CN104506520A - MIPS (Million Instructions Per Second) platform Web access strategy control method - Google Patents

MIPS (Million Instructions Per Second) platform Web access strategy control method Download PDF

Info

Publication number
CN104506520A
CN104506520A CN201410798774.3A CN201410798774A CN104506520A CN 104506520 A CN104506520 A CN 104506520A CN 201410798774 A CN201410798774 A CN 201410798774A CN 104506520 A CN104506520 A CN 104506520A
Authority
CN
China
Prior art keywords
browser
strategy
policy
blacklist
plug
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201410798774.3A
Other languages
Chinese (zh)
Inventor
陈鲁
符兴斌
李锁在
郑永飞
刘向军
韩鹏
黄明
胡春玲
徐志亮
胡松
葛江华
李亮
袁泉
李贺
肖利建
马利君
陈文静
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
CHINASOFT INFORMATION SYSTEM ENGINEERING Co Ltd
Original Assignee
CHINASOFT INFORMATION SYSTEM ENGINEERING Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by CHINASOFT INFORMATION SYSTEM ENGINEERING Co Ltd filed Critical CHINASOFT INFORMATION SYSTEM ENGINEERING Co Ltd
Priority to CN201410798774.3A priority Critical patent/CN104506520A/en
Publication of CN104506520A publication Critical patent/CN104506520A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The invention discloses an MIPS (Million Instructions Per Second) platform Web access strategy control method. According to the MIPS platform Web access strategy control method, strategy setting of users of a client browser is uniformly managed and controlled in a centralized manner by a strategy server; the browser requests for the strategy server at certain time intervals; the strategy server manages strategy information of the users and returns the strategy information of the users to the client browser; the browser implements corresponding control according to the related strategy information. The MIPS platform Web access strategy control method has the advantages that control on an MIPS platform Web access strategy, functions of URL (Uniform Resource Locator) access blacklist control, URL access white list control and a forced home page address setting strategy, a function that whether a bookmark is editable, a function of installing a blacklist on an extension and functions of a download directory setting strategy, a plug-in URL white list, a plug-in URL blacklist and the like of the browser, are implemented, so that a local terminal can be protected and the users are prevented from accessing malicious websites, operating malicious plug-ins, installing malicious extensions, maliciously modifying a home page of the browser and the like.

Description

MIPS platform web access policy control method
Technical field
The present invention relates to a kind of method for network access control, specifically a kind of MIPS platform web access policy control method, belongs to method for network access control field.
Background technology
In existing network architecture, due to totally centralized management cannot be carried out to the web access of single terminal, a lot of safety problem can be caused like this.As single terminal, because user has a mind to or faulty operation unintentionally, can cause unauthorized access malicious websites, run malicious plugins, install malice extender, malicious modification main browser page, these all can to the injury of bringing on a disaster property of the machine.
Summary of the invention
In order to solve the problem, the present invention devises a kind of MIPS platform web access policy control method, for the defect of MIPS platform web access strategy, the strategy setting of centralized management client browser user is unified by strategic server, browser is asked for strategic server at set intervals, this user tactics information arranges by strategic server, and return to client browser, browser implements corresponding control according to relevant policy information, thus achieve and control MIPS platform web access strategy, and the URL of browser accesses blacklist and controls, URL accesses white list and controls, force home address Provisioning Policy, whether bookmark can editting function, extender installs blacklist function, download directory Provisioning Policy, plug-in unit URL white list, the functions such as plug-in unit URL blacklist, thus can the terminal of this locality be protected, prevent user from accessing malicious websites, run malicious plugins, malice extender is installed, malicious modification main browser page etc.
Technical scheme of the present invention is:
MIPS platform web access policy control method, described MIPS platform comprises secure browser client and secure browser server end, described client is provided with the certification of general user's browser, policy module, the certification of described general user's browser, policy module are provided with user authentication information, described server end is provided with policy control server, secure browser policy service is realized by policy control server, carry out policy control to secure browser terminal, described control method specifically comprises the following steps:
(1) Policy Administrator logs in the policy system of policy control server, arranges URL access blacklist, can not revise main browser page, arranges download URL blacklist, setting can run plug-in unit list list, arranges extender installation blacklist, arranges bookmark for editing, arrange and can not revise download directory for terminal client;
(2) user profile is sent to policy control server by general user's browser certification, policy module, and compares with the setting of policy control server, when terminal client logs in browser, when being done as follows, and generation strategy result:
Access URL blacklist, prompting cannot access this webpage;
The button of amendment main browser page is that grey can not revise pattern;
Access download URL blacklist, the plug-in unit in plug-in unit list list can run, and the plug-in unit not in plug-in unit list list can not run;
Install the program in extender blacklist, system prompt is forbidden;
Edit bookmark, system prompt is forbidden;
Edit the catalogue of download file, system prompt is forbidden.
In addition, policy update at any time can also be carried out to the setting of client, after renewal, repeat above-mentioned steps again.
The invention has the advantages that: achieve and MIPS platform web access strategy is controlled; and the URL of browser accesses that blacklist controls, URL accesses white list and controls, forces home address Provisioning Policy, bookmark whether editting function, extender can install the functions such as blacklist function, download directory Provisioning Policy, plug-in unit URL white list, plug-in unit URL blacklist; thus can protect the terminal of this locality, prevent user from accessing malicious websites, run malicious plugins, malice extender, malicious modification main browser page etc. are installed.
Below in conjunction with drawings and Examples, the invention will be further described.
Accompanying drawing explanation
Fig. 1 is embodiment of the present invention MIPS platform web access policy control structure figure;
Fig. 2 is embodiment of the present invention MIPS platform web access policy control technical scheme flow chart.
Embodiment
Below the preferred embodiments of the present invention are described, should be appreciated that preferred embodiment described herein is only for instruction and explanation of the present invention, is not intended to limit the present invention.
Embodiment 1
As shown in Figure 1-2, a kind of MIPS platform web access policy control method, described MIPS platform comprises secure browser client and secure browser server end, described client is provided with the certification of general user's browser, policy module, the certification of described general user's browser, policy module are provided with user authentication information, described server end is provided with policy control server, secure browser policy service is realized by policy control server, carry out policy control to secure browser terminal, described control method specifically comprises the following steps:
(1) Policy Administrator logs in the policy system of policy control server, for terminal client as A arrange URL access blacklist as www.AAA.com, main browser page can not be revised, arrange download URL blacklist such as www.BBB.com, arrange can run plug-in unit list list, arrange extender blacklist is installed, arrange bookmark for can not edit, arrange and can not revise download directory;
(2) user profile is sent to policy control server by general user's browser certification, policy module, and compares with the setting of policy control server, when terminal client as A logs in browser, when being done as follows, and generation strategy result:
Access URL blacklist is as www.AAA.com, and prompting cannot access this webpage;
The button of amendment main browser page is that grey can not revise pattern;
Access download URL blacklist is as www.CCC.com, and the plug-in unit in plug-in unit list list can run, and the plug-in unit not in plug-in unit list list can not run;
Install the program in extender blacklist, system prompt is forbidden;
Edit bookmark, system prompt is forbidden;
Edit the catalogue of download file, system prompt is forbidden.
In addition, policy update at any time can also be carried out to the setting of client, after renewal, repeat above-mentioned steps again.
Last it is noted that the foregoing is only the preferred embodiments of the present invention, be not limited to the present invention, although with reference to previous embodiment to invention has been detailed description, for a person skilled in the art, it still can be modified to the technical scheme described in foregoing embodiments, or carries out equivalent replacement to wherein portion of techniques feature.Within the spirit and principles in the present invention all, any amendment done, equivalent replacement, improvement etc., all should be included within protection scope of the present invention.

Claims (2)

1.MIPS platform web access policy control method, it is characterized in that: described MIPS platform comprises secure browser client and secure browser server end, described client is provided with the certification of general user's browser, policy module, the certification of described general user's browser, policy module are provided with user authentication information, described server end is provided with policy control server, secure browser policy service is realized by policy control server, carry out policy control to secure browser terminal, described control method specifically comprises the following steps:
(1) Policy Administrator logs in the policy system of policy control server, arranges URL access blacklist, can not revise main browser page, arranges download URL blacklist, setting can run plug-in unit list list, arranges extender installation blacklist, arranges bookmark for editing, arrange and can not revise download directory for terminal client;
(2) user profile is sent to policy control server by general user's browser certification, policy module, and compares with the setting of policy control server, when terminal client logs in browser, when being done as follows, and generation strategy result:
Access URL blacklist, prompting cannot access this webpage;
The button of amendment main browser page is that grey can not revise pattern;
Access download URL blacklist, the plug-in unit in plug-in unit list list can run, and the plug-in unit not in plug-in unit list list can not run;
Install the program in extender blacklist, system prompt is forbidden;
Edit bookmark, system prompt is forbidden;
Edit the catalogue of download file, system prompt is forbidden.
2. MIPS platform web access policy control method according to claim 1, is characterized in that: also comprise step (3) and carry out policy update at any time to the setting of client, repeat above-mentioned steps again after renewal.
CN201410798774.3A 2014-12-22 2014-12-22 MIPS (Million Instructions Per Second) platform Web access strategy control method Pending CN104506520A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410798774.3A CN104506520A (en) 2014-12-22 2014-12-22 MIPS (Million Instructions Per Second) platform Web access strategy control method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410798774.3A CN104506520A (en) 2014-12-22 2014-12-22 MIPS (Million Instructions Per Second) platform Web access strategy control method

Publications (1)

Publication Number Publication Date
CN104506520A true CN104506520A (en) 2015-04-08

Family

ID=52948235

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410798774.3A Pending CN104506520A (en) 2014-12-22 2014-12-22 MIPS (Million Instructions Per Second) platform Web access strategy control method

Country Status (1)

Country Link
CN (1) CN104506520A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105635126A (en) * 2015-12-24 2016-06-01 北京奇虎科技有限公司 Malicious URL access protection method, client side, security server and system
CN106919829A (en) * 2015-12-24 2017-07-04 北京奇虎科技有限公司 The means of defence and device of a kind of browser
CN107682365A (en) * 2017-11-03 2018-02-09 郑州云海信息技术有限公司 A kind of cross-platform network access control system and method
CN117112956A (en) * 2023-08-23 2023-11-24 北京航智信息技术有限公司 Remote control method and system for browser

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030212807A1 (en) * 2002-05-09 2003-11-13 Netstar Incorporated Data relay system having Web connection or data relay regulating function and method of controlling regulation of the same
CN104079528A (en) * 2013-03-26 2014-10-01 北大方正集团有限公司 Method and system of safety protection of Web application

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030212807A1 (en) * 2002-05-09 2003-11-13 Netstar Incorporated Data relay system having Web connection or data relay regulating function and method of controlling regulation of the same
CN104079528A (en) * 2013-03-26 2014-10-01 北大方正集团有限公司 Method and system of safety protection of Web application

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
刘庆平: "浏览器安全问题的研究与解决方案", 《中国优秀硕士学位论文全文数据库信息科技辑》 *
王雷,张令臣,向继,余幸杰: "恶意浏览器扩展行为分析与建模", 《第27次全国计算机安全学术交流会论文集》 *

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105635126A (en) * 2015-12-24 2016-06-01 北京奇虎科技有限公司 Malicious URL access protection method, client side, security server and system
CN106919829A (en) * 2015-12-24 2017-07-04 北京奇虎科技有限公司 The means of defence and device of a kind of browser
CN105635126B (en) * 2015-12-24 2018-10-09 北京奇虎科技有限公司 Malice network address accesses means of defence, client, security server and system
CN107682365A (en) * 2017-11-03 2018-02-09 郑州云海信息技术有限公司 A kind of cross-platform network access control system and method
CN117112956A (en) * 2023-08-23 2023-11-24 北京航智信息技术有限公司 Remote control method and system for browser
CN117112956B (en) * 2023-08-23 2024-03-29 北京航智信息技术有限公司 Remote control method and system for browser

Similar Documents

Publication Publication Date Title
CN103744686B (en) Control method and the system of installation is applied in intelligent terminal
CN102447677B (en) Resource access control method, system and equipment
CN107395593B (en) Vulnerability automatic protection method, firewall and storage medium
CN103310153B (en) A kind of fine granularity authority control method based on Android platform
CN103136478B (en) A kind of method for managing security of terminal applies and system
CN103036871B (en) Support device and method of application plug-in of browser
CN109033857B (en) Method, device and equipment for accessing data and readable storage medium
CN103023976B (en) A kind of apparatus and method of browser application plug-in extension
US8904492B2 (en) Method of controlling information processing system, computer-readable recording medium storing program for controlling apparatus
CN105183504A (en) Software server based process white-list updating method
CN104506520A (en) MIPS (Million Instructions Per Second) platform Web access strategy control method
CN105843653A (en) TA (trusted application) configuration method and device
CN103532912A (en) Browser service data processing method and apparatus
US8127033B1 (en) Method and apparatus for accessing local computer system resources from a browser
WO2014150737A2 (en) Method and system for enabling the federation of unrelated applications
CN108614709B (en) Method and system for controlling Android application to safely access network
CN105786551A (en) Application program operation access control method and system
CN102201935A (en) Access control method and device based on VIEW
CN104079437A (en) Method and terminal for achieving authority management and control
CN102377589B (en) Right management control method and terminal
CN102842006A (en) Access control method of expanding script object as well as access control system and terminal of expanding script object
CN1661982A (en) Method and system for automatically configuring access control
CN102148831B (en) Method and system for safely controlling terminal application
CN106209746B (en) Security service providing method and server
CN103377055B (en) Method and device for program running in mobile terminal

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20150408

RJ01 Rejection of invention patent application after publication