CN104184735A - Electric marketing mobile application safe protection system - Google Patents
Electric marketing mobile application safe protection system Download PDFInfo
- Publication number
- CN104184735A CN104184735A CN201410423475.1A CN201410423475A CN104184735A CN 104184735 A CN104184735 A CN 104184735A CN 201410423475 A CN201410423475 A CN 201410423475A CN 104184735 A CN104184735 A CN 104184735A
- Authority
- CN
- China
- Prior art keywords
- access
- network
- mobile
- layer
- security
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
Provided is an electric marketing mobile application safe protection system. In the present, the safety problem is caused after a mobile terminal is used, and third-party secondary encryption is easy to crack to generate information leakage. The electric marketing mobile application safe protection system comprises a safe terminal layer, a safe channel layer, a safe access platform layer and a mobile application layer. The mobile application layer is used for supporting service application of the mobile terminal and achieving system application safety. The technical scheme of the electric marketing mobile application safe protection system achieves safe access to the mobile terminal, achieves strong insulation between an outer information network and an inner information network through an insulation method, cuts down attack of outer networks and effectively improves information safety.
Description
Technical field
The present invention relates to a kind of power marketing mobile application security guard system.
Background technology
In the information-based process constantly advancing of power industry, information system has become the basic means of electric power enterprise company personnel routine work, in electrical production control and company management management, has brought into play the effect becoming more and more important.Yet increasing inconvenience is but that conventional systems is insoluble, traditional management software that must could use in Utilities Electric Co.'s local area network (LAN) has caused very big restriction to on-the-spot interchange and Service Promotion.In the process deepening constantly in power marketing information work, the information system user of sales service management has proposed concrete requirement in mobile application aspect, how at curstomer's site and job site, to deal with the work at any time, how field force completes various information management work outside office, various original on-the-spot manual record data cannot in time typing management system problem as how more flexible, mode is solved easily, above variety of problems, can use mobile terminal to solve, improve convenience and the treatment effeciency of information system, meet security requirement simultaneously.
But after employing mobile terminal, will produce safety problem, adopt third-party superencipher, easily crack, produce the leakage of information.Intranet access conditions is strict, restricts the development that power marketing moves application simultaneously.How to utilize intelligent mobile terminal, the access power marketing business by outer net safety, becomes an important topic in the urgent need to address.
Summary of the invention
The technical assignment of the technical problem to be solved in the present invention and proposition is that prior art scheme is improved and improved, and provides power marketing mobile application security guard system, to reach the object of outer net secure access Electric Power Marketing System.For this reason, the present invention takes following technical scheme.
Power marketing mobile application security guard system, is characterized in that comprising:
Security terminal layer: mobile terminal is used cryptographic algorithm, and preserves private key or digital certificate on mobile terminal; During mobile terminal communication, by mobile public network and safe access gateway group, set up escape way, adopt digital certificate to carry out authentication, and communication critical data is encrypted to transmission;
Escape way layer: realize each external linkage and be connected with system access net, by route access control, and the encryption virtual private passage building by VPN, realize network level authentication, and guarantee data and close property and integrality; By fire compartment wall, carry out the access control of frontier district, prevent the access application of illegality equipment; Configure corresponding safety monitoring system, access application safety hidden danger is monitored, protected and manages, guarantee the safety of safety access and system access mesh portions; To isolating to the communication protocol of application layer all levels from physical layer between Access Network and corporate intranet, for an exclusive data exchanging mechanism is set up and is safeguarded in the application of each permission, limit source, object, data format, the data content of exchanges data, and exchanges data is monitored;
Safe access platform layer: being the zone line to external information issue, information gathering, exchanges data, is the terminal that network connects that accesses terminal, and all application access end at Security Certificate gateway; Safe access platform layer carries out safety detection and audit to reciprocal exchange of business registration, ruuning situation, the configuration management of the network equipment, safety means and day-to-day operation are safeguarded, to security policy manager, flow monitoring, statistical analysis, security audit, and show with close friend and user-centered interface;
Mobile application layer: for supporting the service application of mobile terminal, realize the application safety of system.
As the further of technique scheme improved and supplemented, the present invention also comprises following additional technical feature.
Described safe access platform layer is provided with IAD, data filtering switching system, authentication server and access platform centralized monitor management system, and described IAD comprises for the safe access gateway of notebook access, for the mobile security IAD of PDA/ smart mobile phone access, for showing the table meter safe access gateway of meter access.
When intelligent terminal is panel computer, PDA or smart mobile phone, the security algorithm private key that security terminal layer is used or digital certificate adopt MicroSD card to store; On intelligent terminal, establish SIM card, by binding the SIM card of special-purpose APN, realize network channel safety; And specially control software in intelligent terminal deployment secure, realize escape way foundation, user's authentication management.
Mobile application layer is established mobile application server, and application server deployment anti-virus module guarantees that each application server of application service district is not infected by virus, wooden horse, prevents viral propagation and illegal control.
Described escape way layer, safe access platform layer, mobile application development platform form mobile operating platform, and described mobile operating platform is provided with information security and protective unit, cross-platform business support unit, applies support unit, the support unit of mobile GIS, mobile workflow support unit, platform management unit; Described information security and protective unit encrypt to realize efficient and safety access for safe access platform VPN wireless access support, the message encryption communication of application service, the database security of mobile terminal; Described cross-platform business support unit is used for supporting multiple mobile terminal operating system, and by supporting several operation systems, the API that simultaneously sets up a set of unified standard adapts to each operating system to realize cross-platform support, and supports multiple terminal hardware; Described application support unit supports for hardware bottom layer; The support unit of described mobile GIS is for geographical graphic displaying, power network resources displaying, GIS spatial analysis, path navigation, reporting position; Described mobile workflow support unit is for comprising the management of electric power mobile application distribution platform service end and client; Described platform management unit is analyzed for condition monitoring, service monitoring and the standardization field operation of equipment control, rights management, service menu management, mobile terminal.
The hardware bottom layer support unit of application support function is used for: printing, location-based service, bar code scan, the read-write of firing frequency card, user's electron underwriting authentication, mobile terminal network state notifying, other ardware feature encapsulation; The audit debarkation authentication that the audit of outfit equipment logs in, user logs in audit and serviced component; Be equipped with video file, image file, the integrated file service of pattern management system; Task data issue, download, importing audit; User authenticates and security policy manager.
Safe access platform layer security partition third party's network and company information network, realize the safety access of mobile terminal; Safe access platform layer carries out authentication, data encryption, the audit/mandate of user data, the fail safe of the online encryption realization transmission of file of user identity; Safe access platform layer is provided with vpn gateway access service layer, vpn gateway access service layer comprises safe access gateway systemic-function assembly, identity authorization system functional unit, data encrypting and deciphering functional unit, centralized monitor leading subscriber logic function assembly, between above-mentioned functions assembly, by high-speed message bus, communicates to realize various security services.
Safe access platform layer carries out segmented combination to be disposed, and carries out the slitless connection of network layer; Identity authorization system adopts terminal and vpn gateway to carry out two-way authentication, and by the mandate of CA service authentication.
Safe access platform layer audits/while authorizing work, by collection, analysis, the identification of network data, real-time dynamic monitoring Content of Communication, network behavior and network traffics, find and catch various sensitive informations, unlawful practice, Realtime Alerts response, record various sessions and event in network system comprehensively, realize the accurate all-the-way tracking location to intelligent association analysis, assessment and the security incident of the network information, for the formulation of overall network security strategy provides authority to support reliably.
Safety/audit work comprises:
A) content auditing
For deep content auditing function is provided, to website visiting, mail transmission/reception, remote terminal access, database access, transfer of data, file-sharing etc., provide complete content detection, information reverting function; And can customize key word library, carry out fine-grained audit trail;
B) behavior auditing
Be used for providing comprehensive network behavior audit function, according to setting behavior auditing strategy, network application behavior to website visiting, mail transmission/reception, database access, remote terminal access, transfer of data, file-sharing, Internet resources abuse is monitored, to meeting event Real-time Alarm the record of behavioral strategy;
C) network auditing system
For the function of the flow analysis based on protocol identification is provided, real-time statistics goes out the various message flows in current network, carries out integrated flow rate analysis, for the formulation of flow management strategy provides reliable support.
Beneficial effect: realize that unified information is mutual, centralized configuration management, unified monitoring etc., realize credible, controlled to each Terminal Type access.Based on the present invention, realize power marketing mobile operating (such as on-the-spot industry expand, the sales service application such as check meter in scene, on-the-spot customer service), improve service ability and the good service level of sales service curstomer's site, customer service is carried out to the extension of room and time, marketing service is extended to curstomer's site, in client perception, establish the image of good service, efficiency service.The technical program has realized the safety access of mobile terminal.By isolating means, realize the strong isolation of information Intranet, information outer net, cut off the attack of outer net, effectively promoted information security.
Accompanying drawing explanation
Fig. 1 is safety protection structure figure of the present invention.
Fig. 2 is security protection level figure of the present invention.
Embodiment
Below in conjunction with Figure of description, technical scheme of the present invention is described in further detail.
As shown in Figure 1, power marketing mobile application security guard system comprises security terminal layer, escape way layer, safe access platform layer, mobile application development platform, application system etc.
Wherein,
Security terminal layer: mobile terminal is used cryptographic algorithm, and preserves private key or digital certificate on mobile terminal; During mobile terminal communication, by mobile public network and safe access gateway group, set up escape way, adopt digital certificate to carry out authentication, and communication critical data is encrypted to transmission;
Escape way layer: realize each external linkage and be connected with system access net, by route access control, and the encryption virtual private passage building by VPN, realize network level authentication, and guarantee data and close property and integrality; By fire compartment wall, carry out the access control of frontier district, prevent the access application of illegality equipment; Configure corresponding safety monitoring system, access application safety hidden danger is monitored, protected and manages, guarantee the safety of safety access and system access mesh portions; To isolating to the communication protocol of application layer all levels from physical layer between Access Network and corporate intranet, for an exclusive data exchanging mechanism is set up and is safeguarded in the application of each permission, limit source, object, data format, the data content of exchanges data, and exchanges data is monitored;
Safe access platform layer: being the zone line to external information issue, information gathering, exchanges data, is the terminal that network connects that accesses terminal, and all application access end at Security Certificate gateway; Safe access platform layer carries out safety detection and audit to reciprocal exchange of business registration, ruuning situation, the configuration management of the network equipment, safety means and day-to-day operation are safeguarded, to security policy manager, flow monitoring, statistical analysis, security audit, and show with close friend and user-centered interface.
Mobile application layer: for supporting the service application of mobile terminal, realize the application safety of system.
Described safe access platform layer is provided with IAD, data filtering switching system, authentication server and access platform centralized monitor management system.
For treating the equipment of each access with a certain discrimination, described IAD comprises for the safe access gateway of notebook access, for the mobile security IAD of PDA/ smart mobile phone access, for showing the table meter safe access gateway of meter access.
When intelligent terminal is panel computer, PDA or smart mobile phone, the security algorithm private key that security terminal layer is used or digital certificate adopt MicroSD card to store; On intelligent terminal, establish SIM card, by binding the SIM card of special-purpose APN, realize network channel safety; And specially control software in intelligent terminal deployment secure, realize escape way foundation, user's authentication management.
Mobile application layer is established mobile application server, and application server deployment anti-virus module guarantees that each application server of application service district is not infected by virus, wooden horse, prevents viral propagation and illegal control.
Shown in Fig. 2, marketing mobile application security protection hierarchy chart main contents comprise:
1) safety access is the core of whole platform, between third party's network and company information network, builds safe access area, carries out the security partition of network.Safety access by platform, authentication, visit control service etc. and carry out safe access.
2) by foundation, do not rely on third-party operator's superencipher tunnel, strengthen data transmission security, but through safe access area, carry out authentication (digital certificate system), data encryption (the close office of the cryptographic algorithm use state Special safety algorithm of user identity, crypto-operation intensity is high, and data security can effectively be guaranteed), the audit/mandate of user data is, the online encryption of file.
3) vpn gateway access service layer is core, mainly comprise the logic function assemblies such as safe access gateway system, identity authorization system, data encrypting and deciphering, centralized monitor leading subscriber, between functional unit, by high-speed message bus, communicate, realize various security services.
4), according to user's request difference, application of difference, network rebuilding demand etc., the functional units such as safe access platform systemic-function group, data security protecting system, can carry out segmented combination according to access platform thought and dispose, and carry out the slitless connection of network layer.
) identity authorization system, terminal and VPN carry out two-way authentication, and by the mandate of CA service authentication.Digital certificate ensures the user who logs in security platform system, is all the user by administrative authentication.The granting of digital certificate, cancel, expired reaffirm please, can lead to OCSP agreement online mode; Again can be by the mode of off-line, by special messenger's manual administration.
) fire compartment wall, the access border of security platform, this is the first safety filtering to data that user enters security platform.Fire compartment wall is a kind of comprehensive technology, relates to the many-sides such as computer networking technology, cryptographic technique, safe practice, software engineering, security protocol; It is a kind of Means of Ensuring of network security; A kind of access control yardstick of carrying out while being network service, its main target be exactly by control into, go out the authority of a network, and force all links all to pass through such inspection.
All outsides (user) data all will be passed through fire compartment wall to the Business Stream of inner (corporate intranet), utilize the function of Network address translators and the safety filtering of data of fire compartment wall, and the network needing protection is protected.
) safe access gateway
IPSEC VPN IAD, for the service of user's remote access network provides safeguard protection, major function comprises:
Authentication: coordinate digital certificate system, guarantee that remote access person is not malicious user;
Access control: guarantee that visitor can only access service and the information of authorized access;
Data encryption: the close algorithm of business providing in SDKey is provided, guarantees that all data are all encrypted in network transmission process, prevent from being cracked;
SSL VPN IAD, for the service of user's remote access network provides safeguard protection, major function comprises:
Authentication: coordinate digital certificate system, guarantee that remote access person is not malicious user;
Access control: guarantee that visitor can only access service and the information of authorized access;
Data encryption: the close algorithm of business providing in SDKey is provided, guarantees that all data are all encrypted in network transmission process, prevent from being cracked;
) safe shielding system
Safety isolation and Information Exchange System, be commonly called as " gateway ", and the target of technology of network isolation is the attack isolation of guaranteeing harmful, under the prerequisite not leaking, completes the secure exchange of data between net outside trustable network with assurance trustable network internal information.Technology of network isolation is to grow up on the basis of original safe practice, and it has made up the deficiency of original safe practice, has given prominence to the advantage of oneself, and it is the safe shielding system of safe subnet and corporate intranet, ensures the safety of access service Intranet.
9) audit, authoring system
Safety auditing system is by collection, analysis, the identification of network data, real-time dynamic monitoring Content of Communication, network behavior and network traffics, find and catch various sensitive informations, unlawful practice, Realtime Alerts response, record various sessions and event in network system comprehensively, the accurate all-the-way tracking location of realization to intelligent association analysis, assessment and the security incident of the network information, for the formulation of overall network security strategy provides authority to support reliably.Safety auditing system has three large functions:
A, content auditing
SAS system provides deep content auditing function, can provide complete content detection, information reverting function to website visiting, mail transmission/reception, remote terminal access, database access, transfer of data, file-sharing etc.; And can customize key word library, carry out fine-grained audit trail.
B, behavior auditing
SAS system provides comprehensive network behavior audit function, according to setting behavior auditing strategy, the network application behaviors such as website visiting, mail transmission/reception, database access, remote terminal access, transfer of data, file-sharing, Internet resources abuses (instant messaging, forum, Online Video, P2P download, online game etc.) are monitored, to meeting event Real-time Alarm the record of behavioral strategy.
C, network auditing system
SAS system provides the function of the flow analysis based on protocol identification, and real-time statistics goes out the various message flows in current network, carries out integrated flow rate analysis, for the formulation of flow management strategy provides reliable support.
Escape way layer, safe access platform layer, mobile application development platform form mobile operating platform, mobile operating platform build deployment, mainly comprise as follows:
The information security of platform and protection, comprise the safe access platform support of State Grid Corporation of China, the message encryption communication of application service, the encryption of the database security of mobile terminal.
Cross-platform business support, supports multiple mobile terminal operating system.As: ios, windowmobile, windowce, android, windowsxp by supporting several operation systems, sets up the API of a set of unified standard simultaneously, adapts to each operating system and realizes cross-platform support; Support various terminal hardwares, as iphone, ipad, the android mobile phone of various models, the android of various models is dull and stereotyped, the windowsmobile/wince of various models, pad.
Application support function, comprises that hardware bottom layer supports: printing, location-based service, bar code scan, the read-write of firing frequency card, user's electron underwriting authentication, mobile terminal network state notifying, other ardware feature encapsulation etc.; The audit debarkation authentication that the audit of outfit equipment logs in, user logs in audit and serviced component; Be equipped with the file service functions such as video file, image file, pattern management system be integrated; Task data issue, download, importing audit function; User authenticates and security policy manager function.
The support function of mobile GIS, the functions such as the support based on the GIS of State Grid Corporation of China service platform and geographical graphic displaying, power network resources displaying, GIS spatial analysis, path navigation, reporting position.
Mobile workflow support function, comprises the management of electric power mobile application distribution platform service end, client.
Platform management functions, comprises that equipment control, rights management, service menu are managed, condition monitoring, service monitoring and the standardization field operation analytic function of mobile terminal.
Utilize nine kinds of technological means to ensure that application performance is efficient, stable, reliable, independent design traffic table, the information such as storage user, authority; Asynchronous task scheduling, realizes job note efficient information rate and downloads in real time; Job note procedure information, by note real time propelling movement, alleviates the impact manually refreshing system; Independent design traffic table, storing mobile job-oriented terminal job note information; The configuration of mobile operating link parameterisable, service control coverage; Job note business datum is downloaded can be asynchronous, maximizes to reduce BOSS professional system is impacted; Work data is uploaded can be asynchronous, improves data transmission success; Batch working list is detachable to be uploaded, and reduces the data volume that single is uploaded, and structural data separates processing with unstructured data, improves data upload efficiency.
Data preserve and with the mutual data channel that adopts two-way intercommunication of real time data of the professional BOSS system of electric power host computer, the form of transfer of data adopts JSON transfer of data, multimedia file is realized by the mode of FTP service transmission.
The safe access platform that information security authenticates by Guo Wang company ensures, safety access system is disposed and is mainly divided into: enterprises end deployment secure gateway device, the built-in customization encryption chip of security terminal, the own two-stage CA system of enterprise, data encryption adopt SM1 algorithm, digital certificate to adopt SM2 algorithm, utilize IPSEC/SSL VPN technologies to do the cryptographic protocol of data channel.
Power marketing mobile application security guard system shown in above Fig. 1,2 is specific embodiments of the invention; substantive distinguishing features of the present invention and progress have been embodied; can be according to actual use needs; under enlightenment of the present invention; it is carried out to the equivalent modifications of the aspects such as shape, structure, all at the row of the protection range of this programme.
Claims (10)
1. power marketing mobile application security guard system, is characterized in that comprising:
Security terminal layer: mobile terminal is used cryptographic algorithm, and preserves private key or digital certificate on mobile terminal; During mobile terminal communication, by mobile public network and safe access gateway group, set up escape way, adopt digital certificate to carry out authentication, and communication critical data is encrypted to transmission;
Escape way layer: realize each external linkage and be connected with system access net, by route access control, and the encryption virtual private passage building by VPN, realize network level authentication, and guarantee data and close property and integrality; By fire compartment wall, carry out the access control of frontier district, prevent the access application of illegality equipment; Configure corresponding safety monitoring system, access application safety hidden danger is monitored, protected and manages, guarantee the safety of safety access and system access mesh portions; To isolating to the communication protocol of application layer all levels from physical layer between Access Network and corporate intranet, for an exclusive data exchanging mechanism is set up and is safeguarded in the application of each permission, limit source, object, data format, the data content of exchanges data, and exchanges data is monitored;
Safe access platform layer: being the zone line to external information issue, information gathering, exchanges data, is the terminal that network connects that accesses terminal, and all application access end at Security Certificate gateway; Safe access platform layer carries out safety detection and audit to reciprocal exchange of business registration, ruuning situation, the configuration management of the network equipment, safety means and day-to-day operation are safeguarded, to security policy manager, flow monitoring, statistical analysis, security audit, and show with close friend and user-centered interface;
Mobile application layer: for supporting the service application of mobile terminal, realize the application safety of system.
2. power marketing mobile application security guard system according to claim 1, it is characterized in that: described safe access platform layer is provided with IAD, data filtering switching system, authentication server and access platform centralized monitor management system, described IAD comprises for the safe access gateway of notebook access, for the mobile security IAD of PDA/ smart mobile phone access, for showing the table meter safe access gateway of meter access.
3. power marketing mobile application security guard system according to claim 2, it is characterized in that: when intelligent terminal is panel computer, PDA or smart mobile phone, the security algorithm private key that security terminal layer is used or digital certificate adopt MicroSD card to store; On intelligent terminal, establish SIM card, by binding the SIM card of special-purpose APN, realize network channel safety; And specially control software in intelligent terminal deployment secure, realize escape way foundation, user's authentication management.
4. power marketing mobile application security guard system according to claim 3, it is characterized in that: mobile application layer is established mobile application server, application server deployment anti-virus module, guarantee that each application server of application service district is not infected by virus, wooden horse, prevent viral propagation and illegal control.
5. power marketing mobile application security guard system according to claim 1, it is characterized in that: described escape way layer, safe access platform layer, mobile application development platform form mobile operating platform, described mobile operating platform is provided with information security and protective unit, cross-platform business support unit, applies support unit, the support unit of mobile GIS, mobile workflow support unit, platform management unit; Described information security and protective unit encrypt to realize efficient and safety access for safe access platform VPN wireless access support, the message encryption communication of application service, the database security of mobile terminal; Described cross-platform business support unit is used for supporting multiple mobile terminal operating system, and by supporting several operation systems, the API that simultaneously sets up a set of unified standard adapts to each operating system to realize cross-platform support, and supports multiple terminal hardware; Described application support unit supports for hardware bottom layer; The support unit of described mobile GIS is for geographical graphic displaying, power network resources displaying, GIS spatial analysis, path navigation, reporting position; Described mobile workflow support unit is for comprising the management of electric power mobile application distribution platform service end and client; Described platform management unit is analyzed for condition monitoring, service monitoring and the standardization field operation of equipment control, rights management, service menu management, mobile terminal.
6. power marketing mobile application security guard system according to claim 5, is characterized in that: the hardware bottom layer support unit of application support function is used for: printing, location-based service, bar code scan, the read-write of firing frequency card, user's electron underwriting authentication, mobile terminal network state notifying, other ardware feature encapsulation; The audit debarkation authentication that the audit of outfit equipment logs in, user logs in audit and serviced component; Be equipped with video file, image file, the integrated file service of pattern management system; Task data issue, download, importing audit; User authenticates and security policy manager.
7. power marketing mobile application security guard system according to claim 1, is characterized in that:
Safe access platform layer security partition third party's network and company information network, realize the safety access of mobile terminal; Safe access platform layer carries out authentication, data encryption, the audit/mandate of user data, the fail safe of the online encryption realization transmission of file of user identity; Safe access platform layer is provided with vpn gateway access service layer, vpn gateway access service layer comprises safe access gateway systemic-function assembly, identity authorization system functional unit, data encrypting and deciphering functional unit, centralized monitor leading subscriber logic function assembly, between above-mentioned functions assembly, by high-speed message bus, communicates to realize various security services.
8. power marketing mobile application security guard system according to claim 7, is characterized in that: safe access platform layer carries out segmented combination to be disposed, and carries out the slitless connection of network layer; Identity authorization system adopts terminal and vpn gateway to carry out two-way authentication, and by the mandate of CA service authentication.
9. power marketing mobile application security guard system according to claim 8, it is characterized in that: safe access platform layer audits/while authorizing work, by the collection of network data, analyze, identification, real-time dynamic monitoring Content of Communication, network behavior and network traffics, find and catch various sensitive informations, unlawful practice, Realtime Alerts response, record various sessions and event in network system comprehensively, the intelligent association analysis of realization to the network information, the accurate all-the-way tracking location of assessment and security incident, for providing authority, the formulation of overall network security strategy supports reliably.
10. power marketing mobile application security guard system according to claim 9, is characterized in that: safety/audit work comprises:
Content auditing
For deep content auditing function is provided, to website visiting, mail transmission/reception, remote terminal access, database access, transfer of data, file-sharing etc., provide complete content detection, information reverting function; And can customize key word library, carry out fine-grained audit trail;
Behavior auditing
Be used for providing comprehensive network behavior audit function, according to setting behavior auditing strategy, network application behavior to website visiting, mail transmission/reception, database access, remote terminal access, transfer of data, file-sharing, Internet resources abuse is monitored, to meeting event Real-time Alarm the record of behavioral strategy;
Network auditing system
For the function of the flow analysis based on protocol identification is provided, real-time statistics goes out the various message flows in current network, carries out integrated flow rate analysis, for the formulation of flow management strategy provides reliable support.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410423475.1A CN104184735B (en) | 2014-08-26 | 2014-08-26 | Power marketing mobile application security guard system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410423475.1A CN104184735B (en) | 2014-08-26 | 2014-08-26 | Power marketing mobile application security guard system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104184735A true CN104184735A (en) | 2014-12-03 |
| CN104184735B CN104184735B (en) | 2018-03-09 |
Family
ID=51965477
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410423475.1A Active CN104184735B (en) | 2014-08-26 | 2014-08-26 | Power marketing mobile application security guard system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104184735B (en) |
Cited By (26)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105243603A (en) * | 2015-09-29 | 2016-01-13 | 国网浙江省电力公司温州供电公司 | Power supply scheme assistant establishment system and working method therefor |
| CN105243440A (en) * | 2015-09-29 | 2016-01-13 | 国网浙江省电力公司温州供电公司 | Marketing mobile working platform based paperless office on-site working method |
| CN105704149A (en) * | 2016-03-24 | 2016-06-22 | 国网江苏省电力公司电力科学研究院 | Safety protection method for power mobile application |
| CN106454824A (en) * | 2016-08-12 | 2017-02-22 | 中国南方电网有限责任公司 | System and method for enabling wireless terminal to securely access information Intranet |
| CN106713337A (en) * | 2017-01-03 | 2017-05-24 | 北京并行科技股份有限公司 | Method and system for accessing supercomputing center, and dispatch server |
| CN106850408A (en) * | 2017-01-22 | 2017-06-13 | 山东鲁能软件技术有限公司 | Power informatization system is based on the multi-protocols message mechanism of mobile mixed architecture |
| CN106982204A (en) * | 2017-02-15 | 2017-07-25 | 深圳市中科智库互联网信息安全技术有限公司 | Credible and secure platform |
| CN106992984A (en) * | 2017-04-01 | 2017-07-28 | 国网福建省电力有限公司 | A kind of method of the mobile terminal safety access information Intranet based on electric power acquisition net |
| CN107231378A (en) * | 2017-07-21 | 2017-10-03 | 云南电网有限责任公司信息中心 | A kind of security control method based on electric power mobile office equipment, apparatus and system |
| CN107295312A (en) * | 2017-08-10 | 2017-10-24 | 上海辰锐信息科技公司 | A kind of wireless video safety access system based on SSL VPN |
| CN107925651A (en) * | 2015-09-08 | 2018-04-17 | 西门子股份公司 | For running the method and industrial network of industrial network |
| CN109150702A (en) * | 2018-08-16 | 2019-01-04 | 南京南瑞信息通信科技有限公司 | A kind of the high-performance mobile access gateway and its method of communication information intranet and extranet |
| CN109413604A (en) * | 2018-11-02 | 2019-03-01 | 国网浙江省电力有限公司 | A kind of SC collaboration method based on mobile Internet |
| CN110035085A (en) * | 2019-04-19 | 2019-07-19 | 无锡京和信息技术有限公司 | A kind of security system based on mixed architecture |
| CN110519275A (en) * | 2019-08-28 | 2019-11-29 | 江苏秉信科技有限公司 | A kind of mobile terminal safety operation desktop application implementation method based on electric power Intranet |
| CN110691064A (en) * | 2018-09-27 | 2020-01-14 | 国家电网有限公司 | Safety access protection and detection system for field operation terminal |
| CN110719284A (en) * | 2019-10-08 | 2020-01-21 | 腾讯科技(深圳)有限公司 | Data sharing method and related equipment |
| CN111132136A (en) * | 2019-11-11 | 2020-05-08 | 广州供电局有限公司 | Mobile application information security system application system |
| CN111277607A (en) * | 2020-02-14 | 2020-06-12 | 南京南瑞信息通信科技有限公司 | Communication tunnel module, application monitoring module and mobile terminal security access system |
| CN111510431A (en) * | 2020-03-16 | 2020-08-07 | 国网辽宁省电力有限公司信息通信分公司 | Universal terminal access control platform, client and control method |
| CN111538992A (en) * | 2020-03-20 | 2020-08-14 | 贵州电网有限责任公司 | Network security unified management platform in electric power information |
| CN111984999A (en) * | 2020-08-20 | 2020-11-24 | 海南电网有限责任公司 | Safety management and control method and system for power failure first-aid repair system |
| CN112104604A (en) * | 2020-08-07 | 2020-12-18 | 国电南瑞科技股份有限公司 | System and method for realizing safety access service based on electric power internet of things management platform |
| CN112437031A (en) * | 2019-08-23 | 2021-03-02 | 金田产业发展(山东)集团有限公司 | Multi-terminal converged homeland resource mobile government system based on heterogeneous network |
| CN112492602A (en) * | 2020-11-19 | 2021-03-12 | 武汉武钢绿色城市技术发展有限公司 | 5G terminal safety access device, system and equipment |
| CN113420084A (en) * | 2021-06-07 | 2021-09-21 | 广东辰宜信息科技有限公司 | Block chain system |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN202652534U (en) * | 2012-06-15 | 2013-01-02 | 辽宁省电力有限公司信息通信分公司 | Mobile terminal safety access platform |
| US20130013669A1 (en) * | 2011-07-06 | 2013-01-10 | Hankuk University Of Foreign Studies Research And Industry-University Cooperation Foundation | Method and apparatus for guaranteeing web-based mobility |
| CN103441991A (en) * | 2013-08-12 | 2013-12-11 | 江苏华大天益电力科技有限公司 | Mobile terminal security access platform |
-
2014
- 2014-08-26 CN CN201410423475.1A patent/CN104184735B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20130013669A1 (en) * | 2011-07-06 | 2013-01-10 | Hankuk University Of Foreign Studies Research And Industry-University Cooperation Foundation | Method and apparatus for guaranteeing web-based mobility |
| CN202652534U (en) * | 2012-06-15 | 2013-01-02 | 辽宁省电力有限公司信息通信分公司 | Mobile terminal safety access platform |
| CN103441991A (en) * | 2013-08-12 | 2013-12-11 | 江苏华大天益电力科技有限公司 | Mobile terminal security access platform |
Non-Patent Citations (5)
| Title |
|---|
| 凌行龙等: "电力营销移动作业安全分析及防护研究", 《ELECTRIC POWER ICT》 * |
| 秦超等: "基于数字证书认证的电力移动作业安全接入系统", 《中国电机工程学会电力通信专委会第八届学术会议论文集》 * |
| 秦超等: "电力移动作业PDA安全接入系统设计与实现", 《电力系统自动化》 * |
| 赵永彬等: "电力企业移动办公系统的研究与设计", 《辽宁电力信息化建设成果专栏》 * |
| 郭宝等: "电力生产现场作业和终端安全防护研究", 《深信服科技》 * |
Cited By (33)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107925651A (en) * | 2015-09-08 | 2018-04-17 | 西门子股份公司 | For running the method and industrial network of industrial network |
| CN105243440A (en) * | 2015-09-29 | 2016-01-13 | 国网浙江省电力公司温州供电公司 | Marketing mobile working platform based paperless office on-site working method |
| CN105243603A (en) * | 2015-09-29 | 2016-01-13 | 国网浙江省电力公司温州供电公司 | Power supply scheme assistant establishment system and working method therefor |
| CN105704149A (en) * | 2016-03-24 | 2016-06-22 | 国网江苏省电力公司电力科学研究院 | Safety protection method for power mobile application |
| CN106454824A (en) * | 2016-08-12 | 2017-02-22 | 中国南方电网有限责任公司 | System and method for enabling wireless terminal to securely access information Intranet |
| CN106713337B (en) * | 2017-01-03 | 2020-04-21 | 北京并行科技股份有限公司 | Method and system for accessing super computing center and scheduling server |
| CN106713337A (en) * | 2017-01-03 | 2017-05-24 | 北京并行科技股份有限公司 | Method and system for accessing supercomputing center, and dispatch server |
| CN106850408A (en) * | 2017-01-22 | 2017-06-13 | 山东鲁能软件技术有限公司 | Power informatization system is based on the multi-protocols message mechanism of mobile mixed architecture |
| CN106982204A (en) * | 2017-02-15 | 2017-07-25 | 深圳市中科智库互联网信息安全技术有限公司 | Credible and secure platform |
| CN106992984A (en) * | 2017-04-01 | 2017-07-28 | 国网福建省电力有限公司 | A kind of method of the mobile terminal safety access information Intranet based on electric power acquisition net |
| CN107231378A (en) * | 2017-07-21 | 2017-10-03 | 云南电网有限责任公司信息中心 | A kind of security control method based on electric power mobile office equipment, apparatus and system |
| CN107295312A (en) * | 2017-08-10 | 2017-10-24 | 上海辰锐信息科技公司 | A kind of wireless video safety access system based on SSL VPN |
| CN109150702B (en) * | 2018-08-16 | 2021-02-05 | 南京南瑞信息通信科技有限公司 | High-performance mobile access gateway for communicating information internal and external networks and method thereof |
| CN109150702A (en) * | 2018-08-16 | 2019-01-04 | 南京南瑞信息通信科技有限公司 | A kind of the high-performance mobile access gateway and its method of communication information intranet and extranet |
| CN110691064A (en) * | 2018-09-27 | 2020-01-14 | 国家电网有限公司 | Safety access protection and detection system for field operation terminal |
| CN110691064B (en) * | 2018-09-27 | 2022-01-04 | 国家电网有限公司 | Safety access protection and detection system for field operation terminal |
| CN109413604A (en) * | 2018-11-02 | 2019-03-01 | 国网浙江省电力有限公司 | A kind of SC collaboration method based on mobile Internet |
| CN110035085A (en) * | 2019-04-19 | 2019-07-19 | 无锡京和信息技术有限公司 | A kind of security system based on mixed architecture |
| CN112437031A (en) * | 2019-08-23 | 2021-03-02 | 金田产业发展(山东)集团有限公司 | Multi-terminal converged homeland resource mobile government system based on heterogeneous network |
| CN110519275A (en) * | 2019-08-28 | 2019-11-29 | 江苏秉信科技有限公司 | A kind of mobile terminal safety operation desktop application implementation method based on electric power Intranet |
| CN110719284A (en) * | 2019-10-08 | 2020-01-21 | 腾讯科技(深圳)有限公司 | Data sharing method and related equipment |
| CN111132136A (en) * | 2019-11-11 | 2020-05-08 | 广州供电局有限公司 | Mobile application information security system application system |
| CN111132136B (en) * | 2019-11-11 | 2023-04-14 | 广东电网有限责任公司广州供电局 | Mobile application information security system application system |
| CN111277607A (en) * | 2020-02-14 | 2020-06-12 | 南京南瑞信息通信科技有限公司 | Communication tunnel module, application monitoring module and mobile terminal security access system |
| CN111510431A (en) * | 2020-03-16 | 2020-08-07 | 国网辽宁省电力有限公司信息通信分公司 | Universal terminal access control platform, client and control method |
| CN111510431B (en) * | 2020-03-16 | 2022-04-15 | 国网辽宁省电力有限公司信息通信分公司 | Universal terminal access control platform, client and control method |
| CN111538992A (en) * | 2020-03-20 | 2020-08-14 | 贵州电网有限责任公司 | Network security unified management platform in electric power information |
| CN112104604A (en) * | 2020-08-07 | 2020-12-18 | 国电南瑞科技股份有限公司 | System and method for realizing safety access service based on electric power internet of things management platform |
| CN111984999A (en) * | 2020-08-20 | 2020-11-24 | 海南电网有限责任公司 | Safety management and control method and system for power failure first-aid repair system |
| CN112492602A (en) * | 2020-11-19 | 2021-03-12 | 武汉武钢绿色城市技术发展有限公司 | 5G terminal safety access device, system and equipment |
| CN112492602B (en) * | 2020-11-19 | 2023-08-01 | 武汉武钢绿色城市技术发展有限公司 | 5G terminal safety access device, system and equipment |
| CN113420084A (en) * | 2021-06-07 | 2021-09-21 | 广东辰宜信息科技有限公司 | Block chain system |
| CN113420084B (en) * | 2021-06-07 | 2023-09-26 | 广东辰宜信息科技有限公司 | Block chain system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104184735B (en) | 2018-03-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104184735A (en) | Electric marketing mobile application safe protection system | |
| CN109460660B (en) | Mobile device safety management system | |
| CN107071781B (en) | A kind of security protection performance assessment method suitable for electric power wireless private network core net | |
| CN106992984A (en) | A kind of method of the mobile terminal safety access information Intranet based on electric power acquisition net | |
| CN103716785B (en) | A kind of mobile Internet safety service system | |
| CN103532927A (en) | Financial cloud safety service platform based on mobile terminal and data protection method | |
| CN101778099A (en) | Architecture accessing trusted network for tolerating untrusted components and access method thereof | |
| CN103269332A (en) | Safeguard system for power secondary system | |
| CN107888613B (en) | Management system based on cloud platform | |
| CN103780584A (en) | Cloud computing-based identity authentication fusion method | |
| CN107920089A (en) | A kind of intelligent network lotus interactive terminal protecting information safety authentication encryption method | |
| KR20130050865A (en) | Caused by the use of smart device internal confidential data leakage prevention & trace system and method | |
| CN109995769A (en) | A kind of trans-regional full actual time safety management-control method of multi-tier Heterogeneous | |
| Samaras et al. | An enterprise security architecture for accessing SaaS cloud services with BYOD | |
| CN106789845A (en) | A kind of method of network data security transmission | |
| CN104125223A (en) | Security defending system for private data of mobile device | |
| Wang | Full‐scene network security protection system based on ubiquitous power Internet of things | |
| Magare et al. | Security and privacy issues in smart city: Threats and their countermeasures | |
| Vyshnavi et al. | Network Security tools and applications in Research Perspective | |
| Vorakulpipat et al. | Managing mobile device security in critical infrastructure sectors | |
| KHVOSTOV et al. | Security threats to personal data in the implementation of distance educational services using mobile technologies | |
| Yu et al. | Research on zero trust access control model and formalization based on rail transit data platform | |
| CN204206214U (en) | A kind of secure access control system | |
| CN202111721U (en) | Network information security assurance system | |
| CN202918335U (en) | Fusion type identity authentication device based on cloud computing |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information | ||
| CB02 | Change of applicant information |
Address after: 310007 Huanglong Road, Hangzhou, Zhejiang, No. 8, No. Applicant after: STATE GRID ZHEJIANG ELECTRIC POWER Co.,Ltd. Applicant after: JIAXING POWER SUPPLY COMPANY OF STATE GRID ZHEJIANG ELECTRIC POWER Co. Applicant after: State Grid Corporation of China Address before: 100031 Xicheng District West Chang'an Avenue, No. 86, Beijing Applicant before: State Grid Corporation of China Applicant before: STATE GRID ZHEJIANG ELECTRIC POWER Co.,Ltd. Applicant before: JIAXING POWER SUPPLY COMPANY OF STATE GRID ZHEJIANG ELECTRIC POWER Co. Address after: 100031 Xicheng District West Chang'an Avenue, No. 86, Beijing Applicant after: State Grid Corporation of China Applicant after: STATE GRID ZHEJIANG ELECTRIC POWER Co.,Ltd. Applicant after: JIAXING POWER SUPPLY COMPANY OF STATE GRID ZHEJIANG ELECTRIC POWER Co. Address before: 100031 Xicheng District West Chang'an Avenue, No. 86, Beijing Applicant before: State Grid Corporation of China Applicant before: STATE GRID ZHEJIANG ELECTRIC POWER Co. Applicant before: JIAXING POWER SUPPLY COMPANY OF STATE GRID ZHEJIANG ELECTRIC POWER Co. |
|
| CB03 | Change of inventor or designer information | ||
| CB03 | Change of inventor or designer information |
Inventor after: Tu Ying Inventor after: Jin Liangfeng Inventor after: Yan Yong Inventor after: Huang Ruizhang Inventor after: Liu Huan Inventor after: Li Nan Inventor after: Ma Chuang Inventor after: Shen Chao Inventor after: Sun Yishen Inventor after: He Wei Inventor after: Mi Xiaobo Inventor after: Xiao Shijie Inventor after: Changwei Inventor after: Lv Shining Inventor after: Gu Hongjie Inventor after: Lin Kaifeng Inventor after: Wu Hui Inventor after: Zhang Yan Inventor after: Qiu Huadong Inventor after: Ye Sheng Inventor after: Zheng Bin Inventor after: Hu Ruoyun Inventor after: Ding Qi Inventor after: Shen Ran Inventor before: Tu Ying Inventor before: Ma Chuang Inventor before: Shen Chao Inventor before: Sun Yishen Inventor before: He Wei Inventor before: Mi Xiaobo Inventor before: Changwei |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |