, can realize corresponding between web page address and IP address well, be convenient to people and visit the Internet resources on the particular ip address.
Hosts file: hosts is system file that does not have extension name in the Windows system; Be used for the network address domain name that some are commonly used and set up one related " database " with its corresponding IP address; When the user imports the network address of a needs login in browser; Corresponding IP address can be sought at first automatically by system from the hosts file, in case find, system can open corresponding webpage immediately; If do not find, then system can submit to the DNS name resolution server to carry out the parsing of IP address network address again.
Below in conjunction with concrete embodiment respectively from user URL access control with prevent that the terminal use from distorting two aspects of hosts file technical scheme of the present invention is described.
One, user URL access control
For practicality is controlled user URL visit is convenient flexibly; In embodiments of the present invention; Through the prior access strategy of configure user URL and this access strategy is handed down to user terminal on the URL server; When user terminal during, judge whether to allow this URL visit according to the access strategy of the user URL that receives by terminal software in the specific URL network address of visit.If this URL visits the network address that allows visit in the access strategy that belongs to user URL, then directly conduct interviews through the URL server; Otherwise, this URL visit of URL server refusal.
The concrete grammar and the application example of control user URL visit have been provided below.
Step 1, the URL access resources that configuration need be managed on the URL server
The URL visit is divided into domain name URL visit and IP address URL visit two big classes usually; The present invention needed in advance the domain name URL visit and the IP address URL access resources of needs management to be classified respectively before the access strategy of configure user URL on the URL server according to this.
Particularly, when the domain name URL access resources that needs management is set, operate as follows:
At first, on the URL server, increase domain name URL tabulation
For example: when domain name URL access resources specifically being divided into when buying these classifications of website, a shopping type website, share certificate information, development technique website, news category website, movie & TV download, recreation forum on behalf; Then in domain name URL tabulation, accomplish foundation or the modification that above-mentioned domain name URL classifies through increase, modification, deletion or refreshing instruction, specifically as shown in Figure 2.
Then, under each domain name URL classification of aforementioned setting, increase the domain name URL resource that specifically needs management.
For example: under aforementioned shopping type website, increase concrete domain address such as www.gouwu.com.cn, www.360buy.com, www.amazon.com.Specifically as shown in Figure 3.
When the IP address URL access resources that needs management is set, also need carry out similar operations:
At first, on the URL server, increase the tabulation of IP address URL
For example: concrete corporate server crowd, share certificate information, movie & TV download, the mailbox/news/IP address URL classifications such as microblogging of increasing on the URL server, specifically as shown in Figure 4.
Then, under each IP address URL classification of above-mentioned setting, increase the IP address URL resource of concrete needs management.
For example, under mailbox/news/microblogging IP address URL classification, the start ip address of increase Tengxun mailbox server, Tengxun's NEWS SERVER, Tengxun's client downloads server and end ip address etc., specifically as shown in Figure 5.
Step 2, on the URL server access strategy of configure user URL
Particularly, refuse or allow to visit to be provided with through the URL access resources that the needs of setting in the abovementioned steps 1 are managed, and dispose the priority of each URL access resources, can be combined into and enrich and comprehensive URL access control policy, specifically as shown in Figure 6.
Step 3, when user terminal when the URL server access network; The URL server is handed down to user terminal with the access strategy of the user URL of configuration; User's URL visit subsequently will judge whether to allow the user to carry out the URL visit according to the said URL access strategy that issues.
After this, the terminal use is in visit during URL, and the access strategy of the user URL that user terminal can issue according to the URL server comes the URL visit of process user.For example, according to the user's of configuration shown in Figure 6 URL access strategy, when this URL of user capture http://www.amazon.com:
Matching rules is sought in domain name URL classification priority orders traversal domain name URL classification from high to low in the access strategy " Office Strategies " of the user URL that user terminal is set according to Fig. 6 in advance;
In domain name URL classification " a shopping type website ", found matching rules, " a shopping type website " is sorted in processing action that is provided with in " Office Strategies " and is " refusal ", and then this visit can be refused in the terminal;
If terminal peace priority orders from high to low can not find matching rules after having traveled through all domain name URL classification, then refuse this visit according to the setting " refusal " of " domain name URL default-action "; Processing and said process to the visit of IP address URL are similar, do not give unnecessary details at this.
Two, prevent that the terminal use from distorting the hosts file
For preventing that the terminal use from distorting the hosts file, further handle as follows in the present invention, specifically as shown in Figure 7:
Steps A rule of IP address in the configure user terminal to report hosts file on the URL server, specific as follows:
Step a1, on the URL server interval duration of IP address in the configure user terminal to report hosts file;
Step a2, on the URL server the overtime duration of IP address in the configure user terminal to report hosts file;
Particularly, behind the IP address in the user terminal to send up host file, the URL server can be given to respond after receiving the IP address of user terminal to send up; If user terminal is not received response after waiting for a period of time, then can report again, this parameter is specially the duration that user terminal reports the IP address to wait for again is set.
Step a3, on the URL server number of retries of IP address in the configure user terminal to report hosts file.
The response that if user terminal is not received the URL server in overtime duration behind the IP address of user terminal in reporting the hosts file; User terminal need report the IP address in the hosts file again, and this parameter determining user terminal reports the number of times of IP address in the hosts file again.
Need to prove; Three parameter values of aforementioned arrangements must be restricted to: < " report at interval duration " adds that the time that awaits a response can not cross over and reports duration at interval to guarantee time that user terminal reports maximum number of times of the IP address in the hosts file to need again in " overtime duration " * " number of retries+1 ".
When URL server access network was passed through at step party B-subscriber terminal, the URL server issued the rule of IP address in the user terminal to send up hosts file, and said user terminal reports the IP address in the local hosts file according to said rule.
Particularly, the said rule that issues is meant that the URL server issues the interval duration of IP address in the user terminal to send up hosts file, overtime duration and number of retries.Subsequently, user terminal will read local hosts file by issuing the time interval of setting in the rule, parse wherein IP address and report the URL server.If do not receive the URL server response behind the IP address in the user terminal to send up hosts file; Then also should report IP address in the hosts file again by the number of retries that is provided with in the said rule; If when not receiving the response of URL server yet; Then think user terminal and the connection failure of URL server, user terminal breaks off and being connected of server, and makes it not visit again any Internet resources.
Step C URL server is received the IP address in the hosts file of user terminal to send up; Exist in the permission user terminal hosts file that it and himself are kept IP address range mate; If coupling; Then allow user terminal to continue visit URL resource, otherwise break off itself and being connected of URL server, make it not visit again any Internet resources.
The URL server is received the IP address in the hosts file of user terminal to send up; And after respond giving user terminal, with the IP address in the host file of user terminal to send up and himself in the permission user terminal hosts file of this locality reservation, exist IP address range mate, if the IP address situation that can not mate; Then issue and break off the message that connects to user terminal; User terminal receives linking of automatic disconnection and URL server after this message, can not visit again any Internet resources, if situation about can not mate occurs; Then do not do any action, allow user terminal to carry out network resource accession.
Need to prove: under the situation of network congestion; Might work as the URL server when user terminal issues the message of breaking off connection; User terminal because report the response of in time not receiving the URL server behind the IP address in the hosts file automatic disconnection with being connected of URL server, but this is little to safety effects.In addition, it should be noted that this IP address of 127.0.0.1 in the local hosts file of user terminal does not report.
Provided below and prevented under certain application-specific scene that the terminal use from distorting the applying examples of hosts file.Specific as follows:
At first, on the URL server, allow the IP address range of existence in the hosts file of configure user terminal, suppose that it allows IP address range of user URL visit as shown in Figure 8.
Then, interval duration, number of retries, the overtime duration of IP address in the configure user terminal to report hosts file on the URL server suppose that interval duration, number of retries, the overtime duration of its configuration is as shown in Figure 9.
Subsequently, when user terminal passed through URL server access network, the URL server was issued to above-mentioned configuration file on the user terminal.
According to configuration blanking time shown in Figure 9, user terminal was whenever resolved local hosts file once at a distance from 10 minutes, and gave the URL server with IP reporting address wherein.According to file content shown in Figure 10, report 1.1.1.10, these two IP addresses of 10.153.128.15.
Once more; After the URL server is received the IP address in the hosts file of user terminal to send up; The IP address that allows to exist in said IP address and its local user terminal hosts file of retaining is mated; Because the IP address 1.1.1.10 in the hosts file that the terminal use reports in the IP address range that this user terminal host of URL server configures file allows, does not then issue the disconnection connection message to user terminal, the informing user terminal disconnection is connected with server.
At last, user terminal after receiving the message that the URL server break off to connect, break off with the URL server between be connected, can not visit again any Internet resources.
Prevent that the effect that the terminal use distorts the hosts file from being; Stop the terminal use in the hosts file that an illegal IP address is corresponding with a legal domain name; Reaching the purpose of visit illegal IP address URL through visiting this legal domain name, is perfect to URL access control policy function.
Shown in figure 11, the device that is applied to the control user URL visit of said method provided by the invention is specially the URL server that control user URL visits, and wherein, said device comprises:
Configuration module is used to dispose the URL access resources of needs management and the strategy of control user URL visit;
Matching module, the user after the URL server is received the IP address in the hosts file of user terminal to send up, with it with the permission user terminal hosts file that himself keeps in exist IP address range mate;
Processing module is used for result when coupling when consistent, allows user terminal to continue visit URL resource, otherwise breaks off itself and being connected of URL server, and makes user terminal not visit again any Internet resources.
Further, said matching module is used for the rule of configure user terminal to report hosts file IP address.
Further, the rule of IP address is specially in the said configure user terminal to report hosts file: interval duration, overtime duration and the number of retries of IP address in the configure user terminal to report hosts file.
Further, the interval duration of said configuration, overtime duration and number of retries should be restricted to: " overtime duration " * " number of retries+1 " < " reporting duration at interval ".
Further, said processing module also be used for when user terminal when the URL server access network, will be in the access strategy of the said user URL that the URL server will dispose and user terminal to send up hosts file the rule downloading of IP address to user terminal.
Through this implementation of the present invention, on the URL server, set user's access rule in advance, the access rule with said user directly is issued to user terminal then, controls user URL visit through the said user capture rule that issues.Because technical scheme of the present invention do not need dependency network equipment, thereby user's URL visit behavior on the control terminal more easily.
The above only is the preferable implementation of the present invention, and any modification of being made based on the present invention's spirit that is equal to all should be covered by in the claim scope of the present invention.
Claims (10)
1. a method of controlling user URL visit in the network system that is applied to be made up of user terminal and URL server, is characterized in that said method comprises the steps:
Step 1, configuration needs the URL access resources of management on the URL server;
Step 2, the access strategy of configure user URL on the URL server;
Step 3; When user terminal passes through URL server access network; The URL server is handed down to user terminal with the access strategy of the user URL of configuration, and user's URL visit subsequently will judge whether to allow the user to carry out the URL visit according to the said URL access strategy that issues.
2. the method for claim 1, it is characterized in that: said method further comprises:
Steps A, the rule of IP address in the configure user terminal to report hosts file on the URL server;
Step B, when user terminal passed through URL server access network, the URL server issued the rule of IP address in the user terminal to send up hosts file, and reported the IP address in the local hosts file according to said rule;
Step C; The URL server is received the IP address in the hosts file of user terminal to send up; The IP address range that exists in the permission user terminal hosts file that it and himself are kept matees, if coupling then allows user terminal to continue visit URL resource; Otherwise break off itself and being connected of URL server, make it not visit again any Internet resources.
3. method as claimed in claim 2; It is characterized in that: the rule of IP address is specially in the said steps A configure user terminal to report hosts file, interval duration, overtime duration and the number of retries of IP address in the configure user terminal to report hosts file on the URL server.
4. method as claimed in claim 3 is characterized in that: the interval duration of said configuration, overtime duration and number of retries should be restricted to: " overtime duration " * " number of retries+1 " < " reporting duration at interval ".
5. method as claimed in claim 4; It is characterized in that: do not receive the URL server response behind the IP address in the user terminal to send up hosts file; Think user terminal and the connection failure of URL server, user terminal breaks off and being connected of server, and makes it not visit again any Internet resources.
6. a device of controlling user URL visit is specially the URL server that control user URL visits, and it is characterized in that said device comprises:
Configuration module is used to dispose the URL access resources of needs management and the strategy of control user URL visit;
Matching module, the user after the URL server is received the IP address in the hosts file of user terminal to send up, with it with the permission user terminal hosts file that himself keeps in the IP address range that exists mate;
Processing module is used for result when coupling when consistent, allows user terminal to continue visit URL resource, otherwise breaks off itself and being connected of URL server, and makes user terminal not visit again any Internet resources.
7. the device of control user URL as claimed in claim 6 visit is characterized in that said matching module is further used for the rule of IP address in the configure user terminal to report hosts file.
8. the device of control user URL as claimed in claim 7 visit; It is characterized in that the rule of IP address is specially in the said configure user terminal to report hosts file: interval duration, overtime duration and the number of retries of IP address in the configure user terminal to report hosts file.
9. method as claimed in claim 8 is characterized in that: the interval duration of said configuration, overtime duration and number of retries should be restricted to: " overtime duration " * " number of retries+1 " < " reporting duration at interval ".
10. method as claimed in claim 6; It is characterized in that: said processing module be further used for when user terminal when the URL server access network, will be in the access strategy of the said user URL that the URL server will dispose and user terminal to send up hosts file the rule downloading of IP address to user terminal.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210189285.9A CN102724189B (en) | 2012-06-06 | 2012-06-06 | A kind of method and device controlling user URL access |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210189285.9A CN102724189B (en) | 2012-06-06 | 2012-06-06 | A kind of method and device controlling user URL access |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102724189A true CN102724189A (en) | 2012-10-10 |
| CN102724189B CN102724189B (en) | 2016-06-15 |
Family
ID=46949852
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210189285.9A Active CN102724189B (en) | 2012-06-06 | 2012-06-06 | A kind of method and device controlling user URL access |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102724189B (en) |
Cited By (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103002070A (en) * | 2012-12-25 | 2013-03-27 | 上海牙木通讯技术有限公司 | Domain name resolution method and device |
| CN103309986A (en) * | 2013-06-18 | 2013-09-18 | 苏州阔地网络科技有限公司 | Control method and system for webpage access |
| CN103327018A (en) * | 2013-06-18 | 2013-09-25 | 苏州阔地网络科技有限公司 | Method and system for implementing webpage access control |
| CN103327017A (en) * | 2013-06-18 | 2013-09-25 | 苏州阔地网络科技有限公司 | Method and system for processing webpage access |
| CN103366134A (en) * | 2013-07-12 | 2013-10-23 | 浙江吉利汽车研究院有限公司杭州分公司 | Network connection management system and method |
| CN103425940A (en) * | 2013-08-16 | 2013-12-04 | 广东电网公司中山供电局 | Database safety reinforcing method and device |
| CN104079528A (en) * | 2013-03-26 | 2014-10-01 | 北大方正集团有限公司 | Method and system of safety protection of Web application |
| CN104092674A (en) * | 2014-06-30 | 2014-10-08 | 广东九联科技股份有限公司 | Router network security detection method and system based on set top box |
| CN104202444A (en) * | 2014-09-26 | 2014-12-10 | 上海斐讯数据通信技术有限公司 | External access control method, gateway and DNS server |
| CN104702623A (en) * | 2015-03-27 | 2015-06-10 | 携程计算机技术(上海)有限公司 | IP lockout method and system |
| CN104980409A (en) * | 2014-04-11 | 2015-10-14 | 中兴通讯股份有限公司 | Internet behavior management method and device |
| CN105187439A (en) * | 2015-09-25 | 2015-12-23 | 北京奇虎科技有限公司 | Phishing website detection method and device |
| CN105808990A (en) * | 2016-02-23 | 2016-07-27 | 平安科技(深圳)有限公司 | Method and device for controlling URL access on basis of IOS system |
| EP3116285A1 (en) * | 2015-07-09 | 2017-01-11 | ACER Incorporated | Apparatuses and methods for application-specific congestion control for data communication (acdc), and storage medium thereof |
| CN107222507A (en) * | 2017-07-13 | 2017-09-29 | 广州西麦科技股份有限公司 | A kind of home-network content access control method and device |
| CN110784351A (en) * | 2019-10-25 | 2020-02-11 | 上海燕汐软件信息科技有限公司 | Data access control method and device, electronic equipment and storage medium |
| CN111030970A (en) * | 2019-03-21 | 2020-04-17 | 哈尔滨安天科技集团股份有限公司 | Distributed access control method and device and storage equipment |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1705270A (en) * | 2004-05-26 | 2005-12-07 | 华为技术有限公司 | System and method for controlling network access |
| CN101163336A (en) * | 2007-11-15 | 2008-04-16 | 中兴通讯股份有限公司 | Method of implementing mobile phone terminal access authority authentication |
| CN101808114A (en) * | 2010-02-09 | 2010-08-18 | 深圳市同洲电子股份有限公司 | Method and system for realizing website access and front-end server |
| CN102340493A (en) * | 2010-07-21 | 2012-02-01 | 中兴通讯股份有限公司 | Access control method and gateway |
-
2012
- 2012-06-06 CN CN201210189285.9A patent/CN102724189B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1705270A (en) * | 2004-05-26 | 2005-12-07 | 华为技术有限公司 | System and method for controlling network access |
| CN101163336A (en) * | 2007-11-15 | 2008-04-16 | 中兴通讯股份有限公司 | Method of implementing mobile phone terminal access authority authentication |
| CN101808114A (en) * | 2010-02-09 | 2010-08-18 | 深圳市同洲电子股份有限公司 | Method and system for realizing website access and front-end server |
| CN102340493A (en) * | 2010-07-21 | 2012-02-01 | 中兴通讯股份有限公司 | Access control method and gateway |
Cited By (29)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103002070B (en) * | 2012-12-25 | 2015-05-20 | 上海牙木通讯技术有限公司 | Domain name resolution method and device |
| CN103002070A (en) * | 2012-12-25 | 2013-03-27 | 上海牙木通讯技术有限公司 | Domain name resolution method and device |
| CN104079528A (en) * | 2013-03-26 | 2014-10-01 | 北大方正集团有限公司 | Method and system of safety protection of Web application |
| CN103327017A (en) * | 2013-06-18 | 2013-09-25 | 苏州阔地网络科技有限公司 | Method and system for processing webpage access |
| CN103327018B (en) * | 2013-06-18 | 2015-12-09 | 阔地教育科技有限公司 | The implementation method that a kind of web page access controls and system |
| CN103327018A (en) * | 2013-06-18 | 2013-09-25 | 苏州阔地网络科技有限公司 | Method and system for implementing webpage access control |
| CN103309986B (en) * | 2013-06-18 | 2016-05-25 | 阔地教育科技有限公司 | A kind of Webpage access control method and system |
| WO2014201882A1 (en) * | 2013-06-18 | 2014-12-24 | 苏州阔地网络科技有限公司 | Web page visiting control method and system |
| CN103309986A (en) * | 2013-06-18 | 2013-09-18 | 苏州阔地网络科技有限公司 | Control method and system for webpage access |
| CN103327017B (en) * | 2013-06-18 | 2015-12-23 | 阔地教育科技有限公司 | A kind of web page access processing method and system |
| CN103366134A (en) * | 2013-07-12 | 2013-10-23 | 浙江吉利汽车研究院有限公司杭州分公司 | Network connection management system and method |
| CN103425940A (en) * | 2013-08-16 | 2013-12-04 | 广东电网公司中山供电局 | Database safety reinforcing method and device |
| CN104980409A (en) * | 2014-04-11 | 2015-10-14 | 中兴通讯股份有限公司 | Internet behavior management method and device |
| WO2015154416A1 (en) * | 2014-04-11 | 2015-10-15 | 中兴通讯股份有限公司 | Internet access behaviour management method and device |
| CN104092674A (en) * | 2014-06-30 | 2014-10-08 | 广东九联科技股份有限公司 | Router network security detection method and system based on set top box |
| CN104202444A (en) * | 2014-09-26 | 2014-12-10 | 上海斐讯数据通信技术有限公司 | External access control method, gateway and DNS server |
| CN104202444B (en) * | 2014-09-26 | 2017-11-28 | 上海斐讯数据通信技术有限公司 | A kind of outside access control method, gateway and dns server |
| CN104702623B (en) * | 2015-03-27 | 2019-01-08 | 上海携程商务有限公司 | IP blockage method and system |
| CN104702623A (en) * | 2015-03-27 | 2015-06-10 | 携程计算机技术(上海)有限公司 | IP lockout method and system |
| EP3116285A1 (en) * | 2015-07-09 | 2017-01-11 | ACER Incorporated | Apparatuses and methods for application-specific congestion control for data communication (acdc), and storage medium thereof |
| CN106341499A (en) * | 2015-07-09 | 2017-01-18 | 宏碁股份有限公司 | Mobile communication device and data communication congestion control method of specific application service |
| CN106341499B (en) * | 2015-07-09 | 2019-11-19 | 宏碁股份有限公司 | The data communication of mobile communications device and particular application services is jammed control method |
| US9992255B2 (en) | 2015-07-09 | 2018-06-05 | Acer Incorporated | Apparatuses and methods for application-specific congestion control for data communication (ACDC), and storage medium thereof |
| CN105187439A (en) * | 2015-09-25 | 2015-12-23 | 北京奇虎科技有限公司 | Phishing website detection method and device |
| CN105808990A (en) * | 2016-02-23 | 2016-07-27 | 平安科技(深圳)有限公司 | Method and device for controlling URL access on basis of IOS system |
| CN105808990B (en) * | 2016-02-23 | 2019-01-18 | 平安科技(深圳)有限公司 | Method and apparatus based on the control URL access of IOS system |
| CN107222507A (en) * | 2017-07-13 | 2017-09-29 | 广州西麦科技股份有限公司 | A kind of home-network content access control method and device |
| CN111030970A (en) * | 2019-03-21 | 2020-04-17 | 哈尔滨安天科技集团股份有限公司 | Distributed access control method and device and storage equipment |
| CN110784351A (en) * | 2019-10-25 | 2020-02-11 | 上海燕汐软件信息科技有限公司 | Data access control method and device, electronic equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102724189B (en) | 2016-06-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102724189A (en) | Method and device for controlling user URL (uniform resource locator) access | |
| US11658971B1 (en) | Virtual firewalls for multi-tenant distributed services | |
| KR102702510B1 (en) | Methods and systems for effective cyber protection of mobile devices | |
| US7448078B2 (en) | Method, a portal system, a portal server, a personalized access policy server, a firewall and computer software products for dynamically granting and denying network resources | |
| US10044765B2 (en) | Method and apparatus for centralized policy programming and distributive policy enforcement | |
| CN100464518C (en) | Green internet-accessing system based on concentrated management and dictributed control, and method therefor | |
| CN104917838B (en) | A kind of realization method and system of redirection of router | |
| US20030101338A1 (en) | System and method for providing connection orientation based access authentication | |
| US20100318681A1 (en) | Protocol-independent, mobile, web filter system provisioning dns triage, uri scanner, and query proxy services | |
| KR101230500B1 (en) | Network resource management system and method | |
| US8548998B2 (en) | Methods and systems for securing and protecting repositories and directories | |
| US8555365B2 (en) | Directory authentication method for policy driven web filtering | |
| CN101515868A (en) | Network privilege management method, device and system | |
| US20120173727A1 (en) | Internet Access Control Apparatus, Method and Gateway Thereof | |
| US10805162B2 (en) | Content policy discovery | |
| US20210112060A1 (en) | Method and Apparatus to Control and Monitor Access to Web Domains using Networked Devices | |
| CN113973006B (en) | Intranet data access management method and system | |
| Cisco | Controlling Network Access and Use | |
| Cisco | Controlling Network Access and Use | |
| KR19990069355A (en) | How to block site access | |
| CN110351300A (en) | SAMBA equipment access processing method, main equipment, system and storage medium | |
| Shimahara et al. | Access Control Management System for Edge Computing Environment Using Tag‐Based Matching and Cache Injection | |
| CN109040145A (en) | A kind of method, storage medium and the application server of LAN safety access | |
| CN109347822A (en) | A kind of user accesses the reminding method and device of unauthorized resource | |
| US11750568B1 (en) | Secure proxy service |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address |
Address after: 310052 Binjiang District Changhe Road, Zhejiang, China, No. 466, No. Patentee after: Xinhua three Technology Co., Ltd. Address before: 310053 Hangzhou science and Technology Development Zone, Zhejiang high tech park, No. six and road, No. 310 Patentee before: Huasan Communication Technology Co., Ltd. |
|
| CP03 | Change of name, title or address |