CN105282153B - A kind of method and terminal device for realizing data transmission - Google Patents
A kind of method and terminal device for realizing data transmission Download PDFInfo
- Publication number
- CN105282153B CN105282153B CN201510641045.1A CN201510641045A CN105282153B CN 105282153 B CN105282153 B CN 105282153B CN 201510641045 A CN201510641045 A CN 201510641045A CN 105282153 B CN105282153 B CN 105282153B
- Authority
- CN
- China
- Prior art keywords
- sent
- terminal device
- data
- exit passageway
- destination server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/56—Provisioning of proxy services
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Information Transfer Between Computers (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Small-Scale Networks (AREA)
Abstract
The present invention provides a kind of methods and terminal device for realizing data transmission, for solving the problems, such as that existing data transfer mode not can guarantee the safety of terminal device data transmission, method of the invention detects whether terminal device is particular terminal device first, if it is detected that the terminal device is the particular terminal device, then judge whether the corresponding destination server of data to be sent of browser account supports that establishing default exit passageway receives the data to be sent, if supported, default exit passageway is established with regard to the agent apparatus using terminal equipment side and transmits data to be sent, security level due to presetting exit passageway is higher than the channel https, therefore the safety of the data transmission of particular terminal device can be improved.
Description
Technical field
The present invention relates to Internet communication technology fields more particularly to a kind of method for realizing data transmission and terminal to set
It is standby.
Background technique
Currently, with the day of computer technology and increasingly extensive and different field the type of business of network communication applications
Benefit is abundant, and user can enjoy the various conveniences of network communication bring.For example, user can obtain the whole world by network communication
Current events, the anecdote etc. that various regions occur.In addition, things, the information etc. around oneself can also be shared with other people by user.
It can be related to data using network communication to transmit.The safety of data transmission at present just like has become internet peace
Increasingly part and parcel in full technology.The safety for how improving transmission data in network becomes more and more concerned hot spot
Topic.
But for current terminal device, https channel transmission data is typically utilized.Thus one, just
The safety of terminal device data transmission is not can guarantee.
Summary of the invention
In view of the above problems, it proposes on the present invention overcomes the above problem or at least be partially solved in order to provide one kind
State the method and terminal device of the realization data transmission of problem.
One aspect of the present invention provides a kind of method for realizing data transmission, which comprises
Detect whether terminal device is particular terminal device;
If it is detected that the terminal device is the particular terminal device, judge that the terminal device is sent to be sent
Whether the corresponding destination server of data supports that establishing default exit passageway receives the data to be sent, and the default safety is logical
Road is the another kind of exit passageway different from the channel hypertext transfer protocol secure https, and the default exit passageway
Security level is higher than the channel https;
If destination server support establishes the default exit passageway and receives the data to be sent, will it is described to
The agent apparatus that data are sent to terminal equipment side is sent, the agent apparatus is made to establish the default exit passageway, it is then sharp
The data to be sent are forwarded to be sent to the destination server with the default exit passageway.
Preferably, whether the detection terminal device is particular terminal device, is specifically included:
Whether the model for detecting the terminal device belongs to specific model;
If so, showing that the terminal device belongs to the particular terminal device.
Preferably, whether the detection terminal device is particular terminal device, is specifically included:
The mobile device international identity code for detecting the terminal device, which whether there is, belongs to particular terminal device in recording
Mobile device international identity code the first white list in;
If the mobile device international identity code of the terminal device is present in first white list, show the end
End equipment belongs to the particular terminal device.
Preferably, the update of first white list includes the following steps:
Timing is updated first white list;Or
It receives not on first white list and when other particular terminal devices record is requested, is asked according to the record
It asks and updates the mobile device international identity code of other particular terminal devices onto first white list.
Preferably, whether the corresponding destination server of data to be sent for judging that the terminal device is sent is supported to build
Vertical default exit passageway receives the data to be sent, specifically includes:
Extract the characteristic information in the data to be sent about destination server;
Characteristic information based on the destination server judges whether the corresponding destination server of the data to be sent props up
It holds and establishes the default exit passageway reception data to be sent.
Preferably, the characteristic information based on the destination server judges the corresponding target clothes of the data to be sent
Whether business device supports that establishing the default exit passageway receives the data to be sent, specifically includes:
Judge that the characteristic information of the destination server with the presence or absence of in the second white list, is recorded in second white list
The characteristic information of the server of the support default exit passageway;
If there are in second white list for the characteristic information of the destination server, then it represents that the destination server branch
It holds and establishes the default exit passageway reception data to be sent.
Preferably, the characteristic information of the destination server includes: IP address and/or receiving port.
Preferably, the update of second white list includes the steps that following:
Timing is updated second white list;Or
When the update for other servers for obtaining not on second white list and supporting the default exit passageway
When request, second white list is added in the characteristic information of other servers and is updated.
It is preferably, described that the data to be sent are sent to agent apparatus, specifically:
The data to be sent are sent to the agent apparatus using key encryption later.
Preferably, judge whether the corresponding destination server of data to be sent supports that establishing default exit passageway connects described
After receiving the data to be sent, the method also includes:
If the destination server does not support that establishing the default exit passageway receives the data to be sent, utilizes institute
It states the channel https and gives the data to be sent to the destination server.
Preferably, after the data to be sent are sent to agent apparatus, the method also includes:
Receive other data that the agent apparatus is forwarded using the default exit passageway.
Preferably, the agent apparatus is built in browser.
In another aspect of the invention, a kind of terminal device is provided, comprising:
Detection module, for detecting whether terminal device is particular terminal device;
Judgment module, be used for if it is detected that the terminal device be the particular terminal device, judge that the terminal is set
Whether the corresponding destination server of data to be sent that preparation is sent supports that establishing default exit passageway receives the data to be sent,
The default exit passageway is the another kind of exit passageway different from the channel hypertext transfer protocol secure https, and described
The security level of default exit passageway is higher than the channel https;
First sending module, if it is described pending to establish the default exit passageway reception for destination server support
Data are sent, then the data to be sent are sent to the agent apparatus of terminal equipment side, establish the agent apparatus described pre-
If exit passageway, then the data to be sent are forwarded to be sent to the destination server using the default exit passageway.
Preferably, whether the model that the detection module is specifically used for detecting the terminal device belongs to specific model;If
It is to show that the terminal device belongs to the particular terminal device.
Preferably, whether the mobile device international identity code that the detection module is specifically used for detecting the terminal device deposits
It is to record in the first white list of the mobile device international identity code for belonging to particular terminal device;If the terminal device
Mobile device international identity code is present in first white list, then shows that the terminal device belongs to the particular terminal and sets
It is standby.
Preferably, the update of first white list includes the following steps:
Timing is updated first white list;Or
It receives not on first white list and when other particular terminal devices record is requested, is asked according to the record
It asks and updates the mobile device international identity code of other particular terminal devices onto first white list.
Preferably, the judgment module specifically includes:
Extraction module, for extracting the characteristic information in the data to be sent about destination server;
Judging submodule judges the corresponding mesh of the data to be sent for the characteristic information based on the destination server
Whether mark server supports that establishing the default exit passageway receives the data to be sent.
Preferably, the judging submodule is specifically used for judging the characteristic information of the destination server with the presence or absence of second
In white list, the characteristic information for supporting the server of the default exit passageway is described in second white list;If described
There are in second white list for the characteristic information of destination server, then it represents that the destination server support is established described default
Exit passageway receives the data to be sent.
Preferably, the characteristic information of the destination server includes: IP address and/or receiving port.
Preferably, the update of second white list includes the steps that following:
Timing is updated second white list;Or
When the update for other servers for obtaining not on second white list and supporting the default exit passageway
When request, second white list is added in the characteristic information of other servers and is updated.
Preferably, first sending module is specifically used for for the data to be sent being sent to later using key encryption
The agent apparatus.
Preferably, the terminal device further include:
Second sending module, for being in the corresponding destination server of data to be sent for judging that the terminal device is sent
No support is established after default exit passageway receives the data to be sent, if the destination server do not support to establish it is described pre-
If exit passageway receives the data to be sent, then the data to be sent are given to the target using the channel https
Server.
Preferably, the terminal device further include:
Receiving module, for after the data to be sent are sent to agent apparatus, receiving the agent apparatus benefit
Other data forwarded with the default exit passageway.
Preferably, the agent apparatus is built in browser.
The technical solution provided in the embodiment of the present application, has at least the following technical effects or advantages:
The present invention provides a kind of methods and terminal device for realizing data transmission, for solving existing transmission side data
Formula not can guarantee the problem of safety of terminal device data transmission, and method of the invention detects whether terminal device is special first
Determine terminal device, if it is detected that the terminal device is the particular terminal device, judges the number to be sent of browser account
Whether support that establishing default exit passageway receives the data to be sent, if supported, just utilizes according to corresponding destination server
The agent apparatus of terminal equipment side establishes default exit passageway and transmits data to be sent, due to presetting the security level of exit passageway
Higher than the channel https, therefore the safety of the data transmission of particular terminal device can be improved.
Further, if the corresponding destination server of data to be sent do not support to establish default exit passageway receive it is pending
Send data, the present invention can transmit data to be sent with the channel https.It can be seen that data not only can be improved in the present invention
The safety of transmission can also be compatible with two kinds of transmission mode transmission data.
The above description is only an overview of the technical scheme of the present invention, in order to better understand the technical means of the present invention,
And it can be implemented in accordance with the contents of the specification, and in order to allow above and other objects of the present invention, feature and advantage can
It is clearer and more comprehensible, the followings are specific embodiments of the present invention.
Detailed description of the invention
By reading the following detailed description of the preferred embodiment, various other advantages and benefits are common for this field
Technical staff will become clear.The drawings are only for the purpose of illustrating a preferred embodiment, and is not considered as to the present invention
Limitation.And throughout the drawings, the same reference numbers will be used to refer to the same parts.In the accompanying drawings:
Fig. 1 shows a kind of corresponding system architecture of method for realizing data transmission according to an embodiment of the invention
Figure;
Fig. 2 shows a kind of implementation process figures for the method for realizing data transmission according to an embodiment of the invention;
Fig. 3 shows a kind of structural schematic diagram of terminal device according to an embodiment of the invention.
Specific embodiment
Exemplary embodiments of the present disclosure are described in more detail below with reference to accompanying drawings.Although showing the disclosure in attached drawing
Exemplary embodiment, it being understood, however, that may be realized in various forms the disclosure without should be by embodiments set forth here
It is limited.On the contrary, these embodiments are provided to facilitate a more thoroughly understanding of the present invention, and can be by the scope of the present disclosure
It is fully disclosed to those skilled in the art.
It is existing to solve the present invention provides a kind of method for realizing data transmission as a kind of optional embodiment
The mode of https channel transmission data the problem of not can guarantee data transmission security.It should be noted that of the present invention
Method can with but be not limited only to be applied to browser in.Other than being applied to browser, other application journey can be applied in
In sequence, such as: shopping software (such as Taobao's software), instant message applications (wechat, QQ, Fetion software) etc..Below with
It is illustrated for browser side is using this method, the embodiment of other sides (shopping software, instant message applications etc.)
It is similar with the embodiment of browser side, therefore repeat no more.
Fig. 1 is please referred to below, is a kind of corresponding system architecture diagram of method for realizing data transmission provided by the invention.
In system architecture diagram, the equipment being related to includes: terminal device, agent apparatus and destination server.Wherein, this hair
Bright terminal device specifically can be mobile phone, computer, PAD etc. electronic equipment.The user of terminal device is terminal user.
Agent apparatus is mainly used for establishing default exit passageway with destination server, then utilizes default exit passageway forwarding terminal equipment
The data to be sent of side are to destination server;Destination server be data to be sent eventually arrive at ground, sent for response pending
Data.Destination server can be any server, such as bank server, financial transaction mechanism (stock exchange) provide
The server etc. that server, privacy mechanism (such as Flight Design institute) provide.
Specifically, the monokaryon browser (such as IE browser) for supporting IE kernel or same is installed in terminal equipment side
When support two kinds of kernels (such as IE kernel and chrome kernel) double-core browser.Due to the closure of IE kernel, so that installation
Having the browser (including monokaryon browser and double-core browser) of IE kernel can only support to establish single channel transmission data.Such as
Can only establish hypertext transfer protocol secure https channel transmission data, and this data transfer mode be easy to make it is to be sent
Data are intercepted in transmission process and steal.
In order to solve this problem, the present invention is provided with agent apparatus in terminal equipment side.Specifically, the present invention can be with
Agent apparatus is set inside the browser, becomes the component part of browser.Or agent apparatus can be used as independent
Body is present in terminal equipment side.And for other applications, agent apparatus is built in inside other applications, is become
The component part of other applications.Or agent apparatus is present in terminal equipment side as independent individual.
When agent apparatus is set to inside browser, due to the closure of IE kernel, a network can be increased newly in browser
Network library of the library as agent apparatus does not have to the modification original network library of browser, to minimize change original to browser
It is dynamic.
When agent apparatus is set to inside browser, if it is determined that going out to need to establish default safety between destination server
After data are transmitted in channel (such as the close channel of state), and destination server supports default exit passageway, then it can employ and newly connect certainly
It takes over and changes original connection (channel https), i.e., the automatic default exit passageway of the foundation between destination server is original to replace
The channel https, allow browser to be joined seamlessly to default exit passageway from the channel https.
Agent apparatus is on the basis of browser has supported https channel transfer, for establishing ratio with destination server
The safer default exit passageway in the existing channel https.Other exit passageway is provided for browser and transmits data, to mention
The safety of the transmission of high data to be sent.Specifically, since agent apparatus is set to terminal equipment side (regardless of agent apparatus
It is arranged inside the browser or inside terminal device, belongs to and be arranged in terminal equipment side), therefore browser and agency's dress
Data transmission between setting belongs to internal transmission.And the transmission between agent apparatus and destination server, it is by the pre- of foundation
If exit passageway carries out the transmission of data to be sent.Security level due to presetting exit passageway is higher than the channel https,
Therefore, data to be sent are transmitted using default exit passageway, can be improved the safety for transmitting data to be sent.
Further, safer transmission channel is established since agent apparatus is utilized transmits data to be sent, because
This has no effect on the use in original channel https, so that browser is while improving data transmission security to be sent, it is also simultaneous
Two kinds of channel transmission datas are held.
In addition, browser of the invention is not limited in the use of single channel in the same time, for example, browser is propping up
While holding using default exit passageway transmission data to be sent, it (can also be sent or received) using https channel transfer
His data.For example, such as browser is accessing the server of certain privacy mechanism, and passes using default exit passageway
Send confidential documents into the privacy mechanism server.And simultaneously on another webpage, browser can receive other servers hair
The homepage data (such as the webpage homepage data in so-and-so store) to come over.
It is the implementation process for the method for applying the realization data in browser side to transmit in the embodiment of the present invention above
Explanation, and apply shopping software, the method for instant message applications etc. other applications side and implementation process above,
Beneficial effect is all similar, therefore repeats no more.
Fig. 2 is please referred to below, is the implementation process figure of the method for realization data transmission provided by the invention.
S1, whether detection terminal device is particular terminal device.
Particular terminal device can be divided according to model (such as A1 model, A2 model), manufacturer.For example, certain
The mobile phone of model belongs to particular terminal device.Or terminal device that certain manufacturer produces (including mobile phone, computer, PAD etc.
Deng) belong to particular terminal device.
Therefore, as a kind of possible implementation, when whether the detection terminal device is particular terminal device, meeting
Whether the model for detecting the terminal device belongs to specific model;If so, showing that the terminal device belongs to the particular terminal
Equipment.For example, if it is detected that the model NX507J of terminal device, judges whether the model belongs to specific model.Assuming that
Specific model includes NX507J.It can know that the device model belongs to specific model when detecting.
As a kind of possible implementation, the present invention is also based on networking license number, MAC (Media Access
Control Medium Access Control, media access control) whether address detected terminal device be particular terminal
Equipment.Such as by taking MAC Address as an example, on the basis of counting the MAC Address of particular terminal device, terminal of the invention is set
The MAC Address of standby MAC Address and particular terminal device is compared, if the MAC Address of terminal device of the invention is counting
Belong within the MAC Address of particular terminal device, then it represents that detection terminal device be particular terminal device.
As a kind of possible implementation, since the distribution of MAC Address is allocated based on manufacturer.Therefore,
Corresponding manufacturer can be obtained based on MAC Address, then determines whether manufacturer is specific manufacturer, Jin Erjian
Survey whether terminal device is particular terminal device.
Can also be detected as a kind of possible implementation when whether detect terminal device is particular terminal device
The mobile device international identity code of the terminal device whether there is in recording the mobile device state for belonging to particular terminal device
In first white list of border identity code.If the mobile device international identity code of the terminal device is present in first white list
In, then show that the terminal device belongs to the particular terminal device.
Specifically, mobile device international identity code (IMEI:International Mobile
EquipmentIdentification Number) it is the mark for distinguishing mobile device, storage in a mobile device, can be used for supervising
Control is stolen or invalid mobile device.And recorded on the first white list be up to the present obtain (active the whole network search or
The passive server that receives is sent) all particular terminal devices mobile device international identity code.Therefore, terminal device is being obtained
Mobile device international identity code after, the mobile device international identity code that can directly detect the terminal device whether there is
In the first white list.Then show that the terminal device belongs to the particular terminal device if it exists.
In addition, the first white list can have table, list, database etc. many forms.About the first white list
Update, the embodiment of the present invention also provides a variety of update modes.For example, can be scanned for more to the first white list in real time
Newly, to make mobile device international identity code on the first white list that latest edition be kept to use for terminal equipment side.Certainly,
Periodically it can be scanned for updating, to save Internet resources, such as every 24 hours just to the first white list progress one
Secondary update.Furthermore it is also possible to receive not on first white list and other particular terminal devices record request when, according to
The record request updates the mobile device international identity code of other particular terminal devices onto first white list.
Such as: not on first white list and other particular terminal devices send record request to terminal device, and requesting terminal is set
It is standby that its mobile device international identity code is recorded on the first white list, and send itself mobile device international identity code to
Terminal device, then terminal device can then be updated into the first white list after receiving the request of this record.Or
Person, terminal device receive not on first white list and the mobile device international identity code of other particular terminal devices it
Afterwards, it will be able to directly be updated into the first white list.
And for the data to be sent, it can be any type of data or data combination.Such as document,
File, video, audio, image etc. data.In addition, can be stored in browser local at any time etc. to be called for data to be sent
Data, such as the document etc. that browser is locally stored.The browser for being also possible to terminal device is collected from internet to be obtained
Data are obtained, such as browser accesses the picture etc. of external website downloading.
S2, if it is detected that the terminal device is the particular terminal device, judge that the terminal device sends to
Send whether the corresponding destination server of data supports that establishing default exit passageway receives the data to be sent.
Definition for presetting exit passageway is: the default exit passageway is to be different from hypertext transfer protocol secure
The another kind of exit passageway in the channel https, such as the close channel of state.
In addition, the security level of the default exit passageway is higher than the channel hypertext transfer protocol https.Such as state is close logical
The safety in road can be higher than the safety in the channel https.The close channel of state is actually based on national secret algorithm (SM2-SM4) foundation
Data transmission channel, meet SSL (Secure Sockets Layer, Secure Socket Layer) data security protocol.National secret algorithm
It is a set of public key algorithm that publication is carried out by national Password Management office, the peace based on the data transmission channel that this kind of algorithm is established
The channel Quan Xinghui ratio https it is highly-safe.
Specifically, due to preset exit passageway the channel safety ratio https it is highly-safe, obtain to
After sending data, it can judge whether the data to be sent need to pass using default exit passageway (such as the close channel of state) in advance
It is defeated.If data to be sent need to transmit using default exit passageway, the corresponding target clothes of data to be sent are further determined
Whether business device (that is: the eventually arriving at ground of data to be sent) supports that establishing default exit passageway receives the data to be sent.Such as
When fruit destination server supports that establishing default exit passageway receives the data to be sent, can preferentially it be passed using default exit passageway
Transmission of data, with the safety of improve data transfer.If not supporting that establishing default exit passageway receives the data to be sent,
Select the https channel transfer data to be sent.
In the specific implementation process, judging whether the corresponding destination server of data to be sent is supported to establish default peace
When full tunnel receives the data to be sent, the characteristic information in the data to be sent about destination server can be first extracted;
The characteristic information for being then based on the destination server judges whether the destination server supports that establishing the default safety leads to
Road receives the data to be sent.
Data to be sent are also wrapped other than comprising one or a few item datas combination (such as combination of document and image)
Include source address (such as source IP address), the source port of terminal device;Destination server (data to be sent eventually arrive at ground) connects
Receive address (such as IP address of Construction Bank), receiving port;Etc..
It follows that the characteristic information of destination server of the invention includes but is not limited to be: IP address and/or receiving end
Mouthful.Terminal equipment side can be extracted from data to be sent about destination server after obtaining data to be sent
Characteristic information, such as: IP address and/or receiving port.
Therefore, after extracting the characteristic information of destination server, it can use and ' judge the spy of the destination server
Reference breath is with the presence or absence of in the second white list ' determine whether corresponding destination server supports that establishing default exit passageway receives
The data to be sent.
Specifically, what is recorded on the second white list is up to the present to obtain (search of active the whole network or passive reception
Server send) support described in preset exit passageway server characteristic information.That is, on the second white list in addition to
It records except the corresponding destination server of data to be sent, also describes and other targets of the default exit passageway is supported to take
The characteristic information of business device.
Second white list can have table, list, database etc. many forms.Table 1 is please referred to below, is this hair
The characteristic information for the partial target server recorded on bright the second white list enumerated in table form.
| Server | IP address | Receiving port |
| Server A 1 | 118.114.168.213 | 137 |
| Server A 2 | 118.114.168.211 | 130 |
Table 1
It should be noted that can also have other forms of expression on the second white list other than table, these performance shapes
Within formula should also be as belonging to the scope of protection of the present invention.
In general, the second white list is stored in terminal equipment side.About the update of the second white list, the embodiment of the present invention
A variety of update modes are also provided, following introduction is specifically please referred to.
Terminal device can be to the second white list real-time update.Whenever discovery not on the second white list and is supported described pre-
If other servers (not only supported the default exit passageway but also not the server on the second white list) of exit passageway, all
Its corresponding characteristic information can be updated into the second white list immediately, to guarantee that the second white list is always maintained at latest edition
It is used for terminal equipment side.
And in order to save Internet resources, terminal device can also periodically be updated the second white list.Such as every 24
Hour just once updates the second white list.
Furthermore it is also possible to obtaining not on the second white list and supporting other servers of the default exit passageway
When characteristic information, second white list is added in the characteristic information of other servers and is updated.Such as: not second
On white list and support the bank server of default exit passageway inform terminal device its can support default exit passageway this
Message, and send itself characteristic information to terminal device then can will then terminal device is after receiving this message
The characteristic information of bank server is updated into the second white list.Alternatively, terminal device receive not on the second white list and
After the characteristic information for supporting the bank server of default exit passageway, it will be able to directly by the characteristic information of the bank server
It updates into the second white list.
And when the characteristic information for judging the destination server whether there is the second white list, if the destination server
Characteristic information there are in second white list, then it represents that the destination server supports that establishing default exit passageway receives institute
State data to be sent.
Since the characteristic information of destination server includes but is not limited to be: IP address and/or receiving port.Therefore specific
Deterministic process in have following methods:
First way: judge that the IP address of destination server whether there is in the second white list, if the destination service
There are in second white list for the IP address of device, then it represents that the destination server supports that establishing default exit passageway receives institute
State data to be sent.Such as the IP address of destination server A1 is 118.114.168.213.By depositing on itself and the second white list
The IP address of storage compares, if being stored with 118.114.168.213 on the second white list.So mean that destination server
The IP address of A1 is present on the second white list, therefore destination server supports the default exit passageway reception of foundation described to be sent
Data.
The second way: judge that the port of destination server whether there is in the second white list, if the destination server
There are in second white list for port, then it represents that the destination server support to establish default exit passageway receive it is described to
Send data.Such as the port destination server A1 is 137.The port of storage on itself and the second white list is compared, such as
137 are stored on the second white list of fruit.So mean that the port of destination server A1 is present on the second white list, therefore mesh
It marks server and supports that establishing default exit passageway receives the data to be sent.
The third mode: judge whether the IP address of destination server and port are all present in the second white list.If
The IP address of destination server and port all exist in second white list, then it represents that the destination server is supported to establish pre-
If exit passageway receives the data to be sent.
It is that the characteristic information based on the destination server judges whether corresponding destination server is supported to establish in advance above
If exit passageway receives the specific implementation process of the data to be sent.
S3, if destination server support establishes the default exit passageway and receives the data to be sent, by institute
The agent apparatus that data to be sent are sent to terminal equipment side is stated, so that the agent apparatus is established the default exit passageway, so
The data to be sent are forwarded to be sent to the destination server using the default exit passageway afterwards.
As a kind of possible implementation, when data to be sent are sent to internal agent apparatus by browser side,
Data to be sent can be sent to the agent apparatus using key encryption later.The encryption key used includes but is not limited to
It is any one of character, number, letter etc. or a few Xiang Zuhe.
It for agent apparatus, can reside in inside browser, as the component part of browser, in addition, generation
Reason device can also be used as independent individual and be present in inside terminal device.After agent apparatus receives data to be sent, meeting
It is decrypted using corresponding decruption key.
The data to be sent that agent apparatus side default receives require to send using default exit passageway.Therefore, it is connecing
After receiving data to be sent, default exit passageway can be established, is then turned data to be sent using the default exit passageway
Issue the destination server.
In practical applications, agent apparatus can complete following functions (by taking the close channel of state as an example):
(1) automatic identification and the operation close USBKEY of state, support more USBKEY, more certificate selections.
(2) verify and show the close certificate chain of state.
(3) the close white list of state is managed.
(4) mechanism such as agreement sniff determine whether destination server is the close server of state, and agreement sniff is used in basic TCP
Increase the mode once shaken hands in connection to realize.
(5) SM2/SM3/SM4 algorithm is realized.
(6) the close SSL of state it is two-way/be bi-directionally connected foundation.
(7) state it is close/the close SSL of quotient independently selects.
Therefore, following several stages can be undergone: handshake request (by taking the close channel of state as an example) when establishing default exit passageway
Stage, agent apparatus Qualify Phase, destination server Qualify Phase.
In request stage of shaking hands, agent apparatus first mutually sends access request and shakes hands with destination server.It has shaken hands
Bi Hou, agent apparatus send SM2 certificate (or SM3 certificate, SM4 certificate), the cipher key exchange message of itself to destination server
And it shakes hands and completes message;After destination server receives the shaking hands and complete message of agent apparatus transmission, the key for sending itself is handed over
Message is changed to agent apparatus.Then both sides replace cipher suite message and end message;Both sides receive the end message of other side
And after passing through verifying, indicate that Path Setup is completed.The security parameter that agreement can be used in both sides carries out data security transmission.
After default exit passageway is established, agent apparatus can then be forwarded described to be sent using the default exit passageway
Data.It is transmitted after being handled with the security parameter (such as agreement key) of agreement data to be sent in forwarding.
After destination server side receives the data to be sent, then it will use the security parameter (such as agreement key) of agreement
Then processing obtains data to be sent and carries out corresponding subsequent processing.
It is the process that agent apparatus forwards data to be sent above.And for terminal device, institute can also be received
State other data that agent apparatus is forwarded using the default exit passageway.
In alternatively possible implementation, the mesh is judged in the characteristic information based on the destination server
After whether mark server supports that establishing default exit passageway receives the data to be sent, if the destination server is not supported
It establishes default exit passageway and receives the data to be sent, directly transmitted the data to be sent using the channel htttps
To the destination server.
In order to further increase the safety of data transmission, and the data to be sent are being sent using the channel htttps
When, data to be sent can also be encrypted in advance, then send encrypted data to the destination server.That is: if
The destination server does not support to establish the default exit passageway and receives data to be sent, to the data encryption to be sent it
The destination server is sent to using the channel https afterwards.
It is the method for realization data transmission disclosed by the invention above, whether detection terminal device first is that particular terminal is set
Standby, if it is detected that the terminal device is the particular terminal device, the characteristic information for being then based on the destination server is sentenced
Whether the destination server that breaks supports that establishing default exit passageway receives the data to be sent.Agency's dress is utilized if supporting
It sets up and founds default exit passageway forwarding data to be sent to the destination server.Since browser is sent to agent apparatus
Data to be sent belong to internal transmission, and (it is to be sent that agent apparatus establishes default exit passageway transmission in outside transmission
Data are to destination server), the security level of the default exit passageway is higher than the channel https, and therefore, the present invention can mention
The safety of high data transmission.
Further, if the destination server does not support that establishing default exit passageway receives the data to be sent, this
Invention can also use the channel htttps that the data to be sent are transmitted directly to the destination server.Therefore, originally
Invention can be compatible with two kinds of transmission modes and data to be sent are sent to the destination server.
And based on the same inventive concept, the following examples provide a kind of terminal device.
Fig. 3 is please referred to below, in another embodiment of the invention, provides a kind of terminal device, comprising:
Detection module 301, for detecting whether terminal device is particular terminal device;
Judgment module 302, be used for if it is detected that the terminal device be the particular terminal device, judge the terminal
Whether the corresponding destination server of data to be sent that equipment is sent supports that establishing default exit passageway receives the number to be sent
According to the another kind of exit passageway that, the default exit passageway is different from the channel hypertext transfer protocol secure https, and institute
The security level for stating default exit passageway is higher than the channel https;
First sending module 303, if being established described in the default exit passageway reception for destination server support
The data to be sent are then sent to the agent apparatus of terminal equipment side, the agent apparatus are made to establish institute by data to be sent
Default exit passageway is stated, then forwards the data to be sent to be sent to the destination service using the default exit passageway
Device.
As a kind of optional embodiment, the model that the detection module 301 is specifically used for detecting the terminal device is
It is no to belong to specific model;If so, showing that the terminal device belongs to the particular terminal device.
As a kind of optional embodiment, the movement that the detection module 301 is specifically used for detecting the terminal device is set
Standby international identity code whether there is in the first white list for recording the mobile device international identity code for belonging to particular terminal device
In;If the mobile device international identity code of the terminal device is present in first white list, show that the terminal is set
It is standby to belong to the particular terminal device.
As a kind of optional embodiment, the update of first white list includes the following steps:
Timing is updated first white list;Or
It receives not on first white list and when other particular terminal devices record is requested, is asked according to the record
It asks and updates the mobile device international identity code of other particular terminal devices onto first white list.
As a kind of optional embodiment, the judgment module 302 is specifically included:
Extraction module, for extracting the characteristic information in the data to be sent about destination server;
Judging submodule judges the corresponding mesh of the data to be sent for the characteristic information based on the destination server
Whether mark server supports that establishing the default exit passageway receives the data to be sent.
As a kind of optional embodiment, the judging submodule is specifically used for judging the feature letter of the destination server
Breath describes the spy for supporting the server of the default exit passageway with the presence or absence of in the second white list in second white list
Reference breath;If there are in second white list for the characteristic information of the destination server, then it represents that the destination server branch
It holds and establishes the default exit passageway reception data to be sent.
As a kind of optional embodiment, the characteristic information of the destination server includes: IP address and/or receiving end
Mouthful.
As a kind of optional embodiment, the update of second white list includes the steps that following:
Timing is updated second white list;Or
When the update for other servers for obtaining not on second white list and supporting the default exit passageway
When request, second white list is added in the characteristic information of other servers and is updated.
As a kind of optional embodiment, first sending module 303 is specifically used for using the data to be sent
The agent apparatus is sent to after key encryption.
As a kind of optional embodiment, the terminal device further include:
Second sending module, for being in the corresponding destination server of data to be sent for judging that the terminal device is sent
No support is established after default exit passageway receives the data to be sent, if the destination server do not support to establish it is described pre-
If exit passageway receives the data to be sent, then the data to be sent are given to the target using the channel https
Server.
As a kind of optional embodiment, the terminal device further include:
Receiving module, for after the data to be sent are sent to agent apparatus, receiving the agent apparatus benefit
Other data forwarded with the default exit passageway.
As a kind of optional embodiment, the agent apparatus is built in browser.
Since the electronic equipment that the present embodiment is introduced is to implement in the embodiment of the present application based on the side for realizing data transmission
Device used by method, so the method based on the transmission of realization data described in the embodiment of the present application, the affiliated skill in this field
Art personnel can understand the specific embodiment and its various change form of the electronic equipment of the present embodiment, thus herein for
How the electronic equipment realizes being no longer discussed in detail in the embodiment of the present application based on the method for realizing data transmission.As long as ability
Domain those of skill in the art implement to belong to this Shen based on device used by the method for realizing data transmission in the embodiment of the present application
The range that please be protect.
One or more embodiment through the invention, the invention has the advantages that advantage:
The present invention provides a kind of methods and terminal device for realizing data transmission, for solving existing transmission side data
Formula not can guarantee the problem of safety of terminal device data transmission, and method of the invention detects whether terminal device is special first
Determine terminal device, if it is detected that the terminal device is the particular terminal device, judges the number to be sent of browser account
Whether support that establishing default exit passageway receives the data to be sent, if supported, just utilizes according to corresponding destination server
The agent apparatus of terminal equipment side establishes default exit passageway and transmits data to be sent, due to presetting the security level of exit passageway
Higher than the channel https, therefore the safety of the data transmission of particular terminal device can be improved.
Further, if the corresponding destination server of data to be sent do not support to establish default exit passageway receive it is pending
Send data, the present invention can transmit data to be sent with the channel https.It can be seen that data not only can be improved in the present invention
The safety of transmission can also be compatible with two kinds of transmission mode transmission data.
Algorithm and display are not inherently related to any particular computer, virtual system, or other device provided herein.
Various general-purpose systems can also be used together with teachings based herein.As described above, it constructs required by this kind of system
Structure be obvious.In addition, the present invention is also not directed to any particular programming language.It should be understood that can use various
Programming language realizes summary of the invention described herein, and the description done above to language-specific is to disclose this hair
Bright preferred forms.
In the instructions provided here, numerous specific details are set forth.It is to be appreciated, however, that implementation of the invention
Example can be practiced without these specific details.In some instances, well known method, structure is not been shown in detail
And technology, so as not to obscure the understanding of this specification.
Similarly, it should be understood that in order to simplify the disclosure and help to understand one or more of the various inventive aspects,
Above in the description of exemplary embodiment of the present invention, each feature of the invention is grouped together into single implementation sometimes
In example, figure or descriptions thereof.However, the disclosed method should not be interpreted as reflecting the following intention: i.e. required to protect
Shield the present invention claims features more more than feature expressly recited in each claim.More precisely, as following
Claims reflect as, inventive aspect is all features less than single embodiment disclosed above.Therefore,
Thus the claims for following specific embodiment are expressly incorporated in the specific embodiment, wherein each claim itself
All as a separate embodiment of the present invention.
Those skilled in the art will understand that can be carried out adaptively to the module in the equipment in embodiment
Change and they are arranged in one or more devices different from this embodiment.It can be the module or list in embodiment
Member or component are combined into a module or unit or component, and furthermore they can be divided into multiple submodule or subelement or
Sub-component.Other than such feature and/or at least some of process or unit exclude each other, it can use any
Combination is to all features disclosed in this specification (including adjoint claim, abstract and attached drawing) and so disclosed
All process or units of what method or apparatus are combined.Unless expressly stated otherwise, this specification is (including adjoint power
Benefit require, abstract and attached drawing) disclosed in each feature can carry out generation with an alternative feature that provides the same, equivalent, or similar purpose
It replaces.
In addition, it will be appreciated by those of skill in the art that although some embodiments in this include institute in other embodiments
Including certain features rather than other feature, but the combination of the feature of different embodiment means in the scope of the present invention
Within and form different embodiments.For example, in the following claims, embodiment claimed it is any it
One can in any combination mode come using.
Various component embodiments of the invention can be implemented in hardware, or to run on one or more processors
Software module realize, or be implemented in a combination thereof.It will be understood by those of skill in the art that can be used in practice
Microprocessor or digital signal processor (DSP) realize gateway according to an embodiment of the present invention, proxy server, in system
Some or all components some or all functions.The present invention is also implemented as executing side as described herein
Some or all device or device programs (for example, computer program and computer program product) of method.It is such
It realizes that program of the invention can store on a computer-readable medium, or can have the shape of one or more signal
Formula.Such signal can be downloaded from an internet website to obtain, and perhaps be provided on the carrier signal or with any other shape
Formula provides.
It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and ability
Field technique personnel can be designed alternative embodiment without departing from the scope of the appended claims.In the claims,
Any reference symbol between parentheses should not be configured to limitations on claims.Word "comprising" does not exclude the presence of not
Element or step listed in the claims.Word "a" or "an" located in front of the element does not exclude the presence of multiple such
Element.The present invention can be by means of including the hardware of several different elements and being come by means of properly programmed computer real
It is existing.In the unit claims listing several devices, several in these devices can be through the same hardware branch
To embody.The use of word first, second, and third does not indicate any sequence.These words can be explained and be run after fame
Claim.
The invention discloses A1, a kind of method for realizing data transmission, which is characterized in that the described method includes:
Detect whether terminal device is particular terminal device;
If it is detected that the terminal device is the particular terminal device, judge that the terminal device is sent to be sent
Whether the corresponding destination server of data supports that establishing default exit passageway receives the data to be sent, and the default safety is logical
Road is the another kind of exit passageway different from the channel hypertext transfer protocol secure https, and the default exit passageway
Security level is higher than the channel https;
If destination server support establishes the default exit passageway and receives the data to be sent, will it is described to
The agent apparatus that data are sent to terminal equipment side is sent, the agent apparatus is made to establish the default exit passageway, it is then sharp
The data to be sent are forwarded to be sent to the destination server with the default exit passageway.
A2, method as described in a1, which is characterized in that whether the detection terminal device is particular terminal device, specifically
Include:
Whether the model for detecting the terminal device belongs to specific model;
If so, showing that the terminal device belongs to the particular terminal device.
A3, method as described in a1, which is characterized in that whether the detection terminal device is particular terminal device, specifically
Include:
The mobile device international identity code for detecting the terminal device, which whether there is, belongs to particular terminal device in recording
Mobile device international identity code the first white list in;
If the mobile device international identity code of the terminal device is present in first white list, show the end
End equipment belongs to the particular terminal device.
A4, the method as described in A3, which is characterized in that the update of first white list includes the following steps:
Timing is updated first white list;Or
It receives not on first white list and when other particular terminal devices record is requested, is asked according to the record
It asks and updates the mobile device international identity code of other particular terminal devices onto first white list.
A5, method as described in a1, which is characterized in that the data to be sent that the judgement terminal device is sent are corresponding
Destination server whether support to establish default exit passageway and receive the data to be sent, specifically include:
Extract the characteristic information in the data to be sent about destination server;
Characteristic information based on the destination server judges whether the corresponding destination server of the data to be sent props up
It holds and establishes the default exit passageway reception data to be sent.
A6, method as described in a5, which is characterized in that described in the characteristic information judgement based on the destination server
Whether the corresponding destination server of data to be sent supports that establishing the default exit passageway receives the data to be sent, specifically
Include:
Judge that the characteristic information of the destination server with the presence or absence of in the second white list, is recorded in second white list
The characteristic information of the server of the support default exit passageway;
If there are in second white list for the characteristic information of the destination server, then it represents that the destination server branch
It holds and establishes the default exit passageway reception data to be sent.
A7, the method as described in A1 or A6, which is characterized in that the characteristic information of the destination server includes: IP address
And/or receiving port.
A8, the method as described in 6, which is characterized in that the update of second white list includes the steps that following:
Timing is updated second white list;Or
When the update for other servers for obtaining not on second white list and supporting the default exit passageway
When request, second white list is added in the characteristic information of other servers and is updated.
A9, method as described in a1, which is characterized in that it is described that the data to be sent are sent to agent apparatus, specifically
Are as follows:
The data to be sent are sent to the agent apparatus using key encryption later.
A10, method as described in a1, which is characterized in that in the data to be sent that the judgement terminal device is sent
After whether corresponding destination server supports that establishing default exit passageway receives the data to be sent, the method is also wrapped
It includes:
If the destination server does not support that establishing the default exit passageway receives the data to be sent, utilizes institute
It states the channel https and gives the data to be sent to the destination server.
A11, method as described in a1, which is characterized in that after the data to be sent are sent to agent apparatus, institute
State method further include:
Receive other data that the agent apparatus is forwarded using the default exit passageway.
A12, method as described in a1, which is characterized in that the agent apparatus is built in browser.
B13, a kind of terminal device characterized by comprising
Detection module, for detecting whether terminal device is particular terminal device;
Judgment module, be used for if it is detected that the terminal device be the particular terminal device, judge that the terminal is set
Whether the corresponding destination server of data to be sent that preparation is sent supports that establishing default exit passageway receives the data to be sent,
The default exit passageway is the another kind of exit passageway different from the channel hypertext transfer protocol secure https, and described
The security level of default exit passageway is higher than the channel https;
First sending module, if it is described pending to establish the default exit passageway reception for destination server support
Data are sent, then the data to be sent are sent to the agent apparatus of terminal equipment side, establish the agent apparatus described pre-
If exit passageway, then the data to be sent are forwarded to be sent to the destination server using the default exit passageway.
B14, the terminal device as described in B13, which is characterized in that the detection module is specifically used for the detection terminal and sets
Whether standby model belongs to specific model;If so, showing that the terminal device belongs to the particular terminal device.
B15, the terminal device as described in B13, which is characterized in that the detection module is specifically used for the detection terminal and sets
Standby mobile device international identity code whether there is in recording the mobile device international identity code for belonging to particular terminal device
In first white list;If the mobile device international identity code of the terminal device is present in first white list, show
The terminal device belongs to the particular terminal device.
B16, the terminal device as described in B15, which is characterized in that the update of first white list includes the following steps:
Timing is updated first white list;Or
It receives not on first white list and when other particular terminal devices record is requested, is asked according to the record
It asks and updates the mobile device international identity code of other particular terminal devices onto first white list.
B17, the terminal device as described in B13, which is characterized in that the judgment module specifically includes:
Extraction module, for extracting the characteristic information in the data to be sent about destination server;
Judging submodule judges the corresponding mesh of the data to be sent for the characteristic information based on the destination server
Whether mark server supports that establishing the default exit passageway receives the data to be sent.
B18, the terminal device as described in B17, which is characterized in that the judging submodule is specifically used for judging the target
The characteristic information of server describes in second white list and the default safety is supported to lead to the presence or absence of in the second white list
The characteristic information of the server in road;If there are in second white list for the characteristic information of the destination server, then it represents that institute
It states destination server support and establishes the default exit passageway reception data to be sent.
B19, the terminal device as described in B13 or B18, which is characterized in that the characteristic information of the destination server includes:
IP address and/or receiving port.
B20, the terminal device as described in B18, which is characterized in that the update of second white list includes following step
It is rapid:
Timing is updated second white list;Or
When the update for other servers for obtaining not on second white list and supporting the default exit passageway
When request, second white list is added in the characteristic information of other servers and is updated.
B21, the terminal device as described in B13, which is characterized in that first sending module is specifically used for will be described pending
Data are sent to be sent to the agent apparatus later using key encryption.
B22, the terminal device as described in B13, which is characterized in that the terminal device further include:
Second sending module, for being in the corresponding destination server of data to be sent for judging that the terminal device is sent
No support is established after default exit passageway receives the data to be sent, if the destination server do not support to establish it is described pre-
If exit passageway receives the data to be sent, then the data to be sent are given to the target using the channel https
Server.
B23, the terminal device as described in B13, which is characterized in that the terminal device further include:
Receiving module, for after the data to be sent are sent to agent apparatus, receiving the agent apparatus benefit
Other data forwarded with the default exit passageway.
B24, the terminal device as described in B13, which is characterized in that the agent apparatus is built in browser.
Claims (22)
1. a kind of method for realizing data transmission, which is characterized in that the described method includes:
Detect whether terminal device is particular terminal device;
If it is detected that the terminal device is the particular terminal device, the data to be sent that the terminal device is sent are judged
Whether corresponding destination server supports that establishing default exit passageway receives the data to be sent, and the default exit passageway is
Different from the another kind of exit passageway in the channel hypertext transfer protocol secure https, and the safety of the default exit passageway
It is superior to the channel https;
If the destination server support establishes the default exit passageway and receives the data to be sent, will be described to be sent
Data are sent to the agent apparatus of terminal equipment side, and the agent apparatus is made to establish the default exit passageway, then utilize institute
Stating default exit passageway forwards the data to be sent to be sent to the destination server;Wherein, the agent apparatus is set to
Inside browser, and on the basis of the terminal device has supported https channel transfer, being used to and target clothes
Business device establishes the safer default exit passageway in the channel https, and other safety is provided for the terminal device
Channel transmission data further while supporting to transmit the data to be sent using the default exit passageway, may be used also
To utilize described other data of https channel transfer.
2. the method as described in claim 1, which is characterized in that whether the detection terminal device is particular terminal device, tool
Body includes:
Whether the model for detecting the terminal device belongs to specific model;
If so, showing that the terminal device belongs to the particular terminal device.
3. the method as described in claim 1, which is characterized in that whether the detection terminal device is particular terminal device, tool
Body includes:
The mobile device international identity code for detecting the terminal device whether there is in recording the shifting for belonging to particular terminal device
In first white list of dynamic equipment international identity code;
If the mobile device international identity code of the terminal device is present in first white list, show that the terminal is set
It is standby to belong to the particular terminal device.
4. method as claimed in claim 3, which is characterized in that the update of first white list includes the following steps:
Timing is updated first white list;Or
It receives not on first white list and when other particular terminal devices record is requested, being requested according to the record will
The mobile device international identity code of other particular terminal devices is updated onto first white list.
5. the method as described in claim 1, which is characterized in that the data pair to be sent that the judgement terminal device is sent
Whether the destination server answered supports that establishing default exit passageway receives the data to be sent, specifically includes:
Extract the characteristic information in the data to be sent about destination server;
Characteristic information based on the destination server judges whether the corresponding destination server of the data to be sent is supported to build
It founds the default exit passageway and receives the data to be sent.
6. method as claimed in claim 5, which is characterized in that the characteristic information based on the destination server judges institute
State whether the corresponding destination server of data to be sent supports that establishing the default exit passageway receives the data to be sent, tool
Body includes:
Judge that the characteristic information of the destination server with the presence or absence of in the second white list, describes branch in second white list
Hold the characteristic information of the server of the default exit passageway;
If there are in second white list for the characteristic information of the destination server, then it represents that the destination server support is built
It founds the default exit passageway and receives the data to be sent.
7. method as described in claim 1 or 6, which is characterized in that the characteristic information of the destination server includes: IP address
And/or receiving port.
8. method as claimed in claim 6, which is characterized in that the update of second white list includes the steps that following:
Timing is updated second white list;Or
When the update request for other servers for obtaining not on second white list and supporting the default exit passageway
When, second white list is added in the characteristic information of other servers and is updated.
9. the method as described in claim 1, which is characterized in that described that the data to be sent are sent to agent apparatus, tool
Body are as follows:
The data to be sent are sent to the agent apparatus using key encryption later.
10. the method as described in claim 1, which is characterized in that in the number to be sent that the judgement terminal device is sent
After whether supporting that establishing default exit passageway receives the data to be sent according to corresponding destination server, the method is also wrapped
It includes:
If the destination server does not support that establishing the default exit passageway receives the data to be sent, described in
Give the data to be sent to the destination server in the channel https.
11. the method as described in claim 1, which is characterized in that after the data to be sent are sent to agent apparatus,
The method also includes:
Receive other data that the agent apparatus is forwarded using the default exit passageway.
12. a kind of terminal device characterized by comprising
Detection module, for detecting whether terminal device is particular terminal device;
Judgment module is used to judge terminal device hair if it is detected that the terminal device is the particular terminal device
Whether the corresponding destination server of data to be sent sent supports that establishing default exit passageway receives the data to be sent, described
Default exit passageway is the another kind of exit passageway different from the channel hypertext transfer protocol secure https, and described default
The security level of exit passageway is higher than the channel https;
First sending module, if establishing the default exit passageway for destination server support receives the number to be sent
According to the data to be sent to be then sent to the agent apparatus of terminal equipment side, the agent apparatus is made to establish the default peace
Then full tunnel forwards the data to be sent to be sent to the destination server using the default exit passageway;Wherein, institute
It states agent apparatus to be set to inside browser, and is used on the basis of the terminal device has supported https channel transfer,
For establishing the safer default exit passageway in the channel https with the destination server, set for the terminal
It is standby that other exit passageway transmission data are provided, it is further, described pending supporting to transmit using the default exit passageway
While sending data, described other data of https channel transfer can also be utilized.
13. terminal device as claimed in claim 12, which is characterized in that the detection module is specifically used for detecting the terminal
Whether the model of equipment belongs to specific model;If so, showing that the terminal device belongs to the particular terminal device.
14. terminal device as claimed in claim 12, which is characterized in that the detection module is specifically used for detecting the terminal
The mobile device international identity code of equipment whether there is in recording the mobile device international identity code for belonging to particular terminal device
The first white list in;If the mobile device international identity code of the terminal device is present in first white list, table
The bright terminal device belongs to the particular terminal device.
15. terminal device as claimed in claim 14, which is characterized in that the update of first white list includes following step
It is rapid:
Timing is updated first white list;Or
It receives not on first white list and when other particular terminal devices record is requested, being requested according to the record will
The mobile device international identity code of other particular terminal devices is updated onto first white list.
16. terminal device as claimed in claim 12, which is characterized in that the judgment module specifically includes:
Extraction module, for extracting the characteristic information in the data to be sent about destination server;
Judging submodule judges the corresponding target clothes of the data to be sent for the characteristic information based on the destination server
Whether business device supports that establishing the default exit passageway receives the data to be sent.
17. terminal device as claimed in claim 16, which is characterized in that the judging submodule is specifically used for judging the mesh
The characteristic information of server is marked with the presence or absence of in the second white list, is described in second white list and supports the default safety
The characteristic information of the server in channel;If there are in second white list for the characteristic information of the destination server, then it represents that
The destination server support establishes the default exit passageway and receives the data to be sent.
18. the terminal device as described in claim 12 or 17, which is characterized in that the characteristic information packet of the destination server
It includes: IP address and/or receiving port.
19. terminal device as claimed in claim 17, which is characterized in that the update of second white list includes following step
It is rapid:
Timing is updated second white list;Or
When the update request for other servers for obtaining not on second white list and supporting the default exit passageway
When, second white list is added in the characteristic information of other servers and is updated.
20. terminal device as claimed in claim 12, which is characterized in that first sending module be specifically used for will it is described to
It sends data and is sent to the agent apparatus later using key encryption.
21. terminal device as claimed in claim 12, which is characterized in that the terminal device further include:
Second sending module, for whether being propped up in the corresponding destination server of data to be sent for judging that the terminal device is sent
After holding the default exit passageway reception of the foundation data to be sent, if the destination server is not supported to establish the default peace
Full tunnel receives the data to be sent, then gives the data to be sent to the destination service using the channel https
Device.
22. terminal device as claimed in claim 12, which is characterized in that the terminal device further include:
Receiving module utilizes institute for after the data to be sent are sent to agent apparatus, receiving the agent apparatus
State other data that default exit passageway forwards.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510641045.1A CN105282153B (en) | 2015-09-30 | 2015-09-30 | A kind of method and terminal device for realizing data transmission |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510641045.1A CN105282153B (en) | 2015-09-30 | 2015-09-30 | A kind of method and terminal device for realizing data transmission |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105282153A CN105282153A (en) | 2016-01-27 |
| CN105282153B true CN105282153B (en) | 2019-06-04 |
Family
ID=55150479
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510641045.1A Active CN105282153B (en) | 2015-09-30 | 2015-09-30 | A kind of method and terminal device for realizing data transmission |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105282153B (en) |
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106789909A (en) * | 2016-11-22 | 2017-05-31 | 北京奇虎科技有限公司 | The network data transmission method of application program, apparatus and system |
| CN109040318B (en) * | 2018-09-25 | 2021-05-04 | 网宿科技股份有限公司 | HTTPS connection method of CDN (content delivery network) and CDN node server |
| CN111885037B (en) * | 2020-07-16 | 2021-05-14 | 珠海盈米基金销售有限公司 | Report sending system and method based on big data analysis |
| CN115510447A (en) * | 2021-06-23 | 2022-12-23 | 华为技术有限公司 | Component access method and device, computer readable storage medium and chip |
| CN114390027B (en) * | 2022-03-24 | 2022-07-12 | 恒生电子股份有限公司 | Network communication method, device, equipment and medium |
| CN114499897B (en) * | 2022-04-14 | 2022-08-02 | 成都边界元科技有限公司 | Self-adaptive verification method and verification system for SM2 security certificate |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102685165A (en) * | 2011-03-16 | 2012-09-19 | 中兴通讯股份有限公司 | Method and device for controlling access request on basis of proxy gateway |
| CN103188074A (en) * | 2011-12-28 | 2013-07-03 | 上海格尔软件股份有限公司 | Proxy method for improving SSL algorithm intensity of browser |
| CN104137511A (en) * | 2012-02-29 | 2014-11-05 | 微软公司 | Dynamic selection of security protocol |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101034981A (en) * | 2006-03-07 | 2007-09-12 | 上海品伟数码科技有限公司 | Network access control system and its control method |
| CN101242324B (en) * | 2007-02-09 | 2010-08-11 | 联想网御科技(北京)有限公司 | A remote secure access method and system based on SSL protocol |
| US8112791B2 (en) * | 2007-11-14 | 2012-02-07 | Kiester W Scott | Secure launching of browser from privileged process |
| CN101304310B (en) * | 2008-07-04 | 2010-09-15 | 成都卫士通信息产业股份有限公司 | Method for reinforcing network SSL service |
-
2015
- 2015-09-30 CN CN201510641045.1A patent/CN105282153B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102685165A (en) * | 2011-03-16 | 2012-09-19 | 中兴通讯股份有限公司 | Method and device for controlling access request on basis of proxy gateway |
| CN103188074A (en) * | 2011-12-28 | 2013-07-03 | 上海格尔软件股份有限公司 | Proxy method for improving SSL algorithm intensity of browser |
| CN104137511A (en) * | 2012-02-29 | 2014-11-05 | 微软公司 | Dynamic selection of security protocol |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105282153A (en) | 2016-01-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105282153B (en) | A kind of method and terminal device for realizing data transmission | |
| CN107852405A (en) | The content security of service layer | |
| US8606885B2 (en) | Method and system of providing access point data associated with a network access point | |
| US11978053B2 (en) | Systems and methods for estimating authenticity of local network of device initiating remote transaction | |
| KR102013683B1 (en) | Machine-to-machine bootstrapping | |
| CN109587097A (en) | A kind of system, method and apparatus for realizing secure access internal network | |
| AU2020202168B2 (en) | Method and system related to authentication of users for accessing data networks | |
| CN108496382A (en) | Security information transmitting system and method for personal identification | |
| CN107666383A (en) | Message processing method and device based on HTTPS agreements | |
| CN106656911B (en) | A kind of portal authentication method, access device and management server | |
| US11943256B2 (en) | Link detection method and apparatus, electronic device, and storage medium | |
| CN105208029B (en) | A kind of data processing method and terminal device | |
| CN103501331B (en) | Data transmission method, data transmission equipment and data transmission system | |
| WO2018205148A1 (en) | Data packet checking method and device | |
| US9516059B1 (en) | Using mock tokens to protect against malicious activity | |
| CN105141705B (en) | A kind of method and terminal device of safety-oriented data transfer | |
| CN110233839A (en) | A kind of data processing system and method | |
| CN105160529B (en) | A kind of secure payment or the method and terminal device of shopping | |
| CN103501334B (en) | Data transmission method, equipment and network system | |
| CN105306455B (en) | A kind of method and terminal device handling data | |
| CN105245516B (en) | A kind of data transmission method and terminal device | |
| CN105245515B (en) | A kind of data safe transmission method and terminal device | |
| CN105306454A (en) | Data transmission method and terminal device | |
| CN105208027B (en) | A kind of method and terminal device carrying out voice communication | |
| JP6847949B2 (en) | Network architecture for controlling data signaling |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20220711 Address after: Room 801, 8th floor, No. 104, floors 1-19, building 2, yard 6, Jiuxianqiao Road, Chaoyang District, Beijing 100015 Patentee after: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Address before: 100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park) Patentee before: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Patentee before: Qizhi software (Beijing) Co., Ltd |
|
| TR01 | Transfer of patent right |