CN104680676A - Cross-network VPN (Virtual Private Network) access billing system of self-built security tunnel and method thereof - Google Patents
Cross-network VPN (Virtual Private Network) access billing system of self-built security tunnel and method thereof Download PDFInfo
- Publication number
- CN104680676A CN104680676A CN201310643135.5A CN201310643135A CN104680676A CN 104680676 A CN104680676 A CN 104680676A CN 201310643135 A CN201310643135 A CN 201310643135A CN 104680676 A CN104680676 A CN 104680676A
- Authority
- CN
- China
- Prior art keywords
- network
- vpn
- self
- invoice
- secure tunnel
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a cross-network VPN (virtual Private Network) access billing system of a self-built security tunnel and a method thereof. The system comprises a billing terminal and a tax-side network invoice management background, wherein the billing terminal communicates with the tax-side network invoice management background through a VPN; the VPN adopts an L2TP virtual private network security protocol and is provided with a private dialing tool; a calling code of the private dialing tool is added into the network billing process. Through the system, a middle-low-end embedded platform is adopted, so that the system is high in cost performance; a private billing device is adopted and is used for integrally billing in absence of host equipment; the networking access can be implemented in various wired and wireless manners and systems.
Description
Technical field
The present invention relates to tax control technical field, particularly a kind of across a network VPN building secure tunnel accesses terminal of making out an invoice.
Background technology
In recent years, along with improving constantly of the national tax level of IT application, the special-purpose terminal facility of making out an invoice possessing network function are subject to the welcome of revenue department and taxpayer gradually.Compared to traditional fiscal cash register, such network terminal of making out an invoice possesses tax-control data (invoice data etc.) and reports and submits and (report and submit in real time) in time, save manpower and to declare dutiable goods the advantages such as cost.Tax information has the seriousness of law, has higher security requirement via Internet Transmission, and therefore invoice data also brings safety issue while public transfers on network brings convenience.
Improve data transmission security, have two aspect problems to solve: data security and channel security.Data security generally does digital signature by soft encryption or hardware CA, or the two combination solves.As adopted hardware CA, then needing the USB Key of an increase filling certificate, adding the exploitation complicacy of terminal of making out an invoice, adding the cost of whole system simultaneously; As only adopted soft encryption, then safe class is inadequate again.Channel security refers to the security of Strengthens network passage, as adopted virtual private network VPN technology, sets up VPN (virtual private network) secure tunnel making out an invoice between terminal and invoice management system, thus transmission tax-controlled invoice data.Telecom operators generally provide the one of this channel security VPDN(VPN) business (as shown in Figure 1), as special PPPoE dialing account (cable network) can be provided or provide special SIM card, terminal adopts this account or SIM card online, can realize VPN transmission.But this mode has two drawbacks: one is that secure tunnel can only foundation in same operator net, cannot cross operator; Two is that secure tunnel can not realize real " end-to-end " foundation, can only set up between LAC and LNS of operator.
Therefore, how above-mentioned technical matters is solved, be the research direction place of those skilled in the art.
Summary of the invention
The across a network VPN that fundamental purpose of the present invention is to provide a kind of self-built secure tunnel accesses billing system and method thereof, it is that one can self-built VPN(VPN (virtual private network)) network billing machine in tunnel, thus realize the across a network secure accessing of terminal and invoice management system.
In order to achieve the above object, the across a network VPN that the invention provides a kind of self-built secure tunnel accesses billing system, it comprises terminal of making out an invoice, tax end invoice management backstage, described make out an invoice terminal and described tax end invoice manage backstage and carry out communication by VPN virtual network, wherein, described VPN virtual network adopts L2TP VPN (virtual private network) security protocol, and has private dialup instrument, and the invocation code of described private dialup instrument adds network and to make out an invoice flow process.
Wherein, described VPN virtual network can realize one and decide according to network condition the logic whether VPN connect in its sole discretion.
Wherein, the duty paragraph of taxpayer and taxpayer VPN account can be bound, for unified management by described VPN virtual network.
Wherein, described terminal of making out an invoice comprises system board, this system board is integrated with storer, clock, user interface, Ethernet interface, Power Supply Monitoring and Peripheral Interface, and described Ethernet interface is used for carrying out LAN and ADSL and connects.
Wherein, described terminal of making out an invoice has USB interface, and described USB interface connects 3G wireless network card, realizes Wireless Networking.
Wherein, described terminal of making out an invoice has RS232 and cash box interface, for connecting scanner, handwriting pad user peripheral hardware.
Wherein, the peripheral hardware of described Peripheral Interface connection device inside comprises LCD display module, matrix keyboard module and pin type mini-printer.
Wherein, described terminal of making out an invoice adopts ARM7 platform, uClinux system.
In order to achieve the above object, the present invention also provides a kind of across a network VPN of self-built secure tunnel to access billing method, and it comprises the steps:
Each hardware device carries out initialization;
According to the network access mode accessing Internet of user's setting;
Set selection according to user and whether set up now the connection of VPN private network;
Enter main business flow of drawing a bill.
Wherein, when an operation layer has the request of an Internet Transmission, carry out setting up VPN private network and connect, specifically comprise the steps:
Check terminal whether connecting Internet, if not, perform network and re-access, if continue next step:
Check whether VPN private network is set up, if not, set up VPN private network tunnel, path setting network data transmitted is vpn tunneling, if so, continues next step;
Tax data is sent to tax end backstage;
Receive the data that local side backstage returns.
Wherein, in the step of the network access mode accessing Internet set according to user, network access mode is LAN (Local Area Network), ADSL or 3G.
Compared with prior art, beneficial effect of the present invention is:
1) adopt low and middle-end embedded platform, cost performance is high;
2) make out an invoice specialized equipment, integral type is made out an invoice, and does not rely on any host equipment;
3) support that the networking of wired, wireless various network mode, standard accesses;
4) set up the VPN VPN (virtual private network) (L2TP agreement) of " end-to-end " voluntarily with invoice management system, solve the problem of cross operator network insertion, ensure that the security of transmission channel simultaneously;
5) data transmitted are carried out " soft encryption ", use together with " channel security ", both ensure that the security of data, in turn save hardware cost (without the need to using hardware CA);
6) opportunity determining to set up VPN connection can be judged voluntarily;
7) taxpayer's information and VPN account are bound, simplify the management process of taxpayer's information.
Accompanying drawing explanation
Fig. 1 is existing operator VPDN business network topological diagram;
Fig. 2 is that the across a network VPN of a kind of self-built secure tunnel of one embodiment of the invention accesses billing system schematic diagram;
Fig. 3 is the terminal hardware composition frame chart of making out an invoice of the across a network VPN access billing system of a kind of self-built secure tunnel of one embodiment of the invention;
Fig. 4 is that the across a network VPN of a kind of self-built secure tunnel of one embodiment of the invention accesses billing method process flow diagram;
Fig. 5 is the process flow diagram that the across a network VPN of a kind of self-built secure tunnel of one embodiment of the invention accesses that billing method sets up the connection of VPN private network voluntarily.
Embodiment
Below in conjunction with accompanying drawing, to above-mentioned being described in more detail with other technical characteristic and advantage of the present invention.
As shown in Figure 2, for the across a network VPN access billing system schematic diagram of a kind of self-built secure tunnel that the embodiment of the present invention provides, the across a network VPN of self-built secure tunnel of the present invention accesses billing system, comprise terminal of making out an invoice, tax end invoice management backstage, described make out an invoice terminal and described tax end invoice manage backstage and carry out communication by VPN virtual network, wherein, described VPN virtual network adopts L2TP VPN (virtual private network) security protocol, and concrete network insertion instrument uses third party to increase income dialing instrument " xl2tpd ".In specific implementation process, first this instrument is carried out the transplanting based on this hardware platform, and the executable file after transplanting is copied among this platform software system.In the operation flow of application software, add calling dial feature, idiographic flow as shown in Figure 4, present invention achieves one and decides according to network condition the logic whether VPN connect in its sole discretion.In order to simplify the management process to taxpayer's account number, the duty paragraph of taxpayer is carried out associating with taxpayer VPN account and is bound by the present invention, and concrete grammar is: taxpayer VPN account name=taxpayer's duty paragraph+'@'+tax authority's code.
As shown in Figure 3, the across a network VPN of a kind of self-built secure tunnel provided for the embodiment of the present invention accesses the terminal hardware composition frame chart of making out an invoice of billing system, terminal of making out an invoice of the present invention adopts ARM7 platform, uClinux system, comprise system board, this system board is integrated with storer, clock, user interface, Ethernet interface, Power Supply Monitoring and Peripheral Interface.Above-mentioned Ethernet interface, connects for carrying out LAN and ADSL.Described terminal of making out an invoice also has USB interface, and described USB interface connects 3G wireless network card, realizes Wireless Networking.Also there is the user interface such as RS232, cash box interface in addition, for connecting the user such as scanner, handwriting pad peripheral hardware.The peripheral hardware of Peripheral Interface connection device inside, comprises LCD display module, matrix keyboard module and pin type mini-printer.
Terminal of making out an invoice of the present invention is the embedded bench device of a low and middle-end, cheap, powerful, there is wired and wireless various network access modes, directly can be set up the VPN (virtual private network) of " end-to-end " by VPN dialing and invoice management system, for being transferred through the tax-controlled invoice data of soft encryption.When taxpayer is when using terminal of making out an invoice of the present invention to carry out the relevant business operation of network, terminal device establishes for him the particular virtual network tunnel that one arrives tax local side invoice management backstage automatically, and tax data transmission security in this dedicated tunnel is reliable.
Terminal system of making out an invoice of the present invention, novelty have employed soft encryption (data security) and VPN transmission (channel security) method that combines, well solve the safe class problem of invoice data transmission, reduce the overall cost (without the need to hardware CA) of terminal system of making out an invoice simultaneously, but also breaching the restriction of cross operator network, make to make out an invoice terminal and invoice management system can be in different carrier networks.A more outstanding advantage is that VPN secure tunnel is directly set up by making out an invoice between terminal and management system, and achieve real " end-to-end " VPN (virtual private network) and connect, security is more secure, and does not limit by Operator Specific Service.
As shown in Figure 4, be the across a network VPN access billing method process flow diagram of a kind of self-built secure tunnel that the embodiment of the present invention provides, the across a network VPN that the invention provides a kind of self-built secure tunnel accesses billing method, comprises the steps:
Each hardware device carries out initialization;
According to the network access mode accessing Internet of user's setting, network access mode can be LAN (Local Area Network), ADSL or 3G etc.;
Set selection according to user and whether set up now the connection of VPN private network;
Enter main business flow of drawing a bill.
As shown in Figure 5, the across a network VPN of a kind of self-built secure tunnel provided for the embodiment of the present invention accesses billing method and sets up the process flow diagram that VPN private network connects voluntarily, when an operation layer has had the request of an Internet Transmission, carry out setting up VPN private network and connected, specifically comprised the steps:
Check terminal whether connecting Internet, if not, perform network and re-access, if continue next step:
Check whether VPN private network is set up, if not, set up VPN private network tunnel, path setting network data transmitted is vpn tunneling, if so, continues next step;
Tax data is sent to tax end backstage;
Receive the data that local side backstage returns.
In sum, advantage of the present invention:
1) adopt low and middle-end embedded platform, cost performance is high;
2) make out an invoice specialized equipment, integral type is made out an invoice, and does not rely on any host equipment;
3) support that the networking of wired, wireless various network mode, standard accesses;
4) set up the VPN VPN (virtual private network) (L2TP agreement) of " end-to-end " voluntarily with invoice management system, solve the problem of cross operator network insertion, ensure that the security of transmission channel simultaneously;
5) data transmitted are carried out " soft encryption ", use together with " channel security ", both ensure that the security of data, in turn save hardware cost (without the need to using hardware CA);
6) opportunity determining to set up VPN connection can be judged voluntarily;
7) taxpayer's information and VPN account are bound, simplify the management process of taxpayer's information.
More than illustrate just illustrative for the purpose of the present invention; and nonrestrictive, those of ordinary skill in the art understand, when not departing from the spirit and scope that claim limits; many amendments, change or equivalence can be made, but all will fall within protection scope of the present invention.
Claims (11)
1. the across a network VPN of a self-built secure tunnel accesses billing system, it is characterized in that, it comprises terminal of making out an invoice, tax end invoice management backstage, described make out an invoice terminal and described tax end invoice manage backstage and carry out communication by VPN virtual network, wherein, described VPN virtual network adopts L2TP VPN (virtual private network) security protocol, and has private dialup instrument, and the invocation code of described private dialup instrument adds network and to make out an invoice flow process.
2. the across a network VPN of a kind of self-built secure tunnel according to claim 1 accesses billing system, it is characterized in that, described VPN virtual network can realize one and decide according to network condition the logic whether VPN connect in its sole discretion.
3. the across a network VPN of a kind of self-built secure tunnel according to claim 1 accesses billing system, and it is characterized in that, the duty paragraph of taxpayer and taxpayer VPN account can be bound, for unified management by described VPN virtual network.
4. the across a network VPN of a kind of self-built secure tunnel according to claim 1 accesses billing system, it is characterized in that, described terminal of making out an invoice comprises system board, this system board is integrated with storer, clock, user interface, Ethernet interface, Power Supply Monitoring and Peripheral Interface, described Ethernet interface is used for carrying out LAN and ADSL and connects.
5. the across a network VPN of a kind of self-built secure tunnel according to claim 1 accesses billing system, and it is characterized in that, described terminal of making out an invoice has USB interface, and described USB interface connects 3G wireless network card, realizes Wireless Networking.
6. the across a network VPN of a kind of self-built secure tunnel according to claim 1 accesses billing system, and it is characterized in that, described terminal of making out an invoice has RS232 and cash box interface, for connecting scanner, handwriting pad user peripheral hardware.
7. the across a network VPN of a kind of self-built secure tunnel according to claim 4 accesses billing system, and it is characterized in that, the peripheral hardware of described Peripheral Interface connection device inside comprises LCD display module, matrix keyboard module and pin type mini-printer.
8. the across a network VPN of a kind of self-built secure tunnel according to claim 1 accesses billing system, it is characterized in that, described terminal of making out an invoice adopts ARM7 platform, uClinux system.
9. the across a network VPN of self-built secure tunnel accesses a billing method, and it is characterized in that, it comprises the steps:
Each hardware device carries out initialization;
According to the network access mode accessing Internet of user's setting;
Set selection according to user and whether set up now the connection of VPN private network;
Enter main business flow of drawing a bill.
10. the across a network VPN of a kind of self-built secure tunnel according to claim 9 accesses billing method, it is characterized in that, when an operation layer has the request of an Internet Transmission, carries out setting up VPN private network and connects, specifically comprise the steps:
Check terminal whether connecting Internet, if not, perform network and re-access, if continue next step:
Check whether VPN private network is set up, if not, set up VPN private network tunnel, path setting network data transmitted is vpn tunneling, if so, continues next step;
Tax data is sent to tax end backstage;
Receive the data that local side backstage returns.
The across a network VPN of 11. a kind of self-built secure tunnels according to claim 9 accesses billing method, and it is characterized in that, in the step of the network access mode accessing Internet set according to user, network access mode is LAN (Local Area Network), ADSL or 3G.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310643135.5A CN104680676B (en) | 2013-12-03 | 2013-12-03 | The across a network VPN access billing systems and its method of a kind of self-built secure tunnel |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310643135.5A CN104680676B (en) | 2013-12-03 | 2013-12-03 | The across a network VPN access billing systems and its method of a kind of self-built secure tunnel |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104680676A true CN104680676A (en) | 2015-06-03 |
| CN104680676B CN104680676B (en) | 2017-08-01 |
Family
ID=53315659
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310643135.5A Active CN104680676B (en) | 2013-12-03 | 2013-12-03 | The across a network VPN access billing systems and its method of a kind of self-built secure tunnel |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104680676B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105046852A (en) * | 2015-07-01 | 2015-11-11 | 浪潮软件集团有限公司 | Tax-control billing machine maintenance method and device |
| CN111030896A (en) * | 2019-12-04 | 2020-04-17 | 中国联合网络通信集团有限公司 | Multi-service intelligent traffic network transmission system and method |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060090074A1 (en) * | 2004-10-22 | 2006-04-27 | Kazumine Matoba | Encryption communication system |
| CN101262409A (en) * | 2008-04-23 | 2008-09-10 | 华为技术有限公司 | Virtual private network VPN access method and device |
| CN101588232A (en) * | 2008-05-21 | 2009-11-25 | 梁剑豪 | Information acquisition and network declaration and approval system of full coverage network |
| CN102244575A (en) * | 2010-05-10 | 2011-11-16 | 航天信息股份有限公司 | Secure transmission system and method for online tax filling data of value-added tax |
| CN102404394A (en) * | 2011-11-10 | 2012-04-04 | 浪潮齐鲁软件产业有限公司 | Design method of embedded network billing taxation cloud terminal based on VPDN (Virtual Private Dial Network) |
| CN102479413A (en) * | 2010-11-26 | 2012-05-30 | 航天信息股份有限公司 | Network invoicing system and method thereof |
| CN202395816U (en) * | 2011-12-06 | 2012-08-22 | 航天信息股份有限公司 | Network tax controller cluster system |
-
2013
- 2013-12-03 CN CN201310643135.5A patent/CN104680676B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060090074A1 (en) * | 2004-10-22 | 2006-04-27 | Kazumine Matoba | Encryption communication system |
| CN101262409A (en) * | 2008-04-23 | 2008-09-10 | 华为技术有限公司 | Virtual private network VPN access method and device |
| CN101588232A (en) * | 2008-05-21 | 2009-11-25 | 梁剑豪 | Information acquisition and network declaration and approval system of full coverage network |
| CN102244575A (en) * | 2010-05-10 | 2011-11-16 | 航天信息股份有限公司 | Secure transmission system and method for online tax filling data of value-added tax |
| CN102479413A (en) * | 2010-11-26 | 2012-05-30 | 航天信息股份有限公司 | Network invoicing system and method thereof |
| CN102404394A (en) * | 2011-11-10 | 2012-04-04 | 浪潮齐鲁软件产业有限公司 | Design method of embedded network billing taxation cloud terminal based on VPDN (Virtual Private Dial Network) |
| CN202395816U (en) * | 2011-12-06 | 2012-08-22 | 航天信息股份有限公司 | Network tax controller cluster system |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105046852A (en) * | 2015-07-01 | 2015-11-11 | 浪潮软件集团有限公司 | Tax-control billing machine maintenance method and device |
| CN111030896A (en) * | 2019-12-04 | 2020-04-17 | 中国联合网络通信集团有限公司 | Multi-service intelligent traffic network transmission system and method |
| CN111030896B (en) * | 2019-12-04 | 2022-02-15 | 中国联合网络通信集团有限公司 | Multi-service intelligent traffic network transmission system and method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104680676B (en) | 2017-08-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103198400B (en) | A kind of blue teeth wireless POS terminal financial payment systems and method of payment thereof | |
| CN201170925Y (en) | Remote resident centralized meter reading control system | |
| CN105427040A (en) | Convenient electric power repair service method and system | |
| CN202600782U (en) | Electronic trading system for public utilities | |
| CN103810591A (en) | Power purchasing method for mobile phone and portable IC card reader thereof | |
| CN104135729A (en) | System and method of security access of wireless terminal in information intranet | |
| CN102307161A (en) | Distribution network embedded telecontrol communication security gateway | |
| CN206993143U (en) | A kind of integrated service wireless router of Internet of Things and system | |
| CN104680676A (en) | Cross-network VPN (Virtual Private Network) access billing system of self-built security tunnel and method thereof | |
| CN201577202U (en) | Mine wireless information management system | |
| CN202049560U (en) | Mobile enterprise user end for tax control system | |
| CN204895168U (en) | Multi -protocols electric automobile stake of charging of can demoting based on distributing type | |
| WO2021063030A1 (en) | Blockchain-enhanced open internet of things access architecture | |
| CN103152464B (en) | Equipment, method and system of obtaining fixed phone calling information through wireless way | |
| CN103002430A (en) | Method, device and system for binding terminal applications to terminal numbers | |
| CN201365344Y (en) | Apparatus and system with real-time import of remote SIM card data based on singlechip | |
| CN207976991U (en) | A kind of high speed 4G concentrators communication module and power information acquisition system | |
| CN104539592A (en) | Transparent transmitting method and system for regulatory data of car machine | |
| CN103123731B (en) | The electricity-selling system that flows is carried out based on 3G communications wireless network | |
| CN202713368U (en) | Network security architecture applicable to electric information acquisition system | |
| CN108829419A (en) | A kind of update of plug-in and self-measuring system in micro- scene management backstage mobile phone store | |
| CN206759510U (en) | A kind of device filling for firmware | |
| CN204695315U (en) | A kind of network communication data secure device | |
| CN202711378U (en) | Tax control cashing machine | |
| CN204331928U (en) | The VPN private network tax is made out an invoice terminal |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |