CN104506520A - MIPS (Million Instructions Per Second) platform Web access strategy control method - Google Patents
MIPS (Million Instructions Per Second) platform Web access strategy control method Download PDFInfo
- Publication number
- CN104506520A CN104506520A CN201410798774.3A CN201410798774A CN104506520A CN 104506520 A CN104506520 A CN 104506520A CN 201410798774 A CN201410798774 A CN 201410798774A CN 104506520 A CN104506520 A CN 104506520A
- Authority
- CN
- China
- Prior art keywords
- browser
- strategy
- policy
- blacklist
- plug
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses an MIPS (Million Instructions Per Second) platform Web access strategy control method. According to the MIPS platform Web access strategy control method, strategy setting of users of a client browser is uniformly managed and controlled in a centralized manner by a strategy server; the browser requests for the strategy server at certain time intervals; the strategy server manages strategy information of the users and returns the strategy information of the users to the client browser; the browser implements corresponding control according to the related strategy information. The MIPS platform Web access strategy control method has the advantages that control on an MIPS platform Web access strategy, functions of URL (Uniform Resource Locator) access blacklist control, URL access white list control and a forced home page address setting strategy, a function that whether a bookmark is editable, a function of installing a blacklist on an extension and functions of a download directory setting strategy, a plug-in URL white list, a plug-in URL blacklist and the like of the browser, are implemented, so that a local terminal can be protected and the users are prevented from accessing malicious websites, operating malicious plug-ins, installing malicious extensions, maliciously modifying a home page of the browser and the like.
Description
Technical field
The present invention relates to a kind of method for network access control, specifically a kind of MIPS platform web access policy control method, belongs to method for network access control field.
Background technology
In existing network architecture, due to totally centralized management cannot be carried out to the web access of single terminal, a lot of safety problem can be caused like this.As single terminal, because user has a mind to or faulty operation unintentionally, can cause unauthorized access malicious websites, run malicious plugins, install malice extender, malicious modification main browser page, these all can to the injury of bringing on a disaster property of the machine.
Summary of the invention
In order to solve the problem, the present invention devises a kind of MIPS platform web access policy control method, for the defect of MIPS platform web access strategy, the strategy setting of centralized management client browser user is unified by strategic server, browser is asked for strategic server at set intervals, this user tactics information arranges by strategic server, and return to client browser, browser implements corresponding control according to relevant policy information, thus achieve and control MIPS platform web access strategy, and the URL of browser accesses blacklist and controls, URL accesses white list and controls, force home address Provisioning Policy, whether bookmark can editting function, extender installs blacklist function, download directory Provisioning Policy, plug-in unit URL white list, the functions such as plug-in unit URL blacklist, thus can the terminal of this locality be protected, prevent user from accessing malicious websites, run malicious plugins, malice extender is installed, malicious modification main browser page etc.
Technical scheme of the present invention is:
MIPS platform web access policy control method, described MIPS platform comprises secure browser client and secure browser server end, described client is provided with the certification of general user's browser, policy module, the certification of described general user's browser, policy module are provided with user authentication information, described server end is provided with policy control server, secure browser policy service is realized by policy control server, carry out policy control to secure browser terminal, described control method specifically comprises the following steps:
(1) Policy Administrator logs in the policy system of policy control server, arranges URL access blacklist, can not revise main browser page, arranges download URL blacklist, setting can run plug-in unit list list, arranges extender installation blacklist, arranges bookmark for editing, arrange and can not revise download directory for terminal client;
(2) user profile is sent to policy control server by general user's browser certification, policy module, and compares with the setting of policy control server, when terminal client logs in browser, when being done as follows, and generation strategy result:
Access URL blacklist, prompting cannot access this webpage;
The button of amendment main browser page is that grey can not revise pattern;
Access download URL blacklist, the plug-in unit in plug-in unit list list can run, and the plug-in unit not in plug-in unit list list can not run;
Install the program in extender blacklist, system prompt is forbidden;
Edit bookmark, system prompt is forbidden;
Edit the catalogue of download file, system prompt is forbidden.
In addition, policy update at any time can also be carried out to the setting of client, after renewal, repeat above-mentioned steps again.
The invention has the advantages that: achieve and MIPS platform web access strategy is controlled; and the URL of browser accesses that blacklist controls, URL accesses white list and controls, forces home address Provisioning Policy, bookmark whether editting function, extender can install the functions such as blacklist function, download directory Provisioning Policy, plug-in unit URL white list, plug-in unit URL blacklist; thus can protect the terminal of this locality, prevent user from accessing malicious websites, run malicious plugins, malice extender, malicious modification main browser page etc. are installed.
Below in conjunction with drawings and Examples, the invention will be further described.
Accompanying drawing explanation
Fig. 1 is embodiment of the present invention MIPS platform web access policy control structure figure;
Fig. 2 is embodiment of the present invention MIPS platform web access policy control technical scheme flow chart.
Embodiment
Below the preferred embodiments of the present invention are described, should be appreciated that preferred embodiment described herein is only for instruction and explanation of the present invention, is not intended to limit the present invention.
Embodiment 1
As shown in Figure 1-2, a kind of MIPS platform web access policy control method, described MIPS platform comprises secure browser client and secure browser server end, described client is provided with the certification of general user's browser, policy module, the certification of described general user's browser, policy module are provided with user authentication information, described server end is provided with policy control server, secure browser policy service is realized by policy control server, carry out policy control to secure browser terminal, described control method specifically comprises the following steps:
(1) Policy Administrator logs in the policy system of policy control server, for terminal client as A arrange URL access blacklist as www.AAA.com, main browser page can not be revised, arrange download URL blacklist such as www.BBB.com, arrange can run plug-in unit list list, arrange extender blacklist is installed, arrange bookmark for can not edit, arrange and can not revise download directory;
(2) user profile is sent to policy control server by general user's browser certification, policy module, and compares with the setting of policy control server, when terminal client as A logs in browser, when being done as follows, and generation strategy result:
Access URL blacklist is as www.AAA.com, and prompting cannot access this webpage;
The button of amendment main browser page is that grey can not revise pattern;
Access download URL blacklist is as www.CCC.com, and the plug-in unit in plug-in unit list list can run, and the plug-in unit not in plug-in unit list list can not run;
Install the program in extender blacklist, system prompt is forbidden;
Edit bookmark, system prompt is forbidden;
Edit the catalogue of download file, system prompt is forbidden.
In addition, policy update at any time can also be carried out to the setting of client, after renewal, repeat above-mentioned steps again.
Last it is noted that the foregoing is only the preferred embodiments of the present invention, be not limited to the present invention, although with reference to previous embodiment to invention has been detailed description, for a person skilled in the art, it still can be modified to the technical scheme described in foregoing embodiments, or carries out equivalent replacement to wherein portion of techniques feature.Within the spirit and principles in the present invention all, any amendment done, equivalent replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (2)
1.MIPS platform web access policy control method, it is characterized in that: described MIPS platform comprises secure browser client and secure browser server end, described client is provided with the certification of general user's browser, policy module, the certification of described general user's browser, policy module are provided with user authentication information, described server end is provided with policy control server, secure browser policy service is realized by policy control server, carry out policy control to secure browser terminal, described control method specifically comprises the following steps:
(1) Policy Administrator logs in the policy system of policy control server, arranges URL access blacklist, can not revise main browser page, arranges download URL blacklist, setting can run plug-in unit list list, arranges extender installation blacklist, arranges bookmark for editing, arrange and can not revise download directory for terminal client;
(2) user profile is sent to policy control server by general user's browser certification, policy module, and compares with the setting of policy control server, when terminal client logs in browser, when being done as follows, and generation strategy result:
Access URL blacklist, prompting cannot access this webpage;
The button of amendment main browser page is that grey can not revise pattern;
Access download URL blacklist, the plug-in unit in plug-in unit list list can run, and the plug-in unit not in plug-in unit list list can not run;
Install the program in extender blacklist, system prompt is forbidden;
Edit bookmark, system prompt is forbidden;
Edit the catalogue of download file, system prompt is forbidden.
2. MIPS platform web access policy control method according to claim 1, is characterized in that: also comprise step (3) and carry out policy update at any time to the setting of client, repeat above-mentioned steps again after renewal.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410798774.3A CN104506520A (en) | 2014-12-22 | 2014-12-22 | MIPS (Million Instructions Per Second) platform Web access strategy control method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410798774.3A CN104506520A (en) | 2014-12-22 | 2014-12-22 | MIPS (Million Instructions Per Second) platform Web access strategy control method |
Publications (1)
Publication Number | Publication Date |
---|---|
CN104506520A true CN104506520A (en) | 2015-04-08 |
Family
ID=52948235
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201410798774.3A Pending CN104506520A (en) | 2014-12-22 | 2014-12-22 | MIPS (Million Instructions Per Second) platform Web access strategy control method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104506520A (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105635126A (en) * | 2015-12-24 | 2016-06-01 | 北京奇虎科技有限公司 | Malicious URL access protection method, client side, security server and system |
CN106919829A (en) * | 2015-12-24 | 2017-07-04 | 北京奇虎科技有限公司 | The means of defence and device of a kind of browser |
CN107682365A (en) * | 2017-11-03 | 2018-02-09 | 郑州云海信息技术有限公司 | A kind of cross-platform network access control system and method |
CN117112956A (en) * | 2023-08-23 | 2023-11-24 | 北京航智信息技术有限公司 | Remote control method and system for browser |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030212807A1 (en) * | 2002-05-09 | 2003-11-13 | Netstar Incorporated | Data relay system having Web connection or data relay regulating function and method of controlling regulation of the same |
CN104079528A (en) * | 2013-03-26 | 2014-10-01 | 北大方正集团有限公司 | Method and system of safety protection of Web application |
-
2014
- 2014-12-22 CN CN201410798774.3A patent/CN104506520A/en active Pending
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030212807A1 (en) * | 2002-05-09 | 2003-11-13 | Netstar Incorporated | Data relay system having Web connection or data relay regulating function and method of controlling regulation of the same |
CN104079528A (en) * | 2013-03-26 | 2014-10-01 | 北大方正集团有限公司 | Method and system of safety protection of Web application |
Non-Patent Citations (2)
Title |
---|
刘庆平: "浏览器安全问题的研究与解决方案", 《中国优秀硕士学位论文全文数据库信息科技辑》 * |
王雷,张令臣,向继,余幸杰: "恶意浏览器扩展行为分析与建模", 《第27次全国计算机安全学术交流会论文集》 * |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105635126A (en) * | 2015-12-24 | 2016-06-01 | 北京奇虎科技有限公司 | Malicious URL access protection method, client side, security server and system |
CN106919829A (en) * | 2015-12-24 | 2017-07-04 | 北京奇虎科技有限公司 | The means of defence and device of a kind of browser |
CN105635126B (en) * | 2015-12-24 | 2018-10-09 | 北京奇虎科技有限公司 | Malice network address accesses means of defence, client, security server and system |
CN107682365A (en) * | 2017-11-03 | 2018-02-09 | 郑州云海信息技术有限公司 | A kind of cross-platform network access control system and method |
CN117112956A (en) * | 2023-08-23 | 2023-11-24 | 北京航智信息技术有限公司 | Remote control method and system for browser |
CN117112956B (en) * | 2023-08-23 | 2024-03-29 | 北京航智信息技术有限公司 | Remote control method and system for browser |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103744686B (en) | Control method and the system of installation is applied in intelligent terminal | |
CN102447677B (en) | Resource access control method, system and equipment | |
CN107395593B (en) | Vulnerability automatic protection method, firewall and storage medium | |
CN103310153B (en) | A kind of fine granularity authority control method based on Android platform | |
CN103136478B (en) | A kind of method for managing security of terminal applies and system | |
CN103036871B (en) | Support device and method of application plug-in of browser | |
CN109033857B (en) | Method, device and equipment for accessing data and readable storage medium | |
CN103023976B (en) | A kind of apparatus and method of browser application plug-in extension | |
US8904492B2 (en) | Method of controlling information processing system, computer-readable recording medium storing program for controlling apparatus | |
CN105183504A (en) | Software server based process white-list updating method | |
CN104506520A (en) | MIPS (Million Instructions Per Second) platform Web access strategy control method | |
CN105843653A (en) | TA (trusted application) configuration method and device | |
CN103532912A (en) | Browser service data processing method and apparatus | |
US8127033B1 (en) | Method and apparatus for accessing local computer system resources from a browser | |
WO2014150737A2 (en) | Method and system for enabling the federation of unrelated applications | |
CN108614709B (en) | Method and system for controlling Android application to safely access network | |
CN105786551A (en) | Application program operation access control method and system | |
CN102201935A (en) | Access control method and device based on VIEW | |
CN104079437A (en) | Method and terminal for achieving authority management and control | |
CN102377589B (en) | Right management control method and terminal | |
CN102842006A (en) | Access control method of expanding script object as well as access control system and terminal of expanding script object | |
CN1661982A (en) | Method and system for automatically configuring access control | |
CN102148831B (en) | Method and system for safely controlling terminal application | |
CN106209746B (en) | Security service providing method and server | |
CN103377055B (en) | Method and device for program running in mobile terminal |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20150408 |
|
RJ01 | Rejection of invention patent application after publication |