CN103441991A - Mobile terminal security access platform - Google Patents
Mobile terminal security access platform Download PDFInfo
- Publication number
- CN103441991A CN103441991A CN2013103504528A CN201310350452A CN103441991A CN 103441991 A CN103441991 A CN 103441991A CN 2013103504528 A CN2013103504528 A CN 2013103504528A CN 201310350452 A CN201310350452 A CN 201310350452A CN 103441991 A CN103441991 A CN 103441991A
- Authority
- CN
- China
- Prior art keywords
- mobile terminal
- safety
- access
- authentication
- terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a mobile terminal security access platform which comprises a mobile terminal host behavioral control system, a mobile terminal security check module, a mobile terminal network access authentication module, a mobile terminal security communication module and a mobile terminal security access gateway. The mobile terminal security access platform does not depend on a network access mode and can be deployed on any basic network and terminal-to-terminal security protection can be achieved; the security level is high, and no matter what type of network application is adopted, all transmitted data between terminal stations is protected; actually, a remote client-side has access to an intranet through the platform, so that the remote client-side has the limits of authority and the operation functions which are similar to those of an intranet user.
Description
Technical field
The present invention relates to a kind of mobile terminal safety access platform, the realization of the security hardening such as a kind of authentication, encryption and access control during in particular mobile terminal access Intranet.
Background technology
VPN technologies of the prior art are analyzed as follows:
1、IPSec VPN
The ipsec security agreement is a Virtual Private Network security protocol in extensive range, open.VPN based on IPSec does not rely on network access mode, and it can be in any basic network deploy, and can realize safeguard protection end to end.But IPSec VPN has some limitation:
1. need to install client software, have the work such as a large amount of installations, training, upgrading, management, the invisible use cost that increases the user.
2. the kind that access device is supported is few, take Desktop PC and Notebook PC as main, and the support of the equipment such as mobile phone, PDA, MAC, mobile terminal is had to limitation.
3. there are some technical problems, as: NAT penetrates, private address conflict etc.
4. because IPSec is network layer protocol, once secure tunnel is set up, can access all internal resources, have certain potential safety hazard.
2、SSL VPN
SSL VPN be take HTTPS as basic VPN technologies, is operated between transport layer and application layer.SSL VPN takes full advantage of the authentication based on certificate, data encryption and the message integrity authentication mechanism that ssl protocol provides, and can connect safely for the connection setup between application layer.But because SSL VPN is based on Web browser, can well support the B/S application, but support imperfection for the application of C/S, because a lot of C/S of enterprise application are many, the use of SSL VPN has been subject to restriction significantly.
Summary of the invention
Goal of the invention: for problems of the prior art, the invention provides a kind ofly based on Intel Virtualization Technology, use secure communication protocols, can support the mobile terminal safety access platform of C/S application.Described platform does not rely on network access mode, can be in any basic network deploy, and can realize safeguard protection end to end; Level of security is high, all transmission data between point of termination station protected, and no matter be which class network application; Platform in fact " is being placed in " intranet by Terminal Server Client, makes Terminal Server Client have authority and the operating function that the in-house network user is the same.
Technical scheme: a kind of mobile terminal safety access platform, its system architecture comprises: mobile terminal host behavior control system, mobile terminal safety checking module, mobile terminal networking authentication module, mobile terminal safety communication module and mobile terminal safety IAD.
1, mobile terminal host behavior control system
Mobile terminal host behavior control system is controlled (MRC) technology based on forced service, and three level security protections are provided: regular grade safeguard protection, professional safeguard protection and the protection of pressure level security; Described regular grade safeguard protection is suitable for individual freedom to be used, and does not relate to sensitive information, can the characteristic illegal infringement of limited prevention, can be used in conjunction with other securing software; Professional safeguard protection is suitable for having professional's use on certain information security basis, except the safeguard function with regular grade, allows the user let pass voluntarily or stop non-trust process; Force the level protection only to allow application system and the specific web page resources of access of operating provisions, stop without exception for other process beyond regulation; The keeper can take according to the safe class of concrete application system the protection of different stage, guarantees the safety access of mobile terminal.
For the significant data be stored on terminal, the Host behavior control system also provides encipherment protection, even the assurance data are removed also, fails to understand, and effectively prevents divulging a secret of Intranet sensitive information.
2, mobile terminal safety checking module
Before mobile terminal accessing Intranet resource, need carry out the terminal security inspection, not meet the terminal of inspection policy by disable access Intranet resource.The operating system version of safety check module to terminal, the patch release of system, the startup item of system, the disk file of specific position etc. endures strict scrutiny, according to inspection policy, when safe access gateway accesses at processing terminal, can first check on mobile terminal and whether possess above-mentioned one or several characteristic parameters, according to check result, judge whether to allow this terminal and safe access gateway to set up secure tunnel, whether some feature of simultaneously judging this terminal existentially forgeable information, thoroughly stop unhealthy terminal access inner-mesh network, guarantee the safety of mobile terminal access, from source, stop to threaten.
3, mobile terminal networking authentication module
Realization increases the networking authentication module on mobile terminal, and the digital certificate that authoritative institution is signed and issued leaves in the hardware identification card with safety encipher function and identity authentication function, and for each go out the office employee be equipped with corresponding hardware identification card.Mobile terminal must carry out the authentication by hardware identification card and Intranet ca authentication server common guarantee before the access corporate intranet, realization only has the terminal authenticated by networking just can be linked in corporate intranet, prevents that the mobile terminal of access from being the disabled user who was forged.
4, mobile terminal safety communication module
The function of mobile terminal safety communication module is to use secure communication protocols and mobile terminal safety IAD to set up escape way, guarantees the safety of transmission data.The secure communication module is by carrying out with IAD two-way authentication and the definite session key that Diffie-Hellman, DEA and data integrity check negotiation, client and the service end of algorithm, set up escape way, prevent that data are ravesdropping, distort, destroy, insert Replay Attack in transmitting procedure, guarantee the safety of transfer of data.
5, mobile terminal safety IAD
The mobile terminal safety IAD is one of core of safe access platform, is responsible for setting up escape way and user access is controlled, and can guarantee the safety of access transmission and the safety of inner accessed application system.Mobile terminal is set up escape way by secure communication protocols and safe access gateway, and the data that transmit are encrypted, and prevents that data from being intercepted and captured, distorting and destroy in the process transmitted.Simultaneously, safe access gateway can also carry out authentication to the identity of mobile terminal, guarantees the credibility of terminal.
Safe access gateway can also guarantee that the user disconnects and being connected of public network when being connected into Intranet, prevents that the situation of " machine two nets " from appearring in mobile terminal, guarantees that communicating by letter between mobile terminal and corporate intranet has the fail safe same with corporate intranet.
Safe access gateway can provide the identity of multiple authentication mode authentication of users, except supporting the authentication modes such as traditional Radius, AD, LDAP, also supports the authentication modes such as local user storehouse, dynamic password and digital certificate.User for different security domains, safe access gateway can be controlled user's access rights according to corresponding rule, give the privilege of user's minimum, guarantee that the user can only access the internal resource corresponding with the Role and privilege of himself, guarantee the safety of internal application system.
Beneficial effect: compared with prior art, mobile terminal safety access platform provided by the invention has following advantage:
1. compare with existing vpn products, protecting information safety is divided into to application server safety, transmission channel safety and three main bodys of terminal security and carries out theoretical research and technology realization, more clear and definite with the purpose that makes platform.
2. different from existing vpn products Application standard communications protocol, the present invention uses novel secure network protocol, and this agreement is supporting user's certification mode, key agreement mode and domestic cryptographic algorithm have made up the potential safety hazard of multinomial SSL/TLS communications protocol.
3. according to the characteristics of electric power enterprise information network and the present situation of application system; and the requirement of security information for power system hierarchical protection; demand for the application of electric power enterprise inside different business, have complete technical system and solution for mobile office accesses safely, sales service system payment terminal accesses safely.
4. the realization of platform does not need to change network configuration, the configuration that does not need to revise firewall configuration and revise the terminal use.
The accompanying drawing explanation
Fig. 1 is embodiment of the present invention mobile terminal safety access platform system architecture diagram;
Fig. 2 is embodiment of the present invention secure communication protocols flow chart;
The topological diagram that Fig. 3 is the embodiment of the present invention.
Embodiment
Below in conjunction with specific embodiment, further illustrate the present invention, should understand these embodiment only is not used in and limits the scope of the invention for the present invention is described, after having read the present invention, those skilled in the art all fall within the application's claims limited range to the modification of the various equivalent form of values of the present invention.
As shown in Figure 1, the mobile terminal safety access platform, its system architecture comprises: mobile terminal host behavior control system, mobile terminal safety checking module, mobile terminal networking authentication module, mobile terminal safety communication module and mobile terminal safety IAD.
1, mobile terminal host behavior control system
Mobile terminal host behavior control system is controlled (MRC) technology based on forced service, and three level security protections are provided: regular grade safeguard protection, professional safeguard protection and the protection of pressure level security; Described regular grade safeguard protection is suitable for individual freedom to be used, and does not relate to sensitive information, can the characteristic illegal infringement of limited prevention, can be used in conjunction with other securing software; Professional safeguard protection is suitable for having professional's use on certain information security basis, except the safeguard function with regular grade, allows the user let pass voluntarily or stop non-trust process; Force the level protection only to allow application system and the specific web page resources of access of operating provisions, stop without exception for other process beyond regulation; The keeper can take according to the safe class of concrete application system the protection of different stage, guarantees the safety access of mobile terminal.
For the significant data be stored on terminal, the Host behavior control system also will be used the close algorithm of state's business men that encipherment protection is provided, even the assurance data are removed also, fail to understand, and effectively prevent divulging a secret of Intranet sensitive information.
2, mobile terminal safety checking module
Before mobile terminal accessing Intranet resource, need carry out the terminal security inspection, not meet the terminal of inspection policy by disable access Intranet resource.The operating system version of safety check module to terminal, the patch release of system, the startup item of system, the disk file of specific position etc. endures strict scrutiny, according to inspection policy, when safe access gateway accesses at processing terminal, can first check on mobile terminal and whether possess above-mentioned one or several characteristic parameters, according to check result, judge whether to allow this terminal and safe access gateway to set up secure tunnel, whether some feature of simultaneously judging this terminal existentially forgeable information, thoroughly stop unhealthy terminal access inner-mesh network, guarantee the safety of mobile terminal access, from source, stop to threaten.
3, mobile terminal networking authentication module
Realization increases the networking authentication module on mobile terminal, and the digital certificate that authoritative institution is signed and issued leaves in the hardware identification card with safety encipher function and identity authentication function, and for each go out the office employee be equipped with corresponding hardware identification card.Mobile terminal must carry out the authentication by hardware identification card and Intranet ca authentication server common guarantee before the access corporate intranet, realization only has the terminal authenticated by networking just can be linked in corporate intranet, prevents that the mobile terminal of access from being the disabled user who was forged.
4, mobile terminal safety communication module
The function of mobile terminal safety communication module is to use secure communication protocols and mobile terminal safety IAD to set up escape way, guarantees the safety of transmission data.The secure communication module adopts ssl protocol and IAD to carry out two-way authentication and definite session key that Diffie-Hellman, DEA and data integrity check negotiation, client and the service end of algorithm, set up escape way, prevent that data are ravesdropping, distort, destroy, insert Replay Attack in transmitting procedure, guarantee the safety of transfer of data.Set up the process of escape way between secure communication module and safe access gateway as shown in Fig. 2 of accompanying drawing.
Communication process is as follows:
1) client is set up initialization with gateway and is connected, and negotiates Diffie-Hellman, DEA and the data integrity used in communication process and checks algorithm;
2) gateway return service device certificate (comprising server public key in certificate);
3) client generates private key, then, by the private key session key generation, then uses server public key to be transferred to gateway after encrypted private key;
4) gateway is used privacy key to decrypt the private key of client, and generates identical session key with the private key decrypted;
5) above handshake phase complete after both sides use identical session private key to carry out data communication.
5, mobile terminal safety IAD
The mobile terminal safety IAD is one of core of safe access platform, is responsible for setting up escape way and user access is controlled, and can guarantee the safety of access transmission and the safety of inner accessed application system.Mobile terminal is set up escape way by secure communication protocols and safe access gateway, and the data that transmit are encrypted, and prevents that data from being intercepted and captured, distorting and destroy in the process transmitted.Simultaneously, safe access gateway can also carry out authentication to the identity of mobile terminal, guarantees the credibility of terminal.
Safe access gateway can also guarantee that the user disconnects and being connected of public network when being connected into Intranet, prevents that the situation of " machine two nets " from appearring in mobile terminal, guarantees that communicating by letter between mobile terminal and corporate intranet has the fail safe same with corporate intranet.
Safe access gateway can provide the identity of multiple authentication mode authentication of users, except supporting the authentication modes such as traditional Radius, AD, LDAP, also supports the authentication modes such as local user storehouse, dynamic password and digital certificate.User for different security domains, safe access gateway can be controlled user's access rights according to corresponding rule, give the privilege of user's minimum, guarantee that the user can only access the internal resource corresponding with the Role and privilege of himself, guarantee the safety of internal application system.
Concrete enforcement topology as shown in Figure 3.In this enforcement, all kinds of mobile terminals unified by VPDN/APN special line passage etc. through access via telephone line router, fire compartment wall, enter Intranet by the notebook IAD, then the Security application interface provided by each operation system carries out safe access.Now protect the border that border is VPDN/APN special line and Intranet.
During Platform deployment, for realizing the safety access of terminal, the access link topology must strictly be followed the mode of safe access gateway, secure data filtration system, operation system, distinguish if can not carry out clear and definite access link, must carry out corresponding network topology transformation or carry out the distributed component deployment of access platform or utilize modes such as setting up front end processor to realize service distributing.
Claims (8)
1. a mobile terminal safety access platform, is characterized in that: comprise mobile terminal host behavior control system, mobile terminal safety checking module, mobile terminal networking authentication module, mobile terminal safety communication module and mobile terminal safety IAD.
2. mobile terminal safety access platform as claimed in claim 1, it is characterized in that: in described mobile terminal host behavior control system, mobile terminal host behavior control system, based on the forced service control technology, provides three level security protections: regular grade safeguard protection, professional safeguard protection and the protection of pressure level security; For the significant data be stored on terminal, the Host behavior control system also will be used the close algorithm of state's business men that encipherment protection is provided.
3. mobile terminal safety access platform as claimed in claim 1, it is characterized in that: in described mobile terminal safety checking module, before mobile terminal accessing Intranet resource, need carry out the terminal security inspection, not meet the terminal of inspection policy by disable access Intranet resource; Safety check module endures strict scrutiny to the operating system version of terminal, the patch release of system, the startup item of system, the disk file of specific position etc., according to inspection policy, when safe access gateway accesses at processing terminal, can first check on mobile terminal and whether possess above-mentioned one or several characteristic parameters, according to check result, judge whether to allow this terminal and safe access gateway to set up secure tunnel, whether some feature of simultaneously judging this terminal existentially forgeable information.
4. mobile terminal safety access platform as claimed in claim 1, it is characterized in that: in mobile terminal networking authentication module, realization increases the networking authentication module on mobile terminal, the digital certificate that authoritative institution is signed and issued leaves in the hardware identification card with safety encipher function and identity authentication function, and for each go out the office employee be equipped with corresponding hardware identification card; Mobile terminal must carry out the authentication by hardware identification card and Intranet ca authentication server common guarantee before the access corporate intranet, realization only has the terminal authenticated by networking just can be linked in corporate intranet, prevents that the mobile terminal of access from being the disabled user who was forged.
5. mobile terminal safety access platform as claimed in claim 1 is characterized in that: the function of mobile terminal safety communication module is to use secure communication protocols and mobile terminal safety IAD to set up escape way, guarantees to transmit the safety of data; The secure communication module is by carrying out with IAD two-way authentication and the definite session key that Diffie-Hellman, DEA and data integrity check negotiation, client and the service end of algorithm, set up escape way, prevent that data are ravesdropping, distort, destroy, insert Replay Attack in transmitting procedure, guarantee the safety of transfer of data.
6. mobile terminal safety access platform as claimed in claim 1, it is characterized in that: the mobile terminal safety IAD is one of core of safe access platform, be responsible for setting up escape way and user access is controlled, can guarantee the safety of access transmission and the safety of inner accessed application system; Mobile terminal is set up escape way by secure communication protocols and safe access gateway, and the data that transmit are encrypted; Simultaneously, safe access gateway can also carry out authentication to the identity of mobile terminal, guarantees the credibility of terminal.
7. mobile terminal safety access platform as claimed in claim 2, it is characterized in that: described regular grade safeguard protection is suitable for individual freedom and uses, do not relate to sensitive information, can the characteristic illegal infringement of limited prevention, can be used in conjunction with other securing software; Professional safeguard protection is suitable for having professional's use on certain information security basis, except the safeguard function with regular grade, allows the user let pass voluntarily or stop non-trust process; Force the level protection only to allow application system and the specific web page resources of access of operating provisions, stop without exception for other process beyond regulation; The keeper can take according to the safe class of concrete application system the protection of different stage, guarantees the safety access of mobile terminal.
8. mobile terminal safety access platform as claimed in claim 6, it is characterized in that: safe access gateway can also guarantee that the user disconnects and being connected of public network when being connected into Intranet, prevent that the situation of " machine two nets " from appearring in mobile terminal, guarantee that communicating by letter between mobile terminal and corporate intranet has the fail safe same with corporate intranet;
Safe access gateway can provide the identity of multiple authentication mode authentication of users, except supporting the authentication modes such as traditional Radius, AD, LDAP, also supports the authentication modes such as local user storehouse, dynamic password and digital certificate;
User for different security domains, safe access gateway can be controlled user's access rights according to corresponding rule, give the privilege of user's minimum, guarantee that the user can only access the internal resource corresponding with the Role and privilege of himself, guarantee the safety of internal application system.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2013103504528A CN103441991A (en) | 2013-08-12 | 2013-08-12 | Mobile terminal security access platform |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2013103504528A CN103441991A (en) | 2013-08-12 | 2013-08-12 | Mobile terminal security access platform |
Publications (1)
Publication Number | Publication Date |
---|---|
CN103441991A true CN103441991A (en) | 2013-12-11 |
Family
ID=49695656
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN2013103504528A Pending CN103441991A (en) | 2013-08-12 | 2013-08-12 | Mobile terminal security access platform |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN103441991A (en) |
Cited By (25)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103838989A (en) * | 2014-03-27 | 2014-06-04 | 北京网秦天下科技有限公司 | Mobile terminal and method |
CN103957185A (en) * | 2013-12-16 | 2014-07-30 | 汉柏科技有限公司 | Firewall control method for realizing traffic monitoring of application layer |
CN104184735A (en) * | 2014-08-26 | 2014-12-03 | 国家电网公司 | Electric marketing mobile application safe protection system |
CN104507087A (en) * | 2014-12-19 | 2015-04-08 | 上海斐讯数据通信技术有限公司 | Security service system and security service method for mobile office work |
CN104836806A (en) * | 2015-05-11 | 2015-08-12 | 广东电网有限责任公司电力科学研究院 | Remote support system, remote access system, remote assistance system and remote assistance method |
CN105592049A (en) * | 2015-09-07 | 2016-05-18 | 杭州华三通信技术有限公司 | Attack defense rule opening method and device |
CN106060051A (en) * | 2016-06-03 | 2016-10-26 | 国网山西省电力公司 | Data transmission system |
CN106375340A (en) * | 2016-10-11 | 2017-02-01 | 北京元心科技有限公司 | Method and system for improving security of certificate authentication |
CN106790086A (en) * | 2016-12-22 | 2017-05-31 | 国网江苏省电力公司信息通信分公司 | A kind of safety access method and device of electric power VoLTE business |
CN107018134A (en) * | 2017-04-06 | 2017-08-04 | 北京中电普华信息技术有限公司 | A kind of distribution terminal secure accessing platform and its implementation |
CN107294955A (en) * | 2017-05-24 | 2017-10-24 | 创元网络技术股份有限公司 | E-file encrypts middleware managing and control system and method |
CN107360154A (en) * | 2017-07-10 | 2017-11-17 | 中国科学院沈阳计算技术研究所有限公司 | A kind of intranet security cut-in method and system |
CN107770745A (en) * | 2017-09-15 | 2018-03-06 | 安徽中瑞通信科技股份有限公司 | A kind of wireless terminal method of network entry of wireless domain charging platform |
CN108243413A (en) * | 2016-12-23 | 2018-07-03 | 中国铁路总公司 | A kind of method and system of wireless access railway information network |
CN108632253A (en) * | 2018-04-04 | 2018-10-09 | 平安科技(深圳)有限公司 | Client data secure access method based on mobile terminal and device |
CN108764820A (en) * | 2018-04-28 | 2018-11-06 | 广州市菲玛尔咨询服务有限公司 | A kind of mobile office cloud system |
CN109194656A (en) * | 2018-09-10 | 2019-01-11 | 国家电网有限公司 | A kind of method of distribution wireless terminal secure accessing |
CN109756325A (en) * | 2017-11-05 | 2019-05-14 | 成都零光量子科技有限公司 | A method of mobile office system safety is promoted using quantum key |
CN110996318A (en) * | 2019-12-23 | 2020-04-10 | 广西电网有限责任公司电力科学研究院 | Safety communication access system of intelligent inspection robot of transformer substation |
CN111177692A (en) * | 2019-11-29 | 2020-05-19 | 云深互联(北京)科技有限公司 | Terminal credibility level evaluation method, device, equipment and storage medium |
CN111277607A (en) * | 2020-02-14 | 2020-06-12 | 南京南瑞信息通信科技有限公司 | Communication tunnel module, application monitoring module and mobile terminal security access system |
CN112437031A (en) * | 2019-08-23 | 2021-03-02 | 金田产业发展(山东)集团有限公司 | Multi-terminal converged homeland resource mobile government system based on heterogeneous network |
CN113794685A (en) * | 2021-08-16 | 2021-12-14 | 可信计算科技(无锡)有限公司 | Data transmission method and device based on credible evaluation |
CN114615309A (en) * | 2022-01-18 | 2022-06-10 | 奇安信科技集团股份有限公司 | Client access control method, device and system, electronic equipment and storage medium |
CN114697022A (en) * | 2022-03-18 | 2022-07-01 | 北京国泰网信科技有限公司 | Encryption authentication method applied to power distribution network system |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2006114712A1 (en) * | 2005-04-21 | 2006-11-02 | Nokia Corporation | Policy based communication interface selection of a multimode terminal |
CN102970682A (en) * | 2012-12-10 | 2013-03-13 | 北京航空航天大学 | Direct anonymous attestation method applied to credible mobile terminal platform |
-
2013
- 2013-08-12 CN CN2013103504528A patent/CN103441991A/en active Pending
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2006114712A1 (en) * | 2005-04-21 | 2006-11-02 | Nokia Corporation | Policy based communication interface selection of a multimode terminal |
CN102970682A (en) * | 2012-12-10 | 2013-03-13 | 北京航空航天大学 | Direct anonymous attestation method applied to credible mobile terminal platform |
Non-Patent Citations (1)
Title |
---|
张晓良: "基于隧道技术的移动终端安全接入系统", 《华北电力大学硕士学位论文》 * |
Cited By (35)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103957185A (en) * | 2013-12-16 | 2014-07-30 | 汉柏科技有限公司 | Firewall control method for realizing traffic monitoring of application layer |
CN103838989A (en) * | 2014-03-27 | 2014-06-04 | 北京网秦天下科技有限公司 | Mobile terminal and method |
CN104184735A (en) * | 2014-08-26 | 2014-12-03 | 国家电网公司 | Electric marketing mobile application safe protection system |
CN104184735B (en) * | 2014-08-26 | 2018-03-09 | 国网浙江省电力有限公司 | Power marketing mobile application security guard system |
CN104507087A (en) * | 2014-12-19 | 2015-04-08 | 上海斐讯数据通信技术有限公司 | Security service system and security service method for mobile office work |
CN104836806B (en) * | 2015-05-11 | 2018-11-20 | 广东电网有限责任公司电力科学研究院 | Remote support system, remote access system, remote assisting system and remote assistance method |
CN104836806A (en) * | 2015-05-11 | 2015-08-12 | 广东电网有限责任公司电力科学研究院 | Remote support system, remote access system, remote assistance system and remote assistance method |
CN105592049B (en) * | 2015-09-07 | 2019-01-25 | 新华三技术有限公司 | A kind of open method and device of attack defending rule |
CN105592049A (en) * | 2015-09-07 | 2016-05-18 | 杭州华三通信技术有限公司 | Attack defense rule opening method and device |
CN106060051A (en) * | 2016-06-03 | 2016-10-26 | 国网山西省电力公司 | Data transmission system |
CN106375340B (en) * | 2016-10-11 | 2020-03-31 | 北京元心科技有限公司 | Method and system for improving certificate verification security |
CN106375340A (en) * | 2016-10-11 | 2017-02-01 | 北京元心科技有限公司 | Method and system for improving security of certificate authentication |
CN106790086A (en) * | 2016-12-22 | 2017-05-31 | 国网江苏省电力公司信息通信分公司 | A kind of safety access method and device of electric power VoLTE business |
CN108243413A (en) * | 2016-12-23 | 2018-07-03 | 中国铁路总公司 | A kind of method and system of wireless access railway information network |
CN108243413B (en) * | 2016-12-23 | 2020-12-18 | 中国铁路总公司 | Method and system for wireless access to railway information network |
CN107018134A (en) * | 2017-04-06 | 2017-08-04 | 北京中电普华信息技术有限公司 | A kind of distribution terminal secure accessing platform and its implementation |
CN107018134B (en) * | 2017-04-06 | 2020-11-06 | 北京国电通网络技术有限公司 | Power distribution terminal safety access platform and implementation method thereof |
CN107294955A (en) * | 2017-05-24 | 2017-10-24 | 创元网络技术股份有限公司 | E-file encrypts middleware managing and control system and method |
CN107294955B (en) * | 2017-05-24 | 2020-04-28 | 创元网络技术股份有限公司 | Electronic file encryption middleware control system and method |
CN107360154A (en) * | 2017-07-10 | 2017-11-17 | 中国科学院沈阳计算技术研究所有限公司 | A kind of intranet security cut-in method and system |
CN107770745A (en) * | 2017-09-15 | 2018-03-06 | 安徽中瑞通信科技股份有限公司 | A kind of wireless terminal method of network entry of wireless domain charging platform |
CN109756325A (en) * | 2017-11-05 | 2019-05-14 | 成都零光量子科技有限公司 | A method of mobile office system safety is promoted using quantum key |
CN108632253A (en) * | 2018-04-04 | 2018-10-09 | 平安科技(深圳)有限公司 | Client data secure access method based on mobile terminal and device |
CN108764820A (en) * | 2018-04-28 | 2018-11-06 | 广州市菲玛尔咨询服务有限公司 | A kind of mobile office cloud system |
CN109194656A (en) * | 2018-09-10 | 2019-01-11 | 国家电网有限公司 | A kind of method of distribution wireless terminal secure accessing |
CN112437031A (en) * | 2019-08-23 | 2021-03-02 | 金田产业发展(山东)集团有限公司 | Multi-terminal converged homeland resource mobile government system based on heterogeneous network |
CN111177692A (en) * | 2019-11-29 | 2020-05-19 | 云深互联(北京)科技有限公司 | Terminal credibility level evaluation method, device, equipment and storage medium |
CN111177692B (en) * | 2019-11-29 | 2022-07-12 | 云深互联(北京)科技有限公司 | Terminal credibility level evaluation method, device, equipment and storage medium |
CN110996318A (en) * | 2019-12-23 | 2020-04-10 | 广西电网有限责任公司电力科学研究院 | Safety communication access system of intelligent inspection robot of transformer substation |
CN111277607A (en) * | 2020-02-14 | 2020-06-12 | 南京南瑞信息通信科技有限公司 | Communication tunnel module, application monitoring module and mobile terminal security access system |
CN113794685A (en) * | 2021-08-16 | 2021-12-14 | 可信计算科技(无锡)有限公司 | Data transmission method and device based on credible evaluation |
CN113794685B (en) * | 2021-08-16 | 2023-09-29 | 德威可信(北京)科技有限公司 | Data transmission method and device based on credibility assessment |
CN114615309A (en) * | 2022-01-18 | 2022-06-10 | 奇安信科技集团股份有限公司 | Client access control method, device and system, electronic equipment and storage medium |
CN114615309B (en) * | 2022-01-18 | 2024-03-15 | 奇安信科技集团股份有限公司 | Client access control method, device, system, electronic equipment and storage medium |
CN114697022A (en) * | 2022-03-18 | 2022-07-01 | 北京国泰网信科技有限公司 | Encryption authentication method applied to power distribution network system |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103441991A (en) | Mobile terminal security access platform | |
Jakimoski | Security techniques for data protection in cloud computing | |
US8407462B2 (en) | Method, system and server for implementing security access control by enforcing security policies | |
US8438631B1 (en) | Security enclave device to extend a virtual secure processing environment to a client device | |
CN107018134A (en) | A kind of distribution terminal secure accessing platform and its implementation | |
Souppaya et al. | Guide to enterprise telework, remote access, and bring your own device (BYOD) security | |
CN202652534U (en) | Mobile terminal safety access platform | |
CN101488952A (en) | Mobile storage apparatus, data secured transmission method and system | |
CN106992984A (en) | A kind of method of the mobile terminal safety access information Intranet based on electric power acquisition net | |
Kravets et al. | Mobile security solution for enterprise network | |
CN104219077A (en) | Information management system for middle and small-sized enterprises | |
JP2015536061A (en) | Method and apparatus for registering a client with a server | |
CN102882857A (en) | Client side device, encryption storage device, and remote access method and system | |
CN111970232A (en) | Safe access system of intelligent service robot of electric power business hall | |
CN103269301A (en) | Desktop type IPSecVPN cryptographic machine and networking method | |
Aich et al. | Study on cloud security risk and remedy | |
CN116248405A (en) | Network security access control method based on zero trust and gateway system and storage medium adopting same | |
Li et al. | Research on sensor-gateway-terminal security mechanism of smart home based on IOT | |
CN105991524A (en) | Family information security system | |
CN103532958A (en) | Method for encrypting website resources | |
Wells | Better Practices for IoT Smart Home Security | |
US8261081B2 (en) | Method for governing the ability of computing devices to communicate | |
Vailoces et al. | Securing the Electric Vehicle Charging Infrastructure: An In-Depth Analysis of Vulnerabilities and Countermeasures | |
Safdar et al. | Security and trust issues in BYOD networks | |
Ruha | Cybersecurity of computer networks |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20131211 |